Question

Emails go to spam with postfix and spf ... ?

hi ! I have my hostname example.com (with my real domain) configured I follow these instructions: https://www.digitalocean.com/community/tutorials/how-to-install-and-setup-postfix-on-ubuntu-14-04 https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-dkim-with-postfix-on-debian-wheezy

But if i send with “mail” or with my php app goes to spam folder.

I attach the “original content” of email received

                                                                                                                                                                                                                                                               
Delivered-To: xxxxxx@gmail.com
Received: by 10.28.49.66 with SMTP id x63csp2168084wmx;
        Tue, 30 Aug 2016 06:46:17 -0700 (PDT)
X-Received: by 10.237.53.157 with SMTP id c29mr4253648qte.75.1472564777220;
        Tue, 30 Aug 2016 06:46:17 -0700 (PDT)
Return-Path: <news@example.com>
Received: from example.com ([104.236.32.192])
        by mx.google.com with ESMTP id d68si27522641qkb.79.2016.08.30.06.46.17
        for <xxxxx@gmail.com>;
        Tue, 30 Aug 2016 06:46:17 -0700 (PDT)
Received-SPF: neutral (google.com: 104.236.32.192 is neither permitted nor denied by best guess record for domain of news@example.com) client-ip=104.236.32.192;
Authentication-Results: mx.google.com;
       spf=neutral (google.com: 104.236.32.192 is neither permitted nor denied by best guess record for domain of news@example.com) smtp.mailfrom=news@example.com
Received: by example.com (Postfix, from userid 33)
	id CACF6102F17; Tue, 30 Aug 2016 10:46:16 -0300 (ART)
To: xxxxx@gmail.com
Subject: test22
X-PHP-Originating-Script: 0:class.phpmailer.php
Date: Tue, 30 Aug 2016 13:46:16 +0000
From: "example.com" <news@example.com>
Message-ID: <a910e2aceaed556b5a4d5886e734fff8@example.com>
X-Mailer: PHPMailer 5.2.10 (https://github.com/PHPMailer/PHPMailer/)
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="b1_a910e2aceaed556b5a4d5886e734fff8"
Content-Transfer-Encoding: 8bit

This is a multi-part message in MIME format.

--b1_a910e2aceaed556b5a4d5886e734fff8
Content-Type: text/plain; charset=us-ascii

test22


--b1_a910e2aceaed556b5a4d5886e734fff8
Content-Type: text/html; charset=us-ascii

<p>test22</p>



--b1_a910e2aceaed556b5a4d5886e734fff8--

result of http://www.mail-tester.com/ http://imgur.com/a/pm8FY

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Scott StenslandSeptember 4, 2016
Accepted Answer

I managed to get my outgoing email server to send emails avoiding the spam folder

… create TLS cert files as per

https://letsecure.me/secure-web-deployment-with-lets-encrypt-and-nginx/ and/or https://www.linode.com/docs/security/ssl/install-lets-encrypt-to-create-ssl-certificates

actually above instructions are extremely concise which is gr8 … to above I added my email subdomain

export DOMAINS="mail.example.com,example.here,www.example.here"

… its output will be these files

-rw-r–r-- 1 root root 1887 Sep 3 18:42 cert.pem -rw-r–r-- 1 root root 1647 Sep 3 18:42 chain.pem -rw-r–r-- 1 root root 3534 Sep 3 18:42 fullchain.pem -rw-r–r-- 1 root root 1704 Sep 3 18:42 privkey.pem

now just copy them and define these variables as

cp privkey.pem  /etc/ssl/private/mail.example.com.privkey.pem
cp cert.pem       /etc/ssl/certs/mail.example.com.cert.pem
cp chain.pem    /etc/ssl/certs/mail.example.com.chain.pem

postconf 'smtpd_tls_key_file  = /etc/ssl/private/mail.example.com.privkey.pem'
postconf 'smtpd_tls_cert_file = /etc/ssl/certs/mail.example.com.cert.pem'
postconf 'smtpd_tls_CAfile    = /etc/ssl/certs/mail.example.com.chain.pem'

notice above vars will then appear in file

/etc/postfix/main.cf

bounce postfix and send a post … notice TLS will now be mentioned in the received email header

Received: from mail.example.com ([159.203.100.178])
by mx.google.com with ESMTPS id 4si10110105qta.2.2016.09.04.06.45.52
for kaptainkrunch@gmail.com
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Sun, 04 Sep 2016 06:45:52 -0700 (PDT)

frustratingly emails still landed in spam folder so I just said Not Spam to train my gmail inbox and since the red unlocked padlock icon was now gone to indicate TLS is active afterwards new emails correctly land in inbox not spam ;-)

for completeness here are relevant vars from /etc/postfix/main.cf

smtpd_tls_cert_file = /etc/ssl/certs/mail.example.com.cert.pem
smtpd_tls_key_file = /etc/ssl/private/mail.example.com.privkey.pem
smtpd_tls_CAfile = /etc/ssl/certs/mail.example.com.chain.pem
smtpd_tls_auth_only = no
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = high
smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_received_header = yes
smtpd_tls_security_level = encrypt
smtpd_tls_session_cache_timeout = 3600s
smtp_tls_note_starttls_offer = yes
smtp_tls_security_level = may
tls_random_source = dev:/dev/urandom

in my DNS to satisfy SPF I have a record Type TXT with value

@       "v=spf1 mx a -all"

and a MX record

10      mail.example.com.

here is a really slick DNS records validator http://intodns.com/ and https://toolbox.googleapps.com/apps/checkmx/

alexdoJuly 9, 2021

Hello, all

You can make sure that your mailing list is fully opted-in and that you’re using SMTP authentication.

Also to test the mail score of your emails you can use a website like:

https://www.mail-tester.com/

and then send a valid test - an exact email with a valid - subject, message body, full signatures and attachments.

Regards, Alex

Edy KaiserMay 4, 2018

Delivered-To: aaaaa@gmail.com Received: by 10.237.54.100 with SMTP id e91csp146615qtb; Mon, 5 Sep 2016 08:10:11 -0700 (PDT) X-Received: by 10.200.37.52 with SMTP id 49mr1262108qtm.62.1473088211338; Mon, 05 Sep 2016 08:10:11 -0700 (PDT) Return-Path: news@xxxxxxxxx.com Received: from xxxxxxxxx.com (xxxxxxxxx.com. [45.55.224.107]) by mx.google.com with ESMTP id t91si17868642qtd.75.2016.09.05.08.10.11 for aaaaaaaa@gmail.com; Mon, 05 Sep 2016 08:10:11 -0700 (PDT) Received-SPF: pass (google.com: domain of news@xxxxxxxxx.com designates 45.55.224.107 as permitted sender) client-ip=45.55.224.107; Authentication-Results: mx.google.com; dkim=pass header.i=@xxxxxxxxx.com; spf=pass (google.com: domain of news@xxxxxxxxx.com designates 45.55.224.107 as permitted sender) smtp.mailfrom=news@xxxxxxxxx.com Received: by xxxxxxxxx.com (Postfix, from userid 33) id E8070FF080; Mon, 5 Sep 2016 12:10:10 -0300 (ART) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=xxxxxxxxx.com; s=mail; t=1473088210; bh=Cc8VL/itZEZoCV7ER6QPM7772x+O4bDXXtYsTn9TmRE=; h=To:Subject:Date:From:Reply-To:From; b=uRstYVFBdtzOJEnpQeq38OWHYmAVN9LnidKOmoKo0g2eLX6oHHPkJiFPH2QuKK6NF kmi60dpTfyMqJf3uOasajCwpqu8cn4Z3QPeH/epza2/XYBA9lU8fkg8P6SD3ooEwAU nGgMqRpnZYIEZ4kfyG8K5SOdpE/Q7TSPTxsOffEs= To: aaaaaaa@gmail.com Subject: va 3 X-PHP-Originating-Script: 0:class.phpmailer.php Date: Mon, 5 Sep 2016 15:10:10 +0000 From: xxxxxxxxx news@xxxxxxxxx.com Reply-To: “xxxxxxxxx.comno-responder@gmail.com Message-ID: cada44e34b8286e878ee1f8858b956b9@xxxxxxxxx.com X-Mailer: PHPMailer 5.2.10 (https://github.com/PHPMailer/PHPMailer/) MIME-Version: 1.0 Content-Type: multipart/alternative; boundary=“b1_cada44e34b8286e878ee1f8858b956b9” Content-Transfer-Encoding: 8bit

This is a multi-part message in MIME format.

–b1_cada44e34b8286e878ee1f8858b956b9 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit

test 3

Anibal ArdidSeptember 7, 2016

I found this … With the email appears one open padlock, that said message is not cypher (mensaje no esta cifrado).

Delivered-To: aaaaa@gmail.com
Received: by 10.237.54.100 with SMTP id e91csp146615qtb;
        Mon, 5 Sep 2016 08:10:11 -0700 (PDT)
X-Received: by 10.200.37.52 with SMTP id 49mr1262108qtm.62.1473088211338;
        Mon, 05 Sep 2016 08:10:11 -0700 (PDT)
Return-Path: <news@xxxxxxxxx.com>
Received: from xxxxxxxxx.com (xxxxxxxxx.com. [45.55.224.107])
        by mx.google.com with ESMTP id t91si17868642qtd.75.2016.09.05.08.10.11
        for <aaaaaaaa@gmail.com>;
        Mon, 05 Sep 2016 08:10:11 -0700 (PDT)
Received-SPF: pass (google.com: domain of news@xxxxxxxxx.com designates 45.55.224.107 as permitted sender) client-ip=45.55.224.107;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@xxxxxxxxx.com;
       spf=pass (google.com: domain of news@xxxxxxxxx.com designates 45.55.224.107 as permitted sender) smtp.mailfrom=news@xxxxxxxxx.com
Received: by xxxxxxxxx.com (Postfix, from userid 33)
	id E8070FF080; Mon,  5 Sep 2016 12:10:10 -0300 (ART)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=xxxxxxxxx.com; s=mail;
	t=1473088210; bh=Cc8VL/itZEZoCV7ER6QPM7772x+O4bDXXtYsTn9TmRE=;
	h=To:Subject:Date:From:Reply-To:From;
	b=uRstYVFBdtzOJEnpQeq38OWHYmAVN9LnidKOmoKo0g2eLX6oHHPkJiFPH2QuKK6NF
	 kmi60dpTfyMqJf3uOasajCwpqu8cn4Z3QPeH/epza2/XYBA9lU8fkg8P6SD3ooEwAU
	 nGgMqRpnZYIEZ4kfyG8K5SOdpE/Q7TSPTxsOffEs=
To: aaaaaaa@gmail.com
Subject: va 3
X-PHP-Originating-Script: 0:class.phpmailer.php
Date: Mon, 5 Sep 2016 15:10:10 +0000
From: xxxxxxxxx <news@xxxxxxxxx.com>
Reply-To: "xxxxxxxxx.com" <no-responder@gmail.com>
Message-ID: <cada44e34b8286e878ee1f8858b956b9@xxxxxxxxx.com>
X-Mailer: PHPMailer 5.2.10 (https://github.com/PHPMailer/PHPMailer/)
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="b1_cada44e34b8286e878ee1f8858b956b9"
Content-Transfer-Encoding: 8bit

This is a multi-part message in MIME format.

--b1_cada44e34b8286e878ee1f8858b956b9
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit

test 3