Website email arrives at Gmail and other domains but not or

August 26, 2014 43.6k views

I have a domain for example website setup on a DO VPS. I have configured the VPS to be the primary MX for the domain and configure what I believe is an appropriate SPF record for it. The VPS is running postfix and can send and receive email for the domain. I can receive email fine to multiple other domains.

I also note that a similar question has been asked before but the work-a-round was performed by the person adding the email address to the safe senders list using web interface. This is unsuitable for my purposes because the emails need to arrive at or mailboxes without intervening.

Has anyone got any information that could allow me to get to the bottom of why hotmail / aggressively blocks valid email while hiding behind many pages of policy documents that don't enlighten me as to why I have an IP address designated as "Not qualified for mitigation".

I have attempted to engage with Microsoft regarding how to go about getting it working but if anyone has any experience with getting a Droplet to email directly to mx* MX servers and have the email accepted I would love to hear from you.

12 Answers

Look at the message headers on and verify you are getting SPF=Pass

You could also try adding DKIM signing to your email.

Double check your droplet ip hasn't been blacklisted. Not sure if hotmail or outlook check them however. does a decent job of checking most popular blacklist sites.

  • So I added DKIM Signing (opendkim+postfix), checked the source headers of the emails when they reach their destination and I get

    From Google: dkim=pass
    From Yahoo: dkim=pass (ok) (generic email get's put in junk folder but arrives)
    From dkim=pass (Only will arrive at if I have already sent an email to the sending address from the account, which is useless for a first time visitor to the web shopping cart...)

    All three pass SPF too.

    But still the emails don't arrive in the mailbox or junk folder of the account.

    I have checked the blacklists and the IP isn't listed in any.

    Microsoft "support" is a challenge because they send you massive form letters that have links to many pages of RFC's which serve to confuse further instead of enlightening. I also note that they have a 3rd party whitelist returnpath certification for only 200USD + 400+USD p/a

    The volumes of email I am sending through the domain are so low as to be negligible so the spend is unrealistic.

    I think if I can move the domain to one of the big email providers (such as google mail) and then configure postfix to transport map through their SMTP servers with their SPF/DKIM setup that might fix it. The mega-corps are controlling the internets now.

I have the same issue with my emails not being delivered to Yahoo email addresses.

I contacted the Yahoo's Customer Care about that and followed their procedure regarding bulk emails (even if I've never sent bulk/mass emails). They answered that the IP of my server is blacklisted.

I checked on multiple blacklist-check tools but none says that my IP is actually blacklisted.

I contacted DO's support and their answer is that there is not much we can do about that, unfortunately. In short:

The biggest issue is "the past history" of these netblocks - before we had even purchased them! We're working with mail providers to get this resolved, but in general a lot of them are slow to change in these situations. Because of this, I do not really have a quick solution for you in this case. You can try getting a new IP but there is no guarantee the issue just won't persist there.

  • Getting de-listed from a blacklist is a major pain. Most legitimate list are not bad but some are impossible. Its like they have God complexes or something.

    Doesn't help if spammers setup shop on DO droplets either. In the past year I have been with DO I have received a few spam messages from other DO customers. Thankfully only a few.

Despite my droplet IP Not being blacklisted and getting dkim and spf working. Still no direct email to so I have found a work a round. The folks at have already jumped through the hoops to get email delivered to outlook & hotmail.

So just sign up for an account with them and use the wordpress mailgun plugin (to send email via their HTTP API ) or configure postfix with TLS and an appropriate transport map to submit email to mailguns - trusted-by-outlook email servers.

  • I'm having pretty much the exact same issue. I'm able to send to Gmail, Yahoo and a previous provider hosting email for me and a handful of other people. I did get this message when attempting to send to my work account which is an Office360 setup.

    Client host [] blocked using
    FBLW15; To request removal from this list please forward this message to (in reply to RCPT TO command)

    I'm investigating what this is now.

Yay, any news on this?
I don't want big corporations to snoop on my email... is it possible to detect the destination email domain, and use an external provider when I detect mail for outlook, hotmail or yahoo?

Any news? I'm in the same situation. Configured SPF records, dkim keys and only problems with hotmail, live or outlook accounts. My ip is not blacklisted, but doesn't send enough mails to have any reputation and when talk to outlook support, they returned: "ip not qualified for mitigation"
Any suggestion? usually change ip of droplet works? Big corporations with nonsense politics are really a pain...

Any solution like this, relay mails to hotmail with an smpt service like mailgun or similar?
Relay host based on destination MX record:

I got the same problem. My droplet is in the AMS3 datacenter, my IP starts with

I changed my postfix config to send mail to hotmail, live, msn and such via GMAIL with authentication/TLS. It's working now but ...


  • The sender address gets changed to my GMAIL address wich i rather not have
  • I had to lower my security settings on GMAIL account
  • Via the CAPTCHA UNLOCK I had to trigger the allowance of my postfix connecting to GMAIL SMTP with auth/TLS.

Interestingly enough a mailbox ( that had a long time ago once received e-mail from this from address (back on other hosting) worked every single time. All other hotmail (etc.) mailboxes that had never received an e-mail from this sender address got bounced with the mailbox unavailable

I'm facing the same issue. It's quite ridiculous really. I've done various blacklist checks and I'm on none.

Just working my way through this article to solve it:

This form looks like it may go somewhere but you never know with Microsoft, king of unexpected waiting times:

  • Did you get any kind of reply from Microsoft on this issue?

I'm having lots of fun with this at the moment... I've set up SPF, DKIM, altered the servers FQDN to reflect the domain I am sending mail for and I get the following error from Outlook/Hotmail

Jun 28 10:13:21 main postfix/smtp[28083]: AE01C62D00:,[]:25, delay=0.56, delays=0.09/0/0.35/0.11, dsn=5.0.0, status=bounced (host[] said: 550 SC-001 (SNT004-MC1F26) Unfortunately, messages from X.X.X.X weren't sent. Please contact your Internet service provider since part of their network is on our block list. You can also refer your provider to (in reply to MAIL FROM command))

Filled in the form ( ) and I just got the following response

Note: Errors are unlikely, however, if an error is indicated, please resubmit the specific IP or IP range.

I've just resubmitted, but I expect I will get exactly the same back again. I've never had much luck with Microsoft / Email. I have Office 365 and for about 2 weeks I couldn't actually send out any emails (even from their Outlook web interface). Their response was to ask me to send emails to them from the offending domain... which I couldn't because it didn't work.

Ohhh goody, I have actually had another response

Note: Errors are unlikely, however, if an error is indicated, please resubmit the specific IP or IP range.

  • OK... maybe I didn't quite understand the wording of their auto message, but I've since had a proper reply

    We have completed reviewing the IP(s) you submitted. The following table contains the results of our investigation.

    Conditionally mitigated
    Our investigation has determined that the above IP(s) qualify for conditional mitigation. These IP(s) have been unblocked, but may be subject to low daily email limits until they have established a good reputation.

    Please note that mitigating this issue does not guarantee that your email will be delivered to a user’s inbox.

    Ongoing complaints from users will result in removal of the mitigation.

    Mitigation may take 24 - 48 hours to replicate completely throughout our system.

    If you feel your issue is not yet resolved, please reply to this email and one of our support team members will contact you for further investigation.

    Will give things a trial tomorrow and go from there

I'm having a hard time as well. New emails are not bounced, nor do I get an error message in my mail log. Funny thing is, replying to an email sent from a hotmail account DOES work.
So I had a look at the differences in headers. The only field was:

in-reply-to: <>

This resulted in the following DMARC report:


I have no idea what do try next...
Does anyone know of an affordable relay as an alternative?

I've been fighting to get Hotmail to accept our emails for a long time. We go through this process with pretty much every new website or IP address. We have a brand new IP address and server from DigitalOcean, but apparently Microsoft doesn't really give you anyway to reset the history of an IP address. But you might as well try these things:

Just keep on repeating those steps every few weeks. Good luck.

I found this in the microsoft support forum.
The page looks very similar to the page linked above, but requests many more fields. Perhaps this is the updated version of the same service.

Have another answer? Share your knowledge.