iMetalliX
By:
iMetalliX

Why does my Oneclick Wordpress app send spam mails? (got ssl from letsencrypt)

January 8, 2017 760 views
Email Let's Encrypt LAMP Stack WordPress Ubuntu 16.04

Hello community!
I'm pretty much new to Linux as a developer.
For some reason, on Gmail I get all my test mails in my spam folder.
Any Idea why? or if it has something to do with certificates, please attach a tutorial? :)

Thanks so much!

14 Answers

Check the headers in the mail for any clues?
What is being used to send mail from your Wordpress app?

For an example, I tried registering another account on the site, the password arrived in spam.
Tried to use a plugin called Mail Bank to try and send test mail, failed too, or maybe I should use SMTP and if that, how do I get the specific postfix username p/w etc?

What are you exactly trying to send the mail as? Can you designate a from address?

Please check the headers in spam mail in your gmail inbox, it will tell you exactly why it was marked as SPAM ;0

in the header it says it was "78ae30bd8fcff3dfc2e6b15db8798ee4@mydomain.com"
is that just me being paranoid?

does your domain have SPF/ DKIM or DMARC set up?

Ok, so there is the error:
google.com: domain of transitioning dorpele10@gmail.com does not designate 45.55.235.233 as permitted sender

I have no idea, I just pointed everything to the right placed, how can I tell?

so it appear the mail is failing on gmails SPF records. SPF allows you to designate what IP address a domain can send from. In your case, a gmail account is sending from a non designated address which would mark it as SPAM, although i find that strange considering you said you were sending from admin@domain.com....

Alright thank you!, I get it, is there a solution I should attempt?

I actually did never make any "admin" account on postfix, I just use it as it is, should I change anything there?

try sending from your own domain or a domain other then gmail that doesnt have spf / dkim records.
Not sure about postfix... im an exim kinda guy ;0

@iMetalliX

When it comes to running a mail server, there's three primary things you need to work with, other than the mail server itself -- SPF, DKIM, and DMARC.

Since SPF and DKIM are more widely accepted than they used to be, many providers, GMail included, now verify whether or not the sender has these items setup by validating DNS entries against the mail server. DMARC isn't as widely enforced, though I'd say it won't be long before providers begin asking for such as well.

The link below is a pretty in-depth guide on how to set each of these things up. At the very least, you really need to setup both SPF and DKIM, though I'd advise all three.

https://www.skelleton.net/2015/03/21/how-to-eliminate-spam-and-protect-your-name-with-dmarc/

As an aside, this is one reason why many prefer not to run their own mail server and instead offload much of the work to third-party solutions such as Mailgun, SendGrid, and similar services. Unless you plan on spending a good deal of time managing your mail server (as in checking logs, preventing any potential abuse, locking down the server to prevent break-in and break-in attempts, etc), it's often best to simply offload this portion of your workload to a service that just works with very little configuration.

Beyond just configuration, you also have to worry about Spam Blacklists which can cause your mail to be rejected if a provider is using a specific RBL with your IP in it, even with all three of the above properly configured.

By no means am I telling you not to run your own, rather, I'm saying it's a lot of work at times and if you would rather focus on application development and/or your site without having to worry too much about anything more than a plugin or two, I'd offload. WordPress has plugins for both of those services.

Have another answer? Share your knowledge.