other: gmail recipients marking me as spam (multiple domains setup)

[tobiabocchi]

Subject

I would like some feedback concerning a use case

Description

Hello, first of all thank you for all the effort that has gone into this project, I've been working with it for a few days now and the documentation is very well done and useful.

I am having a problem with my newly installed DMS instance: my emails are marked as spam when sent to gmail recipients.

My setup is the following: I have a main domain and two additional domains, DNS is managed through cloudflare:

1. I set up a single A record for the main domain, then the two additional ones use CNAME records pointing to the main one.
2. All three domains have MX records pointing to mail.maindomain.com
3. All three domains have DMARC, DKIM and SPF records. I setup DKIM using RSPAMD and used a custom dkim_signing.conf to instruct rspamd which key to use with which domain.

For the whole setup I think I followed correctly the guides on the official documentation, but it's the first time deploying this service for me so I might have done something wrong, I am just having a hard time troubleshooting this.

Here are the reports from mail-tester for my domains:

• main domain
• second domain
• third domain

On MX toolbox healthcheck I am only getting a warning about SOA, but I think the problem is not that.. Could someone help me troubleshoot this?

[glime-ai[bot]]

Please note that this response was created using generative AI, leveraging previously available information from the repository. This information may be helpful. However, it is our strong recommendation that you carefully consider the information before blindly applying it.

This response is generated only once - you will not be able to interact with the glime-ai.

---

Hello,

Thank you for your kind words and for using our project! Based on your description, it seems like you've set up your DNS records and DKIM configuration correctly. However, emails being marked as spam can be due to several factors. Here are a few steps to help you troubleshoot the issue:

1. Check SPF Records: Ensure that your SPF records are correctly configured and include all the IP addresses that are authorized to send emails on behalf of your domains. You can use tools like MX Toolbox SPF Record Check to verify this.

2. Verify DKIM Configuration: Make sure that your DKIM keys are correctly set up and that the public keys are published in your DNS records. You can use MX Toolbox DKIM Verifier to check your DKIM DNS records.

3. DMARC Policy: Ensure that your DMARC policy is correctly configured. A strict DMARC policy can help improve your email deliverability. You can use DMARC Analyzer to check your DMARC records.

4. Email Content: Sometimes, the content of the email can trigger spam filters. Ensure that your emails do not contain any elements that might be considered spammy, such as excessive links, certain keywords, or large attachments.

5. Reputation of IP and Domain: Check the reputation of your sending IP address and domain. If they have a bad reputation, it can affect your email deliverability. You can use tools like Sender Score to check your IP reputation.

6. Gmail Postmaster Tools: Use Gmail Postmaster Tools to get insights into how Gmail is treating your emails. This can provide valuable information on why your emails are being marked as spam.

7. Testing Tools: Utilize the testing tools mentioned in the documentation to verify your configuration:

   • mail-tester.com
   • MX Toolbox
   • internet.nl

Here are some useful links from the documentation that might help you further:

• DKIM, DMARC & SPF Setup
• Testing Tools

If you still face issues, please provide more details or specific error messages, and we can assist you further.

This comment was generated by Glime.

[tobiabocchi]

Thank you for assisting me. Here are the answers to your qeustions:

1. All my SPF records are set to v=spf1 mx -all, and all my MX records to mail.mymaindomain.com. MX toolbox does not find any problem with them.
2. MX toolbox does not find problems with my DKIM DNS records.
3. MX toolbox does not find problems with my DMARC policy, this is my policy:

   v=DMARC1; p=quarantine; sp=quarantine; fo=0; adkim=r; aspf=r; pct=100; rf=afrf; ri=86400; rua=mailto:dmarc.report@myfirstsecondorthirddomain.com; ruf=mailto:dmarc.report@myfirstsecondorthirddomain.com

4. I just tried sending very simple emails with an object of "test email" and a content of "hello, this is a test email blah blah blah"
5. I don't know why but senderscore is not working for me right now, anyway I am not on any blacklist according to MX toolbox
6. I have added and verified all three of my domains, but still, my mails are marked as spam :(
7. I have already linked the results from mail-tester and I get a score of 10/10 for two domains out of 3

[georglauterbach]

What would be most interesting is the raw email that is delivered at Gmail, i.e. the raw source. This very source should contain the information about what possibly went wrong and which spam symbols have been applied.

I guess you have a Gmail account. Send yourself an e-mail and post the raw version of the delivered e-mail here.

[tobiabocchi]

Thank you for your quick reply!

Here is the raw message:

Delivered-To: tobiabocchi@gmail.com
Received: by 2002:a05:7000:bda8:b0:591:82b0:7325 with SMTP id je40csp562796mab;
        Wed, 5 Jun 2024 13:01:36 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IEykHO9uHamqDSMjfyrt8asQKZz0XHIleWBNgX5/fyp3xdfk1u4quheBRJ+yrQLwqa04+3n
X-Received: by 2002:a9d:74c7:0:b0:6f9:3aec:8b38 with SMTP id 46e09a7af769-6f94340f2ddmr3610952a34.4.1717617696395;
        Wed, 05 Jun 2024 13:01:36 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1717617696; cv=none;
        d=google.com; s=arc-20160816;
        b=Vsc+2KihSd5IpOnnJNaqj5/e1xvu6wZDh286u1Hwc392VbamMp5uSzgKxUWq/rfgdF
         tDLMR6HaPCb0TxDgeiZJMRZKyTZhpo6R/srny55cRVjnoW8Uh0jx29zXRMdgjvG/3Lmq
         z1Tsy0KyQsKKhB7/z+ty05H31AKMILWnpQpzXya70K+GkZBUM4zk41vIOyypOI7R9+gc
         4m/EuzT1p4dcSEStZM46Kc54hdmlGWFqkx+EefDAL6BLdTmeV7yqa7pmOHtVKY66iDvc
         YlpE9KaSZeficMhLDpjPyTb39GwvzrggmzcKVnbd+ubq5Sc/RV8vf58hyT59DPBdj7Tt
         Y5DA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=to:date:message-id:subject:mime-version:content-transfer-encoding
         :dkim-signature:from;
        bh=cB15IpzXEfwrV4xssnMCFuIAconGp1qfKjY02kb9olM=;
        fh=CNNqG6jvJWO32VkKMz2N/eAaYTS2JcGvQiYw6y6tKNI=;
        b=saLRLmOaOHDj0/0NbgvvRV76XFTom9AjsKcUdpn3N745F7QftNxcLcaAwk1M7IqKuR
         OqJpi+dG2ZbzKtfrE7HZ9sInns0yhu5n2Sm3oNDbqBUkCd3I/sPLz5lbmn47I0eClvJ6
         P45/FtyhPCaAGtUvY2guoYgC/2cbtnDok5GBgPA+6rk8Fyr/g757poQnk1I8o4SxjtVu
         4MJRBL6B9BOBSd7LinUyFrCODGsPDNr3dXOPF4oKH5FZf+ECNdzhHDMYZqkQdkdOwvbx
         k66xHp3XatrlqK/C5nBaMQ/SpBFDYJ2cSz7DGDld1HJe60lFdkmJe0bz6NJAovKxiItv
         4QuQ==;
        dara=google.com
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@tobiabocchi.me header.s=mail header.b=erVbVqNd;
       spf=pass (google.com: domain of tobia@tobiabocchi.me designates 63.141.255.88 as permitted sender) smtp.mailfrom=tobia@tobiabocchi.me;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=tobiabocchi.me
Return-Path: <tobia@tobiabocchi.me>
Received: from mail.tobiabocchi.me (mail.tobiabocchi.me. [63.141.255.88])
        by mx.google.com with ESMTPS id 46e09a7af769-6f9105b6070si3852870a34.222.2024.06.05.13.01.36
        for <tobiabocchi@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 05 Jun 2024 13:01:36 -0700 (PDT)
Received-SPF: pass (google.com: domain of tobia@tobiabocchi.me designates 63.141.255.88 as permitted sender) client-ip=63.141.255.88;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@tobiabocchi.me header.s=mail header.b=erVbVqNd;
       spf=pass (google.com: domain of tobia@tobiabocchi.me designates 63.141.255.88 as permitted sender) smtp.mailfrom=tobia@tobiabocchi.me;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=tobiabocchi.me
From: Tobia Bocchi <tobia@tobiabocchi.me>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tobiabocchi.me;
    s=mail; t=1717617694;
    h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
     to:to:cc:mime-version:mime-version:content-type:content-type:
     content-transfer-encoding:content-transfer-encoding;
    bh=cB15IpzXEfwrV4xssnMCFuIAconGp1qfKjY02kb9olM=;
    b=erVbVqNdTs1ELdB2pwWLEl7IpZ5pGHMxBejlhpRMIZv+fLw/zLV12kf+eaf+WHI2G7uCWJ
    AAkrtWirCuqj8/Ghm1XNxhBqoKQJ9x+cp2dobmObkPz4tlf7pC/oQ8+InVMOBHrXvLiRlC
    T/LWjSy5yM/SVvkEjE8WX3s8wMAZKtFn7wtLIhte4Pi8ImCnWMSFGl7Ikei1LKAIkEm3yj
    ccg/442P2N1EN/OIBxkbFD0iUzuM6IllaWWApF1Ct/jeg8O7x0vhWaQAO9z8Dqvxl9qwSn
    1z6TeM/vs2I+0hsK69FSaACvX8RmsqY7l0SNau1qmRyYA8L2RS83jBBMOZM5xA==
Content-Type: text/plain;
    charset=us-ascii
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: ok secondo round
Message-Id: <79B8249C-4059-40A0-80F8-569E1913B3F2@tobiabocchi.me>
Date: Wed, 5 Jun 2024 22:01:22 +0200
To: Tobia Bocchi <tobiabocchi@gmail.com>

va bene, proviamo una seconda volta

Adesso ho proprio aggiunto il dominio giusto a postmaster.. vediamo che =
succede

io dubito sempre,
ciao!!=

[georglauterbach]

At first glance, it looks good. You are using Arc, so I reckon you're relaying in some way?

charset=us-ascii is a bit odd, but I doubt that's enough for the spam mark Gmail. You could try, though, to use another charset.

[tobiabocchi]

Hmm actually I am not sure, on cloudflare dashboard all my DNS records have the relay option turned off, so I don't think I am relaying in some way.. I just downloaded thunderbird and tried sending an email it's still delivered to spam :( now the charset changed to UTF-8, you can see the message header below. I have also tried changing my DMARC policy to reject for both p and sp but that did not help.

One thing I forgot to mention is that the IP of my vps recently changed, before I had another setup for mail, using emailwiz and my mails were delivered successfully, although I was using a single domain..

Delivered-To: tobiabocchi@gmail.com
Received: by 2002:a05:7000:780b:b0:591:82b0:7325 with SMTP id b11csp232954mav;
        Thu, 6 Jun 2024 01:32:11 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IFoc7Sc4GebH5mu8gvbndQquduWAvG3et2emrU09KVTpBR+Jxyq2o2YOhjPfOQ+wGHdijR4
X-Received: by 2002:a05:6830:43a3:b0:6f9:4040:8d5b with SMTP id 46e09a7af769-6f9436b0943mr5917563a34.27.1717662730845;
        Thu, 06 Jun 2024 01:32:10 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1717662730; cv=none;
        d=google.com; s=arc-20160816;
        b=rnVyHdFUYDbBuYoHuqko8ea2/kJ6wEZMLF/esdoU4L1zWB6FmLiBcyTF4KndfqS2X7
         vL2+88OqL0H+h24KnN03UokklwER7FmxT8WHIXSIbVUaJ+UBmuQmBLF+7pJL9q/QtZ9s
         C5iGKjfZwXngpLnM5sMjO7h55ADZnfI4sSuD3Plk49d9KAti2LY82Blfv0iDnJTO+Rmv
         HFDPYm/556KON7R0z1lQ3svffdsKle/8XbA1Sqb/EG3c4VisREN71j9NZ8ocRYXJ5sZy
         hrBIinC23oNuQU/B6rlVn4znG1CuYdeSVq6N4r6oHHPeG8BXsw9pzSixE8W0vrkMARMp
         aBcA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:subject:from:to:content-language
         :mime-version:date:dkim-signature:message-id;
        bh=hqugGXMK6o7kllvCdSlY1Od83HfcBfK4Wq5le1PCMi0=;
        fh=BiFK+vBczeMrY1TlqdRhEG1Yf2tYgT1wo4ovvlMQLGk=;
        b=KZ7GkP/EKYLNFm/R32XrrYjeb+OcMbAepeDmmINyKegn5Qt6Sa8E+xTj3pje0/UKeA
         rPNGw1R0LagDVUs6b5D3x7t9E6OZprucOe1MEwL6hqKmwmQdHrpd+X8pYngKS2wdiLSk
         Yv89Hs0Zedf3PRM/709WGPkxZLWJqXmo5MhU7OxpvCEZOirJrBVIoOx6tCJI75MSd2tp
         CM7VKQbz0WAuQqLe2FO58uCGDxHSHvTK+uwqJuVbQRj+daqpqKPnY4rZQzesY1EN0Ktx
         a+3T+lG37tywvQpouz0haiTuvaV5VHJuN07uF14tueFXXxdgDL3TBXsevQg9PPGbVz/4
         4cww==;
        dara=google.com
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@lasiorenna.it header.s=mail header.b=m4YRlWe5;
       spf=pass (google.com: domain of info@lasiorenna.it designates 63.141.255.88 as permitted sender) smtp.mailfrom=info@lasiorenna.it;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=lasiorenna.it
Return-Path: <info@lasiorenna.it>
Received: from mail.tobiabocchi.me (mail.tobiabocchi.me. [63.141.255.88])
        by mx.google.com with ESMTPS id 46e09a7af769-6f94dc876cdsi297833a34.110.2024.06.06.01.32.10
        for <tobiabocchi@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 06 Jun 2024 01:32:10 -0700 (PDT)
Received-SPF: pass (google.com: domain of info@lasiorenna.it designates 63.141.255.88 as permitted sender) client-ip=63.141.255.88;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@lasiorenna.it header.s=mail header.b=m4YRlWe5;
       spf=pass (google.com: domain of info@lasiorenna.it designates 63.141.255.88 as permitted sender) smtp.mailfrom=info@lasiorenna.it;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=lasiorenna.it
Message-ID: <72c55990-d7ed-40a2-9ce8-42b2a654e4e4@lasiorenna.it>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lasiorenna.it;
    s=mail; t=1717662730;
    h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
     to:to:cc:mime-version:mime-version:content-type:content-type:
     content-transfer-encoding:content-transfer-encoding;
    bh=hqugGXMK6o7kllvCdSlY1Od83HfcBfK4Wq5le1PCMi0=;
    b=m4YRlWe5286VPTnkIC30S3zhh64cBBilA3Xf6tWzADbTa3KeEtlGDbeDLKYIgpFiJj9V4o
    bVuKIpnxz8q8Hkxt5JJznDQgbSlMaTE78gEkBYs5ZNirdlJ8CcA+yTe15ji3I5c3+ImDYW
    f1a5E7NUd+r6olSWaLylCOplcYZEe+E8q0lT9iwGLb+3nkW8B3Gw5r5OK1tuKLeKwBC0sp
    HzB6j/+wlaeMHbmziD9B5hOLSK9PzceS9ihoGRv1sIIYc9ScltLJmBFj1IaAd6vBNVrhJw
    AlEx3/z5jdwCN/UuFbXIaTOggvJo2+1esIiHTgKY2QxMYVw8yED8aWADlkliiw==
Date: Thu, 6 Jun 2024 10:32:08 +0200
MIME-Version: 1.0
Content-Language: en-US
To: tobiabocchi@gmail.com
From: La Siorenna <info@lasiorenna.it>
Subject: Hello from an old friend
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit

[polarathene]

You could try relaying mail through a service like SendGrid just to rule out any reputation issues? It's presumably less likely about the content of the mail in this case and more likely due to factors out of your control? (beyond a service like SendGrid)

If that does work and the mail content isn't really any different, then you'd need to find a way to improve the trust further? :\

---

One thing I forgot to mention is that the IP of my vps recently changed, before I had another setup for mail, using emailwiz and my mails were delivered successfully, although I was using a single domain..

The IP change may have some relevance, but from what I recall a domain that's already established trust shouldn't lose that from the IP change.

Might be worth trying emailwiz again to compare.

DMS does make some assumptions with some of the config, so the most compatible config involves:

• hostname: mail.maindomain.com as you have mentioned. All mail sent to DMS via MX records pointing to that A/AAAA record.
• Mail accounts should be user@example.com, try not to overlap with the hostname. Some default settings like POSTMASTER ENV will default to the hostname value without the subdomain, thus postmaster@maindomain.com.
• Multiple domains should be fine, only the hostname should be used as the EHLO greeting to other mail servers, and as the domain associated to your TLS certificates.

[tobiabocchi]

Yes, my vps hostname is set to mail.mymaindomain.com, my MX records don't point to A/AAAA but to mail.mymaindomain.com, I will try changing that to an A record, I only have 3 accounts so far: tobia@mymaindomain.com info@myother2domains.com. One interesting thing is that 2 days ago I was able to reach my gmail account without being marked as spam with the following message, if I recall correctly I was not using RSPAMD but OPENDKIM and OPENDMARC instead and only had 1 domain setup for email.

Maybe the fact that I've changed my DKIM identity a few times over the last few days (for testing purposes) might have affected my trust?

Delivered-To: tobia97@gmail.com
Received: by 2002:a05:6124:1f02:b0:3a6:bede:cb5e with SMTP id f2csp2749161vlr;
        Tue, 4 Jun 2024 12:29:00 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IHNfiAYXZXkC+0B1aoVMPyjzuhXqgLz6iyZOHDU+KosB/at/0+IZ93ZhPnI9ziEjfeku9ay
X-Received: by 2002:a05:6870:fba6:b0:24f:d4e9:5d61 with SMTP id 586e51a60fabf-25121c88c52mr650886fac.7.1717529340524;
        Tue, 04 Jun 2024 12:29:00 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1717529340; cv=none;
        d=google.com; s=arc-20160816;
        b=Z/LLYh3j2B0HzSc1r+3bjcrHX82AZiGjJ32YMrMXYt9m2+XtGvY07VUSRZbsQ1dhhN
         uSmMrsFChWgzr21dZVkTJvX89QfGdx77dMTd7fATvDay/c0b1kzwLk9zQPoLSwT22dMp
         HP+WGcIH9J9siEHsp4SrgXa5budTrpQaqFWjiVgIutmTHsSSt/XOTNV6mqMS/x1Fggy5
         u7UMbKVXXpz7qwaHY1QD5P3SobJ+RjbEFWiyKvICaL6YEj7fl+afMvK32k+zguwaAvXs
         oxYzJUqyb6D+RWJ+vd75JCRAnqvxMk8a4qGn0y+hJJVxcduLmwIwlKFBmuBwrgPgfvCF
         CXUg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=to:date:message-id:subject:mime-version:content-transfer-encoding
         :dkim-signature:from;
        bh=Lpiko7T97UlpGDkOa3PDNL96vvOl29dkbsATn99vCkk=;
        fh=/RPTdAANwudgJko/0ScTkp0XQf8DHNjqjH/+r6tsaNA=;
        b=GSLsVXlRAYGEBKuIjJ9kLYxHKJYShykw/raaw80ekGVX3OfmLUY44W7e8eQ72oHa7W
         azFjnUn24AYTHGzm8y8Q8+YE8upxc+1GtxFFB998MVGTqybgoGXtGniMgW+stTDSxdn3
         QycbuXHtcmykJ1+5V1QcaJpgdYUf84rCUnBJN+KIayFhLI5szGibc+9lrl0nA9IxVtzr
         nfi4xZl5OHmC29ORNXDE9XfeF7SZzVj7NpqoT4A59VBoDpAvvQVAet9SWyTGmSv1r2sn
         9u6ywSOsvRB5IbAMQxhTK1xmRfrrARwgYliC+MuP27bHAMafqvdKzCX4H6Q5kZqeo/Ly
         kpZg==;
        dara=google.com
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@tobiabocchi.me header.s=mail header.b=heVa86W1;
       spf=pass (google.com: domain of tobia@tobiabocchi.me designates 63.141.255.88 as permitted sender) smtp.mailfrom=tobia@tobiabocchi.me;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=tobiabocchi.me
Return-Path: <tobia@tobiabocchi.me>
Received: from mail.tobiabocchi.me (mail.tobiabocchi.me. [63.141.255.88])
        by mx.google.com with ESMTPS id 586e51a60fabf-2508521a069si3499229fac.136.2024.06.04.12.29.00
        for <tobia97@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 04 Jun 2024 12:29:00 -0700 (PDT)
Received-SPF: pass (google.com: domain of tobia@tobiabocchi.me designates 63.141.255.88 as permitted sender) client-ip=63.141.255.88;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@tobiabocchi.me header.s=mail header.b=heVa86W1;
       spf=pass (google.com: domain of tobia@tobiabocchi.me designates 63.141.255.88 as permitted sender) smtp.mailfrom=tobia@tobiabocchi.me;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=tobiabocchi.me
From: Tobia Bocchi <tobia@tobiabocchi.me>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=tobiabocchi.me;
    s=mail; t=1717529339;
    bh=Lpiko7T97UlpGDkOa3PDNL96vvOl29dkbsATn99vCkk=; h=From:Subject:To;
    b=heVa86W1KEjd4EQrDx2ovEOf6R1mQvBy20EZYJJ2FOaWTltgxAYKdUvmXTeMKJh8o
     eYiAIBN9hGksixXDMuZiXmx+qXMF8mDtvMy4iLO/Xp+Ycfus4XOb8d2vAy+Nw5LE2H
     7a3r1OG+CNzqHW9WMzZbxs/gd9wJlbaxe3DHL2Gr7VAi40y2IOlQAcHuzVsTHwvZRU
     yl+eqb61NHK5cYQZF7tYR+eYvuNthJt03JqS6deoW+yIyiLGvWPsn8lLIYCgzMSnqd
     qXwiw+zRbQVHmz7Ip8gZ58Zg+U31Xzr/hF3aakFwfwNkOSJmTrI5hpqGUeO/odtG+p
     BmuqigzuOeiDA==
Content-Type: text/plain;
    charset=utf-8
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Great news
Message-Id: <4D9F2D9B-BC18-4DFF-8BA3-F2FD913D2133@tobiabocchi.me>
Date: Tue, 4 Jun 2024 21:28:47 +0200
To: Tobia Bocchi <tobia97@gmail.com>

Hey I=E2=80=99ve been waiting a while but now I can finally say my mail =
server is up and running!! I have everything configured correctly so you =
should receive this!!!=

[polarathene]

MX records don't point to A/AAAA but to mail.mymaindomain.com, I will try changing that to an A record

My bad, I meant that your records for mail.mymaindomain.com are A / AAAA not CNAME.

[polarathene]

Maybe the fact that I've changed my DKIM identity a few times over the last few days (for testing purposes) might have affected my trust?

Possibly. I've not got too much experience with deployment, I only contribute to the project.

It may just take a bit of time for things to settle and you'll be fine if that's the case.

---

If you do manage to isolate an environment/configuration where you can reliably get mail delivered and another where it's redirected to junk mail, that'd be worth sharing 👍

[tobiabocchi]

Ok actually, right now my mail.mymaindomain.com is set to mymaindomain.com (CNAME record), I will change that to A record pointing to the vps public ip, even though I do not get what difference it makes, I am no expert in this field but I thought the final outcome was the same.. Yes I'd love to share my config, in fact I took notes while setting this up and at some point I am planning to make a blog post out of it, I will report here once that's public :)

[georglauterbach]

Ok actually, right now my mail.mymaindomain.com is set to mymaindomain.com (CNAME record), I will change that to A record pointing to the vps public ip, even though I do not get what difference it makes, I am no expert in this field but I thought the final outcome was the same..

Did this work for you?

[tobiabocchi]

Ok actually, right now my mail.mymaindomain.com is set to mymaindomain.com (CNAME record), I will change that to A record pointing to the vps public ip, even though I do not get what difference it makes, I am no expert in this field but I thought the final outcome was the same..

Did this work for you?

Unfortunately not, I'm still marked as spam from mymaindomain.com, I am successfully delivering mails from oneofmysecondarydomain.com so it's not the IP for sure

I just found this and gave it a shot, I got an email saying to wait at least 2 weeks for the changes to propagate.. we'll see what happens, I'll post here if I can get it to successfully deliver to gmail inboxes

[polarathene]

Ok actually, right now my mail.mymaindomain.com is set to mymaindomain.com (CNAME record), I will change that to A record pointing to the vps public ip, even though I do not get what difference it makes, I am no expert in this field but I thought the final outcome was the same..

I just recall Postfix I think saying somewhere that MX records should not point to CNAME records as it had some caveat 🤷‍♂️ At least I think it was Postfix. Might have been related to reverse DNS lookups. I guess some software just did something in a specific way that was not compatible for whatever reason 🤔

[tobiabocchi]

Ok it seems fixed now! Not sure if it was the link from this comment or the fact that it took a while for everything to settle (ie the dkim identity change for that domain).

Thank you once again for the support and this amazing project!