I recently moved to a new dedicated server,proxmox with 2 kvm for web and mail server. For both servers i follow the latest Debian guide , Securing ISPConfig 3.1 with LE and Hardering Postfix guide only for mail server . Also i am using cloudflare for dns. Everything works fine except my emails always went to spam(gmail,yahoo). I tried almost every recommendation and i didnt manage to find any solution DNS Records Expand: DNS Records Code: A mail mail-server-ip A domain.com web-server-ip A www web-server-ip MX domain.com mail handled by mail.domain.com TXT 1535301626._domainkey v=DKIM1; t=s; p=my-public-key TXT _dmarc v=DMARC1; p=reject; rua=mailto:email; ruf=mailto:email; fo=0:1:d:s TXT domain.com v=spf1 mx a ~all TXT mail v=spf1 -all TXT www v=spf1 -all Gmail Expand: Original message Code: Message identifier <[email protected]> Created on: August 27, 2018 - 2:01 am (Delivered after 1 second) From: [email protected] To: [email protected] Theme: test SPF: PASS with IP mail-server-ip Learn more DKIM: 'PASS' with the domain.com domain Learn more DMARC: 'PASS' Learn more Delivered-To: [email protected] Received: by 2002:a5d:4ec7:0:0:0:0:0 with SMTP id s7-v6csp4834286wrv; Sun, 26 Aug 2018 16:01:42 -0700 (PDT) X-Google-Smtp-Source: ANB0VdZZ/2OT0ze5ANNsy4I6RnWiN6kecAiaxlDqYnlSdBtPyYyMcX+c9FkT3ZMIb+MVveW0K8Qa X-Received: by 2002:a50:9ac5:: with SMTP id p63-v6mr14155074edb.112.1535324502664; Sun, 26 Aug 2018 16:01:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1535324502; cv=none; d=google.com; s=arc-20160816; b=OpVzXCKFCWaMne3FYUdCi+y3k2CqA0tNKn/6i0Hae+SuWTkxUHlYq9DxHFhxaGutRK cVuhVNoVi2XqCqm/l4B4M6VKKzXWUn0epycSnhWtZ18TfEemKbR/GVhcB+s86ScBi7Ju 4I6k9EXGC137XIy/xUEbtphvphb6TYNuh1/tm627/jU0Y0/TG1h3IT/mcGQwyxfYIdQ+ gos6OkM4rTK1eYmaNrrxVa0bWxpwImGa2MGx58zCbujetfMXWR5w4nLMI Uq36 + + HMp5X zYCCWc0iibwpFzKp5yFysNrQkenrOiu8KlzMrgCev0zYDo+sIqH/KZLlenzJKqAJM3jP 4Kdg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=user-agent:message-id:from:date:content-transfer-encoding :mime-version:subject:to:dkim-signature:arc-authentication-results; bh = g3zLYH4xKxcPrHOD18z9YfpQcnk / GaJedfustWU5uGs =; b=cgaCc3BSJY2zZzxNsZNdIU0JsPCwQkhTETq0/yk0RnAI3lWO1yMK+Scsav+bJ2hKzw Dhwy/cp15MbYPYIelMbdqWgKPyyfq42Bzw/YGSe90uygxIRq0gpVcAkMf8vXX8y+xNb2 urEPAVuUTHLuGChp0bonmUc7SZ7Xpekp7Cl0EmmJHC2RE2Qgh9wIvmiJKBBYxHSsq3NF TfYRvUhoJAP1OPzFUUUhtgAFTDTZyJ3bd2oA7uXHfs4bknaTt9kG1wAFq7L8JHZwTM1p GHm6tmr6A4tJ8jvm1MTX1OgpjfG0upFLgHCD7NvzG9zLA9U8x3yYGkKf78dmFb8tGwLo FYJA == ARC-Authentication-Results: i=1; mx.google.com; dkim=pass [email protected] header.s=1535301626 header.b=bTKLtm5w; spf=pass (google.com: domain of [email protected] designates mail-server-ip as permitted sender) [email protected]; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=domain.com Return-Path: <[email protected]> Received: from mail.domain.com (mail.domain.com. [mail-server-ip]) by mx.google.com with ESMTPS id a1-v6si1084075eds.294.2018.08.26.16.01.42 for <[email protected]> (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Sun, 26 Aug 2018 16:01:42 -0700 (PDT) Received-SPF: pass (google.com: domain of [email protected] designates mail-server-ip as permitted sender) client-ip=mail-server-ip; Authentication-Results: mx.google.com; dkim=pass [email protected] header.s=1535301626 header.b=bTKLtm5w; spf=pass (google.com: domain of [email protected] designates mail-server-ip as permitted sender) [email protected]; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=domain.com Received: from localhost (localhost [127.0.0.1]) by mail.domain.com (Postfix) with ESMTP id 44F7E1781789 for <[email protected]>; Sun, 26 Aug 2018 19:01:42 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=domain.com; h= user-agent:message-id:from:from:date:date :content-transfer-encoding:content-type:content-type :mime-version:subject:subject; s=1535301626; t=1535324501; x= 1537138902; bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=; b=b TKLtm5wuy8G7MCPZ4gR4f8Uh2RX5yb5z0mTRZFCRrdAUIhoh//cju4wDMFohTMac PysuP8/l8RPvwQzY1hA9l+ToEpGUvJschOCdEQB17FyK52a1ExkVqC6VEy4g/LP9 gmMfj1LJbevPLUnpZBi3EoPjcdOYRKi1Mk3nyBQ+34= X-Virus-Scanned: Debian amavisd-new at mail.domain.com Received: from mail.domain.com ([127.0.0.1]) by localhost (mail.domain.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zsv_Oh49P-UU for <[email protected]>; Sun, 26 Aug 2018 19:01:41 -0400 (EDT) Received: by mail.domain.com (Postfix, from userid 33) id D9E5A17847E3; Sun, 26 Aug 2018 19:01:41 -0400 (EDT) To: [email protected] Subject: test X-PHP-Originating-Script: 0:rcube.php MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Mon, 27 Aug 2018 02:01:41 +0300 From: [email protected] Message-ID: <[email protected]> X transmitter: [email protected] User-Agent: Roundcube Webmail/1.2.3 test any ideas ??
The new setup has a new IP? Check the PTR record - you must have one Sometimes, for me, is insane when people ask for ideas and mask their domain name, as we start to do some hacking attempts on them. But is my opinion.
Hey @Ghostdare thnx for your answer and i agree with you about the masking but i am not an expert not even an experienced user .I was searching for a solution in this forum and i saw a lot ppl mask their domain name so thats what i did it Back in the subject now yeah the new setup has a new IP . Also about the PTR record tbh i dont really know about this ,i just copy all dns records from ispconfig to cloudflare and add dmrca + dkim records .
Check if your mail server has PTR record like this. Code: host mail.yourdomain.tld See what IP-number that returns for your mail server host. Then Code: host that.ip.number.here to see if it returns your mail server hostname. If not, you do not have a correct PTR record, and most mail servers that receive mail from your mail host will discard the mail. Or go to mxtoolbox.com, input your domain. Then when domain is checked choose "Test email server".
host mail.yourdomain.tld returns my ip but host that.ip.number.here returns my reverse dns entry with a pointer to mail.yourdomain.tld
You can check Domain Health at https://mxtoolbox.com/domain/ or http://intodns.com to see if there are any problems.
