Emails from own postfix end up in spam .. outlook, yahoo, gmail...

Discussion in 'Server Operation' started by danny94, Apr 3, 2018.

  1. danny94

    danny94 New Member

    Hi, for a good while (more then a month) im trying to get my vps machine(Ubuntu 16.04) ready for postfix to sent mails. Im using Plesk on it.
    But no matter how i configure my postfix my mails never wont get through spamfilter on several providers like gmail microsoft yahoo... everytime they end up in spam.

    I have more domains in my Plesk panel. I have one domain where i created a subdomain "vps.example.it" this is my server hostname (FQDN-SERVER-HOSTNAME) and this im using for the delivery of mails (Reverse PTR is set to this). The mx entry is also "vps.example.it".
    My server hostname = mailserver is because i only have a single IP, this way i use vps.example.it for ingoing also for outgoing.

    example.it is named on all code and logs "domain1111" the second domain "domain2222".

    So i provided a lot of stuff, trying to send a mail from my mail "xxxx@domain11111" to my gmail mail:


    Mail log vom Server:
    Code:
    Mar 26 10:42:13 vps postfix/smtpd[14762]: connect from host1-90-static.xxxx.business.telecomitalia.it[INTERNET-IP]
    Mar 26 10:42:13 vps postfix/smtpd[14762]: 69337860507: client=host1-90-static.xxxx.business.telecomitalia.it[INTERNET-IP], sasl_method=PLAIN, sasl_username=xxxx@domain1111
    Mar 26 10:42:13 vps greylisting filter[14764]: Starting greylisting filter...
    Mar 26 10:42:13 vps /usr/lib/plesk-9.0/psa-pc-remote[10777]: handlers_stderr: SKIP
    Mar 26 10:42:13 vps /usr/lib/plesk-9.0/psa-pc-remote[10777]: SKIP during call 'grey' handler
    Mar 26 10:42:13 vps postfix/cleanup[14750]: 69337860507: message-id=<3f667075-cc32-39de-687c-30b6a124b4ef@domain1111>
    Mar 26 10:42:13 vps /usr/lib/plesk-9.0/psa-pc-remote[10777]: handlers_stderr: PASS
    Mar 26 10:42:13 vps /usr/lib/plesk-9.0/psa-pc-remote[10777]: PASS during call 'limit-out' handler
    Mar 26 10:42:13 vps check-quota[14766]: Starting the check-quota filter...
    Mar 26 10:42:13 vps /usr/lib/plesk-9.0/psa-pc-remote[10777]: handlers_stderr: SKIP
    Mar 26 10:42:13 vps /usr/lib/plesk-9.0/psa-pc-remote[10777]: SKIP during call 'check-quota' handler
    Mar 26 10:42:13 vps spf[14768]: Starting the spf filter...
    Mar 26 10:42:13 vps spf[14768]: SPF status: PASS
    Mar 26 10:42:13 vps /usr/lib/plesk-9.0/psa-pc-remote[10777]: handlers_stderr: PASS
    Mar 26 10:42:13 vps /usr/lib/plesk-9.0/psa-pc-remote[10777]: PASS during call 'spf' handler
    Mar 26 10:42:13 vps dk_sign[14769]: Starting the dk_sign filter...
    Mar 26 10:42:13 vps /usr/lib/plesk-9.0/psa-pc-remote[10777]: handlers_stderr: PASS
    Mar 26 10:42:13 vps /usr/lib/plesk-9.0/psa-pc-remote[10777]: PASS during call 'dd51-domainkeys' handler
    Mar 26 10:42:13 vps postfix/qmgr[14727]: 69337860507: from=<xxxx@domain1111>, size=2318, nrcpt=1 (queue active)
    Mar 26 10:42:13 vps postfix/smtpd[14762]: disconnect from host1-90-static.xxxx.business.telecomitalia.it[INTERNET-IP] ehlo=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=6
    Mar 26 10:42:13 vps postfix/smtp[14770]: 69337860507: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[74.125.133.26]:25, delay=0.58, delays=0.3/0.01/0.14/0.13, dsn=2.0.0, status=sent (250 2.0.0 OK 1522053735 w6si11077116wrc.153 - gsmtp)
    Mar 26 10:42:13 vps postfix/qmgr[14727]: 69337860507: removed
    My current /etc/postfix/main.cf:

    Code:
    smtpd_banner = $myhostname ESMTP
    
    biff = no
    append_dot_mydomain = no
    readme_directory = no
    
    # TLS parameters
    smtpd_tls_cert_file = /etc/postfix/postfix.pem
    smtpd_tls_key_file = $smtpd_tls_cert_file
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    
    smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
    myhostname = FQDN-SERVER-HOSTNAME
    alias_maps = hash:/etc/aliases, hash:/var/spool/postfix/plesk/aliases
    alias_database = hash:/etc/aliases
    myorigin = localhost
    mydestination = localhost
    relayhost =
    mynetworks =
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = all
    virtual_mailbox_domains = $virtual_mailbox_maps, hash:/var/spool/postfix/plesk/virtual_domains
    virtual_alias_maps = $virtual_maps, hash:/var/spool/postfix/plesk/virtual
    virtual_mailbox_maps = , hash:/var/spool/postfix/plesk/vmailbox
    transport_maps = , hash:/var/spool/postfix/plesk/transport
    smtpd_tls_security_level = may
    smtp_tls_security_level = may
    smtp_use_tls = no
    smtpd_timeout = 3600s
    smtpd_proxy_timeout = 3600s
    disable_vrfy_command = yes
    smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated
    smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client b.barracudacentral.org
    smtp_send_xforward_command = yes
    smtpd_authorized_xforward_hosts = 127.0.0.0/8 [::1]/128
    smtpd_sasl_auth_enable = yes
    smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
    virtual_mailbox_base = /var/qmail/mailnames
    virtual_uid_maps = static:30
    virtual_gid_maps = static:31
    smtpd_milters = , inet:127.0.0.1:12768 inet:127.0.0.1:12345
    sender_dependent_default_transport_maps = hash:/var/spool/postfix/plesk/sdd_transport_maps
    virtual_transport = plesk_virtual
    plesk_virtual_destination_recipient_limit = 1
    mailman_destination_recipient_limit = 1
    virtual_mailbox_limit = 0
    smtpd_tls_ciphers = medium
    smtpd_tls_mandatory_ciphers = medium
    tls_medium_cipherlist = HIGH:!aNULL:!MD5
    smtpd_tls_mandatory_protocols = TLSv1 TLSv1.1 TLSv1.2
    smtpd_tls_protocols = TLSv1 TLSv1.1 TLSv1.2
    milter_connect_macros = j {daemon_name} {client_connections} {client_addr} {client_ptr} v
    milter_default_action = accept
    message_size_limit = 10240000

    /etc/aliases:
    Everything is removed there.

    /etc/postfix/virtual (created by me):
    Code:
    postmaster@domain1111 FORWARDMAIL
    abuse@domain1111 FORWARDMAIL
    
    postmaster@domain2222 FORWARDMAIL
    abuse@domain2222 FORWARDMAIL
    ...
    and
    /etc/postfix/domains:

    Code:
    DOMAIN11111 #
    DOMAIN22222 #
    /etc/hosts:

    Code:
    127.0.0.1    localhost.localdomain localhost
    127.0.1.1    FQDN-SERVER-HOSTNAME HOSTNAME
    
    # The following lines are desirable for IPv6 capable hosts
    ::1    localhost.localdomain localhost ip6-localhost ip6-loopback
    ff02::1    ip6-allnodes
    ff02::2    ip6-allrouters
    SERVERDOMAIN    FQDN-SERVER-HOSTNAME HOSTNAME
    In my master.cf i changed the HELO to the server hostname vps.domain1111
    Code:
    plesk-domain22222-173.xxx.xxx.xxx-2a02-xxxx-xxxx-xxxx--1 unix - n n - - smtp -o smtp_bind_address=173.xxx.xxx.xxx -o smtp_bind_address6=2a02:xxxx:xxxx:xxxx::1 -o smtp_address_preference=ipv4 -o smtp_helo_name=vps.domain1111
    Im using TLS/SSL for ingoing und outgoing. The mail server is secured with the "vps.domain1111" certificat.

    In attachment you can find also a mail-tester.com result with 10/10, dns configuration, plesk email settings, header mail comparison from sending mail:
    left: yahoo.com -> gmail.com
    right: mail from domain2222 -> gmail.com,
    proof for setting right reverse dns.

    Im not listet in any Blacklist, checked a lot of tools and checked domain health, smtp diagnostics with mxtoolbox.com, dns stuff ... im passing everywhere.

    I listet my domains hostname there:
    postmaster google site

    I joined the jmrp and snds program on microsoft.
    I asked there:
    https://support.microsoft.com/en-us...rt_1.0.0.0&wfname=capsub&productkey=edfsmsbl3
    https://help.yahoo.com/l/us/yahoo/mail/postmaster/bulkv2.html
    https://support.google.com/mail/contact/msgdelivery

    From microsoft support i recieved:
    We have completed reviewing the IP(s) you submitted. The following table contains the results of our investigation.
    Not qualified for mitigation
    173.xxx.xxx.xxx
    Our investigation has determined that the above IP(s) do not qualify for mitigation.

    Edit:
    Shortly i included clamav antivirus check and is working:
    X-Virus-Scanned: clamav-milter 0.99.4 at vps
    X-Virus-Status: Clean

    Edit2:
    At the moment im using for mydestination and myorigin the (fqdn-server-hostname) vps.domain1111.

    I really don't know how to fix this problem and im really exhausted after so many days of failure [​IMG].
    Unbenannt (1).png Unbenannt3.png Unbenannt4.png Unbenannt5.png Unbenannt6.png Unbenannt7.png comparison1.png comparison2.png comparison3.png
     
    Last edited: Apr 3, 2018

Share This Page