Hi all, perfect server on debian 10, fully updated. I have around 10 domains,some of them has also mail accounts. Server works fine, TLS1.3, PTR record are ok (server1.futurevoice.gr - 65.21.1.23). All of my mail domains cannot send to gmail (this happens for at least one week now) and get response: host gmail-smtp-in.l.google.com[209.85.233.27] said: 550-5.7.1 [65.21.1.23 12] Our system has detected that this message is 550-5.7.1 likely unsolicited mail. To reduce the amount of spam sent to Gmail, 550-5.7.1 this message has been blocked. Please visit 550-5.7.1 https://support.google.com/mail/?p=UnsolicitedMessageError 550 5.7.1 for more information. u2-20020a05651206c200b004481bef6c36si2265677lff.616 - gsmtp (in reply to end of DATA command) Any thoughts?
It tells you what to do already: Please visit 550-5.7.1 https://support.google.com/mail/?p=UnsolicitedMessageError 550 5.7.1 for more information.
I've already verified the domains through postmaster(although it does not give any feedback!). Do not know what else to check...
Check the bulk sender guidelines and mail forwarding guidelines (the other two links in that article besides postmaster tools).
See https://www.howtoforge.com/community/threads/improve-deliverability-to-google-mail-users.86369/ as well
Well, at least your server is not in any known blacklist. And your domain name seems to be clear as well. Nevertheless, I would review all your SPF/DKIM/DMARC records — especially those that you have registered for your users! — and make sure that Rspamd (assuming that's what you're using) is adding all proper signatures (it's not enough to have futurevoice.gr cleared; all the domains you host must be cleared as well, and make sure that they have all proper records clearing the main mail server, server1.futurevoice.gr, and agreeing that it is allowed to get and send email from such domains). The trickiest rules are those that forward email you process on behalf of your users, but who may then forward everything elsewhere (such as back into Google!). Getting that part of the setup working is truly a nightmare :-(
Also, personally, I'd recommend signing up for one of those free tools that periodically check your email server for any issues (namely, if it has recently been blocked) and send you an email with a report. MxToolbox, which I referred to on the previous comment, is one possibility — they offer a lot of paid services, that's true, but a few are free, and they'll give you at least an idea about what is going on. For example, due to a misconfiguration I hadn't noticed, the file with the encryption key I was including in Postfix had been truncated to zero bytes. It would be checked for existence (a zero-byte file does, indeed, exist — it's just empty, but an empty file is valid!), and you could even include it properly in the Postfix configuration, since opening the file would certainly give no error! But, naturally enough, once that key was used to sign messages, that operation would silently fail — or, perhaps worse (I'm not sure!), the signatures would be made, but without an encryption key, they wouldn't be accepted as valid signatures. Google (among many others!) are always checking for those tiny little details, and as soon as something out of the ordinary happens — such as 'suddenly' all messages being signed by an unknown key — it will blacklist your server. In my case, I took about a week to figure out what was wrong (I was looking at the completely wrong issues first!), and, by that time, I had been temporarily blacklisted on several services already... Last but not least... sometimes it's the other way 'round... Google's (many) mailservers may also get placed on blacklists, too! This happens automatically when someone is trying to send spam using Google's servers (and trust me, every day, dozens of thousands of people try to do that); sometimes, they succeed for a while, which may be enough for some of Google's IP addresses to enter these blacklists. And then your server will happily reject messages from Google. In my case, I've even been more paranoid, and I check not only local delivery, but also if the destination is a known spammer — since many spammers, to keep their email address lists up to date, may just wish to get a short reply — say, a delivery confirmation message — just to know that that email address is still valid. As such, I block email in and out from 'known spammers', and that means often (much more often than I'd like!) even Google gets blocked. And there is really nothing I can do about that (except always whitelist messages from Google, which I do to a degree... but it's not as if I trust Google completely) and just have to patiently wait for Google catching the spammer and get unblocked by all those spam blacklists... which may take days. Anyway, these are just some random thoughts, I hope that some of them might be useful to you...