cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Problem using relay.plus.net

FIXED
Townman
Superuser
Superuser
Posts: 23,016
Thanks: 9,605
Fixes: 160
Registered: ‎22-08-2007

Re: Problem using relay.plus.net

Fix

‎09-06-2019 1:46 PM - edited ‎09-06-2019 1:50 PM

Hi @Snowman

OK, I found an authoritative answer for you...

 

https://kb.netgear.com/23109/Receiving-event-logs-and-alerts-from-a-NETGEAR-router-by-email 

… In the Send to This Email Address; this email address is also used for the "From" address in the email header.

 

This is an odd approach, but I guess a pragmatic one.  If the hotmail.com service implements strict SPF rules, then the implied sending from xxx@hotmail.com via relay.plus.net WILL FAIL strict SPF rules set up by Hotmail.

A nslookup query on hotmail.com reports

hotmail.com
text = "v=spf1 ip4:157.55.9.128/25 include:spf.protection.outlook.com include:spf-a.outlook.com include:spf-b.outlook.com include:spf-a.hotmail.com include:_spf-ssg-b.microsoft.com include:_spf-ssg-c.microsoft.com ~all"

This SPF record idenitifes those SMTP relays permitted to send email on behalf of @hotmail.com email addresses.  The bit highlighted in red determines how emails which fail SPF verification rules should be handled.

 

https://dmarcian.com/what-is-the-difference-between-spf-all-and-all/

SPF is all about publishing a list of servers that are authorized to send on behalf of a domain.

After writing out a list of servers in the form of an SPF record, the right thing to do is to end an SPF record with something that says “and everything else on the Internet is NOT authorized”.

The way the above is written is to use the “all” mechanism.  This mechanism matches everything.  By adding a prefix of “~” or “-“, the meaning of the mechanism is changed to be:

  • “softfail” in the case of “~”
  • “fail” in the case of “-“

Both mean “NOT PASS”, but there is a subtle difference, and it has to do with history.

 

I will leave you to read on if you are interested!  What the history reports in inconsistency and confusion on how "soft fail" has been interpreted and handled - especially by Hotmail.

 

OK long answer shortened!

  1. Sending the router emails TO xxx@hotmail.com will make them appear to also come FROM xxx@hotmail.com
  2. Sending emails FROM xxx@hotmail.com via PlusNet's relay server breaks the SPF authorised sender lists defined BY Hotmail
  3. Changing the TO address to router@youraccount.plus.com (and forwarding that to xxx@hotmail.com) via the Plusnet relay will avoid any issue arising from Hotmail's SPF rules
  4. Leaving the TO address as is and using Hotmail's SMTP server will deliver compliance with Hotmail's SPF rules
  5. The variability of success / failure here might well depend on configuration differences of individual inbound email servers within the Hotmail (Outlook) email server estate.  It could equally be variable 'grey-listing' as we saw with the Google Gmail services on free accounts

It somewhat looks as though you have been caught out by the firm application of desirable anti-spam measures; over the last 18 months or so, some of the big players in the world of email have got somewhat tougher in this space.  However, the all too frequent experience of they inconsistently not accepting or not delivering emails which 'fail' one of their counter measures, makes diagnosis difficult.

On the last point I'm appreciative of detailed input from the Plusnet email super guru! @JW 

 

In another browser tab, login into the Plusnet user portal BEFORE clicking the fault & ticket links

Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.

If this post helped, please click the Thumbs Up and if it fixed your issue, please click the This fixed my problem green button below.

Message 16 of 17
(1,066 Views)
Snowman
Hooked
Posts: 9
Thanks: 2
Registered: ‎23-02-2019

Re: Problem using relay.plus.net

‎09-06-2019 3:43 PM

Thank you for the detailed explanation - it seems to explain what has happened and why changing the TO address in my router should fix the unreliable delivery problem.

Out of interest I have just looked at the full header information on a few of the router log emails:

  • On 17th Nov (well before the unreliable delivery problem started) the email header includes references to SPF SoftFail.
  • On 5th Jun (the last date an email arrived before changing the TO address in my router) the email header includes references to SPF SoftFail.
  • On 8th Jun (the first date after changing the TO address in my router) the email header says SPF None.

So it appears that the emails were being marked as SPF SoftFail well before the unreliable delivery problem started, but that since February some (but not all) of the Hotmail/Outlook email servers have probably been silently discarding an email if it is marked as SPF SoftFail.

The router log email arrived again today so I will be optimistic and assume that the unreliable delivery problem has now been resolved and mark this thread as fixed.

Thank you (and others involved).
(The detailed information provided in this thread might also be useful to other users with a similar problem)

Message 17 of 17
(1,042 Views)