cancel
Showing results for 
Search instead for 
Did you mean: 

Why is PN rejecting legitamat incomming emails before they get to my account ?

daveg6hni
Grafter
Posts: 205
Thanks: 8
Registered: ‎07-01-2009

Why is PN rejecting legitamat incomming emails before they get to my account ?

I did PM one of the PN team twice last week, but have not had a reply Huh

Anyhow, Order confirmation emails from one company I deal with a lot have started being rejected by PN before they even reach my on-line mailbox, they don't even get as far as the spam or junk folders !

I have a domain name registered with 123-reg and all my mail goes to that email address and is then forwarded to my personal email with PN.

Here is an extract from the rejection notification email... actual address disguised

-----------------------------------

Reason: There was an error while attempting to deliver your message with [Subject: "www.hattons.co.uk order confirmation : order 5395944"] to hattons@******.plus.com. MTA p3plwbeout06-02.prod.phx3.secureserver.net received this response from the destination host IP - 212.159.9.200 -  552 , 552 Spam Message Rejected .

-----------------------------------

There appears to be no way to tell the system that THIS IS NOT SPAM !

Annoyingly their daily sales emails make it through unaffected ?

I found this post from 2019 with a similar issue Received mail being blocked - Plusnet Community

but the suggested solution did not work, I added both hattons.co.uk and orders@hattons.co.uk to my white list but emails are still being rejected - 552 Spam Message Rejected 

H=E=L=P

 

22 REPLIES 22
Townman
Superuser
Superuser
Posts: 17,657
Thanks: 7,356
Fixes: 71
Registered: ‎22-08-2007

Re: Why is PN rejecting legitamat incomming emails before they get to my account ?

Redirecting email is filled with dragons.  Doing this creates some degree of ambiguity or the source of an email - the original address or that of the forwarding service.

In the first instance try adding the 123-reg address to the white list.

Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.

daveg6hni
Grafter
Posts: 205
Thanks: 8
Registered: ‎07-01-2009

Re: Why is PN rejecting legitamat incomming emails before they get to my account ?

OK, thanks I will give that a go, but it is not all of Hatton's emails that are being rejected only the important ones ?

And so far no other senders are being blocked either Huh

Regards, Dave.

Townman
Superuser
Superuser
Posts: 17,657
Thanks: 7,356
Fixes: 71
Registered: ‎22-08-2007

Re: Why is PN rejecting legitamat incomming emails before they get to my account ?

Superuser citation

This topic has been cited by one of the Superusers; the purpose of which is to provide a note for information which might help to focus continued discussion (but might not result in a staff response).


 

Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.

daveg6hni
Grafter
Posts: 205
Thanks: 8
Registered: ‎07-01-2009

Re: Why is PN rejecting legitamat incomming emails before they get to my account ?

I added 123-reg.co.uk and www.123-reg.co.uk to my white list first thing this morning, but two more mails just got rejected today some 6 hours later Sad

extract

Reason: There was an error while attempting to deliver your message with [Subject: "www.hattons.co.uk order confirmation : order 5398431"] to hattons@daveg6hni.plus.com. MTA p3plwbeout10-06.prod.phx3.secureserver.net received this response from the destination host IP - 212.159.8.200 -  552 , 552 Spam Message Rejected .

This is a very big issue to me as I am loosing order confirmations !!!

MJN
Pro
Posts: 1,285
Thanks: 142
Fixes: 5
Registered: ‎26-08-2010

Re: Why is PN rejecting legitamat incomming emails before they get to my account ?

Are you able to share the full headers of an email that *did* manage to get through? (By PM to ideally avoid any obfuscation of details if possible) This might shine some light on exactly how 123-reg are 'forwarding' this mail and what spam traps they might be falling into in doing so.

 

Incidentally, how did you get sight of the bounce message? Did Hattons send it to you?

daveg6hni
Grafter
Posts: 205
Thanks: 8
Registered: ‎07-01-2009

Re: Why is PN rejecting legitamat incomming emails before they get to my account ?

Hi MJN, actually I have just sent a few examples to PN last night as they requested so I am waiting expectantly...

I only discovered the bouncing because most of my email goes first to my Domain name (g6hni.co.uk) and I then forward it on to my relevant PN email account, work related emails go to one address, personal to another, official to a third. So the notifications I'm assuming are coming from 123-reg who maintain my domain name Huh

It is a little more complicated than that as I give each sender a unique email prefix @g6hni.co.uk,but that is the gist of it.

Not all mail from Hattons gets blocked ! newsletter@hattons.co.uk gets through OK, but orders@hattons & info@hattons.co.uk get blocked.

I have also discovered that 2fa verification emails from Google Nest were also being blocked, they go direct to PN not via my forwarding service. I had previously complained to Nest but not received a reply, then I suddenly realised that the PN issue may be affecting them too, so I changed my Nest email address to one at g6hni and I started getting the 2fa emails to my live.co.uk address and a rejected one from PN !

So that means it can't be anything to do with 123-reg as the Nest email went solely and directly to them !!!

I am now wondering how many more accounts might be affected Huh

I will see if I can PM you the header

Dave

MJN
Pro
Posts: 1,285
Thanks: 142
Fixes: 5
Registered: ‎26-08-2010

Re: Why is PN rejecting legitamat incomming emails before they get to my account ?

Thanks Dave. Nothing obvious is jumping out to me from the headers, but of course we only get to see the full headers of the successful ones and as so we shouldn't be too surprised at that.

Something that might be relevant is that Hattons are using a variety of domains 'behind the scenes' of there visible hattons.co.uk branding and so it could well be the case that their orders/info emails are being sent a slightly different route to their newsletters - very common given that different systems/providers are often involved in supporting different parts of a business.

Something else is that there's a well-defined (and strict) SPF policy published for hattons.co.uk and whilst the message you sent me was digitally signed in a way that ought to survive forwarding through 123-reg that might not be the case for their info/orders mail (which as I say could come from another system) and, certainly without any published DMARC policy published by Hattons that says what they want to happen to 'suspect' email purporting to come from then, as Townman hinted at it could be falling into the trap that forwarded mail can often do and Plusnet might arguably be doing the right thing in rejecting it as looking too suspicious.

Do 123-reg not allow SMTP/IMAP access to domains registered/hosted through them? If so that would almost certainly get you out of this problem.

P.S. Be careful assuming the Hattons and Nest issues are directly related - whilst they might have similar outcomes there might be entirely different causes.

MJN
Pro
Posts: 1,285
Thanks: 142
Fixes: 5
Registered: ‎26-08-2010

Re: Why is PN rejecting legitamat incomming emails before they get to my account ?

Here's an idea: temporarily change your email address registered with Hattons to your Plusnet address and trigger an email that would normally get bounced (Hopefully you can do this without having to place an order? Although you can use it as an excuse... ;-)) Then you'll have a full set of headers of an email that ordinarily wouldn't have made it through and that might give more specific clues as to what might be stopping it when sent via 123-reg.

Townman
Superuser
Superuser
Posts: 17,657
Thanks: 7,356
Fixes: 71
Registered: ‎22-08-2007

Re: Why is PN rejecting legitamat incomming emails before they get to my account ?

"Something else is that there's a well-defined (and strict) SPF policy published for hattons.co.uk and whilst the message you sent me was digitally signed in a way that ought to survive forwarding through 123-reg that might not be the case for their info/orders mail (which as I say could come from another system) and, certainly without any published DMARC policy published by Hattons that says what they want to happen to 'suspect' email purporting to come from then, as Townman hinted at it could be falling into the trap that forwarded mail can often do and Plusnet might arguably be doing the right thing in rejecting it as looking too suspicious."

 

SPF and forwarded emails are a nightmare, especially if the forwarding service is not using SRS.  If SRS is implemented then I believe that the emails received by Plusnet will not appear to come from the original sender but be perceived as having been sent ON BEHALF of the original sender.  In that case the intermediary should be white-listed.

I have asked for assistance on diagnostics for this generic subject.

Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.

MJN
Pro
Posts: 1,285
Thanks: 142
Fixes: 5
Registered: ‎26-08-2010

Re: Why is PN rejecting legitamat incomming emails before they get to my account ?


@Townman wrote:

SPF and forwarded emails are a nightmare, especially if the forwarding service is not using SRS.  If SRS is implemented then I believe that the emails received by Plusnet will not appear to come from the original sender but be perceived as having been sent ON BEHALF of the original sender.  In that case the intermediary should be white-listed.


That's what's happening here - at least as evidenced by the forwarded message that *did* get through - with the envelope sender being rewritten (to the recipient's domain hosted by 123-reg). Note that it is only the envelope sender though, not the message From: address and so isn't obvious on receipt.

With this in mind it might be worth Dave adding the following SPF record as per this guide which might add some additional level of trust (not that an SPF pass usually means all that much):

 

g6hni.co.uk IN TXT "v=spf1 mx a ip4:94.136.40.163 a:mailex.mailcore.me -all"

(plus Plusnet's include:madasasafish.com if wishing to send via Plusnet's outbound servers but I wouldn't recommend do that given how flakey they are with non-native domains)

 

I still think it would be useful to see the headers of an email that struggles to get through and see how it differs from one that is accepted.

daveg6hni
Grafter
Posts: 205
Thanks: 8
Registered: ‎07-01-2009

Re: Why is PN rejecting legitamat incomming emails before they get to my account ?

Hi, I can't say that I understand much of what you two are discussing, but I don't see why it is only Hattons emails that are being bounced ?

Most of my email goes through 123-reg before ending up at PN & live.co.uk, but it is only Hattons ones and then only certain Hattons emails that appear to be rejected by PN. Of course if an email goes only to PN directly I have no way of knowing if it is also being bounced, but no one has contacted me to say their email is being blocked.

Google Nest 2FA emails were also not been received until I directed them through 123-reg and then I only got it in my live.co.uk account.

I have previously added Hattons to my PN white list but it made no difference...

MJN
Pro
Posts: 1,285
Thanks: 142
Fixes: 5
Registered: ‎26-08-2010

Re: Why is PN rejecting legitamat incomming emails before they get to my account ?


@daveg6hni wrote:

Hi, I can't say that I understand much of what you two are discussing, but I don't see why it is only Hattons emails that are being bounced ?

 

Spam assessment are not black and white - an often complex evaluation has to be made to try and determine whether an email is spam or not e.g. the mere mention of 'Viagra' doesn't make a message spam, but combined with other characteristics such as malformed headers (common indicators of poorly-written spam software) and the route the message has taken might *collectively* give reach a threshold of being confident that it *is* spam. The most minor of rules can mean the difference between being above or below that threshold and all mail providers have a different set of rules and different threshold hence it is not uncommon to see different results.

 

Unfortunately, from the many reports on this board, Plusnet do evidently take a very black-and-white approach to spam filtering and, when rejected at the SMTP stage, this makes it very difficult for anyone other than them to determine what caused the false positive (and that's what it is - these messages are not spam and hence the outcome of the filtering is wrong in this instance). Hopefully as they've asked for samples they'll resolve it in this case though.

 


I have previously added Hattons to my PN white list but it made no difference...


 

I'm not familiar with Plusnet's whitelists but if they are not evaluated during the SMTP stage (i.e. they only come into play when a message is accepted and ready to be delivered into your mailbox) then it may not help. However, if they do take effect for the SMTP dialogue then I would also add your @g6hni.co.uk domain (assuming it accepts wildcards?) to your whitelist as that is what the 123-reg servers are purporting this mail is coming from.

daveg6hni
Grafter
Posts: 205
Thanks: 8
Registered: ‎07-01-2009

Re: Why is PN rejecting legitamat incomming emails before they get to my account ?

OK I was able to add g6hni.co.uk and www.g6hni.co.uk, but not @g6hni.co.uk or *@g6hni.co.uk ?

I am just looking at how to create an spf record using the link you provided, but the first thing it wants you to do is create the spf record using a 3rd party wizard, but it doesn't say what to entre in the following boxes...

"IP addresses in CIDR format that deliver or relay mail for this domain:" is ?

"Add any other server hostname that may deliver or relay mail for this domain:" ?

"Any domains that may deliver or relay mail for this domain:" ?

 

Although 123 does say use "v=spf1 mx a ip4:94.136.40.163 a:mailex.mailcore.me -all" if using 123 email, but am I if it is just forwarded ? and that doesn't include g6hni.co.uk Huh

The wizard generated "g6hni.co.uk.  IN TXT "v=spf1 mx a ?all"" with nothing entered in the above three boxes but that doesn't look at all like 123's example Huh

Dave

MJN
Pro
Posts: 1,285
Thanks: 142
Fixes: 5
Registered: ‎26-08-2010

Re: Why is PN rejecting legitamat incomming emails before they get to my account ?

If the whitelist allows entries without an @ then that's how it must accept whole domains (so will be fine).

The example SPF record will cover the sender addresses for the forwarding service too (I checked your sample email against it and there's half the Internet listed!). All you're doing is publishing who is authorised to send mail purporting to come from g6hni.co.uk, and that's what 123-reg's forwarding service is essentially doing. Do you send outgoing mail from @6yhni.co.uk via Plusnet's servers? If so they'll need adding (using the include:madasafish.com statement before the -all). (Note there's a typo in my first mention of it - I'm typing on a phone and it's too late to edit it!