Community weekly digest ends up in SPAM

timint01

Heads up @donho . This forum’s weekly community digest email ends up in spam.

SPF SOFTFAIL for 104.131.212.184 and missing DKIM and DMARC.

Here’s a tool to help you out
https://www.mail-tester.com/

PeterJones

I just had to go through the SPAM on my personal domain as well.

# dig +short notepad-plus-plus.org TXT
"v=spf1 include:spf.mx.hostinger.com include:relay.mailchannels.net ~all"
# dig -x 104.131.212.184
...
;; QUESTION SECTION:
;184.212.131.104.in-addr.arpa.  IN      PTR
;; AUTHORITY SECTION:
212.131.104.in-addr.arpa. 1773  IN      SOA     ns1.digitalocean.com. hostmaster.212.131.104.in-addr.arpa. 1639587967 10800 3600 604800 1800
...

So it appears your DNS’s TXT entry is set to include hostinger.com and mailchannels.net, but not digitalocean.com.
It might help to change your TXT record in notepad-plus-plus.org to

v=spf1 include:spf.mx.hostinger.com include:relay.mailchannels.net include:digitalocean.com ip4:104.131.212.184 ~all

For adding the missing DKIM, my ISP had already defined a DKIM entry for me, so I don’t know how to generate it. It should be under the TXT entry for the default._domainkey.notepad-plus-plus.org entry in your DNS; find out more through https://www.google.com/search?q=how+to+add+dkim+record

For the DMARC, add a TXT entry to _dmarc.notepad-plus-plus.org, with a value v=DMARC1; p=none; … if you want the DMARC system to maybe email you when there are problems, change it to v=DMARC1; p=none; rua=mailto:don.ho@..... (but give it your real email address)

—

Whoever downvoted @timint01’s message: it was a valid and reasonable report: the SPF/DKIM/DMARC settings are a real problem for outgoing emails. If Don is going to continue to allow the Forum to email users, it should have the SPF/DKIM/DMARC set correctly so that the emails will make it through. Before I fixed those settings on my domain, emails would randomly never even make it to the SPAM filter of the recipient’s email – their server would block it before it got that far. And the mail-tester web address is a valid site which is helpful for debugging such issues: they give you a dummy address to send to, then you mail that address from your server, and they issue your emails a “score”, and break down why your email got that score (including links to authoritative definitions for what those various DNS settings should be); I used it a lot when trying to get my SPF/DKIM/DMARC set up correctly.

Ekopalypse

@timint01, sorry, I downvoted it - I mistakenly assumed it was another annoying advertising fake post.

Lycan Thrope

@ekopalypse ,
To err is human, to really mess up, involve a computer. :-)

Lee

PeterJones

@ekopalypse said in Community weekly digest ends up in SPAM:

I mistakenly assumed it was another annoying advertising fake post.

Not a problem. I probably would have done the same if my last couple weeks hadn’t been intimately involved with those same settings and website – because until the holiday week, I had never heard of any of those terms. ;-)

Nicholas

I would be careful about who you allow to send as your primary domain. Any security issues and they could start impersonating admin accounts. You should be using -all at the end of your spf record.

I would be sending the emails as no-reply@community.notepad-plus-plus.org and adding the TXT record to the community sub domain so it is just this host and no one else.

I’m not sure if you need to also set the MX record if you don’t intend to receive email for the sub domain. It might affect some spam filters.