Friday, August 31, 2007

Getting Velodoc notifications out of junk email folders

Some Velodoc users have complained that they did not receive our email notifications.

We have looked into our application logs and these notifications have definitely been sent. Looking more closely at our SMTP server logs, we have found some entries similar to the following:

2007-08-28 09:07:16 65.55.245.8 OutboundConnectionResponse SMTPSVC1 SV1 - 25 - - 550+Your+e-mail+was+rejected+for+policy+reasons+on+this+gateway.++Reasons+for+rejection+may+be+related+to+content+with+spam-like+characteristics+or+IP/domain+reputation+problems.++If+you+are+not+an+e-mail/network+admin+please+contact+your+E-mail/Internet+Service+Provider+for+help.++For+e-mail+delivery+information,+please+go+to+http://postmaster.live.com 0 0 355 0 578 SMTP - - - -

I have confirmed myself that notifications sent to Live Hotmail addresses were not received, even in the junk e-mail folder.

Although I was pretty sure about the result, I have checked that Velodoc.net was not recorded in any spam database, using http://www.dnsstuff.com/tools/ip4r.ch?ip=velodoc.net.

Going to http://postmaster.live.com as suggested, I have read about SPF and Sender ID. I already knew about it, but our DNS Servers have been hosted by Network Solutions and they do not support SPF records. They know their stuff, don't they? I have even contacted their support team and I have been told that they get little demand for it.

Enquiring further, we have realized that more and more e-mail servers implement SPF/Sender ID. Some are now considering DKIM/DomainKeys to sign emails. So we have taken the decision to move our DNS to DNS Made Easy and to add SPF records to our domains. Note that we could have used UltraDNS or EasyDNS, which offer similar services.

We have used http://www.dnsreport.com to identify other DNS issues. We were only missing a PTR record pointing to mail.velodoc.net. Because each of our web servers has its own SMTP server, we have changed the MX record to www.velodoc.net which already has a PTR record and changed the HELO greeting of the SMTP servers to display the correct fully qualified domain name. Live Hotmail users now receive our email notifications.

In the near future we will be looking at DomainKeys, but contrary to Sender ID, DomainKeys have an impact on the infrastructure because they require that we change our SMTP Servers. If you have some experience with DKIM/DomainKeys and can recommend SMTP servers that implement email authentication, please leave a comment.

No comments: