0

I have the following situation.

My main domain is pointed to a Hostgator account. Because of bad performance of the site, the client decided to give DigitalOcean a go, but leaving the e-mails on Hostgator.

So, at the moment the components are like this:

  • Domain DNS pointed to Hostgator
  • E-mail and some other services on Hostgator
  • A and AAAA are both pointed to my DO droplet's IPv4 and IPv6 addresses respectively
  • Site is running on an Ubuntu 18.04 droplet with Nginx 1.14.0, PHP 7.4.5 and MySQL 5.7.29, everything up-to-date
  • For mail delivery I use postfix which works fine.

Everything is okay, except that recently my client configured some forms on his Wordpress to send to an alternate domain he uses with a Mexican provider (Triara). He told me he wasn't receiving the mails on those accounts. So I checked the mail.log file and found this:

Apr 24 12:06:31 mail postfix/smtp[27242]: E77874175E: to=<servicio@altdomain.com>,
                relay=maila.exchangeadministrado.com[200.57.129.67]:25, delay=2142, 
                delays=2142/0.01/0.47/0, dsn=4.0.0, status=deferred
                (host maila.exchangeadministrado.com[200.57.129.67] refused to talk to me:
                554-mailb.triara.com 554 Your access to this mail system has been rejected
                due to the sending MTA's poor reputation. If you believe that this failure
                is in error, please contact the intended recipient via alternate means.)

Mail modified for privacy purposes.

So, after digging around a little I deduced this is most probably caused by either SPF or DKIM records. I checked Hostgator and on the SPF records for the domain. It had include:websitewelcome.com which is Hostgator's default e-mail SPF record. I modified it and added this include:thedomain.com include:<<IPADDRESS>> so the end result is: 

v=spf1 a mx include:websitewelcome.com include:thedomain.com include:<<IPADDRESS>> ~all

I am not sure that would fix it, but I also checked that DKIM could be an issue. I know that for DKIM you normally generate a code in the system that sends mail and add that as a TXT record to your DNS, but I am not sure how to do that myself and not sure if it would help or not.

Any ideas on how I could solve this so that the mail does not get rejected?

I also told the client that he should check if his mail has a whitelist option or something similar, but know Triara's service quality I highly doubt that.

Any ideas?

Mihail Minkov
  • 107
  • 7

1 Answers1

0

To quickly verify your SPF/DKIM records send a test mail to: check-auth@verifier.port25.com Alternatively you could use the tools on their new website.

Reputation

By the way: Your log file does not mention a problem with SPF/DKIM but with Reputation. If that is the problem you might try to use this outbound SMTP provider instead.

Gone
  • 1