Zimbra with multiple domains - SPAM

Question

I have a zimbra installed and working fine. The main domain is mbox.dominiocorp.com.br (fictitious).. I have SPF, DKIM, _dmarc, reverse configured and tested. The emails of the domain mbox.dominiocorp.com.br enter the inbox. I added two more domains on top of this zimbra (dominiocorp3.com.br and dominiocorp4.com.br). Both have been configured their SPF, DKIM, _dmarc and the reverse of these domains is the IP of the domain mbox.dominiocorp.com.br. All emails from new domains, are going to the box SPAM of gmail, yahoo, hotmail. I see in the original message that SPF and DKIM are correct, without errors.

dig -t txt mbox.domaincorp.com.br

mbox.domaincorp.com.br. 300 IN TXT "v=spf1 mx ip4:177.222.222.222 -all"

dig -t txt domaincorp3.com.br

domaincorp3.com.br. 84600 IN TXT "v=spf1 a mx ip4:177.222.222.222/29 ~all"

dig -t mx domaincorp3.com.br

domaincorp3.com.br. 84600 IN MX 5 mbox.domaincorp.com.br.

dig -t mx mbox.domaincorp.com.br

mbox.domaincorp.com.br. 84600 IN MX 5 mbox.domaincorp.com.br.

host mbox.domaincorp.com.br

mbox.domaincorp.com.br has address 177.222.222.222 mbox.domaincorp.com.br mail is handled by 1 mbox.domaincorp.com.br.

host domaincorp3.com.br

domaincorp3.com.br has address 177.222.222.222 domaincorp3.com.br mail is handled by 10 mail.domaincorp3.com.br.

host 177.222.222.222

222.222.222.177.in-addr.arpa domain name pointer mbox.domaincorp.com.br

Could anyone tell me what might be happening? Is it any configuration due to IP being shared? Or any add-on settings that I need to perform on zimbra?

I've read that the zimbra antispam itself might be punctuating this domain as bad. Does it proceed? By sending an email to check-auth@verifier.port25.com I received the result below.

Here's a link with the original header and the answer from check-auth@verifier.port25.com

https://docs.google.com/document/d/1Mncx-dpufm1-7plfxAV9sqRyzDCS2OSTBn-W3NWeGyg/edit?usp=sharing

Do you see any errors in the mail log from any large email providers, and is your server IP or domain blacklisted by any RBLs (try mxtoolbox.com). — Simon Greenwood, Dec 08 '17 at 20:42
Thanks for the feedback. I've already looked at the RBLs, the only one I'm listed on is http://www.spamrats.com. I can not find any errors in the zimbra server logs. Gmail has a very good filter. And for new domains, if you have donfigured dkim, spf, reverse it does not mark as spam. there must be something wrong in my settings. — Christovam, Dec 09 '17 at 17:20
Logs send gmail. https://docs.google.com/document/d/1eYKFNhnDhSkLAXAlT2u2oi_TCM9TWNvBOhgnSqQCDzo/edit?usp=sharing — Christovam, Dec 09 '17 at 17:21
We're tending to find that any RBL listing should be dealt with to ensure mail delivery, and new domains actually have a low reputation until they can be proved. There are situations where Zimbra will silently drop mails: one I found was if two mails are sent with the same ID, but that was an artifact of a system I was receiving mail from. In the setup stage it's better to see spam to deal with any issues so I would advise configuring Zimbra to send spam to a mailbox or folder for training if you think that's the issue. — Simon Greenwood, Dec 10 '17 at 08:12
Hi! I have already requested removal of the spamrats list. I suspect of a low reputation, but if I set up domaincorp3.com domain on a new server (only that domain on the server) the email goes to the inbox. But on a server that has multiple domains going to spam. I think one of the reasons is helo. The helo of domaincorp3.com is the helo of domaincorp.com. I understand that this should not influence, so it is a hypothesis. I did not quite understand Simon, you commented on the zimbra sending the emails to a spam box or trainings. The emails I send from zimbra to other domains go to spam. — Christovam, Dec 11 '17 at 11:34
It could also be that but that would show up on a test. It's not the HELO that's the issue but that the HELO response doesn't match the IP address which can be an issue. — Simon Greenwood, Dec 11 '17 at 11:39
I believe the settings are correct. the main domain of zimbra is mbox.domaincorp.com.br, the HELO of it is mbox.domaincorp.com.br and the reverse is the zimbra IP of 177.222.222.222. Now when I send email from domaincorp3.com.br, HELO is mbox.domaincorp.com.br. — Christovam, Dec 11 '17 at 12:11
All I can suggest is looking at the headers of the mails being sent from Zimbra as they are received as spam as they may give you a clue but it does sound like something common to the major providers.. There are lots of things it could be and you seem to have solved the majority of them but it's becoming increasing difficult to run a mail server in the way that you are. — Simon Greenwood, Dec 11 '17 at 12:44
I have analyzed the email header several times but can not find anything. Usually when I have problems it indicates something. I also realize that the largest email providers are making it very difficult for shared email environments. I did not want to have to use Amazon SES, but I believe it will be an alternative. It is annoying that every email sending has to call and ask the recipient to look in the SPAM box. Follow my email header, someone else expert that I can have a better look. https://goo.gl/5FVuQp — Christovam, Dec 11 '17 at 13:24
This is entirely the issue, there are now levels that are opaque unless you spend money and/or time ensuring deliverability with the large mail providers and the alternative is usually to work with businesses that can. If that's OK with you, I will convert this into an answer because I think that's the situation you are in. It's possible that the netblock your server is in is blocked, and that may not be apparent from any analysis. — Simon Greenwood, Dec 11 '17 at 15:40
I would not want to invest in an email gateway. But it's very annoying that my emails are classified as SPAM. Every day I look at the reputation of my addresses and use paid anti-spam to protect my accounts. I do not think it's fair to have to pay for a service. Large providers should have better mechanisms and a whitelist based on domain and IP verification. Thank you for your time and help Simon. — Christovam, Dec 11 '17 at 18:34
Good news. Some messages are falling in the inbox of gmail. I think a matter of proving the domain is occurring naturally. I will follow. — Christovam, Dec 11 '17 at 19:40

score 0 · Answer 1 · answered Dec 11 '17 at 20:01

It is becoming increasingly difficult to establish and maintain reputation for standalone mail servers when dealing with the large mail providers. Among the things you have to consider are whether your server, or IP address or indeed netblock are on RBLs, which can be a legacy issue from previous users of the address. Also ensure that your configuration matches your IP address, particularly that your HELO address resolves to the sending IP address. Zimbra itself can be hard to debug for inbound mail so turn on logging in the setup stage.