1

Description

I created a website/app which requires an PIN number to be sent to the user during 2 factor authentication. In addition forgot password needs an email to be sent to the user. There are 30 companies using this app with 296 users. From the very beginning most of the companies who use Microsoft 365 for their email server quarantine the emails and they never get delivered. This is my issue! .... Microsoft 365.

My original set up was Ubuntu with Postfix installed. spf, dkim and dmarc were all set up correctly and I had majority success in delivering the emails combined with a few "Email Admins" from some of the companies white listing the IP address. I am using OVH.com and all of their IP addresses are blacklisted somewhere. However I overcame this to some degree.

Now, in the last couple of weeks I'm getting many users complaining they are not receiving the emails again. So in a desperate move I purchased an email address from Namecheap "privateemail.com" and now my app sends email through their smtp server. Initially this seemed to solve the problem, but now I am getting more users telling me they are not receiving the emails.

As a test I sent an email to one of the users from the privateemail.com webmail app. This was delivered to a user who said they were not getting the PIN number email from the my app.

So I sent an email to myself from the webmail and also from the app and compared the headers. There were only 2 small differences, see below...

Email with PIN number originating on my VPS

Message ID  <8b7c0b34cffd6bf6a6eb2ef9cd132688@MYDOMAIN.org>
Received: from [127.0.0.1] (MYDOMAIN.org [my vps ip address OVH.com]) by mta-06.privateemail.com (Postfix) with ESMTPA for <myname@myemailaddress.co.uk>; Fri,
  6 Sep 2024 12:27:17 -0400 (EDT)

Email sent from privateemail.com webmail

Message ID  <1167100554.2206056.1725695471448@privateemail.com>
Received: from APP-03 (unknown [10.50.14.153]) by mta-15.privateemail.com (Postfix) with ESMTPA for <myname@myemailaddress.co.uk>; Sat,
  7 Sep 2024 03:51:11 -0400 (EDT)

Questions

  1. Do I need to make the email from my VPS look like it came from the webapp? How can I do that? (Maybe settings in Postfix?)
  2. Are there some subtle changes I need to make to the DNS settings? These are the new settings advised by Namecheap:
    • v=spf1 include:spf.privateemail.com ~all
    • v=DMARC1; p=none; rua=mailto:info@appemailaddress.org (p was equal to "quarantine" but yesterday changed to "none")
    • v=DKIM1;k=rsa;p=#####
    • Reverse DNS is pointing to mail.MYDOMAIN.org and obviously not to privateemail.com
    • privateemail.com ip addresses are not on any blacklists
  3. Something else entirely?
andygozindy
  • 61

0 Answers0