[Mailman-Users] Messages considered as spam by Hotmail
Cedric Knight
cedric at gn.apc.org
Sat Apr 9 14:11:06 EDT 2016
On 09/04/16 17:25, Hedy Dargère wrote:
> All messages sent on my mailman server are considered as spam by Hotmail.
> My reverse DNS is correctly configurer, IPv4 and IPv6
> I have a SPF record and on mail-tester.com I have a 8/10 graduation with
> mail sent from my server (as root, not with mailman list) :
> http://www.mail-tester.com/web-qqEoc0
So you suspect Hotmail thinks there's something spammy about Mailman?
Maybe you can test yourself including things like the Mailman footer and
any URIs that might be dirtylisted to work out what factor is affecting
Hotmail's "spam confidence level".
>
> Here a source message, considered as spam :
[snips]
> Received: from listes.np11.org ([46.226.109.222]) by
> COL004-MC6F7.hotmail.com with Microsoft SMTPSVC(7.5.7601.23143);
> Sat, 9 Apr 2016 05:56:26 -0700
Connecting IP 46.226.109.222 seems clean.
> X-Originating-IP: 78.213.138.119
> Received: from [192.168.0.3] (cza11-1-78-213-138-119.fbx.proxad.net
> [78.213.138.119]) (Authenticated sender: hedy.dargere at spheerys.fr)
> by relay2-d.mail.gandi.net (Postfix) with ESMTPSA id A2870C5A4F
> for <test at listes.np11.org>; Sat, 9 Apr 2016 14:56:22 +0200 (CEST)
SURBL/PhishTank says proxad.net is a domain abused for phishing, but
that shouldn't be a significant problem.
> To: <test at listes.np11.org>
> From: =?UTF-8?Q?Hedy_Darg=c3=a8re?= <hedy.dargere at spheerys.fr>
> Date: Sat, 9 Apr 2016 14:56:32 +0200
> User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101
> Thunderbird/38.7.1
> Subject: [Test] test 14h56
> X-BeenThere: test at listes.np11.org
> X-Mailman-Version: 2.1.18
> List-Unsubscribe: <http://listes.np11.org/options/test>,
> <mailto:test-request at listes.np11.org?subject=unsubscribe>
> CMM-Authentication-Results: hotmail.com; spf=pass (sender IP is
> 46.226.109.222) smtp.mailfrom=test-bounces at listes.np11.org; dkim=none
> header.d=spheerys.fr; x-hmca=pass header.id=test-bounces at listes.np11.org
> CMM-X-AUTH-Result: PASS
Confirms problem is not SPF or DKIM.
> X-MS-Exchange-Organization-PCL: 2
> X-Forefront-Antispam-Report:
> EFV:NLI;SFV:SPM;SFS:(28900001);DIR:INB;SFP:;SCL:5;SRVR:DB5PR06MB1557;H:COL004-MC6F7.hotmail.com;FPR:;SPF:None;MLV:ovr;LANG:fr;
OK, so Forefront thinks the message is "SPM" with a Confidence Level of
5 (suspect spam).
https://technet.microsoft.com/en-us/library/dn205071%28v=exchg.150%29.aspx
https://technet.microsoft.com/en-us/library/jj200686%28v=exchg.150%29.aspx
> X-Microsoft-Antispam: BCL:0;PCL:0;RULEID:(8291501002);SRVR:DB5PR06MB1557;
> X-Exchange-Antispam-Report-CFA-Test:
> BCL:0;PCL:0;RULEID:(102415293)(102615271)(82015046);SRVR:DB5PR06MB1557;BCL:0;PCL:0;RULEID:;SRVR:DB5PR06MB1557;
...
> X-MS-Exchange-Organization-SCL: 5
> SpamDiagnosticOutput: 1:22
Not regarded as bulk or phishing, so seems like a false positive from MS
Forefront/Cloudmark. How to report this? Well, maybe your recipients
marking as not spam and moving the message to the inbox will help a
little. Or any recipients using a paid MS service like Office 365 may
be able to raise a support ticket. Or there's a submission form for
Cloudmark at https://www.cloudmark.com/en/support/cloudmark-authority.
If none of that works, try to find someone at Hotmail or microsoft.com
who might help.
I don't think it's particularly Mailman related.
CK
More information about the Mailman-Users
mailing list