spam - email that my application sends is getting spammed: what's wrong with my headers? -

-

i'm sending out emails via php application. however, they're getting marked spam gmail. here's how i'm sending email (php):

$headers = "from: test@bookmytakeout.com\r\nreply-to: test@bookmytakeout.com"; $mail_sent = mail( 'munged@gmail.com', 'test mail', $message, $headers, '-ftest@bookmytakeout.com' );

gmail spams message. went , clicked handy "show original message" option. here's get:

delivered-to: munged@gmail.com received: 10.68.71.200 smtp id x8cs325812pbu;         thu, 21 jul 2011 01:34:52 -0700 (pdt) received: 10.236.114.234 smtp id c70mr12483739yhh.163.1311237292052;         thu, 21 jul 2011 01:34:52 -0700 (pdt) return-path: <test@bookmytakeout.com> received: vps.bookmytakeout.com ([8.22.200.47])         mx.google.com esmtps id u61si3662037yhm.119.2011.07.21.01.34.50         (version=tlsv1/sslv3 cipher=other);         thu, 21 jul 2011 01:34:51 -0700 (pdt) received-spf: neutral (google.com: 8.22.200.47 neither permitted nor denied best guess record domain of test@bookmytakeout.com) client-ip=8.22.200.47; domainkey-status: bad format authentication-results: mx.google.com; spf=neutral (google.com: 8.22.200.47 neither permitted nor denied best guess record domain of test@bookmytakeout.com) smtp.mail=test@bookmytakeout.com; domainkeys=neutral (bad format) header.from=test@bookmytakeout.com domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=bookmytakeout.com;     h=received:to:subject:from:reply-to:message-id:date;     b=wywq+/9+woavq+ousm5kldaueciionibyxavv29hya0xbswm2f+89tcj8pw24g7k1vtgcvr8n64iswgpquoeitz6ehbszd0+75px0wlgsvyezgrw3payepkrfmkdoage; received: munged vps.bookmytakeout.com local (exim 4.69)     (envelope-from <test@bookmytakeout.com>)     id 1qjolw-0001vn-us     munged@gmail.com; thu, 21 jul 2011 14:07:31 +0530 to: munged@gmail.com subject: test mail from: test@bookmytakeout.com reply-to: test@bookmytakeout.com message-id: <e1qjolw-0001vn-us@vps.bookmytakeout.com> date: thu, 21 jul 2011 14:07:30 +0530 x-antiabuse: header added track abuse, please include abuse report x-antiabuse: primary hostname - vps.bookmytakeout.com x-antiabuse: original domain - gmail.com x-antiabuse: originator/caller uid/gid - [1005 1000] / [47 12] x-antiabuse: sender address domain - bookmytakeout.com  test

now, have no idea how diagnose setting off gmail's spam filters. can please point out part of email setting off spam filter?

if possible, please post solution well. i'm more interested in learning what's wrong headers in how fix now.

ps: have few suspicions of own:

  1. the received header says "vps.bookmytakeout.com" header says "bookmytakeout.com" - tried sending test@vps.bookmytakeout.com - same problem, still spammed.
  2. the headers "received-spf", "domainkey-status" , "authentication-results" seem indicate problem. distinctly remember not setting mx records domain name. issue?

i guess didn't publish spf / dkim authentication record

received-spf: neutral (google.com: 8.22.200.47 neither permitted nor denied best guess record domain of test@bookmytakeout.com) client-ip=8.22.200.47; domainkey-status: bad format

most of time, gmail (as other major isps) place non-authenticated messages in junk folder.

an spf record or dkim guarantees allowed use domain sender. example, if don't own "paypal.com", can't send email "contact@paypal.com". if you've published right spf / dkim, isp consider trusted sender.

spf & dkim first designed fight against phishing.

diy solution: publish records following these instructions: http://dkim.org/specs/rfc5585.html http://www.openspf.org/faq

easy solution: use service you. esp sign emails dkim / spf default. problem "sent via esp_name" mention (in gmail).

so best thing choose esp provide personalized dkim & spf. way, 100% transparent.

i work mailjet , offer service free. of our competitors offer option.

here's useful post "via-mention" when esp signs "by default" , how rid of it. http://blog.mailjet.com/post/16922561593/personalized-spf-dkim


Comments

Post a Comment

Popular posts from this blog

linux - Using a Cron Job to check if my mod_wsgi / apache server is running and restart -

-
my group , running server based upon django , uses mod_wsgi run apache server. not working on project after over, attempting set cronjob similar functionality check if apache server has shut down(system restart or power failure), , if has, restart server me. i've found documentation on how check if apache server down , restart server if is, our server uses https , our start command pretty verbose. can use functionality provided in these examples: https://askubuntu.com/questions/277389/cron-job-to-restart-apache https://www.digitalocean.com/community/tutorials/how-to-use-a-simple-bash-script-to-restart-server-programs or need more complicated process make happen? the command use start server is python manage.py runmodwsgi --host 0.0.0.0 --port 8001 --https-port 8000 --ssl-certificate (certificate location) --server-name (domain name) i'm pretty new linux , using both mod-wsgi apache appreciated. you better off using --setup-only option mod_wsgi-expres...
Read more

actionscript 3 - TweenLite does not work with object -

-
i got following problem: i have object called tempscore game. this object blitted canvas renderer via copypixels method. object not display object. it's score-object (self made). score-object extends object called basicblitarrayobject. basicblitarrayobject extends eventdispatcher (therefore no display object). i tried apply several different tweenlite-plugins tempscore-object (i.e. transformaroundcenter, colormatrixfilter, etc.). nothing happens. absolutely nothing. sometimes error messages (when plugin requires display object , object not display object). far good. according greensock (maker of tweenlite) engine can tween numeric property of object. when plugin transformaroundcenter requires display object tweening have modify plugin working non-display object (tempscore). can't because it's way hard me. my game rests upon code: http://www.8bitrocket.com/book/ch11_blastermines.zip try apply tweenlite object called tempmine inside game class blastermines. ...
Read more

jQuery Ajax Render Fragments OR Whole Page -

-
i'm in throes of building application wraps mess of legacy code. page working on, need substitute fragment divs constructed on back-end -- or else need replace entire page altogether. idea there dynamically controlled flow needs satisfied before can forward legacy product. substituting fragments works fine, seen in below my_body_content swap. trouble comes when i'm trying render not fragment, whole page, in "body" swap. @ point page goes blank. i want similar errors returned server. want nice rest 404 error messages displayed on screen, legacy-product 404s show in legacy-product 404 page. yes, requirements project weird. that's not problem can fix. here's jquery invocation, names changed protect guilty: $.ajax({ url: "places/things", type: "post", data: json.stringify(somebadassobject), datatype: "text", accepts: "text/html", contenttype: "application/json; charset=...
Read more