On 2016-05-17 12:03, Markus Meier wrote:
Hello everybody
We moved our equipment to a new location and a new IP range. In the first few days a lot of outgoing email where blocked from various reputation filters. In the meantime we could fix most of the issues. Phuh... ;-)
Since today morning, the bluewin MX blocks our messages again. I already requested for a statistic reset at "Cloudmark".
What's wrong with our "reputation"?
That you do not send enough mail.
Cloudmark apparently works under the premise that when an IP rarely sends mails and then suddenly sends more mail than the average it was doing it thus must suddenly be spamming.
Hence, actual mass-volume spammers are great in their eyes, everybody else they just block.
Little you can do about, except slowly ramp up sending mail through their filters so that it looks like your normal volume is high...
Indeed, they do not actually care about content.
Note that there are 'feedback' mechanisms in their system and apparently some domains are able to feedback into their scoring, and if you then get negative feedback as some person just hits 'it is spam' even though it was really not a spam message, you end up in the bad score too; again, that is not a problem if you send massive amounts of mail, it is a problem (one person hitting the spam button) when you actually send few mails out...
Otherwise said: your IP is too new, does not have reputation yet, thus you need to spam more and have nobody hit the 'spam' button in the meantime; over time reputation builds up and then you can send 1M actual spams, as long as you send 100M non-spam ones...
Oh, and of course there is a 'paid' option to get your reputation corrected.... go figure what a nice business model that is.
Hostname saturn.uptm.ch (mail.uptm.ch) IPv4 185.104.16.21 IPv6 2a00:f740:100::15:1 PTR should be correct SPF set for all customers domains
Is SPF set correctly? :)
Also, do try to get DKIM deployed. reverse->forward->reverse + SPF+DKIM together are more or less required to send email to Google... especially for IPv6 where they have apparently different and even more strict rules than IPv4 (and nope, nobody, even employees apparently are able to tell what those rules are or resolve issues when hosts of theirs are marked as 'spam' according to big "do no evil" Google, see also something with monopoly investigation by the EU...)
Thank you for any hint.
It would also be nice, if someone from bluewin could contact me offlist and provide some more information, what made our IP evil again.
Like many other ISPs that simply use cloudmark (which thus reads every email at those ISPs, wow, the insight that must give into the personal lives of people not even living in your own country: privacy is completely destroyed), they won't be able to tell, as the ISP is just a customer of Cloudmark and has no insight into what Cloudmark does consider or does not consider 'spam'.
Greets, Jeroen