Warren Toomey via TUHS <tuhs(a)tuhs.org> writes:
All, e-mails from the TUHS server are not making it to
Hotmail or Outlook.
I've not changed anything. Is there anybody with some MTA/ISP experience
who might be able to help diagnose the problem?
Thanks, Warren
There is a lot that could be and without more information it will be
next to impossible to determine what the problem or problems may be.
The first question is are you getting bounces, or is the message just
getting black holed?? From the TUHS sending server, can you send an
email from the command line (for example) outside of the list management
software to a known address that could not receive email from the list
itself?? If this direct message (just to give it a name) does not make
it, then it could indicate that the receiver has blocked the TUHS server
(for a ton of possible reasons). If this direct message does make it,
but email from the list management software does not, then it is likely
that something about how the message is processed (i.e. altered) is
triggering the block.
A few others have mentioned DMARC, but DKIM may be involved. More or
less, if the original sender uses any of the signed email techniques
that exist and the TUHS server alters any part of the message it will
likely cause the message to fail the signature check. This may include
altering the Subject and the From if these bits of the header were
covered by the signature. I am by no means an expert here, but am on a
number of email lists and this problem comes up from time to time and
there has been debate on how or if the list management software should
mess with the message.
Of course, I would also check to make sure that the message actually
made it off of the TUHS server itself. That is, the message isn't
sitting in the local queue having failed to contact the destination
email server??
Other stranger stuff.. from my logs of incoming TUHS email it looks
like you can send via IPv4 and IPv6... is it only one of those sending
addresses that fail?? (This may be hard to determine, I realize, but it
may be the case that the receiver can't receive one of the addresses
families correctly, probably IPv6 if there is a problem). It doesn't
look like you are using TLS as a email client sending back out. Is it
possible for you to do that?? It might help. I know that some of the
stuff I use to keep SPAM out gives a greater credibility to clients that
come in via TLS and have a valid certificate where the cert chain
validates completely. (I won't debate whether or not this is a good
idea or even useful given how simple it is to get Let's Encrypt certs
for free, just mostly mentioning that it happens).
I am not at all an expert on this topic, but have had my own email
domain since 1993 and have seen a whole lot of really strange stuff.
--
Brad Spencer - brad(a)anduin.eldar.org - KC8VKS -
http://anduin.eldar.org