For those of us actively running and maintaining email servers, we understand all too well that clients sending emails to Hotmail, Outlook, Yahoo!, Verizon.net and other email service providers can sometimes end with the dreaded 550 error message bounceback. What seems to be a very trivial matter can quickly devolve into a limitless black hole of time spent trying to determine why certain email accounts cannot be delivered to from your mail server. As with most things in life, it is often a combination of the following factors:
- Open Relay. This is far and away the most egregious of mail server sins. If not properly configured, a mail server can be allowed to permit spammers to route email through the server. There are many ways to check for an open relay on a mail server, including free online utilities such as mxtoolbox.com.
- Lack of Reputation for Mail Server. Several things can affect the reputation of an email server, including IP reputation, spam complaint rate, email bounce-back rate and blacklist status. In short, having a good reputation for a mail server requires a good associated IP address reputation, a low spam complaint rate, a low email bounce-back rate and not being listed on any spam blacklists. There are more factors involved with the determination of mail server reputation, but these are some of the more common ones discussed.
- No Reverse DNS Record (PTR). Also known as “pointer records”, PTRs are typically used for reverse DNS. In other words, a PTR is used to map an IP address to a hostname. Many email servers look for a PTR when an email is attempted to be delivered. If a PTR is not present from the sending email server, oftentimes the email will not be allowed to be delivered. This creates a bounce-back email, which can negatively affect the sending email server’s reputation.
- No SPF Record. An SPF record identifies which mail servers are allowed to send email on behalf of your domain. Similarly to the presence of a PTR, the lack of an SPF record can negatively affect the sending email server’s reputation due to the creation of a bounce-back email.
- Blacklisted IP Address. Blacklists are a means of compiling IP addresses for mail servers that have been reported to be sending spam. There are many such lists, including Spamhaus, Spamcop and Barracuda Reputation Block List just to name a few. Mail servers check the origin of email messages against blacklists and will typically reject email coming from listed offenders. Multiple free, online tools can be used for investigating your mail server blacklist status (such as mxtoolbox.com) for checking your mail server’s spam blacklist status.
- SMTP TLS. SMTP TLS (Transport Layer Security) is a method used where two email servers that are transmitting a message between them automatically negotiate an encrypted channel so that the emails transmitted are secure. Most mail servers have the ability to ONLY accept emails from mail servers that support TLS SMTP.
- Configure DKIM for Local Domains. DKIM provides a means for verifying the integrity of a message. A mail server enabled with DKIM adds a signature to email messages sent from it that can be used to verify the contents of said email by the receiving mail server. Again, some mail servers are configured to only accept email messages from mail servers enabled with DKIM.
There are many factors that can prevent an email message from being delivered. Fortunately, most mail servers send bounce-back emails when an email message is not delivered that include error messages and failure codes. These codes are a good place to start when your email messages are not getting to their desired destination. If the error codes are not providing much insight into the overlying issue, try contacting the email provider you are trying to send email to (e.g. Google for Gmail, Microsoft for Outlook.com and Hotmail, Yahoo!, etc.). While the larger email providers are not forthcoming with what exact blacklists they use or other metrics used to determine if an email is delivered, they often have means of remediation where you can get your email server removed from their “do not accept” lists.
With a few internet search engine queries, a chat or email with the email provider you are trying to send emails to, and a little luck, your email messages will be on their way!
References:
https://www.mailenable.com/kb/content/article.asp?ID=ME020003
http://forum.mailenable.com/viewtopic.php?t=17208
Server rep: https://fulcrumtech.net/resources/improve-email-delivery-rate/
PTR: http://help.dnsmadeeasy.com/managed-dns/dns-record-types/ptr-record/
SPF: https://support.google.com/a/answer/33786?hl=en
https://sendgrid.com/blog/blacklisted-check-7-popular-blacklists-keep-reputation-intact/
SMTP TLS: https://luxsci.com/blog/how-to-tell-who-supports-tls-for-email-transmission.html
DKIM: http://www.mailenable.com/documentation/8.0/Enterprise/Domain_-_DKIM_(DomainKeys).html
