On Sat, Mar 12, 2022 at 09:03:37AM +0100, Matthias Apitz wrote: > > > > I've been seeing a lot of that lately. Google seem to have tightened > > > their email security practice recently. > > > > > > It appears that 1blu is doing something that GMail doesn't like. They > > > probably have a number of users who have the same problem. I would > > > ask them to check their MTA configuration against the section "Make > > > sure your messages are authenticated" in the referenced page > > > (https://support.google.com/mail/answer/81126#authentication). > > > > > > > 550-5.7.26 This message does not have authentication information or > > > > fails to > > > > 550-5.7.26 pass authentication checks. To best protect our users > > > > from spam, the > > > > 550-5.7.26 message has been blocked. Please visit > > > > Authenticated in this context means, you don't have SPF / DKIM / DMARC set > > up. > > > > You can use this service: https://www.mail-tester.com to test your > > setup. It provices you an email address. Send an email to it > > and then your mail and server setup will be evaluated. > > Thank you, Stefan. > > I did such a test and the result can be seen here: > https://www.mail-tester.com/test-ahwup3i9z
Let's go through that: - An SPF-entry has to be created in the unixarea.de domain, I would assume you can do that via the interface of 1blu.de - DKIM-headers can be inserted locally. If you do that with a selector under the unixarea.de domain, you have to add the corresponding key in the zone. I would assume you can do that via the interface of 1blu.de Alternatively dkim can be implemented at the 1blu.de MTA, which in turn is solely at their discretion. - Same for a DMARC-entry. This would make most sense when you enable DNSSEC for the unixarea.de domain. Check here: https://dnsviz.net/d/unixarea.de/dnssec/ I would assume you can do that via the interface of 1blu.de. Bye, Joerg
signature.asc
Description: PGP signature
