I run a small postfix/dovecot mail service for my website customers. For
the past several months one of my customers has had mail to gmail
addresses delayed by approx 12 hours. The delaying/rejecting messages
returned by google are on the lines of:
(host alt1.gmail-smtp-in.l.google.com[142.250.153.27] said: 421-4.7.0
[185.35.151.121 15] Our system has detected that this message is
421-4.7.0 suspicious due to the very low reputation of the sending
domain. To 421-4.7.0 best protect our users from spam, the message has
been blocked. 421-4.7.0 Please visit 421 4.7.0
https://support.google.com/mail/answer/188131 for more information.
v7si12873259edc.295 - gsmtp (in reply to end of DATA command))
I know this isn't due to my mail server - at least, no one else has a
problem with it and it has DMARC, DKIM and SPF correctly set up. I send
several emails per week through it to gmail addresses with no problem.
I can find no reason for the delay except for:
a) The customer sometimes (not often) sends a mailshot which includes
about a dozen gmail addresses, but this rejection happens whether or not
a mailshot is in progress and can be some weeks afterwards.
b) The customer's domain is one of the hugely expensive UK.COM
pseudo-TLDs. UK.COM has been reported as being spammy; I assume due to
bad apples amongst a high number of otherwise ok subdomains.
My suspicion is that google is delaying the mail based on the reputation
of the generic UK.COM domain name. Is this likely? Is google really dumb
enough to treat all UK.COM subdomains as part of the same single domain?
If so, given they allow spammers virtually free range to send FROM gmail
this is a bit hypocritical.
--
Dave Stiles
