Email marqués comme spam et mis en queue

email

#1

Bonjour,

Nous venons de migrer nos serveurs DNS chez CloudFlare depuis 2 jours. Apres quelques soucis, notre site est fonctionnel comme au paravant en passant pas CloudFlare.
Cependant, coté email, nous avons quelques soucis depuis notre migration.
Nous avons bien migré notre type DNS ‘MX’ aussi chez CloudFlare, je peux le voir dans mon tableau de bord, onglet ‘DNS’.
Notre serveur de mail est outlook.com, c’est a dire que c’est leur serveurs de mail qui nous permet de gérer tous notre traffic mail.
Or, lorsque des utilisateurs nous contactent via notre formulaire de contact, nous recevons bien les email mais ceux ci sont marqués comme spam et ne sont pas délivrés dans la bonne boite donc. De meme, j’ai sur mes serveurs des outils qui tournent en tache de fond et m’envoient des email régulièrement. Depuis que nous somme passés chez CloudFlare, ces emails sont mis en ‘queue’ aussi par le serveur outlook.com et je ne les reçois jamais.
Ma question est donc, y’a-t-il une opération particulière à effectuer pour que ces emails ne soient plus marqués comme spam?
Je n’ai rien modifié aux dashboard DNS concernant le type MX depuis que j’ai mis notre site dans CloudFlare.
Merci aux personnes qui pourront m’aiguiller o m’aider.

Emmanuel


#2

Bonjour,

It sounds like Office 365/ Outlook.com is potentially scoring your MTAs as suspicious. There are several reasons that could be happening. Since this started happening after you changed to Cloudflare I will try to focus on those, but there could be other reasons unrelated to Cloudflare.

Your SPF record includes ~all which is a soft fail for anything not on the list for allowed senders. Your allowed senders are any A record and your Mx record. When a record is proxied through Cloudflare we advertise the address of our proxy for your server to hide the origin IP address. So if your MTA sending the contact forms and system messages says it is www.yourdomain.com during the SMTP handshake, it’s name is not going to match the IP address DNS provides for that same host.

Several DNS options:

  1. gray cloud the existing host name the MTA is advertising itself as.
  2. Change the name the MTA advertises itself as in the ehlo command to somethingNew.yourDomain.com and create a gray cloud record for that host name.
  3. add the IP address of your sending MTA to your PTR.
    Change your SPF to ?all which is less likely to get flagged as spam.

Each one of these potentially exposes your origin IP address (though I think the second one is probably the least likely if you use a hard to guess name.

Other options:
Whitelist the sender address in Office 365/Outlook.com
Use a unique subdomain for sending these types of messages and whitelist the subdomain.

This isn’t definitively the cause, there are lots of reasons that messages get flagged as spam… but I think I made a reasonable guess based on the evidence.


#3

Hi @cscharff

Thanks for your quick and prompt reply.
I’m not very comfortable with mail stuff and configurations. But base on your reply, my SPF is configured with ~all at the end and the include did not change from the original value when we were with our first DNS provider (gandi.net).
I solved the problem by adding our servers IP in the SPF definition and it seems to work correctly now. Let’s see in the next few days if all back on business before migrating to CloudFlare.
Thanks again for your help and time.

Regards