Only 1 email account receives this message # Be careful with this message This may be a spoofed message


#1

Something isn’t set properly cos for only 1 email account, receives this message below.

Be careful with this message

This may be a spoofed message. The message claims to have been sent from your account, but DentonMedia Mail couldn’t verify the actual source. Avoid clicking links or replying with sensitive information, unless you are sure you actually sent this message. (No need to reset your password, the real sender does not actually have access to your account!)

Any ideas?


#2

2 Factor Authentication on your Email, Registrar, Cloudflare and Web-hosting accounts is your best defense to minimize phishing if that’s what’s happening.


#3

@Withheld, Thanks for your response

No clue lol only 1 email account shows the message.

I’ll look into 2 factor but my concern is pushing toward incorrect DNS settings


#5

Now that I have my first coffee of the day… lol lets go back to your original post.

In your original post, is that message when you send mail out to anyone or to yourself? if that’s the message you are getting from yourself, it’s your SPF and DMARC records have a look here
https://mxtoolbox.com/domain/dentonmedia.co.za/

And then run these tests after fixing your records

https://dkimvalidator.com/

and


#6

Thanks, I’ll research how to resolve this.

10/10!

Thank you!!


#7

Your welcome. My apologizes for not catching that earlier. blame the lack of :coffee: :slight_smile: Also, before you go do a little more research on DMARC. It can greatly reduce spam from your domain,


#8

Yes Thank you!

Testing now and keep getting
I haven’t received an email recently to ui3wbiaz1il5qx

After some testing, it works and the errors that appear are not in my control to fix.

Thank you again!!


#9

Thank you again!

I’m busy researching these issues below.

My score is 7 / 10 and unfortunately haven’t been able to setup dkim properly.

dmarc example.com DMARC Quarantine/Reject policy not enabled
mx example.com DMARC Quarantine/Reject policy not enabled
dns example.com SOA Serial Number Format is Invalid
dns example.com SOA Expire Value out of recommended range
smtp aspmx.l.google.com Reverse DNS does not match SMTP Banner ()
smtp alt4.aspmx.l.google.com Reverse DNS does not match SMTP Banner
smtp alt2.aspmx.l.google.com Reverse DNS does not match SMTP Banner
smtp alt1.aspmx.l.google.com Reverse DNS Resolution FAILED! This is a problem alt3.aspmx.l.google.com Reverse DNS does not match SMTP Banner

Any ideas on how to get 10 / 10?


#10

You’ll want to fix the following DMARK record

v=DMARC1; p=none

this tool will help https://dmarcian.com/dmarc-record-wizard/

as for DKIM, not familiar with Google mail, but found this. https://support.google.com/a/answer/180504?hl=en and this https://support.google.com/a/answer/174124?hl=en


#11

Thank you!
Yes I have that DMARK record.
I will research more. My power only came on a few hours ago and is scheduled to go off again later.

Thank yoU!

I’ve set it up like this, hopefully it adds a plus to my score lol

v=DMARC1; p=none; rua=mailto:[email protected]; ruf=mailto:[email protected]; fo=1;


#12

so far Your message is not signed with DKIM is the only issue i face.

this is what i have in there.

v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVdTxI4NHrmu/rGX9WJnum08xpQEIacRqCRstodAarw4ZnF/F0uU4caUjprbvlyQmd49O+eUjY35PubBYtaOP/Jkvq8lpHRamK3NvbQ7tlqx4MuemWgB7ee5eNGwWbeqg2poEqT0NA1OoQk96lGZx1xgZ8/03aceof/eTFMrbqv0gVjSNOj3Bmzm0seknqBG7uD72zK50SdPKhTdgWn34xEcoTAoGun+4w9JIm2eVFS0y8YevOz+mEIR8o3c1LHTySJhG2EHp+ar4ggsH9guTKp0Acexyy3a/8qZLLFTXNyyMd8XfFdKrNPwgi0th1FbGZfdo0WovTA34DTQggw+xQIDAQAB


suggests

Congratulations! Your DKIM record is valid.

thank you for your amazing help here!
I understand none of this and will strive to know more.


#13

How do I resolve the bold and italic?

Authentication-Results: spf=pass
smtp.mailfrom=example.com; outlook.com; dkim=none (message not signed)
header.d=none;outlook.com; dmarc=pass action=none
header.from=example.com;


#14

For Outlook DKIM, are you using Office 365 for Business (work account) or a personal Outlook account and sending using an Outlook alias?


#15

I’m using a wordpress wpforms to send email from the domain and Standard online mail with outlook

so far everything works well


#16

When submitting forms from your WordPress site, are they sent directly to your webhost mail system (e.g. locahost/127.0.0.1/PHP mail) or some other sending method such as smtp(s) socket library which connects to your Outlook or Gmail account to email that form?

Using the tests above, send a test from the wpform to their test email. The reason, third party email servers & spam filters check your SPF/DMARC/DKIM records to validate you’ve permitted that particular server to send on your behalf. This applies to onsite multi-function devices and internal email servers as well!

Once the planets have aligned and everything validating correctly, you can switch from relaxed and tell third parties to use strict, quarantine or reject polices if it’s not from you.


#17

yes those test emails give me the 7/10.

testing now suggests 7.9/10
dkim=none (message not signed)


#19

If you have cPanel, you’ll find the DKIM TXT record you need to copy to Cloudflare by going to your cPanel > Domains > Zone Editor and selecting “Manage” beside your domain.

Look for the TXT record that’s similar to the lines below

Name

default._domainkey.example.com

Value

v=DKIM1;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDydBvavyEOd2G1UcwUy7tRUqxmsn2eQ6OqJB/Z2Q2JNrJTiwsDn6mbOnw/L43mQI7kwTcwrz/jRK/JKc2Biw7Mdg6QHdmYMwhtrnAU4jm/9fd2xJrAkyF8mk3z1MF9H/dLPw6OZpIfinSLrzxw8NDpS1DRHaKTx4SlIL8Mp7aNzwIDAQAB:3600::


#20

Thank you!

I’m using a free host so I will ask the host if they could share that info.

Update…
No access to that information.
So far everything works, now to setup a store and test.

Thank you again for your support!