E-mails sent by WMI-nextcloud are marked as spam.
Involved service:
Probably an SPF issue.
domain of (omitted service provider domain name) does not designate 89.31.49.215 as permitted sender)
The reported IP is the one of our mailserver gamma.
Setup something like a noreply@wikimedia.it with our SMTP server.
| Status | Subtype | Assigned | Task | ||
|---|---|---|---|---|---|
| Open | None | T284541 E-mails from WMIT NextCloud marked as spam by some recipients with a certain interaction of SPF, DKIM, aliasing | |||
| Open | None | T334826 Understand how to fix broken email aliases, causing delivery issues / spam false-positiveness |
I've just discovered that I'm not affected by this problem at all. I've updated the description accordingly.
Setup something like a noreply@wikimedia.it with our SMTP server.
Does our SMTP have DKIM? If not, it might not improve deliverability. Currently Netways has a strict SPF:
netways.de. 5800 IN TXT "v=spf1 mx ip4:185.11.255.68 ip4:185.11.252.58 ip4:194.0.135.0/24 include:spfhard.crsend.com -all"
My user has a wikimedia.it alias which points to an OVH-hosted mailbox, so I get this:
Received-SPF: Fail (mailfrom) identity=mailfrom; client-ip=89.31.49.215; helo=gamma.dgw.it; envelope-from=noreply@netways.de; receiver=[redacted] Authentication-Results: in42.mail.ovh.net; dkim=pass (1024-bit key; unprotected) header.d=netways.de header.i=@netways.de header.b="bakGi+0r"; dkim-atps=neutral Received: from gamma.dgw.it (gamma.dgw.it [89.31.49.215]) by in42.mail.ovh.net (Postfix) with ESMTPS id 4G2D7n6z9wz18JwRq for <[redacted]>; Sat, 12 Jun 2021 10:13:41 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by gamma.dgw.it (Postfix) with ESMTP id 36B5089BFA for <[redacted]>; Sat, 12 Jun 2021 12:13:35 +0200 (CEST) X-Virus-Scanned: Debian ClamAV at gamma.dgw.it X-Spam-Flag: NO X-Spam-Score: -2.1 X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: gamma.dgw.it (amavisd-new); dkim=pass (1024-bit key) header.d=netways.de Received: from gamma.dgw.it ([127.0.0.1]) by localhost (gamma.dgw.it [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IjOPnYJgTeYU for <[redacted]>; Sat, 12 Jun 2021 12:13:32 +0200 (CEST) Received: from mailrelay.netways.de (mailrelay.netways.de [185.11.252.58]) by gamma.dgw.it (Postfix) with ESMTPS id 731BA89BF8 for <[redacted]@wikimedia.it>; Sat, 12 Jun 2021 12:13:32 +0200 (CEST) Received: from archivio.wikimedia.it (unknown [194.0.135.23]) by mailrelay.netways.de (Postfix) with ESMTP id CD0462038E for <[redacted]@wikimedia.it>; Sat, 12 Jun 2021 12:13:25 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=netways.de; s=rspamd; t=1623492805; bh=3AAfouJuhI36wVdGP/YWalb90wiBzhuXj8NSPhh6rHc=; h=Date:Subject:From:To:From; b=bakGi+0raRArl49gNRju9DK4kshqKUpPJ20AVQsOxw+iSzt/3yQvHNZ9DpUIIqdwy LLNT8OphjbMH3GdcTrw02sD+koX/7r+I1JlThJAsSPSiI1Sd/AamqX3v73AA0FzCFE 4G/0DVWpvg7ViIOJtT/ShXnshAo8ahzxx4NA3yso= Message-ID: <9698412a993c7fc04c2c8b835ab161a5@archivio.wikimedia.it> Date: Sat, 12 Jun 2021 10:13:25 +0000 Subject: Ripristino password di Archivio Wikimedia Italia From: Archivio Wikimedia Italia <noreply@netways.de>
So the real fix would be to change the email forwarder in a way that doesn't break SPF, but the benefits are going to be limited because most recipients nowadays check DKIM (and trust it more than SPF) and the most active users of wikimedia.it addresses do not use aliases but actual mailboxes.
With this new subject the report is no longed invalid, however I recommend closing it as declined. In the future, when/if a new mailserver is selected for other purposes, we can also consider attaching Nextcloud to it (as well as the various Wordpress instances and who knows how many other things which send email from Wikimedia Italia domains), but it's not worth doing it only for the sake of this user-specific issue.