E-mail forwarding to forwarded e-mails blocked by Google

[sz3jdii]

Hello,
Let's say I have situation like below. My CEO, CFO, COO uses their mydomain.com email accounts as SMTP only, so they receive their messages sent to mydomain.com directly into gmail account and they can reply them as mydomain.com authority due to SMTP plugged in GMail as a external send email server.

I've set up below forwarders in Direct Admin:

Forwarders:

ceo[at]mydomain.com -> name.surname.of.ceo[at]gmail.com
cfo[at]mydomain.com -> name.surname.of.cfo[at]gmail.com
coo[at]mydomain.com -> name.surname.of.coo[at]gmail.com

head[at]mydomain.com -> ceo[at]mydomain.com, cfo[at]mydomain.com, coo[at]mydomain.com

mydomain is hosted on the newest Direct Admin version.
Let's say I want to create an Instagram account using the mail head[at]mydomain.com, so any Instagram updates etc. would also be sent to ceo, cfo, coo accounts. The problem is Google is treating Instagram emails as spam: Our system has detected that this message is 550-5.7.1 likely suspicious due to the very low reputation of the sending 550-5.7.1 domain.
I have SPF, DMARC, DKIM set in cloudflare DNS zone, also when I send a test e-mail from direct admin (ceo[at]mydomain.com) to https://www.mail-tester.com/ I have 10/10 score. Instagram is of course an example.

I guess that the problem is with FROM email address in forwarded message. It's set up as original message author's email, then it's beeing send from mydomain.com server to ceo, cfo, coo [at]mydomain.com emails and then to their to GMail accounts so I guess GMail is treating as spam because it doesn't understand why Instagram e-mail is sent from [at]mydomain.com. To fix this I guess I have to change FROM mail of forwarded messages and the original sender e-mail should be only in REPLY TO envelope field but honestly I don't know how to do this.

Thank you for any help

 

[toml]

I personally don't care to forward emails from a DA server to gmail or any other large email provider due to spam scoring. By forwarding email, those providers will see the email coming from your IP address and depending on how many spam messages are forwarded, it could put your server on a list known for spamming. You are much better off having gmail pull the messages from the DA server. It does delay the delivery, sometimes by 40-60 minutes but their spam filters will filter the spam from your server and won't ding your IP as the sender.

 

[Richard G]

likely suspicious due to the very low reputation of the sending 550-5.7.1 domain.

Which says it all. At this moment you have a ver low mail sending reputation. The only ways to fix this is to send more mail originating from your system and/or fill in the Gmail troubleshooter.
If I'm not mistaken you get a form on the end.

Troubleshooting for senders with email delivery issues - Gmail Help

 

[scriptkitty]

Why forwarders to external mailservers can be dangerous for your server

 

[Richard G]

Most people don't forward to internal mail accounts. People use forwarders just to forward to their gmail, hotmail or private (home isp) accounts, which are all external mailservers. So in fact the doc could better read "why using forwarders can be dangerous for your server".

However, that's indeed the risk. Exactly why monitoring is needed and subscription to spamlists and an abuse account etc. so if you server is abused for forwarding spam, you get to know as fast as possible.
Not every mail address has the polling option that Gmail does and not every customer is happy to configure the polling option from gmail.

Disabling forwarders for customers will get you unsatisfied customers, so one has to consider which choice to make. Forwarders had have this risk since forwarders existed.

 

[LawsHosting]

Disabling forwarders for customers will get you unsatisfied customers, so one has to consider which choice to make. Forwarders had have this risk since forwarders existed.

This......

This has come up so many times, still no definite solution..

If it's so bad (well, can get you MTA blocked), who invented forwarders in the first place.. Fred Bloggs in 1984?!

 

[factor]

The problem is Google is treating Instagram emails as spam

likely suspicious due to the very low reputation of the sending 550-5.7.1 domain

Simple Guide to Email Blacklist

All: I am no wizard. Dont claim to be. If this helps someone awesome. If you all want me to add to it just say add this..

forum.directadmin.com

Might work through this. Without your real domain, we can't really help you. you are most likely not followly the true email process and protocol of current day email.

ceo[at]mydomain.com -> name.surname.of.ceo[at]gmail.com
cfo[at]mydomain.com -> name.surname.of.cfo[at]gmail.com
coo[at]mydomain.com -> name.surname.of.coo[at]gmail.com

head[at]mydomain.com -> ceo[at]mydomain.com, cfo[at]mydomain.com, coo[at]mydomain.com

When you have a real server that can be the email server why do all of this fwding

 

[sparek]

I would second the using the "Retrieve via POP3" option in Gmail.

Forwarding to external email addresses is a horrible idea. There's really just no other way to say it. Yes a lot of people do it. A lot of people want to do it. But it doesn't change the fact that it's a horrible idea.

Email has evolved. The email ecosystem is not the same as it was back in the 1990s. People have to understand that change is part of life. Just because something is "This is the way I've always done it" doesn't mean it's going to continue to operate like that forever.

I would probably argue that as a whole, email is a dying breed. We've all band-aided email, and band-aided email, to where it's really something that is unrecognizable from it's inception. Would a better idea be to let email die and develop a totally new communication medium - that might look a lot like email, but incorporate a lot of these "fixes" into it's core?

 

[Richard G]

Just because something is "This is the way I've always done it" doesn't mean it's going to continue to operate like that forever.

You're right, but try to make users and customers change. Because you also have to realize that Gmail is not the only mail system out there. Customers are also forwaring to hotmail c.s., icloud, their own isp, collegues, etc. etc. and a lot of them have no "retreive via pop3/imap" option, next to that I wouldn't even want Gmail to handle my passwords, and I'm surely not the only one.

The only way to really change this behaviour if really all hosts would stop providing it. Well... fat chance there.
So only other way is if email forwarding would be made unavailable by the MTA. Small chance there either. Pop3 is also from the 90's and also still loads of people using it, which gives an indication about if mail forwards will stop anytime soom.
I guess at least not in the upcoming 5-10 years.

So yes the retreive option is a good option, but too limited because of the variety of email addresses/domains out there.

 

[sparek]

You're right, but try to make users and customers change.

Oh! I agree with you. Getting people to change is difficult if not impossible. "You can pry these external forwarders out of my cold, dead hands"

But - I don't think that changes the fact that it's a bad idea. I mean, better technologies is going to have a hard time getting a foothold if we all take the approach of "I don't want to accept change". Uphill battle? Absolutely! Necessary? Ultimately I think it is.

All of this starts with better educating end users. If end users don't know how horrible external forwarders are, then nothing is ever going to change.

I would propose that the OP do something like:

ceo[at]mydomain.com -> name.surname.of.ceo[at]mydomain.com
cfo[at]mydomain.com -> name.surname.of.cfo[at]mydomain.com
coo[at]mydomain.com -> name.surname.of.coo[at]mydomain.com

head[at]mydomain.com -> name.surname.of.ceo[at]mydomain.com, name.surname.of.cfo[at]mydomain.com, name.surname.of.coo[at]mydomain.com

And then have each respective Gmail account POP/retrieve mail from their respective email account:

name.surname.of.ceo[at]gmail.com POP/retrieve name.surname.of.ceo[at]mydomain.com
name.surname.of.cfo[at]gmail.com POP/retrieve name.surname.of.cfo[at]mydomain.com
name.surname.of.coo[at]gmail.com POP/retrieve name.surname.of.coo[at]mydomain.com

You are also correct in that not all major mail services have a POP/retrieve function. But if someone relies on using a major mail service that does not have a POP/retrieve function, well then this is just part of the price they have to pay. They will either need to use a real email client to check the accounts directly from their domain's hosting account (or use webmail) or advertise their major mail services email address.

 

[sz3jdii]

Oh! I agree with you. Getting people to change is difficult if not impossible. "You can pry these external forwarders out of my cold, dead hands"

But - I don't think that changes the fact that it's a bad idea. I mean, better technologies is going to have a hard time getting a foothold if we all take the approach of "I don't want to accept change". Uphill battle? Absolutely! Necessary? Ultimately I think it is.

All of this starts with better educating end users. If end users don't know how horrible external forwarders are, then nothing is ever going to change.

I would propose that the OP do something like:

ceo[at]mydomain.com -> name.surname.of.ceo[at]mydomain.com
cfo[at]mydomain.com -> name.surname.of.cfo[at]mydomain.com
coo[at]mydomain.com -> name.surname.of.coo[at]mydomain.com

head[at]mydomain.com -> name.surname.of.ceo[at]mydomain.com, name.surname.of.cfo[at]mydomain.com, name.surname.of.coo[at]mydomain.com

And then have each respective Gmail account POP/retrieve mail from their respective email account:

name.surname.of.ceo[at]gmail.com POP/retrieve name.surname.of.ceo[at]mydomain.com
name.surname.of.cfo[at]gmail.com POP/retrieve name.surname.of.cfo[at]mydomain.com
name.surname.of.coo[at]gmail.com POP/retrieve name.surname.of.coo[at]mydomain.com

You are also correct in that not all major mail services have a POP/retrieve function. But if someone relies on using a major mail service that does not have a POP/retrieve function, well then this is just part of the price they have to pay. They will either need to use a real email client to check the accounts directly from their domain's hosting account (or use webmail) or advertise their major mail services email address.

I decided to do that, but I have another problem described here https://forum.directadmin.com/threa...-designate-x-x-x-x-as-permitted-sender.62603/