Solved

E-mail to SMS spam blocking

  • 12 November 2019
  • 51 replies
  • 563 views

We have been using the tmomail.net e-mail to SMS gateway to send notifications for voicemails received by our corporate PBX.   Sometime within the past few days, these messages started to get blocked.  We are getting a 550 failure code with a "rejecting banned content" description.  There have been some other threads that mention that we can get our domain whitelisted.  @srickar has helped others in the past with this, so I have requested to follow him so that I can direct message him our details.  The other threads have been closed, which is why I have started a new thread.  The most recent thread was answered with a solution to use an SMS short code to send out such notifications.  This is probably not an acceptable solution to most customers on this forum, as it costs $1000/mo to maintain a short code.

icon

Best answer by srickar 12 November 2019, 22:27

I can help you with this. Please verify the sending envelope does not contain info@, postmaster@, test@, etc that are generic in nature. The reason these are currently blocked right now is due to recent phishing activity that is using generic envelope names asking users to reset their Facebook or Netflix passwords. If using an email username that is generic, please consider modifying to something that is unique and not shared with other email entities.

View original

51 replies

Userlevel 3
Badge +3

I can help you with this. Please verify the sending envelope does not contain info@, postmaster@, test@, etc that are generic in nature. The reason these are currently blocked right now is due to recent phishing activity that is using generic envelope names asking users to reset their Facebook or Netflix passwords. If using an email username that is generic, please consider modifying to something that is unique and not shared with other email entities.

I wouldn't consider the user part of the e-mail address to be generic, but "admin" is a substring within the user part.  It's probably not wise to post the full address on a public forum, so I can DM it to you if you follow me.

We are experiencing the same problem that also just started in the last few days. We use email to SMS to send notifications to our employees. After seeing this thread I tried a few different email names and even one of our other domain names. But still got the same error message. Hopefully I can also get some help from @srickar​ to resolve our issue as well.

Userlevel 3
Badge +3

I can help you. Please check if sending address does not contain any generic sender username such as info@ in the header.

Just sent you a D.M. request. Thanks.

I also have this problem. I run 7 web servers and I have been getting messages from them, but I stopped getting them recently. These are important in that the server may have gone down, or there is something wrong I need to fix.

The servers send knowing that it is an SMS message and not an email. They have my contact as ##########@tmomail.net

I also have an emergency@ email address that my customers can email me and it forwards me get a text. This has also stopped working.

If I use Gmail to send an email --> text, I get it. But I don't if I use my main email address in my email program, or someone sends to the emergency@email.

Thanks in advance for your help.

From what I learned, it was not the actual From or ReplyTo address that was causing the problem in our particular case, but for me it was the address from our DNS DMARC record that tells email providers where to send reports of messages that do not pass the SPF or DKIM tests (when mail is sent from unauthorized servers). This had to be changed in the DNS record as this header info is appended at the receiver end. Hopefully the filters T-Mobile has implemented can be modified to exclude the DMARC response email headers.

Hello, we are having a similar problem at our company-can I DM you srickar? If so, how?

Userlevel 3
Badge +3

I would be happy to help. Sending you a inbox request.

Userlevel 3
Badge +3

Would also like to assist you. Sending you an inbox request.

Userlevel 3
Badge +3

Just as FYI....due to a mass phishing attack targeting users with bogus Netflix and facebook account links, I had to insert some really aggressive blocks that may block legitimate traffic that also contains similar matches. Generic email username structure like admin@, test@, postmaster@, support@, alert@, etc are so generic and being used by millions of throwaway email addresses typically registered to millions of throwaway domains.

My organization is having the same issue with our emails being blocked. srickar, I sent you a follow request and can send you the details if you can please assist. Thank you.

Is it possible to limit those blocks to particular headers like the From: or ReplyTo: headers (or other known affected headers)? It would be difficult for most users to change the address that may be used for DMARC records that is appended to the email headers at the receiver end.

@srickar​ Sir, I started following you but noticed I had not checked the Inbox checkbox at first. I have now checked that box but still cannot send you any DMs. Do you need to do something on your end?

I am having the same issue. I have set up a Gmail filter to forward emails to me by sms from certain senders. One does, in fact contain info@ and is being rejected. Receiving the actual message by text is not that important. But I do need to get immediate notice that I have received one. Do you know of any workaround?

Thanks

I changed the address that we are sending notifications from, as "admin" was a substring in the user part of the address, which has resolved some of the issues we were having.  We continue to see certain e-mails blocked for a slightly different reason:

d79033b.ess.barracudanetworks.com[209.222.82.147] said: 550 permanent

  failure for one or more recipients (XXXXXXXXXX@tmomail.net:blocked) (in

  reply to end of DATA command)

I think the above error is indicating that your spam filtering service (Barracuda), doesn't like the actual content of a particular notification.

@srickar​, I tried to send you a DM, but there is still an exclamation point next to your username.  I think we are both following each other, which I thought is what we had to do to be able to send each other DMs...

@srickar We are seeing a similar issue. I sent you a follow request. If you can DM me do you think we can work this through?

Userlevel 3
Badge +3

I can certainly help! Sending you an inbox request.

Thanks! Not familiar with this messaging system, i don't see an inbox request anywhere. i did follow you as I'm sure you've seen, and i checked the tick box next to "inbox". not sure what to do next 😀

Well I guess that wasn't even to me 😀 I cannot make heads or tails out of this messaging system

Userlevel 3
Badge +3

Hey @magenta10446303

You sent me a DM correctly! I responded with some tips to help your messages pass anti-spam. Thanks!

I've talked to Barracuda for my domain and IP's as well and they say it's an internal T-Mobile ruleset because all ip's and domain have excellent repuation for over 3 years of sending everyday. I used to have 554 rejected banned content bounces from my clients who were sending text messages out to their customers which we now disclaim to not use "sales like/spam content" which can be blocked even though the end t-mobile subscriber wants those messages and it has been much better results. There's a brand new 550: sender email address rejected which is similar to the 550: blocked which handles a specific domain. I'm awaiting srickar to follow back to see if the my domain is blocked and go from there.

Hi srickar,

I've found this thread that seems to relate to an issue that I'm seeing with some servers that I support.  We send texts to the team via the phonenumber@tmomail.net pathway for those on TMobile and those are being rejected with the 550 :blocked message.  I've requested to follow you and I'd like to brainstorm about the issue via DM if possible.  Thank you for your time.

Userlevel 3
Badge +3

Hi @iwjtkoe4e

Have you closely reviewed the postmaster rejection messages? SMTP code 550 has several subset codes, but the major one is SPF (Sender Policy Framework), which is a DNS setting controlled by the sender domain to prevent another entity from spoofing emails as their own envelope.

Please verify your SPF is up-to-date for the envelope you are attempting to send as. A great validation tool I use is https://www.kitterman.com/spf/validate.html 

We must use SPF to prevent spoofing because wireless recipients can be targets for phishing activity from forged envelopes.

We honor soft-fail SPF.

I am also facing issue sending to Tmobile.

We have changed from postfix to use external SMTP provider and we are now facing issues with delivering email to sms for tmomail host d79033b.ess.barracudanetworks.com[209.222.82.150] said: 550 permanent failure for one or more recipients (6503093122@tmomail.net:blocked) (in reply to end of DATA command) We have dedicated IP which has good reputation and it's not on any blacklists. We limited our SPF just to use this IP to send emails. We have dmarc and dkim but still facing issues with tmomail.net being blocked

your assistance in this matter is appreciated, thanks.

First, I would remove that mobile number from the post, What's the rate of the sending? How many recipients per message? What's the dedicated IP? Is the rDNS of that dedicated IP a generic host?

Reply