Solved

email to sms gateway issues

  • 12 January 2016
  • 54 replies
  • 1413 views

I run a website online that deals with labor dispatch, and one thing we offer is SMS notifications when new jobs are available. All numbers we send to must be confirmed by the end user before we will allow notifications to be sent to them, so there is zero chance that someone is receiving 'spam' messages they didn't want to receive. Until recently (about a week ago maybe), things were working fine for 8 years. For those 8 years, the setup was:

 

- my domain was in the envelope sender

- the dispatchers info was in the From: header

- my domain has Reverse PTR, SPF, and DKIM set up

 

Those messages are now being rejected as 'spoofs', presumably because the 'From' header doesn't line up with the envelope sender. While it may be a bit overzealous to trash those, especially given the SPF verification passes, I have been trying to work around the issue. In the meantime, I am using a 'noreply' for the from address, so the messages are getting through, but no one can reply to them, and my users are pissed off (as they should be).

 

So where I'm at now, I have been trying to implement SRS in order to deal with your heavy-handed, ill-thought-out approach to dealing with SPAM. So the dispatcher can send the message, the envelope sender continues to be based at my domain, and the From header is rewritten via SRS to appear to be at my domain, while containing enough info for me to forward the message back to them when the reply comes in.

 

Step 1: dispatcher sends a message. This works

Step 2: user replies. Tmo sends it to my server, and I am able to reverse the SRS address and initiate the forward. This works.

Step 3: I then forward the message UNMODIFIED to the destination, using my server's envelope sender (for SPF checks). Altering the From: header from the original sender is ABSOLUTELY NOT AN OPTION because it would break any DKIM signature for any messages I am forwarding. So this part breaks, because Tmo, for some reason, can't figure out what to do with this message.

 

This is an example of the message send from tmobile to my server:

 

S: 220 mail.example.com ESMTP Postfix (Ubuntu)

C: EHLO da3p-tmo-mm3-sfw001.syniverse.com

S: 250 mail.example.com\r\n

    250-PIPELINING\r\n

    250-SIZE 10240000\r\n

    250-VRFY\r\n

    250-ETRN\r\n

    250-ENHANCEDSTATUSCODES\r\n

    250-8BITMIME\r\n

    250-DSN\r\n

C:  MAIL FROM:<btv1==8190f953ef1==1PHONENUMBER@tmomail.net> SIZE=518\r\n

    RCPT TO:<SRS0=Kb27=NM=tmomail.net=PHONENUMBER@example.com> ORCPT=rfc822;SRS0+3DKb27+3DNM+3Dtmomail.net+3DPHONENUMBER@example.com\r\n

    DATA\r\n

S:  250 2.1.0 Ok\r\n

    250 2.1.5 Ok\r\n

    354 End data with <CR><LF>.<CR><LF>\r\n

C:  Received: from tmobile.net ([10.164.3.161]) by da3p-tmo-mm3-sfw001.

        syniverse.com with ESMTP id 0qe6yfmnCwSHUuup for <SRS0=Kb27=NM=tmomail.net=PHONENUMBER@example.com>; Tue, 12 Jan 2016 10:13:31 +0000 (GMT)

    To: SRS0=Kb27=NM=tmomail.net=PHONENUMBER@example.com

    From: 1PHONENUMBER@tmomail.net

    Content-Type: text/plain

    Date: Tue, 12 Jan 2016 10:13:31 GMT

    Subject: RE:testing

    Message-ID: 20160012101331845490@mavenir.com

    Sender: 1PHONENUMBER@tmomail.net

    X-Virus-Scanned: by bsmtpd at syniverse.com

 

    Jfkfjjt\r\n

    .\r\n

    QUIT\r\n

S:  250 2.0.0 Ok: queued as DBD7418110

    221 2.0.0 Bye

 

And this is an example of the bounced forwarding attempt:

 

S:  220 Syniverse ESMTP Service CHI01

C:  EHLO mail.example.com

S:  250 ch3p-tmo-mm3-sfw001.syniverse.com Hello www.example.com [xx.xx.xxx.90], pleased to meet you\r\n

    250 SIZE 3145728\r\n

    250 PIPELINING\r\n

    250 8BITMIME\r\n

    250 HELP\r\n

C:  MAIL FROM:<SRS0=19rQ=NM=tmomail.net=btv1==8190f953ef1==1PHONENUMBER@example.com> SIZE=808\r\n

    RCPT TO:<PHONENUMBER@tmomail.net>\r\n

    DATA\r\n

S:  250 Sender <SRS0=19rQ=NM=tmomail.net=btv1==8190f953ef1==1PHONENUMBER@example.com> OK\r\n

S:  250 Recipient <PHONENUMBER@tmomail.net> OK\r\n

S:  354 Start mail input; end with <CRLF>.<CRLF>\r\n

C:  Received: from da3p-tmo-mm3-sfw001.syniverse.com (dal-tmo-mm3.syniverse.

        com [173.209.216.234])

        by mail.example.com (Postfix) with ESMTP id DBD7418110

        for <SRS0=Kb27=NM=tmomail.net=PHONENUMBER@example.com>; Tue, 12 Jan 2016 05:13:31 -0500 (EST)

    X-DKIM: Sendmail DKIM Filter v2.8.1 mail.example.com DBD7418110

    Received: from tmobile.net ([10.164.3.161]) by da3p-tmo-mm3-sfw001.

        syniverse.com with ESMTP id 0qe6yfmnCwSHUuup for <SRS0=Kb27=NM=tmomail.net=PHONENUMBER@example.com>; Tue, 12 Jan 2016 10:13:31 +0000 (GMT)

    To: SRS0=Kb27=NM=tmomail.net=PHONENUMBER@example.com

    From: 1PHONENUMBER@tmomail.net

    Content-Type: text/plain

    Date: Tue, 12 Jan 2016 10:13:31 GMT

    Subject: RE:testing

    Message-ID: 20160012101331845490@mavenir.com

    Sender: 1PHONENUMBER@tmomail.net

    X-Virus-Scanned: by bsmtpd at syniverse.com

 

    Jfkfjjt\r\n

    .\r\n

    QUIT\r\n

S:  550 rejecting spoofed message

S:  221 ch3p-tmo-mm3-sfw001.syniverse.com Goodbye www.example.com, closing

        connection\r\n

 

What do I need to do to get around your ill-conceived rules? Why don't you just implement DKIM? It's obvious that I haven't manipulated any of the headers, I've left everything intact, and my SPF checks out, so if that's not enough for you, why not implement DKIM so you can VALIDATE YOUR OWN MESSAGES? This is absolutely ridiculous! You gave me the message-ID, i gave it right back, you can VERIFY that it's a forward, not a spoof! Do you not realize how asinine this approach is?

 

How do I work around this engineering catastrophe? (The answer is not 'rewrite the from header on a forward', because that would screw over the responsible adults who actually implemented DKIM).

 

I'm sorry if I sound upset here, but it's because I AM. I've done every single thing by the books to give anyone the ability to validate the content coming out of my server, and your actions have directly impacted my business. This server has been sending these messages for 8 years, and it has a great email reputation, but you've somehow implemented a disastrous policy without really knowing what you were doing.

 

Please tell me how to work with this new terrible system so my users can message eachother and reply to the messages.

icon

Best answer by srickar 31 January 2016, 04:07

Hi Diesel.....I made some modifications to the setup and not seeing any further 550 rejections. It was not for SPF violation either. There were also prior successful messages routing through.  Please be patient, these systems are dynamically trying to combat false negative and false positive spam threats and no employee is trying to deny legitimate traffic. A global expression could override "safe" traffic based on traffic trends.

Please review and maintain SMTP setup with RFC822 header standards. With that said, can you please PM me with your concerns and I will try to address them.

View original

54 replies

Userlevel 3
Badge +4

Hi @subodh123​ - I have accepted your request.

It might need whitelisting my phone number

Srickar i have sent you a follow request, please help me out on this

@srickar​ can you please help me out as well regarding this issue? having this issue for almost a year now. It works for all other tmobile numbers except mine.

Looks like something fishy with my phone number, It used to work an year ago.

Userlevel 3
Badge +4

@magenta9739608

That type of request requires authentication. Please contact customer service at 611 to request detailed account information.

Please email me my monthly statement at @magenta9739608.

Thanks,

Castalia Haynes

@srickar​ My company has a system that has been sending email to SMS for years. Recently our T-Mobile users have been reporting that they have stopped receiving their messages. After reading through several forums now, I believe that our domain has been blacklisted. I was wondering if you could help. I followed you earlier, but I am not able to send you a P.M.

Userlevel 3
Badge +4

Please send me a P.M. and I can investigate. Thanks.

@srickar​ I am having the same email to SMS gateway blocking issue.  T-Mobile is the only carrier that we have this problem with.  We've done just about everything imaginable on our end to make sure that we have no configuration issues on our end.  Can you please help with the process within T-Mobile to get this resolved?

follow request sent. We are experiencing the same issue.

Here is one of the rejected messages. Our paging system was sending the messages directly but they advised us to have us relay from our internal mail server which has correct spf records setup. We have since set it to relay from the email server instead of sending out directly to tmomail.net.

Here is the rejected message:

Delivery has failed to these recipients or groups:

7742195090@tmomail.net<mailto:7742195090@tmomail.net>

A problem occurred while delivering this message to this email address. Try sending this message again. If the problem continues, please contact your helpdesk.

The following organization rejected your message: d79033a.ess.barracudanetworks.com (64.235.150.252).

Diagnostic information for administrators:

Generating server: emailsecurity.townhall.easton.ma.us

7742195090@tmomail.net<mailto:7742195090@tmomail.net>

d79033a.ess.barracudanetworks.com (64.235.150.252)

Remote Server returned '<d79033a.ess.barracudanetworks.com (64.235.150.252) #5.0.0 smtp;550 permanent failure for one or more recipients (7742195090@tmomail.net:blocked<mailto:7742195090@tmomail.net:blocked>)>'

Original message headers:

Received: from emailsecurity.townhall.easton.ma.us (127.0.0.1) id hcems60171s4 for <7742195090@tmomail.net<mailto:7742195090@tmomail.net>>; Wed, 13 Feb 2019 00:40:12 -0500 (envelope-from <DKitsos@easton.ma.us<mailto:DKitsos@easton.ma.us>>)

Received: from TH-EXCH1.townhall.easton.ma.us ()

by emailsecurity.townhall.easton.ma.us () (SonicWALL 9.0.5.2075 )

with ESMTPS (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256/256)

id o201902130540110039204-21; Wed, 13 Feb 2019 00:40:11 -0500

Received: from TH-EXCH1.townhall.easton.ma.us (192.168.1.2) by

TH-EXCH1.townhall.easton.ma.us (192.168.1.2) with Microsoft SMTP Server (TLS)

id 15.0.1320.4; Wed, 13 Feb 2019 00:40:11 -0500

Received: from TH-EXCH1.townhall.easton.ma.us () by

TH-EXCH1.townhall.easton.ma.us () with mapi id

15.00.1320.000; Wed, 13 Feb 2019 00:40:11 -0500

Help and thanks for following, what do you need to help me with this issue

Thanks have the rejected email, should I i m forward that to you?

We are a police department with paging system that all of a sudden stopped sending texts to t mobile officers so it's kind of a pressinf issue for us

Thank you

Dennis kitsos

Easton Police Department

Get Outlook for Android

Userlevel 3
Badge +4

Yes, definitely. I sent you a follow request earlier this morning. Please follow back through inbox and you can send me a message. Thanks!

Userlevel 3
Badge +4

Followed.

srickar, can you help me with this exact issue?

I am having a similar issue where messages are being blocked

Could you help me fix this issue,  I have requested to follow you and am awaiting your aporoval

Thank. You

Userlevel 3
Badge +4

I followed you and through inbox but I cannot send you a message until you follow me or try sending me a PM. Send me the details such as email headers and source email and I will take a look ASAP.

Thank you for your quick reply!

We had Gmail working just fine through January 22nd.  All messages were being successfully delivered.  Starting January 23rd is when all gmail messages began getting blocked.

Userlevel 3
Badge +4

Sent you a follow request. Just a heads up, Gmail definitely will not permit another entity to alter the reply-to address while using gmail controlled email servers. Its to prevent spoofing and that's why DMARC/SPF hard/soft fail is common RFC email standard to prevent spoofing of another managed domain entity.

Same issue here, sending SMS notifications through a small business software.

SMTP

d79033a.ess.barracudanetworks.com [64.235.154.105]

550 permanent failure for one or more recipients (<number>@tmomail.net:blocked)

Starting January 23rd, 2019, there has been a large increase in blocked SMS messages; primarily seeing @gmail.com domain as the blocked sender, but there are many others too.  I don't see a way to add SPF for Gmail.  We are not encountering this issue with any other carrier.

Please advise, as this is extremely urgent. 

@tmo_lauren@srickar

Userlevel 3
Badge +4

Circling back to send a reminder. I wanted to try and get this taken care of for you. Thanks.

Userlevel 3
Badge +4

Are messages originating from hycite.com? That domain is blocked back in February for spamming T-Mobile. Can you clarify if your messages originate from this domain?

Userlevel 5

@magenta4393668​ Hey there!

We don't offer support directly through email, but you are welcome to either file a ticket with a Support representative for the issue you are having, or have your administrator contact us through here. 😊 A T-Mobile account is not required to create a Support account!

-Lauren

Hello, I need to connect you with the person who is the email

administrator. His email is gsellek@hycite.com Greg Sellek. can you

please contact him?

thank you,

Erika Ortiz

2018-03-14 15:14 GMT-05:00 srickar <no-reply@t-mobile.com>:

T-Mobile Support

email to sms gateway issues

reply from srickar

<https://support.t-mobile.com/people/srickar?et=watches.email.thread> in *Account

& services* - View the full discussion

<https://support.t-mobile.com/message/635592?et=watches.email.thread#635592>

Userlevel 3
Badge +4

Header as received:

Received: from out-3.smtp.fused.com (bb-3.out.fused.email [69.162.149.152]) by mx2003.ess.tym.cudaops.com (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 15 Mar 2018 13:32:51 +0000

Received: (Haraka outbound) with LOCAL id BA44E6C7-8F46-4CA0-9408-3A6F2CD88073.1; Thu, 15 Mar 2018 08:32:50 -0500

Authentication-Results: out-3.smtp.fused.com; iprev=pass; auth=pass (plain)

Received: from users-MacBook-Pro.local (host-204-93-127-55.APIOLT4.epbfi.com [204.93.127.55])

by out-3.smtp.fused.com (Haraka/2.7.3) with ESMTPSA id BA44E6C7-8F46-4CA0-9408-3A6F2CD88073.1

envelope-from <dxxxx@fused.com> (authenticated bits=0);

Thu, 15 Mar 2018 08:32:49 -0500

To: xxx619xxxx@tmomail.net

From: "dxxxx@fused.com" <dxxxx@fused.com>

Sender IP: 69.162.149.152 (bb-3.out.fused.email)

$ host fused.com

fused.com has address 52.119.44.6

fused.com mail is handled by 10 mail.corp.fused.com.

$ dig -x 69.162.149.152

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.4 <<>> -x 69.162.149.152

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2373

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:

;152.149.162.69.in-addr.arpa.  IN      PTR

;; ANSWER SECTION:

152.149.162.69.in-addr.arpa. 86366 IN  PTR    bb-3.out.fused.email.

I cannot whitelist external SMTP clients when the root cause is invalid SMTP server banner mismatch. The outbound MTA for fused.com is not matching reverse DNS. The reject message "550 Sender IP reverse lookup rejected" is generated based on presented information from the connecting SMTP. Need to update MX records.

You would need to verify with Fused hosting as to the correct use of SMTP settings.

$ dig txt fused.com +short

"v=spf1 +ip4:52.119.44.4 +ip4:216.86.157.103 +a:srv3.fused.com +ip4:69.64.153.128/29 +include:_spf.fused.com +include:relay.mailchannels.net -all"

"google-site-verification=OXNsoL4aXmPmuRG_zvVn8lJ1gmWZ1gtMPWCoKYNVMMU"

Please visit this tutorial link to read up on why the rDNS is invalid. I dont know if you are using Fuse for hosting service or actually trying to send directly as a fused.com branded message or just need help with configuring the SMTP setup. But as configured, this setup is mismatched and will not be permitted by the hosts as per their MX setup.

SMTP      - SMTP Banner Check

SMTP Banner CheckReverse DNS does not match SMTP Banner

$ drill mx fused.com

;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 61419

;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:

;; fused.com.  IN      MX

;; ANSWER SECTION:

fused.com.      7200    IN      MX      10 mail.corp.fused.com.

Sorry to dogpile onto this thread — I too am experiencing a similar issue.

Here's the response I'm getting:

Original-Envelope-Id: <6f17c2bc-68cb-3cae-892c-5335052eff11@fused.com>

Reporting-MTA: dns;out-3.smtp.fused.com

Arrival-Date: Thu, 15 Mar 2018 08:40:21 -0500

Final-Recipient: rfc822;14236197147@tmomail.net

Action: failed

Remote-MTA: d79033b.ess.barracudanetworks.com

Diagnostic-Code: smtp;550 permanent failure for one or more recipients (1xxxxxxxx@tmomail.net:550 Sender IP reverse lookup rejected)


I'm sending from david@fused.com.
Mind sorting? Note that fused.com doesn't host any free email accounts or such, so whitelisting would be optimal 😊

Reply