Solved

Email to SMS (tmomail.net) is blocking our domain for spam.



Show first post
This topic has been closed for comments

153 replies

Ok I will see what we can do.

Thank You!

@srickar​  I'm receiving these messages:

Created Date:

11/9/2019 2:53:20 PM

Sender Address:

Info@answernational.com

Recipient Address:     

630XXXXXXX@tmomail.net

Subject:

Your Messages


Error Details

Reported error:

550 5.7.350 Remote server returned message detected as spam -> 550 permanent failure for one or more recipients (630XXXXXXX@tmomail.net:554 rejecting banned content)

DSN generated by:

DM6PR19MB2299.namprd19.prod.outlook.com

Remote server:

mx120.us-east-2b.ess.aws.cudaops.com

Any help is greatly appreciated.

Userlevel 3
Badge +4

Hi @ansnat

Unfortunately phishing spammers are using info@ to target recipients with netflix and facebook phishing attacks from generic based email username accounts, tied to millions of random domain addresses. So items like info@, admin@, postmaster@, administrator@, test@, etc are blocked indefinitely.

I will revisit removing this once the phishing activity has subsided.

Ok, thanks for the definitive answer. I'll need to tell our clients to migrate to other carriers from T-mobile.  I appreciate your help, and would love knowing when we can accept T-mobile users again.

Userlevel 3
Badge +4

There's no need to relocate just for a front end notification. Public email domains all require anti-spam filtering.

For @tmomail.net, the domain was intended for 2G phones which did not contain email clients. Perhaps sending it direct to the email recipient address would be sufficient. If this is automation traffic, enterprise based traffic should be sent over a trusted shortcode provider which does not require header and email malware/virus scanning. Unfortunately, sending from a generic email address envelope is not best practice as it will match with actual spam sources.

This is once again happening to our company: 554 rejecting banned content. All other carriers have no issues. Can @srickar please fix this? I can give any information that is needed and not sensitive.

Our Firefighter union email account now has this issue. We are not able to contact our 7 or so members that use Tmobile, while all other carriers are working fine. Getting bounced back with the same errors.

Userlevel 3
Badge +4

I'll send you a DM to investigate.

I used to have 554 rejected banned content bounces from my clients who were sending text messages out to their customers which we now disclaim to not use "sales like/spam content" which can be blocked even though the end t-mobile subscriber wants those messages and it has been much better results. There's a brand new 550: sender email address rejected which is similar to the 550: blocked which handles a specific domain. I'm awaiting srickar to follow back to see if the my domain is blocked and go from there.

Userlevel 3
Badge +4

SMTP 550 code typically means invalid Sender Policy Framework (SPF), which is a sender side domain DNS setting to restrict who can send email on behalf of the domain.

I typically see this where several organizations share or merge together and dont have an updated SPF DNS published.

Send me a inbox request if you still need help.

Yes you are correct. Incredible we updated and added more IPs to our servers to slowly build reputation yet our syntax was incorrect due to being cut off. We will investigate this and reply shortly. Thank you very much.

After updating the SPF record we see our test is now correct syntax for our ip ranges see: Network Tools: DNS,IP,Email.

We sent a test to several T-MOBILE clients of ours with the same: 550 permanent failure for one or more recipients (**********@tmomail.net:550 Sender email address rejected). Not sure if we need to wait for propagation throughout our servers or T-MOBILE to check our domain again for SPF if they do randomly or automatically. Thanks again for the help.

I see we're following each other however my account shows waiting approval so I'm unable to DM at the moment.

Userlevel 3
Badge +4

Sorry I'm on my mobile and I accidentally removed the acceptance.

@srickar. I clicked Accept maybe it takes a few hours to approve through the system but I dunno.

The domain in question is maritext dot com which seems like you answered about this domain 2 years ago with a similar issue in regards to ALL CAPS, too many "undisclosed" recipients in a list along with some other A2P suggestions. Our system has been running smooth up until 1/16/2020, which seems that the invalid SPF syntax was the culprit (now fixed). However to throttle our servers on the T-Mobile network, I just tweaked the sending algorithm to randomly include 3 to 7 recipients (mixed with other carriers) in one message per SMTP call instead of randomly 3 to 10 recipients. We also have a SPAM Prevention System set in place which allows only 1 message to 1 recipient every 6-12 hours, meaning a most a recipient can receive a message 4 times within a day spread out by 6 hours each time. The domain has SSL, DKIM, SPF, rDNS and all other tests are 100% good through mxtoolbox. Several tests through other domains on the same servers with same sending IPs conclude this is just a domain block of all email addresses from maritext dot com. I can also "suspend" all sending to any tmomail.net subscriber to let everything regain reputation. Let me know your thoughts I really appreicate your excellent feedback.

Userlevel 3
Badge +4

Please try again. I made some changes to the filter that should stop rejecting. Thanks.

Yes the single test worked!

Out Time:Jan 18, 2020, 11:46:23 PM
ID:1it2Ti-0005Hy-Gb
Delivery Host:d79033b.ess.barracudanetworks.com
Delivery IP:209.222.82.129
Size:1.89 KB
Result:Accepted

With the above tweaks I described above, is it better to keep the random 3-7 undisclosed recipients (undisclosed prevents group replies fyi) per SMTP call or 1 recipient per SMTP call and just incearese the overall calls to match the delivery speed? Each SMTP call happens every 60 seconds and a random IP of our static IP range delivers the message until the message queue of that specfic client is cleared. The most I've seen a message queue is 3,000 t-mobile subscribers and the messages are pretty low payload never over 1mb. Lastly, I'm glad to see that T-Mobile has tried adding a "bounce back" for invalid subscribers (1234567890@tmomail.net:550 Recipient email address rejected),  but there's an issue, the above test log was a test from support@maritext dot com to mytendigitmobilenumber@tmomail.net (my number is on sprint network), I also tried another phone number on sprint same thing, accepted message. In conclusion this rejected invalid receipient seems to only check for the format of the number not if it's an actual subscriber.

Thank you so much srickar for all help and feedback for trying to keep our texts going but stay in compliance with all rulesets, SPAM, FCC rules etc.

Userlevel 3
Badge +4

Common styles of fake recipients are intentionally blocked to stop flooding of invalid users.

That makes sense. We filter out all invalid formatted numbers, toll free, landline and voip numbers as well before checking who the carrier is. One thing we're trying to accomplish is detect when a T-Mobile carrier changes but without an invalid recipient bounce back of some sort it's kinda impossible. Eventually we're going to allow subscribers to use our servers to receive messages via email since carriers are cracking down on all email to sms/mms. I will be monitoring our sending logs throughout the day to make sure messages are been delivered

Badge
I am sort of having the same issue Srickar. I posted in another thread. I receive traffic alerts from info@511nj.com and they were coming in fine up until 6 weeks ago when they all of a sudden stopped. I logged into my 511NJ account to verify all my information was correct phonenumber@tmomail.net and everything was fine. If you could check this out I would appreciate it. I do a lot of driving and the traffic alerts are necessary. Thanks

It's best to have 511nj change the default from generic "info" to something less spam related. textalerts@511nj.com, or information@511nj.com may work as well.

@srickar mentioned this in his post here:Re: E-mail to SMS spam blocking

Userlevel 3
Badge +4

Thanks for bringing 511nj.org to my attention.  I pulled examples where certain message characteristics were matching similar spam techniques and submitted a correction request with anti-spam vendor to have the messages re-evaluated. Should be corrected in next 6-24 hours.

Badge

Thank you Srickar. I appreciate the help.

Userlevel 3
Badge +4

You may have already noticed, but 511nj.org was corrected. Thanks!

After monitoring all weekend and yesterday's holiday everything is running smooth now. Thanks again srickar for everything.