Solved

E-mail to SMS being blocked due to suspected SPAM



Show first post

234 replies

Userlevel 3
Badge +3

Seesnap is inserting a bit.ly link. That is not permitted. Otherwise, all other test messages are delivering that do not contain this link.

I need assistance o one seems to be able to help me when I call in support...  Getting this message

Your message to 3522197947@tmomail.net has been blocked. See technical details below for more information.

I see my emails going through, but not text message. 

Nice!  Thanks for that, I'll see if we can get that changed by our mail host.

Much appreciated!

Userlevel 3
Badge +3

@afscg123

Found the reason. That email address is using "postmaster". It's such a generic email user name that it was blocked for unrelated use by spammers. "postmaster@netflix.com; postmaster@fbi.gov;postmaster@ssi.gov; etc. Please change the presented configuration so that it's not so generic.

@srickar

Good afternoon!

We seem to have found our way on to the T-Mobile blacklist, this is what we are getting:

"recipient-domain": "tmomail.net",

"id": "8y7NCQN5T_iaNTMnARFxIQ",   

"campaigns": [],

"reason": "blacklisted",

"user-variables": {},

"flags": {

"is-routed": false,

"is-authenticated": true,

"is-system-test": false,

"is-test-mode": false

Our service sends emails to text messages for Doctors and it has been working perfectly for about a year to one of our clients who is a T-Mobile user, but last Friday we started getting bounce back emails with that reason code.

Would you be able to remove mailer.answerflorida.com from your blacklist?

I would very much appreciate it!

Thanks!

-Michael

@srickar​,

Understood and thank you for unblocking, we're likely going to use Iphone/Android notifications to replace the text blast model.

Userlevel 3
Badge +3

@gentrade,

I have removed the outright block, but please note that exceeding rate control volume is still possible and I cant circumvent since rate control is a global setting. For this type of A2P automation, the traffic should move to a shortcode provider like Syniverse, Twilio, Sybase, etc. These dedicated routes have different anti-spam policies for vetted traffic and perform ENUM lookup automatically to find the right carrier owner.

Since you are using email, if a subscriber ports between different carriers, you are essentially emailing a stale address which ENUM lookups are performed in real-time by the shortcode operator. Also, if a subscriber were to swap numbers and a former number is now assigned to a new user who's getting these email blasts, they could report it to FCC for TCPA violation. Something to consider as to why enterprise compliance is crucial these days. Thanks.

@srickar​ thank you for the quick response!

typically we only use if for verification codes but yesterday we sent 4800 (8 messages x 600 customers) so i understand what you are saying. Can you unblock so we can continue to verify. I will review the document and see if blasts can go another route.

Thank you

Userlevel 3
Badge +3

@livelovelaugh0276

Correct. SPF is a solely owned domain owner controlled configuration.

Userlevel 3
Badge +3

@gentrade

I blocked that yesterday because it was flooding our SMTP connections. This type of automation traffic should ideally be sent over a shortcode provider due to the characteristics of the message. This front end interface is not designed to accept that amount of traffic for an enterprise. Please see section 4.2 pertaining to enterprise traffic volume and why dedicated shortcode gateways are setup to handle this. https://api.ctia.org/wp-content/uploads/2019/07/190719-CTIA-Messaging-Principles-and-Best-Practices-FINAL.pdf

Even if I did not block, the messages were easily exceeding rate control connection limits which is generous. Also, the messages sent to each device was causing flooding to device delivery to the point devices couldnt acknowledge the messages fast enough.

Ok, I'll reach to our Managed Service IT group. So from your knowledge

there isn't any thing that TMobile needs to do in order to allow messages

to be sent to the 20-30 Physicians that use TMobile as their service

provider.

Userlevel 3
Badge +3

@livelovelaugh0276

Have you reached out to your IT team? Please inform your IT admin to correct the SPF DNS entry. SPF is a DNS policy setup by the domain owner that specifies what networks are authorized to send emails on behalf of the domain. The SPF entry has conflicting hard and soft fail entries explicitly allowing and denying certain network segments at the same time, so each time a message is sent, depending on which entry is queried first, the message is either accepted or denied. Cant have both "~all" and "-all", that's contradictory.  Dash means hard fail explicit requirement, and "~", signifies soft fail. For more info, What is Sender Policy Framework, and How to Setup SPF Record?  IF anything, the IP listed in the SPF is not matching network the message originating from.

@dneph.com does not designate xx.xx.213.17 as permitted sender.

https://www.kitterman.com/spf/validate.html

The TXT records found for your domain are:

hgn2a109hoonp72i0f3sb1hsjq

google-site-verification=vEk1BfXexBC1Pyah_n_5hnjdznvEecNugVmlN_PJ4Xg

v=spf1 include:_spf.google.com ~all

google-site-verification=CgLkUNLvQ6_GWDSutHRX5sGj4h5UQGcLJRJZb9YpRNw

v=spf1 ip4:50.84.233.162 a:zixvpm.dneph.com -all

@srickar​ can you add @general-trading.com to the whitelist?

Thank you

@srickar

Can you direct me on how to get this issue with messages that are sent to xxxxxxxxx@tmomail.net from our EXCHANGE MAIL servers blocked.

Currently when when page our Physicians from our ??@DNEPH.COM mailbox the messages are being rejected by tmobile mail server.

Hi srickar, same here if you can help.

Thank you

Userlevel 3
Badge +3

PM sent.

Hello @srickar

It looks like you are the one to talk to for these 550 errors.

I too have a particular person (my boss) that is unable to send me email to text messages due to being blocked.

I have requested a follow and awaiting approval.

Please let me know what information you may need so that we can resolve this.

Thank you!

WOW!!  Didn't realize all this tech is out there - FOR FREE!.  

I am no longer active enough (business) to take advantage of most of it - but some will be useful.

Userlevel 3
Badge +3

Hi @miket

Not sure if you are experiencing an issue or just making a general comment. But yes, sending email to mobile is good option. You may not be aware, but T-Mobile also offers a laptop based texting software called DIGITs. You can login to a webpage or download the software. It allows you to make/receive calls/texts and type from keyboard to same recipients synced with your phone.  you can access it here T-Mobile DIGITS

This explains how DIGITs functions and the various uses.

T-Mobile DIGITS | DIGITS Rate Plan | Stay Connected Anytime, Anywhere

Also with most phone devices, you can already choose Siri or "OK Google" to trigger the assistant to send a text using voice commands.

I just started sending text from laptop to people rather than phone, if I can.  (I have a hand tremor that makes "typing" text hard.)  Dictation to phone only works some of the time.   No problems so far.

  I might be wrong - it would appear text can be handled/processed via TM or Google.  (I have a Pixel phone.)

Userlevel 3
Badge +3

Hi @bpi240

I reviewed messages from ritchfieldpd.us and 99% from that domain are passing from individual users without issue. However, messages specifically from dispatch are failing to "malformed", which means the SMTP server connection is failing during the "handshake" process. There's not enough info to determine why it failed because the connection attempt was aborted mid-connection. Whitelisting wouldnt help in this matter and we don't whitelist external sources regardless.

Usually this is related to SMTP server configuration. Can you please recheck server config? Thanks.

Srickar,

We are now getting a different message after making some changes. Is it possible to be whitelisted?

mx196.us-east-2a.ess.aws.cudaops.com rejected your message to the following email addresses:

330XXXXXXX@tmomail.net

Your message couldn't be delivered and there was no valid enhanced status code being issued by the remote mail system to determine the exact cause, status: '550 permanent failure for one or more recipients (330XXXXXXX@tmomail.net:blocked)'.

mx196.us-east-2a.ess.aws.cudaops.com gave this error:

permanent failure for one or more recipients (330XXXXXXX@tmomail.net:blocked)

Diagnostic information for administrators:

Generating server: VOR-EX1.VOR.LOCAL

Total retry attempts: 1

330XXXXXXX@tmomail.net

mx196.us-east-2a.ess.aws.cudaops.com

Remote Server returned '550 permanent failure for one or more recipients (330XXXXXXX@tmomail.net:blocked)'

Original message headers:

Received: from richfieldpd.us (192.168.20.122) by VOR-EX1.VOR.LOCAL

(192.168.20.128) with Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1779.2; Thu, 19

Sep 2019 15:12:50 -0400

MIME-Version: 1.0

Date: Thu, 19 Sep 2019 15:12:50 -0400

Message-ID: <926B5C0BBDC8A0BAC91794F4188346B4151BD05B@VOR0UTIL>

Content-Type: text/plain

Content-Transfer-Encoding: 7bit

X-Priority: 3 (Normal)

Received: from localhost (localhost[127.0.0.1]) by richfieldpd.us (PageGate) with SMTP id 1909191512500 for <330XXXXXXX@tmomail.net>; Thu, 19 Sep 2019 19:12:50 +0000

X-Mailer: PageGate Server 8.1

From: <dispatch@richfieldpd.us>

To: <330XXXXXXX@tmomail.net>

Subject:

Return-Path: dispatch@richfieldpd.us

X-Originating-IP: [192.168.20.122]

X-ClientProxiedBy: VOR-EX1.VOR.LOCAL (192.168.20.128) To VOR-EX1.VOR.LOCAL

(192.168.20.128)

Userlevel 3
Badge +3

Carehere is sending survey links ending with .us/ in the message body. Unfortunately, .us/ TLD domains are in high use by spamming entities so many of the spamming engines are triggering similar message content (see examples below). Please find an alternate method to send survey material.  Please note this type of commercial automation traffic should ideally route through a sanctioned subscription based shortcode provider and not through text based email. Surveys should comply with opt-in and other TCPA related topics. https://api.ctia.org/wp-content/uploads/2019/07/190719-CTIA-Messaging-Principles-and-Best-Practices-FINAL.pdf

Commercial Mobile Radio Address email (CMRS) is a highly restricted FCC domain.

https://transition.fcc.gov/cgb/policy/DomainNameDownload.html


Hello @srickar

We are unable to send email to text to any T-Mobile users that contain a shortened URL for a follow-up survey after an appointment.  This was working previously, but started being blocked about 2 weeks ago.  We use Mailgun.org to send the email-to-text that contain a shortened URL.  We have appropriate SPF records in place for Mailgun as well as the sending mail server.  Texts without the shortened URL arrive without issue, so it seems the URL is the problem.  Here's the response we get from the Mailgun logs.  Please message me for more detail if needed.  Thank you!

{

       "code": 550,

        "message": "permanent failure for one or more recipients (615XXXXXXX@tmomail.net:blocked)",

        "certificate-verified": true

    },

    "recipient-domain": "tmomail.net",

    "event": "failed",

    "campaigns": [],

    "reason": "blacklisted",

    "user-variables": {},

    "flags": {

        "is-routed": false,

        "is-authenticated": true,

        "is-system-test": false,

        "is-test-mode": false

    },

    "log-level": "error",

   "timestamp": 19 Sep 2019 12:41:24 -0500

    "envelope": {

        "transport": "smtp",

        "sender": "XXXXXXX@carehere.com",

        "sending-ip": "198.61.XXX.XX",

        "targets": "615XXXXXXX@tmomail.net"

    },

    "message": {

        "headers": {

            "to": "615XXXXXXX@tmomail.net,",

                  "from": "XXXXXXX@carehere.com",

            "subject": "How was your health center visit?"

Userlevel 3
Badge +3

Not entire domain is rejected, just messages from dispatch. Please check with your CAD provider because messages are prematurely disconnecting and the rejecting code is MALFORMED message format during the handshake process.

Reply