Solved

E-mail to SMS being blocked due to suspected SPAM



Show first post
This topic has been closed for comments

238 replies

I just tried from my email, but I am not the one who normally sends them out. Mine seems to have gone though. I will have our office admin, who normally does send them out, try in the morning, and I will report back to you then. Thank you!

Userlevel 3
Badge +4

I made some adjustments to the filtering, can you please retest?

Hi,  We just this afternoon started seeing blocked messages.  We've used the smtp gateway for about a decade I think to send notifications to customers. 

We don't send any links in the message and its just text.   The emails come from info@drivebuytech.com.  These are notifications of interest in a particular property.

here's a rejection we just got.

                  The mail system

<512xxxxxxx@tmomail.net>: host

    d79033a.ess.barracudanetworks.com[209.222.82.141] said: 550 permanent

    failure for one or more recipients (512xxxxxxx@tmomail.net:554 rejecting

    banned content) (in reply to end of DATA command)

---------- Forwarded message ----------

From: info@drivebuytech.com

To: 512xxxxxxx@tmomail.net

Cc:

Bcc:

Date: Thu, 22 Aug 2019 16:13:39 -0500 (CDT)

Subject:

Lead: 512-xxx-xxxx just view property 123 main

Is there something we can do to get whitelisted?

Thanks for your help.   I can be reached us directly at support@drivebuysupport.com or 877-848-4045

@srickar

In the mean time is there anything that can be done, on our end, or on our employees' end?

Userlevel 3
Badge +4

@joshlofties

Apologies, but this one is due to a specific block in message header pertaining to HTML code that is matching information contained in your data. An example of that would be shared email domains, IPs, or other mailer characteristics. Sorry for being vague, but I cannot give specifics at this time and it will remain blocked indefinitely until an outbreak issue has passed.

I am having a similar problem.   degemmill . com  is our domain,

Thank you!

EDIT:  We use this to send out start times for our crews (about 35 employees), so the messages are short, but are essentially the same message where only the time and day of the week change. only carrier that we have run into a problem with so far is t-mobile.

Userlevel 3
Badge +4

It appears that a national organization should actually be using a better broadcast method that you're likely familiar with and that would be shortcode subscription services. Similar to whitelisting, shortcode traffic is two-factor, trusted entity, and sent through approved operators that maintain legal compliance with self opt-in laws. https://gleantap.com/8-text-opt-in-best-practices-with-examples/

Sorry, I cannot whitelist for several reasons because this is a shared open-to-all public SMTP service, we must enable stringent protections in place to protect subscribers from spam entities. This service is known as MM3 messaging routing through MMSC servers open to parties external to operator traffic. Wireless recipients are a top spam target because recipients contain predictive recipient address structure and most lines are capable of receiving content. Whitelisting is associated to very specific email domains that interact with a much smaller segment of trusted parties.

Shared SMTP services between organizations means that not all sources perform best practices for IT mail security.

Whitelisting domains bypasses all routine message checks for attachments, malware, spyware, links, SMTP flooding, etc. Whitelisting then places me in a full time role of managing whitelist requests that we are not setup to handle as organizations change or expand their SMTP configurations.

Last time I whitelisted a large corporation, which insisted they had every anti-spam protection in their outbound SMTP email. The very next day, I cannot make this up, they were compromised by a malware infection and all compromised email accounts were simultaneously spamming T-Mobile with no scanning protection. Therefore, I no longer implicitly trust external SMTP sources.

Several operators are choosing to shutter this service due to the growth of alternative shortcode and external email favorability. The consensus so far that I've met with my design counterparts, that we will continue providing this service but I do admit the spam volume can be challenging.

MM3 email was intended for casual P2P (person to person) use and was not intended for mass broadcast distribution (A2P). If organizations wish to send broadcast material, the recommendation has always been shortcode subscription based service providers to fully comply with 1993 TCPA and FCC requirements. We abide by CTIA messaging standards (see section 5.1), https://api.ctia.org/wp-content/uploads/2019/07/190719-CTIA-Messaging-Principles-and-Best-Practices-FINAL.pdf

Additionally, MM3 email also falls under 1993 FCC rules about Commercial Mobile Radio Service (CMRS) email domains. These domains are supposed to be highly restricted do-not-contact. Email senders should still adhere to these rules. FCC has a published DNC rule about contacting subscribers through wireless provider email structure: Domain Name Downloads | Federal Communications Commission

Twilio, for example, is a shortcode provider and they have guidance on why TCPA compliance is important. https://support.twilio.com/hc/en-us/articles/223134707-Industry-Standards-for-opt-ins-for-US-Short-Codes . I cannot make a recommendation on shortcode provider selection.

Sorry to segway off into background here, but I wanted to ensure you see the full picture and why shortcode is considered a trusted/whitelist source in compliance with broadcast traffic.

Let me know if you have any questions.

So with some more testing from the client/church it's definitely a content filter flagging it because eventually we could get a test to go through after modifying the message but it was very particular and blocked most of them.  We've seen this across a number of churches and each message can vary of course.  Would it be possible to whitelist @churchteams.com messages?  If you were able to whitelist @churchteams.com would that loosen the spam content flagging or would that still apply even with a whitelisting?  Just wanting to see if there is a potential solution that is broader than just changing the content of a single message.

Thanks for your help!

Userlevel 3
Badge +4

It's blocking because the url is inserted in the subject which is a red flag. Plus the section of the url has ".shop" which is a direct match to a spam entity flooding with that TLD domain.

Please insert the url in message body. Thanks.

Sent from my T-Mobile 4G LTE Device

Hi, Same problem for urgent work notifications - bounced with a 550 error. Bouncing is sporadic but can't miss any of these alerts. Suspecting it's because the mail is originally from AWS and sent to tmomail via gmail. Here's the header of a bounced message:

Return-Path: <xxxxxx.alert@gmail.com>
Received: from ip-172-31-3-255.us-west-2.compute.internal (ec2-35-166-148-119.us-west-2.compute.amazonaws.com. [35.166.148.119])
        by smtp.gmail.com with ESMTPSA id g14sm24661727pfo.41.2019.08.21.14.04.53
        for <xxxxxxxxxx@tmomail.net>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Wed, 21 Aug 2019 14:04:53 -0700 (PDT)
Received: by ip-172-31-3-255.us-west-2.compute.internal (Postfix, from userid 33)
    id C583D2290D; Wed, 21 Aug 2019 21:35:33 +0000 (UTC)
To: xxxxxxxxxx@tmomail.net
Subject: TRUESD-14: https://www.xxxxxxx.com/shop/automotiv
X-PHP-Originating-Script: 0:mailtotext.php
From: xxxxxx.alert@gmail.com
Reply-To: xxxxxx.alert@gmail.com
X-Mailer: PHP/5.5.9-1ubuntu4.27
Message-Id: <20190821213533.C583D2290D@ip-172-31-3-255.us-west-2.compute.internal>
Date: Wed, 21 Aug 2019 21:35:33 +0000 (UTC)

Okay thanks as that's very helpful and I'll do some more research and

testing on my end!

Userlevel 3
Badge +4

@mcteams

I want to clarify the anti-spam is flagging some of these messages  because the sending address and the "reply to me separately here" address are not the same, which is another red flag. The consensus on anti-spam flagging is "you've already emailed me from X source, so why do I need to then reply to yet another reply destination". Spammers use this tactic. If it's an email, why must I contact you elsewhere. Does that help? Thanks.

Userlevel 3
Badge +4

Hi @mcteams

Some messages are failing because the message body contains a request to "email me xx@xx.org", and also a link to instagram.

It's getting flagged because its a brief message body asking to email and to click a link which is characteristic of spam. Messages sent later today are passing. When crafting messages, perform a test before sending out - but it would be best to refrain from inserting items in message body that encourage replying and contacting - which is exact familiarity to what spamming entities demand. Anti-spam filtering is not a perfect science, but if flagged, require some adjustment.

Hi,

We have an application that churches use to communicate with people in their church.  They can send text message for things like volunteer scheduling requests and reminders and weather related cancellations etc.  The email is coming from @churchteams.com and we have a great email reputation and use SPF, DKIM and other email best practices and our E-mail to SMS messages to other carriers are going through fine but T-Mobile users are not getting them as it seems our @churchteams.com domain is blocked.  Below is an example of the returned message (with the person's phone number removed so it's not posted on the forum).  This is happening to multiple churches since they are sending from the @churchteams.com domain name and so I'm hoping to get @churchteams.com whitelisted as others have in this forum so let me know how to proceed or if you need more information etc.

Bounced

550 permanent failure for one or more recipients (xxxxxxxxxx@tmomail.net:blocked)

2019-08-19 3:30:08 PM

Thanks so much for your help!

Mark

Hello,

I am having problems with an email address associated with automation system at work.

Please friend request me

thank you

Userlevel 3
Badge +4

Hi @magenta9532622

I checked and see the SPF DNS has been updated to include google in addition to the initial ISP. I also see a passing message.

Can you confirm if the issue is resolved?

SPF records are published in DNS as TXT records.

The TXT records found for your domain are:

v=spf1 include:sendgrid.net include:_spf.google.com ~all

MS=ms77576903

Userlevel 3
Badge +4

As stated previously and from checking the domain, the underlying cause is Sender Policy Framework. Your DNS administrator has specifically restricted the domain to very specific list of IP's allowed to send on behalf of your domain.

@enigmasoftware.com does not designate 209.85.166.47 as permitted sender

That IP belongs to Gmail/Google Mail.

Please visit https://www.kitterman.com/spf/validate.html  and insert enigmasoftware.com in the search box. The SPF record as published does not permit 209.85.166.47 as an authorized IP source to send on behalf of the domain. And the reason that is, is because a Gmail user (which appears to be what is being used here), cannot manipulate the outgoing reply-to envelope to display as enigmasoftware.com (That is forgery). The reply-to envelope is checked against SPF DNS, and when a record is published restricting such action, it is honored.

Received: from mail-io1-f47.google.com (mail-io1-f47.google.com [209.85.166.47])

Srickar,We checked all the policy and they are all working.  SPF on the outgoing server is valid.We can send email/SMS everyone except to all t-mobile SMS, email to AT&T SMS and Verizon SMS work fine.  Only t-mobile does not work.Also we can email to anyone including support people from "xxxxxxx@t-mobile.com" the problem is just with "xxxxxxxxx@tmomail.net"

@tmomail.net is blocking our domain "@enigmasoftware.com"  Can you please have someone higher in the support chain to unblock us.

Our problem is exactly the same as https://support.t-mobile.com/thread/144851t-mobile was able to unblock the person in the above link, we just need t-mobile to do the same to unblock "@enigmasoftware.com"

This is the response from tmomail.net"550 permanent failure for one or more recipients (6463796888@tmomail.net:blocked) "

Thanks,Kok Leung.

On Monday, August 5, 2019, 04:57:44 PM EDT, srickar <no-reply@t-mobile.com> wrote:

#yiv0340212121 * #yiv0340212121 a #yiv0340212121 body {font-family:Helvetica, Arial, sans-serif;}#yiv0340212121 #yiv0340212121 h1, #yiv0340212121 h2, #yiv0340212121 h3, #yiv0340212121 h4, #yiv0340212121 h5, #yiv0340212121 h6, #yiv0340212121 p, #yiv0340212121 hr {}#yiv0340212121 .yiv0340212121button td {}

|

T-Mobile Support

|

E-mail to SMS being blocked due to suspected SPAM

reply from srickar in Network & coverage - View the full discussion

I sent you a follow request. Please review all SMTP rejection errors for clues on reason. SPF Sender Policy Framework is the most common.

Reply to this message by replying to this email, or go to the message on T-Mobile Support

Start a new discussion in Network & coverage by email or at T-Mobile Support

Following E-mail to SMS being blocked due to suspected SPAM in these streams: Inbox

This email was sent by T-Mobile Support because you are a registered user.

You may unsubscribe instantly from T-Mobile Support, or adjust email frequency in your email preferences

Userlevel 3
Badge +4

I sent you a follow request. Please review all SMTP rejection errors for clues on reason. SPF Sender Policy Framework is the most common.

@srickar​ I am having the same problem, can you please help me too.

I have open many ticket with support but they keep closing the ticket without notifying me.

One of the ticket # is 24180443 and another one was 22811627.

Userlevel 3
Badge +4

You got it! I sent you a follow request.

Hello,

I am having the same issue as others where my email forward from Gmail to tmomail is being blocked. I requested to follow you so you can help me get whitelisted on the sms gateway.

Please let me know once we can proceed via PM.

Thanks!

I did approve the connection and it says we are connected. I did attempt to send you two messages, which it said sent.

-Bryan

Userlevel 3
Badge +4

Not sure if this is a bug. From my view, it says "waiting approval" from you to accept my connection. Make sure its the message connection.

Although that error is present, you can try and continue to submit the message as messages will sometimes send anyway.

Still unable to send.