Solved

E-mail to SMS being blocked due to suspected SPAM



Show first post

234 replies

Hi, our SMTP line where our message is being blocked: 2019-09-02T01:17:10.118Z,SMTP,08D6F99962F9C532,23,192.168.0.xxx:13683,xxx.xxx.xxx.xxx:25,<,550 permanent failure for one or more recipients (806xxxxxxx@tmomail.net:blocked), can you help us get unblocked? Thanks!

Hello @srickar,

I've sent you follow request and was hoping you could help me out as well. Is there anyway you can whitelist the domain @tcgplayer.com from my number (2672394182@tmomail.net)?

This is very important as I need every single email from that domain to my phone.

Many thanks,

Ly

Thank you so much! Will do first thing tomorrow morning!

I'm not sure I understand. Do you also have the ability to do whitelisting? My message was directed to @srickar​, but you responded.

Userlevel 3
Badge +3

Hi @lyx91 Send me a PM and I can review the block reason.

Hi srickar, I am unable to send you a PM. There is an “!” next to your name. Thanks!

Hi @srickar​,

Just like @mangortx​, I am also unable to send you a PM.

Generating server: SN1NAM02HT134.mail.protection.outlook.com

mx120.us-east-2a.ess.aws.cudaops.com
Remote Server returned '550 5.7.350 Remote server returned message detected as spam -> 550 permanent failure for one or more recipients

Thank you,

Ly

Userlevel 3
Badge +3

Hi Lyx91, I sent you a PM with details. In future, please dont post any personal numbers or domains.

We are unable to email t-mobile phone numbers via email to text.  Here is the message:

This is an SMTP server at asp.reflexion.net

We are unable to email t-mobile phone numbers via email to text.  Here is the message:

This is an SMTP server at asp.reflexion.net

Your message could not be delivered to the following address: <XXXXXXXXXX@tmomail.net>

(Unified Log Code: 59869849358, 0001)

from <emailaddress@richfieldpd.us>

to <XXXXXXXXXX@tmomail.net>

d79033a.ess.barracudanetworks.com:209.222.82.162 failed after I sent the message. STARTTLS proto=TLSv1.2; cipher=ECDHE-RSA-AES256-GCM-SHA384.

Remote host said: 550 permanent failure for one or more recipients (XXXXXXXXXX@tmomail.net:blocked)

--- Below this line is a copy of the message.

Received: (qmail 10664 invoked from network); 26 Aug 2019 15:56:55 -0000

Received: from unknown (HELO rtc-sm-01.app.dca.reflexion.local) (10.81.150.1)

   by 0 (rfx-qmail) with SMTP; 26 Aug 2019 15:56:55 -0000

Received: by rtc-sm-01.app.dca.reflexion.local

         (Reflexion email security v9.26.0) with SMTP;

         Mon, 26 Aug 2019 11:56:55 -0400 (EDT)

Received: (qmail 16810 invoked from network); 26 Aug 2019 15:56:54 -0000

Received: from unknown (HELO mail.richfieldpd.us) (XXX.XXX.XXX.XXX)

   by 0 (rfx-qmail) with (AES256-GCM-SHA384 encrypted) SMTP; 26 Aug 2019 15:56:54 -0000

Received: from richfieldpd.us (XXX.XXX.XXX.XXX) by VOR-EX1.VOR.LOCAL

  (XXX.XXX.XXX.XXX) with Microsoft SMTP Server (version=TLS1_2,

  cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1779.2; Mon, 26

  Aug 2019 11:56:52 -0400

MIME-Version: 1.0

Date: Mon, 26 Aug 2019 11:56:52 -0400

Message-ID: <15A8BA9AB2842BE435FE87FBC06FDA5AAE659C5A@VOR0UTIL>

Content-Type: text/plain

Content-Transfer-Encoding: 7bit

X-Priority: 3 (Normal)

Received: from localhost (localhost[127.0.0.1]) by richfieldpd.us (PageGate) with SMTP id 2608191156520 for <XXXXXXXXXX@tmomail.net>; Mon, 26 Aug 2019 15:56:52 +0000

X-Mailer: PageGate Server 8.1

From: <emailaddress@richfieldpd.us>

To: <XXXXXXXXXX@tmomail.net>

Subject:

Return-Path: emailaddress@richfieldpd.us

X-Originating-IP: [XXX.XXX.XXX.XXX]

X-ClientProxiedBy: VOR-EX1.VOR.LOCAL (XXX.XXX.XXX.XXX) To VOR-EX1.VOR.LOCAL

  (XXX.XXX.XXX.XXX)

Userlevel 3
Badge +3

Not entire domain is rejected, just messages from dispatch. Please check with your CAD provider because messages are prematurely disconnecting and the rejecting code is MALFORMED message format during the handshake process.

Hello @srickar

We are unable to send email to text to any T-Mobile users that contain a shortened URL for a follow-up survey after an appointment.  This was working previously, but started being blocked about 2 weeks ago.  We use Mailgun.org to send the email-to-text that contain a shortened URL.  We have appropriate SPF records in place for Mailgun as well as the sending mail server.  Texts without the shortened URL arrive without issue, so it seems the URL is the problem.  Here's the response we get from the Mailgun logs.  Please message me for more detail if needed.  Thank you!

{

       "code": 550,

        "message": "permanent failure for one or more recipients (615XXXXXXX@tmomail.net:blocked)",

        "certificate-verified": true

    },

    "recipient-domain": "tmomail.net",

    "event": "failed",

    "campaigns": [],

    "reason": "blacklisted",

    "user-variables": {},

    "flags": {

        "is-routed": false,

        "is-authenticated": true,

        "is-system-test": false,

        "is-test-mode": false

    },

    "log-level": "error",

   "timestamp": 19 Sep 2019 12:41:24 -0500

    "envelope": {

        "transport": "smtp",

        "sender": "XXXXXXX@carehere.com",

        "sending-ip": "198.61.XXX.XX",

        "targets": "615XXXXXXX@tmomail.net"

    },

    "message": {

        "headers": {

            "to": "615XXXXXXX@tmomail.net,",

                  "from": "XXXXXXX@carehere.com",

            "subject": "How was your health center visit?"

Userlevel 3
Badge +3

Carehere is sending survey links ending with .us/ in the message body. Unfortunately, .us/ TLD domains are in high use by spamming entities so many of the spamming engines are triggering similar message content (see examples below). Please find an alternate method to send survey material.  Please note this type of commercial automation traffic should ideally route through a sanctioned subscription based shortcode provider and not through text based email. Surveys should comply with opt-in and other TCPA related topics. https://api.ctia.org/wp-content/uploads/2019/07/190719-CTIA-Messaging-Principles-and-Best-Practices-FINAL.pdf

Commercial Mobile Radio Address email (CMRS) is a highly restricted FCC domain.

https://transition.fcc.gov/cgb/policy/DomainNameDownload.html


Srickar,

We are now getting a different message after making some changes. Is it possible to be whitelisted?

mx196.us-east-2a.ess.aws.cudaops.com rejected your message to the following email addresses:

330XXXXXXX@tmomail.net

Your message couldn't be delivered and there was no valid enhanced status code being issued by the remote mail system to determine the exact cause, status: '550 permanent failure for one or more recipients (330XXXXXXX@tmomail.net:blocked)'.

mx196.us-east-2a.ess.aws.cudaops.com gave this error:

permanent failure for one or more recipients (330XXXXXXX@tmomail.net:blocked)

Diagnostic information for administrators:

Generating server: VOR-EX1.VOR.LOCAL

Total retry attempts: 1

330XXXXXXX@tmomail.net

mx196.us-east-2a.ess.aws.cudaops.com

Remote Server returned '550 permanent failure for one or more recipients (330XXXXXXX@tmomail.net:blocked)'

Original message headers:

Received: from richfieldpd.us (192.168.20.122) by VOR-EX1.VOR.LOCAL

(192.168.20.128) with Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1779.2; Thu, 19

Sep 2019 15:12:50 -0400

MIME-Version: 1.0

Date: Thu, 19 Sep 2019 15:12:50 -0400

Message-ID: <926B5C0BBDC8A0BAC91794F4188346B4151BD05B@VOR0UTIL>

Content-Type: text/plain

Content-Transfer-Encoding: 7bit

X-Priority: 3 (Normal)

Received: from localhost (localhost[127.0.0.1]) by richfieldpd.us (PageGate) with SMTP id 1909191512500 for <330XXXXXXX@tmomail.net>; Thu, 19 Sep 2019 19:12:50 +0000

X-Mailer: PageGate Server 8.1

From: <dispatch@richfieldpd.us>

To: <330XXXXXXX@tmomail.net>

Subject:

Return-Path: dispatch@richfieldpd.us

X-Originating-IP: [192.168.20.122]

X-ClientProxiedBy: VOR-EX1.VOR.LOCAL (192.168.20.128) To VOR-EX1.VOR.LOCAL

(192.168.20.128)

Userlevel 3
Badge +3

Hi @bpi240

I reviewed messages from ritchfieldpd.us and 99% from that domain are passing from individual users without issue. However, messages specifically from dispatch are failing to "malformed", which means the SMTP server connection is failing during the "handshake" process. There's not enough info to determine why it failed because the connection attempt was aborted mid-connection. Whitelisting wouldnt help in this matter and we don't whitelist external sources regardless.

Usually this is related to SMTP server configuration. Can you please recheck server config? Thanks.

I just started sending text from laptop to people rather than phone, if I can.  (I have a hand tremor that makes "typing" text hard.)  Dictation to phone only works some of the time.   No problems so far.

  I might be wrong - it would appear text can be handled/processed via TM or Google.  (I have a Pixel phone.)

Userlevel 3
Badge +3

Hi @miket

Not sure if you are experiencing an issue or just making a general comment. But yes, sending email to mobile is good option. You may not be aware, but T-Mobile also offers a laptop based texting software called DIGITs. You can login to a webpage or download the software. It allows you to make/receive calls/texts and type from keyboard to same recipients synced with your phone.  you can access it here T-Mobile DIGITS

This explains how DIGITs functions and the various uses.

T-Mobile DIGITS | DIGITS Rate Plan | Stay Connected Anytime, Anywhere

Also with most phone devices, you can already choose Siri or "OK Google" to trigger the assistant to send a text using voice commands.

WOW!!  Didn't realize all this tech is out there - FOR FREE!.  

I am no longer active enough (business) to take advantage of most of it - but some will be useful.

Hello @srickar

It looks like you are the one to talk to for these 550 errors.

I too have a particular person (my boss) that is unable to send me email to text messages due to being blocked.

I have requested a follow and awaiting approval.

Please let me know what information you may need so that we can resolve this.

Thank you!

Userlevel 3
Badge +3

PM sent.

Hi srickar, same here if you can help.

Thank you

@srickar

Can you direct me on how to get this issue with messages that are sent to xxxxxxxxx@tmomail.net from our EXCHANGE MAIL servers blocked.

Currently when when page our Physicians from our ??@DNEPH.COM mailbox the messages are being rejected by tmobile mail server.

@srickar​ can you add @general-trading.com to the whitelist?

Thank you

Userlevel 3
Badge +3

@livelovelaugh0276

Have you reached out to your IT team? Please inform your IT admin to correct the SPF DNS entry. SPF is a DNS policy setup by the domain owner that specifies what networks are authorized to send emails on behalf of the domain. The SPF entry has conflicting hard and soft fail entries explicitly allowing and denying certain network segments at the same time, so each time a message is sent, depending on which entry is queried first, the message is either accepted or denied. Cant have both "~all" and "-all", that's contradictory.  Dash means hard fail explicit requirement, and "~", signifies soft fail. For more info, What is Sender Policy Framework, and How to Setup SPF Record?  IF anything, the IP listed in the SPF is not matching network the message originating from.

@dneph.com does not designate xx.xx.213.17 as permitted sender.

https://www.kitterman.com/spf/validate.html

The TXT records found for your domain are:

hgn2a109hoonp72i0f3sb1hsjq

google-site-verification=vEk1BfXexBC1Pyah_n_5hnjdznvEecNugVmlN_PJ4Xg

v=spf1 include:_spf.google.com ~all

google-site-verification=CgLkUNLvQ6_GWDSutHRX5sGj4h5UQGcLJRJZb9YpRNw

v=spf1 ip4:50.84.233.162 a:zixvpm.dneph.com -all

Ok, I'll reach to our Managed Service IT group. So from your knowledge

there isn't any thing that TMobile needs to do in order to allow messages

to be sent to the 20-30 Physicians that use TMobile as their service

provider.

Userlevel 3
Badge +3

@gentrade

I blocked that yesterday because it was flooding our SMTP connections. This type of automation traffic should ideally be sent over a shortcode provider due to the characteristics of the message. This front end interface is not designed to accept that amount of traffic for an enterprise. Please see section 4.2 pertaining to enterprise traffic volume and why dedicated shortcode gateways are setup to handle this. https://api.ctia.org/wp-content/uploads/2019/07/190719-CTIA-Messaging-Principles-and-Best-Practices-FINAL.pdf

Even if I did not block, the messages were easily exceeding rate control connection limits which is generous. Also, the messages sent to each device was causing flooding to device delivery to the point devices couldnt acknowledge the messages fast enough.

Reply