554 5.7.1 Matched map: SENDER_FROM_BLACKLIST

#1

I received a message from a customer with email address spam793b@yahoo:com (weird, I know). That said they got this response when trying to send an email to my company:

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed

development@rnkinnovations:com
(ultimately generated from customer_care@youcustomizeit:com)
host filtergroup:mxrelay:co [149.28.56.236]
SMTP error from remote mail server after end of data:
554 5.7.1 Matched map: SENDER_FROM_BLACKLIST
customer_care@rnkinnovations:com
(ultimately generated from customer_care@youcustomizeit:com)
host filtergroup:mxrelay:co [149.28.56.236]
SMTP error from remote mail server after end of data:
554 5.7.1 Matched map: SENDER_FROM_BLACKLIST

Any idea what could be causing this? I have looked and rnkinnovations, youcustomizeit, filtergroup:mxrelay:co, and 149.28.56.236 do not seem to be on blacklists anywhere…

Note: I had to replace all dots in domain names with colons because “Sorry, new users can only put 2 links in a post.”

Catch-all email
#2

Apologies for the brutal error. On my to-do list is to make that error more clear.

The reason for this error is that another error would have come instead of it, if I didn’t block the outbound email. It is in fact me who has blocked outbound email where yahoo.com exists in the From header. The error that would have come in it’s place would have been a DMARC failure, and would have counted against our IP reputation with Google and other major services. Google, along with a growing list of other major email services, no longer accept forwarded email from domains that specify reject in their DMARC record, and for that reason we’ve stopped them from sending to their server so that they cannot count it as a mark against us for no benefit (since they won’t be delivering it anyway). Yahoo is among those who specify reject in their DMARC record, and therefore Google will reject forwarded email that originated from Yahoo.

It will be important to note that while I will do everything in my power to ensure consistent and functional email forwarding to external services, those other services generally do not care and will actively prevent this in ways like I’ve described here.

If you’re interested in a more detailed explanation, I’ve written one up here:
https://blog.mxroute.com/2019/06/google-does-not-respect-srs-do-not-forward-email-to-google

Note that we do use SRS, which is the accepted standard for forwarding email in the post-SPF world. Google, however, has not accepted the standard and shows no interest in long term viability of being the recipient of forwarded emails. The best solution they offer to this will be importing emails over POP3: https://support.google.com/mail/answer/21289

Incoming Emails Blackballed
#6

So the good news is that if you set up forwarding AND pop3 import in Google/Gmail/GSuite it is smart enough to not create duplicates, and you do get all the emails, even those pesky Yahoo ones…

…the bad news is that in this setup the yahoo user still gets that “brutal” error message, even though the email was able to be delivered (albeit in a roundabout way). Is there any way (like a checkbox in settings) to have these redirects “silently fail”, because there is a backup system in place?

1 Like
#3

Is it possible to have forwarding AND pop3 import into Google (we are using G Suite)? Will it create duplicates? The reason I am hesitant to use the pop3 import by itself is that I read that Google only imports from pop3 accounts once an hour which would cause all sorts of lag hell around here.

#4

I suspect it would create duplicates but I couldn’t say for sure.

#7

I’ll let it sit in my mind as I continually work on improvements, but in the short term I’ll just let you know that I don’t think an open source MTA will be capable of such complexity at that level. The two necessary pieces, SMTP and POP, aren’t actually connected to each other in any way.

#8

I completely understand. I was not expecting the system to automatically detect when this crazy setup is being used. I was just wondering if there was a way to tell the forwarding system (ideally on specific addresses) to not throw the error. I figured it would have some sort of big red warning next to it that says “By enabling this error suppression I understand that email delivery will silently fail and give no warning to the sender”

1 Like
#9

Message adjusted for clarity.

#5

Not ideal at all, but Gmail help suggests that you can click the ‘refresh’ icon and it will poll immediately for new mail.