Menu
Reply
PaulS52
  • 8
  • 0
  • 0
Joining in
434 Views
Message 1 of 17
Flag for a moderator

Long Email Delays

I am working for a small Theatre and installing a new Membership system into the website which is hosted by Siteground. I have been testing the system constantly for the past couple of weeks whilst I get everything correct. On importing the membership data a system email is generated which will send the log in details to each user. I use a number of my own VM email addresses to receive these test emails. All was fine but now emails are taking two and three days to reach me which is really unhelpful when I want to go live soon. I have been in touch with VM by phone but they don't seem to understand the problem. Checking the headers I find that there is a delay in each case at the same point in the chain:

Received: from delivery.mailspamprotection.com ([146.66.121.66])

                by mx3.tb.ukmail.iss.as9143.net with ESMTP

                id tfU3lfnuZMky7tfU5lXd0T; Thu, 17 Jun 2021 02:02:14 +0200   (Time = Thurs 17th June 00.02 GMT)

X-Env-Mailfrom: info@XXXXXXXXX.com

X-Env-Rcptto: XXXXXXXXX@virginmedia.com

X-SourceIP: 146.66.121.66

X-CNFS-Analysis: v=2.4 cv=caaxElPM c=1 sm=1 tr=0 ts=60ca9106 cx=a_exe:a_idp_d

 a=07HilNgWergojh2UEgpP7A==:117 a=tKXJdrSNXfb9jMRnb4uIPA==:17

 a=dLZJa+xiwSxG16/P+YVxDGlgEgI=:19 a=RnOCiYJcZOYA:10 a=IkcTkHD0fZMA:10

 a=MuaeFusq_UQA:10 a=r6YtysWOX24A:10 a=gFCMQrKxAAAA:8 a=NcN59idvAAAA:8

 a=a5D3KzL8MRdiyIzNvhwA:9 a=QEXdDO2ut3YA:10 a=nSuHwNgq34ZYEDmdj6kC:22

Received: from 95.67.214.35.(IP=Rostelcom Russia) bc.googleusercontent.com ([35.214.67.95] (IP=Google Cloud) helo=uk16.siteground.eu)

                by se22.mailspamprotection.com with esmtps (TLSv1.2:AES128-GCM-SHA256:128)

                (Exim 4.92)

                (envelope-from <info@XXXXXXXX.com>)

                id 1lt9xu-0005gr-MY

                for PRXXXXXXXX@virginmedia.com; Tue, 15 Jun 2021 09:23:00 -0500     (Time =14.23 GMT) 

I am thinking that I am being picked up as a spammer. How do I resolve this please.

Thank you

Paul

0 Kudos
Reply
John_GS
  • 9.19K
  • 494
  • 831
Forum Team
Forum Team
371 Views
Message 2 of 17
Flag for a moderator
Helpful Answer

Re: Long Email Delays

Hi Paul,

 

Thanks for posting. My apologies for the email issue.

 

Please use this link which should help further

 

Best,

John_GS
Forum Team

Need a helpful hand to show you how to make a payment? Check out our guide - "How to pay my Virgin Media bill"

0 Kudos
Reply
PaulS52
  • 8
  • 0
  • 0
Joining in
365 Views
Message 3 of 17
Flag for a moderator

Re: Long Email Delays

Thank you John. I will check that out.

0 Kudos
Reply
Graham_A
  • 16.54K
  • 2.32K
  • 7.07K
Very Insightful Person
Very Insightful Person
364 Views
Message 4 of 17
Flag for a moderator
Helpful Answer

Re: Long Email Delays

@PaulS52 

A website that I am involved with has recently been moved to being hosted by Siteground.  Since then email alerts from the site are often delayed anything from a few minutes to a day. These are going to a Gmail address not a VM one.

Looking at the headers the issue seems to be down to the lack of detailed SPF and dmarc records by Siteground.

So I don't think that this is a VM issue directly.

________________________________
Graham

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media, I'm a VM customer. There are no guarantees that my advice will work. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos
Reply
PaulS52
  • 8
  • 0
  • 0
Joining in
357 Views
Message 5 of 17
Flag for a moderator

Re: Long Email Delays

Hi Graham....It gets quite complicated as the website is on SiteGround  but we migrated the emails to Google as we use Google Workspace and by having the domain name the same on SG and Google was a pain so we decided to migrate the emails to Google. Since posting, I found a better means of interpreting the header and it seems that, as you say, our dmarc and SPF records are not detailed enough and I have to agree that it may not be a VM issue. 

Thanks for the advice....much appreciated

0 Kudos
Reply
ravenstar68
  • 19.4K
  • 1.14K
  • 8.46K
Very Insightful Person
Very Insightful Person
351 Views
Message 6 of 17
Flag for a moderator

Re: Long Email Delays

Are you able to let me see your domain name only?

Tim

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos
Reply
ravenstar68
  • 19.4K
  • 1.14K
  • 8.46K
Very Insightful Person
Very Insightful Person
339 Views
Message 7 of 17
Flag for a moderator

Re: Long Email Delays

I'm trying to understand why @John_GS has referred the OP to a link discussing Spamhaus' CSS

The IP of concern here is the one delivering the mail to VM's mail exchanger, i.e. 146.66.121.66

Checking here: http://www.anti-abuse.org/multi-rbl-check-results/?host=146.66.121.66

Shows that the IP address is not on any blacklists, including the CSS.

Tim

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos
Reply
PaulS52
  • 8
  • 0
  • 0
Joining in
319 Views
Message 8 of 17
Flag for a moderator

Re: Long Email Delays

PaulS52_0-1624043995546.png

Seems we are blacklisted at mailspamprotection 

0 Kudos
Reply
ravenstar68
  • 19.4K
  • 1.14K
  • 8.46K
Very Insightful Person
Very Insightful Person
311 Views
Message 9 of 17
Flag for a moderator

Re: Long Email Delays

You're reading that wrong.  The server 146.66.121.66 is delivery.mailspamprotection.com.

It's actually blacklisted on Backscatterer.  Meaning that it has a habit of bouncing emails to innocent addresses.  It's not listed anywhere else.

Graham's just shared some headers with me, and basically it's a mess.

The return-path domain does not match the From: domain, meaning an automatic SPF fail as far as DMARC is concerned, and although the mails appear to carry a DKIM signature, the signature itself is useless as it does not contain a valid domain, let alone a domain that matches the From: address.

Tim

 

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos
Reply
ravenstar68
  • 19.4K
  • 1.14K
  • 8.46K
Very Insightful Person
Very Insightful Person
303 Views
Message 10 of 17
Flag for a moderator

Re: Long Email Delays

Here's the DKIM header from Graham's mail.  There's no sensitive information here otherwise I'd have redacted it.

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=signing.refused; s=default; h=Content-Type:MIME-Version:Message-ID:From: Date:Subject:To:Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=XUmS25OF4bD1n46iwxwpFKmYL6xnBJbSNSnZWAmuk8A=; b=ETE1l9yw4yPWzfTmsYH/V7cUXD dKUj8Ck4ftlnx5zl3ssKu388Wshw6KOraR941U6bzVBpARpzjofzGkNl7nK4XWctXIhap3YYvjJ4d No5iTTgiqcsXYsYogfj8tF7nILM/McXJ4UCZhe+skknzQg2Xhuk33wHSXzEt2ZP2Z66k=;

The header signs the mail with a signature from the domain in the d= part of the header and the s=specifies the specific key used to sign the mail

so here we see

d=signing.refused
s=default

Now the mail server would normally use the d and s values to retrieve the public key needed to verify the signature.

For example in a blueyonder email we see

d=blueyonder.co.uk
s=meg.feb2017

So the public key needed to verify this signature can be found at

meg.feb2017._domainkey.blueyonder.co.uk

If we use nslookup in this instance:

C:\Users\timdu>nslookup -type=txt meg.feb2017._domainkey.blueyonder.co.uk
Server: 127.0.0.1
Address: 127.0.0.1#53

Non-authoritative answer:
meg.feb2017._domainkey.blueyonder.co.uk text = "k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSCHM+9eWJtnFNtDNf7d0sp+TK9cXvPleHh6mnIgz+cDnTvs98wuBkrn2r72whBJMz7MGaZMOVQMnQ5qKANKPnOU82FYH36ybL7T8UiscdT+3SWmcyHH/YyFbfvJ/Iqb2Mp6pl+Oi9QP+SKZ19w7WUQ9Tq3K4zkZisXH6y4SC94lgZRv8qcz6/OcN9JQYC6dyA0JXRMkm" "JF9SmaoDbCEEI93E1eDUoaqMSUyQMrULwhWbHSNLF/gH0jJ7JK77IE4lTmJR0pZgosPA6NWBl8piCwfa45TU6rCBBOXZWCspBV0Ibk7JiuFU8MLbbehOlBqA+3MP+NkVzQtpjsqZmMdCQIDAQAB"

Now because siteground is using a non-existent domain in the d= value, the DKIM signature is useless.  I wouldn't be surprised if that's causing issues here.

Tim

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos
Reply