MacInTouch Amazon link...

email issues and products

Channels
Security, Products
I am running into increasing problems with spam filters blocking email I send from my personal domain. I checked and see no sign that my domain has been blacklisted. This happens with both new and regularly correspondents, including some I have been working with on writing projects for years. It can happen with gmail or corporate servers, among others. I include a signature with the outgoing mail that includes a link to my personal domain, which is standard procedure for many businesses.

Is anybody else seeing this? One theory is that some spam filters may be programmed to block or assign a higher spam rating to emails that include links. Could some spam filters assign a higher spam rating to "unknown" servers? This is getting increasingly annoying in trying to run my business as a freelance writer.
 


Corporate spam filters (at least the ones I've seen) tend to insert header information for debugging and analyzing the filter's action.

If you can have one of your customers (that had a message blocked) forward you the blocked message (assuming a copy was retained in his spam folder), then you might be able to examine those headers to see what the reason is. Or you may have enough information to contact the company making the filtering software for advice on how to avoid getting caught in the filters.

It's really impossible to identify the cause without more information, but a few possibilities that spring to mind include:
  • If you are running your own mail server from your personal Internet connection, then your IP address is likely on several different "dial-up" lists. These track address blocks assigned to residential Internet service. The assumption is that residential customers should be sending mail via their ISP's servers and that mail coming directly from a residential address is likely to be spam from a computer infected with botnet software. Especially since most residential contracts prohibit running Internet servers of any kind.
  • Even if you're paying for a business account (which would permit servers), your ISP may be giving you an address in the "dial up" block, making it incorrectly trip the filter. If this is the case, your ISP may be able to assign you an address from a different block.
  • If you send mail via your ISP's mail server using your personal domain name as the source address, this can trip filters. Usually this is filtered by your ISP's server, not a spam-filtering service, but it wouldn't surprise me if some services check this as well.
  • Some mail providers that allow you to use their servers for other domains may require you to give them a list of the domains you will be using, in order to block any others. I think (don't completely remember) that Google's mail servers work like this.
  • Anti-spam filtering services have lots of configuration options, some of which are far too restrictive to be practical, but may be enabled by naïve administrators who think they're helping their users by enabling every available feature. They may include paranoid things like "block mail not coming from our own well-known whitelist of commercial mail servers".
  • If you are running mailing lists (even well-managed opt-in lists, which should never be a problem), some mail providers may flag you and complain until you jump through a few hoops to get approval. Especially if mailings go out to more than a few dozen recipients. I know of one organization that had to do a lot of pointless work in order to get Verizon's mail servers to play nice with their client mailing list. If you can, consider using a mailing list service (Yahoo Groups, Google Groups or pay for an account from Constant Contact or a similar service), which should help you avoid this mess.

Good luck and please keep us posted as you learn more.
 


Thanks. That's a very useful checklist. I have my site hosted by siteground, so everything goes from my home through Verizon in what I believe is a legitimate way and is routed through siteground's servers. I will have to go through this more carefully after I deal with current deadline pressure. What worries me most is the "paranoid things," because that's one way to interpret some false positives I'm seeing.
 


I am running into increasing problems with spam filters blocking email I send from my personal domain.
I use Cablevision/Optimum/Altice, and have found that my mail to AT&T users (including many Bells) bounces. The reason I dug up is that I am using my own server, not Optimum, to send mail, and that makes it bounce, but only with the one company crazy enough to do it that way. I have an alternate account for them with Fastmail, but I don't know why that works. Maybe I have an issue on my own server, which is locked down with DKIM, SPF, and DMARC, but I’m more willing to blame AT&T.

I’ve had this issue on ALL IP addresses for years and years... multiple servers. No idea how Fastmail gets it through.
 


All you need is one little quirk to make one Email server incompatible with another, and spam filtering offers many opportunities. I used to have a small firm host my web site that offered great personal service, but did something that was incompatible with the practices of a handful of other servers, so I could not receive email from one friend with whom I collaborated on a book. I had to use gmail for him and for some mailing lists which had their own quirks. WIth the new hosting firm, I don't see any obvious patterns -- sometimes people receive my mail, sometimes it gets caught in the spam filter.
 



Some of the issues with outgoing mail can be addressed by having your SMTP server use your ISP's SMTP server as a relay - then people "out there" see the mail being delivered by a "legitimate" source rather than as coming from some IP address that may not seem like it should have an SMTP server.

I have also had some positive results in configuring proper SPF records for the domains in question - though I once saw a statistic that junk mail actually had a higher rate of properly configured SPF records than non-junk mail. Proper SPF records may limit the use of your domains by bad actors as return addresses for their junk email.
 


Some of the issues with outgoing mail can be addressed by having your SMTP server use your ISP's SMTP server as a relay - then people "out there" see the mail being delivered by a "legitimate" source rather than as coming from some IP address that may not seem like it should have an SMTP server.
If your ISP allows this (they might not if the messages are from someone else's domain, like your personal one), then this is definitely the best approach.

In addition to avoiding any possible problems with "no servers on residential accounts" policies and "dial-up" address blocks, it also causes your ISP's servers to be inserted into the mail headers (as one or more "Received:" lines. This is useful when tracing messages for debugging/testing purposes.
 


I just updated SpamSieve, the email helper program that uses a Bayesian filter setup to remove junk messages very effectively. The 2.9.31 update release notes includes the following:
Updated the Requirements and Setting Up Postbox sections of the manual. Postbox 6 no longer supports plug-ins, so we recommend continuing to use Postbox 5 for the time being or using the Apple Mail drone setup in the background.
I'm sure that there must be some really really good security considerations that the Thunderbird/Mozilla team saw when they decided to pull support for plug-ins. (Not being sarcastic here—I understand how scary it can be to allow literally anyone to distribute plug-ins for an open source platform.)

But… accepting a Postbox 6 update means losing a number of useful utilities that sets this app apart from other email clients. Losing SpamSieve filtering, in particular, means going back to constant weeding of my inbox and loss of a filtering system that is currently 99.8% accurate in discerning junk from good messages. The kludgy "Apple Mail drone setup" is a definite "no, thank you" for me as well.
 
Last edited by a moderator:



Eudora fans, rejoice! Qualcomm has released the source code via the Computer History Museum:

https://medium.com/chmcore/the-eudora-email-client-source-code-940197e0618

They acknowledge the failures of the last attempts to make an Open Source Eudora. This time they're doing it a little differently. All the Eudora IP has been given to the CHM, which is releasing it under BSD license. So if someone wants to put some blood sweat and tears into it, they could get Eudora running on Mac again.
 


A quick look shows that Eudora was developed in CodeWarrior 6. There are many .rsrc ResEdit files.

I randomly opened two source files and saw many goto and return statements used instead of the more logical if-then-else construct. If the rest of the code has such poor programming practices it's easy to understand why Qualcomm didn't want to upgrade Eudora. I certainly wouldn't want to be burdened with reading and fixing such poor code.

I do sparingly use goto, return, and exit. There are times when they make the code more readable than using a proper logical structure. in my opinion neither file's statements were one of those cases.
 


Ric Ford

MacInTouch
Eudora fans, rejoice! Qualcomm has released the source code via the Computer History Museum:
https://medium.com/chmcore/the-eudora-email-client-source-code-940197e0618
They acknowledge the failures of the last attempts to make an Open Source Eudora. This time they're doing it a little differently. All the Eudora IP has been given to the CHM, which is releasing it under BSD license. So if someone wants to put some blood sweat and tears into it, they could get Eudora running on Mac again.
Thanks for posting this wonderful news. There's also a Eudora survey that I just filled out.
 


I don't know if anyone else is experiencing this, but I have been finding more and more that friends with Gmail addresses don't get my mail, and then later find that it has been sent to their spam folder.

This only happens with email sent to Gmail addresses. It also happens with my replies to friends with Gmail addresses, which should never happen, and seems to me to break a fundamental rule of spam labelling. In non-Gmail land, if person A sends an email to person B, and person B hits reply and sends a response, person A should be confident of receiving that reply.

There are instances of this happening even after a friend has rescued an email from spam and marked it as "not spam" – Google says Gmail learns from this sort of behavior. Apparently not.

Is anyone else experiencing this? I have some aliases on my Apple account, and it happens with all of them. I refuse to use a Gmail account.
 


Ric Ford

MacInTouch
I don't know if anyone else is experiencing this...
I've experienced a slightly different problem, where I get an email from a relative, whose ISP is TDS Telecom, and I reply, only to have TDS reject my reply as spam ("blocked due to spam content in the message. (in reply to end of DATA"), which was patently absurd and infuriating. They opened a trouble ticket with TDS, and we jumped through some hoops, and then the same thing happened again weeks later. Gmail wasn't involved at any point, and I've heard from several relatives about other TDS customers having problems with their email.

Today, however, sending and receiving worked with no changes on my end or my relative's.
 


I discovered why Gmail is sending my iCloud mail to spam.

Several years ago I found that my iCloud account’s SMTP server would consistently fail to send mail and continually alternate between asking me to choose another server and asking for my iCloud password, upon which it would tell me my password was incorrect.

I tried all kinds of recommended things (deleting preference files, disabling and re-enabling iCloud, etc.) – short of a clean installation of the OS – and finally gave up, using my Earthlink SMTP server, which has always been rock-solid.

Now Gmail looks askance at an email sent from an SMTP server that is not approved by the domain that hosts the email address and consequently sends that email to spam.

If I send the email from the web, no problem. I guess that is my work-around; I really don’t want to go through all the hassle of a clean install and all the re-setting up that will require.
 


Now Gmail looks askance at an email sent from an SMTP server that is not approved by the domain that hosts the email address and consequently sends that email to spam.
As it should! Indeed, I have my own DKIM and SPF set up, so that any emails sent from alternate servers are automatically deleted, because my email addresses have been used by spammers.

However, AT&T-affiliated sites always reject my email, because Cablevision/Optimum/Altice doesn’t want anyone to use their own SMTP servers with their email service. Only AT&T sites do this. As far as I can tell, there's nothing I can do about it but have a Fastmail account for those folks; for whatever reason, Fastmail is able to bypass that.
 


I don't know if anyone else is experiencing this, but I have been finding more and more that friends with Gmail addresses don't get my mail, and then later find that it has been sent to their spam folder.

This only happens with email sent to Gmail addresses. It also happens with my replies to friends with Gmail addresses, which should never happen, and seems to me to break a fundamental rule of spam labelling. In non-Gmail land, if person A sends an email to person B, and person B hits reply and sends a response, person A should be confident of receiving that reply.

There are instances of this happening even after a friend has rescued an email from spam and marked it as "not spam" – Google says Gmail learns from this sort of behavior. Apparently not.

Is anyone else experiencing this? I have some aliases on my Apple account, and it happens with all of them. I refuse to use a Gmail account.
I have AT&T e-mail accounts and it almost seems that randomly the e-mails from senders will go through, then they are spam, then they are not. It does not seem to matter who their e-mail host may be. I have gone into my account via the AT&T e-mail site and trained the e-mails as good, but it seems that the training does not stick.
 


Wow...other people also have problems with mail sent from the Mail app not getting delivered??

I have two hughes.net email addresses that are never delivered to relatives with frontier.com and taosnet.com email addresses. They are usually just returned as "undeliverable" after a couple of days. The returned emails just have undecipherable gibberish on why they are returned.

Seems like those email servers may have some type of block set up for hughes.net mail.

I had to get an outlook.com email account to send to those relatives.
 


Wow...other people also have problems with mail sent from the Mail app not getting delivered??
Oh yes - I have problems with email from my personal domain (hosted by siteground, and set up properly as far as I can tell) being spam-filtered by servers of some of my regular clients. The spam filtering service used by my web hosting firm has an average false-positive rate of 1-2% over the past few months, and sometimes has blocked email from addresses I had whitelisted.

I wonder if spam filtering is another AI application that is hitting limits on its accuracy.
 


I discovered why Gmail is sending my iCloud mail to spam.
Several years ago I found that my iCloud account’s SMTP server would consistently fail to send mail and continually alternate between asking me to choose another server and asking for my iCloud password, upon which it would tell me my password was incorrect.

I tried all kinds of recommended things (deleting preference files, disabling and re-enabling iCloud, etc.) – short of a clean installation of the OS – and finally gave up, using my Earthlink SMTP server, which has always been rock-solid.
On macOS starting with whichever release came after iCloud, if the account in Mail is setup as a true iCloud account, the SMTP server is automatic. Under Mail > Preferences > Accounts > Server Settings, there is no place to pick incoming (IMAP) or outgoing (SMTP) servers. This should work.

If the account in Mail is sending or receiving from iCloud but is not actually set up as an iCloud account, then you have to set up the SMTP server yourself. Currently it is smtp.mail.me.com, and if you have 2-factor authentication set up (of any flavor), then you must create an app password. Your regular iCloud password will not be accepted. Also note that when you change the type of two-factor authentication, it wipes out all your app passwords, so you have to regenerate them.

For example: my mail account is IMAP to FastMail, but I often send from my @mac.com address. To pass DKIM/SPF etc. I need to send using iCloud's SMTP server, even though in Mail this isn't an iCloud account. There are two ways to accomplish this: 1) manually configure the iCloud SMTP server and set the account to use it, or 2) Set up the @mac.com address as an Identity in FastMail, configured to use the iCloud SMTP server (with the app-specific password).

What's magic is that with the second solution, I can send all my mail to the FastMail SMTP server, and FastMail will automatically reroute the mail through iCloud when needed. That is, the mail sent from @mac.com arrives at FastMail's SMTP, but then FastMail sends it to iCloud's SMTP. So everything works, all the time.
 


I'm a dinosaur. I still use EIMS happily but realize I should switch, if only because my antique Xserve is very old.

1. I know only geeks run their own mail server these days, but I've done it this way for 20+ years and am happy to do it. But I'm having trouble finding any Mac mail server software out there. Does anyone have any recommendations?

2. Is it possible to buy a copy of OS X Server for El Capitan? I can't find it anywhere, on App Store, eBay, Amazon, or surfing.

Thank you.
 



2. Is it possible to buy a copy of OS X Server for El Capitan? I can't find it anywhere, on App Store, eBay, Amazon, or surfing.
Rick, no matter what Mac OS you currently use, you can purchase OS X Server at the App Store. Then, when you boot on a computer with El Capitan, you can go to the App Store / Purchases and install the version which is compatible for El Cap. Thankfully, Apple allows for this.
 


Rick, no matter what Mac OS you currently use, you can purchase OS X Server at the App Store. Then, when you boot on a computer with El Capitan, you can go to the App Store / Purchases and install the version which is compatible for El Cap. Thankfully, Apple allows for this.
I don't think you can purchase macOS Server with any version of macOS you currently use.

You can purchase it if you are running macOS 10.14 Mojave, but if you're running an earlier version of macOS, it is not compatible for the initial purchase.

However, once you have purchased macOS Server using macOS 10.14 Mojave, you can then use an older OS, go to the Purchased area in the App Store, and it will allow you to download the older version that is compatible with your OS.

The steps for someone using OS X 10.11 El Capitan (as per RickCricow's original question) are outlined in my MacStrategy article: "How To Obtain/Purchase OS X Server 5."

If you can just purchase the older version straight up in an older OS directly using the App Store, that would be useful to know, but I don't think you can, because I'm sure I've tried to do that in testing some time ago.
 


I'm a dinosaur. I still use EIMS happily but realize I should switch, if only because my antique Xserve is very old.
1. I know only geeks run their own mail server these days, but I've done it this way for 20+ years and am happy to do it. But I'm having trouble finding any Mac mail server software out there. Does anyone have any recommendations?
2. Is it possible to buy a copy of OS X Server for El Capitan? I can't find it anywhere, on App Store, eBay, Amazon, or surfing.
My host is running my web site and mail on a 2009 Xserve running macOS 10.13.6, going to Mojave in the next few days. Fully tested and working. Yes, it's a hacintosh, but it works.

For El Capitan:
Apple said:
 


I have no experience with it, but you could check out SurgeMail from Netwin Ltd. Another option is Kerio Connect, which supports Macs, Linux and Windows.
Ric, thanks for the suggestions.

I previously downloaded SurgeMail, but it seems to be Unix files?!?. It certainly is not a clickable app, nor anything that seemed to work in Terminal. I've used Macs since 1985, but this one baffled me.

Kerio was on my list to buy, and I shouldn't have been cheap a few years ago. It nows seems to be an annual license, and a pricey one at that.
 


I don't think you can purchase macOS Server with any version of macOS you currently use. You can purchase it if you are running macOS 10.14 Mojave, but if you're running an earlier version of macOS, it is not compatible for the initial purchase. However, once you have purchased macOS Server using macOS 10.14 Mojave, you can then use an older OS, go to the Purchased area in the App Store, and it will allow you to download the older version that is compatible with your OS....
Thanks. This is a good idea. I'll just upgrade someone to Mojave, download, and revert. Thanks to Carbon Copy Cloner, this will be easy.
 


The upcoming email server offering Helm looks interesting. Compared to the $125.00 per month I would have to pay for a static IP to host my own mail server, it's an intriguing option. This might be a potential solution for a security-conscious small business? Anyone else have any thoughts?
 


The upcoming email server offering Helm looks interesting. Compared to the $125.00 per month I would have to pay for a static IP to host my own mail server, it's an intriguing option. This might be a potential solution for a security-conscious small business? Anyone else have any thoughts?
Perhaps I don't understand your particular use case, but in general you don't absolutely need a static IP address to have your own mail server. I have a registered domain name which gets updated automatically whenever my ISP (cable company) decides to change my IP address.

Granted, there is a chance that a few incoming emails could be missed during the short time between when my IP address is changed and the new address is picked up by any clients, but if they try to use the old address during that period the email will fail and be retried later using the new address.
 



I've found that MailServe works well to set up a local mail server. It incorporates fetch mail, postfix, and a local IMAP server. It is simple to set up, and I've been using it across multiple OS X releases.
 


I'm having trouble finding any Mac mail server software out there. Does anyone have any recommendations?
Is it possible to buy a copy of OS X Server for El Capitan? I can't find it anywhere, on App Store, eBay, Amazon, or surfing.
If you're thinking about using the server version of El Capitan as an email server, I suggest considering updating to something newer, since El Cap doesn't seem to be getting security updates any more. I realize that you've been using EIMS, which has not been updated in a long time, but since EIMS is a relatively rare beast on the Internet, it probably isn't a big target for hacking attempts. In contrast, OS X Server relies on very common open source tools to send and receive mail, so it has a very different risk profile. For example, it uses a legacy version of Postfix (2.1.x) that is no longer supported. If you want to stay on El Cap, I suggest either using a commercial mail server that is kept up to date or using a platform like Hombrew to help keep a traditional, manually configured open source mail stack up to date.
 


Ric Ford

MacInTouch
I realize that you've been using EIMS, which has not been updated in a long time, but since EIMS is a relatively rare beast on the Internet, it probably isn't a big target for hacking attempts.
I believe the problem with EIMS may be very old, vulnerable network encryption/authentication protocols.
 


Surgemail is rock solid, but may be overkill for personal use. Developer is pretty responsive, but in New Zealand, so time zone and replies can be problematic.
I downloaded this a couple of days ago and installed. It seems to work OK but the interface is right our of the early eighties. It's a lot more geeky than MailServe and I suspect will take a while to get my head around.

MailServe seems OK, but something about it just didn't click for me. Maybe it was the fact that the documentation for the High Sierra version had some ancient references to Lion or similar...
 


I believe the problem with EIMS may be very old, vulnerable network encryption/authentication protocols.
I just found out that Android won't support the security protocols used in EIMS.

iPhone does, and is why I prefer Apple. But I can't control users unless I want to pay for the phone.
 



Wikipedia has a chart of mail server capabilities, showing the gaps in EIMS security:
Comparison of mail servers
Eudora Internet Mail Server
SMTP over TLS: No
POP over TLS: No
SSL: No
Less importantly, here are some minor vulnerability notes I found:
Our server constantly has alphabet attacks, trying to find an active email account. In 20-some years, nothing has gotten through EIMS. We are low profile, and not on anyone's radar.

I realize it's old and outdated, but based on what JoseHill says about Mac Server and OS X 10.11, I'm almost wondering if I'm better off running EIMS.

Is the day of a non tech professional, an average person (businessperson in my case) running my own mail server over? I have always liked the cost and control I have with my own, vs a service like FastMail or Google.
 


Ric Ford

MacInTouch
I realize it's old and outdated, but based on what JoseHill says about Mac Server and OS X 10.11, I'm almost wondering if I'm better off running EIMS. Is the day of a non tech professional, an average person (businessperson in my case) running my own mail server over? I have always liked the cost and control I have with my own, vs a service like FastMail or Google.
I ran EIMS for many, many years (in the later years on a wonderful Mac Mini G4 that worked perfectly 24x7 for year after year). I remember those alphabetical dictionary attacks well.

With the lack of TLS/SSL encryption (so your communications and passwords are open to capture/snooping), and the misery of trying to configure SPF/DKIM (even with years of serious DNS experience), I finally decided it no longer made sense to spend so much time doing those things and dealing with those problems and switched myself and some associates to FastMail, which has been great. I also evaluated Gmail hosting for one of my friends... and it really didn't cut it in my assessment. He and another friend now have been running their businesses on FastMail for a few years with excellent success. (They're graphics pros, not techies, and only have a few email addresses, though I have more for my domains.)
 


Is the day of a non tech professional, an average person (businessperson in my case) running my own mail server over? I have always liked the cost and control I have with my own, vs a service like FastMail or Google.
For the most part, yes, that day is gone. You either need to invest in commercial software, in cloud hosting, or in learning how to configure and manage often-complex, open-source mail software stacks.
I realize it's old and outdated, but based on what JoseHill says about Mac Server and OS X 10.11, I'm almost wondering if I'm better off running EIIs the day of a non tech professional, an average person (businessperson in my case) running my own mail server over?
I was speculating that if the choice were limited to EIMS and El Cap Server, perhaps EIMS wouldn't be as poor of a choice as it might seem at first glance, but the bottom line is that I can't recommend using either EIMS or El Cap Server, especially if the mail server supports an organization or multiple users.

If you already were using El Cap Server, I might suggest updating to Sierra Server or High Sierra Server to buy yourself some time, but the clock is ticking on those. Eventually, you'd need to find another alternative, since Mojave Server drops the mail server admin app. Since you're not already using macOS Server for mail, I wouldn't recommend investing the time in learning a deprecated solution.

Of course, current versions of macOS still include open source mail tools, even if the Server app no longer includes a graphical front end to those tools. Unfortunately, unless you already have expertise configuring an open source mail stack, it can be a daunting task to learn how to do it, even though there are some decent Linux/BSD-oriented tutorials on the net. There are some open source attempts to put web/GUI interfaces on top of these tools, but I don't have firsthand experience with them. There is a reason why so many businesses that have dedicated IT staff have found Office 365, FastMail, or G Suite to be attractive solutions.

If you don't want to pay the $4+ per user per month that most of the commercial cloud email platforms charge, an often overlooked option is the email service commonly bundled with web hosting plans. For example, a lot of hosting companies include unlimited POP/IMAP/Webmail email accounts as part of their ~$5/month hosting plans. If I recall correctly, most plans also include CardDAV/CalDAV contact and calendar services. They're perhaps not quite as reliable as Microsft/Google/FastMail, and their functions are fairly basic, but especially for small organizations with simple needs, they may be adequate.

The bottom line, however, is that in the vast majority of business cases, a solution like Microsoft, Google, or FastMail is the easiest, most full-featured approach.
 


Amazon disclaimer:
As an Amazon Associate I earn from qualifying purchases.

Latest posts