While @calport does address some good points in his other post, there is also the issue that sometimes and IP address being used either…
had a bad reputation when you got it (yes, IPs are recycled these days). in this case you’ll want to check to see if you’re IP is listed with any blacklists, and in the case of Gmail they actually use their own internal scoring system and have a “Postmaster” site which may help you identify what’s going on with their network specifically.
has not been used for email for a while. in this case, you may need to be patient as the email provider starts to identify that you are not sending them spam. sadly not having a reputation is often viewed by ISPs the same way as having a bad reputation is. so you may need to ask users to mark as “not spam” which can also aid in getting the attention of the ISP who usually uses automated systems.
Just for the record, we use VirtualMin and host our own email servers.
I can confirm what most of the other posters have said, especially wrt to setting up SPF, DMARC & DKIM. Once its set up, it takes some time for your reputation score to build so initially, even with a perfect setup, a lot of your emails will still go to spam/junk.
However, once its working, you will see a significant improvement in emails actually reaching the recipient.
That is your original post. Apart from Ubuntu there is no other information. Is this a new build, what did you do to install Virtualmin with default settings, have you changed default settings?, what have you enabled yourself? seems SPF and DKIM enabled but other half not. Come on folks, provide more information when you post and try to be helpful if you want to be helped. You might find that more people will reply.
Having said that, the posts above should point you in the direction of How to configure SPF, DKIM, DMARC + TLS - did you look into that which is part of basic server administration. If so what did not work or was understood? what changes were made since original post?
The tools that can improve delivery:
DKIM
DMARC
SPF
TLS
Some members have posted some links to extensive guides to follow. Make sure you follow up and configure/setup as needed.
SenderScore is almost useless you have a paid account. I’m pretty sure they’re in cahoots with Microsoft because MS pushes SenderScore hard when you get on their naughty list. I have my own way of sealing with that, but I digress.
Google is very thorough when it comes to evaluating mail incoming to their servers for spam. (Outgoing mail from their servers… not so much.) They’re also arrogant enough that even if everything on your end is perfect and you’ve never sent a single piece of spam in your life, they still may take months to trust your IP.
Two things seem to help. One is, in my opinion, mandatory anyway, and that’s to enable DMARC (which presupposes PTR and SPF). SPS also should be as strict as possible given your situation. If you NEVER need to send mail from your domain through another server, then -all is what you want.
The second thing is specific to Gmail, and that is to send mail to a dozen or so gmail recipients over a few days (with their permission, of course, and not all at once) and have them mark your mail as not spam. That seems to nudge the bots a bit toward trusting your IP.
I deleted my first reply to this because you’re not telling us about your setup (are you hosted, are you running your own server from home, are you on a dynamic IP, etc.). That said, here it comes:
It’s this simple: your IP is Black listed.
When you go to MX Toolbox and enter your IP of 122.160.66.158 you are blacklisted by 4 servers.
That can mean several things. It could mean that either you or whoever used that IP before you probably spammed a whole bunch of email at some point and got reported.
It could also mean that you’re on a dynamic IP address and as such aren’t to be trusted. (I ran into a similar issue a while back and @calport offers solutions for it if that’s the case.
Google will never, ever trust a dynamic IP. So if that’s the case either hire Calport to fix you up or forget about running a mail server.
If you’re not on a dynamic IP, you need to find out why you’re on those black lists and get it sorted.
Thanks to all Virtualmin and the team. Thanks to all members who help me a lot in this.BIG THANKS TO Ilia that he was answered this in other forums.
The happy movement is all my emails are going to the inbox and the happiest movement is going to the inbox with important marks.
These are for those who are seeking this.
I am using outlook and Usermin. My primary domain is abc.com and the other domain is xyz.com as I want all emails are going to Gmail inbox.
Actually, I don’t know how it works but I did these steps. So I am sharing with everyone.
You need to do these steps in both domains. If you want in the primary domain then do only in the primary domain. If you do like me then start with the primary domain but need to be done in both domains.
Steps:-
For DKIM, goto Virtualmin → Email Settings → DomainKeys Identified Mail–> Install (skip if already installed)–> Signing of outgoing mail enabled?–> yes. and Reject incoming email with invalid DKIM signature?–> yes then save.
For SPF, Dmarc and dnssec, goto Virtualmin → server configuration–> DNS options–> SPF record enabled? → Yes
goto Virtualmin → server configuration–> DNS options–> DMARC record enabled? → Yes
goto Virtualmin → server configuration–> DNS options–> DMARC policy for emails that fail SPF or DKIM → Quarantine email
goto Virtualmin → server configuration–> DNS options–> DNSSEC signature enabled? → yes
Don’t auto forward your server emails to gmail but let gmail access your email via pop3/imap. If you blind forward, spam will also be forwarded and your IP will be blacklisted.
Yes. And that’s the thing I hate most about setting up new servers. Some of the blocklists can be a nightmare to get off. Microsoft and Verizon, for example, are completely unhelpful.
My tactic with Microsoft is to wait until I get the first boilerplate denial. Then I copy it back to them, substituting their own IP range. I actually block the entire range, and inform them that they are not eligible for remediation because of excessive spam coming from their servers. (Microsoft servers do in fact account for 35 - 45 percent of my incoming spam.) That gets my request escalated and the block removed. It’s worked every time.
Verizon is trickier because I don’t think humans ever read the requests. But the last time I was in that situation, I found that submitting a request to AT&T or SBC Global got the Verizon block removed. I guess they all use the same list.
SORBS is strange. Sometimes they immediately remove the block and sometimes they take weeks. They do tend to respond more quickly to requests made by the DC, so I usually let them do it for me.
The rest are pretty easy. Most of them are self-rehabilitating and have already cleared by the time the IP is reissued.