I have problem with google and I can't send email to any gmail or Gsuite emails got report from mail server log
Feb 17 12:16:30 server postfix/smtp[19451]: 853E35E55A: to=<xxx@gmail.com>,
relay=aspmx.l.google.com[209.85.144.27]:25, delay=0.38, delays=0.05/0/0.15/0.17,
dsn=5.7.26, status=bounced (host aspmx.l.google.com[209.85.144.27] said: 550-5.7.26 This
message does not have authentication information or fails to 550-5.7.26 pass
authentication checks. To best protect our users from spam, the 550-5.7.26 message has
been blocked. Please visit 550-5.7.26
https://support.google.com/mail/answer/81126#authentication for more 550 5.7.26
information. w19si7586061qkp.34 - gsmtp (in reply to end of DATA command))
and I'm not blacklisted in any spam website ( I do check in most of website which provide blocklist checker)
also I didn't have any problem in SPF or DKIM or DMARC
here is SPF checker https://prnt.sc/26xomwz
here is DKIM checker https://prnt.sc/26xoodg
here is DMARC checker https://prnt.sc/26xopgo
here is DMARC report from google
<?xml version="1.0" encoding="UTF-8" ?>
<feedback>
<report_metadata>
<org_name>google.com</org_name>
<email>noreply-dmarc-support@google.com</email>
<extra_contact_info>https://support.google.com/a/answer/2466580</extra_contact_info>
<report_id>10254909114662490508</report_id>
<date_range>
<begin>1644969600</begin>
<end>1645055999</end>
</date_range>
</report_metadata>
<policy_published>
<domain>cbs-canon.com</domain>
<adkim>r</adkim>
<aspf>r</aspf>
<p>quarantine</p>
<sp>quarantine</sp>
<pct>100</pct>
</policy_published>
<record>
<row>
<source_ip>5.161.45.186</source_ip>
<count>187</count>
<policy_evaluated>
<disposition>quarantine</disposition>
<dkim>fail</dkim>
<spf>fail</spf>
</policy_evaluated>
</row>
<identifiers>
<header_from>server.cbs-canon.com</header_from>
</identifiers>
<auth_results>
<dkim>
<domain>server.cbs-canon.com</domain>
<result>fail</result>
<selector>default</selector>
</dkim>
<spf>
<domain>server.cbs-canon.com</domain>
<result>none</result>
</spf>
</auth_results>
</record>
<record>
<row>
<source_ip>5.161.45.186</source_ip>
<count>1</count>
<policy_evaluated>
<disposition>none</disposition>
<dkim>pass</dkim>
<spf>pass</spf>
</policy_evaluated>
</row>
<identifiers>
<header_from>cbs-canon.com</header_from>
</identifiers>
<auth_results>
<dkim>
<domain>cbs-canon.com</domain>
<result>pass</result>
<selector>default</selector>
</dkim>
<spf>
<domain>cbs-canon.com</domain>
<result>pass</result>
</spf>
</auth_results>
</record>
</feedback>
how can I know where is the problem
That is odd. The sending source IP is definitely in your SPF, and the DMARC record includes aspf=r
, so the header from address in a child domain is valid and matches. I'd also note that your DMARC has p=quarantine
, but gmail is acting like it's reject
. This is gmail though, so you can't expect it to behave well.
I expect that the problem is that you don't have an SPF record set for server.cbs-canon.com
, so make sure that exists and allows the same sources as cbs-canon.com
. It looks like you're not doing DKIM signatures either, meaning that both SPF and DKIM are failing, resulting in a DMARC failure. Try adding that DNS record, or redirecting/including server.
to your root domain.