Hotmail ziet mijn mail als ongewenst WEL Rvrse dns + TXT rec

Hallo beste mede tweakers,

sinds een tijdje loop ik goed te prutsen met mail server en alles!
zal even beginnen met wat ik nu heb draaien

PS: alles even vervangen met example.com ivm reclame etc en naam email bescherming:) van IP`s heb ik het laatste sement vervangen door ***

Servertje thuis ip:86.88.248.***
Debian squeeze
nginx + php5 met fpm + mysql
Bind9 dns server met record als volgt:

$TTL 3600
@ IN SOA example.com. info@example.com. (
2012050101
10800
3600
604800
3600 )

example.com. 3600 IN NS ns1.example.com.
example.com. 3600 IN NS ns2.example.com.
ns1.example.com. 3600 IN A 86.88.248.***
ns2.example.com. 3600 IN A 86.88.248.***
example.com. 3600 IN A 86.88.248.***
ftp 3600 IN A 86.88.248.***
localhost 3600 IN A 86.88.248.***
www 3600 IN A 86.88.248.***
mail 3600 IN A 37.34.56.**
pop 3600 IN A 37.34.56.**
smtp 3600 IN A 37.34.56.**
example.com. 3600 IN MX 10 mail
example.com. 3600 IN TXT "v=spf1 a mx ip4:37.34.56.** ~all"



Hierna volgt mn vps 37.34.56.**
debian squeeze
hostname = mail
Exim4 + courier imap pop smtp etc etc etc


Reverse dns is gezet op mail.example.com op de 37.34.56.** dus 37.34.56.** zet om naar mail.example.com
mail.example.com zet ook weer om naar 37.34.56.**

Gmail, kpnmail, upcmail etc hebben geen problemen met mijn mail en ontvangen hem allemaal in de inbox, helaas ontvangt hotmail de email dus in ongewenst.

Is iemand bekent met het probleem en weet die toevallig een fix?


Hier de broncode van mail ontvangen bij hotmail:

x-store-info:4r51+eLowCe79NzwdU2kR3P+ctWZsO+J
Authentication-Results: hotmail.com; sender-id=pass (sender IP is 37.34.56.**) header.from=info@example.com; dkim=none header.d=example.com; x-hmca=pass
X-SID-PRA: info@example.com
X-DKIM-Result: None
X-Message-Status: n:0:n
X-SID-Result: Pass
X-AUTH-Result: PASS
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MjtHRD0yO1NDTD00
X-Message-Info: 11chDOWqoTn5eRZJF9HPji7T8wY0hG+jxuplkjM0YEVQpOUjoSP8pU0th29COx8i/SSgp00YPdm9WM9yU50MBYW4gskWG8xHexf1X4tL1yrLnCoaZbncESJnyPfXGdoyG1Ie6yY0t+U=
Received: from mail.example.com ([37.34.56.**]) by COL0-MC1-F23.Col0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4900);
Thu, 21 Jun 2012 15:49:13 -0700
Received: from *******.direct-adsl.nl ([86.88.248.***] helo=example.com)
by mail.example.com with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
(Exim 4.72)
(envelope-from <info@example.com>)
id 1ShqBc-0004bt-CA
for example@hotmail.com; Fri, 22 Jun 2012 00:49:12 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8;
format=flowed
Content-Transfer-Encoding: 7bit
Date: Fri, 22 Jun 2012 00:49:12 +0200
From: example <info@example.com>
To: <example@hotmail.com>
Subject: TEST
Message-ID: <e3a78bd9407a9b9bb41a764c6921c915@mail.example.com>
X-Sender: info@example.com
User-Agent: Roundcube Webmail/0.7.2
Return-Path: info@example.com
X-OriginalArrivalTime: 21 Jun 2012 22:49:13.0738 (UTC) FILETIME=[147A16A0:01CD5000]

TEST


Met vriendelijke groet,

Marco Nijholt

86.88.248.225 is het ip waar ik het vanaf stuur( mijn kpn connectie thuis ) en is niet de mailserver zelf.

mijn mailserver staat op een vps @ transip bij transip heb ik reverse dns ingesteld als mail.example.com
wat zou ik als ptr record moeten toevoegen volgens jou?

tevens als ik mijn mailservers ip dus ook de ip van mail.example.com check op die website, ben ik én niet geblack list op geen enkele site, en hij geeft dit aan


ptr:37.34.56.27 ptr
Type IP Address Domain Name TTL
PTR 37.34.56.27 mail.marconijholt.com 24 hrs
smtp diag blacklist port scan http test
Reported by ns2.transip.net on Thursday, June 21, 2012 at 7:07:39 PM (UTC -5) Transcript

de reden dat client net 86.88.248.225 was, was omdat mijn roundcube daar op draait, en die dus de afzender is.
Nu net via gmail app verstuurd (direct via smtp van mn server )

dus ziet gmail ook als client op ip 209.85.214.49 wat nergens geblacklist is.
Dus het ligt waarschijnlijk ergens anders aan maar wat kan ik dus ook niet verzinnen.

Weer spam...
hier de andere broncode

x-store-info:4r51+eLowCe79NzwdU2kRyU+pBy2R9QCQ1WNUtV+VDcDryx17CzWY7KaMQV0cWB+Hyj7dtVBCwCUf32Cp23zx8kRPioIHjROClT/yFtiVFjIJynlR9GoKYJ6A3GPQXyhNhufJ7Voryg=
Authentication-Results: hotmail.com; sender-id=pass (sender IP is 37.34.56.27) header.from=info@marconijholt.com; dkim=none header.d=marconijholt.com; x-hmca=pass
X-SID-PRA: info@marconijholt.com
X-DKIM-Result: None
X-Message-Status: n:0:n
X-SID-Result: Pass
X-AUTH-Result: PASS
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MjtHRD0yO1NDTD00
X-Message-Info: 11chDOWqoTmQrRyY+ZF5HTtNJ6Qh3QMSIu120XKqdaFQp0PwVFZC8c0pCiZpLbbkJyilcbKHVF6dhqUHhHJ86rQXmOdDaV7k/Dx8tYf7VFHhRwO8gby7FyoLqf9W+bzF4BLTj0RmdOI=
Received: from mail.marconijholt.com ([37.34.56.27]) by SNT0-MC2-F48.Snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4900);
Thu, 21 Jun 2012 17:21:32 -0700
Received: from mail-bk0-f49.google.com ([209.85.214.49])
by mail.marconijholt.com with esmtpsa (TLS1.0:RSA_ARCFOUR_SHA1:16)
(Exim 4.72)
(envelope-from <info@marconijholt.com>)
id 1Shrcw-0004iA-9n
for example@hotmail.com; Fri, 22 Jun 2012 02:21:30 +0200
Received: by bkwj4 with SMTP id j4so1203152bkw.36
for <example@hotmail.com>; Thu, 21 Jun 2012 17:21:24 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.204.156.4 with SMTP id u4mr56186bkw.6.1340324484874; Thu, 21
Jun 2012 17:21:24 -0700 (PDT)
Received: by 10.204.121.71 with HTTP; Thu, 21 Jun 2012 17:21:24 -0700 (PDT)
Date: Fri, 22 Jun 2012 02:21:24 +0200
Message-ID: <CAAaBc1YTZhaNj1cdhxzQXCurxvEkkCH-19GJSXr4P_CJOu-GpA@mail.gmail.com>
Subject: Test
From: Marco Nijholt <info@marconijholt.com>
To: example@hotmail.com
Content-Type: multipart/alternative; boundary=0015175cfa32ce00ce04c3049ce0
Return-Path: info@marconijholt.com
X-OriginalArrivalTime: 22 Jun 2012 00:21:32.0758 (UTC) FILETIME=[F9FD7760:01CD500C]

--0015175cfa32ce00ce04c3049ce0
Content-Type: text/plain; charset=ISO-8859-1

Test

--0015175cfa32ce00ce04c3049ce0
Content-Type: text/html; charset=ISO-8859-1

Test<span></span>

--0015175cfa32ce00ce04c3049ce0--

hmm alles gechecked, spf nog aangepast maar werkt nog steeds niet. (volgens die link die je gaf)
heb nu mail geprobeerd te sturen via de echo command.
root@mail:~# echo "hello" | mail -s "a test email" marconijholt@hotmail.com


hier daar de bron ding van (als root user) (weer spam dus)


x-store-info:4r51+eLowCe79NzwdU2kRyU+pBy2R9QCQ1WNUtV+VDcDryx17CzWY7KaMQV0cWB+Hyj7dtVBCwCUf32Cp23zx8kRPioIHjROClT/yFtiVFjIJynlR9GoKYJ6A3GPQXyhNhufJ7Voryg=
Authentication-Results: hotmail.com; sender-id=pass (sender IP is 37.34.56.27) header.from=root@marconijholt.com; dkim=none header.d=marconijholt.com; x-hmca=pass
X-SID-PRA: root@marconijholt.com
X-DKIM-Result: None
X-Message-Status: n:0:n
X-SID-Result: Pass
X-AUTH-Result: PASS
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MjtHRD0yO1NDTD00
X-Message-Info: 11chDOWqoTnjDv0n+r5oSkF60PmiKXxpIHeiXCQmQUxCPcHrMLyVoFbl080LXKvuCPk5zveLkUVZtwkZk51AeNU9fi5fYc7q4zZQnv+7xUuL26E4mBne74gKkr5cUYpPMUL+Ge69fKo=
Received: from mail.marconijholt.com ([37.34.56.27]) by BAY0-MC3-F46.Bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4900);
Fri, 22 Jun 2012 12:40:10 -0700
Received: from root by mail.marconijholt.com with local (Exim 4.72)
(envelope-from <root@marconijholt.com>)
id 1Si9iD-0000V9-N1
for marconijholt@hotmail.com; Fri, 22 Jun 2012 21:40:09 +0200
Date: Fri, 22 Jun 2012 21:40:09 +0200
Message-Id: <E1Si9iD-0000V9-N1@mail.marconijholt.com>
To: marconijholt@hotmail.com
Subject: a test email
From: root <root@marconijholt.com>
Return-Path: root@marconijholt.com
X-OriginalArrivalTime: 22 Jun 2012 19:40:10.0671 (UTC) FILETIME=[D5E52BF0:01CD50AE]

hello

[ Voor 30% gewijzigd door marco282 op 22-06-2012 21:41 ]

blacklist is het probleem niet helaas, heb even mailtje gestuurd ernaar.

k zie wel dit
SpamAssassin check details:
----------------------------------------------------------
SpamAssassin v3.3.1 (2010-03-16)

Result: ham (-1.9 points, 5.0 required)

weet niet of dit van invloed heeft?

This message is an automatic response from Port25's authentication verifier service at verifier.port25.com. The service allows email senders to perform a simple check of various sender authentication mechanisms. It is provided free of charge, in the hope that it is useful to the email community. While it is not officially supported, we welcome any feedback you may have at <verifier-feedback@port25.com>. Thank you for using the verifier, The Port25 Solutions, Inc. team ========================================================== Summary of Results ========================================================== SPF check: pass DomainKeys check: neutral DKIM check: neutral Sender-ID check: pass SpamAssassin check: ham ========================================================== Details: ========================================================== HELO hostname: mail.marconijholt.com Source IP: 37.34.56.27 mail-from: info@marconijholt.com ---------------------------------------------------------- SPF check details: ---------------------------------------------------------- Result: pass ID(s) verified: smtp.mailfrom=info@marconijholt.com DNS record(s): marconijholt.com. SPF (no records) marconijholt.com. 3600 IN TXT "v=spf1 a mx ip4:37.34.56.27 ~all" marconijholt.com. 3600 IN A 86.88.248.225 marconijholt.com. 3600 IN MX 10 mail.marconijholt.com. mail.marconijholt.com. 3600 IN A 37.34.56.27 ---------------------------------------------------------- DomainKeys check details: ---------------------------------------------------------- Result: neutral (message not signed) ID(s) verified: header.From=info@marconijholt.com DNS record(s): ---------------------------------------------------------- DKIM check details: ---------------------------------------------------------- Result: neutral (message not signed) ID(s) verified: NOTE: DKIM checking has been performed based on the latest DKIM specs (RFC 4871 or draft-ietf-dkim-base-10) and verification may fail for older versions. If you are using Port25's PowerMTA, you need to use version 3.2r11 or later to get a compatible version of DKIM. ---------------------------------------------------------- Sender-ID check details: ---------------------------------------------------------- Result: pass ID(s) verified: header.From=info@marconijholt.com DNS record(s): marconijholt.com. SPF (no records) marconijholt.com. 3600 IN TXT "v=spf1 a mx ip4:37.34.56.27 ~all" marconijholt.com. 3600 IN A 86.88.248.225 marconijholt.com. 3600 IN MX 10 mail.marconijholt.com. mail.marconijholt.com. 3600 IN A 37.34.56.27 ---------------------------------------------------------- SpamAssassin check details: ---------------------------------------------------------- SpamAssassin v3.3.1 (2010-03-16) Result: ham (-1.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay domain -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0074] 0.0 TVD_SPACE_RATIO TVD_SPACE_RATIO ========================================================== Explanation of the possible results (from RFC 5451) ========================================================== SPF and Sender-ID Results ========================= "none" No policy records were published at the sender's DNS domain. "neutral" The sender's ADMD has asserted that it cannot or does not want to assert whether or not the sending IP address is authorized to send mail using the sender's DNS domain. "pass" The client is authorized by the sender's ADMD to inject or relay mail on behalf of the sender's DNS domain. "policy" The client is authorized to inject or relay mail on behalf of the sender's DNS domain according to the authentication method's algorithm, but local policy dictates that the result is unacceptable. "fail" This client is explicitly not authorized to inject or relay mail using the sender's DNS domain. "softfail" The sender's ADMD believes the client was not authorized to inject or relay mail using the sender's DNS domain, but is unwilling to make a strong assertion to that effect. "temperror" The message could not be verified due to some error that is likely transient in nature, such as a temporary inability to retrieve a policy record from DNS. A later attempt may produce a final result. "permerror" The message could not be verified due to some error that is unrecoverable, such as a required header field being absent or a syntax error in a retrieved DNS TXT record. A later attempt is unlikely to produce a final result. DKIM and DomainKeys Results =========================== "none" The message was not signed. "pass" The message was signed, the signature or signatures were acceptable to the verifier, and the signature(s) passed verification tests. "fail" The message was signed and the signature or signatures were acceptable to the verifier, but they failed the verification test(s). "policy" The message was signed but the signature or signatures were not acceptable to the verifier. "neutral" The message was signed but the signature or signatures contained syntax errors or were not otherwise able to be processed. This result SHOULD also be used for other failures not covered elsewhere in this list. "temperror" The message could not be verified due to some error that is likely transient in nature, such as a temporary inability to retrieve a public key. A later attempt may produce a final result. "permerror" The message could not be verified due to some error that is unrecoverable, such as a required header field being absent. A later attempt is unlikely to produce a final result. ========================================================== Original Email ========================================================== Return-Path: <info@marconijholt.com> Received: from mail.marconijholt.com (37.34.56.27) by verifier.port25.com id hsn78c11u9c2 for <check-auth@verifier.port25.com>; Sat, 23 Jun 2012 10:11:18 -0400 (envelope-from <info@marconijholt.com>) Authentication-Results: verifier.port25.com; spf=pass smtp.mailfrom=info@marconijholt.com Authentication-Results: verifier.port25.com; domainkeys=neutral (message not signed) header.From=info@marconijholt.com Authentication-Results: verifier.port25.com; dkim=neutral (message not signed) Authentication-Results: verifier.port25.com; sender-id=pass header.From=info@marconijholt.com Received: from ip5658f8e1.direct-adsl.nl ([86.88.248.225] helo=marconijholt.com) by mail.marconijholt.com with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from <info@marconijholt.com>) id 1SiR3T-0000e6-Vr for check-auth@verifier.port25.com; Sat, 23 Jun 2012 16:11:16 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Date: Sat, 23 Jun 2012 16:11:15 +0200 From: Marco Nijholt <info@marconijholt.com> To: <check-auth@verifier.port25.com> Subject: (geen onderwerp) Message-ID: <d42bebbd9ffcb6e346c8dd5a141225a2@mail.marconijholt.com> X-Sender: info@marconijholt.com User-Agent: Roundcube Webmail/0.7.2

Hoe heb je DKIM erin gekregen dan? dat die gesigned word.
groet

Hmm ja okee ik kan niet echt vinden voor debian exim4, kan wel vinden voor andere OS'es alleen t werkt allemaal niet...

DKIM staat ookal in de config van exim4 bij mij. ergens moet alleen het signen van uitgaande mails aangezet worden denk ik?