CrowdSupport®
Highlighted
OzPatricio
Level 4: Private Eye

Is Telstra SPAM filtering delaying my legitimate email?

Answered

For the past few months, I have had many of my emails delayed by anything from a couple of minutes to 12 hours.  This used to be sporadic, but is happening pretty much all of the time now.

As background, I've used a ,name (dotname) email address, provided to me by Melbourne IT, since 2004, to provide an 'address for life'. This is uncommon, as it is a third level domain fname.lname.name, which comes with email forwarding to fname@lname.name, which I configure via the Melbourne IT interface.  I have successfully had all of my email sent to this address, which is then forwarded seemlessly to my BigPond address (or occassionly optusnet) over the last 13 years.

 

I believe these delays (and possibly rejections) started happening when Telstra started looking at 

Sender Policy Framework (SPF) Records. It seems that now if something is coming to my bigpond address, it sees that it is coming via a .name mx server. not the original sender's server, and it gets a Received-SPF: fail, or sometimes a Received-SPF: softfail.

From what I can see, this happens with whatever .name server initially receives my mail on the way through - mx01.nic.name, mx02.nic.name, mx03.nic.name etc.

Here's an example from today (with my BigPond address changed to myaddress@bigpond.com and my email address changed to fname@lname.name.

 

 

Return-Path: <delivery@mx.sailthru.com>
Received: from extmail.bigpond.com ([10.10.24.4])
          by nsstlfep04p-svc.bpe.nexus.telstra.com.au with ESMTP
          id <20170428033004.RJVL791.nsstlfep04p-svc.bpe.nexus.telstra.com.au@extmail.bigpond.com>
          for <myaddress@bigpond.com>; Fri, 28 Apr 2017 13:30:04 +1000
Received-SPF: fail (extmail.bigpond.com: domain mx.sailthru.com does not
 designate 72.13.32.171 as permitted sender) identity=mailfrom;
 receiver=extmail.bigpond.com; client-ip=72.13.32.171;
 envelope-from=delivery@mx.sailthru.com; helo=mx02.nic.name;
X-Junkmail-Premium-Raw: score=8/85,refid=2.7.2:2017.4.27.183916:17:8.129,ip=72.13.32.171,rules=DKIM_SIGNATURE,
 DATE_TZ_NA, __HAS_FROM, FROM_NAME_PHRASE, __TO_MALFORMED_2, __TO_NO_NAME,
 __HAS_MSGID, __SANE_MSGID, __SUBJ_ALPHA_END, __MIME_VERSION, __CT,
 __CTYPE_MULTIPART_ALT, __CTYPE_HAS_BOUNDARY, __CTYPE_MULTIPART,
 __HAS_X_MAILER, __HAS_LIST_UNSUBSCRIBE, __MIME_TEXT_P2, __MIME_TEXT_H2,
 __ANY_URI, __URI_WITH_PATH, __URI_NO_MAILTO, __URI_NO_WWW, __CP_MEDIA_BODY,
 __CP_NAME_BODY, __CP_URI_IN_BODY, __FRAUD_INTRO, __FRAUD_LOC,
 __SUBJ_ALPHA_NEGATE, __INT_PROD_LOC, __LINES_OF_YELLING, __MULTIPLE_URI_TEXT,
 __URI_IN_BODY, __URI_NOT_IMG, __NO_HTML_TAG_RAW, BODY_SIZE_10000_PLUS,
 BODYTEXTH_SIZE_3000_MORE, __MIME_TEXT_H1, __MIME_TEXT_P1, __MIME_HTML,
 LINES_OF_YELLING_3, __URI_NS, HTML_00_01, HTML_00_10, __PHISH_SPEAR_GREETING,
 __HAS_LIST_HEADER, __LEGIT_LIST_HEADER, __FRAUD_COMMON, CHILD_EX_X3,
 __MIME_TEXT_H, __MIME_TEXT_P, NO_URI_HTTPS, URI_WITH_PATH_ONLY
Received: from mx02.nic.name (72.13.32.171) by extmail.bigpond.com (9.0.019.11-1)
        id 58DA9AA41B45BAE6 for fname@lname.name; Fri, 28 Apr 2017 13:30:04 +1000
Received: from mx-washpost-a.sailthru.com (mx-washpost-a.sailthru.com [192.64.237.165])
	by mx02.nic.name (Postfix) with ESMTP id E7FD62D02
	for <fname@lname.name>; Thu, 27 Apr 2017 20:11:32 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; s=mt; d=pmta.sailthru.com;
 h=Date:From:To:Message-IDSmiley Frustratedubject:MIME-Version:Content-Type:List-Unsubscribe;
 bh=CZEWPPksLYl8ze3dhLQtFlsCB/8=;
 b=cmb2YRuoU/zgc+h6bMlCO31grQHQeWTRVRaS6vZ98Xwc4pnDbWrAU9Z2WDxyjQB0I7u/wL9D1dPr
   GUCM6HYf2S6OH6FHWo9aNgz05ztwrja1tceS8j+adv7xx+BIu7ALnkdmNdlqs9yNYHAFCl2Xe9rq
   JcyZcffVI3YiI/dKlok=
Received: from njmta-90.sailthru.com (173.228.155.90) by mx-washpost-a.sailthru.com id h098781qqbs9 for <fname@lname.name>; Thu, 27 Apr 2017 16:11:32 -0400 (envelope-from <delivery@mx.sailthru.com>)
Received: from nj1-newyonder.flt (172.18.20.6) by njmta-90.sailthru.com id h098781qqbs9 for <fname@lname.name>; Thu, 27 Apr 2017 16:11:31 -0400 (envelope-from <delivery@mx.sailthru.com>)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; t=1493323891;
	s=sailthru; d=e.washingtonpost.com;
	h=Date:From:To:Message-IDSmiley Frustratedubject:MIME-Version:Content-Type:List-Unsubscribe;
	bh=JXmtRcrXwizUdDjy0+AJ7WKAPN3dney4E0SGzVDTRaU=;
	b=V2x0ro4Nzi3y3lbMlRfjwGDcJ7ld8wNfUyauMfZe+dH+UzTq4TOnAOoY31O/K5TP
	8AyvvmIlR+pOZR2utlY4NQRtC8Q4zpAi3mVkexsfTiInttXBxPy3DMVbEbqIDdCUeIF
	Tq5vJ3i1D3sbVS6Cxx5nbVSwaaMmJmejXSTjG5bA=
Date: Thu, 27 Apr 2017 16:11:31 -0400 (EDT)
From: The Washington Post <email@e.washingtonpost.com>
To: fname@lname.name
Message-ID: <20170427161131.9484591.140863@sailthru.com>
Subject: The Post Most: North Korea puts out new video showing the White
 House in crosshairs and carriers exploding
MIME-Version: 1.0
Content-Type: multipart/alternative; 
	boundary="----=_Part_15157414_399701187.1493323891209"
Precedence: bulk
X-TM-ID: 20170427161131.9484591.140863
X-Info: Message sent by sailthru.com customer The Washington Post
X-Info: We do not permit unsolicited commercial email
X-Info: Please report abuse by forwarding complete headers to
X-Info: abuse@sailthru.com
X-Mailer: sailthru.com
X-Unsubscribe-Web: http://link.washingtonpost.com/oc/578fbf136e4adc414f8b4d295nacv.30ov/28d6af86
List-Unsubscribe: <http://link.washingtonpost.com/oc/578fbf136e4adc414f8b4d295nacv.30ov/28d6af86>, <mailto:unsubscribe_20170427161131.9484591.140863@mx.sailthru.com>
X-rpcampaign: sthiq9484591

Throwing this into the Messageheader analyser at G Suite Toolbox, you can see the 7 hour delay, once the email hits extmail.bigpond.com. 

 

MessageId	
20170427161131.9484591.140863@sailthru.com
Created at:	4/28/2017, 6:11:31 AM ( Delivered after 7 hours )
From:	The Washington Post <email@e.washingtonpost.com> Using sailthru.com
To:	patrick@turner.name
Subject:	The Post Most: North Korea puts out new video showing the White House in crosshairs and carriers exploding

#	Delay	From*			To*	Protocol	Time received	
0	1 sec	mx-washpost-a.sailthru.com	→		mx02.nic.name	ESMTP	4/28/2017, 6:11:32 AM	
1	7 hours	extmail.bigpond.com	→		nsstlfep04p-svc.bpe.nexus.telstra.com.au		4/28/2017, 1:30:04 PM	

My question is, is there anything Telstra and/or I can do, other than not using a bigpond email address, to rectify this?  It's increasingly becoming a problem with urgent emails, validating logins, changing passwords, online shopping etc.  Also, note, I doubt my ability to get Verisign to change their server configurations, based on my ISP's requirements, although Telstra may be able to do this on my behalf.

Also, as an aside, if a message gets a Received-SPF: fail, how does it get through to me at all? Is this a manual process where someone inspects/releases my private emails?

Hope someone can assist.

 

 

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
OzPatricio
Level 4: Private Eye
Accepted Solution

Re: Is Telstra SPAM filtering delaying my legitimate email?

Game over.

I've now discovered examples of legitmate emails that have been rejected by the new sledgehammer Sender Policy Framework (SPF) validation test. One was from a government agency, which was important, and another was a routine email address verification from Steam, which despite trying 4 times over 24 hours, just couldn't get through the BigPond email servers to me. As soon as I temporarily forwarded my address to another provider, the verification email came though seconds after it was resent.

I'm moving to a hosted email solution where I can forward my email address without delays or losing messages completely, as well as use my email address as an alias without the dreaded 'on behalf of' disclosure.

The only problem with this, is that I still pay Telstra the same amount per month for internet access, but lose what for me was a vital part of the service which decreases it's value for money, whilst I take on another cost with different provider.

Frustrating that the only real solution to my problem was to stop using the Telstra provided service, which worked seemlessly for well over a decade. And, that I will continue to pay for this service.

View solution in original post

Was this helpful?

  • Yes it was, thank you
  • No, I still need help
7 REPLIES 7
OzPatricio
Level 4: Private Eye

Re: Is Telstra SPAM filtering delaying my legitimate email?

And just as an extra piece of information, here's an example of the seemingly randomness of it.

Three emails received in the past 5 minutes:
The Australian - delayed 8+ hours:  SPF-Received: fail
Public Transport Victoria - delayed 3+ hours:   SPF-Received: softfail

Yamaha Home Entertainment Australia - not delayed (4 minutes): SPF-Received: neutral

Frustrating

 

2017-04-28 (2).png

 

Patrick

OzPatricio
Level 4: Private Eye

Re: Is Telstra SPAM filtering delaying my legitimate email?

Quick update.
Since posing my question this afternoon, I've read more about SPF & DKIM (& DMARC & ARC) than a simple user should.
I understand a little of the history of how SPF broke email forwarding and how it can be used in conjuction with SRS & DKIM, and I understand that the header traces of none, softfail, fail, permerror & neutral that I see, come from the email sender's server configuration and SPF Record syntax.  I still don't understand why some emails that fail/softfail come through straight away and some that are none/neutral are extensively delayed (if not rejected) and vice versa.

So my questions are a little different from the original post, if a Telstra expert picks this up.

What causes some emails that are forwarded from the array of mx0#.nic.name mail servers that I use, to be delayed by up to 12 hours, whilst others, like my emails this evening, come through almost instantaneously, independent of the result of the SPF-Received query?
Is there something you can do to ensure that all emails addressed to either my bigpond.com or .name address(es)* can always come through straight away, by something like whitelisting the nic.name mail servers†?

 

Would love an answer. Please excuse me if I have any of this wrong. I'm not very technical.

Patrick

 

* My wife uses the same setup for her private email with a fname@lname.name address forwarded to her username@bigpond.com. email.

† The servers that I can currently see in my email headers are;
   - mx01.nic.name 72.13.32.170

   - mx02.nic.name 72.13.32.171

   - mx03.nic.name 69.58.186.170

   - mx04.nic.name 69.58.186.171

OzPatricio
Level 4: Private Eye

Re: Is Telstra SPAM filtering delaying my legitimate email?

Quick update.
Since posing my question this afternoon, I've read more about SPF & DKIM (& DMARC & ARC) than a simple user should.
I understand a little of the history of how SPF broke email forwarding and how it can be used in conjuction with SRS & DKIM, and I understand that the header traces of none, softfail, fail, permerror & neutral that I see, come from the email sender's server configuration and SPF Record syntax.  I still don't understand why some emails that fail/softfail come through straight away and some that are none/neutral are extensively delayed (if not rejected) and vice versa.

So my questions are a little different from the original post, if a Telstra email expert picks this up.

What causes some emails that are forwarded from the array of mx0#.nic.name mail servers that I use, to be delayed by up to 12 hours, whilst others, like my emails this evening, come through almost instantaneously, independent of the result of the SPF-Received query?
Is there something you can do to ensure that all emails addressed to either my bigpond.com or .name address(es)* can always come through straight away, by something like whitelisting the nic.name mail servers†?

 

Would love an answer. Please excuse me if I have any of this wrong. I'm not very technical.

Patrick

 

* My wife uses the same setup for her private email with a fname@lname.name address forwarded to her username@bigpond.com. email.

† The servers that I can currently see in my email headers are;
   - mx01.nic.name 72.13.32.170

   - mx02.nic.name 72.13.32.171

   - mx03.nic.name 69.58.186.170

   - mx04.nic.name 69.58.186.171

Telstra (Retired)
Telstra (Retired)

Re: Is Telstra SPAM filtering delaying my legitimate email?

Hi OzPatricio, 

 

We passed on the information that you provided to one of our mail specialists to take a look at  over the weekend. The reason for the delays is due to the amount of SPAM the Telstra mail servers are receiving from the host that is doing your forwarding.

 

Hosts:    

  • mx01.nic.name 72.13.32.170
  • mx02.nic.name 72.13.32.171
  • mx03.nic.name 69.58.186.170
  • mx04.nic.name 69.58.186.171

 

We can see that up to 80% of email coming from the hosts is SPAM. Because of this they've been limited, so they can only send 200 messages/hour per IP. So this will severely delay email from them.  The only way to fix this and speed up the messages/hour count is for the remote host to stop sending SPAM.

 

Hope this helps.
 

Need help? Check out our Community Wiki or Support Portal || Looking for a new mobile? Order online today || Get help with any Tech at Home with Telstra Platinum || Don't forget to tag answers as Accepted Solutions and give a Like to the member(s) who helped you out.

All moderation actions are supported by the CrowdSupport Community Guidelines

OzPatricio
Level 4: Private Eye

Re: Is Telstra SPAM filtering delaying my legitimate email?

Dear @Kenobi,

I thank you for having my situation investigated on this board. I doubt that this could have been explained over chat or with a support call due to the uniqueness and complexity of my problem.

I now understand what Telstra is doing here, and thank them for not just rejecting my email outright. However, I doubt my capacity to influence this situation. I'll send this information to Verisign and Melbourne IT, but I don't expect they will have any motivation or capability to address this on my behalf.

 

I now need evaluate my email address strategy going forward. Something I thought I'd permanently addressed 13 years ago.

 

Once again, thanks for your follow-up and support of the Telstra mail specialist.  It doesn't give me a solution, but at least I have an explanation.

Kind Regards,

Patrick

OzPatricio
Level 4: Private Eye

Re: Is Telstra SPAM filtering delaying my legitimate email?

I thought I'd update this thread with what's been happening over the past 3 weeks since @Kenobi helped me out, for anyone who is having similar problems and finds this when searching the internet.

 

Firstly, Telstra has continued to enhance the way that it treats emails that fail a Sender Policy Framework (SPF) validation test. For me, since 6th May (and in higher volumes from 11th May), some of these emails now have the string [SPFFail] added to the beginning of the subject line and sent directly to a Junk folder. It's pretty random, but here are some examples from earlier today:

 

2017-05-22 (2).png


Another user, @fassbinder,  is also seeing this, but for me, I'm just grateful that Telstra is not blocking my email given that I am using registry-based email forwarding, so have no control of the mail transfer agents being used.

 

I am also noticing that the delays in emails getting through are dropping. Over the past 2 days, there's been the occasional 2, 4, 6, 8 and even 14 hour delay with an email being held up at extmail.bigpond.com, which is still unacceptable, but the majority of my email is coming through in seconds, as expected. So, this situation is improving. Don't know if it's due to less spam passing through mx0#.nic.name mailservers, or better handling by Telstra. Once again, I'm grateful.

 

So, given that Telstra indicated to me that it was my responsibility to somehow get servers in the US, that I don't own and have no control over, to somehow stop sending spam, I hunted down my other service providers.

 

First stop, my domain and email forwarding registrar, Melbourne IT. This proved to be as fruitless and frustrating as the only other time I contacted their support people, when I tried to transfer a domain back to them in 2009.

 

I purchased my two fname.lname.name domains and more importantly, the fname@lname.name email services from them in 2002 and 2005. Back then, they sold the email address product as an email address for life. See their webpage from that time here.

 

It's important to note that the .NAME gTLD (sometimes referred to as dotname) offered third-level domain names like john.smith.name and second-level email addresses like john@smith.name, so multiple users with the same surname could use the service. Therefore, the Registry maintained control of the second level domain, and this is the one that email products are in. It is also important to know that the domain name and the email address, whilst using the same fname amd lname are separate products.

 

The best response that Melbourne IT could give me in the end was;

 

"Please be advised that in regards to this issue it looks like your site is hosted by a 3rd party hosting please can you get in contact with them and they can help you sort this out."

 

I pointed out that there is no hosting, it's an email forwarding product, and the forwarding is done by the Registy, Verisign, that they represent on my behalf, and charge me a handsome annual fee for the privilege. That was the end of the conversation. Since then, crickets. In their defence, anyone who originally setup, sold or supported this product is probably dead or retired. Smiley Happy

 

So, my last port of call was the Reston, Virginia based Versign, who actually operate the .NAME registry. Let me say, whilst I was doubting the value in even approaching them, they responded to me immediately, were interested and engaged in understanding my problem, coming back multiple times for more information to diagnose the issue, and professional throughout. A nice surprise in this day and age, especially for a single consumer on the other side of the planet.

 

The end result of my enquiry was this;

 

"Please note that SRS support has been added to our .name product road map and Verisign is evaluating the approach. We currently do not have any feedback on if/when this could be implemented. " 

 

Now, yet again, this is not a solution, there is no indication that this feature required to solve my problem will be added next week, next year or ever, but for me they have acknowledged that there is an improvement that they can make to their product to address the issue of ISP's, like Telstra, ramping up SPF verification, and inconveniencing innocent users of email forwarding like me. The addition of SRS (Sender Rewriting Scheme) to the nic.name mail transfer agents would solve this situation for me. I hope that Verisign will implement this sooner, rather than later.

 

I the meantime, I continue to prepare contingency plans in case Telstra implements an Received-SPF: fail block or the delay times become unacceptable again, of either moving away from Telstra (I've tested a couple of other ISP's and webmail services, who are not using this protocol), or giving up my fname@lname.name address after 15 years.  However my preference is to stay with Telstra and keep my unique email address.

 

I hope this helps anyone else who finds that they are in a similar situation.

 

Cheers,
I'll update if I get any new news.

OzPatricio
Level 4: Private Eye
Accepted Solution

Re: Is Telstra SPAM filtering delaying my legitimate email?

Game over.

I've now discovered examples of legitmate emails that have been rejected by the new sledgehammer Sender Policy Framework (SPF) validation test. One was from a government agency, which was important, and another was a routine email address verification from Steam, which despite trying 4 times over 24 hours, just couldn't get through the BigPond email servers to me. As soon as I temporarily forwarded my address to another provider, the verification email came though seconds after it was resent.

I'm moving to a hosted email solution where I can forward my email address without delays or losing messages completely, as well as use my email address as an alias without the dreaded 'on behalf of' disclosure.

The only problem with this, is that I still pay Telstra the same amount per month for internet access, but lose what for me was a vital part of the service which decreases it's value for money, whilst I take on another cost with different provider.

Frustrating that the only real solution to my problem was to stop using the Telstra provided service, which worked seemlessly for well over a decade. And, that I will continue to pay for this service.

View solution in original post

Set it & forget it

With direct debit there’s no need to give paying your bill another thought.

Avoid queuing up and never worry about late fees again.

Setup direct debit