We are a credit union who interacts routinely every day with 1000's of members and dozens of vendors and sponsor companies. Starting yesterday, a great many of our emails started being returned to us as undeliverable. Most of them are coming back as "denied" by mxlogic.net with no other explanation.
How do we get our domain (reachcu.coop) removed from your spam filter? Our emails are legitimate business communications, and this is crippling us.
VP of Information Systems and eServices
Reach Federal Credit Union
I'm sorry to hear you're having this issue! I've moved your post to the SaaS Email Security community so we can hopefully get you a faster response.
There are two methods to contest the spam score that is triggering the denial. The recipient may contest the scoring directly with support, or, you can forward the non-delivery report to firstname.lastname@example.org, where our Messaging Security Engineers will review the scoring criteria and determine if it is safe to adjust the filter.
For more information, please see:
https://support.mcafeesaas.com/MCAFEE/_cs/AnswerDetail.aspx?sSessionID=&aid=155 - Bounce 554 Denied Information
https://support.mcafeesaas.com/MCAFEE/_cs/AnswerDetail.aspx?sSessionID=&aid=94568 - Best Practices for Organizations Sending to McAfee SaaS Email Protection Customers
Another issue may be the lack of either a SPF TXT or SPF records published in DNS. At the very minimum, a SPF TXT should be published. This protocol is one of the oldest pre-scanning tools used to help identify the authenticity of a senders domain.
Newer protocols such as DKIM and DMARC are becoming more widely used among major. Gmail, AOL, Comcast, Hotmail, and Yahoo! Mail are among the providers adding these additional authentication protocols. In addition, others such as Bank of America, Facebook, Fidelity, LinkedIn, and Paypal have already published policies for those that are scanning for these published authentication rules.
Many of our McAfee accounts make use of these protocols to protect their users and infrastructure from phishin and domain spoofing. You certainly should do the same, in protecting your domains intergrity.