We have sent email to email@example.com, but we are not getting a response. A redacted version of our email appears below. We are quite anxoius to get this rectified as our customers businesses are being impacted.
We have already viewed the self help artocles on your site (such as https://support.mcafeesaas.com/MCAFEE/_cs/AnswerDetail.aspx?sSessionID=&aid=155) We take the deliverability of our mail very seriously and we. We also take our IP reputation maintenence seriously. If there is anything we need to do to get delisted on your service please advise.
We are a Toronto, Ontario, Canada hosting and email provider. We recently started receiving customer complaints over bounced email messages. The common denominator in all of the bounces is a 554 Denied error from a mxlogic.net server.
According to your http://trustedsource.org/ website tool our IP address (188.8.131.52) has a good reputation/minimal risk:
We are not on any other blacklists.
We take our IP reputation very seriously and have never tolerated UCE or spam of any kind. We don't allow customers to send bulk email. We work with them, where there is a need, on using services such as MailChimp or Constant Contact.
An example of one of the bounce messages is included below. It also shows the entire email content. I have also included the transaction log from our mail server for this piece of mail.
Can you please tell us why our customers emails are being blocked? This started about a week ago. We are getting dozens of these complaints daily.
Bounce Message and email content
From: System Administrator [mailtoystem Administrator]
Sent: Thursday, November 07, 2013 2:08 PM
Subject: Delivery Failure
Could not deliver message to the following recipient(s):
Failed Recipient: xxxxxxxxxxx
Reason: Remote host said: 554 Denied [CS]
[803fb725.0.5380132.00-2030.8103616.p02c12m005.mxlogic.net] (Mode: normal)
-- The header and top 20 lines of the message follows --
Received: by mail.infologistix.net via HTTP;
Thu, 7 Nov 2013 15:07:13 -0500
From: "xxxxxxxx" <xxxxxxxxxxxxx>
Date: Thu, 7 Nov 2013 15:07:13 -0500
This is a multipart message in MIME format.
Email content removed
Server log excerpt
15:07:15  Delivery started for xxxxxxxxxxxx at 3:07:15 PM
15:07:30  Skipping spam checks: No local recipients
15:07:33  Sending remote mail for xxxxxxxxxxx
15:07:33  Initiating connection to 184.108.40.206
15:07:33  Connecting to 220.127.116.11:25 (Id: 1)
15:07:33  Binding to local IP 18.104.22.168:0 (Id: 1)
15:07:33  Connection to 22.214.171.124:25 from 126.96.36.199:2577 succeeded (Id: 1)
15:07:33  RSP: 220 p02c12m005.mxlogic.net ESMTP mxl_mta-7.2.2-0 [2aed10f5c940.5380132.00-2030]; Thu, 07 Nov 2013 13:07:36 -0700 (MST); NO UCE, INBOUND
15:07:33  CMD: EHLO mail.infologistix.net
15:07:33  RSP: 250-p02c12m005.mxlogic.net
15:07:33  RSP: 250-SIZE 0
15:07:33  RSP: 250-STARTTLS
15:07:33  RSP: 250-SUBMITTER
15:07:33  RSP: 250-8BITMIME
15:07:33  RSP: 250 PIPELINING
15:07:33  CMD: MAIL FROM:<xxxxxxxxxxx> SIZE=1250
15:07:33  RSP: 250 Sender Ok
15:07:33  CMD: RCPT TO:<xxxxxxxxxx>
15:07:33  RSP: 250 xxxxxxxxxxx ok (RCPTMode: normal/deferred)
15:07:33  CMD: DATA
15:07:34  RSP: 354 Start mail input; end with <CRLF>.<CRLF>
15:07:34  RSP: 554 Denied [CS] [803fb725.0.5380132.00-2030.8103616.p02c12m005.mxlogic.net] (Mode: normal)
15:07:34  CMD: QUIT
15:07:34  RSP: 221 p02c12m005.mxlogic.net Service closing transmission channel [5380132.00]
15:07:34  Bounce email written to 947609883069.eml
15:07:34  Delivery for xxxxxxxxxxx to xxxxxxxxxx has completed (Bounced)
15:07:36  Delivery finished for xxxxxxxxxxxxxxx at 3:07:36 PM [id:947609883065]Message was edited by: infowan on 19/11/13 13:46:24 CST
When did you submit the example to saas_falsepositives? It can take up to 24 hours to process a false-positives complaint, and not all submissions result in a reset or clearing of the score that is causing the message to score high. If our Messaging Security team is seeing an active threat or spam campaign with the criteria causing these messages to be blocked, Messaging Security will not be able to clear that score.
I'm not able determine exactly what is causing your messages to be blocked, however I can tell you that they are receiving an extremely high spam score, at the Crtitical Spam Level, which is at or just below 100% probability spam. TrustedSource is only one small component of our filtering stack, there are many additional levels that are proprietary and not publicly searchable.
My advice for any organization sending inbound to McAfee SaaS Customers that have not received a response from Messaging Security is to either email saas_falsepositives with a request for an update (this mailbox is reviewed by individuals on the Messaging Security team, and is not an automated hopper), or, have anyone of the recipient organizations open a service request with their support team for their account. If you go through the latter option, they will need an example message with the to/from/date information.