Emails and Spam
Spam emails are a huge problem, and one that we abhor. Thankfully there are quite a lot of mechanisms available which, if all used together, help to identify genuine emails. PhotoEntry uses all of these, and generally we have no problems with email deliverability. With one exception...
Forwarding Emails from PhotoEntry
If your email address in PhotoEntry is set up as, for example, email@example.com and you have configured gmail to forward emails to firstname.lastname@example.org please ensure that you do not modify the contents of the email when forwarding. Common examples of this would be tagging the Subject line with something like "FWD", or "[PhotoEntry]".
A modification like that will invalidate the digital signature PhotoEntry attaches to outbound emails, and because it is also not coming directly from one of PhotoEntry's email servers, could cause somewhereelse.com to discard the email, or perhaps quarantine it. Essentially the email becomes indistinguishable from a maliciously forged one, and most reputable mail providers will honour our DMARC configuration and discard it.
We have had a long battle with Microsoft over email delivery to domains such as outlook.com, hotmail.com, hotmail.co.uk, live.com, etc. Microsoft had indiscriminately blocked emails originating from large portions of AWS, and it took over a month to get one of our dedicated email gateways unblocked. We hope that is the end of that saga.
However they are still marking much email as junk by default but are unable to tell us why that is happening to some of ours. Do check your junk mail folders, and add the sending email address to your safe senders list.
Problems with Btinternet occur frequently. They re-appeared in earnest in mid September 2018, although have not been observed since the end of October 2018. [UPDATE April 2020: Despite sporadic episodes, these have not occurred for a little while now...]
Btinternet, and its associated domains, apply seemingly random criteria when determining whether an email is spam. We have had many cases where an identical email is accepted for most of the btinternet addresses being sent to, but rejected for a few others. And other cases where single individual emails (e.g. new user access details) are rejected.
Worse still, the emails are rejected at the point we transmit them to the Btinternet servers. They are not even accepted from our servers, and so are not placed in your individual spam folders for review. This means that you have no way of knowing that you have missed emails. When that happens we send your club administrator the email bounce message so they are aware.
We have observed this with email addresses in the following domains which are all handled by Btinternet:
We have in the past tried to follow Btinternet's resolution procedure (for non-customers) which requires emailing details to their postmaster. The farcical repeating pattern was that the email would go unanswered for 3-4 months, then we would get a reply asking us to send a test message. Another few weeks would elapse and we would get a reply saying they couldn't find any record of blocking it, despite us supplying the logs showing their server replying with "SMTP error from remote mail server after end of data: 554 Message rejected on 2018/xx/xx xx:xx:xx BST, policy (220.127.116.11) \342\200\223 Your message looks like SPAM or has been reported as SPAM please read www.bt.com/bulksender".
In short, there is nothing more that we can do. If you are a Btinternet customer please do complain to them, and point them towards the information in the following section on this page.
We rarely have any trouble from any other email providers. In our experience Gmail has always been one of the most reliable.
How PhotoEntry Sends Emails
The following details how PhotoEntry treats its outgoing emails:
- PhotoEntry has its own dedicated virtual servers in AWS (Amazon Web Services). These are not shared by any other system. Two of these can send outbound emails.
- Each server has a fixed public IP address.
- DNS entries (A, PTR, MX) are properly configured to match the servers mail relays (exim).
- AWS has accepted our business case for sending emails, removed the default limitations, and sent whitelisting information to various blacklists.
- We publish SPF (Sender Policy Framework) details in our DNS, explicitly listing our servers as authorised senders for photoentry.uk.
- All emails carry DKIM (DomainKeys Identified Mail) signatures, which can be validated from the public key published in our DNS.
- We publish a DMARC (Domain Message Authentication Reporting & Conformance) policy in our DNS indicating that only emails with valid SPF and/or DKIM are to be accepted. The daily DMARC reports we receive from major sites have always indicated no rejections due to DMARC.
- We publish an ADSP (Author Domain Signing Practices) policy in our DNS indicating that emails without a valid DKIM signature should be discarded.
- Each email has only one recipient.
- We use Mxtoolbox to monitor the biggest email blacklists. We have never appeared on any of them.
- We monitor our email servers to ensure that only valid emails are sent. We do not send spam.