dieselmachine2

    I run a website online that deals with labor dispatch, and one thing we offer is SMS notifications when new jobs are available. All numbers we send to must be confirmed by the end user before we will allow notifications to be sent to them, so there is zero chance that someone is receiving 'spam' messages they didn't want to receive. Until recently (about a week ago maybe), things were working fine for 8 years. For those 8 years, the setup was:

     

    - my domain was in the envelope sender

    - the dispatchers info was in the From: header

    - my domain has Reverse PTR, SPF, and DKIM set up

     

    Those messages are now being rejected as 'spoofs', presumably because the 'From' header doesn't line up with the envelope sender. While it may be a bit overzealous to trash those, especially given the SPF verification passes, I have been trying to work around the issue. In the meantime, I am using a 'noreply' for the from address, so the messages are getting through, but no one can reply to them, and my users are pissed off (as they should be).

     

    So where I'm at now, I have been trying to implement SRS in order to deal with your heavy-handed, ill-thought-out approach to dealing with SPAM. So the dispatcher can send the message, the envelope sender continues to be based at my domain, and the From header is rewritten via SRS to appear to be at my domain, while containing enough info for me to forward the message back to them when the reply comes in.

     

    Step 1: dispatcher sends a message. This works

    Step 2: user replies. Tmo sends it to my server, and I am able to reverse the SRS address and initiate the forward. This works.

    Step 3: I then forward the message UNMODIFIED to the destination, using my server's envelope sender (for SPF checks). Altering the From: header from the original sender is ABSOLUTELY NOT AN OPTION because it would break any DKIM signature for any messages I am forwarding. So this part breaks, because Tmo, for some reason, can't figure out what to do with this message.

     

    This is an example of the message send from tmobile to my server:

     

    S: 220 mail.example.com ESMTP Postfix (Ubuntu)

    C: EHLO da3p-tmo-mm3-sfw001.syniverse.com

    S: 250 mail.example.com\r\n

        250-PIPELINING\r\n

        250-SIZE 10240000\r\n

        250-VRFY\r\n

        250-ETRN\r\n

        250-ENHANCEDSTATUSCODES\r\n

        250-8BITMIME\r\n

        250-DSN\r\n

    C:  MAIL FROM:<btv1==8190f953ef1==1PHONENUMBER@tmomail.net> SIZE=518\r\n

        RCPT TO:<SRS0=Kb27=NM=tmomail.net=PHONENUMBER@example.com> ORCPT=rfc822;SRS0+3DKb27+3DNM+3Dtmomail.net+3DPHONENUMBER@example.com\r\n

        DATA\r\n

    S:  250 2.1.0 Ok\r\n

        250 2.1.5 Ok\r\n

        354 End data with <CR><LF>.<CR><LF>\r\n

    C:  Received: from tmobile.net ([10.164.3.161]) by da3p-tmo-mm3-sfw001.

            syniverse.com with ESMTP id 0qe6yfmnCwSHUuup for <SRS0=Kb27=NM=tmomail.net=PHONENUMBER@example.com>; Tue, 12 Jan 2016 10:13:31 +0000 (GMT)

        To: SRS0=Kb27=NM=tmomail.net=PHONENUMBER@example.com

        From: 1PHONENUMBER@tmomail.net

        Content-Type: text/plain

        Date: Tue, 12 Jan 2016 10:13:31 GMT

        Subject: RE:testing

        Message-ID: 20160012101331845490@mavenir.com

        Sender: 1PHONENUMBER@tmomail.net

        X-Virus-Scanned: by bsmtpd at syniverse.com

     

        Jfkfjjt\r\n

        .\r\n

        QUIT\r\n

    S:  250 2.0.0 Ok: queued as DBD7418110

        221 2.0.0 Bye

     

    And this is an example of the bounced forwarding attempt:

     

    S:  220 Syniverse ESMTP Service CHI01

    C:  EHLO mail.example.com

    S:  250 ch3p-tmo-mm3-sfw001.syniverse.com Hello www.example.com [xx.xx.xxx.90], pleased to meet you\r\n

        250 SIZE 3145728\r\n

        250 PIPELINING\r\n

        250 8BITMIME\r\n

        250 HELP\r\n

    C:  MAIL FROM:<SRS0=19rQ=NM=tmomail.net=btv1==8190f953ef1==1PHONENUMBER@example.com> SIZE=808\r\n

        RCPT TO:<PHONENUMBER@tmomail.net>\r\n

        DATA\r\n

    S:  250 Sender <SRS0=19rQ=NM=tmomail.net=btv1==8190f953ef1==1PHONENUMBER@example.com> OK\r\n

    S:  250 Recipient <PHONENUMBER@tmomail.net> OK\r\n

    S:  354 Start mail input; end with <CRLF>.<CRLF>\r\n

    C:  Received: from da3p-tmo-mm3-sfw001.syniverse.com (dal-tmo-mm3.syniverse.

            com [173.209.216.234])

            by mail.example.com (Postfix) with ESMTP id DBD7418110

            for <SRS0=Kb27=NM=tmomail.net=PHONENUMBER@example.com>; Tue, 12 Jan 2016 05:13:31 -0500 (EST)

        X-DKIM: Sendmail DKIM Filter v2.8.1 mail.example.com DBD7418110

        Received: from tmobile.net ([10.164.3.161]) by da3p-tmo-mm3-sfw001.

            syniverse.com with ESMTP id 0qe6yfmnCwSHUuup for <SRS0=Kb27=NM=tmomail.net=PHONENUMBER@example.com>; Tue, 12 Jan 2016 10:13:31 +0000 (GMT)

        To: SRS0=Kb27=NM=tmomail.net=PHONENUMBER@example.com

        From: 1PHONENUMBER@tmomail.net

        Content-Type: text/plain

        Date: Tue, 12 Jan 2016 10:13:31 GMT

        Subject: RE:testing

        Message-ID: 20160012101331845490@mavenir.com

        Sender: 1PHONENUMBER@tmomail.net

        X-Virus-Scanned: by bsmtpd at syniverse.com

     

        Jfkfjjt\r\n

        .\r\n

        QUIT\r\n

    S:  550 rejecting spoofed message

    S:  221 ch3p-tmo-mm3-sfw001.syniverse.com Goodbye www.example.com, closing

            connection\r\n

     

    What do I need to do to get around your ill-conceived rules? Why don't you just implement DKIM? It's obvious that I haven't manipulated any of the headers, I've left everything intact, and my SPF checks out, so if that's not enough for you, why not implement DKIM so you can VALIDATE YOUR OWN MESSAGES? This is absolutely ridiculous! You gave me the message-ID, i gave it right back, you can VERIFY that it's a forward, not a spoof! Do you not realize how asinine this approach is?

     

    How do I work around this engineering catastrophe? (The answer is not 'rewrite the from header on a forward', because that would screw over the responsible adults who actually implemented DKIM).

     

    I'm sorry if I sound upset here, but it's because I AM. I've done every single thing by the books to give anyone the ability to validate the content coming out of my server, and your actions have directly impacted my business. This server has been sending these messages for 8 years, and it has a great email reputation, but you've somehow implemented a disastrous policy without really knowing what you were doing.

     

    Please tell me how to work with this new terrible system so my users can message eachother and reply to the messages.

      All replies

      • tmo_lauren

        Re: email to sms gateway issues

        Greetings!

         

        Looks like our good friend Ryan replied to your comment over here email to tmomail.net rejected for banned content

         

        I'd suggest following his advice, and apologies for any confusion on how to file the ticket!

         

        -Lauren

        • dieselmachine2

          Re: email to sms gateway issues

          It's NOT OKAY to require users to use twitter or facebook to submit tickets. Some of us don't want to use those services. Standard email, or a web-based form on the site, should have been top priority, with inconvenient options (those that require the user to sign up with a service he doesn't want) should have gone on the backburner.

           

          If I have to post here every 36 hours to prevent some sneaky employee from marking it "answered", i'll do it. I've seen how the employees here behave, and it's shameful. This whole company seems to have a serious problem with basic human decency. This issue is not resolved, and most definitely not answered.

            • dieselmachine2

              Re: email to sms gateway issues

              This thread is still not answered ( I will post once a day to make sure an employee doesn't mark it 'answered due to 36 hours of inactivity' in an attempt to make the problem disappear).

               

              The ticket number is 14541030. We'll see if they ever get back to me.

                • e2k

                  Re: email to sms gateway issues

                  Post every day will often delay a response. The community managers tend to look at posts without replies (for a day or 2) before those with replies.

                   

                  As for T-Force using social media, you do not have to use the social media channel for anything else. You can just choose a username, contact T-Force, and never use it again. No one (other than T-Mobile) will be able to associate your real name or email address with the social media account.

                    • dieselmachine2

                      Re: email to sms gateway issues

                      I have to post everyday, because as evidence has shown, the reps are lurking, waiting for that 36 hour period to expire so they can shut down a ticket and never acknowledge it again. It's happened with nearly every ticket I've seen that has been related to the email->sms gateway, and I can't chance that happening here.

                        • tmo_lauren

                          Re: email to sms gateway issues

                          Hey there!

                           

                          I had replied on the same thread I linked to above that Ryan had also replied on.

                           

                          We haven't done the 36 hour close in some time since we have restructured, so that message hasn't been used in several months and won't be making an appearance here, even if you take a few days off from posting. Promise!

                           

                          So feel free to pop in as you see fit, but you don't need to post every day for us not to close it. We'll keep it open as needed.

                            • e2k

                              Re: email to sms gateway issues

                              tmo_lauren wrote:

                               

                              We haven't done the 36 hour close in some time since we have restructured, so that message hasn't been used in several months and won't be making an appearance here, even if you take a few days off from posting. Promise!

                               

                              Thanks for updating us on the new protocol

                                • tmo_lauren

                                  Re: email to sms gateway issues

                                  That's why you mostly just see MC, myself, Ryan, and a little bit of Phill out here. T-Force sticks to FB and Twitter for the most part and are the ones who have account access.

                                   

                                  You'll notice I got the spiffy new Community Manager badge rather than T-Force badge now ;D

                                   

                                  Thanks as always for being so helpful e2k

                                    • tmo_lauren

                                      Re: email to sms gateway issues

                                      Just checking in to see if we have any new news!

                                       

                                      -Lauren

                                        • dieselmachine2

                                          Re: email to sms gateway issues

                                          No, the engineers closed 2 consecutive tickets on me, the first because it "wasn't reproducible", and the second because they determined it was a "device issue", despite it being server-to-server communication (which I'm sure they were aware of).

                                           

                                          After relenting and joining twitter so I could finally submit my packet capture log that no one wanted to take, I had someone open a third ticket after verifying that the issue wasn't only my device, but also my girlfriend's device, as well as those of every single t-mobile user who uses my dispatch system. I was told via twitter that I'd hear back "by tuesday". That was 10 days ago, so 2 consecutive tuesdays have happened with no response (to be fair, this one isn't quite over yet, so anything could happen, LOL).

                                           

                                          I also heard from a source at T-mobile that the issue is occurring upstream at synuniverse, and the issue was escalated, so what will become of that, no one knows. But no, the issue is most definitely still not resolved.

                                            • dieselmachine2

                                              Re: email to sms gateway issues

                                              So the 4 tickets they've closed on me so far without fixing the issue are 14541030, 10867119, 10862640, and 10826251. I even sent them a 4 step process on how to reproduce the issue, but it looks like engineering has no oversight whatsoever, and can just trash tickets without ever bothering to test the issue.

                                               

                                              This is absolutely infuriating. Now I'm on twitter with someone who says engineering is refusing to help unless I test my SIM in another device, despite the fact that the issue doesn't even involve my phone.

                                               

                                              I can't believe they can get away with this. Someone needs to be fired for how they're handling this.

                                               

                                              If the problem is communication between network servers, and the engineers are demanding changes to device configurations, there is something horribly wrong. I can only assume at this point that they're laughing the entire time as they waste my f'ing time, before throwing out yet another ticket. I've seen no indication whatsoever that they even bother to perform the reproducible test steps.

                                                • dieselmachine2

                                                  Re: email to sms gateway issues

                                                  New ticket is 11001092, bet they close this one without testing as well.

                                                   

                                                  At least this time they can't claim my SIM card has anything to do with it.

                                                   

                                                  God I hate T-mobile engineers.

                                                    • e2k

                                                      Re: email to sms gateway issues

                                                      I suggest you contact T-Mobile corporate and start from the top. This is called Executive Customer Service.

                                                       

                                                      I won't post details here, but if you just do a little Googling, you'll find the appropriate contact information.

                                                        • tmo_lauren

                                                          Re: email to sms gateway issues

                                                          I actually think we may be making some headway on my side!

                                                           

                                                          Hang tight for me, I think we are getting closer to a resolution and I will be popping back in here soon. I may not get a reply before end of day today and it's the weekend coming up,but if you don't hear from me today, it should be next week!

                                                           

                                                          -Lauren

                                                        • srickar

                                                          Re: email to sms gateway issues

                                                          Hi Diesel.....I made some modifications to the setup and not seeing any further 550 rejections. It was not for SPF violation either. There were also prior successful messages routing through.  Please be patient, these systems are dynamically trying to combat false negative and false positive spam threats and no employee is trying to deny legitimate traffic. A global expression could override "safe" traffic based on traffic trends.

                                                           

                                                          Please review and maintain SMTP setup with RFC822 header standards. With that said, can you please PM me with your concerns and I will try to address them.

                                                            • dieselmachine2

                                                              Re: email to sms gateway issues

                                                              It's been a few week now, and everything seems to be going smoothly. I haven't had a single complaint from my Tmobile users, so thank you a million times over for fixing this.

                                                               

                                                              Also, when you say 'PM me with concerns', can you explain to me how to PM someone here? I actually tried to find that option a looooong time ago when I found another post you made on this forum (email to tmomail.net rejected for banned content) that indicated you might be the 'go to' guy for problems of this nature, but I was unable to find any way to send a PM, so I resorted to posting in the same thread.

                                                               

                                                              Also, while we're on the subject of header standards, all of tmomail.net's outbound messages have non-compliant message IDs (lacking the angle brackets), so google is rewriting them. The result looks like this when i message my gmail from my phone:

                                                               

                                                              Message-ID: <56c667ec.86c70d0a.d4e39.3812SMTPIN_ADDED_BROKEN@mx.google.com>

                                                              X-Google-Original-Message-ID: 20160119005507112154@mavenir.com

                                                               

                                                              I'm not sure who this mavenir.com entity is, but it looks like they might need to read some RFCs.

                                      • Also have this problem, stop working recently.