This sender failed our fraud detection checks and may not be who they appear to be.

Question asked by David Stevenson 8 years ago

Every invoice/reminder I send that lands on a Microsoft email system (outlook.com/hotmail/office 365) has:

This sender failed our fraud detection check... etc

And a lot of my email ends up in SPAM on other email services.

My domain has a TXT record of:

"v=spf1 include:_spf.clearbooks.co.uk include:spf.protection.outlook.com -all"

Can someone clarify if my entry is still correct? Email is sent using SMTP settings configured in Clearbooks (or so I believe it's using those settings).

PS: I use Microsoft Exchange, Office 365 hence the outlook.com entry.

14 Replies

Hi Theo,

Looks like it is working now, it just needed the weekend to kick in it would seem.

Thanks for the support.

Sam

Hi Sam,

To completely clarify the situation so that we are both on the same page. Could you please let me know what you are aiming to achieve, any changes you have already made and what's happening.

Hopefully, then we can resolve this problem once and for all.

Thanks, Theo

Hey Theo,

I've waited the full 2 days and the emails are still getting junked?

I'm pretty sure I have the setting correct, is there anything else that could be causing the issue? I'll check again on Monday but if you have any thoughts do let me know.

Cheers

Sam

Okay, that is great. If you require any more assistance then you know where we are.

Yeah, that would be a great feature. I have passed the idea across to our development team for review.

All the best, Theo

I think so, I'm still waiting for the record to update. Thanks for pointing me in the right direction.

On a different note, its a shame that posts can't be edited after the fact, it would be nice if edits could be made with a toggle to then view strike through of amended posts, for transparency purposes.

Hi Sam,

I can delete the previous post.

Has the problem been solved now?

Thanks, Theo

Hey Theo,

You can delete the last post!

Type TXT Name @ (or in our case 'mydomain.co.uk') TTL 3600 (This I'm not 100%) v=spf1 include:_spf.clearbooks.co.uk ~all

Cheers

Sam

Hi,

Did this get resolved, we've just switched to Outlook and are having the same issue which makes the email option pretty much useless now!

If we can help fix this with further information let me know as we like the feature.

Cheers

Sam

Hi, was this ever rectified as I am currently receiving the same issue when using CB to send invoices with my emails provided by office 365?

I also have an added issue to this, when using my emails normally through outlook (office 365) I use an add on called exclaimed cloud that stamps the email signature on when it leaves microsofts servers, when using CB to send invoices from my nominated email account I loose the stamped signature? Is there a way that this can be incorporated?

Exclaimer seems to add a forwarding function to 365 so that when the email leaves 365 severs it's is directed to exclaimer a servers to add the signature stamp, then sent on to the intended recipients?

Hi David,

The technical team have updated me with the following:

For the SPF question, his original record was correct:

"v=spf1 include:_spf.clearbooks.co.uk include:spf.protection.outlook.com -all"

As for why his emails would be marked as suspicious, there's no way for us to tell unfortunately. If he could forward one of the full emails on to us (complete with headers, he may need to use the "view source" or "view original " option, or equivalent) then we can see if there's any clues there

Just as an update.

I tweaked the SPF TXT entry to:

"v=spf1 a:_spf.clearbooks.co.uk a:spf.protection.outlook.com -all"

and still the warning comes up on emails.

Just a bit of history, I tweaked the CB setting from SMTP delivery to use my SMTP server using my credentials, hoping this would reduce the number of emails arriving in clients spam and not being paid on time. I believed that asking CB to log onto my SMTP would negate trust issues. But it seems for some reason, Microsoft don't trust you login in as me and suggesting perhaps you've stolen my credentials?!

So I have reverted to you delivering my emails directly, and thus using the current SPF TXT entry, and as before I switched, I do not see any more warnings. But, and time will tell, too high a number may end up in spam folders.

So it seems, that allowing you to send email directly using SMTP, emails are sent directly to the Mail Host as defined by MX records, and these hosts are checking SPF records and allowing the email in. But, potentially, using various black lists and heuristics, are marking email as spam, or perhaps the local email client is - hard to tell.

Sending emails using my credentials however, it seems Microsoft are the agent handling the receiving (from you) and 'passing on' to the client MX host. And in doing so, they don't check SPF records, and interpret your email as 'curious'.

Does that make sense?

Reply to this question

Attach images by dragging and dropping or upload
 

Your comments will be public and can be answered by anyone in the Clear Books community.

Find out what we do and who we are