Gmail rejects emails. fails the tests.

I've got a problem with Gmail.

It started after one of our trojan infected PCs sent spam for one day from our IP address.

We've fixed the problem, but we got into 3 black lists. We've fixed that, too. But still every time we send an email to Gmail the message is rejected:

So I've checked Google Bulk Sender's guide once again and found an error in our SPF record and fixed it. Google says everything should become fine after some time, but this doesn't happen. 3 weeks already passed but we still can't send emails to Gmail.

Our mail setup is a bit complex, but not too much. We have a domain name, it has it's own mail (this one is fine, but the problems are with sub-domain name domain has several DNS records fro its subdomain:

corp                     A
corp                     MX    20    TXT   "v=spf1 ip4: ~all" 

(I set ~all for testing purposes only, it was -all before that)

These records are for our corporate Exchange 2003 server at Its LAN name is so its HELO/EHLO greetings are also

To pass EHLO check we've also created some records in's DNS:

s2.corp                  A TXT   "v=spf1 ip4: ~all" 

As I understand SPF verifications should be passed in this way: Out server s2 connects to MX of the recepient (Rcp.MX): EHLO Rcp.MX says Ok, and makes SPF check of HELO/EHLO. It does NSlookup for and gets the above DNS-records. TXT records says that should be only from IP So it should be passed.

Then our s2 server says RCPT FROM: <> Rcp.MX` server checks it, too. The values are the same so they should also be positive.

Maybe there is also a rDNS check, but I'm not sure what is checked HELO or RCPT FROM.

Our PTR record for is: 86400 IN PTR

To me everything looks fine, but anyway all emails are rejected by Gmail.

So, I've checked - it says everything is fine, I passed Python check, I did email test. It's fine, too:

Return-Path: <>
Received: from ( by id ha45na11u9cs for <>; Fri, 2 Mar 2012 13:03:21 -0500 (envelope-from <>)
Authentication-Results:; spf=pass
Authentication-Results:; domainkeys=neutral (message not signed)
Authentication-Results:; dkim=neutral (message not signed)
Authentication-Results:; sender-id=pass
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative;
Subject: test
Date: Fri, 2 Mar 2012 21:03:15 +0300
X-MimeOLE: Produced By Microsoft Exchange V6.5
Message-ID: <>
Thread-Topic: test
Thread-Index: Acz4jS34oznvbyFQR4S5rXsNQFvTdg==
From: =?koi8-r?B?89XQ0tXOwMsg8MHXxcw=?= <>
To: <>

I also checked with, but it FAILs all the time, no matter which SPF records I make:

< #5.7.1 smtp;550 5.7.1 <>: Recipient address rejected: SPF Tests: Mail-From Result="softfail": Mail From="" HELO name="" HELO Result="softfail" Remote IP="">

I've filled Gmail form twice, but nothing happens.

We do not send spam, only emails for our clients. 2 or 3 times we did mass emails (like New Year Greetings and sales promos) from addresses, but they where all complying to Gmail Bulk Sender's Guide (I mean SPF, Open Relays, Precedence: Bulk and Unsubscribe tags). So, this should be not a problem.

Please, help me. What am I doing wrong?


I've been having serious problems with gmail rejecting legitimate mail. Somewhere I read a suggestion to delete URLs from your signature file. To my amazement, this worked. (My mail client is Eudora, which some of you may dimly remember.)

Hope it helps.

Gmail have now a postmaster tool you can check your domain/ip reputation, spam rate and in the "Authentication" area you can check DKIM/SPF/DMARC works correctly.

I recommend to use the CNAME record for authentication, if you are using the default TXT record also on SPF query this entry return.

Need Your Help

How can tools such as Selenium Web Driver be prevented from extracting information on a social media website?

class selenium xpath media social

My thoughts on the subject would be for a website to implement dynamic classNames and xpaths. However I don't know if this is strictly true or viable. What are the other methods in addition to this.