U

Visitor

 • 

1 Message

Sunday, April 23rd, 2023 7:57 PM

Closed

Emails from my private domain sent via Comcast server going to recipient's spam folder

Hi, and thanks in advance for any help. Comcast/Xfinity is my ISP, and I send emails from my business domain through the smtp.comcast.net server. Recently I've found that an increasing number of the emails I send are ending up in the recipient's spam folder. My technical knowledge is extremely limited, but from what I've been able to glean online, I think the issue could perhaps be that the emails are failing authentication because they lack SPF or DKIM records? Does anyone know if this is in fact the culprit and, if so, if there's a way to add the appropriate authentication via Comcast/Xfinity?

Official Employee

 • 

881 Messages

2 years ago

@user_499409 It's rather hard to say without knowing where you're sending and talking to the admins for those systems.  However, I can see that you do not have an SPF record, nor DMARC.  These are not necessarily required, but again, I can't answer for admins at all sites.

We won't DKIM sign for your messages, though you could setup your own SPF.  However, I will caution you that doing so would allow anyone to send messages as your domain via our platform and those messages to be authenticated via SPF.  If you wanted to do this, you could make an SPF record such as:

v=spf1 include:comcast.net ~all  (this is extremely basic, and if the domain sends mail from other places, would need to be altered)

Please be mindful that if you have only SPF (no DKIM) and an enforcing DMARC policy (quarantine/reject), and someone tries to forward the message from the original receiving system, it will definitely not pass SPF and will be treated accordingly.

If you're sending from an MUA, I don't think there's a way to do DKIM.  If you're routing through your own small server, it could do DKIM there.  

Feel free to DM me if you have additional questions.

Visitor

 • 

1 Message

I have been told that setting up DMARC and SPF for my email will make it more secure. My understanding is that I modify the DNS records to do this. Is this correct, and is there a way to do this for a comcast.net email address?

Expert

 • 

31K Messages

@prone​ 

You really should start your own thread with your issue so that it will be addressed more quickly.

Thanks.

I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.

Was your question answered? Please mark an Accepted Answer!tick

Visitor

 • 

1 Message

1 year ago

I have the same problem where I use a comcast.net email address for outgoing emails in our web store. Lately all of the emails sent to Gmail-addresses have bounced and not been delivered. Google says to contact our email provider (Comcast/Xfinity) to set up DKIM and/or SPF authentication. How does one go about doing this? Where does the (v=spf1 include:comcast.net ~all) go? Isn't this something that Comcast should do for all of its email addresses as a standard procedure?

Official Employee

 • 

881 Messages

@user_bac631​ Are you sending the messages using your "comcast.net" email from the Xfinity Email platform, or from your own hosts (or an ESP)?  All messages leaving the Xfinity Email platform (using a comcast.net email address) should be properly authenticated using SPF & DKIM.

4 Messages

1 year ago

I have the same problem except mine do not go to their spam folder, instead they reject and bounce back as undeliverable for me for all Gmail accounts.  I have been told by Epicor, who is the software provider, to have my ISP add or edit the Comcast domains SPF record  to list Epicor as being allowed to originate my email with the following 3 hostnames: triadinet.com, triadinet.net, mail.aaih.net.  Six weeks ago I opened a support ticket and it still remains as, "Assigned" and nobody will help me!  Hoping for help from a Comcast employee here!

Official Employee

 • 

881 Messages

@user_996ab9​ Gmail?  Do you have the text of the bounce message?

4 Messages

Yes I do, it is:

The original message was received at Wed, 13 Sep 2023 08:46:12 -0700
from ga1.triadinet.com [Edited: "Personal Information"]
   ----- The following addresses had permanent fatal errors -----
    (reason: 550-5.7.26 This mail is unauthenticated, which poses a security risk to the)
   ----- Transcript of session follows -----
... while talking to gmail-smtp-in.l.google.com.:
>>> DATA
<<< 550-5.7.26 This mail is unauthenticated, which poses a security risk to the
<<< 550-5.7.26 sender and Gmail users, and has been blocked. The sender must
<<< 550-5.7.26 authenticate with at least one of SPF or DKIM. For this message,
<<< 550-5.7.26 DKIM checks did not pass and SPF check for [comcast.net] did not
<<< 550-5.7.26 pass with ip: [Edited: "Personal Information"]. The sender should visit
<<< 550 5.7.26 instructions on setting up authentication. q12-20020a17090a2e0c00b002736ff3cc79si1715814pjd.23 - gsmtp
554 5.0.0 Service unavailable

(edited)

4 Messages

This happens for ONLY emails that we are sending to customers with Gmail email accounts.

Official Employee

 • 

881 Messages

And you're sending through comcast.net systems, and that's the issue?  Obviously that rejection isn't from Comcast systems.  Are you able to send me a DM with the details that are being redacted?

4 Messages

Yes, how do I do that?

forum icon

New to the Community?

Start Here