My server wasn’t getting admin emails through to Gmail addresses. Some emails from my newer WordPress installation were working, but the oldest WordPress installation was not. They were all running on a Docker server. It’s described in Configuring Alpine Linux on Docker to Send Mail for WordPress
Email was getting through on Hotmail, though. So here are some differences:
For the site decluttermethod.com, on the newer install, email going to a Gmail account:
ARC-Authentication-Results: i=1; mx.google.com; spf=neutral (google.com: 216.240.146.66 is neither permitted nor denied by best guess record for domain of dapache@db44432c0e62) smtp.mailfrom=dapache@db44432c0e62 Return-Path: <dapache@db44432c0e62> Received: from d.slaptech.net (ns1.slaptech.net. [216.240.146.66]) by mx.google.com with ESMTP id y4-20020*******000b00502ee712648si4508975pgc.578.2023.05.22.02.43.56 for <landofziploc@gmail.com>; Mon, 22 May 2023 02:43:56 -0700 (PDT) Received-SPF: neutral (google.com: 216.240.146.66 is neither permitted nor denied by best guess record for domain of dapache@db44432c0e62) client-ip=216.240.146.66; Authentication-Results: mx.google.com; spf=neutral (google.com: 216.240.146.66 is neither permitted nor denied by best guess record for domain of dapache@db44432c0e62) smtp.mailfrom=dapache@db44432c0e62 Received: from db44432c0e62 (zanon.local [172.16.239.1]) by d.slaptech.net (Postfix) with ESMTP id D2D3910EED55 for <landofziploc@gmail.com>; Mon, 22 May 2023 09:43:55 +0000 (UTC) To: landofziploc@gmail.com Subject: [Declutter Method] Please moderate: "Decluttering on Mercari" Date: Mon, 22 May 2023 09:43:55 +0000 From: WordPress <wordpress@onami.slaptech.net>
Here’s a header from an admin email from the old install, to a Hotmail account:
Authentication-Results: spf=temperror (sender IP is 216.240.146.66) smtp.mailfrom=da8bdb99b49e; dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=greenslocal.org;compauth=fail reason=001 Received-SPF: TempError (protection.outlook.com: error in processing during lookup of da8bdb99b49e: DNS Timeout) Received: from d.slaptech.net (216.240.146.66) by DM6NAM10FT058.mail.protection.outlook.com (10.13.153.48) with Microsoft SMTP Server id 15.20.6521.21 via Frontend Transport; Mon, 19 Jun 2023 19:06:48 +0000 X-IncomingTopHeaderMarker: OriginalChecksum:C74990698868478**********02B3C607DD13081A3A6FCABD04BFC9D54854D9;UpperCasedChecksum:50045DFDFDF0E000*********7213AF316CB04E8287BCD3301FB4238EECEA1B;SizeAsReceived:550;Count:9 Received: from da8bdb99b49e (zanon.local [172.16.239.1]) by d.slaptech.net (Postfix) with ESMTP id 37FBA10EDDBE for <johnkawakami@hotmail.com>; Mon, 19 Jun 2023 19:06:48 +0000 (UTC) To: johnkawakami@hotmail.com Subject: [Greens Local Sites] Password Reset Date: Mon, 19 Jun 2023 19:06:48 +0000 From: WordPress <wordpress@greenslocal.org>
After some thought, I figured out that the email getting through to Gmail was a fluke. This isn’t a consistent email problem. Explanation is below.
The Solution
The problem was visible in these two headers:
Received-SPF: TempError (protection.outlook.com: error in processing during lookup of da8bdb99b49e: DNS Timeout) ... Received: from da8bdb99b49e (zanon.local [172.16.239.1]) by d.slaptech.net (Postfix) with ESMTP id 37FBA10EDDBE for <johnkawakami@hotmail.com>; Mon, 19 Jun 2023 19:06:48 +0000 (UTC)
The boldfaced part is the hostname of the container. It matches the ID of the container in Docker.
The outlook.com service was looking for the SPF record for da8bdb99b49e, which is an invalid domain name.
The fix is to set the hostname of the container to one of the domains on the server. I chose greenslocal.org. This is how it’s done in the docker-compose.yml config file. Config is boldfaced:
web:
build: ../alpine-apache2-php7
hostname: greenslocal.org
networks:...
Note that I’m setting the hostname of the web service that runs that domain.
The SPF record for greenslocal.org allows email from a range of IP addresses, including the one used to send the mail.
Rebuild the container, and then restart it:
docker-compose build web
docker-compose stop web
docker container prune
docker-compose up -d web
Testing
I found a nice plugin called Email Test that works.
To install it:
wp plugin install email-test
What Was Happening?
Most of the server is running in Docker containers. They’re like virtual machines. The containers have names like “cb23401bd3”. When email was being sent out, that name was associated with the origin of the email. That caused problems. It failed because it tried to find the SPF record for that random string — I will explain SPF below.
I had to change the name to “greenslocal.org”, so that would be associated with the email. When email was sent, it would get to Google or Hotmail, which would check the SPF record for greenslocal.org. SPF is a string that indicates which servers can send email for greenslocal.org. The record said the server was allowed to send mail, so everything worked.
The failure was inconsistent because SPF validation is not ironclad. It’s just one factor in deliverability, and if an SPF record doesn’t exist, the recipient server can still choose to let the email through.