New email error message from Symantec

  • Answered
We're getting phone calls from customers telling us that they recently began receiving this error **only occasionally** when sending a particular email from our domain. Here is the error message: "This sender failed our fraud detection checks and may not be who they appear to be. Learn more about spoofing". I looked in our logs and this message appears to be generated when our customer is using MS Outlook and somehow Symantec is involved. I don't know who appointed Symantec as "email police" but their name appears in our exim_mainlog file when this error occurs.
Why are we getting this error and what can we do, if anything, to fix it? It's ridiculous -- I personally get all kinds of 'spam' in my Inbox, but I can't deliver these business emails to my customers sometimes. We are using PHPMailer, SMTP, and we apparently have the "SPF" set correctly. Now somebody is saying something about "DKIM". I don't know anything about "DKIM", I'm just a poor PHP/MySQL programmer who was hoping not to have to master The Internet from A to Z. I just want my programs to work as they should, and as they USED TO. Please advise. I really don't want to have to use a Transactional Mail Service as that's just another piece of programming we'll have to do and probably another potential point of failure whenever they do an update. Thanks


Sorry to hear you area having issues with those using Symantec not accepting messages. If you have the SPF set up right, I would go ahead and enable the DKIM as well. It couldn't hurt anything. To do that, just go to the cPanel and click on the "Authentication" icon within the "Email" category. There is a button at the top of the page that allows you to enable DKIM. The server will create the record for you.

Also, check your SPF record to ensure it is set to a 'hard fail' instead of a 'soft fail'. Currently, your SPF is set to soft fail, which means you can still get spoofed easily. Setting it to a hard fail will curb more spoofing.

To do that, just go to the same page as the DKIM. The SPF settings are below the DKIM section. Scroll down and check the box that says "All Entry (ALL):". This will set the record for a 'hard fail'. Below is a link on how to do it:

Hopefully that will help your situation and allow the emails to go through properly.

Kindest Regards,

Scott M