cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Go to solution

This sender failed our fraud detection checks

We have many Workspace email accounts setup on Go Daddy and they all forward to an email on our Office365 email platform. When we reply to these emails from the Office365 account a line is added to the top of the email that says "This sender failed our fraud detection checks and may not be who they appear to be. Learn about spoofing at http://aka.ms/LearnAboutSpoofing".  

I called Go Daddy support and they told me its not Go Daddy but the receiver's email. Well I just tested it from one of the Workspace email accounts that is on Go Daddy and the fraud sentence still appeared. So this is definitely either the Workspace email or the Office365 program that is doing which are both on Go Daddy. Does anyone have a solution on how to get this message not to appear on our outgoing emails?

2 ACCEPTED SOLUTIONS

This is the correct and working solution for this issue.

 

1. Sign into Exchange admin center (https://outlook.office365.com/ecp) with your Office 365 admin account.

 

2. In Mail Flow, click + to Create a new rule…, select More options (Text link at bottom of the form).

 

3. Set Apply this rule if... – the sender is this person and select the account which sends the emails.

 

4. Set Do the following... – Modify the message properties – Set the Spam Confidence Level to bypass spam filtering and click Save at last.

 

Hope this solves everyone's issue once and for all.

View solution in original post

I tried your fix and it worked. The "This sender failed our fraud detection checks...." notification disappeared. YAY!

 

One note to users. If you try this fix and you still get the "This sender failed..." notification, one thing to check in your Ninja Contact Form under "Emails and Actions" in your email actions form, make sure that you do not have any email address (leave it empty) in the "Advanced" section where the "From Address" box is. Adding an email there is something the Ninja Forms Troubleshooting guide says to try.

 

https://ninjaforms.com/docs/troubleshooting-email-problems/

View solution in original post

36 REPLIES 36
Employee

Hello staymetrics,

    From my experience this particular error is due to an SPF rule violation most likely from a mail redirect or form mailer. To resolve the issue you may either need to find the email redirection rule and remove it or add the redirecting email server to your SPF record within your domains TXT section inside the zone file. 

 

in short, an SPF record will create a request to the receiving email server to verify the domain and email server of the sender before accepting the message to help prevent unwanted spam or phishing emails.

 

The default SPF record for Office 365 will look similar to the following:

v=spf1 include:spf.protection.outlook.com -all

 

Sending an email from the same domain from workspace with the SPF record in place will also cause a violation of this rule as the email server would not be included in the Office 365 SPF rule. 

 

Modifying SPF records will need some research as the format and server input will have to be set properly to avoid and further issues. There are many sites online that offer help suggestions as well as generators for the SPF records if you choose to modify yours to create a custom rule.

 

Best wishes moving forwards!

-Techfly

 

 

First of all, great post; I was about to request a refund for my recent GoDaddy products.

 

I just spent an entire day trying to configure my new email account for use with Outlook 2016 because when I sent a test email to myself it displayed the same message "This sender failed our fraud detection checks". This wouldn't look good from a customers perspective.

 

I called GoDaddy technical support and the rep said my SPF records were all in order and that I should contact Microsoft. A Microsoft agent then spent 2 hours on my computer trying to resolve the problem, ultimately suggesting I contact GoDaddy again.

 

Then I stumbled across this solution and edited the SPF records myself. Problem solved.

Shouldn't have been so difficult IMO.

 

-Cheers

What edits did you make to your SPF file? Or can you give me a link to a post or website that you used to learn what to do? I have been trying to figure this out for weeks. I believe my emails are all being sent to spam folders. 

Websites hosted at GoDaddy only allow outbound from their internal mail relays.

 

1)
Assuming email is hosted at a third party such as 365 Exchange, etc. then change this setting.
CPanel > MX Entry > Email Routing > Remote mail exchanger

2)
Website forms should not come from your personal domain name as it will be marked as spoofing since sent from GoDaddy mail relays.
Go to your CPanel and obtain your cpanel host name from address bar as this is used as the mail relay.
That CPanel host name should stay same for a long time but still possible to change in future.
In my case its: p3plcpnl0342.prod.phx3.secureserver.net
a) Change the website forms From address to something like (Name@p3plcpnl0342.prod.phx3.secureserver.net)
b) Adjust your DNS SPF record to include:p3plcpnl0342.prod.phx3.secureserver.net

No Fraud Protection warning now in 365 received emails. Resolved!


@br0045 wrote:

Websites hosted at GoDaddy only allow outbound from their internal mail relays.

 

1)
Assuming email is hosted at a third party such as 365 Exchange, etc. then change this setting.
CPanel > MX Entry > Email Routing > Remote mail exchanger

2)
Website forms should not come from your personal domain name as it will be marked as spoofing since sent from GoDaddy mail relays.
Go to your CPanel and obtain your cpanel host name from address bar as this is used as the mail relay.
That CPanel host name should stay same for a long time but still possible to change in future.
In my case its: p3plcpnl0342.prod.phx3.secureserver.net
a) Change the website forms From address to something like (Name@p3plcpnl0342.prod.phx3.secureserver.net)
b) Adjust your DNS SPF record to include:p3plcpnl0342.prod.phx3.secureserver.net

No Fraud Protection warning now in 365 received emails. Resolved!



Hi,

 

Can you please clarify a couple of things for me.  My situation that I have domain hosting and a bunch of imap email accounts on godaddy's servers and my personal email is being forwarded to a different service where it hosts Office 365.

1. Which portal are yo referring to in the first step?

2. In step 2a, what do you use stead of Name.  Is that an email address or just the word "Name"

3. Also what web forms are you talking about, please clarify.

 

Thanks in advance.

 

Alexander

If you are hosted on a Wordpress Hosting Platform you don't have access to cPanel.  The workaround is to visit YOURDOMAIN.COM/info.php.  Look for your hostname under the result for System, (example:  ########.prod.phx3.secureserver.net ).  Go to your form configuration page and send from ANYTHING@########.prod.phx3.secureserver.net where ######## is specific to your account.  You will get a warning at the form configuration page inside WP but the form-to-email works fine setup this way.

So when I try MYDOMAIN.COM/info.php I get a 404 error, page not found? I changed the settings in Office365 and that by itself did not work.

All, after all of the SPF attempts, the simplest fix for this was to make the FROM address come from the same domain as the relay, as others have mentioned.

 

All I had to do was instead of my FROM being a user@mydomain that my website is on, use the same name that I was using, but append the hostname to it, like this : user@myhost.prod.iad.secureserver.net

 

to get all of the information after user@ in your case, just type "hostname" without quotes at the bash prompt on your server or user the yourdomain.com/info.php trick it may also work (it did not in my case page not found)

Hi, I am still not getting this.

 

When I do a IP Host Lookup for my website of (198.71.233.195) I get back (ip-198-71-233-195.ip.secureserver.net) I then tried the following in the "From Email" field (info@ip-198-71-233-195.ip.secureserver.net) and the email never comes through.

What am I missing???

 

Thanks for any help!

This worked for us!  THANKYOU Tried many options including editing SPF text entries etc.

We are using WordPress ContactForm 7

 

Our From field previously was:

[your-name]<website@talentsphere.ca>  where talentsphere.ca is our website!

and we changed to:

[your-name]<website@#######.prod.iad2.secureserver.net>

 

No more AKA Spoofing error!

 

NOTE: we do get a warning on the ContactForm7 screen that says: Sender email address does not belong to the site domain

This can be IGNORED!! as still works just fine.

 

Crazy that this is so messy and that GODADDY has no idea of fix

 

All good now 🙂

They know how to fix it, but will not allow any websites to send email directly.

 

They force the use of their relay server instead causing these headaches and will not be upfront about the issue.  This is a widely known issue for web developers/designers. Anytime I have contacted support, its a finger pointing session and nothing ever gets solved.

 

The best solution for this is to use a more mature hosting provider, e.g., Host Gator, InMotion, etc.

 

Those hosts do not do this forced relay nonsense.

 

The solutions here leave you with two options:

 

1.) Send website emails from GoDaddy relay server to youroffice365domain.com with no Outlook Spam Protection message by editing SPF records.

 

PROBLEM: This is fine for your people, but customers that use email spam protection servcies from various providers may still show the notice from their own servers. However, this will get you by for most customers that use free email services (yahoo, live, gmail).

 

2.) Change your email sending address in your Wordpress/Form Plugin backend to send from GoDaddy's relay host.

 

PROBLEM: This looks really unprofessional to users, but solves the issue of not getting caught in spam protection.  This may work for some people, but its not ideal for presenting your business to the public.

 

Switching hosts will ensure you do not have to jump through hoops. GoDaddy refuses to allow you to send directly from the web server you are paying to rent. Kind of lame to be honest and this exact issue pisses off a lot of developers. You know, the people that tell business owners who to host with and buy services from.

Hi sdfryc,

Could you please elaborate more on what changes did you make to your SPF?

Thanks in advance.

The solution IS NOT the one provided by @TechFly. The solution is the one provided by @simplynate. Again, GoDaddy needs to hire professionals who know each and every package they sell. If you don't know how to service them, don't sell them!

New

Guys , all of you are talking complete gibberish to me and I really cant understand where do I start fixing this issue .
I have a wordpress website hosted on godaddy with microsoft 365 email , when people use my contact form on the website it shows that error message you have stated .

What do I do ? and please talk to me like im 6 years old , because I cannot understand a think you just said .

+1.

I've got same problem with email from my site:

"This sender failed our fraud detection checks and may not be who they appear to be. Learn about spoofing"

The solution written up in simple steps for novice would be appreciated. Again, using 365mail.

Thanks

We have a theme on our Wordpress site called RT-THEME15 that has its own Contact Form page.  Whenever someone uses it and hits send we get an email with that same error about This sender failed our fraud detection checks.  We have two email addresses the messages go to and it's only happening when it comes to the email address with the same domain as the website's domain.  We are using GoDaddy for hosting, Wordpress hosted by GoDaddy, and Office365 mail through GoDaddy.  I don't have an info.php page nor do I have a System section to edit.

 

How can I allow messages from our Contact Form page to be sent successfully to our hosted email address?

This is the correct and working solution for this issue.

 

1. Sign into Exchange admin center (https://outlook.office365.com/ecp) with your Office 365 admin account.

 

2. In Mail Flow, click + to Create a new rule…, select More options (Text link at bottom of the form).

 

3. Set Apply this rule if... – the sender is this person and select the account which sends the emails.

 

4. Set Do the following... – Modify the message properties – Set the Spam Confidence Level to bypass spam filtering and click Save at last.

 

Hope this solves everyone's issue once and for all.

View solution in original post

I tried your fix and it worked. The "This sender failed our fraud detection checks...." notification disappeared. YAY!

 

One note to users. If you try this fix and you still get the "This sender failed..." notification, one thing to check in your Ninja Contact Form under "Emails and Actions" in your email actions form, make sure that you do not have any email address (leave it empty) in the "Advanced" section where the "From Address" box is. Adding an email there is something the Ninja Forms Troubleshooting guide says to try.

 

https://ninjaforms.com/docs/troubleshooting-email-problems/

View solution in original post

Hi,

 

How do I get to step no 2. In Mail Flow, click + to Create a new rule…, select More options (Text link at bottom of the form).?

I did not find this one in my office 365

 

Thanks,


Paul

Did you finally find a solution to this... "This sender failed our fraud detection checks and may not be who they appear to be. Learn about spoofing".

I've not changed anything with my email and just began receiving these notices yesterday. When I send important emails to client I BCC myself and those incoming emails to me are the ones that have that message.