A few ways to check email problems

Diagnosing email problems requires you to test possible causes in an iterative fashion. For any given email, there are a complex number of factors at play in sending it and having it successfully delivered.

If you do not know how to copy and paste from web pages, documents and emails, you need to get someone to help you with your problems.  If you do not know how to use the Snipping tool or take a screenshot (if you are not using windows, search for snipping tool on the mac, or your tablet etc), learn how to do it so that you can send an exact copy of any messages etc you receive.

The short story (TSS) is, whoever is having problems sending email, send a plain text msg with no signature to the recipient.  You should get an undeliverable email back.  Another thing to do is to send to a deliberately bad email address (example bademail@baddemailemailaddress.com) so you can compare the undeliverable reports.  If something in your email looks like a forgery, or contains links to bad websites, or contains programs, bat files, .js files as attachments, it is possible that you can get rejected at the server level. Sometimes the error indicated is just a “suggestion” of where to look for your problems.  Try different variations, different senders, different organizations and email address etc and compare your results to see what the problem is.  You might want to run some of the Tools mentioned below. 

I do a quick scan of my spam folders daily and delete / empty them.  It makes tracking this sort of thing easier.  I use 3 different emails for different purposes. A smart thing to do with your email and passwords

Make sure you share your undeliverable “bounce back” emails with whoever is helping you.  Use Dropbox, Google Drive, One Drive, A wordpress blog, forward to a friend ….

Financial institutions, hospitals and many other organizations can have very restrictive email policies. It is not uncommon for them to reject emails with attachments or links, or pictures, or zip files etc. There are a lot of vendors serving the email market, and subtle incompatibilities between systems can arise.
S&*( Happens
If you can’t figure out the problem, start here:

1) Document your email account

How to do you access your email?

Do you use a page you access with a web browser or a program like outlook?
Do you use a service like gmail for business or outlook 365?


Email Address : gary@someemailprovider.com
Email Application : Chrome Browser
Log into: http://someemailprovider.com with my user name and password

other examples: Outlook 2007, Apple Mail, I log into Squirrel Mail on my web host, …

2) Both the recipient and sender should make sure they have added all pertinent sender email addresses and domains,  in their safe senders list. This varies by email provider and application  Search for it:

For example
We searched for “office 365 add domain to safe sender”
and found this:

3) Document who you are having problems sending email to:


4) How to create a test email

Subject: Test X (where x is the number of the test in the sequence, add 1 for each email sent)

(repeat from , to)

From: gary@someemailprovider.com
To: recipient@otheremailprovider.com

A note about this test:
    First test after changing safe senders
    Removed email signature
    Sent Text email
    My time is Thu, October 17, 2017 3:06 EDT
    Sent from my phone, tablet, desktop running Windows

The person who is having trouble sending email should be doing these tests.

Take a minute to send your test mail.
You notify your recipient tester that it is on the way (send a txt, leave a phone message)

You may have to wait up to an hour for it to wind its way through the systems.

It is helpful to send a plain text email, with no signature or links in the subject or body.  Again, search the help for you email provider / application.  Example “outlook.com send a text email”.  If you can send a plain text email successfully, start by removing and links, pictures, codes etc from the email with a problem.  The problem could also be a link or a picture ( a type of link) in your email signature.

It is important to try and describe accurately what error codes, messages etc are associated with a test email.
The recipient and sender should always check their spam folder.
If the sender gets a message, a returned email, undeliverable etc, they notify the recipient by text or phone.
If the recipient gets a message, they notify the sender.

7) The sender should get an undeliverable message or something indicating error back.

Here is an example of an undeliverable message : Goto to example

If you can’t figure out the problem from the undeliverable report, you can copy and paste all this information into sections of a document to send it to you support person.

Sometimes the error indicated is just a “suggestion” of where to look for your problems.  Try different variations, different senders, different organizations and email address etc and compare your results to see what the problem is.

Sometimes it is useful to both copy and paste the message and to do a screenshot or snippet of what you think is the most pertinent part is.  Look for an easy to read message stating what the error is.

If you do not get an undeliverable message back,  try some of the variations mentioned above.  Have someone else in a different organization, with a different email provider try and send a test text message and see what happens.  And, make sure you have internet access etc before you call in the calvary for help. Computer Problems?

If you do not get any errors, but, do not receive the expected email both sender and recipient forward a email containing the pertinent information above to your tech support teams asking them to please resolve the error.  If you do not have tech support, ask a knowledgeable friend for help.

Is there tech support for your email provider?
Document it so that both email support teams can talk to each other. Please provide contact information and whatever authentication codes etc you need to contact.


Outlook 365
Email Address : gary@someemailprovider.com
account : My Organization

Contact email
Contact Phone
Contact chat

Email is finicky.
When you send an email it goes through a lot of steps, any of which can fail.
The most effective way to test is to test iteratively and make small changes.
But it, can be a simple process, if you follow these steps.


You can run tests to check your email accounts for various problems.  These are free systems and may produce erroneous or miss problems; however, in many cases they can be useful.  Document the results of your tests for whoever is helping you with your email problem.

If you send a lot of marketing or notification emails (bulk email), the first thing you  want to check to see if your address has been blacklisted.  In any case, it does not hurt to check your email address to see if its blacklisted.  The sites that check this come and go frequently, so you might have to search for something like “is my email address blocked”.  Here is an example page that show a way to get started on checking.

http://www.pinpointe.com/blog/how-do-i-know-if-im-on-a-spam-blacklist .There are a lot of lists. It is helpful to know what list the recipient (and senders) email service provider use. These lists are also quite dynamic and occasionally these sites report sites that are not on their current lists or omit sites that are on their actual or live lists.  Also see https://www.mail-tester.com/ below.  It checks you email for known flags etc. Here is another useful article on checking the known blacklists. https://www.rackaid.com/blog/email-blacklists/

The CAN-SPAM Act of 2003 became law on January 1, 2004. According to the FTC, if you violate the law, you could be fined $11,000 for each offense—that’s $11,000 for each email address on your list. ISPs around the country have already successfully sued spammers for millions of dollars under this law. If you send commercial email (generally sales or promotional content), you should familiarize yourself with the requirements of CAN-SPAM.

A few key points of the law include:

Never use deceptive headers, From names, reply-to addresses, or subject lines.
Always provide an unsubscribe link.
The unsubscribe link must work for at least 30 days after sending.
You must include your physical mailing address.

A simple email address checker:


Enter the address and check


Document your result:

A more sophisticated checker with lots of options.  https://mxtoolbox.com/


Enter the domain name to check, When it completes, check your report.

In this case, I can hit the Find Problems or do a Blacklist check or SMTP check


After hitting Find Problems


The above is an example using my a domain I own called garyjohnsoninfo.info
In this case, the The Certificate has a name mismatch is erroneous. I do not have an https address for this site.

See the show all test button, click it

With some of the test like this, you can get an option to email yourself a report, or save a pdf of the report.  At the very least you can copy and paste this.  Or you can save the page.  Lookup how to save a page for you browser.  Usually it saves and html file and associate folder with information with the page that you can send to your support people.  From the location it saved the page, check for the name it saved it as,


File ..Downloads\garyjohnsoninfo.info Domain Health.html
Folder …Downloads\garyjohnsoninfo.info Domain Health_files

Test you email for some spam checks and other red flags

Follow the instructions.

In addition, learn how to do this:

See if you can do something like “View Message Source”  or “View Full Header ” for your  emails.  Someone will probably ask you to do this.

If you have no one to help you, I am available for $35 dollars an hour.

email gj@garyjohnsoninfo.info

Here is a description of some of the behind the scenes details involved in Authenticating Senders

Email authentication greatly simplifies and automates the process of identifying senders. By quickly verifying a claimed domain name, it is possible to triage the incoming flood of mail. Forgeries and known spamming domains can be rejected at the connection level, without wasting any time on data transfer, or even testing a long list of possible recipient names from the spammer’s dictionary. Reputable senders can be given a pass for an entire session, allowing them to bypass the IP blacklists and statistical filters that always lose some valid messages. The remaining flow can be treated the same as we now treat all email – rigorous filtering, return challenges to the sender, etc. Successful authentication, coupled with a domain-rating system, will reward reputable senders and encourage others to clean up their outgoing mail.

There are a number of methods to authenticate a sender’s domain name ( SPF [2], SenderID [3], CSV [4] , DomainKeys [5], and others). All are very effective in stopping the kind of forgery now prevalent. None exclude the use of other methods, although there is a lot of overlap in basic function, and some incompatibilities. There are small vulnerabilities in each method, and it may be that a combination of two will be required to cover all the cracks. The most widely used will likely be the ones that require the least effort on the part of senders who are reluctant to assume any responsibility for operating public mail servers.

CSV, SPF, and SenderID authenticate just a domain name. DomainKeys uses a Digital Signature to authenticate domain names and the entire content of a message. CSV and SPF can reject a forgery before any data transfer. SenderID must see at least the headers, and DomainKeys must transfer the entire message. CSV is the quickest. DomainKeys is the most thorough. CSV checks only the HELO name at the start of each SMTP session. SPF checks the return address on each message “envelope”. SenderID checks the From address in the headers of each message. Domainkeys can detect any alteration in the headers or body of a message.

CSV, SPF, and SenderID work by checking the IP address of the actual sender {4} against a list of addresses authorized by the alleged sender. If the sender says “HELO this is aol.com sending to you from address”, the receiver can query AOL’s records in the Domain Name System ( DNS ), and see if that is indeed an address authorized to send mail on behalf of AOL. So far, it looks like DNS is secure {5}.

DomainKeys also uses DNS to retrieve secure information from the alleged sender, but instead of a list of authorized addresses, the sender provides a public key for his domain. This key can be used to verify the signature on the message, independent of any IP address. Freedom from IP addressing means the message can go by any route, including through a forwarder.

The use of forwarders is common for small domains which prefer not to manage their own mail server, and for individual recipients, who prefer to keep their personal address when they change jobs or ISPs. SPF and SenderID can also work with forwarders, but the extra steps add complexity and some vulnerability to the system (see below). CSV limits its focus to one-hop authentications, and assumes a signature method will be used for end-to-end authentication.

Use of the DNS database to register authentication information for a domain is relatively new. The new information is added to existing DNS records, and queries for this information are handled the same way as any other DNS query. Publishing authentication records in DNS is voluntary, and many domains probably won’t bother. However, any legitimate domain, even those that don’t intend to operate public mail servers, will most likely want to block others from using their name to forge emails. A simple code in their DNS record will tell the world, “Block all mail claiming to be from our domain. We have no public mail servers.”



I started getting these xml messages in July of 2018 as an attachment from noreply-dmarc-support@google.com.

I need to expand the section on setting up DMARC and SPF and the host for system administrators.

<?xml version=”1.0″ encoding=”UTF-8″?>




An Example Undeliverable Message Source

When you see … it means a whole lot of random characters that are of no interest to humans, this is just a sample of what you might see. Lots of things have been deleted, and these vary by both sender and recipient mail system

Received: from CO1NAM03HT023.eop-NAM03.prod.protection.outlook.comReceived: from CO1NAM03HT023.eop-NAM03.prod.protection.outlook.com ( by BN6PR11MB1297.namprd11.prod.outlook.com with HTTPS

Delivery has failed to these recipients or groups:

bademail@baddemailemailaddress.com (bademail@baddemailemailaddress.com)
Your message couldn’t be delivered. The Domain Name System (DNS) reported that the recipient’s domain does not exist.

Contact the recipient by some other means (by phone, for example) and ask them to tell their email admin that it appears that their domain isn’t properly registered at their domain registrar. Give them the error details shown below. It’s likely that the recipient’s email admin is the only one who can fix this problem.

For more information and tips to fix this issue see this article: http://go.microsoft.com/fwlink/?LinkId=389361.

Diagnostic information for administrators:

Generating server: BY2NAM01HT152.mail.protection.outlook.com
Remote Server returned ‘550 5.4.310 DNS domain baddemailemailaddress.com does not exist [Message=InfoDomainNonexistent] [LastAttemptedServerName=baddemailemailaddress.com] [BN3NAM01FT021.eop-nam01.prod.protection.outlook.com]’
Original message headers:

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com;
s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
Received: from BY2NAM01FT048.eop-nam01.prod.protection.outlook.com
( by BY2NAM01HT152.eop-nam01.prod.protection.outlook.com
( with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id; Tue, 17
Oct 2017 21:08:01 +0000
Received: from BN6PR11MB1297.namprd11.prod.outlook.com ( by
BY2NAM01FT048.mail.protection.outlook.com ( with Microsoft SMTP
Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id via Frontend Transport; Tue, 17 Oct 2017 21:08:01 +0000
Received: from BN6PR11MB1297.namprd11.prod.outlook.com ([]) by
BN6PR11MB1297.namprd11.prod.outlook.com ([]) with mapi id
15.20.0077.022; Tue, 17 Oct 2017 21:08:01 +0000
From: Gary ? Johnson
To: “bademail@baddemailemailaddress.com”
Subject: This is the subject line
Thread-Topic: This is the subject line
Thread-Index: AQHTR4wCXhbZPgww706li0imsCfhvw==
Date: Tue, 17 Oct 2017 21:08:01 +0000
Accept-Language: en-US
Content-Language: en-US
authentication-results: baddemailemailaddress.com; dkim=none (message not
signed) header.d=none;baddemailemailaddress.com; dmarc=none action=none
x-incomingtopheadermarker: OriginalChecksum: …
x-ms-exchange-messagesentrepresentingtype: 1
x-tmn: [5tZAHpL1A+VBmZ1x15R7VQEN4LHcVqOQ1pBIFXvOmbu5IcPjW77yWM1ZXzfh4hOY]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; ……=
x-incomingheadercount: 44
x-eopattributedmessage: 0
x-ms-office365-filtering-correlation-id: 276019eb-9aba-45c7-f4ae-08d515a32668
x-microsoft-antispam: UriScan:; ….
x-ms-traffictypediagnostic: BY2NAM01HT152:
x-exchange-antispam-report-test: UriScan:;
x-forefront-prvs: 04631F8F77
x-forefront-antispam-report: SFV:NSPM;SFS:(7070007)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative;
MIME-Version: 1.0
X-OriginatorOrg: hotmail.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Oct 2017 21:08:01.0589
X-MS-Exchange-CrossTenant-fromentityheader: Internet
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2NAM01HT152

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.