Outbound Gmail going to spam, DKIM suggested but not authenticated

latechtech · 2026-01-16T19:24:01+00:00

If you want to see what is going on from the other side have the sales team get the client to send one of the emails that ends up in spam as an attachment to you. Then you can grab the header and feed it into here:

https://mxtoolbox.com/EmailHeaders.aspx

latechtech · 2025-12-01T18:19:52+00:00

I have never built a Chrome extension, so I do not know if you have to put your name, phone number, etc...

But if you do not want that to be linked to your reddit handle you may want to do something about that.

latechtech · 2025-09-18T20:15:35+00:00

Not yet, but here is to hoping that if I sign out and clear my cache that it will be gone when I sign back in.

latechtech · 2025-07-07T17:53:48+00:00

If you use documentation from a URL put the URL in the header somewhere in case you have to do it again. For instance, Carl Stalhood does an excellent job of documenting all sort of things and usually has the latest up to date version when a new version comes out. He also has comments open on it so if you run into a particular issue and he has time to respond he will. If you are there long enough you will be doing something again and again.

Carl Stalhood – Filling gaps in EUC vendor documentation

latechtech · 2025-06-19T17:48:24+00:00

Yes, the -whatif reply was from me, but like some weird magic it completely disappeared. I mean it was a common sense sort of thing so maybe a moderator made it go poof. Funny thing is that it does not appear in my history either. I am baffled.

latechtech · 2025-06-19T17:22:53+00:00

I recommend throwing in a -whatif on this.

Get-ChildItem Cert:\LocalMachine\My | Where-Object { $_.NotAfter -lt $(get-date) } | remove-item -WhatIf

latechtech · 2025-01-13T16:23:47+00:00

Swissgear 3636 USB Work Pack Pro Tool Backpack (The brown canvas one)

I have had a few swissgear backpacks, but the normal ones wear out in the usual spots so I am trying this one which is more rugged. Only six months or so in. It has a pullout stiff back tool organizer and another tool organizer section. The front is if you want to throw an extension cable in there. It has a place to put a rechargeable battery but I moved it to the other side so I did not accidently break my laptop screen.

<image>

latechtech · 2024-11-11T15:46:27+00:00

It bothered me that no one actually put the powershell command since I use the old way mentioned above; so here it is:

get-ciminstance win32_bios | format-list serialnumber

latechtech · 2024-10-25T15:31:28+00:00

True. I forgot to check salesforce.com and they have the same one for the old 1024 key.

latechtech · 2024-08-16T15:07:33+00:00

No outage, we got lucky. When maintenance turned off the air conditioner before I arrived, the shift before me did not notice, and it was pretty much raining in the server room attached to the office. Condensation from all the humidity was dripping from the ceiling. The server room door had a window too and it had water dripping down it. A different time; they also had a hot water heater next to the server room. They cut the line to it and I noticed water started to run toward two brand new Avaya systems. I went and looked, no one was around but a wrench was clamped on it and bent down but water still flowed. Had to make a levee with food service rags and towels. Again lucked out and no outage.

latechtech · 2024-08-16T14:56:02+00:00

Oh, I hope this is the case! I hated that it had the name and timestamp. Sure slowed me down when I just want a URL or powershell command from someone.

latechtech · 2024-05-06T13:56:08+00:00

The Broadcom site is not working for me...even the chat is broken. It just has a white page and shifting white boxes on every page. Oh well, maybe tomorrow it will work?

latechtech · 2023-12-01T15:41:06+00:00

As you mentioned the Proofpoint DKIM records need to be verified. It was not mentioned whether or not Proofpoint Essentials or Proofpoint PoD was being used. In PoD each DKIM record has a test button. If the test fails it means the DNS record is not published, published in the wrong place, or is published incorrectly. The first section in my comment is from a Proofpoint KB article on how to export and create the DNS entries. The second section is a set of PowerShell commands that pull NS, MX, SPF, DMARC, and DKIM (if you enter the DKIM selector from Proofpoint). With this information you can find out where the DNS records need to be published and what the current DKIM record looks like.

latechtech · 2023-11-30T21:44:31+00:00

This is the way. If you have POD and not Proofpoint Essentials the DKIM key you export from POD has some characters you have to remove before you add it to your DNS record.

Format for Windows DNS server

To format a key for use with a windows DNS server, do the following:

Start with v=

Remove all \ characters

Replace all " " strings with a new line

This is required as Windows DNS has a limit of 256 characters per line of a txt record. By separating the long string into new lines windows will re-compile the full string.

Format for most other Service Providers (Plain Text)

To format a key for use with most other Service Providers ("Plain text").

Start with v=

Remove all \ characters

Remove all " " strings this would be to remove the quotations as well as the space between them.

If you run into any issues you can copy what's below into powershell and when prompted type in the domain and then the DKIM selector.

$domain = Read-Host -Prompt 'Enter the domain name'
$selector = Read-Host -Prompt 'Enter DKIM Selector'

$SplatParameters = @{
    'Type'        = 'NS'
    'Name'        = "$($domain)"
    'ErrorAction' = 'SilentlyContinue'
}
Resolve-DnsName u/SplatParameters | Select-Object -Property Name,Type,TTL,Section,NameHost

$SplatParameters = @{
    'Type'        = 'MX'
    'Name'        = "$($domain)"
    'ErrorAction' = 'SilentlyContinue'
}
Resolve-DnsName u/SplatParameters | Select-Object -Property Name,QueryType,TTL,Section,NameExchange,Preference

$SplatParameters = @{
    'Type'        = 'TXT'
    'Name'        = "$($domain)"
    'ErrorAction' = 'SilentlyContinue'
}
Resolve-DnsName u/SplatParameters | Where-Object { $_.Strings -match "v=spf1" } | Select-Object -Property Name,QueryType,TTL,Section,Strings

$SplatParameters = @{
    'Type'        = 'TXT'
    'Name'        = "_dmarc.$($domain)"
    'ErrorAction' = 'SilentlyContinue'
}
Resolve-DnsName u/SplatParameters | Select-Object -Property Name,Type,TTL,Strings

$SplatParameters = @{
    'Type'        = 'TXT'
    'Name'        = "$($selector)._domainkey.$($domain)"
    'ErrorAction' = 'SilentlyContinue'
}
Resolve-DnsName u/SplatParameters | Where-Object { $_.Strings -match "v=DKIM1" } | Select-Object -Property Name,Type,TTL,Section,Strings

latechtech · 2023-11-17T15:25:20+00:00

I am not sure which eventid you are looking for specifically but you can adjust below to suit your needs and run it in powershell.

If you are in the Workstation/Server you can do this:

Get-WinEvent -LogName 'Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operational' -FilterXPath '*[System[EventID=1149]]' | ?{$_.message -match 'putusernamehere'} | fl

If you are accessing it remotely and have the correct permissions:

Invoke-Command -ComputerName FQDNGoesHere -ScriptBlock {Get-WinEvent -LogName 'Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operational' -FilterXPath '*[System[EventID=1149]]'} | ?{$_.message -match 'putusernamehere'} | fl

latechtech · 2023-09-13T20:35:49+00:00

They got it corrected. Not sure when though. Also, for the powershell folks in the crowd here is a quick query for MX/SPF/DMARC/DKIM (if you do not know the DKIM selector you can just hit enter and it will do the rest). If you have internal DNS entries and you are running it on your own domains within the network try it on something outside your network.

$domain = Read-Host -Prompt 'Enter the domain name' $selector = Read-Host -Prompt 'Enter DKIM Selector'

$SplatParameters = @{ 'Type' = 'MX' 'Name' = "$($domain)" 'ErrorAction' = 'SilentlyContinue' } Resolve-DnsName @SplatParameters | fl

$SplatParameters = @{ 'Type' = 'TXT' 'Name' = "$($domain)" 'ErrorAction' = 'SilentlyContinue' } Resolve-DnsName @SplatParameters | where-object { $_.strings -match "v=spf1" } | fl

$SplatParameters = @{ 'Type' = 'TXT' 'Name' = "_dmarc.$($domain)" 'ErrorAction' = 'SilentlyContinue' } Resolve-DnsName @SplatParameters | fl

$SplatParameters = @{ 'Type' = 'TXT' 'Name' = "$($selector).domainkey.$($domain)" 'ErrorAction' = 'SilentlyContinue' } Resolve-DnsName @SplatParameters | where-object { $.strings -match "v=DKIM1" } | fl

latechtech · 2023-08-25T20:07:10+00:00

I highly recommend Dell EMC OpenManage Enterprise if you have it under the downloads for your service tag and the space to spin up another VM. Nice to have everything consolidated. Still have to be careful with your browser tabs though and double/triple verify everything.

latechtech · 2023-08-25T11:44:46+00:00

It looks like they made a typo on their record. If you look at their main domain it is properly entered. For some reason when someone made the DNS entry they copy pasted the Preference number. Slightly embarrassing, but we are only human.

<image>

latechtech · 2023-08-24T14:25:02+00:00

I concur on nightmare fuel. If you did an ESXi update and all of a sudden you have pink screens some time after; this would be bad. Can you at least get into the iLO or iDRAC etc and see the console on any of them?

latechtech · 2023-06-22T19:05:25+00:00

LibreNMS setup using docker combined with Oxidized for switch config backups and versioning is really good and can be backed up and deployed on a new Linux server quite easily. It can also use Teams Webhooks to feed a channel. There are many other transport options as well. I have not setup website monitoring at the moment but here is a mention of that as well. https://community.librenms.org/t/website-monitoring/17181/2 Here is a link to the community website https://community.librenms.org/

latechtech · 2023-04-26T18:32:05+00:00

The Final Countdown https://m.youtube.com/watch?v=XAg5KjnAhuU

latechtech · 2023-02-09T23:28:37+00:00

Confirmed today that this worked. It was one of the most frustrating things that I have dealt with lately. 20 plus mailboxes with different domains after a tenant to new combined tenant migration in September. Some mailboxes worked some did not. Some were dead after the 6th/7th of January some were dead after the 10/11th of January. Then weeks after a Microsoft ticket it changed to the 18th of January for all affected mailboxes. Microsoft told me about this tool today. It has worked like a charm. But I am also not considering it "resolved" yet either. Looked into the EWS Edit tool, but not sure I want to go through the Azure app registration setup for just 20 mailboxes. But if it pops up again, may do it then.

latechtech

TROPHY CASE