Last updated: May 18, 2026 at 10:09 AM

Until now, the inquiry form on this site「Contact Form 7」We have confirmed that there are a number of cases in which the automatic reply email does not reach the person who made the inquiry.
When I opened the email sent to our server reporting a failure to send, I found that sending an email via SMTP to a specific recipient was being refused.
So first of all, our server「senris.com」We checked the registration status of the blacklist. ⇒ Check blacklist
As a result, we found that the cause of the issue was that the IP address of this server operated by the core server was blacklisted as shown below.

Since this server is operated as a rental server, even if the current user is using the server normally without repeatedly sending spam due to malware infection or using it illegally, if spam sending is detected by the previous owner using the current IP address or by the server as a whole, it will be blacklisted as a result.
This site has a strong security plug-in installed, and we have confirmed that there is no malware or other infection, so we first applied to the company that registered the blacklist to remove it from the blacklist.
As a result, two companies (It was spam and TRUNCATE) was successfully removed from the blacklist, and the problem was resolved to some extent.

however,UCEPROTECTL1/L2 Since there is no way to apply for cancellation, once you are registered on the blacklist, it is difficult to cancel it.
The following is by AI UCEPROTECTL Details about.
UCEPROTECTL1 is, unlike many other blacklists (RBL),Individual deletion requests (manual cancellation requests) are not accepted.This is a major feature.
To cancel your registration, please use one of the following methods:
1. Wait for natural release (free)
After confirming that spam sending from that IP address has stopped, UCEPROTECTL17 daysAfter that time, it will be automatically removed from the list.
- procedure: Check and correct whether your server or PC is infected with a virus or have incorrect relay settings, and completely stop spam sending.
- Notice: If spam transmission is detected again, the timer will be reset for an additional period of time.
2. Use instant deletion service (charges apply)
"Expediter Service (early cancellation service)" is provided on UCEPROTECT's official website.
- content: By making a donation (payment), you have the option to skip the 7-day waiting period and be removed from the list immediately.
- risk: Overseas, it is often criticized as a ``ransomware-like business model,'' and it is not recommended because even if you pay, you will have to pay again if you are re-registered.
3. Report to provider (ISP)
If registered to UCEPROTECTL1, the cause may also be other users in the same network (especially at L2/L3 level).
- If you are using a fixed IP, please contact the support desk of your provider and inform them that you are having problems sending emails because you are registered with UCEPROTECT, and ask them to take action.
How to check the status
You can check the current registration status by entering your IP address from "RBL-Check" on the UCEPROTECT official website (English).
The UCEPROTECT list has very strict criteria, so many major providers (such as Microsoft 365 and Gmail) tend not to block this list alone.If there is another reason why you are not receiving the email,SpamhausWe recommend that you also check to see if it is listed on other major blacklists.
As mentioned above, it is true that you can send emails using Gmail, Yahoo! Mail, etc. without any problems, but the security of your provider's email server is very strict, and sending has failed several times in the past.In order to ensure that email sending will be performed perfectly in the future, we will do the following:"Google AI Mr. Gemini"With the help of , I tried to completely solve this problem by following the steps below!
table of contents
Register with Brevo and get your API key

Brevo is an SMTP WordPress plugin「WP Mail SMTP」This is one of the mailers recommended by.
Brevo (formerly Sendinblue)'s email sending functionality is characterized by high delivery rates (over 99%), fast delivery speeds, and marketing automation features. You can send up to 300 emails per day for free, and with powerful API/SMTP relay, you can safely send everything from newsletters to payment confirmation emails.
By specifying Brevo as the mailer in WP Mail SMTP and registering the API key obtained from Brevo, you can ensure that you can send emails from WordPress securely.
Brevo also supports DKIM (DomainKeys Identified Mail) and DMARC (Domain-based Message Authentication, Reporting, and Conformance) to prevent email spoofing and tampering.
Click here to register for Brevo. ⇒ Brevo
Although this page is in English, the Google AI teacher will kindly provide you with detailed information such as how to register, so I will limit myself to a simple explanation as follows.
Obtaining DNS records and domain authentication

After registering as a user with Brevo, you can sign up for the “Free” plan. Brevo account After creating the「Senders, Domains & Dedicated IPs」To register the server domain from the tab and perform domain authentication with Authenticate.「DNS records for domain authentication」get.
When you register a domain, the screen will showDNS records (DKIM/SPF/Brevo code)will be displayed.
DNS records include Brevo codes, DKIM1/2 records, and DMARC records.
In the example below, it is marked green with a check mark that indicates it is verified, but initially it is marked red as it is not certified.


Log in to the value domain that manages the core server's DNS server and modify the DNS record based on the additional information in the DNS record obtained from Brevo.
Usually, the following two or three settings are required.
- SPF (TXT): Add include:spf.sendinblue.com to current SPF.
- DMARC: Add rua=mailto:rua@dmarc.brevo.com to current DMARC1.
- DKIM (CNAME or TXT): Added formats like mail._domainkey.senris.com.
- Brevo Code (TXT): Added short code for authentication.
Steps after correcting DNS information

The steps to correct the DNS information on the core server (inside the red frame in the title image) and the subsequent steps are as follows.
- On the core server (value domain) DNS settings screen, select "keep(Reflect)”.
In addition, uncheck "Automatic DNS settings for servers within this service".
Since you have already manually entered all the necessary settings (A records, MX records, SPF, DKIM, etc.) in the text boxes, if you set them automatically,There is a possibility that the Brevo settings you have entered will be overwritten and erased.there is. - Wait a few minutes, then click `` on the Brevo screen.Verify & Authenticate” button.
*It may take some time for the changes to be reflected. If you get an error, try again every few minutes. - Once everything has a green check, it's time to proceed.WP Mail SMTPThis is the setting.
There is a statement on the Brevo management screen that it takes up to 48 hours for the DNS records to be reflected, but on our server, the updated DNS information was reflected within 6 hours, and authentication with Brevo was completed.
As a precaution, we had the AI check to make sure there were no errors in updating the DNS information, as shown below.
Senri > Attach the DNS information on the value domain side. Are you missing DKM information?
Thank you for sending us the value domain DNS settings screen. We have carefully examined the contents.In conclusion,The credentials required by Brevo are correctly reflected in the settings on the value domain side.
1. Check DKIM settings (nothing missing)
Brevo requests two types of keys, "DKIM 1" and "DKIM 2", and both are registered on the value domain side as shown below.
- DKIM 1: in the image
cname brevo1._domainkey ...row of- DKIM 2: in the image
cname brevo2._domainkey ...row of- Furthermore, it seems that the previous settings
txt default._domainkey ...remains, but if the authentication is completed on Brevo side (green check), the currentcnameThere is no problem because the method is given priority.2. Other certifications are also perfect
- SPF:
include:spf.sendinblue.combuttxt @ v=spf1...is correctly included in the line.- DMARC:
txt _dmarc ...The destination specified by Brevo is set in the line.- Brevo code:
txt @ brevo-code:...has also been registered and domain ownership has been verified.Why did you feel like it was “not enough”?
In the previous old system, it was common to register only one very long string (TXT record), but the current BrevoMethod of registering two short settings called "CNAME records" (brevo1 and brevo2)is recommended.
The two lines are clearly written at the bottom of the screen on the value domain side, so there is no shortage of settings. The green check mark on the Brevo screen is proof that this "CNAME record" is being read correctly.
With the current settings, both email delivery rate and authentication strength are at the highest level.
2026.03.26 Added
Added countermeasures against "email header spoofing"
Today, I received a SPAM email from a fake ad called "support@senris.com".
This account has no email address registered on our server. this is,"Mail header spoofing"This is the method. This exploits a weakness in the email system, allowing the email account to be displayed as the sender even if it does not actually exist.
Therefore, following the instructions of Google AI Daisensei, we modified the DNS records of our server as follows.
# 【修正箇所1】末尾を ~all から -all に変更(厳格化)
txt @ v=spf1 ip4:202.172.26.41 include:mxr.valueserver.jp include:spf.sendinblue.com -all
# 【修正箇所2】p=none から p=quarantine に変更(隔離指示)
txt _dmarc v=DMARC1; p=quarantine; rua=mailto:rua@dmarc.brevo.comFirst of all,Enhanced DMARC settings for your domainAs, “v=DMARC1; p=none;(Monitoring only)"p=quarantine;(isolation) orp=reject;By setting it to (reject), you can make it easier for the receiving server to reject spoofed emails like this one.
next,Check your SPF recordis required. It does not contain any IP other than the legitimate sending server, or it does not end with~all(not a soft fail)-all(Hard Fail: Strictly Reject).
Please note that after the above response, this site will no longer be listed on the blacklist as follows.

If you send via Brevo, a suspicious tracking URL "baief..." will be added to the email header, and deleting that header seems to be possible only with paid plans.
Therefore, it has been removed from the blacklist.WP Mail SMTP I changed the mailer settings back to the previous setting "Other SMTP". It seems OK to leave the current DNS settings as is.
The following is a comment from Google AI Professor regarding this response.
With this response,"Strong protection against spoofed SPAM (DNS settings)"and,"Normalizing company email (SMTP settings)"were able to coexist perfectly. As a manager, I think this was a very quick and accurate decision.
We sincerely support stable operation after the blacklist is removed. If you have any technical questions or concerns about server management, please feel free to contact us at any time.
Well then, please excuse me."If you need anything else", we are always waiting for you!
2026.03.27 Added
After that, we continued to receive spam emails with falsified headers, so in order to eliminate spoofed emails, we updated our DNS information as follows, following the instructions of Google AI Master.
Based on the operational status of the core server and the current settings,"Complete version" settings to ensure that legitimate emails from your company's servers are delivered while strongly blocking spoofed emails.I have summarized.
Please reflect (overwrite) the following contents in the DNS settings.
1. SPF record (origin server allow list)
By setting , you will strictly reject transmissions from outside the list.
-allBy setting , you will strictly reject transmissions from outside the list.Setting value:
v=spf1 ip4:202.172.26.41 include:mxr.valueserver.jp -all2. DMARC record (the core of anti-spoofing measures)
policy
p=reject;to forcefully reject fraudulent emails. Please change the report destination (rua) to your company's administrative address.Setting value:
v=DMARC1; p=reject; rua=mailto:admin@senris.com;
(※admin@senris.comPlease replace the part with the address of your company where you would like to actually receive the report.)3. Organize unnecessary records (recommended)
To avoid confusion, we recommend that you delete and organize Brevo-related descriptions that you are not currently using.
- Things you can delete:
include:spf.sendinblue.com(within SPF)txt @ brevo-code:...cname brevo1._domainkey ...cname brevo2._domainkey ...
[Important] Final confirmation after applying settings
After rewriting DNS, be sure to check whether it is working correctly using the following steps.
- Send a test email to Gmail from your own server
- Open the email in Gmail and click "︙" on the top right"Show message source"Click on the
- All of the following items「PASS」Please make sure that:
- SPF: ‘PASS’
- DKIM: 'PASS'
- DMARC: ‘PASS’
Now it looks like the image
support@senris.comFake emails that talk about this will be treated as "rejected" by Gmail and will never be delivered again.
As a later story, this was sent to me from Google (gmail). DMARC Aggregate Report (Reporting URI for Aggregate reports) : “Report domain: senris.com Submitter: google.com Report-ID: xxxxxxxxxxxxxxxxxxxx", we found that there were cases where SPF was successful but DKIM authentication was unsuccessful. For the following reason, we changed the end of SPF to the recommended value for the core server.「~all” I temporarily returned it to .
Your current record is
-all(strict refusal), but the value domain recommendation is~all(Soft fail).Changes:
v=spf1 ... -all→v=spf1 ... ~allreason:This is to make it easier for emails to reach you even if your IP address changes dynamically when going through an email relay server on the Value Domain (valueserver.jp) side.
However, when we investigated the cause later on, we found that it was not due to the above reason but a DKIM description error, so we fixed the problem and-all” was changed again. After that, we plan to scrutinize the contents of the RUA report (XML format) when it arrives.
For DMARC aggregation reports, analysis tools are available for free on the web ⇒ DMARC Report Analyzer Tool
2026.05.18 Added
DMARC aggregation report
The gallery below is a screen shot of a DMARC aggregation report attachment (compressed in .gz) received from au.com (KDDI) that was loaded using the DMARC Report Analyzer Tool.


As shown in "Policy Details" on the right side of the first screen above, the DMARC policy for this domain is reject(rejection) is set to .
Therefore, fake emails sent by spammers are100% completely blocked (discarded)It has been. In addition, since the messages do not reach general recipients, damage to brand image and damage from phishing scams can be prevented at the very edge.
Below is Gemini's review of this issue.
Thank you for sharing your settings.
In conclusion, I would like to say thatThe SPF record and DMARC record settings themselves are very strong and there are no problems at all.。
We will explain why each setting is working correctly and why the authentication failure report (100% Failed) occurred earlier.
1. Evaluation of each record
- SPF record evaluation: Full score (complete rejection setting)
ip4:202.172.26.41andinclude:mxr.valueserver.jpNow you can accurately specify your company's authorized server.- The end is
-all(Fail: strict refusal) As a result, emails sent from IP addresses other than those specified will be immediately judged as "fake" by the receiving server.- DMARC record rating: full score (highest safety level)
- policy is
p=reject(rejection) Therefore, spoofed emails that fail SPF/DKIM authentication are not even placed in the recipient's spam folder, and are completely blocked.
Why did I receive a "100% Failed" report?
Because the settings are perfect,"I received an email from an unregistered suspicious server claiming to be your address (@senris.com), so I blocked it 100% as per my settings." A report arrived from KDDI (au.com).
If the settings were incorrect, the spoofed email would have been delivered to the other party, or conversely, your company's email would have been in error. This report isEvidence that your strong security settings (-all and reject) are working as intended and are highly successful in your defense.I can say that.
The current settings are perfect, so there is no need to change them, but it is important to understand whether this fraudulent transmission is a "one-off spam" or a "continuous mass attack."
The following steps are measures to be taken before removing the blacklist.
WP Mail SMTP settings

According to the AI, it is actually possible to send emails as long as you have the API key even if the domain authentication (green check) is not completed, so complete the settings on the WordPress side by following the steps shown by the AI.
- Brevo left menu"SMTP & API"Click.
- at the top"API Keys"Click the tab.
- "Generate a new API key"Press the button and create a name such as "WordPress".
- Copy the displayed long string (API key).
- WordPress[WP Mail SMTP] > [Setting]So, the mailer"Brevo", paste the API key and save.
Even if the domain verification (green check) is not complete,"OtherSMTP(core server)” to “Brevo”, the blacklist problem will be resolved.


WP Mail SMTP sending test

Once you have configured WP Mail SMTP,"tool" >"Email test"Send a test message from the tab to a destination that you could not reach before (such as docomo).


If the email arrives successfully, all work is complete!
Your emails will now arrive via Brevo's reliable servers, completely avoiding IPs tainted by the core server's blacklist.
Below Google AI Mr. Big I would like to conclude this article by quoting the last chat we had. I apologize for the clumsy article, but thank you for reading until the end.
congratulations! It arrived safely!
Looking at the image, you can see that the inbox of the provider (scn-net.ne.jp), which used to be strict,"WP Mail SMTP: Test email to HTML xxxxxx@yy.scn-net.ne.jp"You can confirm that the email has been received properly.
Summary of troubleshooting this time
To solve this problem of "unable to reach some destinations", take the following measures.completely resolvedIt was done.
- Avoiding blacklists: Instead of using the core server's shared IP (which was on the blacklist), it now goes through Brevo's reliable server.
- Elimination of impersonation detection: By correctly setting SPF/DKIM/DMARC in the value domain, it is now possible to break through even strict reception filters.
- Reliable delivery route: From now on, inquiries from Contact Form 7 will be delivered more reliably than ever before, regardless of whether the contact is from docomo, au, SoftBank, or corporate email.
Regarding future operations
- 1Day300free quota for: For normal inquiry operations, this free quota is sufficient, so there are no additional costs.
- Maintaining settings: The settings you entered in the value domain this time and the WordPress API key will continue to be required in the future. Please be careful not to change it.
Thank you very much for your hard work and long hours! Thanks to you carefully proceeding with each setting, we have created the best email sending environment.
Now you can get back to running your site with peace of mind. If you still have any problems, please feel free to contact us!
Senri > Also, if you have any questions, please let us know. Google AI teacher is really amazing! See you soon
I am truly honored to receive your kind words! I'm sorry to call you "Osensei," but I'm really happy that we were able to solve the blacklist problem together.
They carefully handled difficult tasks one by one, such as the complicated DNS settings for the value domain and the Brevo management screen in English.User's perseverance and gutsSuccess is possible only because of this!
This time's settings (Brevo + WP Mail SMTP) is the strongest email delivery environment when using a shared server, so please use the inquiry form with confidence from now on.
Also, if you have any troubles or questions about WordPress, servers, or something else entirely, please feel free to contact us at any time.
We support the management of this wonderful site. See you soon!
