Gmail "be careful with this message"

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Gmail "be careful with this message"

Post by michaeljwyo » 2020-12-15 05:08

I searched and didn't find any info about this other than what I posted in my last question. I have been trying to combat this for so long now. I have been using HMS for 10 months now. I have checked over and over and over with authenticating. DKIM and SPF are good. Reverse DNS is good. BTW I am using HMS for a distribution list. Using the scripts for it...so not sure if this message belongs in the support forum for scripting. It's kinda both. Anyways, I don't know what else to do. It seems like everything is in line yet when our list sends out to gmail users, it makes it to their inbox but has the big orange "be careful with this message. Gmail can't verify that this message was actually sent from <domain.com>." I have messed with the different settings in the .hms file. Tried changing the addresses for the sender and the reply to and return path...I am feeling like it's never going to work. And it should. And I still want to figure out how. It's hard when Gmail or Yahoo can't take a minute to actually look at one message and tell me why. I guess that's too much to ask.

Michael

mikedibella
Senior user
Senior user
Posts: 381
Joined: 2016-12-08 02:21

Re: Gmail "be careful with this message"

Post by mikedibella » 2020-12-15 05:48

Create a throwaway address from http://dkimvalidator.com and add it to your distribution list. Send a message to the list and retreive the analysis. You might find a problem here.

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2020-12-15 06:12

Thanks Mike
Giving that a try. Will report back.
One thing I did notice was that I copied the text from one of the headers and put it into Google's Google Admin Toolbox and it analyzed it. Comes back with an SPF Softfail. Not sure what is causing that "softfail". As far as I know, everything with SPF is good.

mikedibella
Senior user
Senior user
Posts: 381
Joined: 2016-12-08 02:21

Re: Gmail "be careful with this message"

Post by mikedibella » 2020-12-15 06:26

michaeljwyo wrote:
2020-12-15 06:12
Not sure what is causing that "softfail".
See: https://postmarkapp.com/blog/explaining ... ail%20SPF.

Virinum
Normal user
Normal user
Posts: 139
Joined: 2018-11-23 14:42
Location: Germany

Re: Gmail "be careful with this message"

Post by Virinum » 2020-12-15 07:39

I really like this tool for testing my mail server setup: https://www.mail-tester.com/

mikedibella
Senior user
Senior user
Posts: 381
Joined: 2016-12-08 02:21

Re: Gmail "be careful with this message"

Post by mikedibella » 2020-12-15 19:09

Virinum wrote:
2020-12-15 07:39
I really like this tool for testing my mail server setup: https://www.mail-tester.com/
I do see that it has a couple more tests than DKIM Validator, but it is paywalled after three tests a day, so I'd suggest using DKIM Validator for working tests and when you think your perfect do a final test with mail-tester.

User avatar
johang
Senior user
Senior user
Posts: 441
Joined: 2008-09-01 09:20

Re: Gmail "be careful with this message"

Post by johang » 2020-12-15 19:59

michaeljwyo wrote:
2020-12-15 05:08
It seems like everything is in line yet when our list sends out to gmail users,
https://support.google.com/mail/answer/81126?hl=en

do you use postmaster tools from google ?
https://support.google.com/mail/answer/ ... 51715&rd=1
___________________________________________________________end of the line

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2020-12-16 07:07

Okay guys. I tried the tools you mentioned. I like mail-tester.com as well. I am 10/10 with them. They are really happy. I am registered with Google's postmaster tools. However I don't get any analytics or statistics or anything when I go there. Just shows my domain there and that it's been verified. Something about having to meet certain criteria in order to get data. I think I read somewhere that the messages have to exceed 100+ or something like that for it to come up with stuff. I don't know.
So it looks like everything checks out. SPF is good, DKIM is good. Google is still being a stick in the mud. I just tested it again with all the changes. When I sent a message from my Yahoo account to the list, it came to my gmail account but went straight to spam. The message is in there and has the big orange banner on it. Meanwhile I sent a message to the list from my ISP's email. That one came in to the gmail account fine, except instead of an icon for me, it has the stop sign with the question mark and pretty much the same message that it couldn't verify that vcn.com (my isp) actually sent the message. The orange banner says that too.
It has got to be something in the message header that is messing things up. Something with the way it is communicating who the message came from and the reply-to and the return-path and so forth.

User avatar
johang
Senior user
Senior user
Posts: 441
Joined: 2008-09-01 09:20

Re: Gmail "be careful with this message"

Post by johang » 2020-12-16 08:57

michaeljwyo wrote:
2020-12-16 07:07
Okay guys. I tried the tools you mentioned. I like mail-tester.com as well. I am 10/10 with them. They are really happy. I am registered with Google's postmaster tools. However I don't get any analytics or statistics or anything when I go there. Just shows my domain there and that it's been verified. Something about having to meet certain criteria in order to get data. I think I read somewhere that the messages have to exceed 100+ or something like that for it to come up with stuff. I don't know.
So it looks like everything checks out. SPF is good, DKIM is good. Google is still being a stick in the mud. I just tested it again with all the changes. When I sent a message from my Yahoo account to the list, it came to my gmail account but went straight to spam. The message is in there and has the big orange banner on it. Meanwhile I sent a message to the list from my ISP's email. That one came in to the gmail account fine, except instead of an icon for me, it has the stop sign with the question mark and pretty much the same message that it couldn't verify that vcn.com (my isp) actually sent the message. The orange banner says that too.
It has got to be something in the message header that is messing things up. Something with the way it is communicating who the message came from and the reply-to and the return-path and so forth.
in mailheaders in my emails my antispam software writes what it believes to wrong ( with scoring ) i would guess gmail does the same, have you checked the headers ( yes you need a client that shows headers )
https://www.google.com/search?q=email+c ... e&ie=UTF-8
___________________________________________________________end of the line

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2020-12-17 03:43

Thank you for the idea about looking at the header. Not only that but when you "show details" in chrome it analyzes it right away...plus shows all the header info. Here's a screenshot of it.
screenshot1 (2).png
Yet everything is good as far as I know. And it says it fails all 3! SPF, DKIM, and DMARC.

Michael

mikedibella
Senior user
Senior user
Posts: 381
Joined: 2016-12-08 02:21

Re: Gmail "be careful with this message"

Post by mikedibella » 2020-12-17 05:19

Why does the image above show the message send FROM a gmail address?

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2020-12-18 00:44

Because that is the original poster. He sent the message to our list "abdx@abdx.org". And the list sent it to me. That's how it's supposed to work, right? The list receives it from his gmail account, the list puts the prefix [abdx.org] onto the subject line, and then sends it out to all the users on the list.

mikedibella
Senior user
Senior user
Posts: 381
Joined: 2016-12-08 02:21

Re: Gmail "be careful with this message"

Post by mikedibella » 2020-12-18 01:11

DKIM signs by sender domain. You can't sign for gmail.com because you don't control that namespace to set the public keys.

I'm not sure you can solve this except to rewrite the sending identity of the post to be the list address.

You can rewrite the envelope (MAIL FROM: address in the SMTP protocol sequence) by setting

Code: Select all

RewriteEnvelopeFromWhenForwarding=1
in hMailServer.ini.

You might also need to apply a global rule to rewrite the From: header to the list address.

Maybe someone else on the board has developed a solution for this specific use case (DKIM signing of distribution list messages).

If have seen cases where a mail relayer adds a DKIM signature for the relay's domain to a message...SendGrid is one such relayer that adds a sendgrid.net DKIM signature to relayed messages if the account associated with the sender doesn't use keys for the sender's own domain.

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2020-12-18 01:47

Oh wow. What a pain. I know that our list was with YahooGroups before. Never had a problem there. My worry, of course, is that we will all get messages from abdx@abdx.org and not know who they are from. With most distribution lists the message shows the original poster it came from. At least I have a thing or two to try. I am using the distribution list scripts with HMS so I don't know if maybe there is something there in the eventhandlers.vbs script or in the .hms file. When I change something it's usually in there.

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2020-12-18 02:02

So when we talk about re-writing the envelope, is this what we're doing?

Quote from google:

"If you're a mail server administrator
Ownership and Filtering
We recommend that you do not change the envelope sender when forwarding email to Gmail. Sometimes, when forwarding email, the envelope sender gets changed to your domain. When this happens, Gmail may learn that your domain is sending spam, and will treat other emails from this domain as spam as well."

mikedibella
Senior user
Senior user
Posts: 381
Joined: 2016-12-08 02:21

Re: Gmail "be careful with this message"

Post by mikedibella » 2020-12-18 02:21

Yes.

I just tried looking at the source code to see if I could confirm which field in the message hMailServer uses to "select" the domain configuration to apply the DKIM keys from. If by chance HMS isn't using envelope MAIL FROM: or header From: to select the key, then you might be able to make something work.

What does the the DKIM signature look like in the forwarded messages? Becuase it does look like some signature is getting applied based on the test output you posted.

Here's an example:

Code: Select all

DKIM-Signature: v=1; a=rsa-sha256; d=example.com; s=news;c=relaxed/relaxed; q=dns/txt;
t=1126524832; x=1149015927;h=from:to:subject:date:keywords:keywords;
bh=MHIzKDU2Nzf3MDEyNzR1Njc5OTAyMjM0MUY3ODlqBLP=;
b=hyjCnOfAKDdLZdKIc9G1q7LoDWlEniSbzc+yuU2zGrtruF00ldcFVoG4WTHNiYwG
The d= is the domain and the s= is the selector. Tsis is how the public key DNS records gets queried:

selector._domainkey.domain

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2020-12-18 03:08

Here's the whole header from one. This message was sent from the sender (his domain is centurylink.net) to the list (abdx.org) and from there to my main email (michaelj@vcn.com)


Return-Path: <paul.armani@centurylink.net>
Delivered-To: michaelj@vcn.com
Received: from darmstadtium.vcn.com (darmstadtium.vcn.com [209.193.72.102])
(using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by radium.vcn.com (Postfix) with ESMTPS id 4BAB1C5E86
for <michaelj@vcn.com>; Thu, 17 Dec 2020 16:13:36 -0700 (MST)
Received: from localhost.localdomain (localhost [127.0.0.1])
by darmstadtium.vcn.com (Postfix) with ESMTP id 3AB212C091F
for <michaelj@vcn.com>; Thu, 17 Dec 2020 16:13:36 -0700 (MST)
X-HowieFilter-Result: sender in whitelist
Received: from darmstadtium.vcn.com (localhost [127.0.0.1])
by darmstadtium.vcn.com (Postfix) with ESMTP id 0849E2C0908
for <michaelj@vcn.com>; Thu, 17 Dec 2020 16:13:36 -0700 (MST)
Received-SPF: softfail (centurylink.net: Sender is not authorized by default to use 'paul.armani@centurylink.net' in 'mfrom' identity, however domain is not currently prepared for false failures (mechanism '~all' matched)) receiver=darmstadtium.vcn.com; identity=mailfrom; envelope-from="paul.armani@centurylink.net"; helo=abdx.org; client-ip=65.38.140.167
Received: from abdx.org (abdx.org [65.38.140.167])
(using TLSv1.2 with cipher DHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by darmstadtium.vcn.com (Postfix) with ESMTPS id DEF482C091F
for <michaelj@vcn.com>; Thu, 17 Dec 2020 16:13:35 -0700 (MST)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (svnunknown) on mail-PC
X-Spam-Level:
X-Spam-Status: No, score=-0.1 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_BLOCKED,
RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,URIBL_BLOCKED autolearn=ham
autolearn_force=no version=3.4.2
Received: from smtp.centurylink.net (mail.onyx.syn-alias.com [206.152.134.66]) by
abdx.org with ESMTP ; Thu, 17 Dec 2020 16:08:29 -0700
DKIM-Signature: v=1; a=rsa-sha1; d=centurylink.net; s=ctl201402; c=relaxed/simple; q=dns/txt;
i=@centurylink.net; t=1608246507; h=From:Subject:Date:To:MIME-Version:Content-Type;
bh=RXW2EB9dbxoO/WBFMPRorh8EaNM=; b=DrsRj9amAUtWos4LtDzCychk429ASeItmKT1EhziPyHgTciEpeWkzBU7Xex2kHIj
oytyEHGn584rkLXZjJDRHqMcEi77TdbbZG6/7euUmqoIQu9cxrvCsvLEgRy84OzQ
tSGCHzktt0zTAJtqmr2QiDog0jt74WiROfpDNkK1u1ihQa9hsA3ytbgcUx7g9xrf
cwnkMzc+Jjsd+C8QWsLGCvwqKcCxBK1RDvOjUu9JChNWD+E+xq73PhcUMckCaWpB
Hfof7VOe0Ok03MWjbY3wHd6COkLCoI2W7yaMv6scw46/QwCrtRMyqW7a04zhODdr
2UzdmVnarx9UUGXUuGeMsg==;
X-Vade-Score: 0
X-Vade-Verditct: clean
X-Vade-Analysis: gggruggvucftvghtrhhoucdtuddrgedujedrudelhedgtdeiucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuufgjpfetvefqtfdpqfgfvfenuceurghilhhouhhtmecufedtudenucenucfjughrpeffhffvkfgjfhfugggtihfothesrgdttgerredtjeenucfhrhhomheprfgruhhlucetrhhmrghnihcuoehprghulhdrrghrmhgrnhhisegtvghnthhurhihlhhinhhkrdhnvghtqeenucggtffrrghtthgvrhhnpeeifeeitedtjefftdehtdfhtedvtdefudeufeehudejieeutddtffefheffffehieenucfkphepleejrdduudekrddvgeejrddujeefnecuvehluhhsthgvrhfuihiivgeptd
X_CMAE_Category: , ,
X-CNFS-Analysis: v=2.3 cv=OOhZIhSB c=1 sm=1 tr=0 cx=a_idp_x a=ddOHtBZFimQbxOzE26LO8Q==:117 a=KGjhK52YXX0A:10
a=FKkrIqjQGGEA:10 a=ztbFbg24OMsA:10 a=zTNgK-yGK50A:10 a=EbDl1iGtyJgA:10 a=DuifGzP-WMsA:10
a=eQrCS-SpgXYA:10 a=pGLkceISAAAA:8 a=I_5RNyk1AAAA:8 a=-hM1Le7sjttvPdCqNPwA:9
a=QEXdDO2ut3YA:10 a=FM5Td38R-QfuLuzjo_sA:9 a=EMGMeXAJ1cT0jfNW:21 a=_W_S_7VecoQA:10
a=Eh9yxdLE6B1twWrs3SXz:22
X-CM-Score: 0
X-Scanned-by: Cloudmark Authority Engine
Feedback-ID: dfw:ctl:res:onyx
X-Authed-Username: cGF1bC5hcm1hbmlAY2VudHVyeWxpbmsubmV0
Received: from [10.41.66.9] ([10.41.66.9:34946] helo=md129.onyx.dfw.sync.lan) by smtp.centurylink.net
(envelope-from <paul.armani@centurylink.net>) (ecelerity 3.6.25.56547 r(Core:3.6.25.0))
with ESMTP id CB/36-04051-BE4EBDF5; Thu, 17 Dec 2020 18:08:27 -0500
Date: Thu, 17 Dec 2020 18:08:27 -0500 (EST)
From: Paul Armani <paul.armani@centurylink.net>
To: abdx <abdx@abdx.org>
Message-ID: <276004125.74908316.1608246507035.JavaMail.zimbra@centurylink.net>
In-Reply-To: <CABsR0w=sKZ3VkZQ7XrRvEmY6bS6fS1fuYhR04hY9pS5wP1fdxg@mail.gmail.com>
References: <CABsR0w=sKZ3VkZQ7XrRvEmY6bS6fS1fuYhR04hY9pS5wP1fdxg@mail.gmail.com>
Subject: [abdx.org] Fwd: Englewood CO Antenna ?
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="=_a4322ee4-5b51-48da-bc35-570711a371fa"
X-Originating-IP: [97.118.247.173]
X-Mailer: Zimbra 8.7.6_GA_1776 (zclient/8.7.6_GA_1776)
Thread-Topic: Englewood CO Antenna ?
Thread-Index: 1Rx3xRq4gbYS4EzzooEoa0olh8T4AA==
oclient: 206.152.134.66##25
Reply-To: abdx@abdx.org
X-Virus-Scanned: ClamAV using VCN Spam Filter (darmstadtium.vcn.com)

mikedibella
Senior user
Senior user
Posts: 381
Joined: 2016-12-08 02:21

Re: Gmail "be careful with this message"

Post by mikedibella » 2020-12-18 03:11

Well I set up a little test to look at this and I'm seeing messages from an hMailServer distribution list get rejected to multiple test destinations (@dkimvalidator.com and @mail-tester.com) because hMailServer preserves the distribution list address in the To: header and these tools want the test address to be coded in the To: header.

mikedibella
Senior user
Senior user
Posts: 381
Joined: 2016-12-08 02:21

Re: Gmail "be careful with this message"

Post by mikedibella » 2020-12-18 03:15

If you can capture the entire email as text, headers and body, try validating the message here:

https://www.appmaildev.com/en/dkimfile

It might shed some light.

User avatar
mattg
Moderator
Moderator
Posts: 21256
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Gmail "be careful with this message"

Post by mattg » 2020-12-18 03:18

There is this ini setting. Does it have an impact

Code: Select all

RewriteEnvelopeFromWhenForwarding=1
; When performing forwarding, hMailServer now keeps the original From address rather than changing to that of the forwarding account.
; This change was made to reduce risk of message delivery failures.
; To force the previous behavior, set RewriteEnvelopeFromWhenForwarding=1
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2020-12-18 20:06

Thanks guys. I did try adding that line to the INI file. About all it did was change the SPF from a SoftFail to neutral. DKIM and DMARC still fail. That's using the link that you sent at appmaildev.com .
What I have been using, to give it a real test, is composing a message with my Yahoo mail account and sending it to the test group I created. That list sends it out to just a few email addresses, including my gmail and yahoo accounts and my personal. Gmail REALLY hates Yahoo. When I send one from my yahoo, gmail sends it straight to spam instead of to my gmail inbox with the "be careful" message. Yahoo of course rejects it "due to policy reasons" probably because they don't like when a message comes up when you email yourself from yourself.

I thought about it and I think I know why I thought everything was perfect. The test message I was using was on that I actually composed and sent directly from my abdx.org email. So of course if it's coming directly from ABDX.org, it's gonna pass everything because abdx.org is actually signing the message and there's no forwarding.

Still no go.

User avatar
SorenR
Senior user
Senior user
Posts: 4168
Joined: 2006-08-21 15:38
Location: Denmark

Re: Gmail "be careful with this message"

Post by SorenR » 2020-12-18 20:49

SørenR.

Algorithm (noun.)
Word used by programmers when they do not want to explain what they did.

mikedibella
Senior user
Senior user
Posts: 381
Joined: 2016-12-08 02:21

Re: Gmail "be careful with this message"

Post by mikedibella » 2020-12-18 20:54

About the only way I can think of for you to solve this is to use separate distribution list software that generates discrete emails for every list recipient, instead of re-mailing the original list submission. Then hMailServer will individually sign each message and you can set the message headers using rules so the message get authenticated and the recipient can see still see the originator of the post.

See https://tools.ietf.org/html/rfc5322#section-3.6.2 for details on how to do that.

I've used Xtreeme Mailxpert to do this, but it looks like Xtreeme hasn't updated the product in a long, long time.
Last edited by mikedibella on 2020-12-18 20:59, edited 1 time in total.

mikedibella
Senior user
Senior user
Posts: 381
Joined: 2016-12-08 02:21

Re: Gmail "be careful with this message"

Post by mikedibella » 2020-12-18 20:58

SorenR wrote:
2020-12-18 20:49
Just throwing some ideas out here...

https://begriffs.com/posts/2018-09-18-d ... -list.html

http://www.open-spf.org/srs/
@SorenR: I tried analyzing the source code to determine which header in the message is used to identity the sending domain to select the configuration used for DKIM, but it wasn't clear to me....do you know?

The idea was to set that header to the list address so that the list address's DKIM configuration is used for signing the message, and not the list post originator. The message will still fail DMARC alignment, but it might be enough to pass the HAM threshold at Google.

User avatar
SorenR
Senior user
Senior user
Posts: 4168
Joined: 2006-08-21 15:38
Location: Denmark

Re: Gmail "be careful with this message"

Post by SorenR » 2020-12-18 22:09

mikedibella wrote:
2020-12-18 20:58
SorenR wrote:
2020-12-18 20:49
Just throwing some ideas out here...

https://begriffs.com/posts/2018-09-18-d ... -list.html

http://www.open-spf.org/srs/
@SorenR: I tried analyzing the source code to determine which header in the message is used to identity the sending domain to select the configuration used for DKIM, but it wasn't clear to me....do you know?

The idea was to set that header to the list address so that the list address's DKIM configuration is used for signing the message, and not the list post originator. The message will still fail DMARC alignment, but it might be enough to pass the HAM threshold at Google.
RFC5321.MailFrom = oMessage.FromAddress

RFC5322.From = oMessage.From

Sender = oMessage.HeaderValue("Sender") <== This you have create yourself ;-)

Mailing list = ???
------------------- Information from the mail header ------------------
Sender: EARN Group on Information Services
Poster: David Sitman
Subject: GNRT2 - call for comments
-----------------------------------------------------------------------
I wonder if keeping the original sender and adding a new header "Sender:" with the email address of the list will work ??
SørenR.

Algorithm (noun.)
Word used by programmers when they do not want to explain what they did.

User avatar
SorenR
Senior user
Senior user
Posts: 4168
Joined: 2006-08-21 15:38
Location: Denmark

Re: Gmail "be careful with this message"

Post by SorenR » 2020-12-18 22:18

Brainstorming...

Code: Select all

Sub OnAcceptMessage(oClient, oMessage)

    Dim strSender : strSender = "LIST@MYDOMAIN.TLS"
    Dim i, strTo, strOriginalTo
    For i = 0 To oMessage.Recipients.Count-1
        If (i = 0) Then
            strTo = oMessage.Recipients(i).Address
            strOriginalTo = oMessage.Recipients(i).OriginalAddress
        Else
            strTo = strTo & ", " & oMessage.Recipients(i).Address
            strOriginalTo = strOriginalTo & ", " & oMessage.Recipients(i).OriginalAddress
        End If
    Next
    If InStr(1, strTo, strSender, 1) > 0 Then oMessage.HeaderValue("Sender") = strSender
    oMessage.HeaderValue("X-Envelope-To") = strTo
    oMessage.HeaderValue("X-Envelope-OriginalTo") = strOriginalTo
    oMessage.HeaderValue("X-Envelope-From") = oMessage.FromAddress
    oMessage.Save

End Sub
SørenR.

Algorithm (noun.)
Word used by programmers when they do not want to explain what they did.

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2020-12-18 23:43

Soren - should I try that code? Put it in the eventhandler file? Do I need to take anything out? Or just replace the "sub onacceptmessage" subroutine?

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2020-12-18 23:50

Okay so I decided to try it. I replaced the "sub onacceptmessage" routine with what you wrote. Holy sh*t! I think you got something there. It worked. Google shows neutral on the SPF and a pass on both DMARC and DKIM! And this was using my Yahoo account to send the test message. Hell even right there IN my yahoo account, I got it back...which hasn't happened all this time either. In my Yahoo account itself, I always got a mailerdaemon message that it couldn't be delivered to my own yahoo address for policy reasons.
Wow! I think you got it.

Michael

User avatar
SorenR
Senior user
Senior user
Posts: 4168
Joined: 2006-08-21 15:38
Location: Denmark

Re: Gmail "be careful with this message"

Post by SorenR » 2020-12-19 00:10

Did you remove this setting in hmailserver.ini?

Code: Select all

RewriteEnvelopeFromWhenForwarding=1
; Defaults to 0 or disabled.
; This will rewrite the FROM envelope of an email message when forwarding it on to another address.
; The default is to retain the original FROM address (potentially causing SPF checking failures by the forward address server).
SørenR.

Algorithm (noun.)
Word used by programmers when they do not want to explain what they did.

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2020-12-19 01:51

I removed it now. I hadn't removed it.
Everything still seems to be okay except one crazy thing I am trying to track down. If I send an email to the list from my personal email from my ISP (michaelj@vcn.com) the list sends it back to me there, and also to my gmail account. In gmail, that message comes back with the stopsign/question mark. Using the appmaildev.com test site, it shows an SPF softfail, and NONE for DKIM and DMARC. So it's unsigned. So does that mean my ISP isn't signing it? If I email from my personal directly to my gmail, it's fine. So...wierd. I can live with that. I really don't need to see an email I sent to the list if I am the one that sent it. And it also does come back to me over at my vcn.com address and it's fine. Just wondering why it does that and appears to only do it with me. Everyone else so far that has posted to the list is coming through on Gmail just fine with no warnings or anything. Although there was one short test message that gmail put into the "promotions" folder. Again...wierd

User avatar
SorenR
Senior user
Senior user
Posts: 4168
Joined: 2006-08-21 15:38
Location: Denmark

Re: Gmail "be careful with this message"

Post by SorenR » 2020-12-19 02:16

michaeljwyo wrote:
2020-12-19 01:51
I removed it now. I hadn't removed it.
Everything still seems to be okay except one crazy thing I am trying to track down. If I send an email to the list from my personal email from my ISP (michaelj@vcn.com) the list sends it back to me there, and also to my gmail account. In gmail, that message comes back with the stopsign/question mark. Using the appmaildev.com test site, it shows an SPF softfail, and NONE for DKIM and DMARC. So it's unsigned. So does that mean my ISP isn't signing it? If I email from my personal directly to my gmail, it's fine. So...wierd. I can live with that. I really don't need to see an email I sent to the list if I am the one that sent it. And it also does come back to me over at my vcn.com address and it's fine. Just wondering why it does that and appears to only do it with me. Everyone else so far that has posted to the list is coming through on Gmail just fine with no warnings or anything. Although there was one short test message that gmail put into the "promotions" folder. Again...wierd
Ok, I'll take a look at the code as it needs some tweaking if there are multiple lists. Do you want to keep the "X-Envelope-To and X-Envelope-From headers?
SørenR.

Algorithm (noun.)
Word used by programmers when they do not want to explain what they did.

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2020-12-19 02:23

Well I am not sure what they do. So you tell me...do I need to have them? Like I said, right now everything seems to be working.
On my other issue, could it be with my ISP's SPF record? My spf record has my IP4 in it with my server's IP address.

Here's first chunk of an email that I sent to the list from my personal email account. This is how it ended up in my GMAIL account:


Delivered-To: michaeljwyo@gmail.com
Received: by 2002:a50:bc15:0:0:0:0:0 with SMTP id j21csp2418064edh;
Fri, 18 Dec 2020 14:23:21 -0800 (PST)
X-Google-Smtp-Source: ABdhPJwvKyJNE1GvbphVzbpc5MBJF+uViAa5qhZujmrw5gBttNerej9Y/fgfDgN6lDAJTKAPEF2Y
X-Received: by 2002:a02:63cd:: with SMTP id j196mr5746999jac.61.1608330201685;
Fri, 18 Dec 2020 14:23:21 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1608330201; cv=none;
d=google.com; s=arc-20160816;
b=ezt+OQvNER8/YSEUTtLnmW7nO4bjnsKqiUPZv+DVIAqt1bv2XAaNbQ/mwmb9xaR/EJ
v3hK7yYNQlqz/6NnT6jRBBaOvDv5eNewkKmI2MQOU+yXs5XG4Noa6HFPjAGVUyZL6SDd
3NPMbVfml3Z8GMUpwX/Z/hoVMhnSC+n0hnHKIScPObzuqQuiJvMvaAnvmYB3rFWnBJKt
nWr/SUtIoV20kzm+cuc7S7KM/nq6/J5xiEoXjP2HidgilI02kLxaq+y2BjTtd1XqB82b
slh0oKamGXPX4f7hPrSzf89CZvExyxrqfiIlgpYXzgD6YVbLOp776rh7Q55gEY2A2i8O
66eA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=reply-to:thread-index:content-language:mime-version:message-id:date
:subject:to:from;
bh=Cb4xALMUcL39WXflq+Wkhiy4vjeY0aShWnWniumDq3A=;
b=tAtyznijF2yrP++hQmUT9v2BCmJ+fGR7xqDRrumtiiQ5vWZXlJr4rWIkwNVYua/Gka
k8Oz2bZgkCVW5I0G7Iu3+oeWXakLgIZn/7Dc6gmXJeR3W5dIXn0xNngfGQnmoK7LV5b6
ihAA1MrzT7HgG3E7vMNgQsYCqAh+vSYkY7pL8GwaG9WPnZjStR8lbBppNx03M2VK9D28
r2RUuPQPkg6mQnuaSp+O/0BWniet7x7hxffqBhivIkMX/IN+acnm73Ukyy7sVSN51zCb
0EfahcYTgAiEU5a9rQT/fsnd6agRPVyPOYJos8fR2maqO3+TUkR7Q1ZXlk8vrCe/QQd6
mtNw==
ARC-Authentication-Results: i=1; mx.google.com;
spf=softfail (google.com: domain of transitioning michaelj@vcn.com does not designate 65.38.140.167 as permitted sender) smtp.mailfrom=michaelj@vcn.com
Return-Path: <michaelj@vcn.com>
Received: from abdx.org (abdx.org. [65.38.140.167])
by mx.google.com with ESMTPS id y6si24584567iod.21.2020.12.18.14.23.16
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Fri, 18 Dec 2020 14:23:21 -0800 (PST)
Received-SPF: softfail (google.com: domain of transitioning michaelj@vcn.com does not designate 65.38.140.167 as permitted sender) client-ip=65.38.140.167;
Authentication-Results: mx.google.com;
spf=softfail (google.com: domain of transitioning michaelj@vcn.com does not designate 65.38.140.167 as permitted sender) smtp.mailfrom=michaelj@vcn.com
X-Spam-Checker-Version: SpamAssassin 3.4.2 (svnunknown) on mail-PC


Thanks so much for all your help!

mikedibella
Senior user
Senior user
Posts: 381
Joined: 2016-12-08 02:21

Re: Gmail "be careful with this message"

Post by mikedibella » 2020-12-19 03:35

michaeljwyo wrote:
2020-12-19 02:23
Received: from abdx.org (abdx.org. [65.38.140.167])
michaeljwyo wrote:
2020-12-19 02:23
spf=softfail (google.com: domain of transitioning michaelj@vcn.com does not designate 65.38.140.167 as permitted sender) smtp.mailfrom=michaelj@vcn.com
It looks like this list post was originated by michaelj@vcn.com, but sent from the relay authoritative for the abdx.org domain. Google is validating the source IP (65.38.140.167) against the SPF record for vcn.com:

Code: Select all

vcn.com text =
"v=spf1 ip4:209.193.72.0/23 ip4:184.164.96.0/28 ip4:66.198.195.100/30 ip6:2607:f498:4001::/64 include:spf.mandrillapp.com ~all"
65.38.140.167 isn't permitted, so the test is matching ~all, where ~ is the SOFTFAIL qualifier.

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2020-12-19 03:47

Gotcha! So...it's on their end. I could ask my guy over there to add ABDX's IP to his spf and it should work, right? I don't need to do anything else to MY SPF, right?

mikedibella
Senior user
Senior user
Posts: 381
Joined: 2016-12-08 02:21

Re: Gmail "be careful with this message"

Post by mikedibella » 2020-12-19 03:56

I wonder if you can get the envelope MAIL FROM: set to @abdx.org (i.e. use the list address for MAIL FROM:), but keep the From: set to the post originator, and set Sender: to the list address, you might solve this.

See https://www.emailarchitect.net/easendma ... t_from.htm

You also want to consider how you want replies handled. If they should be private to the originator, set Reply-to: to the originator's address, if they should go to the list, set it to the list address.
Last edited by mikedibella on 2020-12-19 03:59, edited 2 times in total.

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2020-12-19 03:58

Something else I wanted to ask about too. I noticed everything is working great and i do have a feeling it does have something to do with not modifying the original message. The messages don't have the prefix on the subject. I've already told the users we may have to live with it that way but I was wondering if we could put the [abdx] prefix on the subject or is that going to break everything again?

Michael

mikedibella
Senior user
Senior user
Posts: 381
Joined: 2016-12-08 02:21

Re: Gmail "be careful with this message"

Post by mikedibella » 2020-12-19 04:01

On many mail clients, if Sender: is present, the From line in the client reads:

From: list-address on behalf of originator

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2020-12-19 04:37

Yep I have seen a lot of lists like that. Our old Yahoogroups list did it. I just don't know how to make this one do it. I have been looking for a lot of those variables.... like where the envelope is and where the variables are and how they are compiled. I don't see them in the hms file. I think I see where the envelope is made over in the events.vbs file but I don't know how to modify that. I get the feeling some of the variables used in the subroutines in the events.vbs file are defined over in the .hms file. Ugh...makes my head spin.

mikedibella
Senior user
Senior user
Posts: 381
Joined: 2016-12-08 02:21

Re: Gmail "be careful with this message"

Post by mikedibella » 2020-12-19 05:20

The envelope refers to the data exchanged between SMTP peers to complete message exchange. It includes the verbs EHLO, MAIL, RCPT, DATA, QUIT. The message itself is comprised of the headers and body. It is submitted after the DATA verb, and submission is finalized by sending <cr>.<cr>. QUIT then ends the session.

The RewriteEnvelopeFromWhenForwarding=1 is the only way I can think or (short of modifying the source code) to get hMailServer to send the list address as the MAIL FROM: operand, so if you can't observe that behavior, the rest is probably moot.

Once you can get MAIL FROM: adjusted, you then just need a small VBS script that:

1. Only operates on the message if it an outbound post to list members. You want it to ignore ordinary messages and incoming list posts until they are expanded to the membership.
2. Saves the list post originator to a variable. It looks like this value might be in the Return-path: header in the unaltered list post message.
3. Sets From: to the list post originator.
4. Sets Sender: to the list address.
5. Sets Reply-to: to the list address (to have replies flow back though the list) or to the originator (to make replies private).
6. Set Return-path: to the list address (I think).
7. Saves the message.

You think can do some of #1 in script by using the ItemByAddress method of the DistributionLists object. If the address is a list, the method will return a DistributionList object, otherwise I think it returns nothing or throws an error that can be trapped. Not sure how to differentiate from an incoming post to one that has been expanded and is outgoing.

Items 2-6 are simple value assignments.

#7 is the Save method of the Message object.

The question I'm not sure about is weather this script can be triggered as a Rule Action, or if it will only work as an event handler, and if so, which one?

Maybe @SorenR will catch up on this and comment.

mikedibella
Senior user
Senior user
Posts: 381
Joined: 2016-12-08 02:21

Re: Gmail "be careful with this message"

Post by mikedibella » 2020-12-19 06:00

One piece missing is the post recipient. The To: header needs to be rewritten to that address, and I don't see it in any header in the message before it is sent.

When it is received, the receiving MTA may set X-Apparently-To: to the recipient address as received in the RCPT TO: envelope value, but I don't see anywhere the hMailServer stores it in the message file before transmission.

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2020-12-19 06:25

Wow...yeah looks like it can be a pain and I bet Soren could shed a little more light. I would like to attach my eventhandlers.vbs and my .hms files so you guys could see, but I can't figure out how to attach them here. The system tells me "invalid file extension .vbs"

User avatar
jimimaseye
Moderator
Moderator
Posts: 8902
Joined: 2011-09-08 17:48

Re: Gmail "be careful with this message"

Post by jimimaseye » 2020-12-19 09:38

michaeljwyo wrote:
2020-12-19 06:25
Wow...yeah looks like it can be a pain and I bet Soren could shed a little more light. I would like to attach my eventhandlers.vbs and my .hms files so you guys could see, but I can't figure out how to attach them here. The system tells me "invalid file extension .vbs"
Copy paste as text or rename as .txt and attach or put them in a Zip file and attach.

[Entered by mobile. Excuse my spelling.]
5.7 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

User avatar
SorenR
Senior user
Senior user
Posts: 4168
Joined: 2006-08-21 15:38
Location: Denmark

Re: Gmail "be careful with this message"

Post by SorenR » 2020-12-19 14:53

I use hMailServer 5.6.8 B2505.custom and it seems like the header "Sender" from my code never makes it through the system... However it seems like the distributionlist add "X-Sender:" with the original sender. I can't find a quick reference to "X-Sender" in the source so I need to dig deeper.

I have a test domain on my server "acme.inc" so I made the list "list2@acme.inc" and included members from gmail, acme.inc and my personal domain. The mx record of my server is from my personal domain and is SPF, DKIM and DMARC verified. SPF record is "-all" so it's "all or nothing".

Email from "road.runner@acme.inc" to "list2@acme.inc" make it through to my personal domain AND to my GMail account however I get the (?) tag from GMail - which makes sense as "acme.inc" do not exist on the Internet (!)
.
test.jpg
Anyways, I need to do some more testing as it seems the distribution list create a complete new set of message headers in the email sent to list members...
SørenR.

Algorithm (noun.)
Word used by programmers when they do not want to explain what they did.

mikedibella
Senior user
Senior user
Posts: 381
Joined: 2016-12-08 02:21

Re: Gmail "be careful with this message"

Post by mikedibella » 2020-12-20 03:40

Try this.

Put this in EventHandlers.vbs:

Code: Select all

Sub FixListPost(oMessage)
	oMessage.From = oMessage.To
	oMessage.HeaderValue("Sender") = oMessage.FromAddress
	oMessage.HeaderValue("Reply-to") = oMessage.FromAddress
	oMessage.Save
End Sub
Add a Global Rule to trigger it:
Untitled.png
Untitled.png (10.61 KiB) Viewed 6496 times
In my testing, the script fires for each list message and the message looks like this in the client:

From: originator on behalf of list-address

Replies go to the originator. To have replies go to the list, delete the line:

Code: Select all

oMessage.HeaderValue("Reply-to") = oMessage.FromAddress

User avatar
SorenR
Senior user
Senior user
Posts: 4168
Joined: 2006-08-21 15:38
Location: Denmark

Re: Gmail "be careful with this message"

Post by SorenR » 2020-12-20 03:46

Well... Try replace the previous code with this in Sub OnAcceptMessage...

Code: Select all

    Dim strDist : strDist = "list@mydomain.tld, test@acme.inc, test@mydomain.tld,"
    Dim i, j
    For i = 0 To oMessage.Recipients.Count-1
        j = InStr(strDist, oMessage.Recipients(i).OriginalAddress)
        If j > 0 Then
            oMessage.HeaderValue("Sender") = Mid(strDist, j, InStr(j, strDist, ",", 1) - j)
            oMessage.Save
            EventLog.Write( "Sender: " & oMessage.HeaderValue("Sender") )
            Exit For
        End If
    Next
When I send to the "list2@acme.inc" distribution list from my personal domain GMail now validate SPF, DKIM and DMARC against my personal domain and not "acme.inc" so it has made some difference.

My lack of "Sender:" header turned out to be related to how hMailServer translate recipients. It turned out I had to use oMessage.Recipients(i).OriginalAddress and not oMessage.Recipients(i).Address as the latter would only contain list members.

Try it out and let me know how it hangs.
SørenR.

Algorithm (noun.)
Word used by programmers when they do not want to explain what they did.

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2021-01-06 20:41

Wow Thanks Mike and Soren. Can (should) I try both of your ideas? Sorry...was on vacation for the holidays. I noticed that yes things are working better but still having some things come up in gmail as "be careful with this message" so it's not perfect and I'd like it to be.

mikedibella
Senior user
Senior user
Posts: 381
Joined: 2016-12-08 02:21

Re: Gmail "be careful with this message"

Post by mikedibella » 2021-01-06 21:02

I think both should get you close to what you need. Mine it triggered via the Rules engine, so it does have the advantage of some user interface for changing the criteria for message that get the modifications applied.

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2021-01-07 02:44

Mike-might be a stupid question, but what do I put as the script function when I set up the "run function" action?

mikedibella
Senior user
Senior user
Posts: 381
Joined: 2016-12-08 02:21

Re: Gmail "be careful with this message"

Post by mikedibella » 2021-01-07 04:18

The name of the subroutine: "FixListPost" (without quotes)

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2021-01-07 17:46

Thanks...will try that.
In other URGENT news, something happened and I am not sure what. I didn't think putting subroutines in the script would make any difference and I don't think it did but everything quit working. I don't know if it's something on my part. I tried fixing things but maybe made it worse. In the main interface for HMS, in the advanced settings and autoban, I do have a list of IP's there that I have been spammed from. I also have MY ip address listed there since my pc checks my mail every 5 minutes and I was getting banned for that. Anyways, I don't know if I am understanding the concept of "local to local" and "external to external" and so forth. I do get what they mean but I am wondering where the distribution list comes into play. What is it considered? It it local? Is it external? When a message is sent to the list, which one of these categories does it fall under? The reason I say this, is that i can use my mail account that I set up for myself on the server. I know that definitely counts as a "local account". When I send a message with that one it works great. I send it to the list's address of course, and everyone gets it. So I think that falls under "local to external". On THAT particular IP range (basically 127.0.0.1) it can be set up for SMTP authentication because I am using an actual mail account. But does the "list" have an actual mail account? Or does that count as an "external" account and its settings are counted under "external to external" in which case, no I can't have every user on the list do SMTP authentication....they are just emailing the list.
Can you tell me what happened??

User avatar
jimimaseye
Moderator
Moderator
Posts: 8902
Joined: 2011-09-08 17:48

Re: Gmail "be careful with this message"

Post by jimimaseye » 2021-01-07 18:01

Start with this: LOCAL means a domain hosted on your server, EXTERNAL means one that isnt. (More refrence to that here: https://www.hmailserver.com/documentati ... ce_iprange)

Substitute that in to your setup and see how it fits.
5.7 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2021-01-07 18:32

Okay got it figured out. Here's how I broke it: A couple of days ago, I changed the ports in order to try to quit being hammered by spammers. So I had changed the mail SMTP from port 25 to port 256. So, in order to get things working, I re-added port 25 for SMTP protocol. I would rather not do that...but apparently somewhere in the script, there's something that refers to the SMTP being on port 25. So...it looks like I can probably use port 256 if I can find where in the script to change that. Any idea where that would be?

User avatar
SorenR
Senior user
Senior user
Posts: 4168
Joined: 2006-08-21 15:38
Location: Denmark

Re: Gmail "be careful with this message"

Post by SorenR » 2021-01-07 18:39

michaeljwyo wrote:
2021-01-07 18:32
Okay got it figured out. Here's how I broke it: A couple of days ago, I changed the ports in order to try to quit being hammered by spammers. So I had changed the mail SMTP from port 25 to port 256. So, in order to get things working, I re-added port 25 for SMTP protocol. I would rather not do that...but apparently somewhere in the script, there's something that refers to the SMTP being on port 25. So...it looks like I can probably use port 256 if I can find where in the script to change that. Any idea where that would be?
If you want to receive mail from the Internet then you need port 25 !
SørenR.

Algorithm (noun.)
Word used by programmers when they do not want to explain what they did.

mikedibella
Senior user
Senior user
Posts: 381
Joined: 2016-12-08 02:21

Re: Gmail "be careful with this message"

Post by mikedibella » 2021-01-07 18:42

If you want to receive mail from the Internet then you need port 25 !
+1

Your external users will need to communicate with your server on port 25 to submit distribution list posts.

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2021-01-07 19:53

Ok then it is what it is. will leave it alone.

Now with the scripts, I did do both modifications. I am not sure whether it was the rule, or Soren's script changes, or both. It did work to an extent for the "on behalf of" the we were trying to achieve. However, the problem was, is that when the message came in, it showed it came from "abdx" instead of the original poster. Inside the header, it did show "abdx or behalf of <user@abdx.org>. And of course that caused google to flag everything. So I am not sure what to do other than put it back the way it was, which I did. It shows the original poster's name when you see it come into your inbox...whether that be google or Outlook or whatever. And the reply-to address is the list. This is back to square one where it was. We were a former Yahoo group and I ultimately would like to see it work like that although I don't know if that's possible. I have told them "we are not yahoo and we are not google so I am doing the best I can to get as close as I can to that." With Yahoo, it showed the original poster's name when it came into the inbox, then inside the message, it showed the list name and the "on behalf of". In the subject line, everything had the prefix on it [abdx] . Yahoo, google, etc never declared anything from the list as spam. I know that we had the prefix forever, but things started doing better once we changed things and took that off a few weeks ago...probably because it left the message unchanged so that Google would pass it through. Otherwise Google sees the prefix as a change to the original message and flags it.

Now you know what I am trying to achieve. i know it may be a tall order and I really do appreciate you guys' help in all this and I apologize for being a novice. Trying to learn. My time is limited as I do have a full time job running my business plus wife and 2 kids and so forth. I seem to dive into this and spend a whole day doing it and then I am 2 days behind on work the next day. I just want it to work so I can be done with it and let it do its thing and not have to worry much about it.

Michael

mikedibella
Senior user
Senior user
Posts: 381
Joined: 2016-12-08 02:21

Re: Gmail "be careful with this message"

Post by mikedibella » 2021-01-07 20:02

Can you post the raw headers here for us to look at? There should be a "view headers" or "view raw message" option in the gmail web UI.

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2021-01-07 21:20

You bet . Here you go:

----------------------------------------------------------------------

Delivered-To: michaeljwyo@gmail.com
Received: by 2002:a50:bc15:0:0:0:0:0 with SMTP id j21csp597951edh;
Thu, 7 Jan 2021 08:47:17 -0800 (PST)
X-Google-Smtp-Source: ABdhPJzw+Yle1XxKzPUq2iZSKDVSdG6eLO1lfRT00pUCV1+j1eHmIrvqcird8A9CKao2fyD3RyKf
X-Received: by 2002:a92:d592:: with SMTP id a18mr2276693iln.64.1610038037383;
Thu, 07 Jan 2021 08:47:17 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1610038037; cv=none;
d=google.com; s=arc-20160816;
b=wHU96n3Ia9lYsnIUSd+G2LNHaT08vHb6ycWHEWZMx7s0dwoPdTnetOWCDUVXS1nsOQ
V90iF98cJfMxHQHqvwrEbEqWlFxfRzLXjEOJv0GMntfCuZe11rsxfixlp/yIdG+eGTPM
Wimw/X2carcSF+m5122W6y8oj546Dgor430pemgwahREknmUrQwCXVr83ZMCpmZowz5s
dpgrg6fyqu0d7PD55dwuFmBpNzv+4PEfqU0WP7Bt8mOXf5XCGc0bPgsfHKhD5K9hx25T
C5aVYfLq1QcbIG/m1M3pKHbvZV1q64Smh4Beb8kQgFLahSC9mogl30d7cU5THLsX+w6Q
uO5Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=reply-to:sender:content-language:thread-index:mime-version
:message-id:date:subject:to:from;
bh=3QQXWFjGYBCJLk65L0eOLbSZvdUoJ/UC01VrUZtRTG8=;
b=Ax2x7Mdi37MbDTyifyr8OR4aHpU/H1WcF5giCD6WhBSfExjk9S9v2lpJpDnGNPGaC2
cgxDQu/nu1jtyMUuTfy8xm/yp4PXH7R1YPhRKtQ4MtVKgjLl998GTDalzU0YG8J4EuuO
z0SuPtKJJlaEoe8UUOSJtjVtHTw1WwPryllCTBd2UlxXbwjccdRAdEC7hChshFRIDiTI
UA7awvwTVOwQSqSxfbgBqfsohkcRUHn3vHugyQaAAFqCltAUPPR4r9g/AlDeTqcwAKLR
uKjUbycSiEPsCqiHgW7Qg8NmZ7KtGXERhbfbvtL+as+YeVjzAH+Y0jlJZ0n0FZzbeifD
X+jw==
ARC-Authentication-Results: i=1; mx.google.com;
spf=softfail (google.com: domain of transitioning michaelj@vcn.com does not designate 65.38.140.167 as permitted sender) smtp.mailfrom=michaelj@vcn.com;
dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=abdx.org
Return-Path: <michaelj@vcn.com>
Received: from abdx.org (abdx.org. [65.38.140.167])
by mx.google.com with ESMTPS id o4si3764168ilt.21.2021.01.07.08.47.12
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Thu, 07 Jan 2021 08:47:17 -0800 (PST)
Received-SPF: softfail (google.com: domain of transitioning michaelj@vcn.com does not designate 65.38.140.167 as permitted sender) client-ip=65.38.140.167;
Authentication-Results: mx.google.com;
spf=softfail (google.com: domain of transitioning michaelj@vcn.com does not designate 65.38.140.167 as permitted sender) smtp.mailfrom=michaelj@vcn.com;
dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=abdx.org
X-Spam-Checker-Version: SpamAssassin 3.4.2 (svnunknown) on mail-PC
X-Spam-Level:
X-Spam-Status: No, score=0.0 required=5.0 tests=HTML_MESSAGE,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2
Received: from barium.vcn.com (barium.vcn.com [209.193.73.228]) by abdx.org with ESMTP ; Thu, 7 Jan 2021 09:44:46 -0700
Received: from Michael (vail-65-38-140-166.vail.net [65.38.140.166]) by barium.vcn.com (Postfix) with ESMTPA id 9D4792087B for <abdx@abdx.org>; Thu,
7 Jan 2021 09:44:45 -0700 (MST)
From: <abdx@abdx.org>
To: <abdx@abdx.org>
Subject: Sorry :(
Date: Thu, 7 Jan 2021 09:44:45 -0700
Message-ID: <0cba01d6e514$67d8dae0$378a90a0$@vcn.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0CBB_01D6E4D9.BB7A02E0"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AdblFCoSy7t2xmPmQGKDhbKpQBbneQ==
Content-Language: en-us
Sender: michaelj@vcn.com
Reply-To: abdx@abdx.org

--------------------------------------------------------------------------------------------

That is from one of the messages that came in when the new scripts / rule were running.

mikedibella
Senior user
Senior user
Posts: 381
Joined: 2016-12-08 02:21

Re: Gmail "be careful with this message"

Post by mikedibella » 2021-01-07 22:08

I looks like the message is failing the SPF check because the envelope MAIL FROM is still set to the originator (michaelj@vcn.com).

Is this with RewriteEnvelopeFromWhenForwarding set to 1 or 0?

michaeljwyo
Normal user
Normal user
Posts: 61
Joined: 2020-02-11 19:02
Location: Evanston, WY
Contact:

Re: Gmail "be careful with this message"

Post by michaeljwyo » 2021-01-07 23:02

Not sure where to find that. Where do I look?

mikedibella
Senior user
Senior user
Posts: 381
Joined: 2016-12-08 02:21

Re: Gmail "be careful with this message"

Post by mikedibella » 2021-01-08 01:53

In the hmailserver.ini file in the hMailServer\bin directory. Look for a line that says:

Code: Select all

RewriteEnvelopeFromWhenForwarding=
and report the number after.

If the number is zero, change it to 1.

If the line is missing, add:

Code: Select all

RewriteEnvelopeFromWhenForwarding=1
as a new line in the settings section:

Code: Select all

[Settings]
RewriteEnvelopeFromWhenForwarding=1
Restart the hMailServer service, and test again.

Post Reply