[pattycake]

Quote:

Originally Posted by Paul M

We also have this issue on my vB3 forum, Ive been trying to figure out whats going on for 3 weeks (on and off) all our e-mails to Gmail are just getting bounced.

Paul... vb3, vb4, vb8000... it will happen on any vb version that puts anything other than your server as the from (ie, the sender).

The next time one bounces, go look at the header... you'll see the FROM issue.

--------------- Added [DATE]1399391922[/DATE] at [TIME]1399391922[/TIME] ---------------

Quote:

Originally Posted by makaiguy

[snip]
I'm testing a hack of sendmessage.php right now that sends these user-generated messages with the default bbs address in the "From" field, and with the sending user's email address in an additional "Reply-to" header. This way the message should pass the Sender-ID test (the From address is on the sending server) but the recipient can still reply to the actual sender thanks to the Reply-to header.

Test messages I've sent via my test board to one of my other email addresses show the headers to be getting sent the way I want. Don't know yet if this really solves the problem when sending to gmail, yahoo, etc.

That should do the trick... it puts the REAL "from" (your server) in the "from" (ie, the "sender") and your "reply to" make a reply go to the correct email address (and not the forum's admin).

I need to go take a qwik check and find all occurances where VB changes this "from" and then I'll be able to post a "one size fits all" solution.

--------------- Added [DATE]1399392384[/DATE] at [TIME]1399392384[/TIME] ---------------

Click this link - http://www.dmarc.org/faq.html#g_13
It's a frigging dissertation on dmarc... just scroll down 40 or 50 pages to the section titled "Why are messages I send on behalf of visitors to my website being blocked?"

For those not wanting to read thru all that crap, it says:
Why are messages I send on behalf of visitors to my website being blocked?

Quote:

This depends on how you are sending these messages. If you are simply taking the website visitor's email address and inserting it into the "From:" header of the message, and sending that message from your own servers, then you are impersonating the domain in their email address - in a way that is indistinguishable from spammers.

These practices may have worked previously - in many cases for decades - because before spam became a literally overwhelming problem, nobody checked. The most successful initial mechanisms to combat such spam were IP address-based blocklists, and so your site may have been allowed to continue because it did not appear on such a list. For the past decade, however email authentication has been introduced as a filtering mechanism, and is increasingly being used to detect and block such messages.

As a best practice, you should instead be using a domain you control in the address of the "From:" header, and use mechanisms like SPF, DKIM, and DMARC to show that this message is authorized to use your domain. In the example below, the site visitor's name is shown in the descriptive part of the "From:" header, and the "Reply-To:" header is set to the website visitor's address, but the actual address used in the"From:" header clearly indicates that your website is the origin of the message.
From: "John Doe via the Example Website" <service@website.example.com>
Reply-To: "John Doe" <john@firstmailboxprovider.com>
To: "Bob Smith" <bob@secondmailboxprovider.com>
Subject: "An article I thought you would find interesting"