On 9/23/2020 2:11 PM, John Hardin wrote:
On Wed, 23 Sep 2020, Jerry Malcolm wrote:
On 9/23/2020 12:46 PM, John Hardin wrote:
On Wed, 23 Sep 2020, Jerry Malcolm wrote:
I am sending test emails from one of my hosting environments to
another of my hosting environments. I get this line in the SA report:
1.6 FORGED_MUA_MOZILLA Forged mail pretending to be from Mozilla
I am sending from Thunderbird. So it's coming from Mozilla. But it
is not forged mail pretending to be from Mozilla.
What is triggering this?
meta FORGED_MUA_MOZILLA (__MOZILLA_MUA && !__UNUSABLE_MSGID &&
!__MOZILLA_MSGID)
It doesn't believe the Message-ID was generated by Thunderbird.
What's the message ID?
Thanks. That makes sense. But it just adds to my problems. I am
pulling my hair out on trying to get a clean send that gmail,
outlook, and others will accept. I have an Apache JAMES server. When
I send to mail-tester.com I get a 10 out of 10 clean bill of heath.
But gmail, outlook, and a bunch of other MTAs won't accept it and
bounce it back (with no reason attached). I'm hosting on AWS. So
the recommendation was to proxy my outbound mail through AWS's SES
server so it appeared that the mail came from 'trusted' Amazon.
Now I realize that Amazon changes the message id, and I get this
'forged' flag.
It's possible that the rule needs an exception for that case. Would
you zip up a sample for me in private mail, with all headers intact?
I'm delivering mail for a very large company where unsuccessful mail
delivery to the recipients can be catastrophic.
So, gmail etc. are rejecting the messages from your James server? Or
is this a broader issue with general email? If you like, you can send
some test messages to me directly and we'll see what happens.
I just posted a response to Marc with more details. But in summary,
before I used SES, I simply had a fixed IP with James' SMTP server. I
would get bounces about blacklisted IPs (I changed IPs several times
with no change). I would get bounces from gmail, outlook, ymail, and
various corporate servers, most with no explanation. Just 'rejected'.
It wasn't 100%. But it was bad enough my client was missing business
opportunities. So I waved the white flag and started to proxy through
SES. During all of the time of the bounces, both SA and mail-tester
said my mail was clean.
I will send you an email that bypasses SES and a zip of the mail item
that received the Mozilla forged hit.
