Mailing List Archive

1 2  View All
Re: 1.6 FORGED_MUA_MOZILLA Forged mail pretending to be from Mozilla [ In reply to ]
This list is probably the correct one for you to discuss it on because I'm
not aware of anything else that is really introductory. have you looked at
resources like postmaster.aol.com and Google's postmaster resources?

AOL really led the charge on email hygiene and putting the kibosh on
spammers ages ago. Their postmaster page and the feedback loops and
everything will probably be invaluable to you starting to learn more about
email deliverability.

On Fri, Sep 25, 2020, 18:32 Jerry Malcolm <techstuff@malcolms.com> wrote:

> On 9/24/2020 8:17 AM, RW wrote:
> > On Wed, 23 Sep 2020 13:47:23 -0500
> > Jerry Malcolm wrote:
> >
> >
> >> But gmail, outlook, and a bunch of other MTAs won't accept it and
> >> bounce it back (with no reason attached). I'm hosting on AWS. So
> >> the recommendation was to proxy my outbound mail through AWS's SES
> >> server so it appeared that the mail came from 'trusted' Amazon. Now
> >> I realize that Amazon changes the message id, and I get this 'forged'
> >> flag.
> > Are you sure about that? It would break threading on most traditional
> > mail clients.
> >
> > In your list emails you are DKIM signing Message-Id and sending
> > directly from AWS. If you are doing the same thing with SES, then
> > obviously that would break DKIM.
> >
> > OTOH if you aren't signing Message-Id on the other mail perhaps doing so
> > would discourage Amazon from overwriting the header.
> >
> >
> >> Would it be better if I went through the headers on outbound and
> >> removed headers that referenced Mozilla (or Outlook, or iPhone, or
> >> ???) in order to make the SES message id change not trigger the rule?
> > I doubt it would make much difference. Most spam filtering wont have
> > that rule. And even in SA it was only 1.6.points.
> SES adds it's own DKIM signing. But I did find a horrible problem
> directly related to Apache forums when proxying through SES. I can't
> remember the details, but SES changes up something that makes all apache
> forums not recognize me. I ended up having to write a special rule my
> outbound JAMES server that "if going to apache.org" don't use SES proxy
> gateway. So these posts to this forum are actually bypassing SES.
>
> I want to thank everyone for the information. I realize that this
> thread has veered way off the topic of SpamAssassin. I'm getting lots
> of useful information from here and other sources. But I'm beginning to
> feel like the ball in a pinball machine bouncing around with every new
> piece of info. Can someone recommend a good forum where the topic of
> "the best way to send email" is discussed/argued where we can banter
> back and forth on the pros and cons of AWS, SES, 3rd party, proxy vs. no
> proxy, etc etc etc? I'm learning a lot. But it's not my desire to make
> successfully getting mail to its recipient my new career. I represent a
> totally legitimate business whose success depends on getting account
> authorization emails and payment receipts to the intended recipients.
> It's a problem I need to solve... but after that, then move on to other
> problems. Is there a good place to hang out and discuss this topic?
>
> Thanks again.
>
> Jerry
>
>

1 2  View All