Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Our mail is being spam-boxed

1 view
Skip to first unread message

chad.a...@gmail.com

unread,
Feb 17, 2005, 8:14:34 PM2/17/05
to
Help!

I wrote an application in PHP that automatically emails out reminders
to users of a system... but the emails are ending up in most spam boxes
(Outlook 2003, Hotmail, Yahoo). All they are is text, and they don't
have a bunch of spam red flags in the body. I think I'm doing
something wrong with the headers. Does anyone spot an obvious problem?
Attached are the headers with *'s in some of the URLs just for
liabilities-sake:


Return-Path: <test1@a***m.com>
Received: from u15158028.onlinehome-server.com (www.cl****ng.com
[217.160.253.233])
by server1.a***m.com (8.11.6/8.11.6) with ESMTP id j1I0TLG10252
for <test4@a***m.com>; Thu, 17 Feb 2005 18:29:21 -0600
Received: (qmail 28165 invoked by uid 48); 18 Feb 2005 00:13:05 -0000
Date: 18 Feb 2005 00:13:05 -0000
Message-ID:
<2005021800130...@u15158028.onlinehome-server.com>
To: test4@a***m.com
Subject:
From: Dropkick Murphys <test1@a***m.com>
Return-To: <test1@a***m.com>


Ideas?

Thanks a ton,
Chad

Jochen Bern

unread,
Feb 17, 2005, 10:44:22 PM2/17/05
to
chad.a...@gmail.com wrote:
> Received: from u15158028.onlinehome-server.com (www.cl****ng.com
> [217.160.253.233])

IP blacklisted on RangersBL. (See http://dnsbl.rangers.eu.org/ .)

> by server1.a***m.com (8.11.6/8.11.6)

Vulnerable sendmail version.

> Received: (qmail 28165 invoked by uid 48); 18 Feb 2005 00:13:05 -0000
> Date: 18 Feb 2005 00:13:05 -0000

Aberrant datetime syntax.

> Subject:

Might trigger an antispam rule, too.

> Return-To: <test1@a***m.com>

Unknown. Use "X-Whatever:" syntax to make up header names yourself. If
you meant Return-Receipt-To: or Return-Path:, both could easily trigger
antispam filters, too.

Regards,
J. Bern

chad.a...@gmail.com

unread,
Feb 18, 2005, 4:28:12 PM2/18/05
to
J,

Thanks for the help...

I ran the 217.xx IP through ranger and didn't notice anything strange?

Chad

D. Stussy

unread,
Feb 21, 2005, 5:06:48 AM2/21/05
to
On Fri, 18 Feb 2005, Jochen Bern wrote:
> chad.a...@gmail.com wrote:
> > Received: from u15158028.onlinehome-server.com (www.cl****ng.com
> > [217.160.253.233])
>
> IP blacklisted on RangersBL. (See http://dnsbl.rangers.eu.org/ .)
>
> > by server1.a***m.com (8.11.6/8.11.6)
>
> Vulnerable sendmail version.

And quite old.

> > Received: (qmail 28165 invoked by uid 48); 18 Feb 2005 00:13:05 -0000
> > Date: 18 Feb 2005 00:13:05 -0000
>
> Aberrant datetime syntax.

Additionally, although a comment by itself before the semicolon for a Received
header is syntactically valid, note that what it is timestamping (incorrectly)
is internal information to the host, not a host-to-host transfer or protocol
transition. There is some question as to whether such is semantically valid
within the purposes of RFC-2822 trace headers. Additionally, as sendmail
allows (optional) comment stripping when processing header fields, this data,
as comment stripped, would appear as "; -date-", which seems to result in a
useless and unnecessary timestamping of the message, and again calls the
semantic use under RFC-2822 into question. To me, the process number and user
ID that any particular message is handled under constitute internal information
to the host that should ONLY be in the system logs (yet qmail consistently does
this).

> > Subject:
>
> Might trigger an antispam rule, too.
>
> > Return-To: <test1@a***m.com>
>
> Unknown. Use "X-Whatever:" syntax to make up header names yourself. If you
> meant Return-Receipt-To: or Return-Path:, both could easily trigger antispam
> filters, too.

Or even the depreciated "Errors-To:" or the (current) "Reply-To:"?

0 new messages