Are they using the suggestions on https://support.google.com/mail/answer/175365 for procmail forwarding?
There's a double edge sword with SPF auth for forwarding.. if you re-write the envelope sender to the forwarding address and forward spam, the forwarding domain can accumulate poor reputation. If you don't rewrite the envelope sender, then the messages will no longer be SPF authed, and that may cause spam detection issues. There's no great solution to this problem. Theoretically, one could try to walk the line and rewrite the sender for some messages where you think it's not spam but having no auth causes issues ... though it won't work for say domains with DMARC since there has to be alignment. ARC is the theoretical solution to this, where it can forward auth information, but how to handle the forwarded auth information is still a work in progress. In a long ago thread, we discussed the benefits of doing both forwarding and pop fetching, to handle the edge cases. Brandon On Thu, Apr 28, 2022 at 11:49 AM Geoff Mulligan via mailop < mailop@mailop.org> wrote: > I have a user on one of my servers that uses procmail to forward messages > to their gmail account. > > Every once in a while messages sent to them are "bounced" to the sender > with the error fro gmail: > > 550-5.7.26 This message does not have authentication information or fails to > 550-5.7.26 pass > authentication checks. To best protect our users from spam, the 550-5.7.26 > message has been blocked. > > > How can I diagnose this??? > > Is it that the message sender's domain has a DMARC setting or some such > that gmail is using and that my server (which is just forwarding the > message) is failing? > > If so, how is someone supposed to forward messages to gmail??? > > Thanks, > Geoff > > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://list.mailop.org/listinfo/mailop >
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
