Fixed E-Mail Missing Message ID Header

Divvens

Well-known member
Recently, 35 of our outgoing e-mails (registration confirmation e-mails) were blocked as spam by our hosts spam filter.

The reasons they stated are;
Unfortunately, the bayesian DB only is a small part of our spam scoring system. Here is an overview of other rules that were triggered:
- MISSING_MID = Your mailing software is not adding a message ID to outgoing messages. I believe this violates the RFC spec for email.
- DCC_CHECK = Message signature is similar in nature to other known spam (globally).
- RAZOR2_CHECK = Message signature is similar in nature to other known spam (globally).

Since you are sending via SMTP, I believe XenForo is responsible for the message ID header, as any "normal" SMTP client would handle this itself. You may need to contact their support regarding this.

I didn't know to report this as a bug or as a problem, so reported this as a bug.
 
I've disabled e-mail verification since all the e-mail verification mails are getting caught in the spam filter. With xenForo's built it anti-spam measure I think e-mail verification can be disabled for the time being.

My host did say that none of the mails would get stuck in the spam filter if the Message ID header was provided, but for now I think I'll turn of the verification until I get this sorted out.
 
Is it necessary to use SMTP?
I've been using SMTP to send e-mails since our community started out. The default mail option gets caught as spam in some e-mail platforms like hotmail and yahoo (we tested these in the first days of our community).
 
Here is some additional information about Spam Assassin and its MISSING_MID rule:
http://wiki.apache.org/spamassassin/Rules/MISSING_MID

Standard description: Missing Message-Id: header

Explanation
The message does not contain a Message-Id header. The relevant standards specify that mails should have Message-Id headers. All properly written Mail User Agent (or Mail Submission Agent) software is expected to add a Message-Id header.

This suggests that the mail was sent by badly-configured mailout software rather than by a normal email client.

Further Info
The default scores for this rule can be found in the online list of tests.

The Message-Id header is detailed in RFC 2822 sec 3.6.4.
 
Interestingly, MISSING_MID isn't even listed in the default scores for SpamAssassin 3.3 -- in 3.2, the score is 0.001 so that's really minor in comparison to the other listed rules (which of course are a pain as these are legit "transactional" emails).

Regardless, we definitely should have a message ID so I've added that now.
 
Top Bottom