#email-forwarding — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #email-forwarding, aggregated by home.social.
-
ARC chain analyzer: trace authentication through forwarders.
email forwarding breaks DMARC.
when a message is forwarded through a mailing list or university relay, the original SPF alignment is lost.
ARC (Authenticated Received Chain, RFC 8617) preserves the authentication results across hops.
I built it because forwarding is the #1 source of false-positive DMARC failures.
-
ARC the protocol that saves DMARC from breaking on forwarded email
ARC (RFC 8617) fixes the problem where a forwarded email breaks SPF & DKIM, and as a result DMARC
each intermediary in the forwarding chain adds three headers:
- ARC-Seal
- ARC-Message-Signature, and
- ARC-Authentication-Resultsthese create a chain of custody
each hop attests to the authentication results it observed
-
Con una recente comunicazione ufficiale, Google ha annunciato la dismissione del fetch POP3 da account esterni in Gmail. Chi utilizzava questa funzione per consolidare più caselle email in Gmail si trova ora a dover migrare verso una soluzione alternativa: l’inoltro automatico (email forwarding) direttamente dal server di posta sorgente.
Questa guida documenta il processo completo per configurare correttamente l’inoltro da un dominio custom gestito con Postfix e Webmin verso Gmail, risolvendo i problemi di autenticazione SPF/DKIM che causano il blocco con errore 550 5.7.26.
Il problema: Gmail rifiuta le email inoltrate
Attivando l’inoltro automatico dal proprio server di posta verso Gmail, si riceve quasi immediatamente un bounce con questo errore:
text550-5.7.26 Your email has been blocked because the sender is unauthenticated.
Gmail requires all senders to authenticate with either SPF or DKIM.
DKIM = did not pass
SPF [dominio-originale.com] with ip: [IP-del-tuo-server] = did not pass
La causa è strutturale: quando il server di posta inoltra un messaggio, il mittente nell’envelope (Return-Path) rimane quello originale (es. [email protected]), ma l’IP che effettua la consegna è quello del tuo server. Gmail verifica l’SPF del dominio originale contro l’IP del tuo server — e ovviamente fallisce, perché il tuo server non è autorizzato a inviare per conto di domini terzi.
[…]
#CPostsrsd #DKIM #DMAR #dns #emailAuthentication #emailForwarding #gmail #linux #postfix #selfHosting #SPF #SRS #webmin https://www.b0sh.net/2026/02/gmail-abbandona-il-pop3-fetch-come-configurare-linoltro-email-con-spf-dkim-e-srs-su-postfix/ -
📧✨ Oh, joy! Another "revolutionary" email forwarding service promises lightning-fast delivery and unlimited addresses because managing 30K domains and 28M emails is an obviously unique feat. 🚀 Sign up for the 7-day trial—because who doesn't love trying *yet another* email service before canceling? 🙄
https://mailwip.com #emailservice #innovation #trial #technology #frustration #emailforwarding #HackerNews #ngated -
Automatic email forwarding to external domains is very risky. First, it can lead to exfiltration of sensitive internal information outside the corporate environment. But it can also cause account compromise, for example through password reset whose code arrives at some external address that may be under the control of an attacker.
How to block automatic external email forwarding? Read my today's blog post 👇👇
https://www.cswrld.com/2024/10/how-to-block-automatic-email-forwarding-in-office-365/
#exchangeonline #emailforwarding #automaticemailforwarding #office365 #block
-
Cloudflare Email Routing Fixed
TL;DR: Cloudflare needs to disable IPv6 that they use to communicate with the Gmail server to stop Gmail from bouncing all routed email.
Don't let Cloudflare support tell you that email routing to Gmail addresses is your fault. Support tried to brush me off and tell me that the problem was a result of me not turning off the sender verification in
-
Cloudflare Email Routing Broken
TL;DR: Cloudflare email routing and support sucks, move your email forwarding to ImprovMX.
One of the problems with hosting your website on a service like DigitalOcean is the fact that they don't offer email. If you want an email address associated with your domain you had to go elsewhere. For many years that was not a problem you could get a free Google Wo
-
CW: research review
E. Liu et al., "Forward Pass: On the Security Implications of Email Forwarding Mechanism and Policy"¹
The critical role played by email has led to a range of extension protocols (e.g., SPF, DKIM, DMARC) designed to protect against the spoofing of email sender domains. These protocols are complex as is, but are further complicated by automated email forwarding -- used by individual users to manage multiple accounts and by mailing lists to redistribute messages. In this paper, we explore how such email forwarding and its implementations can break the implicit assumptions in widely deployed anti-spoofing protocols. Using large-scale empirical measurements of 20 email forwarding services (16 leading email providers and four popular mailing list services), we identify a range of security issues rooted in forwarding behavior and show how they can be combined to reliably evade existing anti-spoofing controls. We show how this allows attackers to not only deliver spoofed email messages to prominent email providers (e.g., Gmail, Microsoft Outlook, and Zoho), but also reliably spoof email on behalf of tens of thousands of popular domains including sensitive domains used by organizations in government (e.g., http://state.gov/), finance (e.g., http://transunion.com/), law (e.g., http://perkinscoie.com/) and news (e.g., http://washingtonpost.com/) among others.
#arXiv #ResearchPapers #SPF #DKIM #DMARC #EmailForwarding
__
¹ https://arxiv.org/abs/2302.07287 -
Does anyone know of good #forwardMail alternatives that are free an #opensource?
ForewardMail is trying to force me into their premium plan because apparently my domain's gTLD (.cc) "is frequently used for spam operations." -_-
-
@askfedi
How to deactivate a DuckDuckGo masking adress?
#DuckDuckGo #EmailForwarding #email
