Rename Received header during SMTP so Gmail passes SPF
Background:
I use the SMTP server at my domain to send email using Outlook on my laptop. Gmail is reporting SPF failure because gmail is checking the IP from the earliest Received header, that is, from the header that shows my home office IP. Of course that home office IP should not be part of my domain's SPF. Note: If you do a search, you will see numerous mentions of this issue of Gmail doing an SPF check against the user's IP rather than against the SMTP server's IP and thus SPF failing.
Partial solution:
Based on what I read in another cPanel forums post, I was able to configure exim to remove the earliest Received header during SMTP, that is, the header that shows my home office IP. Gmail now shows SPF passed since it now checks my SMTP server's IP. See the following post Q2:
Alternatively, is there a way to configure exim to add a new header that copies the value from another header? For example, adding "X-Received", copying from "Received".
Thanks.
-
After looking at the exim documentation, I was able to do what I wanted by also using an add_header modifier: warn message = Remove internal headers add_header = X-Received: $header_Received remove_header = Received
The above setting has the following effects:- Adds "X-Received" header based on "Received" header value
- Removes "Received" header
- Adds "X-ACL-Warn: Remove internal headers"
0 -
I'm glad you were able to find a solution! 0 -
Observation: After looking at the headers of some emails that I received from third-parties, I noticed that all incoming emails are being modified, not just the emails that I send. Those incoming emails all contain X-Received header(s) and a "X-ACL-Warn: Remove internal headers" header -- at least I know the original Received header(s). Problem: Ideally, I had wanted to only modify outgoing emails that I send through my SMTP server from Outlook on my laptop. Currently, all emails are being modified. Q: What variation on the solution mentioned earlier must I do to have only my outgoing emails be modified? Is there some condition that I must add, or perhaps set some other ACL besides acl_smtp_data:custom_begin_outgoing_smtp_checkall ? Thanks. 0 -
Followup. I have removed the above setting of acl_smtp_data:custom_begin_outgoing_smtp_checkall since it no longer appears to be necessary. It appears that Gmail is now correctly checking the IP address of my mail server (appears in the penultimate Received header) rather than the IP address of my home office (appears in the last Received header). I don't know when Gmail corrected their SPF checking. Also, I did not have to add the IP address of my home office to my domain's SPF record (of course it makes no sense to do add it, but some other posts elsewhere suggested adding it until Gmail fixed their SPF check). Note: Removing Received headers via the setting was causing an issue with Mail Delivery Reports. The open message action (envelope icon) was reporting <> That feature relies on a Dovecot search to find the message and it looks in the Received headers for the message ID, and since there was no Received header with that ID (Received headers were changed to X-Received headers), no message was found. Thanks. 0
Please sign in to leave a comment.
Comments
5 comments