Unable to receive emails from twitter for forwarders
Since last Friday we have been unable to receive messages from twitter if the emails is delivered via a forwarder. The issue started after last cPanel update.
We receive messages from anywhere else but not from twitter e.g. twitter confirmation (s) are not delivered.
We contacted the hosting company and this is what they had to say:
"
What I noticed has been configured in your cPanel is a list of email forwarders that redirect mail to one mailbox. Unfortunately, when a message is forwarded, its headers still indicate that it has been sent from twitter.com, except the IP address of your server does not match any IP addresses associated with Twitter. Therefore this type of arrangement is in violation of Twitter's SPF record:
$ dig bounce.twitter.com TXT +short
"v=spf1 ip4:199.16.156.128/26 ip4:199.59.150.64/26 ip4:199.59.148.224/27 -all"
I would recommend addressing mail from Twitter directly to the email account you ultimately want to receive it in
"
In regard to cPanel update the admin said: "This appears to be when you started to have issues with the emails not functioning. It is highly likely that these changes are part of security updates with the service to help authenticate emails, protect against email spoofing, and to help prevent spam "
Is there a way out other than having to create a mailbox for each email/domain we want to receive? We have several domains and but won't want to login to each. So, we have forwarders that delivered the emails to one mailbox. Note: 1. The forwarders work for all others source (s) - including gmail, yahoo - but fail only for twitter 2. Till a week ago messages from twitter have been forwarded properly for over 2 years Thanks.
In regard to cPanel update the admin said: "This appears to be when you started to have issues with the emails not functioning. It is highly likely that these changes are part of security updates with the service to help authenticate emails, protect against email spoofing, and to help prevent spam "
Is there a way out other than having to create a mailbox for each email/domain we want to receive? We have several domains and but won't want to login to each. So, we have forwarders that delivered the emails to one mailbox. Note: 1. The forwarders work for all others source (s) - including gmail, yahoo - but fail only for twitter 2. Till a week ago messages from twitter have been forwarded properly for over 2 years Thanks.
-
You can enable Sender Rewriting Scheme (SRS). Sender Rewriting Scheme - Wikipedia, the free encyclopedia WHM " Service Configuration " Exim Configuration Manager Under Mail section --> Enable Sender Rewriting Scheme (SRS) Support 0 -
Thanks for response. We have checked 'Sender Rewriting Scheme' on affected server and found it's OFF. We also did some tests on 2 more servers ('SERVER 2' & 'SERVER 3') running cPanel and the messages from twitter were delivered. While we don't have admin access to one of the server we checked and verified 'Sender Rewriting Scheme' is OFF on other. So, here we have 2 servers, both with 'Sender Rewriting Scheme' OFF, but one is able to forward twitter messages while the other doesn't. We also did tests on a fourth server ('SERVER 4') and it can't send emails from twitter to a forwarder except if the forwarder is on the server or a domain not in same network, e.g. gmail, yahoo or any domain not hosted on same network i.e. it can send emails from twitter to a forwarder with destination on any other server except first server ('SERVER 1'). In summary: 1. Only twitter messages from domains hosted on 'SERVER 1' to a forwarder with destination emails on domains hosted on 'SERVER 4' (and vice versa) fail 2. Both 'SERVER 1' and 'SERVER 4' are hosted within same network 3. Twitter messages from domains hosted on 'SERVER 1' or 'SERVER 4' can be send to forwarder (s) with destination emails (s) on domains hosted n other networks, whether the outside networks run cPanel or not Thanks. 0 -
We followed this matter a little more with the hosting company and this is what they said: ' Incoming emails can be blocked with mail filters on the recipient's mail server. In this case, it appears that one domain is attempting to send an email (DOMAIN 1) on behalf of another domain (DOMAIN 4). Since they are hosted on different servers, the SPF record for DOMAIN 4 can deny DOMAIN 1 from sending emails on it's behalf, as the SPF record is made specifically to authenticate emails. That explains why the error says "550 SPF: IP 1 is not allowed ...". '
DOMAIN 1 => domain on SERVER 1 DOMAIN 4 => domain on SERVER 4 IP 1 => IP address for DOMAIN 1 (SERVER 1) We are not sure whether this is entirely true since we has earlier tried to remove SPF on DOMAIN 4 but this did not help resolve the issue. 2ndly, how comes the SPF restriction only affects twitter.com and no other domain? But if it is the case how can we change the SPF such that the forwarders work as previously? Thanks.0 -
Hello, As of cPanel 58, the Reject SPF failures option is now always enabled through SpamAssassin, and we removed the option from WHM's Exim Configuration Manager - Basic Editor interface (Home >> Service Configuration >> Exim Configuration Manager). You may find the following thread helpful if you want to exclude certain hosts such as Twitter from SPF verification: SPF checker in WHM Thank you. 0
Please sign in to leave a comment.
Comments
4 comments