• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 278
  • Last Modified:

Mail Script Might Be "Seen" As Relay At GoDaddy

Hello Experts!

Please let me state from the beginning that I am NOT a “web dude” or site developer.  I’m just a lowly one man shop specializing in server and workstation hardware and software for SMB clients.  I learned a long time ago to leave the website stuff to the web developers.

I have a client that wanted me to move their pop mail from the control of their website developer for various reasons…mainly political.  The web developer is a pain to work with…and now after moving the mail from her control…says that any issues are now my problem because we took the mail away from her!

The problem I have is that after moving the mail pop accounts to GoDaddy, messages sent from the website, (not hosted by GoDaddy), via a contact form are not reaching the GoDaddy pop accounts.  Note that “direct sends” of mail to these pop mailboxes arrives fine.  I can send email to these users from my domain account, Gmail, and my personal Cox account.  Mail is reaching these mailboxes…EXCEPT…when it is sent from the website’s contact form.

As I said, I don’t maintain websites, but I managed to look at the contact form page and noticed in the code that the contact page uses a script called “ALLSTUFFMAILER.PHP”.  I am wondering if GoDaddy sees mail from this script as mail coming from a relay and therefore blocks it as spam.  Does anyone think this is the cause of my problem?  If so, what could I try to ask the web developer to change on her end…or is there something I could do with GoDaddy, (on my end), to allow this mail to reach these pop mailboxes?

For the record, I have tried using a mail forward to the intended destination mailbox as well as an actual mailbox.  Either way, mail sent form the site contact form to info@mydomain.com is not getting through.
0
snake454
Asked:
snake454
  • 6
  • 4
1 Solution
 
PapertripCommented:
What is the envelope-from address of the mails generated by the site contact form?  Is it mydomain.com or another one you own?  Does the domain in the from address have an SPF record that says the webserver is able to send mails for that domain?

Put the from domain of your mails into http://mxtoolbox.com/spf.aspx and make sure the IP of your webserver is listed.
0
 
PapertripCommented:
I should add that, it is possible the webserver is not directly sending the mail, but relaying through an upstream server.  If that is the case, then the IP of the upstream needs to be in SPF instead.
0
 
snake454Author Commented:
MX Toolbox reports that the MX record of the clients domain IS pointing to GoDaddy's servers: smtp.secureserver.net, (Pref 0), and mailstore1.secureserver.net, (Pref 10).

As far as "envelope information"...how would I get that info is the contact from mail is not getting delivered?  Looking at a contact form message the developer forwarded directly to the client...it looks like the sender, (in the body of the message), is the person filling out the contact form.  IE...if the site visitor is Joe Blow, the contact message looks like this:

---------- Forwarded message ----------
From: <Joe.Blow@cox.net>
Date: Wed, Oct 12, 2011 at 5:09 PM
Subject: Contact Form
To: info@myclientsdomain.com, webdeveloper1@gmail.com, webdeveloper@gmail.com
 
Time      :      October 12, 2011, 5:09 pm
Submitted from      :      http://www.myclientsdomain.com/about.php

Subitter IP      :      2X.2XX.1XX.1XX
Submitter Browser Info      :      Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1

Information from form:
________________________________________

First Name: Joe
Last Name: Blow
Email Address: Joe.Blow@cox.net
Phone:
Comments: Cyndi, please email me when you have a chance. I'd like to review the quote you gave me last month. THANKS!!

I know this is not envelope information but the actual forwarded message\text.  Wouldn't the developer have to forward me the envelope information?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
snake454Author Commented:
Important:  The developer is in control of the domain, DNS records, and website.  The only component I have is 6 mailboxes on GoDaddy.
0
 
PapertripCommented:
You could get the envelope headers by sending to an account that the mail doesn't get rejected at.  But the body from address being spoofed is enough to get rejected by most receivers, especially if the domain being spoofed is a "big" one (like cox.net).

it looks like the sender, (in the body of the message), is the person filling out the contact form
That's your problem, you are spoofing mails.

A valid way to continue doing this is to add a Sender header which has a domain that you own and can send mail from, but even that won't guarantee inbox placement.  So, either do that, or just change the from address to your domain and add the users email somewhere in the body (not in a header).
0
 
PapertripCommented:
You could also put the users mail in the Reply-To field as well to make things a bit "smoother" for your developers.
0
 
PapertripCommented:
You should find out what the envelope-from is being set to while investigating all of this, as that is what SPF works off of.  Make sure it is set to a domain that you are allowed to send mail for.
0
 
Ray PaseurCommented:
I am wondering if GoDaddy sees mail from this script as mail coming from a relay and therefore blocks it as spam.  Does anyone think this is the cause of my problem?

Yes, I think that could be one version of the problem.  I've encountered it in other installations (not GoDaddy) and the situation works something like this...  Let's say the site name is cheddar.com

1. Mail arrives from the remote server with a set of headers that look like it comes from cheddar.com
2. But the mail server checks the MX records and sees that it should be the source of messages from cheddar.com
3. So the header must be bogus.
4. Trash.

Does this make sense?  It does not to me.  If the most important thing in the world is to avoid spam, this is one way to do it, but as you have found out this is a very ham-fisted way to go about the problem of avoiding spam.

... is there something I could do with GoDaddy, (on my end), to allow this mail to reach these pop mailboxes?

Maybe, but that would require you to talk to GoDaddy tech support.  In my experience that has been an excruciatingly painful exercise.  I recommend you move the mailboxes to a different hosting company.  I use and am glad to recommend ChiHost.com.  Call them up, speak to Terry or Nick and describe the problem.  They will understand and can probably help you out.  You might also consider HostGator, DreamHost, Liquid Web -- they also have good tech support.

Best of luck with it, ~Ray
0
 
snake454Author Commented:
Thanks to both Papertrip and Ray_Paseur.  I have forwarded my concerns\suggestions Papertrip gave me to the developer but have not had a response back.

Papertrip
A valid way to continue doing this is to add a Sender header which has a domain that you own and can send mail from, but even that won't guarantee inbox placement.  So, either do that, or just change the from address to your domain and add the users email somewhere in the body (not in a header).

I have heard good things about HostGator but am inclined to stay with GoDaddy as that is where all my clients, domains, and email accounts are located.  It would be a big hassle to switch...unless I move this one, (subject), client.  Ray, you are right in saying GoDaddy's support is pretty bad.  As long as everything works OK, GD is great, but when there are issues...not so great.  Anyway, I'm going to give the developer a few more days to respond before I again ask for GD support or investigate moving to CHIHost or Hostgator.  Personally, I'd like to see the client dump the developer who basically says the whole issue is my problem.

I will keep this thread updated as we proceed.  MODERATORS....please leave this thread open as I work to solve this issue. It would REALLY help if the developer wasn't so insecure and paranoid!

THANKS!
Mick
0
 
PapertripCommented:
Hi Mick,

If the mail is coming from a server that your developer runs, and is not from a hosted server someplace, then switching from GoDaddy to some other provider for your mailboxes isn't going to fix the underlying problem.

FYI, the MX records of the sending domain do not play any part on the receivers end for your mails, unless mx:domain.com is listed in your SPF record, but that is besides the point for your particular issue.  Bottom line here is the problem is on the sending side and needs to be fixed there as I explained earlier.

Hope you hear from your developer soon, I'll be watching the thread for once you do.
0
 
snake454Author Commented:
Papertrip,

Thanks so much for your help.  The developer is a psycho, and for whatever reasons, is mad that the client asked me to move the email from her control.  Since I am now in control of the mail it's my problem because her contact form code works for "dozens" of other clients without issue, and therefore, couldn't possibly be her fault.

<START Developer Response To Issue - Edited to protect identities>

Reply#1
Reading <CLIENT'S EMPLOYEE> response - she's got it backwards.  The form *was* coming from the individual who completed the form, as the vast majority of forms out there do.  

The change <ME> suggested that we made was making the form come from *anonymous* so that it doesn't look like the form is coming from one address but contains the reply to of another address.  This format will prevent you from clicking "reply" to send the person a response.

Since every form I've every seen, interacted with, used etc. sends as if it were "from" the person submitting the form yet being sent by a different server and those get through without any problems all over the world -- I don't think that's the problem here.

Our SPF record has always been set up, it's something we have to have for anyone to get email.  Our DNS is working correctly or we'd have more problems than just your email, like websites not showing up and etc.


Reply#2
<CLIENT> -

Honestly, we don't have control of your email anymore.  <ME> has it.  There is nothing we can do from this end to correct the problem.  We have done our part in pointing the email to <ME> and that's working correctly or you wouldn't be getting any CLIENTS_DOMAIN.com email.  

I don't know what else to suggest other than the suggestions I made to <CLIENT'S EMPLOYEE> in the last email.  I've tried to remember to copy all of you in each email so if you didn't see it I apologize.

<DEVELOPER'S EMPLOYEE> made the change suggested to remove the reply to address off the form -- which has nothing to do with sending / receiving email - that's out of our hands  but now you won't be able to hit reply and respond directly to the person who sent the email.  That shouldn't be causing a problem because you were able to get the forms before (except <ANOTHER CLIENT EMPLOYEE who by the way, has a COX email address!!!!>).

It sounds like <ME> doesn't have a good understanding of what GoDaddy email does / doesn't do. I could be wrong.

<END Developer Response To Issue - Edited to protect identities>

Unbelievable!  I'll keep you posted but we all know where this is going.  One of us is going to loose the client...me or the developer.  In a way, I hope the developer keeps it!  :-)
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 6
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now