Charity Struggling with Email Forwarding Issues

Hi
I belong to a local charity and we are having big issues with our email delivery. They have lots of volunteers and don't want their personal email addresses published. So they have set up forwarding on their hosted mail platform.

This means that Joe Public sends an email to the charity email address and it in turn is forwarded in the background to 10 volunteers to their own personal email addresses. For some reason, it fails for some inbound emails. Particularly from Yahoo.co.uk email addresses. The inbound email never makes it to the volunteers' personal accounts.

So if Joe Public sends an inbound email from abc@Yahoo.co.uk to the published charity address it never arrives and he doesn't get an error back.

Someone has mentioned DMARC and SPF, but I don't know how or what to check on the domain.

The domain is TrinityChurch.tc. Can anyone point me in the right direction please? I am struggling with the hosting provider as I'm not sure what to ask them to look at.

Thanks!
everycloudAsked:
Who is Participating?
 
Simon Butler (Sembee)ConsultantCommented:
There is nothing you can do about this. You will need to find another solution.
You are being caught by the anti-spoofing measures that are in place. It isn't your domain that has the problem, it is the original sending domain.

Consider this:

User 1 (user @ example.com) sends an email to staff member ( staff @ example.net)
Your server (mail.example.net) is configured to send all email sent to staff @ example.net to staff @ yahoo.co.uk.

The email hits Yahoo's servers. Their server then looks to see where the email has come from. It is coming from mail.example.net. However the SPF record for example.com says that only post.example.com can send email for example.com, so the SPF record lookup fails and the email is bounced.

Yahoo are very hot on spoofing, they have been a major driving force behind most of the anti-spoofing measures introduced in the last few years.

You can put as many DMARC, SPF and DKIM measures as you like on your own domain, it will make no difference at all.

Your only option is for everyone to have email on your platform and they collect email from there. Nothing else will guarantee delivery.

You could do some header rewriting or use rules within the mailbox to forward the email.
However both of those will stop the recipient from replying to the email with additional work, as they will hit reply and it will go back to the sender, which will be their internal mailbox. It would require the recipient to find the original sender address, replace the To line with the address and then send.

Sending email must also be a problem for those users.
They are either replying with personal email addresses, or are setting up accounts to send email through. Unless they are sending email through your server, you would have to operate with no anti-spoofing measures on your domain at all, so they could send through their own ISPs servers.

Simon.
0
 
everycloudAuthor Commented:
Hi

Thanks for this very clear and detailed explanation. We will investigate alternatives.

Thanks!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.