I am trying to understand the email header and I found out using email header checker (i.g. mxtoolbox) can easily get the information. But I wonder how does this work?
For example, I have a email header showing like this:
Received: from DM5PR04MB0251.namprd04.prod.outlook.com (::1) by
DM6PR04MB6592.namprd04.prod.outlook.com with HTTPS; Tue, 13 Sep 2022 00:17:52
+0000
Received: from DB6PR1001CA0016.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:4:b7::26)
by DM5PR04MB0251.namprd04.prod.outlook.com (2603:10b6:3:74::12) with
Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5612.22; Tue, 13 Sep
2022 00:17:51 +0000
Received: from DB8EUR06FT019.eop-eur06.prod.protection.outlook.com
(2603:10a6:4:b7:cafe::4b) by DB6PR1001CA0016.outlook.office365.com
(2603:10a6:4:b7::26) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5612.14 via Frontend
Transport; Tue, 13 Sep 2022 00:17:51 +0000
...
...
And it shows blank in the from information.
Do you know why is this?
Related
I have read (https://support.google.com/mail/answer/12096?hl=en) that any Gmail account can receive emails for its plus alias.
So for account#gmail.com when I send email to alias+account#gmail.com
I receive following reply:
Delivery to the following recipient failed permanently:
alias+account#gmail.com
Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the server for the recipient domain nabastu.cz by aspmx.l.google.com. [2607:f8b0:4001:c0e::1b].
The error that the other server returned was:
550-5.1.1 The email account that you tried to reach does not exist. Please try
550-5.1.1 double-checking the recipient's email address for typos or
550-5.1.1 unnecessary spaces. Learn more at
550 5.1.1 https://support.google.com/mail/answer/6596 u32si667450ioi.23 - gsmtp
----- Original message -----
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20120113;
h=mime-version:date:message-id:subject:from:to:content-type;
bh=rV2o3HVMVpR5MzzOppyyRucNhMlqT6oztVlsvvbztMY=;
b=g3Wl9gFGh0YR5IHnkD8E9o4PITh9PRE5TUyHPKt7/spToDsItGQKuKKLKn6iUgkyDG
rqEmGC/jGVIP2z2T1cbSjAvJS5nl2Ti5khtUhZs2C8LddJEtGrRxZDCuFYdObBK9dUWU
1o0oYHQNEhC4WROuUWp25NFNKv45Tz4XMgWl90T1ZBsWHRczZIAk0EGbwxz6kG20PhEv
1r/a7/dnYshjVJOfDUvwg5gSF8zd2mZ8/DspuqALbkeRJCVpMGSL+jp1XmH18U8cPFRd
bVJ4y7HDTOqsVfF1urWbk8OMDNhycR/94ZvickFQ39MMRgX4tNNZj7reQdbWOSzR38uV
0YLw==
MIME-Version: 1.0
X-Received: by 10.107.135.30 with SMTP id j30mr46117827iod.148.1448720587099;
Sat, 28 Nov 2015 06:23:07 -0800 (PST)
Received: by 10.79.67.134 with HTTP; Sat, 28 Nov 2015 06:23:07 -0800 (PST)
Date: Sat, 28 Nov 2015 15:23:07 +0100
Message-ID: <CABdkat6ymw=nv3WbPZOgnpdq2vC+FhF0Q7VXqLJ2GzcUdX43CQ#mail.gmail.com>
Subject: Alias
From: bankify bankify <my.account#gmail.com>
To: alias+account#gmail.com
Content-Type: multipart/alternative; boundary=001a113ec64af9129a05259a8b25
test
Do I need to enable something? Or this functionality is no longer available?
You need to put it the other way around, so instead of alias+account#gmail.com, use account+alias#gmail.com.
I send an email through send grid using SendGridMessage.DeliverAsync. It takes about 20 minutes for the email to arrive. I am pasting below the header information of the email as received by the recipient. All company information has been replaced by fictional data:
Return-path: <bounces+1776648-b90d-rec=example.com#sendgrid.me>
Envelope-to: rec#example.com
Delivery-date: Wed, 27 May 2015 15:48:53 -0400
Received: from o1.f.az.sendgrid.net ([208.117.55.132]:22426)
by server37.web-hosting.com with esmtps (UNKNOWN:DHE-RSA-AES128-GCM-SHA256:128)
(Exim 4.82)
(envelope-from <bounces+1776648-b90d-rec=example.com#sendgrid.me>)
id 1YxhJt-003sMA-8G
for rec#example.com; Wed, 27 May 2015 15:48:53 -0400
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sendgrid.me;
h=content-type:mime-version:from:to:subject; s=smtpapi;
bh=e8YGVEGwW8wzxqhpuiTstqZPRIs=; b=MLyTlQTi5Y4eOlmcNk65t0Fqv+8cp
WoAtekeb+ld1HBI1kk4CQ1ycmJ7LP6r/ZJKI0+0+fwy0hsO5F7ywT7twv6t9Z/M2
BYxCuE5heMWP5tjyIkfJYjIDf8fT3OM43bq30+NC69GQWJFr+CHn2ms/OgmSahvD
PhQ71p1yBFagxY=
Received: by filter-403.sjc1.sendgrid.net with SMTP id filter-403.17268.55661A831A
2015-05-27 19:27:00.592426035 +0000 UTC
Received: from MTc3NjY0OA (unknown [23.97.229.110])
by ismtpd-004 (SG) with HTTP id 14d96d793b7.30c5.15e6fe
Wed, 27 May 2015 19:27:00 +0000 (UTC)
Content-Type: multipart/alternative;
boundary="===============1502686111627047378=="
MIME-Version: 1.0
From: Example Support <admin#example.com>
To: Rec Martel <rec#example.com>
Subject: Thank you for Signing up with Example!
Message-ID: <14d96d793b7.30c5.15e6fe#ismtpd-004>
Date: Wed, 27 May 2015 19:27:12 +0000 (UTC)
X-SG-EID: IASZyfUggCe5SBfFgEPkfXBDb6ZCY09R57ALGWkRenTMTMZdvb6XDq63Z6REVqqqqh1THbQI2y+Su7
fi7CkNm41AX9xYJayZj7L4Nq9kdKIQjkQVy89oVT4OWeRVj/QSAmE5TEgSMY+XRBmQ/JygwCuz1U6r
eB7+RE6w3Aht84U=
X-From-Rewrite: unmodified, no actual sender determined from check mail permissions
Can anyone tell me why the delay is happening and how can I fix it?
Regards,
Zawar
If you experienced this within the last hour (as per your question timestamp) it is likely because Sendgrid is currently experiencing a serious outage which is causing ~60 min. email delays in some cases.
On our server, we keep receiving spam with the following headers. We are using whm 11.44 and exim.
Return path is always:
Return-path: <>
and it says Received: from unknown (HELO localhost)
Both which raise flags. We're just not sure exactly how to stop/reject them.
From - Mon Feb 16 14:27:02 2015
X-Account-Key: account3
X-UIDL: UID10475-1296887657
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-path: <>
Envelope-to: me#myserver.com
Delivery-date: Mon, 16 Feb 2015 09:13:38 -0600
Received: from [122.160.73.62] (port=10732 helo=122.160.73.62)
by myserver.myserver.com with smtp (Exim 4.82)
id 1YNN0Z-00056c-7P
for me#myserver.com; Mon, 16 Feb 2015 08:50:47 -0600
Received: from unknown (HELO localhost) (intlimd#highgrove.net#214.92.72.48)
by 122.160.73.62 with ESMTPA; Mon, 16 Feb 2015 20:23:11 +0530
From: intlimd#highgrove.net
To: myemail#myserver.com
Subject: Do not disapoint your girl this night
http://mandatory.natur.com/ Real magic in your life
Can you please check the full logs of your this mail with the following command and let me know so that we can assist you.
cat /var/log/exim_mainlog | grep 1YNN0Z-00056c-7P
I'm using JavaMail 1.4.7, and a specific message in my mail account contains the header:
Received: from ... (localhost.localdomain [127.0.0.1])
by ... (lmtpd) with LMTP id 25811.002;
Tue, 12 Nov 2013 16:52:11 +0100 (CET)
Subject: CONSEGNA: numerodacontare
Date: Tue, 12 Nov 2013 16:52:11 +0100
And for this message
getReceivedDate() =Tue Nov 12 16:52:10 CET 2013
getSentDate() =Tue Nov 12 16:52:11 CET 2013
So it seems that the message has been received before sending it.
How should this be interpreted?
What is exactly the difference?
Is this behavior common for all mail server?
The Problem: All Wordpress registration emails (with the password) are getting blocked by google.
Details:
The site's email is currently being hosted by google apps. THOSE emails WILL send to gmail addresses. So the problem is specifically emails generated by Wordpress.
What I've tried:
I've installed several SMTP plugins, and they all allow me to generate test emails (via the plugin settings page) to my gmail account. However, they do not resolve the issue for new user registration emails.
I've also attempted to change the "from" email settings, but I'm not really sure how to do this. You can see in the email header pasted below, that I'd probably need an address that ends with #performancehosting.axiom9.com for this to make any difference.
Review:
It sounds like wp_mail() is the problem, I'm hoping someone can offer a solution. My suspicion is that it has something to do with the return-path in the email's header, but I'm not sure what to do with this information.
Here is the header from the email generate by Wordpress (which won't arrive at gmail addresses):
Subject:
[Street Of Walls] New User Registration
From:
Street Of Walls <info#streetofwalls.com>
Date:
9/8/11 6:24 PM
To:
e#thesecretaddress.com
Return-path:
<info#streetofwalls.com>
Envelope-to:
e#thesecretaddress.com
Delivery-date:
Thu, 08 Sep 2011 16:24:51 -0600
Received:
from mail-qw0-f46.google.com ([209.85.216.46]) by box780.bluehost.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) (envelope-from <info#streetofwalls.com>) id 1R1n1f-0002NF-Ol for e#thesecretaddress.com; Thu, 08 Sep 2011 16:24:51 -0600
Received:
by qwb7 with SMTP id 7so843432qwb.19 for <e#thesecretaddress.com>; Thu, 08 Sep 2011 15:24:50 -0700 (PDT)
Received:
by 10.224.78.146 with SMTP id l18mr1081350qak.81.1315520690356; Thu, 08 Sep 2011 15:24:50 -0700 (PDT)
Received:
from www.streetofwalls.com (performancehosting.axiom9.com. [69.175.2.122]) by mx.google.com with ESMTPS id el2sm4364671qab.2.2011.09.08.15.24.49 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 08 Sep 2011 15:24:49 -0700 (PDT)
Message-ID:
<f4927d34a6faf41bd2c8514296228fc3#www.streetofwalls.com>
X-Priority:
3
X-Mailer:
PHPMailer 5.1 (phpmailer.sourceforge.net)
MIME-Version:
1.0
Content-Transfer-Encoding:
8bit
Content-Type:
text/plain; charset="utf-8"
New User Registration on your site:
Street Of Walls
User ID: 69
Username: emerson
Email: e#thesecretaddress.com
IP Address: 132.216.228.76
It turns out that there was a plugin which was probably to blame. I changed the site's configuration to use the default Wordpress "new user" email and it suddenly worked. It would still be interesting to understand more about the interface between Wordpress and PHP_mail(), but my problem is solved for now.