I have a big issue here. A friend of mine has lost access to his facebook account and want to recover it.
Unfortunately, he used a #hotmail.fr email address as its security address and cannot receive any instructions to recover his password since #hotmail.fr are now deleted and forbidden by Microsoft.
Any idea on how I could help him? I have thought about emulating the #hotmail.fr address somehow - but never did that before!
Related
Ok, I am working on an invite system for my work, the invite system sends an email to the recipient with a link containing a unique token allowing them to sign up.
The issue is, now that I am actually testing it, the emails are marked as "This message seems dangerous" by gmail, This looks really bad for the company. I have not been able to find any information on what triggers this.
The email is being sent via office365(SMTP) as that is what our email is set up with to try and avoid this kind of thing.
I have seen comments online that it may be due to the token link, If so, how else am I meant to do this?
My team supports a website for a client, and we use SendGrid to send email related to the site on their behalf.
We do not have anything to do with their own email server and I don't at present know anything about it.
So far as I can work out, SendGrid has proper authentication and is an authorised sender for their domain, and almost 98% of email is delivered successfully.
However, we have had a handful of bounces with the reason "550 relaying denied" and all of these were to addresses at our client's domain (the same one as their website and the from address of the emails.)
Most emails to their domain were delivered successfully.
Unfortunately I don't have access to the full headers of the bounce emails, only the reason.
I understand that in general this error can either be caused by
the sender not being authenticated correctly. I am very far from being an expert in this but so far as I can tell, there is nothing wrong there. Or
a DNS or similar misconfiguration on the part of the recipient's email domain. I have even less understanding about this and I have no access or responsibility for the client's email server.
My main question is, is there any way the domain being the same as the from address could be related? Being as the email is claiming to be from the same place it's sent to, is it possible for that to affect how it's handled by relays?
If not, I'd also appreciate any pointers on where to look for the issue (or what to advise the client to look at if the problem is likely to be from their end.) I have been trying to research issues with email configuration and authentication but I am very much a novice in this area.
Thanks in advance.
The domain being the same could very well be related, but normally when that happens, the receiving server refuses all mail purporting to be from itself.
Separate from DKIM & SPF, most mail servers believe they alone are responsible for the mail from their domain.com. As such, a lot of them have anti-phishing filters that reject "outside" mail that claims to be from themselves. It's like "You can't be Carrie, I'm Carrie! Go Away!"
The fact that it's only some mail is interesting. The error being relay denied may also be key, though these anti-phishing filters often use "fake" errors to not give away the game.
Do the recipients of the messages that are being rejected have some kind of internal forwarding applied? That may be the cause, in which case that bounce reason is honest.
Or they may have a more defined anti-phishing feature, only rejecting mail From or For certain addresses. You can try testing certain combinations, and see if anything is repeatable.
Ultimately however, it will come down to working with the receiving mail domain's admin, and either updating those rules, or whitelisting the SendGrid IPs that are sending the mail to them.
I'm sure this must exist, but I can't find anything anywhere that does this. What I want is some online service that provides an email address I can send an email to, and guarantee that it will always bounce.
The reason I want this is to test the bounce-handling functionality of a piece of software. Obviously I can use some kind of valid address that I know doesn't exist, but that doesn't seem like good practice, even though this is only for a one-off test, not something that will be automated (at least not yet).
Ideally, I'm looking for something like Mailinator, but where I can send messages, see them pending, and choose whether to bounce them, and what type of bounce.
Google did turn up this address bounce-test#service.socketlabs.com, but as far as I can tell, it's no longer bouncing messages, because when I try it I'm not getting anything back.
Any suggestions?
EDIT
As per John's post below, the service seems to be working again - tested on 30th September 2016 from Gmail, and got a bounce response within 5 minutes.
We have a bounce test email which we recommend to our customers and anyone is free to use it.
It just replies back:
:fail: No such person at this address.
The email is: bouncetest#tribulant.com
We have it listed in our documentation for our newsletter plugin for WordPress: http://tribulant.com/docs/wordpress-mailing-list-plugin/382#doc1
Hopefully someone will find this useful since there doesn't seem to be any easy way of testing bounces like this specifically.
I use bounce#simulator.amazonses.com for AWS SES.
http://docs.aws.amazon.com/ses/latest/DeveloperGuide/mailbox-simulator.html
From the above page:
"You can only access the mailbox simulator by using Amazon SES. You cannot access it from an external mail server."
It's worth noting that bounce#gmail.com bounces, with a 'no such user'. To verify (even though the likelyhood was low), I attempted to create an account in gmail as bounce#gmail.com, and it failed stating it was already taken. So clearly google has reserved the address, and the only use it could possibly have is to generate bounces.
Even though - as of 07mar2019 - the bouncetest#tribulant.com still works, bounce#gmail.com is also a fair alternative.
Curiously, bouncetest#gmail.com....gets delivered. Whether there's a human on the other end is a question yet to be answered...
I work over at SocketLabs. First, I apologize that we are seeing this message so late. I just wanted to stop in and provide some follow-up on this issue for anyone who is still interested.
The SocketLabs bounce email address is working. I tested it on Friday, September 23, 2016 and successfully received a bounced message.
The address is bounce-test#service.socketlabs.com
I would suggest trying again. Or contacting support. Our support team is very responsive and friendly. Here's a link to reach the support staff. https://support.socketlabs.com/
http://www.socketlabs.com/blog/bounce-and-feedback-loop-test-addresses/
bounce-test#service.socketlabs.com
Since the Socketlabs service is no longer active and the SES simulator is only for sending from local SES accounts, I ended up having to use my own domains hosted at either Google Apps or cheap shared (CPanel) hosting:
For soft bounces, set up an email account and set it to suspended.
For hard bounces, send email to an invalid address (and make sure you don't have catch-all turned on)
Having problems with setting up my website to use MS Exchange to send emails. I dont want to use the hosts email system.
The MS Exhange has been set up, with email addresses created.
My webpages are using Persits.MailSender which the host supports.
Do i need to change MX records? A records?
Sorry, im not clued up with network side of things, any help would be appreciated
When i email direct, the email address on the exchange picks up the emails. BUT if i email through the website, it goes to the annoying webmail the host is provinding, and not to the exchange
I find this strange, the same email address receiving emails at different places!
Im using ASP, and I have a website set up, which has been sending emails for the last 12 months, the host has messed up (again) somewhere, but doesnt know what is wrong (as usual)
There are no errors, the email always gets sent.... but to the wrong place.
I would look into actually trapping and knowing your errors. That way you can see precisely why it fails and have something to work with. As it stands, your question isn't really answerable. No language nor framework is provided. We don't know if the mail server is confirmed to be working or accessible outside your netowrk; we don't know how your are referencing it or if you are passing user credentials; we don't know what error you're getting...
At this point, you're not debugging, you're just sort of swinging in the dark. Find the point of failure and then research that data point to get a solution. Debug, catch errors, log, step through your code. All good ideas.
Ok i figured it out, I deleted the mail domain on the host as that was the first place the website looks to send an email. Once the mail domain was deleted the emails were sent to the external hosted mailserver MS Exchange email address. Yay!
At the moment, we are sending an email address verification email each time someone signs up. This email has been causing a number of problems: people don't get it, they just don't click the link in the email or the email gets block by spam or some other method. We are working on resolving the spam issue, although I don't think it's possible to completely resolve it.
I'm wondering what other methods there might be for verifying and email address. Is there any other way to verify an email address without sending an email? Or is there another method of ensuring people aren't signing up with fake information?
I'm not sure if there are other good methods, but sending an email and having them click a link is definitely the simplest and most accurate.
A main feature to sending that email, is for the person to verify that it's actually them that requested it.
The only way to verify someone owns an email address is to have him use it.
As for verifying users don't enter fake information - not even sending an email can help. With so many disposable/temporary email services out there (like GuerrillaMail) , someone can fill up your form with false info, post a temp email address, log to that address and click the link in your email - manually or programatically.
You have to trust your users to come back for your content, and ignore spammers.
strikeiron.com offers a paid web service to verify if an email exists without sending a message to that email. try it out here is the link: strick
http://www.strikeiron.com/Catalog/ProductDetail.aspx?pv=5.0.0&pn=Email+Verification