Problem Emails not encrypted and seen as Spam / Phishing
- Thread starter OliverRC
- Start date
OliverRC
New Member
Hi @Sandara, yes I was able to fish the email out of my Spam folder but it would be great if emails from the forum were correctly set up so email clients don't automatically show giant warnings, automatically mark them as spam / phising and were encrypted.
Respectfully I don't see how this is "Fixed"
Respectfully I don't see how this is "Fixed"
Only started the past few days for me
OliverRC
New Member
I'm sorry, but as a software developer and IT guy by trade, I can say that your email system is not working correctly if Gmail is reporting your emails like this hence me raising it.
From what I can see it does not have anything to do with the content of the email but more the way the mail server is configured.
From what I can see it does not have anything to do with the content of the email but more the way the mail server is configured.
I've been getting it for a while , but only in gmail.
Also IT guy by trade,
I’ve ran a quick scan on the domainname and saw that your ceritificate is not valid for mail.audi-sport.net. Your issue lies somewhere that the certificate from Lets Encrypt is handed out for webmail.audi-sport.net and you are using mail.audi-sport.net as hostname of your emailserver sending out emails(?). This would make sense regarding the warning as you send out emails with a certificate to mail.audi-sport.net and your webserver DNS resolves to webmail.audi-sport.net. This does not match making the certificate invalid. Not 100% sure on this one as I can not check your environment.
Also, looking up the SPF record I noticed you guys didn’t put a hardfail (-all) in the record but rather a softfail (~all). This could potentially cause your domain name to be spoofed as with a softfail like you have configured now the receiving emaillserver does not check if the sending emailserver is set within the SPF.. well, it does, but as its a softfail it will just let it through either way. So, Somebody could potentially spoof the domainname with his/her own mailserver… FYI.
Sooooo, lets get your IT guy to work here
I’ve ran a quick scan on the domainname and saw that your ceritificate is not valid for mail.audi-sport.net. Your issue lies somewhere that the certificate from Lets Encrypt is handed out for webmail.audi-sport.net and you are using mail.audi-sport.net as hostname of your emailserver sending out emails(?). This would make sense regarding the warning as you send out emails with a certificate to mail.audi-sport.net and your webserver DNS resolves to webmail.audi-sport.net. This does not match making the certificate invalid. Not 100% sure on this one as I can not check your environment.
Code:
Cert Hostname DOES NOT VERIFY (mail.Audi-sport.net != webmail.audi-sport.net | DNS:webmail.audi-sport.net)
So email is encrypted but the host is not verified
Not Valid Before: Mar 10 04:26:10 2022 GMT
Not Valid After: Jun 8 04:26:09 2022 GMT
subject= /CN=webmail.audi-sport.net
issuer= /C=US/O=Let'sAlso, looking up the SPF record I noticed you guys didn’t put a hardfail (-all) in the record but rather a softfail (~all). This could potentially cause your domain name to be spoofed as with a softfail like you have configured now the receiving emaillserver does not check if the sending emailserver is set within the SPF.. well, it does, but as its a softfail it will just let it through either way. So, Somebody could potentially spoof the domainname with his/her own mailserver… FYI.
Sooooo, lets get your IT guy to work here
Last edited:
I got one today.
Red flagged as spam.
The post it showed doesn't exist on the forum - so on this occasion it really was spam.
Red flagged as spam.
The post it showed doesn't exist on the forum - so on this occasion it really was spam.
