WordPress.org

Support

Support » Plugins and Hacks » Fast Secure Contact Form » [Resolved] Yahoo DMARC Policy Impacts FS Contact Form, Blocks Emails

[Resolved] Yahoo DMARC Policy Impacts FS Contact Form, Blocks Emails

  • I have discovered an issue where Gmail is rejecting messages sent by FS Contact Form if the “from” field contains a Yahoo email address. Upon closer inspection of the bounce error message received, I discovered the problem was caused by Yahoo’s new implementation of DMARC, or “Domain-based Message Authentication, Reporting & Conformance” (see dmarc.org for more info).

    To make a long story short, Gmail rejects the message because the FROM field in the email generated by FS Contact Form contains yahoo.com, and this is prohibited by Yahoo’s DMARC rules.

    To stop this from happening, it is very important that we can define an email address which we control, to be used in the FROM field. Actually, to be safe, the from_email field provided by the end user should never be included in the FROM field at all, because DMARC rules can prevent their message from being delivered.

    Yahoo’s DMARC changes have been recently implemented and have caused a stir in the email deliverability community. More can be seen at the following addresses:

    http://www.virusbtn.com/blog/2014/04_15.xml

    https://sendgrid.zendesk.com/hc/en-us/articles/201876356-Yahoo-DMARC-Changes-Message-not-accepted-for-policy-reasons-

    https://wordpress.org/plugins/si-contact-form/

Viewing 15 replies - 1 through 15 (of 19 total)
  • I find if you fill in

    Return-path address (recommended):,

    Enable ONLY when web host requires “Mail From” strictly tied to site.(optional, rarely needed)

    and fill in Custom Reply To (optional, rarely needed):

    The problem will be solved at least for yahoo.com I don’t think other yahoo.* domains are affected (yet)

    Plugin Author Mike Challis

    @mikechallis

    Plugin Author Mike Challis

    @mikechallis

    I just updated this help page again,
    http://www.fastsecurecontactform.com/yahoo-com-dmarc-policy
    Solution 2 will probably be required for DMARC compliance.

    Not sure what will happen in the future, but I estimate, DMARC might become pretty much a requirement if more email providers start requiring it..

    It was suggested above to fill in Custom Reply To, but I don’t think that setting is needed, follow my Solution 2 on the help page I posted.

    Thanks for addressing this, Mike – your “Solution 2” solved the issue on my end.

    Keep up the great work on FSContactForm!

    This is very troubling to me, because I only happened to run across this today, not realizing that this DMARC thing was going on.

    Is there any way that Mike can ‘push’ some sort of notification to Plugin users, in the event a problem like this crops up? This would be most welcome.

    (update edit) I tried Solution 2, and it works just fine. Since I had already been using a valid return-path email (tied to the domain), simply checking the ENABLE-only box was all that was required.

    Thanks very much for both explaining, Mike, and for having laid out a good plugin even before this DMARC stuff came up.

    So I wish I had found this sooner.. Been having issues with this which were compounded by my webhost’s own issues with delivering my domain based e-mails..

    I made the changes as per Solution 2, but I am finding that UNLESS I have an email address in the “Custom Reply To” field, that I get bounce back messages upon form submission like this one:

    This message was created automatically by mail delivery software.

    A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:

    youremailname@aol.com
    (ultimately generated from customerservice@mydomain.com)
    SMTP error from remote mail server after end of data:
    host mailin-04.mx.aol.com [152.163.0.67]: 521 5.2.1 :
    AOL will not accept delivery of this message.

    —— This is a copy of the message, including all the headers. ——

    Return-path: <customerservice@mydomain.com>
    Received: from myhostingaccount by biz150.yourhosting.com with local (Exim 4.82)
    (envelope-from <customerservice@mydomain.com>)
    id 1Wu0si-0003fr-GJ
    for customerservice@mydomain.com; Mon, 09 Jun 2014 07:49:04 -0700
    To: customerservice@mydomain.com
    Subject: Over the Hill Web Consulting Contact: Third one more test
    Date: Mon, 9 Jun 2014 14:49:04 +0000
    From: Sonny Crockett <customerservice@mydomain.com>
    Message-ID: <8e9a91bedb4a06f027c134ef45bbf2b8@mydomain.com>
    X-Priority: 3
    X-Mailer: PHPMailer 5.2.7 (https://github.com/PHPMailer/PHPMailer/)
    Reply-To: youremailname@aol.com
    X-Sender: customerservice@mydomain.com
    MIME-Version: 1.0
    Content-Type: text/html; charset=UTF-8
    Content-Transfer-Encoding: 8bit

    <html><body>
    <b>To:</b>
    Webmaster

    <b>Name:</b>
    Sonny
    Crockett

    <b>Email:</b>
    youremailname@aol.com

    <b>Subject:</b>
    Third
    one more test

    <b>Message:</b>
    Third one more test

    Akismet Spam Check: passed
    <div style=”background:#eee;border:1px solid gray;color:gray;padding:1em;margin:1em 0;”>Sent from (ip address):
    72.129.74.169 (cpe-72-129-74-169.socal.res.rr.com)
    Date/Time: June 9, 2014 2:49 pm
    Coming from (referer):
    http://mydomain.com/contact-us/
    Using (user agent):
    Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0

    </div></body></html>

    I would obviously prefer to NOT have to manually copy and paste the sender’s email address.. Is there a solution to this??

    Hi @divavocals, this thread is marked as resolved. It is best that you start a new support thread, that way you will get better support.

    Thank you

    Sure I will do that.. though TECHNICALLY the issue persists.. so it’s not truly “resolved” IMHO until the issue is gone under all circumstances.. Resolved around here seems to REALLY mean “nobody’s gonna respond anymore”..

    IJS..

    Agreed – I have found that I, too, now have to copy/paste the sender’s email address back into the “to” field of my email client.

    It’s very inconvenient, but I don’t see a way around this. How are other contact forms (in general) handling this issue?

    Agreed – I have found that I, too, now have to copy/paste the sender’s email address back into the “to” field of my email client.

    Yep.. and this is a PITA when replying on my smartphone..

    How are other contact forms (in general) handling this issue?

    Was wondering the same thing myself.. Might have to take a look around to find out..

    Oh but perhaps we should be having this discussion in the new post I started here: http://wordpress.org/support/topic/dmarc-policy-impacts-fs-contact-form-blocks-emails since this post is marked “resolved”..

    I’ve just posted this in Diva’s thread linked above, but for those of you who may find this thread in the future looking for a solution to your own email address being used by default when you attempt to reply to messages from FS Contact Form, here’s the solution:

    The address used in the “Return-path address” field MUST BE DIFFERENT from your email address which the emails will be sent to. Otherwise, if the “From” header of a received message is set to your own address, Gmail and other large webmail providers will ignore the “Reply-To” header and direct the message back to you. (This behavior is documented here.)

    Hopefully this can be mentioned in the FS Contact Form settings or on the plugin’s DMARC policy page.

    Plugin Author Mike Challis

    @mikechallis

    Thanks DeltaHF I will note those changes in both places.

    When you say “he “Email To” and the “Return-path address” should ALWAYS be separate REAL email addresses on the SAME DOMAIN as your web site (don’t skip this important step!).”

    Do you mean if i use mrppp@mysite.com the return path can’t be same use say info@mysite.com instead?

    What does all this mean for the average user? I’m thinking of not using this plugin because it appears from this thread that there’s a problem.

    Hi @greybird there is no problem with this plugin. 100s of Thousands use it all the time without any issues. You will notice that this is issue has also been resolved.

Viewing 15 replies - 1 through 15 (of 19 total)
  • The topic ‘[Resolved] Yahoo DMARC Policy Impacts FS Contact Form, Blocks Emails’ is closed to new replies.
Skip to toolbar