Email: X-Authentication-Warning

Question

We're sending out 1000's of mails per day from our site (mainly "click here to verify your subscription") and too many are getting flagged by spam (mainly hotmail). One of the things I noticed in the headers is

X-Authentication-Warning: srv01.site.com: www-data set sender to site@site.com using -f

Is this something I should be worried about, that may cause spam flags to raise?

(I'm already checking various issues that have been mentioned regarding spam flagging over at stackoverflow, I know there are many factors in play)

score 4 · Answer 1 · answered Mar 25 '10 at 11:34

You can stop that header appearing by configuring www-data as a trusted user in sendmail. Assuming your sendmail is standard the simplest way is usually to add www-data to /etc/mail/trusted-users.

Note that if you're using a relatively recent version of sendmail (8.13 onwards) you may need to configure it in the mail submission configuration (submit.mc/submit.cf) instead. See the sendmail documentation for more information.

score 0 · Answer 2 · answered Mar 25 '10 at 11:31

0

Use a SMTP client/library in your application and send your mails directly to the SMTP gateway. You will not send them thru sendmail, which add this line.

answered Mar 25 '10 at 11:31

Dom

6,793

You mean something like Swiftmailer? We're on a LAMP platform. – stef Mar 25 '10 at 11:34
I don't know Swiftmailer before you gave me the name, but their site present exactly what I mean. – Dom Mar 25 '10 at 13:20

score 0 · Accepted Answer · answered Jun 25 '10 at 12:45

Really your question should be "how do I stop my emails being flagged as spam?"

The problem is that while every email service provider has some sort of spam filtering - nobody likes to say how its implemented in case the spammers use this information to get around the blocks. A lot of thought went into making IP and SMTP very highly fault-tolerant, so in the absence of end-to-end authentication there is no definitive way to separate spam from ham - leaving security by obscurity as the only solution.

I think its unlikely that the X-Authentication-Warning is explicitly causing the spam filter to kick in, however a very common feature in spam prevention is Bayesian filtering - and if that term occurs more often in spam than ham, then yes, it will contribute to the problem.

If you want to improve your deliverability, then do make sure you publish restrictive SPF 1.0 records, make sure you've masquerading configured on any internal MTAs, and make sure any external facing MTAs have PTR records published which include the mail domain in the IP address. It would also be a good idea to study how spamassassin works.

HTH

C.

Email: X-Authentication-Warning

3 Answers3