Change "Return-Path" header on relayed mails

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Change "Return-Path" header on relayed mails

Jonathan Sélea


Some background:

We have an Exchange 2013 server that do not seems capable of setting a Return-Path header when a user has Autoreply on.

For example, I am mailing "[hidden email]" and that user has an Autoreply/OOTO on his/her account, exchange sends an Autoreply back without an "Return-Path" header which causes it to be classified as spam - because it is technically spoofed. Link below explains the issue more:
https://social.technet.microsoft.com/Forums/office/en-US/93cde90c-495b-4ae9-8e37-f8267f93a0ee/exchange-2013-on-prem-ooto-ndr-replies-fail-dmarc-authenication-outbound?forum=exchangesvrsecuremessaging
https://social.technet.microsoft.com/Forums/en-US/51519377-48f5-4833-ac0d-4128eaf9c25e/how-do-you-setup-dmarc-to-allow-null-returnpath-rfc5321mailfrom-messages-out-of-officendr?forum=onlineservicesexchange

The "solution" I could think of is to route all the emails via a postfix server that adds DKIM, ARC and also a Return-Path header (or modify it) to a correct one.

Is it possible?
I have the "always_add_missing_headers = yes" directive active in main.cf but I am still getting this:

Return-Path: <MAILER-DAEMON>

Have you solved a similar issue in the past? And how did you solve it?

Thanks!

Reply | Threaded
Open this post in threaded view
|

Re: Change "Return-Path" header on relayed mails

Jonathan Sélea
Just bumping this :)

On ons, 2018-08-22 at 14:34 +0000, [hidden email] wrote:


Some background:

We have an Exchange 2013 server that do not seems capable of setting a Return-Path header when a user has Autoreply on.

For example, I am mailing "[hidden email]" and that user has an Autoreply/OOTO on his/her account, exchange sends an Autoreply back without an "Return-Path" header which causes it to be classified as spam - because it is technically spoofed. Link below explains the issue more:
https://social.technet.microsoft.com/Forums/office/en-US/93cde90c-495b-4ae9-8e37-f8267f93a0ee/exchange-2013-on-prem-ooto-ndr-replies-fail-dmarc-authenication-outbound?forum=exchangesvrsecuremessaging
https://social.technet.microsoft.com/Forums/en-US/51519377-48f5-4833-ac0d-4128eaf9c25e/how-do-you-setup-dmarc-to-allow-null-returnpath-rfc5321mailfrom-messages-out-of-officendr?forum=onlineservicesexchange

The "solution" I could think of is to route all the emails via a postfix server that adds DKIM, ARC and also a Return-Path header (or modify it) to a correct one.

Is it possible?
I have the "always_add_missing_headers = yes" directive active in main.cf but I am still getting this:

Return-Path: <MAILER-DAEMON>

Have you solved a similar issue in the past? And how did you solve it?

Thanks!


signature.asc (836 bytes) Download Attachment
smime.p7s (6K) Download Attachment