• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

FREEMAIL_FORGED_FROMDOMAIN triggered for plesk internally forwarded mail

T

TomBoB

Silver Pleskian
Username:

TITLE

FREEMAIL_FORGED_FROMDOMAIN triggered for plesk internally forwarded mail

PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

Plesk 18.0.48, AlmaLinux 8.7

PROBLEM DESCRIPTION

Send an email from Gmail (as an example) to a mailbox on a Plesk server. The receiving email address one@1stdomain.tld (no matter if the mailbox is enabled or not) has forwarding set up to another mail address two@2nddomain.tld of a different domain, but on the same Plesk server.
Lets assume the mailbox for one@1stdomain.tld is enabled. Allows for checking the mail headers.
The gmail mail comes in and the header is all ok. Nothing special special triggers during spam testing.
Check the header of the forwarded email in the mailbox of two@2nddomain.tld
Spam testing now triggers FREEMAIL_FORGED_FROMDOMAIN. Actually as well as HEADER_FROM_DIFFERENT_DOMAINS.
Both are obiously very wrong and should not trigger.
The second trigger is already pointed out here: Forwarded to devs - SPF_FAIL for internally forwarded emails in detail.

EDIT: We use Plesk Email Security, not the "standard" setup, but I believe the same problem happens without PES as well.

STEPS TO REPRODUCE

As described in above problem description.

ACTUAL RESULT

spam testing for forwarded mail from gmail triggers FREEMAIL_FORGED_FROMDOMAIN . [And HEADER_FROM_DIFFERENT_DOMAINS].

EXPECTED RESULT

Don't trigger those. Mail is a genuine gmail one that came in, and is being forwarded to another mail address. Genuine all the way.

ANY ADDITIONAL INFORMATION

(DID NOT ANSWER QUESTION)

YOUR EXPECTATIONS FROM PLESK SERVICE TEAM

Confirm bug
 
I would argue that both are expected and are rather the result of the rule implementation by SpamAssassin. Not by any (wrong) doing on Plesk's side.

The HEADER_FROM_DIFFERENT_DOMAINS rule gets triggered when the From address is different from the envelope sender. As the envelope sender get rewritten on forwarding for the Sender Rewriting Scheme, this rule gets triggered. Similarly for FREEMAIL_FORGED_FROMDOMAIN. It gets triggered because the envelope sender got rewritten.
 
Last edited:
You must log in or register to reply here.

Similar threads

enerspace
Question Bounce emails end up in spam – DMARC triggered on local deliveries?
Replies
0
Views
203
enerspace
enerspace
P
Forwarded to devs Event 'CP User Login' triggered despite invalid additional authentication step (MFA)
Replies
2
Views
1K
Kaspar@Plesk
Kaspar@Plesk
nethubonline
Resolved Wrong Email From address if Email From display name contains "<>" and forwarded by Plesk
Replies
3
Views
1K
Kaspar@Plesk
Kaspar@Plesk
Bitpalast
Forwarded to devs Spamassassin ignores mails to mailboxes that contain an ampersand, e.g. d&s@recipientdomain.tld
Replies
9
Views
2K
Bitpalast
Bitpalast
W
Issue Mail forwarded on the server in the target mailbox is delivered to the SPAM folder
Replies
0
Views
499
W4ru
W
Back
Top