AbanteCart Community
Shopping Cart Operations => Support => Topic started by: Rdw on January 07, 2022, 07:42:14 PM
-
Hello
I'm having issues with the password reset option and all the reset emails are being blocked on the email gateway and the hosting provider has advised that it is due to a base 64 creating a high SPAM score rule being triggered.
From our hosting provider
This is likely because unfortunately password reset type emails are very popular with spammers / phishing attempts nowadays.
Here are the issues which the spam filtering gateway found with those emails:
Rule breakdown below
pts rule name description
---- ---------------------- --------------------------------------------------
0.14 MISSING_MID Missing Message-Id: header
0.01 FROM_EXCESS_BASE64 From: base64 encoded unnecessarily
1.05 FROM_EXCESS_BASE64_2 From: base64 encoded unnecessarily
1.20 BSF_SC3_MV0891 Custom rule MV0891
The From: base64 messages are being generated because the software is doing something odd with the 'from' email addresses:
From: =?UTF-8?B?QWJpbmdkb24gRmVuY2luZyBDbHVi?=info@DOMAIN NAME REMOVED.org.uk
The 'Custom rule MV0891' entry will be because of the issue I mentioned above where these look like potential phishing messages.
Are there options you can tweak which could disable this behaviour with the From: address by any chance?
How can we remove the encoding that is triggering the "From: base64 encoded
I have configured using SMTP setting and all other emails are working as expected
below is an extract from the bounce back message
Subject: =?UTF-8?B?QWJpbmdkb24gRmVuY2luZyBDbHViIC0gUGFzc3dvcmQgcmVzZXQ=?=
Date: Thu, 06 Jan 2022 00:33:50 +0000
From: =?UTF-8?B?QWJpbmdkb24gRmVuY2luZyBDbHVi?=<info@DOMAIN NAME REMOVED.org.uk>
Reply-To: =?UTF-8?B?QWJpbmdkb24gRmVuY2luZyBDbHVi?=<info@DOMAIN NAME REMOVED.org.uk>
X-Mailer: PHP/7.4.27
MIME-Version: 1.0
Content-Type: multipart/related; boundary="----=_NextPart_c603966fff8af298a85ea4e0f39f92c5"
I have tried editing the content of the email to remove PASSWORD but this makes no difference.
Currently using version1.3.1
-
Hello.
Try to upgrade to 1.3.2
-
Currently using version1.3.1
please try to replace file core/lib/mail.php with file from 1.3.2 version (https://github.com/abantecart/abantecart-src/raw/master/public_html/core/lib/mail.php)
-
I've upgraded to the latest version 1.3.2 and still password reset emails are being blocked by our hosting provider and they are still advising it is due to the content / structure of the message.
I have tried installing several other packages and the password reset links always come through without any issues.
I have changed the wording of the reset email and still makes no difference.
emails are being sent via SMTP is there any other backend configuration which needs to take place?
-
Hello.
Try to switch Mail protocol to PHP Mailer https://abantecart.atlassian.net/wiki/spaces/AD/pages/7372837/Mail+Settings#MailSettings-MailProtocol%3AMAIL
-
Hello
Switched back to PHP and exactly the same is happening even when using -f and -r
Emails for password resets for the rest link are being blocked
-
please try to edit file core/lib/mail.php
Just replace
$header['From'] = '=?UTF-8?B?'.base64_encode($this->sender).'?='.'<'.$this->from.'>';with this
$header['From'] = (preg_match('/[^\x20-\x7f]/', $this->sender) ? "=?UTF-8?B?". base64_encode($this->sender) ."?=" : $this->sender ) ." <".$this->from.">";
and let us know
-
Hello.
Please try these code fix https://github.com/abantecart/abantecart-src/commit/0b3d16ea80c26b4b080977feeb27acbaeace49d5