Interesting Mail Headers

My good friend Jake Churchill was surfing dev shed and he found this post regarding cfmail. The question is pretty easy, but one of the comments further down caught his eye. A user named mackindlays makes the statement that "Many mail services bounce CF generated mails now". Personally I do not believe there is any evidence that mail servers bounce CF generated mail any more than .NET generated mail or PHP generated mail etc. Perhaps mail servers score mail that is obviously sent from a web server as "more likely to be spam". Certainly that was a contention of my previous post on the subject. At any rate, his solution was to spoof the mail headers for Microsoft Exchange using CFMAILPARAM.

I have no idea if this will work or be successful (I'll let my readers know what I find out). But this rather un-muse like solution is perhaps one more arrow in the quiver of folks trying to send legitimate email.

Related Categories: Coldfusion Tips and Techniques
Comments (3) | Print | del.icio.us

Related Blog Entries

Solving an Email Send Problem: a Simple, Innovative Approach (October 22, 2008)

Comments

[Add Comment]

I've had personal experience doing similar hacks because of some large mailer or other that specifically blocked CF-generated mail. For a while a few years ago, and I don't know if it is still the case, Yahoo! mail was one of the big ones that did.

I never understood the reasoning, either. I can't imagine too many spammers thinking "hey, how could we pump out more spam per hour? I know, ColdFusion!".

# Posted By Rick O | 10/30/08 12:39 PM

Hi Mark

I understand why you might feel this is worth trying, but I personally would feel uncomfortable with what is effectively lying. By all means be economical with the truth by removing references to CF (e.g. change the default "mailerID" attribute in cfmail from "ColdFusion 8 Application Server" to a custom name) but I would like to believe that getting past spam filters is like getting search engine rankings: the best way is to be honest and not to try to fool them.

So instead, I would favour things like trying to make sure that the IP and domain of your server is publicly verifiable by using SPF records in your DNS and a public FQDN in the CF admin/server attribute (See http://carehart.org/blog/client/index.cfm/2007/12/... ). It may be that rather than CF per se, it's more the lack of an accountable domain or IP that's causing the spam alarm bells to go off.

# Posted By Julian Halliwell | 11/5/08 4:36 PM

Julian, let me be clear. This is not something I intend to use or have used. I'm a little uncomfortable with it too - which is why I state at the bottom:

"...this rather un-muse like solution is perhaps one more arrow in the quiver of folks trying to send legitimate email."

That kind of sums it up for me. I think there are folks who could make the case that mail servers never intended to exclude legitimate email just because it originated from a CF server - so this approach might correct that (slight) injustice. But it is an unmistakenly deceptive approach... so I do not disagree with what you are saying.

Still, there are those with a stronger stomach than I who might find this useful and legitimate - and it does add to the understanding of how email is delivered, so in the information serves a useful purpose and I'm never afraid of information despite its potential nefarious uses :)

# Posted By mark kruger | 11/5/08 4:45 PM

[Add Comment]

Ask A Muse

Have a Coldfusion, SQL or Networking Question? How about a suggestion for a podcast. Fire away and I'll try to answer.