Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
M
Mailing
  • Project overview
    • Project overview
    • Details
    • Activity
  • Issues 34
    • Issues 34
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Operations
    • Operations
    • Incidents
  • Analytics
    • Analytics
    • Value Stream
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Create a new issue
  • Issue Boards
  • Development
  • Mailing
  • Issues
  • #76

Closed
Open
Opened Aug 03, 2020 by brendanspaar@brendanspaar

CiviMail flagged URI_WP_HACKED_2 by SpamAssassin

Overview

CiviCRM emails were reported as going to the Spam folder in Gmail. I did some digging with mail-tester.com and found that SpamAssassin is dinging my mailings -1.629 points for the code URI_WP_HACKED_2.

I did some more digging and found this is likely caused by the WP REST API that was integrated into Civi in 5.25. I'm currently running 5.27.0.

Things I have done that have not resolved the issue:

  • I have installed the cv-rest-mailing plugin located here: https://develop.tadpole.cc/plugins/cv-rest-mailing
  • I have also ran my site against MalCare which returned a Clean rating.
  • I have disabled the plugin WP Mail SMTP.
  • I have disabled tracing of opens and click throughs.

I have confirmed that this is occurring on 3 of my clients sites all running Civi 5.27.0 with Mosaico.

I have confirmed this on sites that are running gSuite as their email provider as well as sites that are running a local mail exchanger.

The following two Stack Exchange questions are open with no resolution. I confirmed with Heather O. that she is still facing difficulty.

  • https://civicrm.stackexchange.com/questions/35064/civimail-tracked-links-in-wordpress-site-are-marked-down-by-mail-tester?r=SearchResults&s=3|14.7395
  • https://civicrm.stackexchange.com/questions/36244/spamassassin-marking-mailings-as-compromised-wordpress-site?r=SearchResults&s=1|42.5634

Reproduction steps

  1. Create a new group called SpamTesting
  2. Create a new individual named Spam Tester
  3. Add Spam Tester to the Group SpamTesting
  4. Give the individual Spam Tester the email address corresponding to https://www.mail-tester.com/
  5. Create a new mailing or reuse an existing mailing.
  6. Add SpamTesting as a recipient group.
  7. Send the mailing immediately
  8. Click check your score on Mail-Tester.com

Current behaviour

Many CiviCRM mailings are going to spam after upgrading to 5.27.0. Please see attached image.
SpamAssassin Score

Expected behaviour

Emails should not be getting flagged as a hacked WordPress site.

Environment information

  • Mail Server : gSuite
  • Browser: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36
  • CiviCRM: _Master/5.27.1
  • PHP: 7.3.14
  • CMS: WordPress 5.4.2
  • Database: _MySQL 8.0.18
  • Web Server: _Apache 2.4.41

Comments

Edited Aug 04, 2020 by brendanspaar
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
None
Milestone
None
Assign milestone
Time tracking
None
Due date
None
Reference: dev/mail#76