CiviMail flagged URI_WP_HACKED_2 by SpamAssassin
CiviCRM emails were reported as going to the Spam folder in Gmail. I did some digging with mail-tester.com and found that SpamAssassin is dinging my mailings -1.629 points for the code URI_WP_HACKED_2.
I did some more digging and found this is likely caused by the WP REST API that was integrated into Civi in 5.25. I'm currently running 5.27.0.
Things I have done that have not resolved the issue:
- I have installed the cv-rest-mailing plugin located here: https://develop.tadpole.cc/plugins/cv-rest-mailing
- I have also ran my site against MalCare which returned a Clean rating.
- I have disabled the plugin WP Mail SMTP.
- I have disabled tracing of opens and click throughs.
I have confirmed that this is occurring on 3 of my clients sites all running Civi 5.27.0 with Mosaico.
I have confirmed this on sites that are running gSuite as their email provider as well as sites that are running a local mail exchanger.
The following two Stack Exchange questions are open with no resolution. I confirmed with Heather O. that she is still facing difficulty.
- Create a new group called SpamTesting
- Create a new individual named Spam Tester
- Add Spam Tester to the Group SpamTesting
- Give the individual Spam Tester the email address corresponding to https://www.mail-tester.com/
- Create a new mailing or reuse an existing mailing.
- Add SpamTesting as a recipient group.
- Send the mailing immediately
- Click check your score on Mail-Tester.com
Emails should not be getting flagged as a hacked WordPress site.
- Mail Server : gSuite
- Browser: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36
- CiviCRM: _Master/5.27.1
- PHP: 7.3.14
- CMS: WordPress 5.4.2
- Database: _MySQL 8.0.18
- Web Server: _Apache 2.4.41