Nev,
I'm sure someone more knowledgeable can jump in to correct me where I'm wrong, but here's my off-the-cuff reply - without doing any fact-checking. ;)
I think you're coming across a problem that is basically because your concept of a webserver sending an email on behalf of someone is no longer considered a good practice - it's basically doing the same thing as a spammer would do. Send an email and then just change the From: header to be from the address that has been typed in on your webpage. Many spammers have used this technique (spoofing the From: address to be from a valid user) over the years to peddle their wares, and so technologies like SPF have been introduced to stop emails being accepted if they have not been sent by the SMTP server associated with the sender's domain. This means that for the email to be sent from Yahoo! to be accepted, it should be sent from Yahoo!'s email servers - and not your ISPs.
There is no work around for this new security tightening - you are sending emails on behalf of another email server, from your webserver ... and that is now something that is frowned upon.
My experience is that the webpage your describing is somewhat of a pain for end-users anyway. It is frustrating to go to a page like that, send an email and then have no idea whether it has actually been received by the end-recipient. Many times those scripts break because of problems at the hoster, but noone is aware for months and so anyone trying to use the form is utterly stuck, if there are no other contact details on the site.
Might I suggest the simpler approach of removing the whole thing and instead setting up some email forwarders so that secretary@ chair@ treasurer@ and events@example.org forward through to the appropriate person. This will achieve the same thing you're currently doing, with no maintenance on the website and immediate feedback to the end-user who will get a bounce response if the email cannot be delivered for whatever reason.
If you're worried about someone harvesting the forwarding email addresses if you put them directly on the website, you can always obfuscate them using a site like this:
http://www.fingerlakesbmw.org/main/flobfuscate.php
but, tbh, it's virtually impossible to hide addresses for too long, so people would be far better investing time in setting up a decent spam filter.
HTH,
Peter.
On 7 December 2016 at 08:53, Nev Young alug@nevilley.org.uk wrote:
Hi, Can any one offer advice about a problem I've been having with email for a few months now? I suspect it has something to do with increased security at host mx4.hotmail.com but I can not confirm this. The problem (in brief) I host a number of websites. Each of these has a "contacts" page where any one may send an email. The page contains the following fields: 1 a drop down box to select the recipient (e.g. secretary, chair, treasurer, events co-ordinator, etc.) 2 a text field for the sender's own email address 3 a free text field.
This prevents the sender knowing the email address of the recipient and sends an email with: To: = the recipients real email address From: = the sender's own email address Subject: = "website contact" and the body containing the free text stripped of any HTML.
All of the above works fine for all sender addresses and recipient addresses *except* when the sender is <sender>@yahoo.co.uk and the recipient is <recipient>@live.co.uk which results in a failed to deliver message which contains: A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed: <recipient>@live.co.uk SMTP error from remote mail server after end of data: host mx4.hotmail.com [65.55.37.120]: 550 5.7.0 (COL004-MC4F7) Unfortunately, messages from (212.23.1.5) on behalf of (yahoo.co.uk) could not be delivered due to domain owner policy restrictions. ------ This is a copy of the message, including all the headers. ------
Meanwhile a copy of the email sent at the same time to me as site administrator works fine and is delivered.
65.55.37.120 is microsoft 212.23.1.5 is Zen internet (my isp). obviously <sender> and <recipient> have replaced real email names.
Any ideas what I need to change to make hotmail accept these emails again. Or do I just have to wait it out?
Nev
main@lists.alug.org.uk http://www.alug.org.uk/ https://lists.alug.org.uk/mailman/listinfo/main Unsubscribe? See message headers or the web site above!