Jump to content

Parsing issue - legitimate intermediate SMTP being identified as "possible forgery. Supposed receiving system not associated with... your mailhosts"


Recommended Posts

Hello. On nearly all of my submissions from my workplace account, I get warning messages similar to this:

"Hostname verified: smtp.exchange.iu.edu

Possible forgery. Supposed receiving system not associated with any of your mailhosts"
I'll attach some tracking URLs below as full examples.
Directly above the error, it identifies a server (in-cci-exch07.ads.iu.edu (2001:18e8:3:cc1::10a) in one specific case, a different server in another) that legitimately belongs to our organization. However, it and several other I'm aware of do not show up in my list of "Hosts/Domains" in my Mailhosts tab. And I've tried repeating the Add new hosts process; it doesn't add them.
Worse yet, mail servers in the headers that come before those "Possible forgery" entries get ignored entirely (makes sense given that the parser suspects it's forged, but the point is that those servers don't get identified as problems by the parser. And I believe they're likely the genuinely original source, not the university mail hosts that are being ID'ed as possibly forged).
The DNS record for smtp.exchange.iu.edu returns a set of IP addresses that, as best I can tell by doing reverse lookups where I'm at, are indeed legitimate mail hosts for this organization. I do not know if that verification is where the parser starts to misindentify the following server as possibly forged, but it seems like that's the point.
What can be done to alleviate this misidentification? The smtp.exchange.iu.edu address is indeed associated with my organization's mailhosts.Yet I don't know how to get the parser or my mailhosts tab to accept that.
Tracking URLs:
Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...