Spam with from address set to reply by email address

Our “reply by email address” is “forum-replies+%{reply_key}@example.com”. Recently, we’ve started receiving spam with the from address set to "forum-replies@example.com". When this happens, Discourse is sends a “Rejection Mail” to its own “reply by email address” (well, without the reply key part of course). After this, Discourse rejects the “Rejection Mail”, but thankfully the new “Rejection Mail” is sent to the “notification email”, which is what I’d guess Discourse uses as the From address for rejection mails.

Is there a way to turn off rejection emails for messages that do not match the format of the “reply by email address”?

2 Likes

Hmm, any thoughts in your mind grapes about this one @mpalmer?

What’s the To address on these e-mails? If Discourse is rejecting them, then it’s presumably an invalid recipient, in which case the fast-rejection code might need to be tweaked a little to catch whatever it is you’re seeing. That’ll stop Discourse sending a rejection back to itself, because it’ll never even see the message.

Discourse shouldn’t be rejecting the rejection e-mail, though, because the initial rejection should be marked as auto-generated, and we shouldn’t be responding to auto-generated mail. Presumably one of those "should"s isn’t true, which is a bug.

Otherwise, it’s reasonable that Discourse ignore e-mail sent to it from its own address; I can’t think of a legitimate circumstance in which that would happen.

Finally, it’s not a particularly good idea to disable rejections entirely for messages sent to mangled variations of the reply-to address; e-mail clients (and servers) are universally terrible, and do all manner of unspeakable things. Having a response back saying “everything is awful” is more user-friendly (in general) than blackholing mail.

2 Likes

The To address is “forum-replies@example.com”.

I made a pull request for this

https://github.com/discourse/discourse/pull/5843

2 Likes

The pull request was merged by @zogstrip :tada: . Hopefully that fixes it; I’ll continue to monitor it.

2 Likes

This topic was automatically closed after 2213 days. New replies are no longer allowed.