Done Sender email address impersonation

Discussion in 'Feature Requests' started by David, Oct 13, 2016.

  1. David

    David Administrator
    Staff Member

    Joined:
    Dec 1, 2015
    Messages:
    765
    Likes Received:
    30
    Hi,

    So far we've been very pleased with this appliance and it saved us a lot of time compared to setting up ftp access and managing passwords and user problems.

    I'd however like to make a suggestion based on a problem we seem to have on a regular basis.

    When the user sends a message/file via this appliance, the system impersonates the user email account and sends the message as the user.

    For other notifications, it uses the global email address set in the options. I've noticed that notifications sent via this address have about 20% chance to end up in the recipient's junk mail.

    The scenario plays like this: local corporate user A sends a message/file using the appliance to external user B (email template message_available). User B receive the message and click on the link, fills in his email address and validate. Then he waits because he doesn't see any new email (template validate_email) in his inbox because the secure link as been caught in his spam folder. User B contact user A later to say he can't download the file and then user A forwards to me to troubleshoot the problem.

    I think the 'secure' link message (template validate_email) should be sent like the original email, as the user A address and not as the system global address. This would help a lot in reducing the chances that the message be flagged as spam as A and B would probably already had an email conversation therefore A address would already be either whitelisted or attributed a low spam score.

    Also, it would be nice if we coould be able to access the original subject tag {{message.subject}} in the validate_email template so that when used in the subject field, it allows the email to be sorted with the others in the same conversation stream (as most email clients now support conversation views)

    In fact, one way to solve this problem would be to let the system admin be able to fill in the from field in this validate_email template and provide {{user.name}} and {{user.email}} tags so they can be used in the from field.

    I hope this makes sense.

    Regards

    Kheops
     
  2. David

    David Administrator
    Staff Member

    Joined:
    Dec 1, 2015
    Messages:
    765
    Likes Received:
    30
    Comments
    [​IMG]
    Johan Allard
    LiquidFiles
    There's obviously two types of messages, one type which is system generated, and one type that is user generated. System generated includes emails like password reset, and user generated like the message available email. System generated emails use the sender address that is defined in Admin -> Email. Make sure that this is a valid email to avoid the spam problem. Even if the validate email could technically be linked to a message, the password reset couldn't, and the validate email isn't really coming from the sending user, so it shouldn't have that email address as sender.

    June 28, 2011, 21:53
    [​IMG]
    Marc Schuszler
    I totally understand that it's a system generated message but I think there's a real need there, I'm pretty sure I'm not the only one in that case.

    Our global system email address is valid so it's not the problem.

    I also agree that emails like password resets should stay as they are but we'd only need it for the validate_email email as you should admit that, even if the email doesn't technically comes from the user, using the user address as sender would immediately solve 99% of this spam problem. I'm spending too much time having to sort those silly problems and I might not be the only one.

    I'm not asking to make it mandatory, just that there's an option to chose the from for this template on the server.

    Regards

    Kheops

    June 28, 2011, 22:34
    [​IMG]
    Johan Allard
    LiquidFiles
     

Share This Page