I am using MailApp.sendEmail to send mail FROM:SEND#example.com and TO: RECEIVE#example.com
The SEND#example.com inbox automatically forwards all incoming mail to various other addresses in my organization.
The unintended consequences are that even though I only want these emails to be delivered to RECEIVE#example.com, they are automatically being forwarded to all of the email addresses that SEND#example.com forwards to as well.
This doesn't seem logical, as it is an outgoing email and if I simply send an email from the SEND#example.com inbox normally, the sent mail does not get forwarded.
Can anyone explain why this happens and/or a way around it?
I believe it happens because the copy google's servers (running the apps script) places in the sending account's mail folders is treated by gmail as a new incoming message that just happens to have the from field set to be that account itself. It then performs whatever rules it always performs on incoming messages.
You can set your rules for that gmail account to forward except in the case that the from address is your own email address. When you create the filter enter "-SEND#example.com" in the from field.
Related
I have been trying to find the way to read the inbound and outbound emails prior reaching the recipients and if the email contains sensitive data, I would modify or rather stop delivering or quarantine that email.
Also, is there any admin setting to schedule send all the email send from org(basically delay sending the emails). I'm aware that this functionality is available in user's mailbox, want to now if any admin setting is available which can be enabled by default for all emails.
I have integrated messages.get and webhook's to fetch all the emails, but those are all either emails which are already delivered. Is there any api or way to detect sensitive emails in real time before getting delivered?
We are using a Gmail Add-on which triggers on email Open.
When an email is not from a verified sender it does not trigger and instead displays the following message
Spam and suspicious messages can’t be used for recommended content or
actions. Try searching for messages in your inbox.
Now how the add-on determines this appears to be when the sender is not verified.
I see in the below post that this is expected behaviour when the message is in SPAM but this is not the case in this scenario...
My add-on will not run on messages in the SPAM folder
This is not a spam message and our addon needs to access the email contents in order to work.
How do we override this unwanted behaviour.
You will want to review Why emails have spam warning labels, Messages from an unconfirmed sender which links to Check if your Gmail message is authenticated. Basically Gmail uses SPF and DKIM to verify that the mail server sending the email is authorised to send messages for that Domain. So you need to fix it at the point you send the emails by setting up SPF or DKIM appropriately.
If that is not possible, set up a filter via "Filter messages like this" option and set up a filter and try options such as "Never send it to Spam" and "Forward it to:" and forward it to itself.
I have a web application wherein our users create contracts and we have integrated with DocuSign through an embedded recipient experience.
My web application is fairly involved in gathering the appropriate signers, sending emails, requesting signatures, keeping up with signer statuses, etc., and so I believe that an embedded recipient experience makes the most sense for us.
However, our first client using the integration has already been using DocuSign for some time and their signers (CEOs, CFOs and the like) are accustomed to logging into DocuSign, seeing envelopes in their inbox and clicking on them to sign - which is only possible in an integration by adding them as remote recipients. Embedded recipients cannot be associated to a DocuSign user account.
I'd like to keep using embedded recipients, but my client desperately wants to see envelopes created from my application in their DocuSign user account inbox and sign them from there without first having to log into my application.
Is there any clever way to deliver such a request with an embedded recipient experience? Even an atypical workaround, like sharing documents between the embedded recipient and the user account or some other recipient type of which I'm not aware, etc.?
Unfortunately not. When creating an embedded signing session the recipient becomes what's referred to as a Captive Recipient. Captive Recipients follow a different set of rules in regards to email notifications and presence in an inbox.
For example, Captive Recipients don't receive email notifications by default -- but they can supply an email to be CC'ed onto the envelope.
Since the Captive Recipient also has a universal account number, the user is technically part of an account outside of yours or your recipients.
IE: Your recipient views his inbox linked to his userId on account XXXXXXXXX.
The Captive Recipient is part of account YYYYYYYYYY with its own unique userId, so there's nothing for it to match up to.
If your app relies on embedded signing to load DocuSign envelopes into something like an iFrame, you can still do that without using an embedded recipient, which would give you the ability to load them through your webApp as well as let your signer access them via his DocuSign inbox.
To retrieve the signing URL, you make a POST call to https://{endpoint}.docusign.net/restapi/v2/accounts/{accountId}/envelopes/{envelopeId}/views/recipient with the following call body:
{
"returnUrl": "http://localhost/returnUrl",
"authenticationMethod":"email",
"email": "{recipientEmail}",
"userName": "{recipientFullName}",
"recipientId":"{recipientId}"
}
I'll like to process incoming email on a specific email. In aws docs it says
Although you are not required to publish an MX record to receive mail through Amazon SES, if you don't publish the record, Amazon SES will receive mail for your domain only if you explicitly route it to Amazon SES.
http://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-mx-record.html
How do I explicitly route email to SES?
After hours of research and failed attempts of having SES receive emails without the use of a MX record (had set up an additional Route via gSuite / Google Apps), here is my best suggestion on how to go about this.
Short Version
Create a subdomain and point its MX record to SES after inserting the TXT verification record. After creating the necessary ruleset to receive and save email from any#sub.domain.com, you can now have SES receive email from any email address you own (even if it's not verified with SES) by simply forwarding its emails to the SES enabled subdomain email address.
Long Version
Unfortunately, it does still require an MX record, but check it out...
You can create a custom subdomain on your primary domain and call it anything. In my case, I called it ses.mydomain.com
Next, I added my newly created subdomain to SES via the Domains link.
Immediately upon adding it as a domain to SES, a pop-up window appears displaying the required TXT verification record and MX mail record.
Shortly after assigning these two DNS records to my subdomain, the subdomain is verified and able to receive email after setting a few quick rules via Rule Sets!
Here's the cool part - you can still have SES receive email from any email address you have access to.
How you might ask?
By just setting up a forwarder on the email address you do want to send to SES, by forwarding it to the SES-enabled subdomain email address.
Meaning - If SES is able to receive email from someone#ses.example.com, but you want it to actually receive email from someone-else#example.com, then all you need to do is forward someone-else#example.com to someone#ses.example.com!
Remember, you still need to create the necessary rules to receive emails. See this AWS Blog Post for more information.
Use one of the AWS SES's inbound endpoints:
http://docs.aws.amazon.com/ses/latest/DeveloperGuide/regions.html#region-select
e.g. for US-EAST-1 the inbound endpoint is inbound-smtp.us-east-1.amazonaws.com. For receiving only you do not use SMTP endpoints. The procedure is pretty much the same using MX records or not: somewhere (in your DNS or in your mail handling system) you must point to a SES inbound endpoint.
For example, my MX records point to Google Apps, but using 'Hosts' and 'Routing' (inside Google Apps/Gmail options) I managed to relay only one recipient to SES. So every e-mail my domain receives goes to Gmail recipients as usual, except for one special_recipient#mydomain.com which I relayed to SES (which, in turn, goes to SNS then to SQS).
from:
https://aws.amazon.com/blogs/aws/new-receive-and-process-incoming-email-with-amazon-ses/
Now you need to route your incoming email to SES for processing. You have two options here. You can set the domain’s MX (Mail Exchange) record to point to the SES SMTP endpoint in the region where you want to process incoming email. Or, you can configure your existing mail handling system to forward mail to the endpoint.
I am using our email server at [mydomainhere].com to send emails through a web site UI. I just used the UI to send an email from [myemail]#yahoo.com. And received an Undeliverable message at my yahoo email address.
mta1400.mail.ne1.yahoo.com rejected your message to the following e-mail addresses:
[myemail]#yahoo.com
mta1400.mail.ne1.yahoo.com gave this error:
Message not accepted for policy reasons. See http://postmaster.yahoo.com/errors/postmaster-28.html
More information can be found here:
http://www.pcworld.com/article/2141120/yahoo-email-antispoofing-policy-breaks-mailing-lists.html
Any help would be appreciated.
Yes Allan, you are correct in assuming that the anti-spoofing that Yahoo (and now AOL) have turned on is permanent. The technology they are using is called DMARC. Yahoo has published a DMARC record in their DNS:
$ dig TXT _dmarc.yahoo.com. +short
"v=DMARC1; p=reject; sp=none; pct=100; rua=mailto:dmarc-yahoo-rua#yahoo-inc.com, mailto:dmarc_y_rua#yahoo.com;"
Every mail server that supports DMARC will look up that record in Yahoo's DNS and apply Yahoo's p=reject policy. In effect, what Yahoo has done is stated to the world, "if the email does not originate from this list of IPs (SPF) or bear this crytographic signature (DKIM), then reject (p=reject) it." Since your mail server is not in their list of mail servers IPs nor are the messages signed with Yahoo's DKIM key, a substantial and growing portion of the mail servers on the internet are going to reject it or deliver it to the Spam folder (Gmail).
In addition to the SPF & DKIM checks, DMARC also introduces the concept of alignment. In addition to passing SPF checks (which apply to the Envelope Sender), DMARC requires that the domain in the messages 'From' header passes SPF. This prevents you (and bad actors) from sending messages with a header From domain of Yahoo.com and an Envelope Sender domain of attacker.com, which the recipient will never see. This alignment also extends to the DKIM signature, requiring not just that the message is signed with DKIM, but also that the dkim signature domain (d= property) matches the From header domain.
we will just have to prevent users from using their yahoo email address in the sender email field
Coding in a check for the yahoo.com domain is a hack that won't last long. AOL has already joined the thousands of domain owners with DMARC p=reject policies. They won't be the last of the Very Large Email providers to publish p=reject DMARC policies. A much safer approach is to evaluate SPF against your mail servers public IP and the domain in the users selected email address. If the SPF check fails, then choose an option:
Inform the user that their choice of domains doesn't permit 3rd party senders and they should choose another.
Alter the From header to send from a domain you control:
From: "user#yahoo.com via" <my-app#my-domain.com>
As already stated, you could define Reply-To if you wish for replies to expose the senders real email address.
Set up local usernames that forward to the sender's real email address. If you've used Craigslist, you're familiar with the idea. You maintain a mapping of local addresses and the email address they forward to.
Based on what you've said about your web application, it seems like #2 is the best fit.
I have had a similar problem with mailing lists that I maintain (e-mails with a From address something#yahoo.com bounced). I solved my problem by changing the From, Reply-to and Errors-to fields of the e-mails' headers as follows:
From: Organization name <no-reply#somedomain.org>
Reply-to: my-email-address#yahoo.com
Errors-to: my-email-address#yahoo.com
I suspect that similar changes will fix your problem.