On 9/14/22 10:10 AM, Paul Smith via mailop wrote:
When you ask for a 'password reset' from a website, and it gets filtered as junk, I can 99.9999% guarantee that no one looks at the bounce message from that rejected email.
I would counter with why is that password reset not being sent with a RCPT TO:<...> NOTIFY=NEVER.
While we're talking about cleaning up the quality of messages, I'd suggest the Auto-Submitted: header with the auto-generated value.
There's some room for discussion about sending the message from the null reverse path <> vs a different sender which is routed to a mailbox for the inevitable incoming message.
Similarly, please include a Reply-To: that directs the message somewhere of value.
N.B. DO-NOT-REPLY addresses are a -- this list is too polite for what I really think -- a wasted opportunity. You can send a message such that human relies are directed to somewhere that encodes the original recipient.
While we're at it, let's go ahead and use a legitimate address for the envelope from while also using VERP for the tagging / correlation.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
