News: SRS broken / Gmail claims PTR records broken
Update: This has been resolved as of August 9th.
Currently with the latest update to exim, we are noticing that forwarded emails are not using SRS. As far as we are concerned, SRS is configured according to the exim documentation, so we are not yet certain if this is a misunderstanding or a software bug. We are actively working to correct it.
SRS, sender rewriting scheme, is best described here: https://en.wikipedia.org/wiki/Sender_Rewriting_Scheme
Basically, when SRS is working it looks like this:
You send an email from firstname.lastname@example.org to email@example.com, which forwards to firstname.lastname@example.org. When we forward the email, we change the envelope sender from email@example.com to SRS0=HHH=TTfirstname.lastname@example.org. This allows it to pass SPF. Without this, Google will start accepting some emails that they were not accepting when forwarded, and reject some emails that they were accepting when forwarded. The true oddity is that every time this happens, and only when the forwarded email originates at Hotmail/Outlook/Live/Office365 is that Gmail is returning errors like this:
550-5.7.25 [220.127.116.11] The IP address sending this message does not have a PTR record setup, or the corresponding forward DNS entry does not point to the sending IP. As a policy, Gmail does not accept messages from IPs with missing PTR records. Please visit https://support.google.com/mail/answer/81126#ip-practices for more information. kv42-20020a056870fbaa00b000f5da3c6bfesi4633556oab.165 - gsmtp
This is very misleading and incorrect. There is nothing wrong with our PTR records, and Google is not having any problem reading our PTR records. Extensive testing has been done on our side to ensure that this is the case. In 100% of cases where Google has returned this message since SRS has been broken, it has been the case that the forwarded email originated at Outlook/Hotmail/Live/Office365. It seems that Google is meaning to report something different in these cases, but is instead failing to return the correct error message.
We are working to fix SRS. Until we do, you may notice that Google is accepting emails that they previously did not, and not accepting emails that they previously did. Most noteworthy does appear to be emails forwarded that originated from Outlook/Hotmail/Live/Office365.