tags:

views:

41

answers:

2
+1  Q: 

saving appengine mail from spam filters

One of my clients uses Trend Micro InterScan Messaging Security to protect their internal mail services.

Suddenly InterScan decided to filter out all messages coming from Google App Engine.

Unfortunately they haven't been able to whitelist the sender address as each e-mail gets a different one. For example, *3ckihSOVMMHlZHSL.JSMMHlZHSL.JS*@apphosting.bounces.google.com, with everything before the @ being variable.

Update I'm including this screenshot of how Interscan sees the incoming e-mail. Notice that all senders are different:

alt text

If I look into the e-mail headers, the apphosting domain appears inside the Return-Path field:

Return-Path: <36kSiSwYIBh0883XL3E7.5EH883XL3E7.5E@apphosting.bounces.google.com>

The "From" field looks ok. It says what I set it to say, but the spam filter only looks at the Return-Path.

My client sysadmin doesn't want to whitelist the whole apphosting domain, as it wouldn't be only whitelisting my application.

How could I bypass this e-mail filters if I can't get an unique sender?

Thanks,

+1  A: 

I am not well versed in spam filters, but it seems to me that if it can only whitelist based on one field, it is pretty lame. Unfortunately that does not help you. If this is an important client, and they absolutely refuse to budge, I see two possible paths forward:

  • Do some research into interscan to see if you can give the client some pointers (tactfully) on how to configure it to whitelist in such a way that your mail can get through, but only your mail.

  • Maintain a server outside app engine specifically for the purpose of sending emails. You can build a super simple web app that just sends out emails, and call it from within your app engine app.

Peter Recore  2010-03-19 03:47:59
+1  A: 

You can't change the return-path header of mail sent by App Engine. The way I see it, you have two options:

  • Whitelist everything from App Engine. Spam from App Engine is not a big problem, because it's expensive to send in the huge numbers spammers need, and we're constantly monitoring for spamming and shutting spammers down.
  • Whitelist based on the X-Google-Appengine-App-Id header, which will be set to the app ID of your app.
Nick Johnson  2010-03-19 11:34:17

related questions

I ALMOST understand how email works, but I'm missing something.
Sending Email in .NET Through Gmail
MS hotfix delayed delivery.
How to send email from a program _without_ using a preexisting account?
Email SMTP validator
Maximum length of a MIME Content-Type header field?
If email is not the answer then what is?
Accessing an Exchange Server without Outlook
Recommendations for a .NET component to access an email inbox
Email queueing in php
How do I open the default mail program with a Subject and Body in a cross-platform way?
How do I send a file as an email attachment using Linux command line?
Read from .msg files
What was your biggest mistake involving programmatically sending email?
Good email service for bulk emailing
parsing raw email in php
Is there any wiki engine that supports page creation by email?
Sending emails without looking like spam
What's in your .procmailrc
Why won't Entourage work with Exchange 2007?
Can I use JavaScript to create a client side email?
E-mail Notifications
Is a "Confirm Email" input good practice when user changes email address?
MAPI and managed code experiences?
How do you make sure email you send programmatically is not automatically marked as spam?