Missing message-ID

  • Thread starter Thread starter Kevin Davies
  • Start date Start date
K

Kevin Davies

In emailing a small newsletter mostly within Australia I receive the
following message to a copy which goes to the UK -

Remote host said: 550-RFC2822 says you should have a Message-ID.
550 Most messages without it are spam, so your mail has been rejected.

My understanding of 'Message-ID' is very limited and I can find no reference
to it the properties of any SentMail (although it may well exist)

Domestic newsletter copies are delivered OK. Current versions Outlook and
Word.

Suggestions ?

KD
 
"Kevin Davies" said in news:[email protected]:
In emailing a small newsletter mostly within Australia I receive the
following message to a copy which goes to the UK -

Remote host said: 550-RFC2822 says you should have a Message-ID.
550 Most messages without it are spam, so your mail has been rejected.

My understanding of 'Message-ID' is very limited and I can find no
reference to it the properties of any SentMail (although it may well
exist)

Domestic newsletter copies are delivered OK. Current versions Outlook
and Word.

Suggestions ?

KD
Click to expand...

The "Message-ID:" is added, if it is inserted by the sender's mail server.
It can be used to track who sent a message from there. For normal e-mail
accounts, it gets added. For anonymous e-mail accounts, it can still be
added because it doesn't specifically reveal the sender. However, spammers
never want it added since: (1) They aren't going to punish themselves by
tracking the message-ID for a reported spam coming from their mail server;
and, (2) They aren't going to bother tracking their spewage, anyway.

If you keep a repository of spam messages, you'll find a high percentage of
them do not include the Message-ID header. When you look at the non-spam
messages, a high percentage of them *do* have a Message-ID header. So it is
a good indicator to further bias a threshold of determining what is and
isn't spam. However, listservers often do not include the Message-ID so you
have to whitelist any newsletters to which you subscribe.

I've also seen some tech support replies that didn't have a Message-ID
header; however, in most of those cases (for me), the "support" was a
contracted provider doing the support rather than the ISP or product maker
themself. My ISP is Comcast and they contract E-Care (it was some other
name just a few months ago) to provide some of their support, especially
when you use their web forms to request help. They don't include a
Message-ID header and so they incur further risk that their messages get
detected as spam. They also would pretend to be Comcast in the content of
their e-mails but Comcast didn't provide a relay through which to send their
messages so E-Care's messages looked like a scammer fraudulently pretending
to be Comcast because they were sending supposedly "Comcast" communications
from a domain other than comcast(.net|.com). If Comcast cannot trust them
enough to provide them with an authenticated relay to send their purported
"Comcast" messages so they come from a Comcast domain then I don't trust
them, either. There have been several tech support replies that I've
received that did not have a Message-ID header because they used an
automated system to issue their reply rather than compose it themself to use
their own mail server.

The absence of the Message-ID header is only a partial indicator that the
message may be spam. I used to have a rule that deleted e-mails without
this header but now I just move the suspect e-mails into the Junk folder
(which has auto-archive configured to permanently delete e-mails older than
2 days). For others, their statistics may vary as to the percentage of
e-mails they receive are spam that also have the Message-ID header missing.
In my repository of retained spam messages, there were something like 2 to 5
e-mails out of 760 (I don't have a big repository of spam) that had the
Message-ID header, so it was missing in the vast majority of the spam that I
have received. Those with larger spam repositories, like thousands if not
tens of thousands of spam, might provide a more accurate analysis of the
percentage of spam in which the Message-ID header does appear.

As mentioned, listservers (for newsletters or e-mail style forums) and some
automated tech support systems (especially those that spew out an automated
response to which you have to reply to get a real response) do not include
the Message-ID header. But obviously such messages wouldn't be in a spam
repository because they aren't spam. You solicited them, so you have to
whitelist them if you use a Message-ID rule.

According to RFC 2822, "Internet Message Format", the Message-ID is an
*optional* header; this header can appear zero or one times within the
message portion sent using the DATA command in SMTP. Most legit (i.e.,
non-spam) e-mails will have it. The domain to where you sent your message
has setup a rule that they will not accept e-mails in which the optional
Message-ID header is missing. So check with your ISP or whatever e-mail
service you use as to why they are omitting this header.
 
"Kevin Davies" said in news:[email protected]:
In emailing a small newsletter mostly within Australia I receive the
following message to a copy which goes to the UK -

Remote host said: 550-RFC2822 says you should have a Message-ID.
550 Most messages without it are spam, so your mail has been rejected.

My understanding of 'Message-ID' is very limited and I can find no
reference to it the properties of any SentMail (although it may well
exist)

Domestic newsletter copies are delivered OK. Current versions Outlook
and Word.

Suggestions ?

KD
Click to expand...

The "Message-ID:" is added, if it is inserted by the sender's mail server.
It can be used to track who sent a message from there. For normal e-mail
accounts, it gets added. For anonymous e-mail accounts, it can still be
added because it doesn't specifically reveal the sender. However, spammers
never want it added since: (1) They aren't going to punish themselves by
tracking the message-ID for a reported spam coming from their mail server;
and, (2) They aren't going to bother tracking their spewage, anyway.

If you keep a repository of spam messages, you'll find a high percentage of
them do not include the Message-ID header. When you look at the non-spam
messages, a high percentage of them *do* have a Message-ID header. So it is
a good indicator to further bias a threshold of determining what is and
isn't spam. However, listservers often do not include the Message-ID so you
have to whitelist any newsletters to which you subscribe.

I've also seen some tech support replies that didn't have a Message-ID
header; however, in most of those cases (for me), the "support" was a
contracted provider doing the support rather than the ISP or product maker
themself. My ISP is Comcast and they contract E-Care (it was some other
name just a few months ago) to provide some of their support, especially
when you use their web forms to request help. They don't include a
Message-ID header and so they incur further risk that their messages get
detected as spam. They also would pretend to be Comcast in the content of
their e-mails but Comcast didn't provide a relay through which to send their
messages so E-Care's messages looked like a scammer fraudulently pretending
to be Comcast because they were sending supposedly "Comcast" communications
from a domain other than comcast(.net|.com). If Comcast cannot trust them
enough to provide them with an authenticated relay to send their purported
"Comcast" messages so they come from a Comcast domain then I don't trust
them, either. There have been several tech support replies that I've
received that did not have a Message-ID header because they used an
automated system to issue their reply rather than compose it themself to use
their own mail server.

The absence of the Message-ID header is only a partial indicator that the
message may be spam. I used to have a rule that deleted e-mails without
this header but now I just move the suspect e-mails into the Junk folder
(which has auto-archive configured to permanently delete e-mails older than
2 days). For others, their statistics may vary as to the percentage of
e-mails they receive are spam that also have the Message-ID header missing.
In my repository of retained spam messages, there were something like 2 to 5
e-mails out of 760 (I don't have a big repository of spam) that had the
Message-ID header, so it was missing in the vast majority of the spam that I
have received. Those with larger spam repositories, like thousands if not
tens of thousands of spam, might provide a more accurate analysis of the
percentage of spam in which the Message-ID header does appear.

As mentioned, listservers (for newsletters or e-mail style forums) and some
automated tech support systems (especially those that spew out an automated
response to which you have to reply to get a real response) do not include
the Message-ID header. But obviously such messages wouldn't be in a spam
repository because they aren't spam. You solicited them, so you have to
whitelist them if you use a Message-ID rule.

According to RFC 2822, "Internet Message Format", the Message-ID is an
*optional* header; this header can appear zero or one times within the
message portion sent using the DATA command in SMTP. Most legit (i.e.,
non-spam) e-mails will have it. The domain to where you sent your message
has setup a rule that they will not accept e-mails in which the optional
Message-ID header is missing. So check with your ISP or whatever e-mail
service you use as to why they are omitting this header.
 
I have the very same problem since I "upgraded" to
Outlook 2003. At least one server we mail to all the
time now rejects mail sent to it as spam because of the
missing message-id. We use a novell SMTP server. It only
happens when the mail comes from a Outlook 2003 client.
(Outlook is non standard here and basically unspported)

Our IT guys want us to rolling back to Outlook XP which
worked fine (or abandon Outlook altogether). They don't
want to add anything to the server to help us out (even
if they knew how). Does anyone know if there is there
going to be a solution at the client level anytime soon?

Regards. Jim
 
"Kevin Davies" said in news:[email protected]:
Thank you. I have asked my ISP for comment. I do not expect he will
cooperate but I have now also noticed a comment on the issue at
http://www.slipstick.com/emo/2003/up031211.htm which also identifies
the problem as an issue which may involve Msoft.

KD
Click to expand...

True, Microsoft is a new participant in the problem starting with Outlook
2003 which no longer itself inserts the Message-ID header. In prior
versions of Outlook, it added the header. As a result, the mail server did
not have to add the header because it was already there. However, in other
RFCs and docs that I've scanned, the outbound mail server is supposed to
insert a Message-ID header if it is missing from the content sent by the
e-mail client. That is, the MUA (mail user agent; i.e., Outlook) can add
the Message-ID header, but if it does not then the MTA (mail transfer agent;
i.e., SMTP) is supposed to then add it.

So Microsoft omitting the Message-ID in the headers in Outlook 2003 has
caught many mail servers not doing their job.
 
I'm am experiencing the message-id problem with Outlook
2003 new install.

Have you resolved it, and if so what is needed?

Thanks

Al
 
Back
Top