Chatmail messages are bounced by iCloud mail (sometimes)

[Amzd]

• Operating System (Linux/Mac/Windows/iOS/Android): iOS 16
• Delta Chat Version: v1.48.1
• Expected behavior: emails can be sent to iCloud email provider
• Actual behavior:
  sometimes emails are bounced with host mx02.mail.icloud.com[17.57.155.25] said: 554 5.7.1 [CS01] Message rejected due to local policy. Please visit https://support.apple.com/en-us/HT204137 (in reply to end of DATA command)
• Steps to reproduce the problem: send 5 emails to an icloud email. (If you don't have one, use [email protected]) See some of them get bounced.
• Screenshots:
  
• Logs:

Sent: 2024.10.17 15:28:19 by Me ([email protected])
State: Failed, Encrypted
Error: Undelivered Mail Returned to Sender – This is the mail system at host nine.testrun.org.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

                   The mail system

<[email protected]>: host mx02.mail.icloud.com[17.57.155.25] said: 554
    5.7.1 [CS01] Message rejected due to local policy. Please visit
    https://support.apple.com/en-us/HT204137 (in reply to end of DATA command)
Message-ID: 8ykRs2Ko7ibw834AQ6rI4ACV@localhost
</INBOX/;UID=77>

I contacted Apple support about this (because I pay for the email provider and am not receiving emails) and they said that it's probably the headers that are sent but they can't fix it on the consumer side and that I should contact [email protected] and sync with them why exactly these mails are bounced. I hoped someone with more knowledge of how chatmail (or email in general) works could contact them to pin point why chatmail is sometimes not received by iCloud mail.

[hpk42]

No answer yet from icloudadmin ? Can you paste/screenshot the mail to them?

[missytake]

here, I also took [email protected] in CC, the chat is called [sysadmin] Undelivered Mail Returned to Sender:

Hello 🙂

one of our users (the mail server is https://nine.testrun.org/) reports that they can't send legitimate messages to iCloud users. They used the Delta Chat app as MUA. I managed to reproduce the problem, here an attached mailer daemon error (including the rejected message) and a screenshot of how it looks in the app. Can you look into the matter?

Best regards,

Nami from the testrun.org team

[Amzd]

Any update? Otherwise I will contact support again.

[missytake]

They didn't get back at all... I didn't even get an issue number assigned or anything. I sent the report on 02.11.24 17:47 as missytake%systemli.org if you want to refer to it in the report.

[Amzd]

I contacted Apple Support again and they basically (with not so many words) said that they can't just tell me what about our emails are blocked by Apple because they believe we are spammers and they don't want us to be able to circumvent their "protections"

I think there is some more investigating we can do though because I either got very lucky or the desktop client can send more reliable than iOS to an iCloud mailbox

[link2xt]

@Amzd Which core version do you have on iOS and on Desktop during testing?

[Amzd]

iOS v1.52.2 works sometimes, sometimes not

Desktop (macOS) 1.46.8 with core v1.142.12 works reliably afaict

[link2xt]

Ok, 1.52.2 is core 1.155.2, so need to check what changed between core 1.142.12 and 1.155.2

Some changes are #5983 (hiding display name more?), #5986 (more random message-ids) in core 1.144.0.

Could you look at the actual messages from desktop and see if display name is in the From header and if Message-Id looks significantly different? Maybe they are unhappy about display names, maybe about the lack of any dots in Message-Id.

We want to completely protect the To field eventually, this will probably trigger all sort of spam filters.

[Amzd]

I only know how to check headers of delivered messages so idk how useful this is but:

Desktop

• Message-ID: <Mr.RRIL8Qu5qGq.ri788JyeMtn@localhost>

iOS (one that came through)

• Message-ID: <-LEUNO47CHrblxWHUZrM4Ccu@localhost>

From header is the same

[link2xt]

And To header?

[Amzd]

Exact same

[link2xt]

So I don't know, maybe they have a very dumb check that Message-ID does not contain any dots, and are somehow happy with dots that appear before @.

[Amzd]

I had to update my desktop client because it no longer connected with nine.testrun.org but I tested some more with the latest core and I think maybe it comes through when there is a hyphen in the ID?

eg 8Nf7bQeSew78gw7bb3tH7feh@localhost is blocked but N-RYpLDc6inmA4RVWMFx3f5a@localhost worked.

It doesn't make much sense tbh but that is the only consistency I've found so far.

even Fjxp_StXweamDcP5c15ghJrK@localhost got blocked so it is not just any symbol.

[link2xt]

Apple Mail uses [email protected] (with a real domain instead of localhost, but we don't want to leak this), so we can try to generate lowercase UUIDs in the core and mimic Apple Mail if hyphens make icloud happy.

[link2xt]

I made a core PR #6546

[link2xt]

Here someone thinks iCloud is picky about the Message-ID too: minosiants/pencil#57

[Amzd]

Here too https://discussions.apple.com/thread/8065989 (2017)

[Amzd]

#6546 works

Before (random)	After (always arrives)

Very embarrassing for Apple that their mail support wasn't able to let us know why their system failed but at least we figured it out.