Hey there,
I noticed there are a lot of threads regarding the confirmation email not making its way through to the users mailbox. Since I run my own mailserver, I did a little digging into why this is the case, in an attempt to help (hopefully) solve this problem for future users.
Here’s the result of why rspamd, which I assume is being used by almost every email provider that isn’t Google/Microsoft/etc, rejected the email in my case:
As you can see, most things are configured properly and the email isn’t blocked due to SPF, DKIM, IP reputation or DMARC, so good job there!
The biggest offenders causing this email to be rejected are FUZZY_DENIED and BAYES_SPAM:
BAYES_SPAMseems to analyze the message content, concluding that the text itself is considered suspicious. Just a theory, but this might be because the email contains three links with relatively little text. Furthermore, the link is very long with high entropy (random characters). Add to that the special characters used by Markdown, and I can see why a machine might consider this to be “noisy.”FUZZY_DENIEDchecks public sources (depending on what’s configured - in my case it’s the mailcow defaultfuzzy.mailcow.email:11445) against “known spam hashes”.
This leads me to believe that rewriting the email template should resolve this issue once and for all. Maybe drop the Markdown usage in the plaintext version and replace both the plaintext and HTML version with something that closely resembles an average “please confirm your email” message. Possibly even reduce the length of the email verification token, but that’s probably not necessary.
To add further credibility to the message text being the culprit: After several failed attempts at increasing the spam filter level on my side, I gave up and switched to my gmail email address which forwards all emails to my local mailserver. This usually works fine, but even that forwarded email coming from gmail itself was rejected by my mailserver, again because of the metrics shown above. I therefore highly suspect that for some reason the text used in that email has made its way onto (many often used) fuzzy servers, causing it to get rejected constantly.