Page MenuHomePhorge

Phabricator doesn't email @outlook.com addresses
Open, Needs TriagePublic

Description

Phabricator doesn't email

@outlook.com

addresses, and for instances where email verification is required, it locks them out.

Event Timeline

Do you have any additional repro steps? Mail config will be specific to the Phab/Phorge install. If this is specific to our Phorge installation, yeah... it's sucky. We self-host our email server and that means we're subject to all of the arcane and mystic requirements there. As far as we can tell, it's set up as correctly as is possible (SPF, DKIM, DMARC all configured correctly; domain is old enough that it doesn't negatively impact our trust scores; etc.). (A current spam test result for reference.)

Unfortunately, outlook.com emails have not historically played nice with our setup. Short of migrating to a managed email service, this is probably going to remain an issue on this instance for a while.

Manual verification is always possible, however. A user with ssh access to the server or VM hosting the Phorge instance can always ./bin/auth verify <user@example.com> to work around the issue.

I can confirm as well that I have never received an email from phorge / phabricator on my email which isn't "outlook.com" but is an office 365 email account

This is likely related more to the configuration of the email server. Outlook is very picky, and as far as I know, checks the headers for all of the following:

  • Proper SSL certificates on the email domain
  • Email sent from same domain as reported by the email server configuration
  • Sent via authorized SMTP account
  • DKIM keys
  • SPF (actually, not sure, but it's easy to add while adding DKIM)

We had a similar issue with Microsoft email on our own custom mail server. Microsoft delivers mail for several domains from the same email service, so this similarly affects email from outlook.com, hotmail.com, live.com and msn.com. See https://postmaster.live.com/pm/policies.aspx for details.

The way we cleared the issue was ultimately to email their delivery team and get them to unblock our mail server in addition to doing all the steps on their policy page (which are roughly in line with what you would do to setup a legitimate email server regardless). I don't believe this is a phorge/phabricator issue.