Not receiving reset password email

Hello, OJS users aren’t receiving reset password email. Other emails are being sent by the system normally.
Both “password reset” and “password reset confirm” templates are checked and properly configured.
I’ll be very grateful for any help with this issue
Best regards,
Uriel

Hi @uricuki,

Very often such emails come to the spam mail folder. Have you checked there?

Regards, Primož

Thank you Primož!
This is not the case, I’ve already checked the spam folder and haven’t found any email from the system there.
Any other idea??
Best regards,
Uriel

Hi @uricuki,

Maybe you have problems with wrong emails or DMARC policy or something like that. In that case the emails are not deferred and you could get info about that if you set up a Bounce Address. Do you have that?

Regards, Primož

Thank you @primozs
Wrong emails is not a problem and, neither DMARC policies. Can you tell me more about how to setup a Bounce Address? Are you suggesting me to setup an account in the OJS with a wrong email address in order to see if it bounces back? If this is the case, how or where will I find the bounce message?
Thank you again and best regards,
Uriel

Hi @uricuki

To setup bounce email address is very easy, go to: Setting-Worflow-Emails and there you see a field Bounce Address. Type whatever email you want there and all bounced emails will be forwarded to that email.

Regards, Primož

@primozs
Whenever registered users try to reset the password, I receive the email with the error message as below. All other emails are working properly.

Can you please help me to resolve this issue.
Regards,

Hi @seisense,

Just read the message: It says the email has been treated like a spam and not delivered. You should talk with the admin of you email server I guess.

Regards, Primoz

I talked to my host, but they are of no clue and suggested the email is working perfectly alright and no problem on their end.

All other emails are going to the authors. Only “Password Reset email” is treated as SPAM and get the error message. And I have noticed it happens on all types of emails i.e google, hotmail or company email addresses.

I ll try again to establish a case and check with my host.
Thanks

@primozs @ctgraham @asmecher

Once again, I am told by the host that emails are functioning properly on their end. But, my journal users are still experiencing the problem in reset password issue. Any steps/configuration if you can suggest which I need to check. Or If I need to pursue my case with the host, what exactly, I should tell them to check.
Remember its only the “Password Reset email” which is bouncing and author’s are not receiving at all.
Thanks and looking forward an expert opinion.
Regards

Hi @seisense,

Just show the message above to the admins and let them fix it.

Regards, Primož

I think we would need to know why this message is being flagged as spam. This will be difficult to determine without more information than you’ve currently provided.

One pre-check would be to verify your SPF records. They are currently published as:
https://mxtoolbox.com/SuperTool.aspx?action=spf%3Ajournal.seisense.com&run=toolpage

What is your current mail configuration in config.inc.php? Are you using the PHP mail() function, or have you enabled SMTP? If SMTP, what SMTP server are you using?

Thanks, @ctgraham for your input.

In fact, I never played with email settings in config.inc.php file (it’s all because I have a little knowledge of customization). So, I am happy with most of the default settings. Find below the email settings from my config.inc.php file.

[email]

; Use SMTP for sending mail instead of mail()
; smtp = On

; SMTP server settings
; smtp_server = mail.example.com
; smtp_port = 25

; Enable SMTP authentication
; Supported mechanisms: ssl, tls
; smtp_auth = ssl
; smtp_username = username
; smtp_password = password

; Allow envelope sender to be specified
; (may not be possible with some server configurations)
; allow_envelope_sender = Off

; Default envelope sender to use if none is specified elsewhere
; default_envelope_sender = my_address@my_host.com

; Force the default envelope sender (if present)
; This is useful if setting up a site-wide no-reply address
; The reply-to field will be set with the reply-to or from address.
; force_default_envelope_sender = Off

; Force a DMARC compliant from header (RFC5322.From)
; If any of your users have email addresses in domains not under your control
; you may need to set this to be compliant with DMARC policies published by
; those 3rd party domains.
; Setting this will move the users address into the reply-to field and the
; from field wil be rewritten with the default_envelope_sender.
; To use this you must set force_default_enveloper_sender = On and
; default_envelope_sender must be set to a valid address in a domain you own.
; force_dmarc_compliant_from = Off

; The display name to use with a DMARC compliant from header
; By default the DMARC compliant from will have an empty name but this can
; be changed by adding a text here.
; You can use ‘%n’ to insert the users name from the original from header
; and ‘%s’ to insert the localized sitename.
; dmarc_compliant_from_displayname = ‘%n via %s’

; Amount of time required between attempts to send non-editorial emails
; in seconds. This can be used to help prevent email relaying via OJS.
time_between_emails = 3600

; Maximum number of recipients that can be included in a single email
; (either as To:, Cc:, or Bcc: addresses) for a non-privileged user
max_recipients = 10

; If enabled, email addresses must be validated before login is possible.
require_validation = Off

; Maximum number of days before an unvalidated account expires and is deleted
validation_timeout = 14

Is this of any clue to my problem?
Thanks

This will mean that you are using the PHP mail() function for sending email. If your journal is running on journal.seisense.com, presumably the sending IP is 204.93.177.103, and this matches one of the allowed IPs in your SPF: v=spf1 +mx +a +ip4:204.93.177.103 +ip4:204.93.248.177 -all.

This means Google should validate senders when the sender’s address ends in @journal.seisense.com, as your example above (if Google actually received the message).

What was the sending address behind the name “Mail Delivery System” in your failure message?

This is what it shows behind the Mail Delivery System:

nsresponse.com is the server which your server (journal.seisense.com) is using as the first hop in the sending the message. (See the first Received line below “---- This is a copy of your message…”)

That means that nsresponse.com is the server which is rejecting this message. Is this your hosting provider? Forward the rejection message to them and ask for details on why exactly this specific message (and other like it) are being flagged as spam and rejected.

Thanks for deep analysis and helping me out. I am forwarding the screenshot to host. Let’s see how are they going to respond. Meanwhile, I have received a reply from the host of my previous query where I told them to enable my DKIM and SPF:

" Thank you for the update.

The SPF and DKIM records are already enabled for your account, please have a look:

====================================================================================
journal.seisense.com. 14400 IN TXT “v=spf1 +mx +a +ip4:204.93.177.103 +ip4:204.93.248.177 -all”

You may also verify this at cPanel >> Email Deliverability.

The problem is that your contact form uses the email address that a person inserts in the “Registered user’s email” box to send a message with the new password. This shouldn’t be like that as your contact form should use an email address (created in your cPanel) to send email notifications

We recommend you to double-check the settings in your script and make sure that it uses a proper SMTP authentication to send email notifications."

This concern will certainly be the case with other messages which do not come from a user @journal.seisense.com. SPF and DMARC rule require that servers only send email “from” trusted senders. For other messages, you will want to investigate the options:

; allow_envelope_sender = Off

; Default envelope sender to use if none is specified elsewhere
; default_envelope_sender = my_address@my_host.com

; Force the default envelope sender (if present)
; This is useful if setting up a site-wide no-reply address
; The reply-to field will be set with the reply-to or from address.
; force_default_envelope_sender = Off

; Force a DMARC compliant from header (RFC5322.From)
; If any of your users have email addresses in domains not under your control
; you may need to set this to be compliant with DMARC policies published by
; those 3rd party domains.
; Setting this will move the users address into the reply-to field and the
; from field wil be rewritten with the default_envelope_sender.
; To use this you must set force_default_enveloper_sender = On and
; default_envelope_sender must be set to a valid address in a domain you own.
; force_dmarc_compliant_from = Off

These will send all messages from a @journal.seisense.com address you select.

This password reset message, however, appear to already come from jom@journal.seisense.com. Unless there are other SMTP headers not shown, or unless server policy is blocking this email because of the other emails, there is some other factor triggering this nondeliverable notification.

Hi @ctgraham
The problem started only with the upgrade of OJS 3.1.1.4 to 3.1.2 which I did only 5 days ago. Now, I noticed, its not only the password reset email rather all types of notifications i.e submission acknowledgement, submission decision, and even copyeditor discussion with author is not delivered to the authors.
There was no issue before the upgrade related to the emails.
I have no clue what to look at. Your guideline and what should I look at are highly appreciated.
Thanks and Regards,

After a whole long day of efforts, email started working now. I highly praised @ctgraham for offering his insights and @primozs for your help.
Thanks