Score:0

Is Gmail removing "Received" in headers?

in flag

I added my professional email to my gmail account as POP3 and set it as default for sending emails. Strangely, when sending emails to other emails like hotmail, or even by using tools like mail-tester or mailgenius, for each of them I see in headers something like that :

Gmail to Hotmail

Received: from server1 by server2 with esmtps
Received: from google-server by server2
Received: by google-server

But somehow, when I send an email to another gmail account, the first "Received" is different...

Gmail to Gmail

Received: from server2 by server2 with LMTP id wGSgNXg5bGIpwQEAIcWi0g
Received: from google-server by server2
Received: by google-server

Notice esmtps was replaced by LMTP with some ID, and server1 is not there anymore.

How is this possible and how can I fix this? I need that server1 for SPF check.

More detailed - Gmail to Hotmail

Received: from nwpro1.fcomet.com ([172.104.22.223])
    by mx36.antispamcloud.com with esmtps (TLSv1.3:TLS_AES_256_GCM_SHA384:256)
    (Exim 4.92)
    (envelope-from <[email protected]>)
    id 1nk4co-0007F6-CK
    for [email protected]; Thu, 28 Apr 2022 15:56:08 +0200
Received: from mail-vs1-f52.google.com ([209.85.217.52]:42929)
    by nwpro1.fcomet.com with esmtpsa  (TLS1.3) tls TLS_AES_128_GCM_SHA256
    (Exim 4.94.2)
    (envelope-from <[email protected]>)
    id 1nk4c9-00BNxm-QH
    for [email protected]; Thu, 28 Apr 2022 09:55:23 -0400
Received: by mail-vs1-f52.google.com with SMTP id i186so4660856vsc.9
    for <[email protected]>; Thu, 28 Apr 2022 06:55:23 -0700 (PDT)

More detailed - Gmail to Gmail

Received: from nwpro1.fcomet.com 
    by nwpro1.fcomet.com with LMTP id wGSgNXg5bGIpwQEAIcWi0g 
    (envelope-from <[email protected]>) 
    for <[email protected]>; Fri, 29 Apr 2022 15:16:08 -0400
Received: from mail-ed1-f52.google.com ([209.85.208.52]:37606) 
    by nwpro1.fcomet.com with esmtpsa (TLS1.3) tls TLS_AES_128_GCM_SHA256
    (Exim 4.94.2)
    (envelope-from <[email protected]>) id 1nkW67-000XKe-6M 
    for [email protected]; Fri, 29 Apr 2022 15:16:08 -0400
Received: by mail-ed1-f52.google.com with SMTP id k27so10117156edk.4
    for <[email protected]>; Fri, 29 Apr 2022 12:16:08 -0700 (PDT)
Score:1
co flag

The esmtps is a secure version of the extended smtp protocol, the LMTP protocol you're seeing in the second request is because that request is more local (e.g., from the same server).

You probably wouldn't ever see that esmtps if its not even leaving the host.

Some more information about the situation may help, ie, sending from hotmail to gmail got this or from gmail to gmail got this. :)

I appreciate the edit to the question, but I am not sure if that helps. The sources haven't really changed, and I am not sure that this is the true header.

All the headers I found are like this:
Received: by filterdrecv-75d94df84d-wmwh2 with SMTP id filterdrecv-75d94df84d-wmwh2-1-626C6700-1A
        2022-04-29 22:30:24.062932892 +0000 UTC m=+1989919.691835974
Received: from MjIyOTcyNTI (unknown)

Sources:

ESMTP (minus s, as that is ssl)
https://help.returnpath.com/hc/en-us/articles/220564347-What-is-Extended-Simple-Mail-Transfer-Protocol-ESMTP-
SMTP
https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol
LMTP
https://en.wikipedia.org/wiki/Local_Mail_Transfer_Protocol
anthomaxcool avatar
in flag
Thank you for the explanation for the 2 protocoles. I edited the question for a better comprehension of the problem!
anthomaxcool avatar
in flag
The sources haven't really changed, but the source I need (antispamcloud) just vanished.. It was replaced by the other source... Does LMTP does this? The only thing I changed from the header (beside removing what isn't part of "Received") is the email. Everything else is as it is in the headers I'm seeing.
cengbrecht avatar
co flag
Where is your DNS hosted? Google likes to bypass some lookups in favour of their own. The antispam header may be getting bypassed rather than removed. Sorry walked away to supper. :-)
cengbrecht avatar
co flag
Hmmm, on further reading (I'm not at my main comp) the sent server is the same but the middle referrer is different, I think because Google knows it's not sending to a different location, it was able to skip the middle man.
cengbrecht avatar
co flag
Have you tried sending from that pop account in Gmail to another service, ie proton mail or something? And looking at the referrers?
cengbrecht avatar
co flag
LMTP just means that google know it's sending to google and said, why leave the house, we can deliver this to ourselves. :-)
anthomaxcool avatar
in flag
DNS is hosted on "fast comet". After testing, it seems that sending from gmail to fast comet (before bringing into gmail with pop3), the header is the same as it is in gmail... antispamcloud header is missing. So probably that it's the host provider doing exactly what you said.. he doesn't need to pass through antispamcloud because it's sending to itself. I'll try to contact them and fix this issue. In the meantime, I'll accept this answer since it's most likely what's going on!
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.