About a month ago, Gmail/Gsuite started rejecting the passphrase recovery (and account expiration) messages citing DMARC policy (we have 100% reject). I opened a ticket with Broadcom about adding a return-path value. Broadcom tech support responded, "And we will not be able to set/force any value into return path for the recovery message."
After much back and forth, I was provided this article to try and change the default From:
pgp-universal-admin@domain.com with a valid email address.
https://knowledge.broadcom.com/external/article/154712/change-the-sending-address-used-by-messa.htmlSpecifically I only performed the 3rd example:
sed -i 's|<email-from-address>pgp-universal-admin</email-from-address>|<email-from-address>encryption.admin</email-from-address>|' /etc/ovid/prefs.xmlpgpsysconf --restart pgpuniversal
Well not only did it change the From address, it also added a value into the Return-Path! Now the passphrases recovery messages are delivering successfully. Hope this helps someone else.
Original Message:
Sent: 09-10-2020 05:16 PM
From: Bradley Baker
Subject: SEMS user passphrase reset email does not contain a Return-Path
Many mail systems will reject or delete the automated user passphrase recovery email due to the return path being blank. Others, such as Gmail, automatically place the email in Spam. Either way, the user has to contact us for additional instruction or manual passphrase resets. All other messages sent from SEMS include a return path. Is there a way to force a value into return path for the recovery message?