Update: this seems to be related to the PHPMailer security patch we deployed way back in late December. That one filters the sender address, and only sets the command line option if the address is shell-safe.

We use two different VERP formats:

• When CiviMail records are on, we use Civi's native format, which points to the record in the civicrm_mailing_event_queue table
• When we're not creating CiviMail records, we use qmail-style verp, e.g. recipient=example.com@donate.wikimedia.org

The qmail-style verp is not deemed to be shell safe, due to the '=' sign, so newer versions of PHPMailer do not include the command-line switch to set the sender when we're using that format. They try to get the same effect by doing an init_set of sendmail_from, but that seems not to work.

For now, I've turned CiviMail records back on, but we'll have to watch TY mail lag times.

Does anyone know what is reading the qmail style VERP records from the bounce mailbox? There's a CiviCRM bounce processor, but that only uses the native Civi VERP addresses.

@Ejegg I parsed civi mail logs going back to 7/12 when this changed and there appear to be only ~120 deliveries that failed because of the funky envelope sender, I put those in a file in your homedir on frpm1001 named 20171003-bounced_civi_mail_addresses.

Thanks @Jgreen, I'll turn those into a list of donations.

@MBeat33, these are donors who didn't get their thank you letter because of a glitch in our outgoing mail address. If I put the 'Unrecorded Charge' tag on the donations and erase the thank_you_date, they'll get letters with this extra paragraph:

"We recently resolved a technical issue which caused a small number of donors to not receive a confirmation of their donation. Please accept this email as a thank you for your donation on [date]. We truly appreciate your patience and your support, and please feel free to email donate@wikimedia.org if you have any questions."

Does that sound good?

That looks perfect, @Ejegg thank you for the followup.

OK, these are all re-sent