‼️Critical LobeChat Mailserver Config Issues: Mails from …@lobechat.com are DELETED by Mail-Servers

[schittli]

Good afternoon,

As you may know, major email providers such as Microsoft have significantly tightened their guidelines for mail servers that send emails to e.g. Microsoft servers, in order to protect customers against phishing 😍.

Because the Lobechat Mail / DNS-Server have critical configuration errors 😞, E-Mails from ...@lobechat.com sent to e.g. Microsoft will be immediately deleted, so they do not reach the user's spam folder at all.

👌 The critical errors in the LobeChat mail server DNS records can be seen here:

https://mxtoolbox.com/emailhealth/lobechat.com/
The following records are missing: SPF, DMARC, and MX records.

😞 BTW: A login-link via email is extremely insecure and grossly negligent

• If one wants to protect customers, companies set up multi-factor authentication.
• Lobechat takes the opposite approach and even removes the password, so that any hacker who gains access to a mailbox can also access Lobechat customers' accounts completely anonymously: Lobechat users don't even notice that their account has been hacked.
• The fact that mailboxes are not secure is demonstrated by https://haveibeenpwned.com/ and the darknet with millions of access data.

Best regards,
Thomas

[lobehubbot]

@cy948 @arvinxx - High priority authentication and email infrastructure issue. Email server DNS configuration is missing SPF, DMARC, and MX records, causing emails from @lobechat.com to be deleted by major providers like Microsoft. This affects passwordless email login functionality.