changes to email forwarding

stacyspiva · stacyspiva · commit 0451202efad2 · 2021-04-22T15:49:45.000-07:00
diff --git a/docs/programs/email-forwarding.md b/docs/programs/email-forwarding.md
@@ -27,7 +27,7 @@ When a hacker discovers a vulnerability and sends their finding in an email to s
 
 5. You will then be notified of a new vulnerability submitted by the hacker in your inbox where you can use the platform tools to comment, triage, and pay bounties.
 
-### Set Up
+### Setup
 
 To set up email forwarding in HackerOne:
 1. Go to **Settings > Program > Hacker Management > Email Forwarding**.
@@ -50,3 +50,28 @@ To set up email forwarding in HackerOne:
 ><i>Note: You can add multiple email addresses to forward to the same inbox.</i>
 
 ![email-forwarding-9](./images/email-forwarding-9.png)
+
+### Setup Issues
+If you're running into problems setting up email forwarding using the steps above, it could be because several security checks that are inherent to the email protocol could be violated and are preventing the email from being successfully processed by HackerOne.
+
+Here are some common problems and solutions users run into when setting up email forwarding:
+
+Issue | Solution
+----- | --------
+You're using Gmail as an email provider and the confirmation code hasn't been entered. | In setting up email forwarding for Gmail, you need to enter a confirmation code that is sent to the email address you want to forward emails to. Because you don't have access to the inbox generated by HackerOne, you'll need to contact HackerOne to get the confirmation code to finalize the setup in your Gmail account.
+You manually created a forwarding rule yourself instead following [these setup instructions](email-forwarding.html#set-up). When you manually create your own forwarding rule, this creates a new email object that doesn't contain the *H1-Forwarding-Nonce* header that HackerOne requires to verify the setup. | Please follow the setup instructions [above](email-forwarding.html#set-up) and also be sure to follow the instructions for the forwarding functionality of your email provider. 
+The *To* field is incorrect. This causes SPF and DKIM checks to fail, which means that HackerOne won't receive the forwarded email. | Make sure the *To* field matches the one you entered in step 3 [above](email-forwarding.html#set-up), and be sure to follow the instructions for the forwarding functionality of your email provider.
+
+Here's an example of what your email headers should look when email forwarding is set up correctly:
+
+Header | Value
+------ | ------
+To | security@example.com
+From | "Reporter" <example@reporter.com>
+Return-Path | example@reporter.com
+Delivered-To | security@example.com
+Received-SPF | pass(*)
+DKIM-Signature | v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=hsbnp7p3ensaochzwyq5wwmceodymuwv;d=server.com; t=12738181; h=Date:From:To:Message-1 D:Subject:Mime-Version:Content-Type:Content-Transfer-Encoding:Feedback-ID; bh=2jh40/jnKOZNNY68AJSDID8IUovd714123JJzgOVWqFX4Q=; b=JASIOSD+89jYRJsmqDIEA621Xkz1cpHba6xikYasjid8JJoc KAidKMZ/O1VV/+LBI19tGajKAID882Lx8/CSAXMMiKlamK+ac+rOfqQKDIA88INOL /FBpVYM4nLOLLIPOPwxNrlvPWoouHw9kdDq171/dUs YO7E=
+X-Forwarded-To | security-9beOakdka99397e@forwarding.hackerone.com
+X-Forwarded-For | security@example.com security-9beOakdka 99397e@forwarding.hackerone.com
+H1-Forwarding-Nonce | 2a032918391e46cf7687e62ec42423ea3
