Web lists-archives.com

Re: Upcoming change to mail infrastructure -> SPF still broken




On Wed, Jul 4, 2018 at 10:52 PM, Reindl Harald <h.reindl@xxxxxxxxxxxxx> wrote:
>
>
> Am 04.07.2018 um 12:38 schrieb Ben Cooksley:
>> On Wed, Jul 4, 2018 at 10:30 AM, Reindl Harald <h.reindl@xxxxxxxxxxxxx> wrote:
>>> did you also notice and fix the long outstanding bugzilla SPF problems
>>> within your own infrastructure before make checks even sharper?
>>>
>>> https://bugs.kde.org/show_bug.cgi?id=392685
>>>
>>> there are at leat *three* problems:
>>> * the notify mails have the envelope-sender of the reoprter
>>> * postbox.kde.org don't skip SPF checks from bluemchen.kde.org
>>> * the SPF can not match because bluemchen.kde.org is not
>>>   in the reporters SPF
>>> * finally you send backscatter-bounces for each and every
>>>   mail back to the reporter that the notify to the others
>>>   was rejected by postbox.kde.org and so reports don't get attention
>>> ----------------
>>> * don't use reporters enevlope sender to begin with
>>> * don't SPF check inbound mail within the own infrastructure
>>> * don't backscatter to the innocent reporter
>>> ----------------
>>> <kde-bugs-dist@xxxxxxx>: host postbox.kde.org[46.4.96.248] said: 550
>>> 5.7.23 <kde-bugs-dist@xxxxxxx>: Recipient address rejected: Message
>>> rejected due to: SPF fail - not authorized. Please see
>>> http://www.openspf.net/Why?s=mfrom;id=lists@xxxxxxxxxx;ip=208.118.235.41
>>
>> I'd be curious to know when you observed that, as I can find no trace
>> of such a message being carried by Bluemchen in recent times for that
>> address aside from one which was successfully delivered to you on Jun
>> 29 at 17:14:37 UTC
>
> NOW!
>
> https://bugs.kde.org/show_bug.cgi?id=392685#c1

Please refrain from further use of exclamation marks, as it isn't
helping matters.

Also, note that you've never reported this issue in the past, so from
my perspective this is entirely new, regardless of how it may be known
from your side (and your bug report was posted less than 24 hours ago)

>
> "such a message being carried by Bluemchen in recent times for that
> address aside from one which was successfully delivered to you on Jun 29
> at 17:14:37 UTC" - yeah - when somebody *else* makes a comment i get
> that notify but when i write a brugreport or comment a get that damned
> backscatters below

I've checked our logs and have identified a bug in Bugzilla which is
responsible for this issue, and believe I now have the appropriate
information now to reproduce and resolve the issue. Due to the nature
of the issue it may take a few days before we can deploy a fix for
this problem.

This bug only affects a very limited number of users on our
installation of Bugzilla. As this issue already exists, and won't be
changed by the switch to Letterbox this issue will be treated
separately and won't prevent us from initiating the switchover to
Letterbox.

Regards,
Ben Cooksley
KDE Sysadmin

>
> -------- Weitergeleitete Nachricht --------
> Betreff: Undelivered Mail Returned to Sender
> Datum: Wed,  4 Jul 2018 06:47:52 -0400 (EDT)
> Von: Mail Delivery System <MAILER-DAEMON@xxxxxxxxxxxxxxxxx>
> An: lists@xxxxxxxxxx
>
> This is the mail system at host bluemchen.kde.org.
>
> I'm sorry to have to inform you that your message could not
> be delivered to one or more recipients. It's attached below.
>
> For further assistance, please send mail to postmaster.
>
> If you do so, please include this problem report. You can
> delete your own text from the attached returned message.
>
>                    The mail system
>
> <sheedy@xxxxxxx>: host postbox.kde.org[2a01:4f8:140:8302::4] said: 550
> 5.7.23 <sheedy@xxxxxxx>: Recipient address rejected: Message rejected
> due to: SPF fail - not authorized. Please see
> http://www.openspf.net/Why?s=mfrom;id=lists@xxxxxxxxxx
> ip=2001:4830:134:8::100;r=<UNKNOWN> (in reply to RCPT TO command)
>
>
> -------- Weitergeleitete Nachricht --------
> Betreff: Undelivered Mail Returned to Sender
> Datum: Wed,  4 Jul 2018 06:47:52 -0400 (EDT)
> Von: Mail Delivery System <MAILER-DAEMON@xxxxxxxxxxxxxxxxx>
> An: lists@xxxxxxxxxx
>
> This is the mail system at host bluemchen.kde.org.
>
> I'm sorry to have to inform you that your message could not
> be delivered to one or more recipients. It's attached below.
>
> For further assistance, please send mail to postmaster.
>
> If you do so, please include this problem report. You can
> delete your own text from the attached returned message.
>
>                    The mail system
>
> <sysadmin@xxxxxxx>: host postbox.kde.org[2a01:4f8:140:8302::4] said: 550
> 5.7.23 <sysadmin@xxxxxxx>: Recipient address rejected: Message rejected
> due to: SPF fail - not authorized. Please see
> http://www.openspf.net/Why?s=mfrom;id=lists@xxxxxxxxxx;ip=2001:4830:134:8::100;r=<UNKNOWN>
> (in reply to RCPT TO command)
>
>
> -------- Weitergeleitete Nachricht --------
> Betreff: Undelivered Mail Returned to Sender
> Datum: Wed,  4 Jul 2018 06:47:52 -0400 (EDT)
> Von: Mail Delivery System <MAILER-DAEMON@xxxxxxxxxxxxxxxxx>
> An: lists@xxxxxxxxxx
>
> This is the mail system at host bluemchen.kde.org.
>
> I'm sorry to have to inform you that your message could not
> be delivered to one or more recipients. It's attached below.
>
> For further assistance, please send mail to postmaster.
>
> If you do so, please include this problem report. You can
> delete your own text from the attached returned message.
>
>                    The mail system
>
> <kde-bugs-dist@xxxxxxx>: host postbox.kde.org[2a01:4f8:140:8302::4]
> said: 550 5.7.23 <kde-bugs-dist@xxxxxxx>: Recipient address rejected:
> Message rejected due to: SPF fail - not authorized. Please see
> http://www.openspf.net/Why?s=mfrom;id=lists@xxxxxxxxxx;ip=2001:4830:134:8::100;r=<UNKNOWN>
> (in reply to RCPT TO command)