Opened 4 years ago
Last modified 3 years ago
#2475 closed task
OSGeo mail server on DNS blocklist — at Version 25
| Reported by: | Jeff McKenna | Owned by: | jsanz |
|---|---|---|---|
| Priority: | critical | Milestone: | Unplanned |
| Component: | SysAdmin/Mailman | Keywords: | mailman |
| Cc: |
Description (last modified by )
I noticed that on June 17th I stopped receiving all OSGeo mails from all OSGeo mailing lists (I must be on over 200 lists). Zero since June 17th.
(someone somewhere must be laughing at this though, as one of the only mails to still make it to me are from the geoserver-devel list, as it is of course through SourceForge, ha, someone must be laughing at how ironic that is for me)
I realize that this must be regarding my own email host/provider. I have checked the osgeo6 mail logs, and the logs are littered with entries similar to:
Jun 22 06:05:49 osgeo6 postfix/smtp[14162]: 887506143EA5: to=<jmckenna@gatewaygeomatics.com>, relay=mailroot3.namespro.ca[169.55.177.75]:25, delay=2.9, delays=0.1/1.8/0.43/0.58, dsn=5.0.0, status=bounced (host mailroot3.namespro.ca[169.55.177.75] said: 554 The IP address of the sender (140.211.15.3) was found in a DNS blacklist database and was therefore refused. (in reply to RCPT TO command))
I have contacted my email provider, and will file a request to remove the blocklist ban on the OSGeo6 mail server (140.211.15.3).
I guess this ticket has not much to do with OSGeo-SAC, but maybe someday someone else out there will face something similar, and this ticket's archive may help someone.
I'll update this ticket when the DNS blacklist entry is removed.
Short story: I'm now an expert on recent GeoServer activity :)
Change History (25)
comment:2 by , 4 years ago
update: Barracuda has removed the blocklist entry, for 48 hours as they investigate. Will keep you posted here on the response (especially as this ban affects many users, as I see in the log entries on the server).
comment:3 by , 4 years ago
update: reports from the QGIS community on others not receiving emails for a few days (likely the same June 17th day). This is obviously affecting thousands of OSGeo users on various mailing lists, although most won't realize.
Will keep you updated here on the status, I'm still waiting to hear back from the "Barracuda" blocklist people.
comment:4 by , 4 years ago
I had a look into the admin interface for QGIS dev and users list, and conclude that problably a lot of users have this 'nomail[reason]' checkbox checked now.
Would it be a possibility to do an update query in the db (/me just guessing this is in a db....)? (AFTER we are assured that we/OSGEO are not on any spam list anymore...)
comment:5 by , 4 years ago
| Keywords: | mailman added |
|---|
As it affects users across many OSGeo mailing lists:
Here a script candidate from https://www.msapiro.net/scripts/ which could be used as a basis for an automated user reactivation:
- set_nomail.py: Sets a list member's delivery to 'disabled by admin' or optionally sets to 'disabled by bounce' and starts the notification and deletion process.
The script would require some changes as it has the opposite purpose (AFAIK).
Also interesting
- get_bounce_info.py: Prints the bounce information for all list members that have any.
However, careful with subscribers who set "nomail" on purpose (unless that's different from a bounce based "nomail", I don't know enough about these mailman details.).
Importantly, be sure that there is a fresh backup in place before modifying any mailman subscriptions.
follow-up: 8 comment:7 by , 4 years ago
Just now received this message:
140.211.15.3 Removed from BARRACUDA at 6/27/2020 7:25:47 AM (UTC-04:00) Atlantic Time (Canada)
This is good news.
I think this affected many users, including the Nabble forums.
comment:8 by , 4 years ago
Replying to Jeff McKenna:
I think this affected many users, including the Nabble forums.
In the QGIS directory of Nabble forums there are some strange posts that shouldn't be there:
Buy US/UK/German drivers license, ID card, passport online. Jul 12
How I can earn money online? Jun 15
Writing an article Jun 17
Error adding point properties Jun 17
Could these be part of the issue?
follow-up: 10 comment:9 by , 4 years ago
@andreaerdna that's not related. I removed those messages that were posted because the permissions at the "folder" level allowed to post there. Yet another target for spammers :-(
Thanks for reporting!
comment:10 by , 4 years ago
Hi Jorge, thank you for removing the out of place posts and for setting the proper permissions to the QGIS forums directory.
However, it seems the "QGIS - Developer" forum is again read-only now.
comment:11 by , 4 years ago
However, it seems the "QGIS - Developer" forum is again read-only now.
Fixed
comment:12 by , 4 years ago
Hi all, at opengis.ch we had at least 4 subscribers being bounced from qgis-developer and other lists. I've the feeling that this could be the case for many more users. Where any actions (like the ones suggested by @neteler taken on this?
comment:13 by , 4 years ago
Personally I've tried to keep this ticket up-to-date with any actions related to this spam issue, and tried to point those reporting this on mailing lists to this ticket. I'm not aware of any other actions.
comment:14 by , 4 years ago
side note - I sent one email to pka @ sourcepole.ch from California on 13jul20, through carrierzone.com mail servers (not OSGeo mail servers). The email stalled for days and by Friday had bounced.
comment:15 by , 4 years ago
As per old experience (https://trac.osgeo.org/osgeo/ticket/175#comment:7), I have now reset all bounce rates to avoid that more ppl get unsubscribed:
withlist -a -r reset_bounce -- Importing reset_bounce... Running reset_bounce.reset_bounce()... Loading list africa (unlocked) Loading list alberta (unlocked) Loading list announce (unlocked) Loading list argentina (unlocked) Loading list atlanticcanada (unlocked) Loading list board-ar (unlocked) ... Loading list oceania-board (unlocked) Loading list geonode-psc (unlocked) Loading list mapproxy-dev (unlocked) Loading list mobilitydb-dev (unlocked) Loading list mobilitydb-users (unlocked) Finalizing
Apparently the affected users got an email
"Your membership in the mailing list XXXXX has been disabled due to excessive bounces..."
OK, I think I have an idea how to get the unsubscribed members back:
root@osgeo6: zgrep BYBOUNCE /var/log/mailman/subscribe* | wc -l 832
This list contains the emails and list names in this style:
/var/log/mailman/subscribe:Jul 13 09:00:02 2020 (30244) grass-user: xxxx@example.com auto-unsubscribed [reason: BYBOUNCE]
Using it we could re-enable all lost members.
comment:16 by , 4 years ago
Hi, I just re-subscribed manually.
Is this the recommended procedure and should a nice reminder be sent out to those having been auto-unsubscribed with a link to reactivate the account or should they better be re-enabled in an automated fashion as proposed by neteler in the last comment?
comment:17 by , 4 years ago
IMHO we need to find a volunteer who write to all unsubscribed folks (for the email list, see comment:15 above) or run the re-subscribe operation.
comment:18 by , 4 years ago
IMHO we should assess the lazy option "re-subscribe operation" first. Is there anything holding us back from running it? Technical risks, Scripts not up to date, Risks that we resubscribe users that have been unsubscribed for a good reason?
follow-up: 20 comment:19 by , 4 years ago
I currently have some time to devote into community projects. I am available to invest some time here if I know what, where and the priorities. Feel free to contact me here or directly by mail.
comment:20 by , 4 years ago
Replying to mkuhn:
I currently have some time to devote into community projects. I am available to invest some time here if I know what, where and the priorities. Feel free to contact me here or directly by mail.
Personally I'd appreciate that: @SAC, what do you think how to proceed here?
comment:21 by , 4 years ago
I recently activated the "bounce" notifications in mailman for the lists I am managing and got this notification:
550-Your message to <redacted_grass_subscriber> was classified as SPAM. Please add
550-more content, cut down on HTML links, use fewer naughty words etc.
Also, 550-ask your IT dept to make sure your mailserver has REVERSEDNS,
SPF, DKIM, 550 and is not on any black lists. Your score: 360 (in reply to
end of DATA command)
Question: do we have all measures in place and properly set up?
- REVERSEDNS
- DKIM
- SPF
- not backlisted
follow-up: 23 comment:22 by , 4 years ago
REVERSEDNS - looks like a pass to me. I don't think it needs to resolve to the domain name we are using for mail just needs to not look like an autogenerated.
DKIM - not familiar with this -- I don't see any DKIM notes when I look at messages that come thru my gmail mailbox from osgeo6, so I suspect not.
SPF - yap this is fine.
The error you have above though looks like it's coming from osgeo6. I know Sandro had implemented some of those kind of checks on postgis mailing lists and I had started to get those like my email has too much html and some such thing. Then our whole PSC PostGIS started throwing virtual stones at strk so he set things back.
Maybe you have something similarly configured on grass list?
comment:23 by , 4 years ago
Replying to robe:
Maybe you have something similarly configured on grass list?
I think I didn't touch the settings for 5+ years.
And the problems are affecting many lists (see above for the 800 lost subscribers).
comment:25 by , 4 years ago
| Description: | modified (diff) |
|---|---|
| Summary: | OSGeo mail server on DNS Blacklist → OSGeo mail server on DNS blocklist |
Updates:
/me Heart's 70's song lyrics "oooo barracuda" plays in my head now, unfortunately