You are viewing a plain text version of this content. The canonical link for it is here.
Posted to infrastructure-issues@apache.org by "Uwe Schindler (JIRA)" <ji...@apache.org> on 2015/12/12 13:35:46 UTC
[jira] [Created] (INFRA-10948) SPF failures when sending mail to
@apache org adresses that are relayed to committer's private account
Uwe Schindler created INFRA-10948:
-------------------------------------
Summary: SPF failures when sending mail to @apache org adresses that are relayed to committer's private account
Key: INFRA-10948
URL: https://issues.apache.org/jira/browse/INFRA-10948
Project: Infrastructure
Issue Type: Bug
Components: Mail (qmail)
Reporter: Uwe Schindler
Hi,
I have this issue several times when sending mails to other committers using their @apache org address. My own domain (@thetaphi.de) as SPF enabled and it only allows mails to be sent through my own mail server (which is obvious). If the mail server on the recipient's side also uses SPF to check mail servers, it fails and rejects the mail. This is because of the mail relay server @ hemes resends the mail without rewriting mail addresses as headers accoding to SPF standard. The reseiver then refuses the mail because it comes from hermes.apache.org, which is (of course) not part of sender's SPF record.
Example SPF message: http://www.openspf.org/Why?id=uwe@thetaphi.de&ip=140.211.11.3&receiver=mx1.public.one.com
One example of return mail:
Hi. This is the qmail-send program at apache.org.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<xx...@sourcegrounds.com>:
91.198.169.9 failed after I sent the message.
Remote host said: 550 5.7.1 SPF check failed, please see http://www.openspf.org/Why?id=uwe@thetaphi.de&ip=140.211.11.3&receiver=mx1.public.one.com (9ce88f13-a0ca-11e5-8d4f-b82a72d859f1)
--- Below this line is a copy of the message.
Return-Path: <uw...@thetaphi.de>
Received: (qmail 77633 invoked by uid 500); 12 Dec 2015 12:19:36 -0000
Delivered-To: apmail-xxxx@apache.org
Received: (qmail 77630 invoked by uid 99); 12 Dec 2015 12:19:36 -0000
Received: from Unknown (HELO spamd2-us-west.apache.org) (209.188.14.142)
by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 12 Dec 2015 12:19:36 +0000
Received: from localhost (localhost [127.0.0.1])
by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id 387351A5F81
for <xx...@apache.org>; Sat, 12 Dec 2015 12:19:36 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: 1.624
X-Spam-Level: *
X-Spam-Status: No, score=1.624 tagged_above=-999 required=6.31
tests=[SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, SUBJ_ALL_CAPS=1.625,
URIBL_BLOCKED=0.001] autolearn=disabled
Received: from mx1-us-east.apache.org ([10.40.0.8])
by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024)
with ESMTP id 4pPGK7y08iqA for <xx...@apache.org>;
Sat, 12 Dec 2015 12:19:24 +0000 (UTC)
Received: from mail.sd-datasolutions.de (serv2.sd-datasolutions.de [85.25.204.22])
by mx1-us-east.apache.org (ASF Mail Server at mx1-us-east.apache.org) with ESMTP id B5A4242A73
for <xx...@apache.org>; Sat, 12 Dec 2015 12:19:24 +0000 (UTC)
Received: from VEGA (unknown [IPv6:2001:1a80:2b05:4601:8e70:5aff:fed1:75a4])
by mail.sd-datasolutions.de (Postfix) with ESMTPSA id 8FD9B16F802C9;
Sat, 12 Dec 2015 12:19:23 +0000 (UTC)
X-NSA-Greeting: Dear NSA, have fun with reading and analyzing this e-mail!
From: "Uwe Schindler" <uw...@thetaphi.de>
To: xxxxx
Cc: xxxxx
Subject: RE: FOSDEM 2016
Date: Sat, 12 Dec 2015 13:19:23 +0100
Message-ID: <00...@thetaphi.de>
MIME-Version: 1.0
Content-Type: text/plain;
charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQGUoEKTWxKvss5OIciZyFdV+vtswgGeIIoxAsEhpCefHXOXsA==
Content-Language: de
Solution: Hermes should rewrite the mail headers using SRS (http://www.openspf.org/SRS) when relaying @apache.org mail.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)