Opened 7 months ago

Last modified 7 months ago

#13633 assigned Bug/Something is broken

Greylisting issue

Reported by: https://id.mayfirst.org/madeofpeople Owned by: https://id.mayfirst.org/jaimev
Priority: Medium Component: Tech
Keywords: Cc: https://id.mayfirst.org/jamie
Sensitive: no

Description

Hellos!

I've recently had some issue receiving emails from some groups I'm a member of. I imagine it has something to do with greylisting, and their servers not retrying on failed attempts after 30 mins.

The speicifc email was from the north brooklyn boat club from the domain '.wildapricot.org' sent on Apr 11, 2018 at 9:26 PM but there are possibly other wildapricot addresses and other groups I simply didn't know about. Can we white list these? and check to make sure we're not filtering out others?

I appreciate efforts to reduce span, but doesn't the greylisting policy go against the "I have the right to receive every message sent to me" declaration in Mayrfirsts "organic internet" treatise (found a copy on the street last fall!)

Hope alls well, T

Change History (4)

comment:1 Changed 7 months ago by https://id.mayfirst.org/jaimev

  • Cc https://id.mayfirst.org/jamie added
  • Owner set to https://id.mayfirst.org/jaimev
  • Status changed from new to assigned

Hi T, Greylisting works because normally only spam servers will give up after one delivery attempt. In the logs I see only 4 attempts to deliver mail from that domain in the past week. Two attempts were greylisted and each subsequent attempt passed.

The e-mail related DNS entries for that domain are assigned to google servers. Normally those servers would retry after being greylisted once. However the mail server being used to deliver mail from that domain identifies as client amsrv12.memberlodge.org Also it is using a different ip address every time so I'm not sure if adding to an exception list is an option here.

comment:2 Changed 7 months ago by https://id.mayfirst.org/jamie

  • Resolution set to fixed
  • Status changed from assigned to feedback

Wow - glad to hear that the organic internet is still in circulation :) and yes you should receive all the email that is sent to you!

Email senders that will attempt redelivery from multiple IP addresses fall through the grey listing cracks and really suggest that we may need to give it up at some point (or figure out how to patch postgrey so that it treats email sent from different sub-domains of the same domain as the same IP address).

But fortunately, postgrey does allow us to maintain a local clear list using regular expressions (that's how we get around the problem Jaime identifies) - so I just added memberlodge.org (and all subdomains) after I saw that it redirects to wildapricot.

I've pushed these changes to rose and restarted postgrey so hopefully these messages won't get delayed again.

comment:3 Changed 7 months ago by https://id.mayfirst.org/madeofpeople

  • Resolution fixed deleted
  • Status changed from feedback to assigned

Thanks!

Strangely another one seemed to slip by "Failure text: 450 4.1.8 <NorthBrooklynBoatClub@wildapricot.org>: Sender address rejected: Domain not found"

It's likely a mess of ip addresses, and reply to's but would love to clear it up. Emails sent from the "Events" automated module seem to go through, but those sent from email templates bounce. I suppose that has more to do with the way wildapricot is configured than with the m1 servers but any whitelisting we can do to circumvent the issue would be well appreciated.

comment:4 Changed 7 months ago by https://id.mayfirst.org/jamie

Can you share the full error message? I think this is a different problem.

I can't be sure - but it appears that you tried to send an email to <NorthBrooklynBoatClub@wildapricot.org>, relayed through our servers, but wildapricot.org rejected the message because the from address had a domain name that is not a registered domain name. Or maybe it was our server that rejected it for that reason? Can you tell from the error message what the From address was?

Please login to add comments to this ticket.

Note: See TracTickets for help on using tickets.