Version: (using Devel) OS: Other Installed from: Compiled sources I got this mail when sending a comment in a bug where I'm in the CC list. ****************************************************************** This is the mail system at host immanuel.kde.org. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to postmaster. If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system <m1k0@wp.pl>: host mx.wp.pl[212.77.101.4] said: 550 BLAD SPF - zobacz strone / SPF Error: Received-SPF: neutral (smtp.wp.pl: 138.246.255.177 is neither permitted nor denied by domain of gmail.com) client-ip=138.246.255.177; envelope-from=andresbajotierra@gmail.com; Jesli jestes uzytkownikiem poczta.wp.pl sprawdz poprawnosc autoryzacji SMTP / If you are a poczta.wp.pl user check SMTP configuration: http://poczta.wp.pl/autoryzacja/ (in reply to MAIL FROM command) Final-Recipient: rfc822; m1k0@wp.pl Original-Recipient: rfc822;m1k0@wp.pl Action: failed Status: 5.0.0 Remote-MTA: dns; mx.wp.pl Diagnostic-Code: smtp; 550 BLAD SPF - zobacz strone / SPF Error: Received-SPF: neutral (smtp.wp.pl: 138.246.255.177 is neither permitted nor denied by domain of gmail.com) client-ip=138.246.255.177; envelope-from=andresbajotierra@gmail.com; Jesli jestes uzytkownikiem poczta.wp.pl sprawdz poprawnosc autoryzacji SMTP / If you are a poczta.wp.pl user check SMTP configuration: http://poczta.wp.pl/autoryzacja/ ---------- Forwarded message ---------- From: Darío Andrés <andresbajotierra@gmail.com> To: m1k0@wp.pl Date: Tue, 19 Aug 2008 18:06:41 +0200 Subject: [Bug 164867] CSS 2.1 Conformance Test Suite - wrong CSS from XHTML http://bugs.kde.org/show_bug.cgi?id=164867 --- Comment #3 from Darío Andrés <andresbajotierra gmail com> 2008-08-19 18:06:41 --- I can also reproduce this behaviour using: Version 4.1.62 (KDE 4.1.62 (KDE 4.2 >= 20080814)) kdelibs4.2 svn rev.849324 kdebase4.2 svn rev.849337 ArchLinux 2.6.25-zen2-20080814 i686 -- Configure bugmail: http://bugs.kde.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You reported the bug. ****************************************************************** Another one: ****************************************************************** This is the mail system at host immanuel.kde.org. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to postmaster. If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system <bluedzins@wp.pl>: host mx.wp.pl[212.77.101.4] said: 550 BLAD SPF - zobacz strone / SPF Error: Received-SPF: neutral (smtp.wp.pl: 138.246.255.177 is neither permitted nor denied by domain of gmail.com) client-ip=138.246.255.177; envelope-from=andresbajotierra@gmail.com; Jesli jestes uzytkownikiem poczta.wp.pl sprawdz poprawnosc autoryzacji SMTP / If you are a poczta.wp.pl user check SMTP configuration: http://poczta.wp.pl/autoryzacja/ (in reply to MAIL FROM command) Final-Recipient: rfc822; bluedzins@wp.pl Original-Recipient: rfc822;bluedzins@wp.pl Action: failed Status: 5.0.0 Remote-MTA: dns; mx.wp.pl Diagnostic-Code: smtp; 550 BLAD SPF - zobacz strone / SPF Error: Received-SPF: neutral (smtp.wp.pl: 138.246.255.177 is neither permitted nor denied by domain of gmail.com) client-ip=138.246.255.177; envelope-from=andresbajotierra@gmail.com; Jesli jestes uzytkownikiem poczta.wp.pl sprawdz poprawnosc autoryzacji SMTP / If you are a poczta.wp.pl user check SMTP configuration: http://poczta.wp.pl/autoryzacja/ ---------- Forwarded message ---------- From: Darío Andrés <andresbajotierra@gmail.com> To: bluedzins@wp.pl Date: Tue, 19 Aug 2008 18:08:49 +0200 Subject: [Bug 164402] web page scrollbars get crazy (turning on/off) http://bugs.kde.org/show_bug.cgi?id=164402 --- Comment #5 from Darío Andrés <andresbajotierra gmail com> 2008-08-19 18:08:48 --- I can also reproduce this bug using: Version 4.1.62 (KDE 4.1.62 (KDE 4.2 >= 20080814)) kdelibs4.2 svn rev.849324 kdebase4.2 svn rev.849337 ArchLinux 2.6.25-zen2-20080814 i686 -- Configure bugmail: http://bugs.kde.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You reported the bug. ****************************************************************** Also, I'm not getting all mails from comments of another bugs where I'm also in the CC list.
And even when submitting this bug, I got this mail (only the first part of it): **************************************** This is the mail system at host immanuel.kde.org. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to postmaster. If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system <bugzilla-kde@bkor.dhs.org>: host bkor.dyn.dhs.org[62.163.51.49] said: 554 5.7.1 <bugzilla-kde@bkor.dhs.org>: Recipient address rejected: Access denied (in reply to RCPT TO command) Final-Recipient: rfc822; bugzilla-kde@bkor.dhs.org Original-Recipient: rfc822;bugzilla-kde@bkor.dhs.org Action: failed Status: 5.7.1 Remote-MTA: dns; bkor.dyn.dhs.org Diagnostic-Code: smtp; 554 5.7.1 <bugzilla-kde@bkor.dhs.org>: Recipient address rejected: Access denied ---------- Forwarded message ---------- From: Darío Andrés <andresbajotierra@gmail.com> To: bugzilla-kde@bkor.dhs.org Date: Tue, 19 Aug 2008 18:15:18 +0200 Subject: [Bug 169446] New: Got "Undelivered Mail Returned to Sender" mail after commiting a comment in a bug where I'm CCed. http://bugs.kde.org/show_bug.cgi?id=169446 ............ **********************************************
Another mail when removing me from a bug's CC list (different subject but I suppose this is somewhat related) : from MAILER-DAEMON@messagelabs.com to andresbajotierra@gmail.com date Wed, Aug 20, 2008 at 8:33 PM subject failure notice mailed-by mail195.messagelabs.com *********************************** This is the mail delivery agent at messagelabs.com. I was not able to deliver your message to the following addresses. <edwin@orangeport.net>: 217.10.137.171 does not like recipient. Remote host said: 550 relay not permitted --- Below this line is a copy of the message. Return-Path: <andresbajotierra@gmail.com> X-VirusChecked: Checked X-Env-Sender: andresbajotierra@gmail.com X-Msg-Ref: server-14.tower-195.messagelabs.com!1219275212!8491471!1 X-StarScan-Version: 5.5.12.14.2; banners=-,-,orangeport.net X-Originating-IP: [138.246.255.177] X-SpamReason: No, hits=0.0 required=7.0 tests=ML_MATCH_1,ML_MATCH_4 Received: (qmail 29299 invoked from network); 20 Aug 2008 23:33:32 -0000 Received: from immanuel.kde.org (HELO immanuel.kde.org) (138.246.255.177) by server-14.tower-195.messagelabs.com with SMTP; 20 Aug 2008 23:33:32 -0000 Received: by immanuel.kde.org (Postfix, from userid 30) id 92E4A12D6C; Thu, 21 Aug 2008 01:33:32 +0200 (CEST) From: =?UTF-8?Q?Dar=C3=ADo=20Andr=C3=A9s=20?=<andresbajotierra@gmail.com> Sender: bugzilla_noreply@kde.org To: edwin@orangeport.net Subject: [Bug 167826] Konqueror processes never terminate X-Bugzilla-URL: http://bugs.kde.org/ X-Bugzilla-Reason: CC X-Bugzilla-Type: newchanged X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: kdelibs X-Bugzilla-Component: general X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: andresbajotierra@gmail.com X-Bugzilla-Status: RESOLVED X-Bugzilla-Priority: NOR X-Bugzilla-Assigned-To: kdelibs-bugs@kde.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Changed-Fields: CC In-Reply-To: <bug-167826-32823@http.bugs.kde.org/> References: <bug-167826-32823@http.bugs.kde.org/> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Message-Id: <20080820233332.92E4A12D6C@immanuel.kde.org> Date: Thu, 21 Aug 2008 01:33:32 +0200 (CEST) http://bugs.kde.org/show_bug.cgi?id=3D167826 Dar=C3=ADo=20Andr=C3=A9s=20andresbajotierra=20gmail=20com=20changed: =20=20=20=20=20=20=20=20=20=20=20What=20=20=20=20|Removed=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20|Added --------------------------------------------------------------------------= -- =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20CC|andresbajotierra@gma= il.com=20=20| --=20 Configure=20bugmail:=20http://bugs.kde.org/userprefs.cgi?tab=3Demail -------=20You=20are=20receiving=20this=20mail=20because:=20------- You=20are=20on=20the=20CC=20list=20for=20the=20bug. ______________________________________________________________________ This=20email=20has=20been=20scanned=20by=20the=20MessageLabs=20Email=20Sec= urity=20System. For=20more=20information=20please=20visit=20http://www.messagelabs.com/ema= il=20 ______________________________________________________________________ ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ ***********************************
I've recieved another mail: *************************************************** This is the Postfix program at host spf5-4.us4.outblaze.com. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to <postmaster> If you do so, please include this problem report. You can delete your own text from the attached returned message. The Postfix program <"elektroschock:linuxmail.org"@linuxmail.org-us4-5.int> (expanded from <elektroschock@linuxmail.org>): host mta5.us4.outblaze.com.int[192.168.9.170] said: 552 recipient storage full, try again later (in reply to RCPT TO command) Final-Recipient: rfc822; "elektroschock:linuxmail.org"@linuxmail.org-us4-5.int Original-Recipient: rfc822; elektroschock@linuxmail.org Action: failed Status: 5.0.0 Diagnostic-Code: X-Postfix; host mta5.us4.outblaze.com.int[192.168.9.170] said: 552 recipient storage full, try again later (in reply to RCPT TO command) ---------- Forwarded message ---------- From: Darío Andrés <andresbajotierra@gmail.com> To: elektroschock@linuxmail.org Date: Wed, 27 Aug 2008 18:43:21 +0200 (CEST) Subject: [Bug 159337] drag and drop doesnt work with dolphin http://bugs.kde.org/show_bug.cgi?id=159337 Darío Andrés andresbajotierra gmail com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |andresbajotierra@gmail.com --- Comment #2 from Darío Andrés <andresbajotierra gmail com> 2008-08-27 18:42:41 --- Qt: 4.4.0 KDE: 4.1.1 (KDE 4.1.0 (4.1 >= 20080722)) KSnapshot: 0.8.1 in ArchLinux i686: I can reproduce this bug. However, Drag&Drop works dropping the image in GIMP -- Configure bugmail: http://bugs.kde.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You reported the bug. ***************************************************
Okay, I got the error too, heres the delivery report: --------------------------------------------------------- Final-Recipient: rfc822; *****@gmx.net Action: failed Status: 5.7.1 Remote-MTA: dns; mx0.gmx.net Diagnostic-Code: smtp; 550-5.7.1 {mx103} The recipient does not accept mails from 'gmx.net' over foreign mailservers 550 5.7.1 ( http://portal.gmx.net/serverrules )--------------------------------------------------------- I am registered here with a @gmx.net-address so the result is a mail from my @gmx.net-address to the same one sent by the kde-mailserver. I think, the problem could be solved, if you send the mail with "from: bugzilla@kde.org" or something like that.
*** Bug 170563 has been marked as a duplicate of this bug. ***
*** Bug 171140 has been marked as a duplicate of this bug. ***
I am changing the bug summary to be clearer and to suggest a solution. There should be a way to report bounce addresses to Bugzilla so that Bugzilla could independently check these addresses and remove them if need be.
*** Bug 171322 has been marked as a duplicate of this bug. ***
as i mentioned in bug 171322 the problem seems to be the setting for envelope-from address. as long as bugzilla uses its users' email addresses, there will be bounces and SPF alerts to users. refer suggested solution in comment #4 by thomas schuetz. if this can not be configured, it should be brought upstream ASAP.
I guess this is the upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=362289 Changed the subject to reflect the actual problem.
Forgot to mention: Alternatively immanuel.kde.org could be configured to rewrite the addresses via SRS: http://www.openspf.org/SRS
I have encountered these bounces quite a few times, it is especially annoying if many people have suscribed to a bug and this is rather old, then you allways get a lot of bounces. I have encountered another variation: GMX does not accept email which have a GMX sender address, but where not delivered through the GMX-mailserver. Since many people use GMX this is very bad. They wont receive notifications. I think that bugzilla should not use the reporters emailaddress as a sender.
Here an example: The mail system <thschuetz@gmx.net>: host mx0.gmx.de[213.165.64.100] said: 550-5.7.1 {mx112} The recipient does not accept mails from 'gmx.net' over foreign mailservers 550 5.7.1 ( http://portal.gmx.net/serverrules ) (in reply to RCPT TO command)
I never got this kind of emails again ? Should this be closed? Thanks
No. Example -- I just got email from you asking if this report should be closed.
I still get them.
The envelope from is now set to: Return-Path: <bugzilla_noreply@kde.org>
@Rolf: Setting the Return-Path is not a solution, because SPF validation still fails. Also see comment #12 for another reason why From must be set to BKO, not Return-Path.
(In reply to comment #18) > @Rolf: Setting the Return-Path is not a solution, because SPF validation still > fails. Also see comment #12 for another reason why From must be set to BKO, not > Return-Path. Return-Path is filled in by the receiving mailserver with the address used in the SMTP dialog. From: is displayed to the mail client and has nothing to do with the mail routing at all. So From: can be set to whatever value and the SMTP envelope (which will end up in Return-Path:) needs to be set to BKO.
However SPF verification is done on the Sender. BKO is _not_ authorized to send mail from my address, and as such all mail that attempts to verify that with SPF will fail. http://en.wikipedia.org/wiki/Sender_Policy_Framework
And that is exactly what I said: the Envelope-From: must point to BKO and the From: address should be set to yours. The From: address is part of the _message_body_ and has absolutely zero impact on SPF and mail routing.
I think that you are mistaken, Rolf. The From address is part of the header, and it is exactly From address spoofing that SPF was designed to thwart. Take a look at line 11 from this mail: Return-path: <bugzilla_noreply@kde.org> Envelope-to: kde-3@dotancohen.com Delivery-date: Thu, 21 May 2009 04:53:09 -0400 Received: from immanuel.kde.org ([138.246.255.177]) by sphere.prestodns.com with esmtp (Exim 4.63) (envelope-from <bugzilla_noreply@kde.org>) id 1M741P-0005Wu-3f for kde-3@dotancohen.com; Thu, 21 May 2009 04:53:09 -0400 Received: by immanuel.kde.org (Postfix, from userid 30) id ADF38168FB; Thu, 21 May 2009 10:53:03 +0200 (CEST) From: Rolf Eike Beer <kde@opensource.sf-tec.de> Sender: bugzilla_noreply@kde.org To: kde-3@dotancohen.com Reply-To: bugzilla_noreply@kde.org Subject: [Bug 169446] Bugzilla must not use the user's address as the envelope-from address or SPF issues arise X-Bugzilla-URL: http://bugs.kde.org/ X-Bugzilla-Reason: Voter CC X-Bugzilla-Type: newchanged X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: bugs.kde.org X-Bugzilla-Component: general X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: kde@opensource.sf-tec.de X-Bugzilla-Status: NEW X-Bugzilla-Priority: NOR X-Bugzilla-Assigned-To: mueller@kde.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Changed-Fields: In-Reply-To: <bug-169446-62509@http.bugs.kde.org/> References: <bug-169446-62509@http.bugs.kde.org/> Auto-Submitted: auto-generated Content-Type: text/plain; charset="UTF-8" MIME-Version: 1.0 Message-Id: <20090521085303.ADF38168FB@immanuel.kde.org> Date: Thu, 21 May 2009 10:53:03 +0200 (CEST)
If you have no idea how mail transport works then don't try to teach me. Just try yourself: > telnet dotancohen.com 25 Trying 69.56.226.148... Connected to dotancohen.com. Escape character is '^]'. 220-sphere.prestodns.com ESMTP Exim 4.63 #1 Thu, 21 May 2009 10:37:16 -0400 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. ehlo donald.sf-tec.de 250-sphere.prestodns.com Hello donald.sf-tec.de [89.14.80.160] 250-SIZE 52428800 250-PIPELINING 250-AUTH PLAIN LOGIN 250-STARTTLS 250 HELP mail from:<bugzilla-noreply@kde.org> 250 OK rcpt to:<kde-3@dotancohen.com> 250 Accepted data From: Osama <osamabl@gmx.net> To: <president@whitehouse.gov> Subject: get it right! Hey Barak, I just want to tell you: it is /usr/local/bin/laden, everything else is wrong! Cheers, Osama . 250 message accepted quit 250 buy So, what do we get? Return-Path: will be <bugzilla-noreply@kde.org> and we will get no SPF violation at all because there is no SPF record for kde.org. If From: is part of the message header or not does not count at all as it is just SMTP payload and that isn't taken into account for SPF _at_ _all_. And neither Barak nor Osama is involved in this mail ever as this is just the data part of the SMTP transaction which has absolutetly none to do with the mail routing. Just the fact that Envelope-From: and From: are usually the same when you send mail using your favourite mail program doesn't mean that they have anything to do with each other technically. And if your provider uses SRS (see link above first paragraph of that Wikipedia article) it will alter the Envelope-From when he forwards a mail but will not touch the From:. And by the way: that multiline greeting of your Exim can be considered a SMTP protocol violation.
Thank you for being so patient and taking the time to teach me. $ telnet dotancohen.com 25 Trying 69.56.226.148... Connected to dotancohen.com. Escape character is '^]'. 220-sphere.prestodns.com ESMTP Exim 4.63 #1 Thu, 21 May 2009 14:08:04 -0400 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. mail from: <from@dc.com> 250 OK rcpt to: toto@dotancohen.com 250 Accepted data 354 Enter message, ending with "." on a line by itself From: osama@sef.com To: pres@dotancohen.com Subject: This is The message . 250 OK id=1M7Cgo-0007Iz-Py quit 221 sphere.prestodns.com closing connection Connection closed by foreign host. jaunty2@laptop:~$ ============== From - Thu May 21 21:09:04 2009 X-Account-Key: account2 X-UIDL: c39db2720a25ba9d44a0c8cf98d81385 X-Mozilla-Status: 0201 X-Mozilla-Status2: 00000000 X-Mozilla-Keys: Return-path: <from@dc.com> Envelope-to: toto@dotancohen.com Delivery-date: Thu, 21 May 2009 14:08:52 -0400 Received: from [192.117.111.61] by sphere.prestodns.com with smtp (Exim 4.63) (envelope-from <from@dc.com>) id 1M7Cgo-0007Iz-Py for toto@dotancohen.com; Thu, 21 May 2009 14:08:52 -0400 From: osama@sef.com To: pres@dotancohen.com Subject: This is The message . ============== The address "osama@sef.com" is what shows in Thunderbird. This is all how I understood it to work. Now we get to the point where I may be mistaken. I thought that SPF verifies against From as that is what the user sees. You argue that SPF verifies against Return-path. The Wikipedia article in fact states that SPF verifies against Return-path as you state, furthermore, it states this: "While the address in the Return-Path often matches other originator addresses in the mail header like "From:" or "Sender:" this is not necessarily the case, and SPF does not prevent forgeries of these other addresses." The opposite of what I thought. It seems that SPF was designed to prevent backscatter, not prevent address forgery as I had thought. You are right, I was wrong. Closing the bug RESOLVED FIXED. Thanks.