SUMMARY Emails sent from this forum may fail to land in the user's inbox due to Domain Spoofing, which leads to DMARC/DKIM/SPF failure. This is because the emails are listed as being "FROM" the poster's actual email instead of from the bug site's address. As a result, if the poster's domain enforces the above rules, the email fails authentication, since it is coming from kde.org's mail servers instead of the listed "FROM" user's mail servers. This is improper and causes messages to be flagged as spam or never delivered. My organization respects these rules and will not deliver the mail to the user's inbox if such security checks do not pass. Mail header as follows: (responding forum user has a web.de address) dkim=none; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=web.de (policy=quarantine); spf=pass (relay.mimecast.com: domain of bugzilla_noreply@kde.org designates 46.43.1.242 as permitted sender) smtp.mailfrom=bugzilla_noreply@kde.org Received: from letterbox.kde.org (letterbox.kde.org [46.43.1.242]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-480-qt_fYBHrP16R2jPQ_T9x4g-1; Fri, 15 Nov 2024 11:23:36 -0500 X-MC-Unique: qt_fYBHrP16R2jPQ_T9x4g-1 X-Mimecast-MFC-AGG-ID: qt_fYBHrP16R2jPQ_T9x4g Received: from phoeni.kde.org (phoeni.kde.org [IPv6:2a01:4f8:a0:600e::3]) by letterbox.kde.org (Postfix) with ESMTPS id 6BDD333BACA for <swensonm@cassens.com>; Fri, 15 Nov 2024 16:14:25 +0000 (GMT) Received: from www-data by phoeni.kde.org with local (Exim 4.95) (envelope-from <bugzilla_noreply@kde.org>) id 1tByxk-001BsI-Sh for swensonm@cassens.com; STEPS TO REPRODUCE 1. Ensure your mail server is enforcing DMARC/DKIM/SPF 2. Have a user with an email address/domain which enforces DMARC/DKIM/SPF reply to a bug post you have made OBSERVED RESULT Mail is sent with improper "FROM" address, causing the mail to fail domain authentication policies and be rejected. EXPECTED RESULT Mail should be sent with a kde.org address in the FROM field (user's email address could still be in the email description/name area), so that the mail can be authenticated against kde.org's DMARC/DKIM/SPF rules, which it should pass. ADDITIONAL NOTES As noted, SPF is technically not failing, because it is looking up the info for the domain sending the mail, finding that the mail did in fact come from an authorized mail server for kde.org web.de has a DMARC record telling other mail servers to quarantine and report messages which fail DMARC The specific aspect of failure, alignment, is discussed here: https://en.wikipedia.org/wiki/DMARC#Alignment
To be fair, my "EXPECTED RESULT" bit may preclude some other solution, but the point is DMARC alignment is causing emails to fail delivery, so something must be done to compensate.
Can you please provide a complete copy of the message in question you received that wasn't compliant so we can investigate further? I need the comment to ascertain which Bugzilla template is triggering this as all the ones I can see are correct. Both your initial report and the subsequent comments arrived to me at least from a DKIM/SPF/DMARC compliant address (specifically, bugzilla_noreply@kde.org)
(In reply to Ben Cooksley from comment #2) > Can you please provide a complete copy of the message in question you > received that wasn't compliant so we can investigate further? > I need the comment to ascertain which Bugzilla template is triggering this > as all the ones I can see are correct. > > Both your initial report and the subsequent comments arrived to me at least > from a DKIM/SPF/DMARC compliant address (specifically, > bugzilla_noreply@kde.org) Entire mail as follows: Delivered-To: swensonm@cassens.com Received: by 2002:a17:906:8a65:b0:a9a:1849:c1bc with SMTP id hy5csp1234350ejc; Fri, 15 Nov 2024 09:17:01 -0800 (PST) X-Google-Smtp-Source: AGHT+IG0R0tU/jDVjKmSwrIfcQnYGgYa3xbcS+VQzjpc97ZQpXQI83gWxve93b9UlN3rOPNYmDCO X-Received: by 2002:a05:620a:17a2:b0:7b1:b216:f5a with SMTP id af79cd13be357-7b362296b4dmr171465585a.3.1731691021708; Fri, 15 Nov 2024 09:17:01 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1731691021; cv=pass; d=google.com; s=arc-20240605; b=cfODll5YQHIRGa74/rXD0YmtSNTF83CCxL6l976WCBqwawbLr7J8r8RtnyTec4cWI7 rxujfLLrB4njmjujetN+mnzTYr0bhY4958ioE1YGrxxyQ97jTgH7yHI6WPwLkAiotBRv rkVX5iD9yZXwXY/3JkrtMO8BsqEMPyHCzC7+0tPw/0L90/Kie4Cg6Zuh57rlDk1kCQ0I zDO30lZV1P9O6RXc1Z1J11pUM+enJm/Vtkrf6bHVy/iohRs9e6n1TyLW0xGRZ5saVp7Y ry+7+iDVDx/Zcb7ulBgVxqMvAMTgdm8lzsZzv3cg3PHNrg32AqwiwVtqIIEET/ba3v7w vi4w== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:auto-submitted:references:in-reply-to:message-id :reply-to:date:subject:to:from; bh=Hu0Oa3QggZAxqeVy6u+KHrrHoWGePnrBJGRVzRaoAyE=; fh=SVSuI/5UB1uiL0AOlVZVI3EA8i9nXs2ypQg4xAmgCMk=; b=JCkAldVrGqpEFhNJ7atFxvOf3er6YYT30IfT64lyTIiMrhcT6gGbj48+6vvsVHGoxi +g5luzC6Yxm5OKXoM1/DFjXwdo2uM4eaa01ILxxzdzHDe+nFTC83r078tqxK70SkVncQ VULDbqbfG2SbSx9WDoo3Xa/RTKUOjMEDRV/T6EsToJu8ImiPtTsHr5rju4E61c/BpZO3 H8zeCglsbDMMvCNgwj7VwICnsobU83iHrrG7XL/cT3ADUkXNQ81Y/otR8Jvce1qsIXRa kVGOmP/pVnK4umkZvpGlqkGUaSYC97DElB45uTI6ajnfew1f3BZ4QqaUlXWPSxkjzjkp gwEQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; arc=pass (i=1 spf=pass spfdomain=kde.org); spf=pass (google.com: domain of bugzilla_noreply@kde.org designates 46.43.1.242 as permitted sender) smtp.mailfrom=bugzilla_noreply@kde.org Return-Path: <bugzilla_noreply@kde.org> Received: from us-smtp-inbound-delivery-1.mimecast.com (us-smtp-inbound-delivery-1.mimecast.com. [170.10.128.131]) by mx.google.com with ESMTPS id af79cd13be357-7b35caad908si386979885a.479.2024.11.15.09.17.01 for <swensonm@cassens.com> (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Nov 2024 09:17:01 -0800 (PST) Received-SPF: pass (google.com: domain of bugzilla_noreply@kde.org designates 46.43.1.242 as permitted sender) client-ip=46.43.1.242; Authentication-Results: mx.google.com; arc=pass (i=1 spf=pass spfdomain=kde.org); spf=pass (google.com: domain of bugzilla_noreply@kde.org designates 46.43.1.242 as permitted sender) smtp.mailfrom=bugzilla_noreply@kde.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=dkim.mimecast.com; s=201903; t=1731691021; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references; bh=Hu0Oa3QggZAxqeVy6u+KHrrHoWGePnrBJGRVzRaoAyE=; b=GUrJDQVyVLtDyyJa7eVxzKDqQ4TgWJQdsks98tEuk1VfOxRAnvlE3tS0YL8XlV38+0LLEL TKvfh0+4qXcZKGcxI4rQ15DSRb9ckTI2O/qAMu30oMD7+256c+GyFPmfjLVtM5AfBhytRv 6gitsY8+yO+pH0Pen6FwkSAoVbuBjSa6SruVZl5K66wsWY0NWAKDpDQ9YTGAYli8oP4q1Q IWLa+eRGpOir9LaqJ3ycQBq9ev+tix6tOfpsXuEphT7nmMMFnBrsTM7bU/qGuGN0v8ShTl 025dHPkU+mRlfiB5ERq6iViCJRVDVMfWlDzXpzq5UUWm/F34o2rPBjsADzsnbg== ARC-Seal: i=1; s=201903; d=dkim.mimecast.com; t=1731691021; a=rsa-sha256; cv=none; b=n57IaJCzwRqRSNyLQehQ/O5R+kD3q9y54LOY0XihlOZu+6+5ylFKgWukVrFVVn5CPvWk6T xFOOz9tYiQ4A4PCSUSJ4TwL6F9AzU9sWN83yD2StcMUWgdQ+VZikfDIU+7Sg+SKzUWLgrz tIyWHutuwWK6tGBVk/FfeDQzhdXIxFQDHcJeFI7PZwKyk8/pfT5kbMID7TAVbNXXxOkzdZ wjL0QUjfiENzAPmQ+rx6rUBOobRSOczag//0e9MMECdjKaeZ/Eog2XQ8/iOkZ2ZN43OO8X zuu07Eg28aNeYIQ8Q7Nqjjrf/4nrw/gsOdsaeaVgZaNR65svOwyT9fg4oTGAGA== ARC-Authentication-Results: i=1; relay.mimecast.com; dkim=none; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=web.de (policy=quarantine); spf=pass (relay.mimecast.com: domain of bugzilla_noreply@kde.org designates 46.43.1.242 as permitted sender) smtp.mailfrom=bugzilla_noreply@kde.org Authentication-Results: relay.mimecast.com; dkim=none; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=web.de (policy=quarantine); spf=pass (relay.mimecast.com: domain of bugzilla_noreply@kde.org designates 46.43.1.242 as permitted sender) smtp.mailfrom=bugzilla_noreply@kde.org Received: from letterbox.kde.org (letterbox.kde.org [46.43.1.242]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-168-gGfhzWFiPb22cBMhP9dZAQ-1; Fri, 15 Nov 2024 11:15:40 -0500 X-MC-Unique: gGfhzWFiPb22cBMhP9dZAQ-1 X-Mimecast-MFC-AGG-ID: gGfhzWFiPb22cBMhP9dZAQ Received: from phoeni.kde.org (phoeni.kde.org [IPv6:2a01:4f8:a0:600e::3]) by letterbox.kde.org (Postfix) with ESMTPS id D482733BAC7 for <swensonm@cassens.com>; Fri, 15 Nov 2024 16:15:37 +0000 (GMT) Received: from www-data by phoeni.kde.org with local (Exim 4.95) (envelope-from <bugzilla_noreply@kde.org>) id 1tByyv-001Buw-Iy for swensonm@cassens.com; Fri, 15 Nov 2024 16:15:37 +0000 From: diekuhrannte@web.de To: swensonm@cassens.com Subject: [kdenlive] [Bug 491073] Audio Avfilters don’t work [Cannot set sink channel counts] Date: Fri, 15 Nov 2024 16:15:37 +0000 Reply-To: bug-control@kde.org X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Classification: Applications X-Bugzilla-Product: kdenlive X-Bugzilla-Component: Video Effects & Transitions X-Bugzilla-Version: 24.08.1 X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-OperatingSystem: All X-Bugzilla-Platform: Other X-Bugzilla-Who: diekuhrannte@web.de X-Bugzilla-Status: ASSIGNED X-Bugzilla-Resolution: X-Bugzilla-Priority: NOR X-Bugzilla-Assigned-To: jb@kdenlive.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: <bug-491073-238755-QtoJFEJ7TZ@http.bugs.kde.org/> In-Reply-To: <bug-491073-238755@http.bugs.kde.org/> References: <bug-491073-238755@http.bugs.kde.org/> X-Bugzilla-URL: http://bugs.kde.org/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.83 on 46.43.1.242 X-Mimecast-Spam-Score: 1 X-Mimecast-MFC-PROC-ID: W4z7quPH_i6ABE1_SUAboCSthrIq7j-Cf-tKwiIRljI_1731687339 X-Mimecast-Impersonation-Protect: Policy=Default Impersonation Protect Definition;Similar Internal Domain=false;Similar Monitored External Domain=false;Custom External Domain=false;Mimecast External Domain=false;Newly Observed Domain=false;Internal User Name=false;Custom Display Name List=false;Reply-to Address Mismatch=false;Targeted Threat Dictionary=false;Mimecast Threat Dictionary=false;Custom Threat Dictionary=false Content-Type: multipart/alternative; boundary="MCBoundary=_12411151115430591" --MCBoundary=_12411151115430591 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 https://url.us.m.mimecastprotect.com/s/rlkPCBBjk3C7P6G8hzflH20PGr?domain=3D= bugs.kde.org --- Comment #24 from diekuhrannte@web.de <diekuhrannte@web.de> --- Hello swensonm@cassens.com if you want to know how to downgrade flatpak: https://url.us.m.mimecastprotect.com/s/vYaOCDklm3s5jv93u5h4Hj4PNz?domain=3D= discuss.kde.org --=20 You are receiving this mail because: You are on the CC list for the bug. --MCBoundary=_12411151115430591 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=UTF-8 <HTML><BODY><a href=3D"https://url.us.m.mimecastprotect.com/s/feRaCERmn3S31= 97pupivH7hd3P?domain=3Dbugs.kde.org">https://bugs.kde.org/show_bug.cgi?id= =3D491073</a><BR> <BR> --- Comment #24 from diekuhrannte@web.de <diekuhrannte@web.de> ---<BR= > Hello swensonm@cassens.com<BR> if you want to know how to downgrade flatpak:<BR> <a href=3D"https://url.us.m.mimecastprotect.com/s/6uLeCG6op3S1WY7AuQsKHBQZX= q?domain=3Ddiscuss.kde.org">https://discuss.kde.org/t/flatpak-downgrade/255= 68</a><BR> <BR> -- <BR> You are receiving this mail because:<BR> You are on the CC list for the bug.</BODY></HTML> --MCBoundary=_12411151115430591--
Have done some investigating and have determined that this is caused by the user in question having their name set as their email address. That wasn't properly handled by Bugzilla's email libraries which turned "diekuhrannte@web.de <bugzilla_noreply@kde.org>" into just "diekuhrannte@web.de". I have now put filtering in place on the user name as it applies to emails which should hopefully prevent this from happening.