[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Nmh-workers] Emails being tagged as spam -- NMH solution???
From: |
Bob Carragher |
Subject: |
Re: [Nmh-workers] Emails being tagged as spam -- NMH solution??? |
Date: |
Tue, 03 Mar 2015 12:37:16 -0800 |
Thanks for the Received headers breakdown! It confirms what I
guessed. I don't have answers for your questions, though. B-(
However, I'm happy to email you off-list a copy of the message
that was received at Stanford. Just so I don't screw it up, if
it's in file foo.txt, how should I invoke base64(1) to generate
the file (which I'll attach using the Google web interface, to
*really* make sure I don't screw it up B-)?
Thanks!
Bob
On Tue, 03 Mar 2015 14:28:08 -0500 Ken Hornstein <address@hidden> sez:
> >> Okay, this header is actually defined in RFC 5451, see here:
> >>
> >> https://tools.ietf.org/html/rfc5451
> >
> >Is that still valid? The top of the linked page indicates that
> >RFC 5451 is obsoleted by RFC 7001 (in turn updated by RFC 7410).
>
> Ah, my bad ... I missed that. The updated RFC has some new stuff, but
> I don't think it changes anything for the purposes of this discussion.
>
> >This was sent using GMail's web interface, so it's about as
> >"legitimate" as it can be. No failing SPF, DKIM, and DMARC tests
> >(as far as I can tell).
>
> Hm, if you got this from the web interface ... I do not think then
> this is our problem.
>
> Breaking the Received headers down (I've reversed them):
>
> >> Received: from localhost.localdomain (c-71-202-61-143.hsd1.ca.comcast.net
> >> <http://c-71-202-61-143.hsd1.ca.comcast.net>. [71.202.61.143])
> >> by mx.google.com <http://mx.google.com> with ESMTPSA id
> >> dx6sm10044832pab.14.2015.03.01.14.04.09
> >> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
> >> Sun, 01 Mar 2015 14:04:09 -0800 (PST)
>
> Okay, this looks like the submission from your local machine to the Google
> mail servers, which is correct.
>
> >> X-Received: by 10.70.44.203 with SMTP id
> >> g11mr42282044pdm.130.1425247450905;
> >> Sun, 01 Mar 2015 14:04:10 -0800 (PST)
>
> I guess this is put in there by Google?
>
> >> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
> >> d=gmail.com <http://gmail.com>; s=20120113;
> >> h=message-id:from:originator:to:cc:reply-to:subject:in-reply-to
> >>
> >> :references:mime-version:content-type:content-transfer-encoding:date;
> >> ________
> >> ________
> >> ________
>
> So that's the DKIM signature from Google.
>
> >> Received: by pdbfl12 with SMTP id fl12so3394322pdb.5;
> >> Sun, 01 Mar 2015 14:04:10 -0800 (PST)
>
> Looks like something internal to Google.
>
> >> Received: from mail-pd0-f179.google.com <http://mail-pd0-f179.google.com>
> >> (mail-pd0-f179.google.com <http://mail-pd0-f179.google.com>
> >> [209.85.192.179])
> >> (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
> >> (No client certificate requested)
> >> by mx3.stanford.edu <http://mx3.stanford.edu> (Postfix) with ESMTPS id
> >> 5585080B25;
> >> Sun, 1 Mar 2015 14:04:11 -0800 (PST)
>
> So that's Google sending it to Stanford (specifically, mx3 at Stanford).
> Normal.
>
> >> Received: from mx3.stanford.edu <http://mx3.stanford.edu>
> >> (mx3.stanford.edu <http://mx3.stanford.edu> [171.67.219.73])
> >> by pps01.stanford.edu <http://pps01.stanford.edu> with ESMTP id
> >> 1sva6d059f-1
> >> (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT);
> >> Sun, 01 Mar 2015 14:04:13 -0800
>
> That's mx3 sending it to another host at Stanford.
>
> >> Received: from pps.filterd (pps01.stanford.edu <http://pps01.stanford.edu>
> >> [127.0.0.1])
> >> by pps01.stanford.edu <http://pps01.stanford.edu> (8.14.5/8.14.5) with
> >> SMTP id t21M03ir010851;
> >> Sun, 1 Mar 2015 14:04:14 -0800
>
> Looks like it's running it through some filtering host/program.
>
> >> Received: from pps01.stanford.edu <http://pps01.stanford.edu>
> >> (pps01.stanford.edu <http://pps01.stanford.edu> [171.67.214.163])
> >> (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
> >> (No client certificate requested)
> >> by mx4.stanford.edu <http://mx4.stanford.edu> (Postfix) with ESMTPS id
> >> 9A8DC80CD1;
> >> Sun, 1 Mar 2015 14:04:12 -0800 (PST)
>
> I'm unclear how mx4 got involved here, but whatever.
>
> >> Received: from mx4.stanford.edu <http://mx4.stanford.edu>
> >> (mx4.stanford.edu <http://mx4.stanford.edu> [171.67.219.87])
> >> (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
> >> (No client certificate requested)
> >> by smtp-grey.stanford.edu <http://smtp-grey.stanford.edu> (Postfix) with
> >> ESMTPS id AB17E20B81;
> >> Sun, 1 Mar 2015 14:04:12 -0800 (PST)
>
> mx4 sends it to smtp-grey.stanford.edu.
>
> >> Received: from smtp-grey.stanford.edu <http://smtp-grey.stanford.edu>
> >> (smtp-grey.stanford.edu <http://smtp-grey.stanford.edu>. [171.67.219.78])
> >> by mx.google.com <http://mx.google.com> with ESMTPS id
> >> bd5si10126741pbb.59.2015.03.01.14.04.12
> >> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
> >> Sun, 01 Mar 2015 14:04:14 -0800 (PST)
> >> Received-SPF: softfail (google.com <http://google.com>: domain of
> >> transitioning address@hidden <address@hidden> does not designate
> >> 171.67.219.78 as permitted sender) client-ip=171.67.219.78;
> >> Authentication-Results: mx.google.com <http://mx.google.com>;
> >> spf=softfail (google.com <http://google.com>: domain of
> >> transitioning address@hidden <address@hidden> does not designate
> >> 171.67.219.78 as permitted sender) address@hidden <address@hidden>;
> >> dkim=fail address@hidden <http://gmail.com>;
> >> dmarc=fail (p=NONE dis=NONE) header.from=gmail.com
> >> <http://gmail.com>
>
> Oh-HO. Okay, I think I see the problem. smtp-grey.stanford.edu is doing
> the SPF check, but it's getting the email from mx4.stanford.edu! Which is
> not an authorized sender for Google. But I do not understand why DKIM and
> DMARC are failing. I am wondering if maybe that's the core problem here.
>
> So ... that would make sense. If you're using sendmail, it is performing
> final delivery NOT through Google, and no DKIM signature is generated.
> Now, why is the DKIM signature failing? Good question! I don't have a
> lot of experience with DKIM, but you have piqued my curiousity; if you
> are willing to send me the original message to me off-list (please base64
> encode it so nothing is altered) I'll try to get some free time to chew
> on it. It may be that we're doing something wrong that is causing this.
>
> --Ken
>
> _______________________________________________
> Nmh-workers mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/nmh-workers
- Re: [Nmh-workers] Emails being tagged as spam -- NMH solution???, Bob Carragher, 2015/03/01
- Re: [Nmh-workers] Emails being tagged as spam -- NMH solution???, David Levine, 2015/03/01
- Message not available
- Re: [Nmh-workers] Emails being tagged as spam -- NMH solution???, Bob Carragher, 2015/03/01
- Re: [Nmh-workers] Emails being tagged as spam -- NMH solution???, Ken Hornstein, 2015/03/01
- Message not available
- Re: [Nmh-workers] Emails being tagged as spam -- NMH solution???, Bob Carragher, 2015/03/02
- Re: [Nmh-workers] Emails being tagged as spam -- NMH solution???, Ken Hornstein, 2015/03/02
- Message not available
- Re: [Nmh-workers] Emails being tagged as spam -- NMH solution???, Bob Carragher, 2015/03/02
- Re: [Nmh-workers] Emails being tagged as spam -- NMH solution???, Ken Hornstein, 2015/03/02
- Message not available
- Re: [Nmh-workers] Emails being tagged as spam -- NMH solution???, Bob Carragher, 2015/03/03
- Re: [Nmh-workers] Emails being tagged as spam -- NMH solution???, Ken Hornstein, 2015/03/03
- Message not available
- Re: [Nmh-workers] Emails being tagged as spam -- NMH solution???,
Bob Carragher <=
- Re: [Nmh-workers] Emails being tagged as spam -- NMH solution???, Ken Hornstein, 2015/03/03
- Re: [Nmh-workers] Emails being tagged as spam -- NMH solution???, Ken Hornstein, 2015/03/03
- Message not available
- Re: [Nmh-workers] Emails being tagged as spam -- NMH solution???, Bob Carragher, 2015/03/03
- Re: [Nmh-workers] Emails being tagged as spam -- NMH solution???, Ken Hornstein, 2015/03/03
- Message not available
- Re: [Nmh-workers] Emails being tagged as spam -- NMH solution???, Bob Carragher, 2015/03/03
- Re: [Nmh-workers] Emails being tagged as spam -- NMH solution???, David Levine, 2015/03/03
- Message not available
- Re: [Nmh-workers] Emails being tagged as spam -- NMH solution???, Bob Carragher, 2015/03/10
- Re: [Nmh-workers] Emails being tagged as spam -- NMH solution???, Ken Hornstein, 2015/03/03
- Message not available
- Re: [Nmh-workers] Emails being tagged as spam -- NMH solution???, Bob Carragher, 2015/03/04
- Re: [Nmh-workers] Emails being tagged as spam -- NMH solution???, Ken Hornstein, 2015/03/05