Ticket #279 (closed defect: wontfix)

Opened 13 years ago

Last modified 13 years ago

Receiving Undeliverable Email Messages Not Sent by a VoxForge User ... containing SPAM

Reported by: kmaclean Owned by: kmaclean
Priority: major Milestone: WebSite 0.2.1
Component: Web Site Version: 0.1-alpha
Keywords: Cc:

Description


Change History

comment:1 Changed 13 years ago by kmaclean

from this post:

http://www.openspf.org/

Is a volunteer-run website to promote the adoption of SPF in order to help combat spam.

The basic idea is that you use a special DNS record to publish exactly which email servers you send your mail from. ISPs can voluntarily use this information to block mail claiming to be from your domain that is sent through a different server.

It's certainly not a universal or complete fix, but it can help.

comment:2 Changed 13 years ago by kmaclean

What is SPF and why is it complicating my life?

Sender Policy Framework (SPF) is an attempt to control forged e-mail. SPF is not directly about stopping spam – junk email. It is about giving domain owners a way to say which mail sources are legitimate for their domain and which ones aren't. While not all spam is forged, virtually all forgeries are spam. SPF is not anti-spam in the same way that flour is not food: it is part of the solution.

comment:3 Changed 13 years ago by kmaclean

Can I create SPF records in DNS Made Easy?

SPF records are nothing more than TXT records. So yes you can create a SPF record in DNS Made Easy.

comment:4 Changed 13 years ago by kmaclean

From contents of an email sent from WebGUI to Google for your domain:

Yahoo mail forwarding on VoxForge WebGUI server:

Received: from == smtp109.rog.mail.re2.yahoo.com == (smtp109.rog.mail.re2.yahoo.com [68.142.225.207])

by mx.google.com with SMTP id p27si4948017ele.2007.10.26.12.21.53;

Google uses SPF:

Received-SPF: neutral (google.com: 68.142.225.207 is neither permitted nor denied by best guess record for domain of contact@…) client-ip=68.142.225.207;

Delivered-To: librivox@voxforge.org
Received: by 10.65.188.9 with SMTP id q9cs110226qbp;
        Fri, 26 Oct 2007 12:21:55 -0700 (PDT)
Received: by 10.90.29.18 with SMTP id c18mr2723442agc.1193426514174;
        Fri, 26 Oct 2007 12:21:54 -0700 (PDT)
Return-Path: <contact@voxforge.org>
Received: from smtp109.rog.mail.re2.yahoo.com (smtp109.rog.mail.re2.yahoo.com [68.142.225.207])
        by mx.google.com with SMTP id p27si4948017ele.2007.10.26.12.21.53;
        Fri, 26 Oct 2007 12:21:54 -0700 (PDT)
Received-SPF: neutral (google.com: 68.142.225.207 is neither permitted nor denied by best guess record for domain of contact@voxforge.org) client-ip=68.142.225.207;
Authentication-Results: mx.google.com; spf=neutral (google.com: 68.142.225.207 is neither permitted nor denied by best guess record for domain of contact@voxforge.org) smtp.mail=contact@voxforge.org
Received: (qmail 46881 invoked from network); 26 Oct 2007 19:21:53 -0000
Received: from unknown (HELO ruby.localdomain) (kmaclea175@rogers.com@99.249.239.28 with login)
  by smtp109.rog.mail.re2.yahoo.com with SMTP; 26 Oct 2007 19:21:53 -0000
X-YMail-OSG: TAm1ZxYVM1n1dDvfcjty4qd9u7SHDrHHaDeRleZeLs.mYMr5Xs80NwgHSkH2frQiRA--
Received: from localhost.localdomain (ruby.localdomain [127.0.0.1])
	by ruby.localdomain (8.13.8/8.13.6) with ESMTP id l9QJKS3u025824
	for <librivox@voxforge.org>; Fri, 26 Oct 2007 15:20:28 -0400
Content-Type: multipart/mixed; boundary="----------=_1193425856-25730-1"
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: <librivox@voxforge.org>
Reply-To: <contact@voxforge.org>
Subject: SISTER ROSA: A BALLAD by Percy Bysshe Shelley
Message-ID: <cs-_VZd4B9yGiKDLvpVe_hHzQ@>
Date: Fri, 26 Oct 2007 14:10:56 -0500
X-Mailer: WebGUI
X-Return-Path: <contact@voxforge.org>
List-ID: Submission System <contact.voxforge.org>
List-Help: <mailto:contact@voxforge.org>, <http://www.voxforge.org>
List-Unsubscribe: <http://www.voxforge.org/home/uploads/submission-system/sister-rosa-a-ballad-by-percy-bysshe-shelley?func=unsubscribe>
List-Subscribe: <http://www.voxforge.org/home/uploads/submission-system/sister-rosa-a-ballad-by-percy-bysshe-shelley?func=subscribe>
List-Owner: <mailto:contact@voxforge.org>, <http://www.voxforge.org> 
 (voxforge.org)
Sender: <contact@voxforge.org>
List-Post: No
List-Archive: <http://www.voxforge.org/home/uploads/submission-system>
X-Unsubscribe-Web: <http://www.voxforge.org/home/uploads/submission-system/sister-rosa-a-ballad-by-percy-bysshe-shelley?func=unsubscribe>
X-Subscribe-Web: <http://www.voxforge.org/home/uploads/submission-system/sister-rosa-a-ballad-by-percy-bysshe-shelley?func=subscribe>
X-Archives: <http://www.voxforge.org/home/uploads/submission-system>
cc: 
To: librivox@voxforge.org

This is a multi-part message in MIME format...

comment:6 Changed 13 years ago by kmaclean

From Google Apps for Administrators

How do I set my SPF records? Sender Policy Framework (SPF) records allow domain owners to specify which hosts are permitted to send email on behalf of their domains, making it hard to forge From: addresses. We strongly encourage you to publish SPF records for your domain -- having these records in place will ultimately help fight spam.

To set your domain's SPF record, publish the following TXT record on the DNS resource: v=spf1 include:aspmx.googlemail.com ~all

Publishing an SPF record that lacks include:aspmx.googlemail.com or specifying -all instead of ~all may result in delivery problems.

comment:7 Changed 13 years ago by kmaclean

www.openspf.org/Tools

The SPF Setup Wizard

comment:8 Changed 13 years ago by kmaclean

test #5 spf & emails - sending from Trac

comment:9 Changed 13 years ago by kmaclean

test 6 spf & emails - sending from Trac

comment:10 Changed 13 years ago by kmaclean

test 7

comment:11 Changed 13 years ago by kmaclean

test 10

comment:12 Changed 13 years ago by kmaclean

test 11

comment:13 Changed 13 years ago by kmaclean

added "v=spf1 include:aspmx.googlemail.com mx:rogers.com mx:yahoo.com ~all" to voxforge.org txt record (dns entry)

comment:14 Changed 13 years ago by kmaclean

result from sending an email from trac (by adding a comment):

Received-SPF: softfail (google.com: domain of transitioning trac-main@… does not designate 206.190.36.81 as permitted sender) client-ip=206.190.36.81;

Authentication-Results: mx.google.com; spf=softfail (google.com: domain of transitioning trac-main@… does not designate 206.190.36.81 as permitted sender)

 Delivered-To: kmaclean@voxforge.org
Received: by 10.65.188.9 with SMTP id q9cs98866qbp;
        Mon, 29 Oct 2007 19:13:15 -0700 (PDT)
Received: by 10.70.18.11 with SMTP id 11mr11663903wxr.1193710394937;
        Mon, 29 Oct 2007 19:13:14 -0700 (PDT)
Return-Path: <trac-main@voxforge.org>
Received: from smtp103.rog.mail.re2.yahoo.com (smtp103.rog.mail.re2.yahoo.com [206.190.36.81])
        by mx.google.com with SMTP id b45si4679340hsa.2007.10.29.19.13.14;
        Mon, 29 Oct 2007 19:13:14 -0700 (PDT)
Received-SPF: softfail (google.com: domain of transitioning trac-main@voxforge.org does not designate 206.190.36.81 as permitted sender) client-ip=206.190.36.81;
Authentication-Results: mx.google.com; spf=softfail (google.com: domain of transitioning trac-main@voxforge.org does not designate 206.190.36.81 as permitted sender) smtp.mail=trac-main@voxforge.org
Received: (qmail 20350 invoked from network); 30 Oct 2007 02:13:14 -0000
Received: from unknown (HELO ruby.localdomain) (kmaclea175@rogers.com@99.249.239.28 with login)
  by smtp103.rog.mail.re2.yahoo.com with SMTP; 30 Oct 2007 02:13:13 -0000
X-YMail-OSG: FVjP2D4VM1lzFOzF6FF7YTpWjDpiXqc3yLWMgxDx0.NYWyebc5T3.l5K0riwwYWBIQ--
Received: from ruby.localdomain (ruby.localdomain [127.0.0.1])
	by ruby.localdomain (8.13.8/8.13.6) with ESMTP id l9U2AThK001633
	for <kmaclean@voxforge.org>; Mon, 29 Oct 2007 22:10:29 -0400
MIME-Version: 1.0
Content-Type: text/plain; charset="ascii"
Content-Transfer-Encoding: 7bit
From: "Dev Site (Scripts)" <trac-main@voxforge.org>
Sender: trac-main@voxforge.org
X-Trac-Version: 0.10.4
X-Mailer: Trac 0.10.4, by Edgewall Software
X-Trac-Project: Dev Site (Scripts)
Date: Tue, 30 Oct 2007 02:10:29 -0000
Reply-To: 
X-URL: http://www.dev.voxforge.org/projects/Main
Subject: Re: [Dev Site (Scripts)] #279: Receiving Undeliverable Email
 Messages Not Sent by a VoxForge User ... containing SPAM
X-Trac-Ticket-URL: http://www.dev.voxforge.org/projects/Main/ticket/279#comment:12
Message-ID: <070.bdcefa8dc51528f4d3e4bdf976f513a5@voxforge.org>
References: <061.9d2f01f1e1bd0bdc704808ed6d8afe20@voxforge.org>
X-Trac-Ticket-ID: 279
In-Reply-To: <061.9d2f01f1e1bd0bdc704808ed6d8afe20@voxforge.org> 

comment:15 Changed 13 years ago by kmaclean

  • Status changed from new to closed
  • Resolution set to wontfix

SPF won't work for current scenario because VoxForge?/WebGUI forwards emails to Rogers/Yahoo?, and we don't know which IP addresses are used by Yahoo's mx domains. Stuff sent from Google apps for your domain could be captured, but doing this would result in emails sent from WebGUI being marked as soft-fail ... rather than neutral.

Note: See TracTickets for help on using tickets.