Thread: BUG #5012: mailing list VERP addresses not sender-verifiable
The following bug has been logged online: Bug reference: 5012 Logged by: Gergely Czuczy Email address: gergely.czuczy@harmless.hu PostgreSQL version: 8.4 Operating system: FreeBSD Description: mailing list VERP addresses not sender-verifiable Details: Hello, The mailing lists are using VERP, but the sender address verifications are failing for these addresses, therefore sender address verification-enabled MTAs are unable to receive mails from the lists.
On Wed, Aug 26, 2009 at 7:29 AM, Gergely Czuczy<gergely.czuczy@harmless.hu> wrote: > > The following bug has been logged online: > > Bug reference: =A0 =A0 =A05012 > Logged by: =A0 =A0 =A0 =A0 =A0Gergely Czuczy > Email address: =A0 =A0 =A0gergely.czuczy@harmless.hu > PostgreSQL version: 8.4 > Operating system: =A0 FreeBSD > Description: =A0 =A0 =A0 =A0mailing list VERP addresses not sender-verifi= able > Details: This is not a Postgres bug. I would say to please use an appropriate channel but, uh, our mailing list maintainers don't really have a good channel for reporting such problems :( In any case you should disable SAV. It is well documented to cause such problems and is likely to get you banned if you use it on a site which receives any significant amount of email from one place (such as Postgres lists!). c.f. http://taint.org/2007/03/16/134743a.html http://www.circleid.com/posts/sender_address_verification/ Fwiw the addresses used in the VERP are not blocked, they're greylisted. I suspect that is a mistake and they shouldn't be but there's nothing inherently wrong with it the way it is and your SAV implementation is just broken. Arguably the very concept of SAV is broken though. --=20 greg http://mit.edu/~gsstark/resume.pdf
Gergely Czuczy wrote: > The mailing lists are using VERP, but the sender address verifications are > failing for these addresses, therefore sender address verification-enabled > MTAs are unable to receive mails from the lists. We require that addresses subscribed to the list do not have ugly sender address verification mechanisms, yes. -- Alvaro Herrera http://www.CommandPrompt.com/ The PostgreSQL Company - Command Prompt, Inc.
Gergely Czuczy wrote: > Hello, > > okey, i've removed the check for postgresql.org. > > OTOH, may I ask how does VERP work at all for the mailing list, if the > returning mails are not handled? Just interested. It works reasonably well. What do you mean by "returning mails are not handled"? -- Alvaro Herrera http://www.CommandPrompt.com/ The PostgreSQL Company - Command Prompt, Inc.
Hello, okey, i've removed the check for postgresql.org. OTOH, may I ask how does VERP work at all for the mailing list, if the returning mails are not handled? Just interested. On Wed, 26 Aug 2009 17:43:17 +0100 Greg Stark <gsstark@mit.edu> wrote: > On Wed, Aug 26, 2009 at 7:29 AM, Gergely > Czuczy<gergely.czuczy@harmless.hu> wrote: > > > > The following bug has been logged online: > > > > Bug reference: =A0 =A0 =A05012 > > Logged by: =A0 =A0 =A0 =A0 =A0Gergely Czuczy > > Email address: =A0 =A0 =A0gergely.czuczy@harmless.hu > > PostgreSQL version: 8.4 > > Operating system: =A0 FreeBSD > > Description: =A0 =A0 =A0 =A0mailing list VERP addresses not > > sender-verifiable Details: >=20 > This is not a Postgres bug. I would say to please use an appropriate > channel but, uh, our mailing list maintainers don't really have a good > channel for reporting such problems :( >=20 > In any case you should disable SAV. It is well documented to cause > such problems and is likely to get you banned if you use it on a site > which receives any significant amount of email from one place (such as > Postgres lists!). >=20 > c.f. >=20 > http://taint.org/2007/03/16/134743a.html > http://www.circleid.com/posts/sender_address_verification/ >=20 > Fwiw the addresses used in the VERP are not blocked, they're > greylisted. I suspect that is a mistake and they shouldn't be but > there's nothing inherently wrong with it the way it is and your SAV > implementation is just broken. Arguably the very concept of SAV is > broken though. >=20 >=20 --=20 =DCdv=F6zlettel / Sincerely, Gergely CZUCZY
Gergely Czuczy wrote: > AFAIK exim generates a bounce to test the address, and for that I'm > getting a reject saying that the user is unknown for the VERP address. > > Aug 26 04:02:05 hostname exim[70819]: H=mx1.hub.org > [200.46.208.106] sender verify fail for <pgsql-announce-owner+M1580=phoemix=harmless.hu@postgresql.org>: response > to "RCPT > TO:<pgsql-announce-owner+M1580=phoemix=harmless.hu@postgresql.org>" > from mx1.hub.org [200.46.208.106] was: 550 5.1.1 > <pgsql-announce-owner+M1580=phoemix=harmless.hu@postgresql.org>: > Recipient address rejected: User unknown in relay recipient table Huh, I guess this was broken recently, because it's been working. I'll ask the sysadmin team. -- Alvaro Herrera http://www.CommandPrompt.com/ The PostgreSQL Company - Command Prompt, Inc.
Gergely Czuczy wrote: > Thanks. and sorry for using this form of reporting, but by not being > able to use the MLs, filling a bugreport form seemed to be the best way > to communicate this. Yeah, it's OK, don't worry about it. -- Alvaro Herrera http://www.CommandPrompt.com/ PostgreSQL Replication, Consulting, Custom Development, 24x7 support
On Wed, Aug 26, 2009 at 21:04, Alvaro Herrera<alvherre@commandprompt.com> w= rote: > Gergely Czuczy wrote: >> AFAIK exim generates a bounce to test the address, and for that I'm >> getting a reject saying that the user is unknown for the VERP address. >> >> Aug 26 04:02:05 hostname exim[70819]: H=3Dmx1.hub.org >> [200.46.208.106] sender verify fail for <pgsql-announce-owner+M1580=3Dph= oemix=3Dharmless.hu@postgresql.org>: response >> to "RCPT >> TO:<pgsql-announce-owner+M1580=3Dphoemix=3Dharmless.hu@postgresql.org>" >> from mx1.hub.org [200.46.208.106] was: 550 5.1.1 >> <pgsql-announce-owner+M1580=3Dphoemix=3Dharmless.hu@postgresql.org>: >> Recipient address rejected: User unknown in relay recipient table > > Huh, I guess this was broken recently, because it's been working. =A0I'll > ask the sysadmin team. That's not maintained by the sysadmin team. You need to ask hub.org. --=20 Magnus Hagander Me: http://www.hagander.net/ Work: http://www.redpill-linpro.com/
Magnus Hagander wrote: > On Wed, Aug 26, 2009 at 21:04, Alvaro Herrera<alvherre@commandprompt.com> wrote: > > Gergely Czuczy wrote: > >> AFAIK exim generates a bounce to test the address, and for that I'm > >> getting a reject saying that the user is unknown for the VERP address. > >> > >> Aug 26 04:02:05 hostname exim[70819]: H=mx1.hub.org > >> [200.46.208.106] sender verify fail for <pgsql-announce-owner+M1580=phoemix=harmless.hu@postgresql.org>: response > >> to "RCPT > >> TO:<pgsql-announce-owner+M1580=phoemix=harmless.hu@postgresql.org>" > >> from mx1.hub.org [200.46.208.106] was: 550 5.1.1 > >> <pgsql-announce-owner+M1580=phoemix=harmless.hu@postgresql.org>: > >> Recipient address rejected: User unknown in relay recipient table > > > > Huh, I guess this was broken recently, because it's been working. I'll > > ask the sysadmin team. > > That's not maintained by the sysadmin team. You need to ask hub.org. I know that very well, which is why I emailed Marc Fournier. The PG sysadmin team was also copied because they need to be aware of the issue. -- Alvaro Herrera http://www.CommandPrompt.com/ PostgreSQL Replication, Consulting, Custom Development, 24x7 support
AFAIK exim generates a bounce to test the address, and for that I'm getting a reject saying that the user is unknown for the VERP address. Aug 26 04:02:05 hostname exim[70819]: H=3Dmx1.hub.org [200.46.208.106] sender verify fail for <pgsql-announce-owner+M1580=3Dphoem= ix=3Dharmless.hu@postgresql.org>: response to "RCPT TO:<pgsql-announce-owner+M1580=3Dphoemix=3Dharmless.hu@postgresql.org>" from mx1.hub.org [200.46.208.106] was: 550 5.1.1 <pgsql-announce-owner+M1580=3Dphoemix=3Dharmless.hu@postgresql.org>: Recipient address rejected: User unknown in relay recipient table On Wed, 26 Aug 2009 14:54:49 -0400 Alvaro Herrera <alvherre@commandprompt.com> wrote: > Gergely Czuczy wrote: > > Hello, > >=20 > > okey, i've removed the check for postgresql.org. > >=20 > > OTOH, may I ask how does VERP work at all for the mailing list, if > > the returning mails are not handled? Just interested. >=20 > It works reasonably well. What do you mean by "returning mails are > not handled"? >=20 --=20 =DCdv=F6zlettel / Sincerely, Gergely CZUCZY
Thanks. and sorry for using this form of reporting, but by not being able to use the MLs, filling a bugreport form seemed to be the best way to communicate this. On Wed, 26 Aug 2009 15:04:57 -0400 Alvaro Herrera <alvherre@commandprompt.com> wrote: > Gergely Czuczy wrote: > > AFAIK exim generates a bounce to test the address, and for that I'm > > getting a reject saying that the user is unknown for the VERP > > address. > >=20 > > Aug 26 04:02:05 hostname exim[70819]: H=3Dmx1.hub.org > > [200.46.208.106] sender verify fail for > > <pgsql-announce-owner+M1580=3Dphoemix=3Dharmless.hu@postgresql.org>: > > response to "RCPT > > TO:<pgsql-announce-owner+M1580=3Dphoemix=3Dharmless.hu@postgresql.org>" > > from mx1.hub.org [200.46.208.106] was: 550 5.1.1 > > <pgsql-announce-owner+M1580=3Dphoemix=3Dharmless.hu@postgresql.org>: > > Recipient address rejected: User unknown in relay recipient table >=20 > Huh, I guess this was broken recently, because it's been working. > I'll ask the sysadmin team. >=20 --=20 =DCdv=F6zlettel / Sincerely, Gergely CZUCZY
On Wed, Aug 26, 2009 at 7:59 PM, Gergely Czuczy<gergely.czuczy@harmless.hu> wrote: > AFAIK exim generates a bounce to test the address, and for that I'm > getting a reject saying that the user is unknown for the VERP address. > > Aug 26 04:02:05 hostname exim[70819]: H=mx1.hub.org > [200.46.208.106] sender verify fail for <pgsql-announce-owner+M1580=phoemix=harmless.hu@postgresql.org>: response > to "RCPT > TO:<pgsql-announce-owner+M1580=phoemix=harmless.hu@postgresql.org>" > from mx1.hub.org [200.46.208.106] was: 550 5.1.1 > <pgsql-announce-owner+M1580=phoemix=harmless.hu@postgresql.org>: > Recipient address rejected: User unknown in relay recipient table That's odd. When I tested it I got a 450 greylist. That causes the mailer to hold the email and then resend again later. My email didn't have the "=foo=bar.baz" component though, just +M0000. -- greg http://mit.edu/~gsstark/resume.pdf
Greg Stark wrote: > On Wed, Aug 26, 2009 at 7:59 PM, Gergely > Czuczy<gergely.czuczy@harmless.hu> wrote: > > AFAIK exim generates a bounce to test the address, and for that I'm > > getting a reject saying that the user is unknown for the VERP address. > > > > Aug 26 04:02:05 hostname exim[70819]: H=mx1.hub.org > > [200.46.208.106] sender verify fail for <pgsql-announce-owner+M1580=phoemix=harmless.hu@postgresql.org>: response > > to "RCPT > > TO:<pgsql-announce-owner+M1580=phoemix=harmless.hu@postgresql.org>" > > from mx1.hub.org [200.46.208.106] was: 550 5.1.1 > > <pgsql-announce-owner+M1580=phoemix=harmless.hu@postgresql.org>: > > Recipient address rejected: User unknown in relay recipient table > > That's odd. When I tested it I got a 450 greylist. That causes the > mailer to hold the email and then resend again later. My email didn't > have the "=foo=bar.baz" component though, just +M0000. I got a 450 greylist on mx2.hub.org but a hard error on mx1.hub.org. Which one did you try? Note that there's also maia-1.hub.org or something like that. I'm not sure what's each server; weird crap from hub.org I guess. I tried an address without the =foo=bar.baz part too; I think Majordomo uses different patterns depending on whether the sender is subscribed, or something like that; but they should both work. -- Alvaro Herrera http://www.CommandPrompt.com/ PostgreSQL Replication, Consulting, Custom Development, 24x7 support
The frustrating thing about this, is that we complain over and over, and hub.org email setup keeps breaking every so often. We need to thank Marc very much for his hosting effort during all this time since he first set things up back in 1996/7, but we also need to be looking around for plausible alternatives. I know it's difficult to run a complex email setup, but if the work was shared among the PG sysadmin team instead of being Marc only, things would flow more easily. I know I'm going to get spanked for saying this :-( -- Alvaro Herrera http://www.flickr.com/photos/alvherre/ "I dream about dreams about dreams", sang the nightingale under the pale moon (Sandman)
On Wed, Aug 26, 2009 at 10:12 PM, Alvaro Herrera<alvherre@alvh.no-ip.org> wrote: > > The frustrating thing about this, is that we complain over and over, and > hub.org email setup keeps breaking every so often. The problem is not that it keeps breaking -- that's normal. The problem is that it breaks and he's not aware because he's not here. You can't maintain stuff that you aren't actively using, at least not unless you have a whole support organization. -- greg http://mit.edu/~gsstark/resume.pdf