IETF Logo Mail Archive

Re: [Tools-discuss] Weird messages from IETF/Google Mailservers (WG: PALS WG Adoption poll draft-schmutzer-pals-ple)

Tero Kivinen <kivinen@iki.fi> Thu, 01 June 2023 21:22 UTC

Return-Path: <kivinen@iki.fi>
X-Original-To: wgchairs@ietfa.amsl.com
Delivered-To: wgchairs@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3BA15C151533; Thu, 1 Jun 2023 14:22:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.098
X-Spam-Level:
X-Spam-Status: No, score=-7.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=iki.fi
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v2ckDvrG36sW; Thu, 1 Jun 2023 14:22:42 -0700 (PDT)
Received: from meesny.iki.fi (meesny.iki.fi [195.140.195.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C4807C151530; Thu, 1 Jun 2023 14:22:40 -0700 (PDT)
Received: from fireball.acr.fi (fireball.kivinen.iki.fi [IPv6:2001:1bc8:100d::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: kivinen@iki.fi) by meesny.iki.fi (Postfix) with ESMTPSA id 4QXJxk6G2wzyZR; Fri, 2 Jun 2023 00:22:33 +0300 (EEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iki.fi; s=meesny; t=1685654556; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Stg3p2inftOKi6Oq8qrmcjq0hd5BFOa1Ou0joOwkjLg=; b=jXS0iGQZIJe/3ZIo3oYpkfOOqmwHQHLP6thEvL4L/N1EdP2qXI8g5surZUCJnTqRCzEu61 hD30achVaUNeH7NmQCtRCbYsGrLYurisPl3XqMRJs6fQ2aX2wVP7Ry3wb3bGer7j9GlZw8 YKwDkz3z9UjSDgCq2nf7ItsPX3Ni0RY=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=iki.fi; s=meesny; t=1685654556; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Stg3p2inftOKi6Oq8qrmcjq0hd5BFOa1Ou0joOwkjLg=; b=WZ6On+P6jT5ukJRSTf7ewO40pOEl8qAXnWzNfIqaqVOuPz8KxdtNhC7+8/7eOY9dquH5yt 86/x2AElw7NGhADj14fokXLXqFY47QHDbCE/oWRsi7Y1JYNVit3HGxJjjGGR+xp3cD2OaB hohNae3k1uPwaf5i569a3YslGUrZvJI=
ARC-Authentication-Results: i=1; ORIGINATING; auth=pass smtp.auth=kivinen@iki.fi smtp.mailfrom=kivinen@iki.fi
ARC-Seal: i=1; s=meesny; d=iki.fi; t=1685654556; a=rsa-sha256; cv=none; b=XPd+g7SUj9RfSNfRp9bd8pFd9snmUuxKknjlZ+CMcJdUQumzphs/loETI6zo3z6jTASSGK 9/ZG6ItaeBsz2lPMtyWuVMHEEnnN29FtTI1nXKZuZeYqJq0aOtn6Zwj3xQJSVYq6dxGh98 pNht1o7ZoXNE+w3suhpByXGn69uxPyE=
Received: by fireball.acr.fi (Postfix, from userid 15204) id BCEBB25C1295; Fri, 2 Jun 2023 00:22:32 +0300 (EEST)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <25721.3096.721252.447039@fireball.acr.fi>
Date: Fri, 02 Jun 2023 00:22:32 +0300
From: Tero Kivinen <kivinen@iki.fi>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Cc: Barry Leiba <barryleiba@computer.org>, Jim Fenton <fenton@bluepopcorn.net>, wgchairs@ietf.org, tools-discuss@ietf.org
Subject: Re: [Tools-discuss] Weird messages from IETF/Google Mailservers (WG: PALS WG Adoption poll draft-schmutzer-pals-ple)
In-Reply-To: <4e5c9dbd-79a0-b89a-d827-1f4ed39f7834@gmail.com>
References: <BEZP281MB2008B40D838DDC78B76B4DFA9849A@BEZP281MB2008.DEUP281.PROD.OUTLOOK.COM> <ZHinT9Y4Ffn0tcwD@faui48e.informatik.uni-erlangen.de> <9898F7C3-7139-474B-B9A6-22A6B09E7D52@bluepopcorn.net> <CALaySJLGK92TtzrpKwV3v-XcWNxLUY3wqObv=Qvkaujc=aXHcQ@mail.gmail.com> <4e5c9dbd-79a0-b89a-d827-1f4ed39f7834@gmail.com>
X-Mailer: VM 8.2.0b under 26.3 (x86_64--netbsd)
X-Edit-Time: 21 min
X-Total-Time: 22 min
Archived-At: <https://mailarchive.ietf.org/arch/msg/wgchairs/Z9BghdnM7SF0hCZMyl301lqfWt4>
X-BeenThere: wgchairs@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Working Group Chairs <wgchairs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/wgchairs>, <mailto:wgchairs-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/wgchairs/>
List-Post: <mailto:wgchairs@ietf.org>
List-Help: <mailto:wgchairs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/wgchairs>, <mailto:wgchairs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Jun 2023 21:22:46 -0000

Brian E Carpenter writes:
> I don't think these are DMARC failures, if you look back at the
> original error messages that Toerless forwarded.

Gmail uses all kind of random filtering rules that they change at
random. You have to remember gmail users are not customers of google,
they are the product google sells out. The customers are advertisement
companies (and spammers, as most of the spam seem to come from
google/gmail).

Gmail is not interested at all whether your email goes through or not.
They do not have customers support. They do not read abuse/postmaster
or any other email where you could send email reports about issues.

They sometimes also reject emails with valid DKIM signatures with same
error messages saying they are not authenticated, so even if the
original sender would add DKIM signatures to their emails that might
not help.

In iki.fi we usually just recommend people to use some actual email
service that do offer customer support etc, even if it costs
something...

And as those are aliases, they are not mailing lists so changing to
newer mailman does not affect those, but as they are aliases the
original DKIM etc headers should work, as they go through the email
systems without any modifications.

If you are sending email and getting such errors (the dkim errors, not
the rate limiting errors), you should make sure your system is signing
the messages with DKIM.

You can use for example https://dkimvalidator.com/ to verify that your
email generates proper DKIM headers. If you do that might help your
emails going through to gmail (and few other places which incorrectly
use dkim or spf failures to reject emails, not just marking their
sender being non authenticated).

Those rate limiting errors are temporary so that means that the email
usually goes through in next 24 hours as the ietf mail server will try
every now and every time, try every single MX gmail has, as the 421
error message in rfc5321 is described as:

   421  <domain> Service not available, closing transmission channel
      (This may be a reply to any command if the service knows it must
      shut down)

meaning at least sendmail will interpret it that this MX is going
down, so I should try to connect next MX and see whether it can
process this email, and that will of course respond with same error
messages...

In iki we had at one point an situation where we started to get this
error message around 9 am Finnish time, and then during the day the
queue to gmail just got larger and larger, and then around 9 pm the
queue lengths started to go down, and they usually emptied around 3
am, and then when people woke up around 7 or 8 am and started to send
emails again the same thing repeated... This went on for several
weeks.
-- 
kivinen@iki.fi

v2.29.0 | Report a Bug | By Email | System Status