[ExI] Fwd: Delivery Status Notification (Failure)

efc at swisscows.email efc at swisscows.email
Mon Jan 15 19:12:54 UTC 2024 

Thank you very much John, I will pass this on to my provider. I am curious 
though, why the provider hasn't already made the change.

Is this setup that you are referring to standard? Or is it a strict 
interpretation of the standard, and other might have a less trict, and 
that is why this email provider gets through to some but not to others?

I guess what I'm thinking is that would it be possible for you to "loosen" 
the configuration? Note that I am definitely not asking you too, I am just 
curious.

For now, I'll happily pass that on to the SP and then we'll see if this 
stops happening. Thank you very much for the trouble of digging through 
the logs! =)

Best regards,
Daniel


On Mon, 15 Jan 2024, John Klos wrote:

>> I get the same error and I don't have gmail. That leads me to believe that 
>> the error is server-side and not client-side.
>
> When we have limited information, we sometimes come to conclusions that make 
> sense but aren't necessarily correct. Luckily, we have logs ;)
>
> For your mail server (mail-gate.swisscows.email), it seems that the reverse 
> DNS PTR for that server should point to a primary name, but it does not (RFC 
> 1034, section 3.6.2, for anyone who is curious). But that's not directly why 
> email was rejected, though - it was rejected because the extra lookup due to 
> that CNAME took too long, which is why it happens only sometimes.
>
> You can write to your email provider and let them know, and perhaps they'll 
> fix it (feel free to include that paragraph and/or cc me - I'm happy to 
> provide logs and more informtion). Isn't it better to fix the problem than 
> the symptom? :)
>
> For MB, I only see three failed attempts back in August and October. If this 
> is happening more often than that, then I'd need more specific information to 
> find any rejections in the mail logs (the logs are typically thousands of 
> lines a day). Feel free to email me directly, if this is the case.
>
> I do see that describing this as "Intrusion" can be a bit misleading. I put 
> that in there for all of the connecting machines that attempt to log in to 
> try to send email through the server, and it matches clients that don't 
> identify themselves AND servers that have names that don't resolve (even if 
> it's just temporary).
>
> To make this less of a pain, I'm making the error transient so your email 
> server(s) will retry before they fail. You might get a warning, but you won't 
> have to do anything yourself.
>
> I'm also changing the message to "Given name from (client_addr) does not make 
> sense."
>
> I'm sending this to the whole list to encourage anyone who has issues to 
> contact me directly. Whatever happens, we'll figure it out!
>
> Thanks,
> John
>
>

More information about the extropy-chat mailing list