[OSGeo] #3444: EMail Headers mismatch

OSGeoTrac · September 22, 2025, 2:36pm

#3444: EMail Headers mismatch
------------------------------+---------------------------
Reporter: darkblueb | Owner: sac-tickets@…
Type: defect | Status: new
Priority: normal | Milestone: Unplanned
Component: SysAdmin/Mailman | Keywords: email headers
------------------------------+---------------------------
from the mail servers migration weekend of 21Sep2025

**strk** got: {{{To: System Administration Committee Discussion/OSGeo
<sac@lists.osgeo.org>}}}

**grayshade** got: {{{To: "System Administration Committee
Discussion/OSGeo" <sac@lists.osgeo.org>}}}

**darkblueb**: got: {{{To: "System Administration Committee
Discussion/OSGeo" <sac@mail.osgeo.org>}}}

raw msg content via carrierzone in the USA

{{{
X-Spam-Flag: NO
Received-SPF: pass (mail164c40.carrierzone.com: domain of
SRS0=3g8W=37=lists.osgeo.org=sac-bounces@osgeo.org designates
140.211.15.13 as permitted sender) receiver=mail164c40.carrierzone.com;
client-ip=140.211.15.13; helo=lists.osgeo.org; envelope-
from=SRS0=3g8W=37=lists.osgeo.org=sac-bounces@osgeo.org;
x-software=spfmilter 2.001 spfmilter with
libspf2-1.2.10;
DMARC-Filter: OpenDMARC Filter v1.4.2 mail164c40.carrierzone.com
58K4bFle3159872
Authentication-Results: mail164c40.carrierzone.com; dmarc=none (p=none
dis=none) header.from=erosion.dev
Authentication-Results: mail164c40.carrierzone.com; spf=pass
smtp.mailfrom=osgeo.org
X-Envelope-From: SRS0=3g8W=37=lists.osgeo.org=sac-bounces@osgeo.org
Authentication-Results: mail164c40.carrierzone.com;
         dkim=pass (2048-bit key, unprotected) header.d=erosion-
dev.20230601.gappssmtp.com header.i=@erosion-dev.20230601.gappssmtp.com
header.a=rsa-sha256 header.s=20230601 header.b=pWSUiY9h
Return-Path: <SRS0=3g8W=37=lists.osgeo.org=sac-bounces@osgeo.org>
Received: from lists.osgeo.org (osgeo9.osgeo.osuosl.org [140.211.15.13])
         by mail164c40.carrierzone.com (8.14.9/8.13.1) with ESMTP id
58K4bFle3159872
         for <maplabs@light42.com>; Sat, 20 Sep 2025 00:37:20 -0400
Received: from mail.lxd (localhost [127.0.0.1])
         by lists.osgeo.org (Postfix) with ESMTP id 7072446BC5D;
         Fri, 19 Sep 2025 21:37:14 -0700 (PDT)
Authentication-Results: lists.osgeo.org;
         dkim=pass (2048-bit key; unprotected) header.d=erosion-
dev.20230601.gappssmtp.com header.i=@erosion-dev.20230601.gappssmtp.com
header.b="pWSUiY9h";
         dkim-atps=neutral
Received: from mail-il1-f172.google.com (mail-il1-f172.google.com
  [209.85.166.172])
  by lists.osgeo.org (Postfix) with ESMTPS id EB56F46BC5A
  for <sac@lists.osgeo.org>; Fri, 19 Sep 2025 21:37:12 -0700 (PDT)
Received: by mail-il1-f172.google.com with SMTP id
  e9e14a558f8ab-4248733422bso6552835ab.1
  for <sac@lists.osgeo.org>; Fri, 19 Sep 2025 21:37:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
  d=erosion-dev.20230601.gappssmtp.com; s=20230601; t=1758343032;
x=1758947832;
  darn=lists.osgeo.org;
  h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
  :date:message-id:reply-to;
  bh=rYqKdb/wv8pa5fn2rPBSZuXKAYVyRWZLidPHXCMd5hQ=;
  b=pWSUiY9hJWuCCkU2f131wLlt0vXDqRChk92Z2lwiTezGqP3OPd9cLpWWqog8FbnYqx
  /MwWYslWX8+lnjpy44JyNF8exm6v9+rZfjKRdtfTDI+YdSFx4ZJsdBxCYrx6wW3XT7pQ
  LJoS2caTcMof/3TfZgL8xS1H10yaiNrlhtMWcxo9OEoNnf3XTQcwSwYnhjH9Z/UnEOpv
  fw9CMrUBJVatcQbcMKJfTWuU2ffrdYFkIclgjj1XYlMvCVVJ/fluB2YtOmzas0+yt1dA
  Thdz78TE/y7TSB/z9yPgpD0EmkuoJodhIsuS7nfirGpgZiagq1NjTkGcP2eMR1vUgtpx
  1aiQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
  d=1e100.net; s=20230601; t=1758343032; x=1758947832;
  h=to:subject:message-id:date:from:mime-version:x-gm-message-state
  :from:to:cc:subject:date:message-id:reply-to;
  bh=rYqKdb/wv8pa5fn2rPBSZuXKAYVyRWZLidPHXCMd5hQ=;
  b=YtHMOwITBr6f1GNLuTyFcgS/LszLB6325dVnMgGWWzz1F/Ag6Y6iKIkxibDaQlpgyG
  yPWjmOC0Wu7MyEo+R82qcG35nZ9b/gEedyTqN+Irv1H8CXZ3+nudFfia691ZNv1Fh6f4
  sYICXoHU/zNtgWTyTiCTEMW4ZtgUyGE/pQBKdW03YflopUpBLoPxzdZoT0+Fk7+6Bmwt
  oBPcXj2k4aUKUZhj8gW05Gl4vGXyibKM4cjqYlNYw/op0n/bd4qTLbEV51FGAgDlKsdt
  e4PAI7DoHTufNI5OqmIb1YZcRlbv4C8te8HOtM/yeZjA2Tu2/NduQszVQGpWDG3bfP8R
  ImLg==
X-Gm-Message-State:
AOJu0YzrvtHPYgGnXM1EoA5j09ZJsMeeFx688vwysHC1SGKrQM9pRx+D
peQ/1TStOSjsoi/IpZJ2Mq49opftxYgaMHXJFJHvDBsyhTqMgg4QOD9g/tNNIbPseOjTOj9ipvg
  qv107Qh0J4Dm409zLmmFgbj3nHW8pcAzokr9jsi2rWiB/pucMOF8P
X-Gm-Gg:
ASbGncv9r5DFmpuXd0cNmZfVFEHA7+bRe2DMUYS/fuQqDEqySblCYgivRDNXhnav6FX
5djFOgMSLTT7nD5PyRRq2pRTpOPXiEJd6/tv3TpLjXbD4nIyOC9A5Tmss9saZDtBYmJirTcEfvx
h+1zbOjnyZOoN9SLlOUvmjbvQ/APQte5WDnLgEUZiKjK5YXDhGRsHwWsredPnBJDn9CyMtOeS3+
  XxBfx4zJyj94hMuybcUmIvIQDeG+0uPrPiqGmE=
X-Google-Smtp-Source:
AGHT+IEOmi9T/7SvYnQGv4Uk+4AtyB95NNUmFAZjByc836m79fZ2ZOmcRoSyZK+OJQK2noGPSfjoDfsLTMz1M7rFEPM=
X-Received: by 2002:a05:6e02:174e:b0:3ec:d2db:9381 with SMTP id
  e9e14a558f8ab-4248190bba0mr91251755ab.11.1758343031961; Fri, 19 Sep 2025
  21:37:11 -0700 (PDT)
MIME-Version: 1.0
From: Vicky Vergara <vicky@erosion.dev>
Date: Fri, 19 Sep 2025 22:36:56 -0600
X-Gm-Features: AS18NWBHHYZK-
sCoPvRGWld0-ZbOCHXeeZeCr84HYbG0eZvKvOn2oW7Zktea3xY
Message-ID:
<CAFxHbZRZ4DE7BDBqbcuS05_RpO_qF5sfgb_hvpx8OQsWZKOmRg@mail.gmail.com>
Subject: This is a test
To: "System Administration Committee Discussion/OSGeo"
<sac@mail.osgeo.org>
Content-Type: multipart/alternative;
boundary="000000000000d04fdc063f3423f9"
X-BeenThere: sac@lists.osgeo.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: System Administration Committee Discussion/OSGeo
<sac.lists.osgeo.org>
List-Unsubscribe: <https://lists.osgeo.org/mailman/options/sac>,
  <mailto:sac-request@lists.osgeo.org?subject=unsubscribe>
List-Archive: <http://lists.osgeo.org/pipermail/sac/>
List-Post: <mailto:sac@lists.osgeo.org>
List-Help: <mailto:sac-request@lists.osgeo.org?subject=help>
List-Subscribe: <https://lists.osgeo.org/mailman/listinfo/sac>,
  <mailto:sac-request@lists.osgeo.org?subject=subscribe>
Errors-To: sac-bounces@mail.osgeo.org
X-VADE-SPAMSTATE: clean
X-VADE-SPAMSCORE: 0
X-VADE-SPAMCAUSE:
dmFkZTGqjsNQG6J9F01KfZAC9/yUk5VldhARjq63ECXzxIpo2GFT7MkKbp2JCPYCvvCYm2653m2+5fhkqr5ZfJXSez4NXihoZYhwqfnZBJ9hSPpOLGvNF3UNWiIyyB3ojRDnSZ6uu5kzAa8/ZEPTZcrcEI0B96kvlHutP4C4nNuTP2kF9dZ8bbfRX5p0FctdYKx6ShRiUxJn3Q6pKqA2Deom/Tz9EPMQZ/g+E1cDGRZZKoUWBh4uVttG3EH3SeLcsEx/RPATpRyf0NUJxiOQFkcgY/Ns2QpMusu9mEv0TyqQCufsfHcuu9GDCAylFXQ2XVzxlxua4AqgjOsh98TlY6U+OiBdmIpLpG2kiBsa942gzxRT9B1CN4wWxdiM8W4a/08Xrznlbza7IU1+bJSvdomeqT/RSioiJPq/J7616jol2OmNwGggon3VHxmx2Q9XXYcN0wTKxi3qrgpkuzfZt1J8hNOGsBs453iviLoA4RHRCEFcNfFjz0wGXmAwcJ2oADWIJ1Tnq7UGyVR+xhCTHgJVt1Dke5iQOEvt4kjx3/5SDZvdTkA9B7CKnoDGULZOXvNWN4X220IJlm8qY0/YmvVtngtIsUigJ0W4fEKCbzqanPbG2gqt8LbPxWT+kC3K75IovoVeFp25KqkPYokXMS1NvlJdLly1zb9jENDEe3239setFg
X-Rspamd-Result: default: False [-0.61 / 6.00];
         R_DKIM_ALLOW(-0.20)[erosion-
dev.20230601.gappssmtp.com:s=20230601];
         R_SPF_ALLOW(-0.20)[+ip4:140.211.15.13];
         MAILLIST(-0.20)[mailman];
         MIME_GOOD(-0.10)[multipart/alternative,text/plain];
         RCVD_NO_TLS_LAST(0.10);
         HAS_LIST_UNSUB(-0.01);
         ARC_NA(0.00);
         ASN(0.00)[asn:3701, ipnet:140.211.0.0/16, country:US];
         MISSING_XM_UA(0.00);
         RCPT_COUNT_ONE(0.00)[1];
         MIME_TRACE(0.00)[0:+,1:+,2:~];
         NEURAL_HAM(-0.00)[-1.000];
         DMARC_NA(0.00)[erosion.dev];
         RCVD_COUNT_THREE(0.00)[3];
FROM_NEQ_ENVFROM(0.00)[vicky@erosion.dev,SRS0=3g8W=37=lists.osgeo.org=sac-
bounces@osgeo.org];
         FROM_HAS_DN(0.00);
         FORGED_RECIPIENTS_MAILLIST(0.00);
         FORGED_SENDER_MAILLIST(0.00);
         TO_DN_ALL(0.00);
         PREVIOUSLY_DELIVERED(0.00)[sac@lists.osgeo.org];
         DKIM_TRACE(0.00)[erosion-dev.20230601.gappssmtp.com:+]
X-Rspamd-Status: No, score=-0.61
X-Origin-Country: US
X-Origin-ASN: 3701
X-WHL: LR

--000000000000d04fdc063f3423f9
Content-Type: text/plain; charset="UTF-8"

This is a test
Regards

--000000000000d04fdc063f3423f9
Content-Type: text/html; charset="UTF-8"

<div dir="ltr"><div>This is a test</div><div>Regards</div></div>

--000000000000d04fdc063f3423f9--
}}}
--
Ticket URL: <Making sure you're not a bot!;
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.

OSGeoTrac · September 22, 2025, 3:05pm

#3444: EMail Headers mismatch
------------------------------+----------------------------
Reporter: darkblueb | Owner: sac-tickets@…
Type: defect | Status: new
Priority: normal | Milestone: Unplanned
Component: SysAdmin/Mailman | Resolution:
Keywords: email headers |
------------------------------+----------------------------
Comment (by darkblueb):

automated comment

This email was delivered through several mail servers in the following
sequence:

1. **Google's mail server** (`mail-il1-f172.google.com`):
- The original message originated from Google's infrastructure.
- It includes DKIM signatures from `erosion-dev.20230601.gappssmtp.com`
and `1e100.net`, indicating it was
signed by Google's mail servers.

2. **lists.osgeo.org**:
    - The message was relayed to this server, which acts as an email list
manager (likely Mailman).
    - This server added its own DKIM signature.
    - It also received the message via SMTP from Google's server (`mail-
il1-f172.google.com`).

3. **osgeo9.osgeo.osuosl.org**:
    - The `lists.osgeo.org` server then forwarded the message to this host
(IP: 140.211.15.13).
    - This is where the SRS (Sender Rewriting Scheme) was applied, changing
the return path from
`sac-bounces@osgeo.org` to `SRS0=3g8W=37=lists.osgeo.org=sac-
bounces@osgeo.org`.
    - The final delivery was made by CarrierZone's mail server
(`mail164c40.carrierzone.com`).

4. **mail164c40.carrierzone.com**:
    - This is the final destination of the email.
    - It performed SPF, DKIM, and DMARC checks, all of which passed.
    - The message was delivered to `maplabs@light42.com`.

In summary, the path taken by the email is:
`Google -> lists.osgeo.org -> osgeo9.osgeo.osuosl.org ->
mail164c40.carrierzone.com`

This sequence shows a typical flow for mailing list messages, where Google
handles the initial send, then it
goes through the OSGeo mailing list system (via `lists.osgeo.org`), and
finally arrives at its destination via
CarrierZone.
--
Ticket URL: <Making sure you're not a bot!;
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.

OSGeoTrac · October 20, 2025, 7:15pm

#3444: EMail Headers mismatch
------------------------------+----------------------------
Reporter: darkblueb | Owner: sac-tickets@…
Type: defect | Status: new
Priority: normal | Milestone: Unplanned
Component: SysAdmin/Mailman | Resolution:
Keywords: email headers |
------------------------------+----------------------------
Comment (by lnicola):

Oh, it's actually simpler, it just looks for CNAME records:

lists.osgeo.org. 300 IN CNAME mail.osgeo.org.
--
Ticket URL: <Making sure you're not a bot!;
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.

OSGeoTrac · October 20, 2025, 7:08pm

#3444: EMail Headers mismatch
------------------------------+----------------------------
Reporter: darkblueb | Owner: sac-tickets@…
Type: defect | Status: new
Priority: normal | Milestone: Unplanned
Component: SysAdmin/Mailman | Resolution:
Keywords: email headers |
------------------------------+----------------------------
Comment (by lnicola):

We managed to reproduce something similar to this with my domain. It looks
like the carrierzone server looks up the sender domain, and if it exists,
does some kind of reverse lookup on the IP and rewrites the From and
Return-Path headers to that hostname.

If I apply this to lists.osgeo.org, I get mail2.osgeo.osuosl.org, not
mail.osgeo.org, so it's not a plain PTR lookup.
--
Ticket URL: <Making sure you're not a bot!;
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.

OSGeoTrac · October 25, 2025, 8:19am

#3444: EMail Headers mismatch
------------------------------+----------------------------
Reporter: darkblueb | Owner: sac-tickets@…
Type: defect | Status: new
Priority: normal | Milestone: Unplanned
Component: SysAdmin/Mailman | Resolution:
Keywords: email headers |
------------------------------+----------------------------
Comment (by lnicola):

I installed and patched dkimpy to ignore the timestamp. Now the message I
got on Gmail my copy of my test message passes with "signature ok", while
darkblueb's fails with "signature verification failed".

So I'm reasonably sure that carrierzone breaks DKIM when rewriting the
header and that #3459 fixed this.
--
Ticket URL: <Making sure you're not a bot!;
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.

OSGeoTrac · October 26, 2025, 7:13am

#3444: EMail Headers mismatch
------------------------------+----------------------------
Reporter: darkblueb | Owner: sac-tickets@…
Type: defect | Status: closed
Priority: normal | Milestone: Unplanned
Component: SysAdmin/Mailman | Resolution: fixed
Keywords: email headers |
------------------------------+----------------------------
Changes (by lnicola):

* resolution: => fixed
* status: new => closed

--
Ticket URL: <Making sure you're not a bot!;
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.

OSGeoTrac · October 26, 2025, 7:15am

#3444: EMail Headers mismatch
---------------------------+----------------------------
Reporter: darkblueb | Owner: sac-tickets@…
Type: defect | Status: closed
Priority: normal | Milestone: Unplanned
Component: SysAdmin/DNS | Resolution: fixed
Keywords: email headers |
---------------------------+----------------------------
Changes (by lnicola):

* component: SysAdmin/Mailman => SysAdmin/DNS

--
Ticket URL: <Making sure you're not a bot!;
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.