#2726: DKIM and DMARC for mail.osgeo.org, lists.osgeo.org
---------------------------+---------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2022-II
Component: Systems Admin | Keywords:
---------------------------+---------------------------------------
Mail providers are now requiring DMARC and DKIM as an extra precaution
against spam.
I've enabled DMARC reporting in #2721.
This ticket will change the email it is being sent to -- right now it
sends to sysadmin+dmarc which ends up sending to all sysadmins.
The next part is configuring DKIM which requires keys to be setup on
osgeo6 to handle.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2726>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2726: DKIM and DMARC for mail.osgeo.org, lists.osgeo.org
---------------------------+----------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2022-II
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+----------------------------------------
Comment (by neteler):
Not sure if this is the right ticket but we have list server troubles with
Google:
{{{
From: Mail Delivery System <MAILER-DAEMON@mageia.org>
To: grass-dev-bounces@lists.osgeo.org
Cc:
Bcc:
Date: Fri, 1 Apr 2022 18:29:20 +0200 (CEST)
Subject: Undelivered Mail Returned to Sender
This is the mail system at host sucuk.mageia.org.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<XXXXXXXX@gmail.com>: host gmail-smtp-in.l.google.com[142.250.13.27] said:
550-5.7.26 This message does not have authentication information or
fails
to 550-5.7.26 pass authentication checks. To best protect our users
from
spam, the 550-5.7.26 message has been blocked. Please visit 550-5.7.26
https://support.google.com/mail/answer/81126#authentication for more
550
5.7.26 information.
az8-20020adfe188000000b00203e90195c1si1921618wrb.837 -
gsmtp (in reply to end of DATA command)
}}}
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2726#comment:1>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2726: DKIM and DMARC for mail.osgeo.org, lists.osgeo.org
---------------------------+----------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2022-II
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+----------------------------------------
Comment (by robe):
@neteler,
Is this a recent issue or been like this for a while?
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2726#comment:2>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2726: DKIM and DMARC for mail.osgeo.org, lists.osgeo.org
---------------------------+----------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone: Sysadmin Contract 2022-II
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+----------------------------------------
Comment (by Neteler):
I have seen it only recently.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2726#comment:3>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2726: DKIM and DMARC for mail.osgeo.org, lists.osgeo.org
---------------------------+----------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: closed
Priority: normal | Milestone: Sysadmin Contract 2022-II
Component: Systems Admin | Resolution: fixed
Keywords: |
---------------------------+----------------------------------------
Changes (by robe):
* status: new => closed
* resolution: => fixed
Comment:
I've configured DKIM on osgeo6 now so the mails should be signed now, but
I think there might be a lag on when we see that. I published the public
key in pairsdomain.
Details here - https://git.osgeo.org/gitea/sac/osgeo6-etc-apache2/wiki
/Configure-DKIM
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2726#comment:4>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2726: DKIM and DMARC for mail.osgeo.org, lists.osgeo.org
---------------------------+----------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: closed
Priority: normal | Milestone: Sysadmin Contract 2022-II
Component: Systems Admin | Resolution: fixed
Keywords: |
---------------------------+----------------------------------------
Comment (by robe):
Okay I think it might be working. I just got notice after submitting this
ticket and looking at the headers, it now shows DMARC as passing.
Hopefully this will reduce the number of issues with people getting
emails.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2726#comment:5>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2726: DKIM and DMARC for mail.osgeo.org, lists.osgeo.org
---------------------------+----------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: reopened
Priority: normal | Milestone: Sysadmin Contract 2022-II
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+----------------------------------------
Changes (by robe):
* status: closed => reopened
* resolution: fixed =>
Comment:
Just realized past records show DMARC success too and test message is not
showing as signed. So I think there is something I am missing in my
configs.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2726#comment:6>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2726: DKIM and DMARC for mail.osgeo.org, lists.osgeo.org
---------------------------+----------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: reopened
Priority: normal | Milestone: Sysadmin Contract 2022-II
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+----------------------------------------
Comment (by robe):
Testing again - ignore this.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2726#comment:7>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2726: DKIM and DMARC for mail.osgeo.org, lists.osgeo.org
---------------------------+----------------------------------------
Reporter: robe | Owner: sac@…
Type: task | Status: closed
Priority: normal | Milestone: Sysadmin Contract 2022-II
Component: Systems Admin | Resolution: fixed
Keywords: |
---------------------------+----------------------------------------
Changes (by robe):
* status: reopened => closed
* resolution: => fixed
Comment:
okay I think I got it right this time. Now seeing dkim signature in email
back and that it is passing dkim check (mail from sac mailing list)
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2726#comment:8>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.