search

freelawproject / courtlistener

A fully-searchable and accessible archive of court data including growing repositories of opinions, oral arguments, judges, judicial financial records, and federal filings.
https://www.courtlistener.com
Other
531 stars 147 forks source link

Need to do some Email Anti-spam work...ug. #50

Closed freelawbot closed 10 years ago

freelawbot commented 10 years ago

Atwood has a very good post on this today, and I was noticing some strange fields in the emails yesterday.

http://www.codinghorror.com/blog/2010/04/so-youd-like-to-send-some-email-through-code.html

This looks like a pain, though probably one we need to endure to make the alerts go through consistently.

freelawbot commented 10 years ago

Summary of Results

SPF check: pass DomainKeys check: neutral DKIM check: pass Sender-ID check: pass SpamAssassin check: ham

Details:

HELO hostname: courtlistener.com Source IP: 128.32.226.174 mail-from: mlissner@courtlistener.com

SPF check details:

Result: pass ID(s) verified: smtp.mail=mlissner@courtlistener.com DNS record(s): courtlistener.com. SPF (no records) courtlistener.com. 38400 IN TXT "v=spf1 a mx ptr mx:alt1.aspmx.l.google.com mx:alt2.aspmx.l.google.com mx:aspmx.l.google.com mx:aspmx2.googlemail.com mx:courtlistener.com ?all" courtlistener.com. 38400 IN A 128.32.226.174

DomainKeys check details:

Result: neutral (message not signed) ID(s) verified: header.From=mlissner@courtlistener.com DNS record(s):

DKIM check details:

Result: pass (matches From: mlissner@courtlistener.com) ID(s) verified: header.d=courtlistener.com Canonicalized Headers: message-id:20110313033833.87D804403EF@courtlistener.com'0D''0A' date:Sat,'20'12'20'Mar'20'2011'20'19:38:23'20'-0800'20'(PST)'0D''0A' from:mlissner@courtlistener.com'20'(Michael'20'Lissner)'0D''0A' to:undisclosed-recipients:;'0D''0A' dkim-signature:v=1;'20'a=rsa-sha256;'20'c=relaxed/relaxed;'20'd=courtlistener.com;'20's=mail;'20't=1299987513;'20'bh=fdkeB/A0FkbVP2k4J4pNPoeWH6vqBm9+b0C3OY87Cw8=;'20'h=Message-Id:Date:From:To;'20'b=

Canonicalized Body: Test'0D''0A'

DNS record(s): mail._domainkey.courtlistener.com. 38400 IN TXT "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJLct3k+/zD7Pd48qUJj0Z88dEop5Gl7U94SFHHBqU0dvQEaGpyNkYD693ytpK4+THC0O2cAcB+DPgGIhBTSbCUEvmqf+iyTdvTuWAZKWBMmnVFEAQsl4rTDHHD5Zd+O2Zk8txztXHKdm/zAfG6YlSLpwmvvw33Mr6P9qXSXK9/wIDAQAB"

NOTE: DKIM checking has been performed based on the latest DKIM specs (RFC 4871 or draft-ietf-dkim-base-10) and verification may fail for older versions. If you are using Port25's PowerMTA, you need to use version 3.2r11 or later to get a compatible version of DKIM.

Sender-ID check details:

Result: pass ID(s) verified: header.From=mlissner@courtlistener.com DNS record(s): courtlistener.com. SPF (no records) courtlistener.com. 38400 IN TXT "v=spf1 a mx ptr mx:alt1.aspmx.l.google.com mx:alt2.aspmx.l.google.com mx:aspmx.l.google.com mx:aspmx2.googlemail.com mx:courtlistener.com ?all" courtlistener.com. 38400 IN A 128.32.226.174

SpamAssassin check details:

SpamAssassin v3.2.5 (2008-06-10)

Result: ham (1.4 points, 5.0 required)

pts rule name description

2.2 TVD_SPACE_RATIO BODY: TVD_SPACE_RATIO -2.6 BAYES_00 BODY: Bayesian spam probability is 0 to 1% [score: 0.0000] 1.8 MISSING_SUBJECT Missing Subject: header

Explanation of the possible results (adapted from

draft-kucherawy-sender-auth-header-04.txt):

"pass" the message passed the authentication test.

"fail" the message failed the authentication test.

"softfail" the message failed the authentication test, and the authentication method has either an explicit or implicit policy which doesn't require successful authentication of all messages from that domain.

"neutral" the authentication method completed without errors, but was unable to reach either a positive or a negative result about the message.

"temperror" a temporary (recoverable) error occurred attempting to authenticate the sender; either the process couldn't be completed locally, or there was a temporary failure retrieving data required for the authentication. A later retry may produce a more final result.

"permerror" a permanent (unrecoverable) error occurred attempting to authenticate the sender; either the process couldn't be completed locally, or there was a permanent failure retrieving data required for the authentication.

Original Email

Return-Path: mlissner@courtlistener.com Received: from courtlistener.com (128.32.226.174) by verifier.port25.com (PowerMTA(TM) v4.0b3) id hfgu5211u9cc for check-auth@verifier.port25.com; Sat, 12 Mar 2011 22:38:57 -0500 (envelope-from mlissner@courtlistener.com) Authentication-Results: verifier.port25.com smtp.mail=mlissner@courtlistener.com; mfrom=pass; Authentication-Results: verifier.port25.com header.From=mlissner@courtlistener.com; domainkeys=neutral (message not signed); Authentication-Results: verifier.port25.com header.d=courtlistener.com; dkim=pass (matches From: mlissner@courtlistener.com); Authentication-Results: verifier.port25.com header.From=mlissner@courtlistener.com; pra=pass; Received: by courtlistener.com (Postfix, from userid 1001) id 87D804403EF; Sat, 12 Mar 2011 19:38:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=courtlistener.com; s=mail; t=1299987513; bh=fdkeB/A0FkbVP2k4J4pNPoeWH6vqBm9+b0C3OY87Cw8=; h=Message-Id:Date:From:To; b=YFxr9pOSTeed8UU5xusMdY47kyEy/NFaSpaeuHYAwOHFArYzFyrPGRUvHOIurBkrm yN12eM6dT4131cocMDuZKCnh3iMHqvdBfwMtZQeM9DrATwEdBnZCrxRXVQ+2P7cHZP 1uvUelEzG9sG78P9wZNomeyxvUDvnkiqwxM/jstg= Message-Id: 20110313033833.87D804403EF@courtlistener.com Date: Sat, 12 Mar 2011 19:38:23 -0800 (PST) From: mlissner@courtlistener.com (Michael Lissner) To: undisclosed-recipients:;

Test

Original Comment By: Mike Lissner

freelawbot commented 10 years ago

Resolved on new server. What a pain.

Original Comment By: Mike Lissner

freelawbot commented 10 years ago

Discovered that a slicehost article (http://articles.slicehost.com/2008/9/2/mail-server-slice-setup), told me to change the hostname of the server to courtlistener. This caused some trouble when sendmail tried to deliver to @courtlistener.com addresses, because it only delivered locally.

To solve this, I added two lines to /etc/mail/sendmail.mc, and then updated the config with sudo sendmailconfig. The instructions for this were found here: http://serverfault.com/questions/65365/disable-local-delivery-in-sendmail/128450#128450

This seems to have worked, at least for now.

Original Comment By: Mike Lissner

freelawbot commented 10 years ago

Bumping this to V1, since the missing pieces of the puzzle are the more minor types, and figuring them out seems time-consuming (and frustrating).

Original Comment By: Mike Lissner

freelawbot commented 10 years ago

Did some work on dkim. Installed dkim-filter, which is a milter for sendmail, though couldn't find ANY information about configuring it correctly. It is running though, as it can be seen in /var/log/mail.log

Original Comment By: Mike Lissner

freelawbot commented 10 years ago

rDNS is set up by going to DNS > Domains > Reverse DNS. It is not set up by creating a new PTR record!

Original Comment By: Mike Lissner