[Savannah-hackers] [support #103380] [gnu.org #210909] Savannah MTA seems to request VRFY info before accepting mail

[Sylvain Beucler]

This mail is an automated notification from the support tracker
 of the project: Savannah Administration.

/**************************************************************************/
[support #103380] Latest Modifications:

Changes by: 
                Sylvain Beucler <address@hidden>
'Date: 
                Mon 10/04/2004 at 20:19 (Europe/Paris)

            What     | Removed                   | Added
---------------------------------------------------------------------------
          Resolution | None                      | Wont Do
              Status | Open                      | Closed


------------------ Additional Follow-up Comments ----------------------------
Reply from Jim:

The GNU.org mail servers perform verification of smtp senders before accepting 
mail.  This cuts down on a huge amount of spam, and also ensures that if we 
can't deliver the message we can at least send a DSN back to the original 
sender.  If you set your SMTP sender correctly your mail will get through.

Which confirms Elfyn's point.

I close this request. Sorry :/







/**************************************************************************/
[support #103380] Full Item Snapshot:

URL: <http://savannah.gnu.org/support/?func=detailitem&item_id=103380>
Project: Savannah Administration
Submitted by: Jesus M. Gonzalez-Barahona
On: Mon 09/20/2004 at 22:21

Category:  Mail server
Priority:  5 - Normal
Severity:  9 - Blocker
Resolution:  Wont Do
Privacy:  Public
Assigned to:  corvus
Originator Email:  address@hidden
Status:  Closed


Summary:  [gnu.org #210909] Savannah MTA seems to request VRFY info before 
accepting mail

Original Submission:  We are having a user of our mailing lists who is trying 
to send mail to it, but the Savannah mail server seems to reject accepting it, 
apparently because it is asking for VRFY info to the user's MTA. The user's MTA 
dod not support VRFY for security reasons. We wonder whether this VRFY check 
can be avoided. This is blocking for us because the messages by that user are 
important for the project. The user is address@hidden

Follow-up Comments
------------------


-------------------------------------------------------
Date: Mon 10/04/2004 at 20:19       By: Sylvain Beucler <Beuc>
Reply from Jim:

The GNU.org mail servers perform verification of smtp senders before accepting 
mail.  This cuts down on a huge amount of spam, and also ensures that if we 
can't deliver the message we can at least send a DSN back to the original 
sender.  If you set your SMTP sender correctly your mail will get through.

Which confirms Elfyn's point.

I close this request. Sorry :/


-------------------------------------------------------
Date: Sat 10/02/2004 at 16:42       By: Jesus M. Gonzalez-Barahona <jgb>
Find below a copy of the message that got the user. Apparently, it says that 
199.232.76.166 (mail.gnu.org) didn't accept the message because of a "Sender 
VRFY failed".

tibet.uoc.es is the MTA of the sender's organization.

============================================================================

Hi. This is the qmail-send program at tibet.uoc.es.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

:
199.232.76.166 does not like recipient.
Remote host said: 550 Sender verify failed
Giving up on 199.232.76.166.

--- Below this line is a copy of the message.

Return-Path: 
Received: (qmail 7989 invoked by uid 10031); 6 Sep 2004 13:38:18 -0000
Received: from address@hidden by tibet by uid 64011 with qmail-scanner-1.21

 (clamscan: 0.65. spamassassin: 2.60.  Clear:RC:1(213.73.40.40):. 
 Processed in 0.16465 secs); 06 Sep 2004 13:38:18 -0000
X-Uoc-Spam: No
Return-Path: 
Received: from unknown (HELO campus.uoc.es) (213.73.40.40)
  by tibet.uoc.es with SMTP; 6 Sep 2004 13:38:17 -0000
Received: from bermudas (bermudas [213.73.40.40])
        by campus.uoc.es (8.11.6+Sun/8.11.6) with ESMTP id i86DcGl27721;
        Mon, 6 Sep 2004 15:38:17 +0200 (MEST)
From: David Megias Jimenez 
X-Uoc-From: "David Megías Jiménez <address@hidden>"
To: "address@hidden",
   "address@hidden"
Fcc: /Missatges/Enviats
Subject: RE: Bordeaux is on its way [Re: [Masterlibre-list] University of
Bologna:        M-FOSSET]
X-Uoc-Subject: "RE: Bordeaux is on its way [Re: [Masterlibre-list]
University of Bologna:  M-FOSSET]"
Date: Mon, 06 Sep 2004 15:37:57 +0200
X-Uoc-UserType: PROFESSOR
X-Uoc-Att: 0
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="--------------UOCGENERATED031070"
Message-ID: <address@hidden>
Comments: localhost [127.0.0.1]
X-UOC-PARENT_MAILID: 70591638
X-Uoc-Hops: 1

----------------UOCGENERATED031070
content-type: text/plain
Content-Transfer-Encoding: quoted-printable


-------------------------------------------------------
Date: Fri 10/01/2004 at 21:52       By: Sylvain Beucler <Beuc>
Apologizes for the delay..

James Blair replied:
"I can't find that address anywhere in the logs.  Also, we don't use VRFY.

Could you ask for a copy of a DSN message?"

jgb, can you provide this information?

-------------------------------------------------------
Date: Sun 09/26/2004 at 10:51       By: Elfyn McBratney <beu>
Indeed, but if we open a hole for one user, we open them for all - no 
exceptions.  Also, there are two reasons why we wouldn't normally do such 
things: a) addresses can be forged, like everything else, and b) because they 
open the door to even more spam for thousands of people.

The latter is very important considering how many thousands of people the 
machines serve.

If you really want me to see if this is feasible, I will - but don't get your 
hopes up ;-)

-------------------------------------------------------
Date: Wed 09/22/2004 at 15:56       By: Jesus M. Gonzalez-Barahona <jgb>
I know it is RFC compliant, but as far as I know it is not mandatory (excuse me 
if I'm wrong). In any case, we have a collaborator who cannot contribute, and 
is not able of changing the policy of  his site. I know the reasons for them  
not accepting VRFY are at the very least arguable, but it is not likely they 
are going to change that (I know he has already tried that way). Maybe we can 
be a bit flexible here,  I don't know...

-------------------------------------------------------
Date: Wed 09/22/2004 at 14:28       By: Elfyn McBratney <beu>
quick comment from the sidelines: this is RFC-compliant behaviour.  It's the 
MTA/MUA that's broken, if they don't respond to VRFY/VERP's properly.  Not 
supporting VRFY (for whatever reasons) should be avoided, IMO, and not 
white-listed.

-------------------------------------------------------
Date: Tue 09/21/2004 at 21:05       By: Sylvain Beucler <Beuc>
I forwarded the request to the system administrators, who are in charge of the 
mail system (we don't have access there).




CC List
-------

CC Address                          | Comment
------------------------------------+-----------------------------
sysadmin --AT-- gnu --DOT-- org     | gnu.org #210909
dmegias --AT-- uoc --DOT-- edu      | 









For detailed info, follow this link:
<http://savannah.gnu.org/support/?func=detailitem&item_id=103380>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/