Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
This post was edited and submitted for review 1 year ago and failed to reopen the post:
Original close reason(s) were not resolved
Improve this question
I've setup DMARC policy on my domain.
But every day I recieve an XML report from Google.
I don't understand what the problem is?
The report is:
<?xml version="1.0" encoding="UTF-8" ?>
<feedback>
<report_metadata>
<org_name>google.com</org_name>
<email>noreply-dmarc-support#google.com</email>
<extra_contact_info>http://support.google.com/a/bin/answer.py?answer=2466580</extra_contact_info>
<report_id>7241837801886321635</report_id>
<date_range>
<begin>1431388800</begin>
<end>1431475199</end>
</date_range>
</report_metadata>
<policy_published>
<domain>rigweb.ru</domain>
<adkim>r</adkim>
<aspf>r</aspf>
<p>none</p>
<sp>none</sp>
<pct>100</pct>
</policy_published>
<record>
<row>
<source_ip>144.76.154.188</source_ip>
<count>2</count>
<policy_evaluated>
<disposition>none</disposition>
<dkim>pass</dkim>
<spf>pass</spf>
</policy_evaluated>
</row>
<identifiers>
<header_from>site.ru</header_from>
</identifiers>
<auth_results>
<dkim>
<domain>rigweb.ru</domain>
<result>pass</result>
</dkim>
<spf>
<domain>site.ru</domain>
<result>pass</result>
</spf>
</auth_results>
</record>
</feedback>
My DMARC Policy:
v=DMARC1; sp=none; aspf=r; p=none; rua=mailto: support#site.ru
How can I solve the problem?
In short: it's all good.
Here's the explanation for this:
DMARC stands for Domain-based Message Authentication, Reporting, and Conformance. It is in fact a ruleset made for reporting back to you on the quality of the email messages received from your domain.
You are receiving those XML reports because it's what you asked with the rua=mailto:email#example.com; part of your dmarc TXT record. Note you didn't set any processing rule for failing messages: p=none means you only want to see the results of the checks.
As you can read in the specification (RFC 7489), RUA stands for "Reporting URI of Aggregate reports". Using it you are telling every DMARC-compliant recipient server to send you a (daily) aggregate report for the emails it receives by you or sent on your behalf.
Have a look at dmarc.org where you can find a nice overview of the system.
What does this specific report from Google tells you?
<date_range> This is the time range this report refers to (in your case, may 12 - may 13)
<policy_published> It's the parsed content of the dmarc record Google found in your DNS zone
<source_ip> The IP the emails were sent from
<policy_evaluated> The result of the DKIM and SPF checks are good (the two messages passed both tests).
Meaning:
The two messages sent by an email address #yoursite.ru and received by Google mail servers between may12 and may13 were correctly signed (DKIM) and were sent from authorized IPs (SPF). Based on this, we can reasonably say that Google has only received legitimate messages from your domain.
There's no problem. Aggregate reports (like this one) are sent as a summary (typically daily) of all emails received by that receiver - passing and failing.
The sample report you provided shows that all emails are passing, so there's nothing to fix.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I am trying to train a recently installed copy of Spamassassin, and I'm having the impression that bayesian learning isn't working.
First of all: yes, spamd is running with the --allow-tell option.
Now, I have a piece of spam. I first run it by Spamassassin and I get a given score:
[paulo#myserver ~]$ spamc -R < spam6.txt
2.9/5.0
Spam detection software, running on the system "myserver",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Nombre - herbertrl1 E-mail: - mu18#atsushi1010.masumi76.pushmail.fun
Asunto - Mensaje - New sexy website is available on the web http://porndreamscene.sexjanet.com/?katarina
porn star carl paula blum porn double d hamster porn video oiled porn clitoris
massage free young nubile porn [...]
Content analysis details: (2.9 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked - see <https://www.spamcop.net/bl.shtml?164.132.34.35>]
1.7 URIBL_BLACK Contains an URL listed in the URIBL blacklist
[URIs: sexjanet.com]
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
So I feed it to spamc using the -L option:
[paulo#myserver ~]$ spamc -L spam < spam6.txt
Message successfully un/learned
And then I try to analyze it with spamc again... and I get the exact same score:
[paulo#myserver ~]$ spamc -R < spam6.txt
2.9/5.0
Spam detection software, running on the system "myserver",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Nombre - herbertrl1 E-mail: - mu18#atsushi1010.masumi76.pushmail.fun
Asunto - Mensaje - New sexy website is available on the web http://porndreamscene.sexjanet.com/?katarina
porn star carl paula blum porn double d hamster porn video oiled porn clitoris
massage free young nubile porn [...]
Content analysis details: (2.9 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked - see <https://www.spamcop.net/bl.shtml?164.132.34.35>]
1.7 URIBL_BLACK Contains an URL listed in the URIBL blacklist
[URIs: sexjanet.com]
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
Am I missing something?
SpamAssasin : How much learning is needed for Bayes?
Default spamassassin configuration requires minimum 200 spam and 200 ham messages to train bayes. You can execute sa-learn --dump magic to check number of messages passed to bayes learning.
man Mail::SpamAssassin::Conf (SpamAssassin version 3.1)
bayes_min_ham_num (Default: 200)
bayes_min_spam_num (Default: 200)
To be accurate, the Bayes system does not activate until a certain number of ham (non-spam) and spam have been learned. The default is
200 of each ham and spam, but you can tune these up or down with these two settings
$ sa-learn --dump magic
[…]
0.000 0 2508 0 non-token data: nspam
0.000 0 508 0 non-token data: nham
[…]
I'm trying to debug a larger issue I'm having with si file transfers not working on Linux, and noticed that my XML packets differ based on a status number within the <si> tag:
<iq from='foo#example.com/jid'
id='uid:00000000:00000000:00000000'
to='bar#example.com/Smack'
type='set' xml:lang='en'>
<si notifyid='jsi_5724182428385442961'
profile='http://jabber.org/protocol/si/profile/file-transfer'
status='1039'
xmlns='http://jabber.org/protocol/si'
/>
</iq>
I've checked the SI File Transfer spec, but haven't been able to find anything that details what the status='1039' detail actually means. Is there a document somewhere that details the differences in the various status codes and describes what they mean?
When people email each other, they generally include the original email in their reply to a sender, adding a little more information each time to the email. Each email client seems to have a different way of adding the original email to a reply.
I need to parse email arriving at our mail server and try and extract the new part of the message, and I'm wondering if there is a sensible way to strip this appended (or prepended) information (the "original message") and just get the new information in a mail body? I believe sadly, that there is no encoding, the original email is simply added to the new message, but I thought I'd check with the experts?
thanks.
No, there is no simple, straightforward algorithm to separate quoted or forwarded text from new content. Quoting and forwarding are poorly standardized and different conventions have existed at different times.
Having said that, e.g. Google's Gmail succeeds fairly well in practice. With enough samples, you can clearly come up with reasonable heuristics.
Good indicators for quoted material are forwarded (pseudo-) headers and indented text, perhaps with a quote indicator along the left margin before the quoted text. You occasionally see outdents as well.
Traditionally, on Usenet in the early 1990s, people would use different, unique quoting styles.
: ~ | This seems to be the original.
: ~ This is the first reply.
: This is the second reply.
This is the third reply, quoting the
previous three messages in sequence.
Around 1995, both clients and standardization initiatives by and large converged on "wedge" quotes;
> >> This seems to be the original.
> > This is the first reply.
> This is the second reply.
This is the third reply, quoting the
previous three messages in sequence.
Then along came Microsoft and ruined it all. I suppose that top quoting makes sense in some corporate settings where you quickly need to collect all the background from a thread to a new participant, but even for that purpose it's a horrible abomination.
This is the third reply, quoting the
previous three messages in sequence.
---- Begin forwarded message ----
From: Him [smtp:bogus]
To: His Friend
Subject: VS: Re: Same as on this message
Date: nothing machine-readable
This is the second reply.
---- Alkuperäinen viesti ----
Lähettäjä: His Friend [smtp:poppycock]
Saaja: Some Guy
Aihe: Re: Same as on this message
Päivämäärä: olisiko eilen ehkä
This is the first reply.
----- Original message ----
From: Somebody Else [smtp:mindless]
To: Some Guy
Subject: Same as on this message
Date: like, the day before
This seems to be the original.
This is one of those hard to explain questions. I've tried my best below, hopefully it is clear what I mean.
Emails are coming in to an address (foo#example.com), and are being forwarded to another email address (bar#subdomain.example.com). The second email address further pipes the email to a simple script, but the script needs to actually know the second email address as it provides meta-data that is crucial to sorting the message (that is, the script gets piped any email sent to *#subdomain.example.com, and it needs to see that it got forwarded to bar#subdomain.example.com in order to correctly process the incoming message).
Originally, I thought that the virtual alias used to forward messages from foo#example.com to bar#subdomain.example.com would update the envelope-to header, but it remains unchanged the same. None of the other headers nor the "received" line reflect that the message was forwarded. My theory is that maybe the pipe instructions for *#subdomain.example.com can be updated to somehow pass the actual address on to the script, but I am not sure how.
For reference, I have included a few examples below:
Headers, after being forwarded:
From sender#example.com Sun Dec 11 19:53:40 2011
Envelope-to: foo#example.com
Received: ...
Subject: Test 6
The valias file for subdomain.example.com (/etc/valiases/subdomain.example.com):
*: "|/home/user/example_script.x.php"
And I answered my own question. It turns out, the recipient is accessible in an environment variable. In my case, since I am using PHP, I can just use the following variable:
$_ENV['RECIPIENT']
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
We're using the XMS mail server from Zrinity. We're using verp-variables in our mails to be able to handle bounces correctly. We're a bit confused for how to get the return-path correct in our mails.
Can the XMS generate the return-path using the verp-variables or do we have to construct the return-path string ourselves? If it can, how do we instruct it to do it?
The return-path is generated, first from the value used by your smtp client at the mail from: command, but also can encode values with the use of AttributeMapFilter and VerpBounceFilter.
AttributeMapFilter (inside SMTPService)
<filter
class="xms.filter.data.AttributeMapFilter"
attributemap="verpmap"
remove="false" />
The map would have entries, such as
camid=X-camid
VerpBounceFilter (inside SMTPService)
<filter
class="xms.filter.bounce.VerpBounceFilter"
feedbackaddresslist="Feedback Addresses"
verpprefix="verpprefix"
verpvariables="env_recipient,camid"
action="accept"
domainlist="Local Domains">
<action
class="xms.action.DBAction"
datasource="mydatasource"
event="*">
<sql>
<![CDATA[
INSERT INTO bounce (recipientaddress, env_from, bounceaddress, message, bouncetype, camid)
VALUES(?,?,?,?,${bounce_type},${verp_camid?default(-1)});
]]>
</sql>
<param>${verp_env_recipient?default('')}</param>
<param>${env_from?default('')}</param>
<param>${env_recipient}</param>
<param>${bounce_message}</param>
</action>
</filter>
If you generate messages with TemplateSerice, add an instance of VerpBounceFilter to the job, without an action.
In that configuration, camid would be supplied by one of the providers in the job.