Bug #2605
An error in the spf framework is causing mailman to reject valid mail.
0%
Description
I noticed this because a message I sent a few days ago was returned as undeliverable.
Error on the returned mail:
Final-Recipient: RFC822; <dev@lists.parabola.nu> Action: failed Status: 5.2.0 Remote-MTA: dns; lists.parabola.nu Diagnostic-Code: smtp; 451 4.3.5 <dev@lists.parabola.nu>: Recipient address rejected: Server configuration problem
"Recipient address rejected" told me there was something wrong with mailman. tried restarting it. Then sent in a test message while watching the journal and saw
Jan 16 11:34:50 winston.parabola.nu postfix/smtpd[373108]: connect from omta11.toronto.rmgopenwave.com[50.115.95.236] Jan 16 11:34:51 winston.parabola.nu postfix/spawn[373122]: warning: command /usr/bin/policyd-spf exit status 1 Jan 16 11:34:51 winston.parabola.nu postfix/smtpd[373108]: warning: premature end-of-input on private/policyd-spf while reading input attribute name Jan 16 11:34:52 winston.parabola.nu postfix/spawn[373122]: warning: command /usr/bin/policyd-spf exit status 1 Jan 16 11:34:52 winston.parabola.nu postfix/smtpd[373108]: warning: premature end-of-input on private/policyd-spf while reading input attribute name Jan 16 11:34:52 winston.parabola.nu postfix/smtpd[373108]: warning: problem talking to server private/policyd-spf: Connection reset by peer Jan 16 11:34:52 winston.parabola.nu postfix/smtpd[373108]: NOQUEUE: reject: RCPT from omta11.toronto.rmgopenwave.com[50.115.95.236]: 451 4.3.5 <dev@lists.parabola.nu>: Recipient address rejected: Server configuration problem; from=<freemor@freemor.ca> to=<dev@lists.parabola.nu> proto=ESMTP helo=<omta11.toronto.rmgopenwave.com> Jan 16 11:34:52 winston.parabola.nu postfix/smtpd[373108]: disconnect from omta11.toronto.rmgopenwave.com[50.115.95.236] ehlo=1 mail=1 rcpt=0/1 rset=1 quit=1 commands=4/5
I'll see if I can track down private/policyd-spf before I have to get started on my day.
bill-auger or @lukesu might want to take a look at this too. As I'm not well versed in the ins and outs of spf
History
Updated by freemor about 4 years ago
Looks like it could be the victim of a python update
running policyd-spf manuall to check functionality returns:
Traceback (most recent call last): File "/usr/bin/policyd-spf", line 39, in <module> import spf ModuleNotFoundError: No module named 'spf'
Updated by freemor about 4 years ago
ah and it comes form [prc/policyd-spf]
So I'm guessing that hasn't gotten rebuilt against new python.
Updated by freemor about 4 years ago
rebuilt, pushed and installed new [prc/pypolicyd-spf]
running it manually still throws the same error
I'll have to leave this for now.
Updated by bill-auger about 4 years ago
i started looking into this yesterday too - the whole
dependency chain of 'pypolicyd-spf' may need rebuilding - i
i pinned 'pypolicyd-spf', 'python-pyspf',, and 'python-py3dns'
to the python version and am rebuilding all three now - there is
also a .pacnew in /etc related to 'pypolicyd-spf' which may have
some interesting diffs to consider
Updated by bill-auger about 4 years ago
i think that did the trick - i just got a message through to the
maintenance list; and the previous note before this just posted
a few minutes ago; though i send it about a few hours ago
Updated by bill-auger about 4 years ago
- Assignee set to bill-auger
- Status changed from confirmed to in progress
i think we dropped many days worth of messages though - Jan 03 was the last spam i got from the moderation queue - my mail to the dev list on the 4th got in though - i think everyone got a bounce notification and their servers are not going to re-send
the new python was installed on 2020-01-15 though - im not sure why the mailing lists were silent since the 4th