right this is an Infra issue and not a whimsy one. On Sat, Aug 27, 2016 at 9:35 AM, Sam Ruby <[email protected]> wrote:
> On Fri, Aug 26, 2016 at 4:45 PM, Craig Russell <[email protected]> > wrote: > > Hi, > > > > Is this a good whimsy project? > > Sounds to me like the first part is literally: > > ldapsearch -x -LLL uid=* dn | perl -ne '/uid=(.*?),/ && print "$1\n"' > | xargs ~apmail/bin/qmail-owner-setup.sh > > That is to be run *once*. The second part is a one line addition to > > https://svn.apache.org/repos/infra/infrastructure/trunk/tools/ap-adduser > > > Craig > > - Sam Ruby > > >> Begin forwarded message: > >> > >> From: Joe Schaefer <[email protected]> > >> Subject: Why we need qmail owner files for all committers > >> Date: August 24, 2016 at 10:25:41 PM PDT > >> To: Apache Infrastructure <[email protected]> > >> Reply-To: Joe Schaefer <[email protected]> > >> > >> Simply put, every time a sender, whose domain has an SPF rule ending in > -all, tries to email a user at their apache.org address, the message will > bounce when qmail attempts to deliver to the final destination server. > This is because modern mail forwarders are required by the SPF framework to > rewrite the SMTP envelope sender to originate from an address on the > intermediate forwarding domain. It is notoriously difficult for users to > track down the origin of the problem because the envelope sender rewriting > needs to happen on the recipient's account with us, even though the crux of > the problem is with the sending domain's strict SPF rule. > >> > >> Fortunately most major domain owners refrain from going all in with SPF > and simply use ~all, which means the SPF records aren't authoritative. > However, many (like microsoft.com or recently gmx.de) do use strict SPF, > so their attempts to contact committers directly will get rejected as > described above. > >> > >> This issue can be put to bed squarely in about 5 minutes of script > testing and implementation. Just do an ldapsearch on the uid, and xarg > that list to the qmail-owner-setup.sh script in ~apmail/bin. Problem > solved for the existing committers. Just add a call to the script for new > users as well during account creation, and you'll never have to worry about > it again. > >> > >> > > > > Craig L Russell > > Architect > > [email protected] > > P.S <mailto:[email protected]>. A good JDO? O, Gasp! > > > > > > > > > > > -- Gav...
