Re: et.al.
On Wed 09 Oct 2019 at 16:16:55 +0200, Thomas Schmitt wrote: > Hi, > > Brian wrote: > > Note that there isn't any LDOSUBSCRIBER in the headers of this mail. > > Your spam score worsened from -10.3 to 0.1 consequentially. > Shall we still believe that you are you ? The mail was also delayed for nearly twenty minutes by the mailing list software. Double punishment. -- Brian.
Re: et.al.
Hi, Brian wrote: > Note that there isn't any LDOSUBSCRIBER in the headers of this mail. Your spam score worsened from -10.3 to 0.1 consequentially. Shall we still believe that you are you ? Have a nice day :) Thomas
Re: et.al., (was: Dependencies et al, was: Default Debian install harassed me)
On Tue 08 Oct 2019 at 00:25:44 -0500, David Wright wrote: > On Mon 07 Oct 2019 at 18:42:38 (+0100), Brian wrote: > > On Mon 07 Oct 2019 at 15:09:09 +0200, Thomas Schmitt wrote: > > > > [...] > > > > > But how do Debian list servers know ? > > > > A good question. How are my mails matched with my subscribed address > > so that I am awarded the accolade of LDOSUBSCRIBER? On the basis that > > my past statements about the SMTP protocol (whatever they were) have > > not been well received, I decline to offer any suggestion. > > Have we been told what your subscribed address is? I've assumed > that it's the one in the envelope-from of the post I'm replying to. > (I don't want to quote it.) Is that correct? Or maybe that …CII.eu one? A decent assumption but, unfortunately, not correct. I've come to the tentative conclusion that Debian can somehow link my envelope-from and the subscribed address via their A records (or something like that). Note that there isn't any LDOSUBSCRIBER in the headers of this mail. > > > Is it because Exim 4.89 said "MAIL FROM:<...subscribed.address...>" to > > > lists.debian.org ? > > > > "subscribed.address" is the HELO and can be what I want it to be. See > > the headers of my previous mail. > > Why would you use a "subscribed.address" (presumably an email address) > for your HELO (presumably actually a EHLO). I was under the impression > that it should be a domain, ie a FQDN. Sorry, I was probably less than precise. The 127.0.1.1 line in /etc/hosts is a FQDN and is used by exim for the HELO/EHLO. /etc/mailname determines the envelope-from. > > > Or is it because the first mail hop added "envelope-from" to its Received: > > > header ? > > > > > > Received: from ... by ... with local (Exim 4.89) > > > (envelope-from <...>) > > > id 1iHRiB-0006S7-Ks > > > for debian-user@lists.debian.org; Mon, 07 Oct 2019 13:01:59 > > > +0100 > > > > I can alter that too, and still be designated LDOSUBSCRIBER. > > Have we observed that? I only had LDOSUBSCRIBER bestowed on me when my > envelope-from became the same as my subscribed address, which followed as > a consequence of my adopting the .corp domain name last year after seeing > https://www.theregister.co.uk/2018/02/12/icann_corp_home_mail_gtlds/ > Until then, exim4 didn't seem able to rewrite my headers because I > didn't have a dot in my FQDN, only an unadorned hostname. What I altered was the HELO/EHLO; it made no difference. Altering the envelope-from did, but it would be unwise to assume I am not subscribed to the list and receiving all mails. No Ccs needed. :) -- Brian.
Re: et.al.
I think this got attached to the wrong subthread. On Tue 08 Oct 2019 at 09:08:40 (+0200), Thomas Schmitt wrote: > i wrote: > > > I wonder whether my mail provider would allow me to send via SMTP > > > MAIL FROM: > > > From: "Somebody Else" > > David Wright wrote: > > It's fairly easy to find out by trying it out, > > I have the technical means but not the courage to challenge my provider. > > > Perhaps not as easy as it was, > > because unencrypted telnet has all but gone. > > A few years ago i had to add stunnel to my mail sender tool chain. > > > $ openssl s_client -starttls smtp -crlf -connect > > smtp.some.submission.host.tld:12345 > > SMTP by hand. Impressive. Not really. After all, S stands for Simple. It's really not very different from my interactive Fortran programs from the 1970s, or the Adventure game from the same era. https://www.filfre.net/wp-content/uploads/2012/11/think.png > I would rather tinker with my SMTP sender. I find exim a lot more complicated to drive. There's an open thread here that I ought to close: the one where I was trying to set up intra-LAN emails at home. Having solved it, I ought to post how. > > ehlo wren.corp > > That would be the link between mail and subscription, according to Brian's > theory (if i understand it correctly). > Is "corp" in any way part of your subscription ? Absolutely not! No, it's just the domain name of my LAN at home. In my employment days, it was an Internet-resolvable hostname, but those days are long gone, and all my pretty hostnames are now corporate gobbledegook. > The mail, to which this is a reply, has: > > Received: from david by corp with local (Exim 4.92) > > (envelope-from ) > > id 1iHhck-00016w-Lc; Tue, 08 Oct 2019 00:01:26 -0500 > > In my mailbox the "(envelope-from <...>)" are rather rare on debian-user. > Most frequent they are inside the gnu.org mail server network. > About any mail on their lists has them in the Receive: headers which > gnu.org servers add. > But Brian and you get them added to the most early "Received:". Yes, several systems I use have different ways of displaying the envelope ± HELO along the way at different points. Sometimes they're labelled smtp.mailfrom and smtp.helo: eg if I send mails directly to myself (at my real domain). And IIUI it's the envelope that actually determines where the email goes, not the To: in the email, though I assume my exim determines the former from the latter. (One of the problems in the thread I mentioned is making sure that exim doesn't rewrite *all* my LAN domain names into my Internet domain name, but only the emails I'm sending to the ISP's smarthost.) > > I see lots of DKIM stuff in your emails > > In the past i sent mails to the receivers directly. But more and more > refused on my self-made SMTP. So i went back to the end-user way of > handing my outgoing mail to my mail provider so that all that fancy > header stuff gets added. > Then came end-user encryption (whatever this shall bring as benefit) > which i could counter by stunnel(8). > > Let's see how long they allow me to tickle their servers by hand. Yes, I don't run my own mail server as it seems quite tricky and something that you have to keep exactly correct all the time, like any system that's operating in Real Time—you don't want to drop the ball just when an importent email arrives. > > There is no inherent relationship between either "reverse" (from > > MAIL, SAML, etc., commands) or "forward" (RCPT) addresses in the SMTP > > transaction ("envelope") and the addresses in the header section. > > (RFC 5321.) > > But the "Received: ...(envelope-from" gesture seems to try to establish > such a relationship. > It would be interesting to learn why Exim (or something else ?) adds > this info. Because the servers en route to the email's destination never look at the Header and Body, but only the envelope, AIUI. > In your case the addresses in "From:" and "(envelope-from" > are the same. This kills my theory about the reason why Brian's mails > have "(envelope-from". AIUI exim rewrites my From: n...@wren.corp into name@lionunicorn… and then copies that into the envelope: I don't try to interfere with the copying, but I could if my ISP accepts the result. As a 587 submission port, they might do checking that a 25 transfer port doesn't do. > > I've always assumed the envelope from is generated from the 'mail > > from' line, and that the envelope should reach the Debian list > > processing system unchanged. > > I never bothered to find out whether the wide-world mail servers use > any other protocol or extra SMTP commands to organize their network. > But if they use RFC5321 like us commoners then your theory looks > plausible. > > Only that Brian stated not to use his subscribed address in "MAIL FROM" > and not to see it in "(envelope-from ". > Maybe i got him wrong ? > (Keeping semi-private mail-addresses out of the list archives might have > confused our
Re: et.al., (was: Dependencies et al, was: Default Debian install harassed me)
On Tue, 8 Oct 2019 08:52:11 -0400 Greg Wooledge wrote: > On Tue, Oct 08, 2019 at 09:13:31AM +0100, Joe wrote: > > On Tue, 8 Oct 2019 00:25:44 -0500 > > David Wright wrote: > > > Why would you use a "subscribed.address" (presumably an email > > > address) for your HELO (presumably actually a EHLO). I was under > > > the impression that it should be a domain, ie a FQDN. > > > > It should actually be a hostname, it's the official public name of > > the mail server, though not of course its local network name. It > > must be resolvable in public DNS. In practice, not much of this is > > enforced, and you can get away with a domain name and, apparently, > > an email address. > > "Enforcement" is entirely up to the receiver's discretion. Yes, that's what I meant, there's nobody else to enforce anything. But I've never had an email rejected for a mismatched HELO. > Some > receivers use it as an anti-spam measure -- if your HELO string > doesn't resolve, they won't accept your connection. Yes, I do that, and I think it's the default for Exchange servers. A look through the Exim configuration file gives a lot of anti-spam hints in terms of the built-in options. > I've even heard > of receivers who attempt to make an STMP connection back to the MX of > your HELO domain, to make sure you have a running incoming SMTP > service. > I haven't seen that one, that I'm aware of. But that presumably is circumvented simply by using a HELO for a domain that is known to run a mail server. In the days when I used Telnet to talk to mail servers, I used a well-known six-character domain name for my HELO for brevity, with which I had no connection whatever. No server ever refused it. > Other receivers may simply log it, or ignore it altogether. > Indeed, but it's of value. A lot of people seem to think that using their IP address, or my own IP address or domain name as their HELO is clever. -- Joe
Re: et.al., (was: Dependencies et al, was: Default Debian install harassed me)
On Tue, Oct 08, 2019 at 09:13:31AM +0100, Joe wrote: > On Tue, 8 Oct 2019 00:25:44 -0500 > David Wright wrote: > > Why would you use a "subscribed.address" (presumably an email address) > > for your HELO (presumably actually a EHLO). I was under the impression > > that it should be a domain, ie a FQDN. > > It should actually be a hostname, it's the official public name of the > mail server, though not of course its local network name. It must be > resolvable in public DNS. In practice, not much of this is enforced, > and you can get away with a domain name and, apparently, an email > address. "Enforcement" is entirely up to the receiver's discretion. Some receivers use it as an anti-spam measure -- if your HELO string doesn't resolve, they won't accept your connection. I've even heard of receivers who attempt to make an STMP connection back to the MX of your HELO domain, to make sure you have a running incoming SMTP service. Other receivers may simply log it, or ignore it altogether.
Re: et.al., (was: Dependencies et al, was: Default Debian install harassed me)
On Tue, 8 Oct 2019 00:25:44 -0500 David Wright wrote: > > > > "subscribed.address" is the HELO and can be what I want it to be. > > See the headers of my previous mail. > > Why would you use a "subscribed.address" (presumably an email address) > for your HELO (presumably actually a EHLO). I was under the impression > that it should be a domain, ie a FQDN. It should actually be a hostname, it's the official public name of the mail server, though not of course its local network name. It must be resolvable in public DNS. In practice, not much of this is enforced, and you can get away with a domain name and, apparently, an email address. It's a while since I did any email diagnostics, but certainly the HELO pretty much only had to exist, it didn't seem to be checked very much. I have seen email from a Small Business Server refused because the default HELO was the invalid domain name x.local, as someone had forgotten to set it properly. I can't be bothered (i.e. I haven't had to do it yet) setting different HELOs for each domain that I use, and it has never been a problem. Neither does the MX record have to match any email address, nor the PTR record for the sending IP address. There are many complex setups where a business might send through one third-party SMTP server and receive through the SMTP server of a mail-cleaning service, for example. The only constraint (again, so far) on a sending address PTR is that it must have a complementary A record, which does not have to be the address that the MX points to or anything related to the email itself. Many ISPs cannot handle multiple PTRs for the same IP address, at least not in their user control panels, though they are permitted by RFC. -- Joe
Re: et.al.
Hi, i wrote: > > I wonder whether my mail provider would allow me to send via SMTP > > MAIL FROM: > > From: "Somebody Else" David Wright wrote: > It's fairly easy to find out by trying it out, I have the technical means but not the courage to challenge my provider. > Perhaps not as easy as it was, > because unencrypted telnet has all but gone. A few years ago i had to add stunnel to my mail sender tool chain. > $ openssl s_client -starttls smtp -crlf -connect > smtp.some.submission.host.tld:12345 SMTP by hand. Impressive. I would rather tinker with my SMTP sender. > ehlo wren.corp That would be the link between mail and subscription, according to Brian's theory (if i understand it correctly). Is "corp" in any way part of your subscription ? The mail, to which this is a reply, has: > Received: from david by corp with local (Exim 4.92) > (envelope-from ) > id 1iHhck-00016w-Lc; Tue, 08 Oct 2019 00:01:26 -0500 In my mailbox the "(envelope-from <...>)" are rather rare on debian-user. Most frequent they are inside the gnu.org mail server network. About any mail on their lists has them in the Receive: headers which gnu.org servers add. But Brian and you get them added to the most early "Received:". > I see lots of DKIM stuff in your emails In the past i sent mails to the receivers directly. But more and more refused on my self-made SMTP. So i went back to the end-user way of handing my outgoing mail to my mail provider so that all that fancy header stuff gets added. Then came end-user encryption (whatever this shall bring as benefit) which i could counter by stunnel(8). Let's see how long they allow me to tickle their servers by hand. > There is no inherent relationship between either "reverse" (from > MAIL, SAML, etc., commands) or "forward" (RCPT) addresses in the SMTP > transaction ("envelope") and the addresses in the header section. > (RFC 5321.) But the "Received: ...(envelope-from" gesture seems to try to establish such a relationship. It would be interesting to learn why Exim (or something else ?) adds this info. In your case the addresses in "From:" and "(envelope-from" are the same. This kills my theory about the reason why Brian's mails have "(envelope-from". > I've always assumed the envelope from is generated from the 'mail > from' line, and that the envelope should reach the Debian list > processing system unchanged. I never bothered to find out whether the wide-world mail servers use any other protocol or extra SMTP commands to organize their network. But if they use RFC5321 like us commoners then your theory looks plausible. Only that Brian stated not to use his subscribed address in "MAIL FROM" and not to see it in "(envelope-from ". Maybe i got him wrong ? (Keeping semi-private mail-addresses out of the list archives might have confused our conversation.) > I've always assumed that what is in parentheses is all "noise" as far > as SMTP is concerned, like that Exim version number, the envelope-from > and, in your email for example, (Client did not present a certificate). The specs seem to support your assumption. RFC5322 says that the meaning of the tokens in "Received:" would be discussed in RFC5321. But there i fail to find any tangible info beyond the obvious meaning of "Received:". "(Client did not present a certificate)" is possibly a future threat for me. Why does one have to be a cryptography expert to send a mail ? Grrr... Have a nice day :) Thomas
Re: et.al., (was: Dependencies et al, was: Default Debian install harassed me)
On Mon 07 Oct 2019 at 18:42:38 (+0100), Brian wrote: > On Mon 07 Oct 2019 at 15:09:09 +0200, Thomas Schmitt wrote: > > [...] > > > But how do Debian list servers know ? > > A good question. How are my mails matched with my subscribed address > so that I am awarded the accolade of LDOSUBSCRIBER? On the basis that > my past statements about the SMTP protocol (whatever they were) have > not been well received, I decline to offer any suggestion. Have we been told what your subscribed address is? I've assumed that it's the one in the envelope-from of the post I'm replying to. (I don't want to quote it.) Is that correct? Or maybe that …CII.eu one? > > Is it because Exim 4.89 said "MAIL FROM:<...subscribed.address...>" to > > lists.debian.org ? > > "subscribed.address" is the HELO and can be what I want it to be. See > the headers of my previous mail. Why would you use a "subscribed.address" (presumably an email address) for your HELO (presumably actually a EHLO). I was under the impression that it should be a domain, ie a FQDN. > > Or is it because the first mail hop added "envelope-from" to its Received: > > header ? > > > > Received: from ... by ... with local (Exim 4.89) > > (envelope-from <...>) > > id 1iHRiB-0006S7-Ks > > for debian-user@lists.debian.org; Mon, 07 Oct 2019 13:01:59 +0100 > > I can alter that too, and still be designated LDOSUBSCRIBER. Have we observed that? I only had LDOSUBSCRIBER bestowed on me when my envelope-from became the same as my subscribed address, which followed as a consequence of my adopting the .corp domain name last year after seeing https://www.theregister.co.uk/2018/02/12/icann_corp_home_mail_gtlds/ Until then, exim4 didn't seem able to rewrite my headers because I didn't have a dot in my FQDN, only an unadorned hostname. Cheers, David.
Re: et.al., (was: Dependencies et al, was: Default Debian install harassed me)
On Mon 07 Oct 2019 at 15:09:09 (+0200), Thomas Schmitt wrote: > i wrote: > > > To my best knowledge, "X-Spam-Status: ... tests=...,LDOSUBSCRIBER,..." > > > says that the "From:" address of the mail is subscribed. > > Brian wrote: > > Are you sure it is the From: and not the envelope From? My From: is > > not subscribed. > > Interesting observation. > So the address by which you submit your mail to the remote server is > subscribed and it is not the "From:" address which your mail client > writes into the header part of the mail ? > > I wonder whether my mail provider would allow me to send via SMTP > MAIL FROM: > RCPT TO:debian-user@lists.debian.org > and then by DATA > From: "Somebody Else" It's fairly easy to find out by trying it out, only obviously in an email to yourself, not the list. Perhaps not as easy as it was, because unencrypted telnet has all but gone. And I've also found that my ISP is more "impatient" and times out fairly quickly, so nowadays I assemble the whole email in an emacs buffer and paste it into the session all in one go. Here's an example, suitably mangled: $ openssl s_client -starttls smtp -crlf -connect smtp.some.submission.host.tld:12345 That opens the session, and I only press Return when I've copied the email itself into the paste buffer. Here's the email, and there's a blank line after the header. ehlo wren.corp auth plain MyAuthenticationNameAndPasswordInBase64== mail from:realusern...@realdomain.tld rcpt to: data From: Whoever You Want To Be to: subject: hand written test 01 Hand written test 01 You could duplicate the headers here as a record . quit I do it all in a script session so that I get a recording, from which I snip the authentication lines before archiving it. BTW the string in the authentication line above is generated with: $ echo -e -n '\0username\0password' | base64 Obviously I'm assuming that your ISP has facilities comparable to mine, which are (I use two): 250-PIPELINING 250-SIZE 2048 250-ETRN 250-AUTH DIGEST-MD5 CRAM-MD5 PLAIN LOGIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN 250-AUTH LOGIN PLAIN 250-SIZE 3000 250-8BITMIME 250 OK However, I see lots of DKIM stuff in your emails, so it might not be as simple as this for you. But in principle, it should work. There is no inherent relationship between either "reverse" (from MAIL, SAML, etc., commands) or "forward" (RCPT) addresses in the SMTP transaction ("envelope") and the addresses in the header section. (RFC 5321.) > But how do Debian list servers know ? > Is it because Exim 4.89 said "MAIL FROM:<...subscribed.address...>" to > lists.debian.org ? > Or is it because the first mail hop added "envelope-from" to its Received: > header ? I've always assumed the envelope from is generated from the 'mail from' line, and that the envelope should reach the Debian list processing system unchanged. > Received: from ... by ... with local (Exim 4.89) > (envelope-from <...>) > id 1iHRiB-0006S7-Ks > for debian-user@lists.debian.org; Mon, 07 Oct 2019 13:01:59 +0100 > > (I wonder where "envelope-from" in "Received:" is specified. The word > does neither appear in RFC5322 nor in RFC5321.) I've always assumed that what is in parentheses is all "noise" as far as SMTP is concerned, like that Exim version number, the envelope-from and, in your email for example, (Client did not present a certificate). > --- > > > > Nevertheless, if i have no other indication then i normally add a "Cc:" > > > to the thread starter if i do not see LDOSUBSCRIBER among the spam tests. > > > On the basis, one supposes, that the situation is unclear and you wish > > the poster to know there is a reply to her post. > > It is futile to send Cc: to people who are known to reply to list messages. > But thread starters where i am in doubt get a Cc: from me if i have > something to tell them. Cheers, David.
Re: et.al.
Hi, i wrote: > > But how do Debian list servers know [that Brian is subscribed] ? > > [...] is it because the first mail hop added "envelope-from" to > > its Received: header ? Brian wrote: > I can alter that too, and still be designated LDOSUBSCRIBER. Hmm. I see you tinkered with the first Received: text. A "c" is now missing at the host name: Received: from ... by o...org.uk with local (Exim 4.89) versus Received: from ... by co...org.uk with local (Exim 4.89) But the "(envelope-from <...>)" is still part of that header line. Nevertheless, if this address is not the one that is subscribed, then i am out of ideas. Have a nice day :) Thomas
Re: et.al., (was: Dependencies et al, was: Default Debian install harassed me)
On Mon 07 Oct 2019 at 15:09:09 +0200, Thomas Schmitt wrote: [...] > But how do Debian list servers know ? A good question. How are my mails matched with my subscribed address so that I am awarded the accolade of LDOSUBSCRIBER? On the basis that my past statements about the SMTP protocol (whatever they were) have not been well received, I decline to offer any suggestion. > Is it because Exim 4.89 said "MAIL FROM:<...subscribed.address...>" to > lists.debian.org ? "subscribed.address" is the HELO and can be what I want it to be. See the headers of my previous mail. > Or is it because the first mail hop added "envelope-from" to its Received: > header ? > > Received: from ... by ... with local (Exim 4.89) > (envelope-from <...>) > id 1iHRiB-0006S7-Ks > for debian-user@lists.debian.org; Mon, 07 Oct 2019 13:01:59 +0100 I can alter that too, and still be designated LDOSUBSCRIBER. -- Brian.
Re: et.al., (was: Dependencies et al, was: Default Debian install harassed me)
On Mon 07 Oct 2019 at 15:09:09 +0200, Thomas Schmitt wrote: > Hi, > > i wrote: > > > To my best knowledge, "X-Spam-Status: ... tests=...,LDOSUBSCRIBER,..." > > > says that the "From:" address of the mail is subscribed. > > Brian wrote: > > Are you sure it is the From: and not the envelope From? My From: is > > not subscribed. > > Interesting observation. > So the address by which you submit your mail to the remote server is > subscribed No. My subscribed address does not appear in the mail headers and is not used in the transaction between my mail server and bendel.debian.org. > and it is not the "From:" address which your mail client > writes into the header part of the mail ? Correct. > I wonder whether my mail provider would allow me to send via SMTP > MAIL FROM: > RCPT TO:debian-user@lists.debian.org > and then by DATA > From: "Somebody Else" I do not see why not; it is part of DATA. [...] > > > Nevertheless, if i have no other indication then i normally add a "Cc:" > > > to the thread starter if i do not see LDOSUBSCRIBER among the spam tests. > > > On the basis, one supposes, that the situation is unclear and you wish > > the poster to know there is a reply to her post. > > It is futile to send Cc: to people who are known to reply to list messages. > But thread starters where i am in doubt get a Cc: from me if i have > something to tell them. You are kinder than I am! I assume no LDOSUBSCRIBER means the user is reading replies. Unfortunarely, there are some users who never see any replies because they don't quite appreciate how mailing lists work and anticipate receiving personal mails. -- Brian.
Re: et.al., (was: Dependencies et al, was: Default Debian install harassed me)
Hi, i wrote: > > To my best knowledge, "X-Spam-Status: ... tests=...,LDOSUBSCRIBER,..." > > says that the "From:" address of the mail is subscribed. Brian wrote: > Are you sure it is the From: and not the envelope From? My From: is > not subscribed. Interesting observation. So the address by which you submit your mail to the remote server is subscribed and it is not the "From:" address which your mail client writes into the header part of the mail ? I wonder whether my mail provider would allow me to send via SMTP MAIL FROM: RCPT TO:debian-user@lists.debian.org and then by DATA From: "Somebody Else" But how do Debian list servers know ? Is it because Exim 4.89 said "MAIL FROM:<...subscribed.address...>" to lists.debian.org ? Or is it because the first mail hop added "envelope-from" to its Received: header ? Received: from ... by ... with local (Exim 4.89) (envelope-from <...>) id 1iHRiB-0006S7-Ks for debian-user@lists.debian.org; Mon, 07 Oct 2019 13:01:59 +0100 (I wonder where "envelope-from" in "Received:" is specified. The word does neither appear in RFC5322 nor in RFC5321.) --- > > Nevertheless, if i have no other indication then i normally add a "Cc:" > > to the thread starter if i do not see LDOSUBSCRIBER among the spam tests. > On the basis, one supposes, that the situation is unclear and you wish > the poster to know there is a reply to her post. It is futile to send Cc: to people who are known to reply to list messages. But thread starters where i am in doubt get a Cc: from me if i have something to tell them. Have a nice day :) Thomas