Re: Websubmit Mail_Submitter Function
Hi Tibor,Is it possible that the MTA used by invenio to send forged mail, is commandeered by anonymous agents to send mails in bulk. Because yesterday, April 8 around midnight, I had shut down the invenio site to solve the problem of backing up invenio-1.1.5 tar ball from one box (Ubuntu-14.04)with websubmit data and restoring it in another box(Ubuntu-13.1) with no invenio.Within a gap of one hour the admin received a dozen 404 exceptio mails from the following diverse IP addresses: 09.161.99.26158.222.8.21 158.222.8.112178.32.115.5223.232.137.13569.12.79.70 107.182.125.251 173.44.40.252167.160.115.155 5.9.231.89 192.3.166.102They were all trying to access another virtual host on the same box. What do you suggest one should do to keep the mail daemon more secure/Thanks and RegardsSurendran From: Tibor Simko Posted: 08/04/2015 16:54 Subject: Websubmit Mail_Submitter Function On Wed, 08 Apr 2015, Surendran Karippadath wrote: I doubt that. For one, this started from Match 28 and second, the mail was redirected to admin address which forwarded it as [SUSPECTED SPAM] Perhaps your system sends too many emails, which raised bulk sending flag at Google? See: https://support.google.com/mail/answer/81126 You can try to make some experiments with manual email sending from the box, using settings recommended on that page. Final-Recipient: rfc822; angeli.surend...@gmail.com Original-Recipient: rfc822;angeli.surend...@gmail.com Hmm, what is `rfc822` string doing here? Best regards -- Tibor Simko
Re: Websubmit Mail_Submitter Function
Hi Samuele, I doubt that. For one, this started from Match 28 and second, the mail was redirected to admin address which forwarded it as [SUSPECTED SPAM] to the forwarding address like this: The mail system angeli.surend...@gmail.com: host gmail-smtp-in.l.google.com[74.125.68.26] said: 550-5.7.1 [117.218.165.51 12] Our system has detected that this message is 550-5.7.1 likely unsolicited mail. To reduce the amount of spam sent to Gmail, 550-5.7.1 this message has been blocked. Please visit 550-5.7.1 http://support.google.com/mail/bin/answer.py?hl=enanswer=188131 for 550 5.7.1 more information. hf1si2909081pbc.134 - gsmtp (in reply to end of DATA command) Final-Recipient: rfc822; angeli.surend...@gmail.com Original-Recipient: rfc822;angeli.surendran@gmail.com Action: failed Status: 5.7.1 Remote-MTA: dns; gmail-smtp-in.l.google.com Diagnostic-Code: smtp; 550-5.7.1 [117.218.165.51 12] Our system has detected that this message is 550-5.7.1 likely unsolicited mail. To reduce the amount of spam sent to Gmail, 550-5.7.1 this message has been blocked. Please visit 550-5.7.1 http://support.google.com/mail/bin/answer.py?hl=enanswer=188131 for 550 5.7.1 more information. hf1si2909081pbc.134 - gsmtp -- Forwarded message --From: DISASTER MANAGEMENT DIGITAL LIBRARY Submission Engine kksurend...@iitbombay.orgTo: angeli.surend...@gmail.comCc: Date: Sun, 5 Apr 2015 21:40:08 +0530 (IST)Subject: DMDOC-PLAN-2015-039: Document ReceivedHello: The document DMDOC-PLAN-2015-039 Title: National Disaster Management Guidelines: Management of Preparation of State Disaster Management Plans Author(s): National Disaster Management Authority (NDMA) has been correctly received It will be soon added to our Document Server. Once inserted, you will be able to check the bibliographic information and the quality of the electronic documents at this URL: http://wikilibrary.dynamic-dns.net/record/174 If you detect an error please let us know by sending an email to kksurend...@iitbombay.org. Note that your submission has been inserted into the bibliographic task queue and is waiting for execution. The task queue is currently running in automatic mode, and there are currently 2 tasks waiting to be executed. Your record should be available within a few minutes and searchable within an hour or thereabouts. Thank you for using DISASTER MANAGEMENT DIGITAL LIBRARY Submission Interface. Best regards -- DISASTER MANAGEMENT DIGITAL LIBRARY http://wikilibrary.dynamic-dns.net Need human intervention? Contact kksurend...@iitbombay.orgRegards From: Samuele Kaplun Posted: 08/04/2015 00:14 Subject: Websubmit Mail_Submitter Function Hi Surendran, In data lunedì 6 aprile 2015 11:59:13, Surendran Karippadath ha scritto: It appears that Google is this invenio is unable to send mail to x.gmail.com. The re are entries in the /var/log/mail.log such as this: $ tail /var/log/mail.logangeli-acer postfix/qmgr[24178]: C270048004F: removed Apr 6 15:16:16 angeli-acer postfix/smtp[24652]: 08E904800A0: to=angeli.surend...@gmail.com, relay=gmail-smtp-in.l.google.com[74.125.68.26]:25, delay=13, delays=0.04/0/12/1.2, dsn=5.7.1, status=bounced (host gmail-smtp-in.l.google.com[74.125.68.26] said: 550-5.7.1 [117.218.165.51 12] Our system has detected that this message is 550-5.7.1 likely unsolicited mail. To reduce the amount of spam sent to Gmail, 550-5.7.1 this message has been blocked. Please visit 550-5.7.1 http://support.google.com/mail/bin/answer.py?hl=enanswer=188131 for 550 5.7.1 more information. ot4si5863874pdb.82 - gsmtp (in reply to end of DATA command)) Apr 6 15:16:16 angeli-acer postfix/qmgr[24178]: 08E904800A0: removed could it be connected to this? http://www.securityweek.com/google-lets-smtp-certificate-expireCheers! Samuele -- Samuele Kaplun INSPIRE Service Manager ** http://inspirehep.net/ Invenio Developer ** http://invenio-software.org/
Re: Websubmit Mail_Submitter Function
On Wed, 08 Apr 2015, Surendran Karippadath wrote: I doubt that. For one, this started from Match 28 and second, the mail was redirected to admin address which forwarded it as [SUSPECTED SPAM] Perhaps your system sends too many emails, which raised bulk sending flag at Google? See: https://support.google.com/mail/answer/81126 You can try to make some experiments with manual email sending from the box, using settings recommended on that page. Final-Recipient: rfc822; angeli.surend...@gmail.com Original-Recipient: rfc822;angeli.surend...@gmail.com Hmm, what is `rfc822` string doing here? Best regards -- Tibor Simko
Re: Websubmit Mail_Submitter Function
It appears that Google is this invenio is unable to send mail to x.gmail.com. The re are entries in the /var/log/mail.log such as this:$ tail /var/log/mail.logangeli-acer postfix/qmgr[24178]: C270048004F: removedApr 6 15:16:16 angeli-acer postfix/smtp[24652]: 08E904800A0: to=angeli.surend...@gmail.com, relay=gmail-smtp-in.l.google.com[74.125.68.26]:25, delay=13, delays=0.04/0/12/1.2, dsn=5.7.1, status=bounced (host gmail-smtp-in.l.google.com[74.125.68.26] said: 550-5.7.1 [117.218.165.51 12] Our system has detected that this message is 550-5.7.1 likely unsolicited mail. To reduce the amount of spam sent to Gmail, 550-5.7.1 this message has been blocked. Please visit 550-5.7.1 http://support.google.com/mail/bin/answer.py?hl=enanswer=188131 for 550 5.7.1 more information. ot4si5863874pdb.82 - gsmtp (in reply to end of DATA command))Apr 6 15:16:16 angeli-acer postfix/qmgr[24178]: 08E904800A0: removed From: Surendran Karippadath Posted: 04/04/2015 21:25 Subject: Websubmit Mail_Submitter Function Hello, In Inenio-1.1.5, since March 28, two users doing websubmission to wikilibrary.dynamic-dns.net stopped getting email notifications after successful and correct submissions of documents which are in the repository now. They continue to do submissions but do not receive mail. I checked the same using the following code: $ ipython In [1]: from invenio.webuser import *In [2]: run_sql(SELECT id, nickname FROM user)Out[2]: ((1L, 'admin'), (2L, 'jekyll'), (3L, 'hyde'), (4L, 'dorian'), (5L, 'romeo'), (6L, 'juliet'), (7L, 'benvolio'), (8L, 'balthasar'), (9L, 'shashikalam'), (10L, 'Vinod'), (11L, 'angeli'))In [3]: get_user_preferences(9)Out[3]: {'language': 'en', 'login_method': 'Local'}In [4]: get_user_preferences(11)Out[4]: {'language': 'en', 'login_method': 'Local'}In [5]: get_user_preferences(1)Out[5]: {'language': 'en', 'login_method': 'Local'}In [6]: send_email('root#localhost','shashika...@gmail.com','testing-email','test-not-done-yet',header='',footer='')Out[6]: TrueIn [7]: send_email('root#localhost','angeli.surend...@gmail.com','testing-email','test-not-done-yet',header='',footer='')Out[7]: TrueIn [8]: send_email('root#localhost','kksurend...@iitbombay.org','testing-email','test-not-done-yet',header='',footer='')Out[8]: True In the above [6] and [7] corresponding to the users doing websubmit DID NOT receive the mail while [8] corresponding to invenio admin received it. Kindly suggest how I can rectify the situation. The configuration in invenio.conf is standard: CFG_MISCUTIL_SMTP_HOST = localhost CFG_MISCUTIL_SMTP_PORT = 25 CFG_MISCUTIL_SMTP_USER = CFG_MISCUTIL_SMTP_PASS = CFG_MISCUTIL_SMTP_TLS = False Thank you ffor your attention. Regards
Websubmit Mail_Submitter Function
Hello, In Inenio-1.1.5, since March 28, two users doing websubmission to wikilibrary.dynamic-dns.net stopped getting email notifications after successful and correct submissions of documents which are in the repository now. They continue to do submissions but do not receive mail. I checked the same using the following code: $ ipython In [1]: from invenio.webuser import *In [2]: run_sql(SELECT id, nickname FROM user)Out[2]: ((1L, 'admin'), (2L, 'jekyll'), (3L, 'hyde'), (4L, 'dorian'), (5L, 'romeo'), (6L, 'juliet'), (7L, 'benvolio'), (8L, 'balthasar'), (9L, 'shashikalam'), (10L, 'Vinod'), (11L, 'angeli'))In [3]: get_user_preferences(9)Out[3]: {'language': 'en', 'login_method': 'Local'}In [4]: get_user_preferences(11)Out[4]: {'language': 'en', 'login_method': 'Local'}In [5]: get_user_preferences(1)Out[5]: {'language': 'en', 'login_method': 'Local'}In [6]: send_email('root#localhost','shashika...@gmail.com','testing-email','test-not-done-yet',header='',footer='')Out[6]: TrueIn [7]: send_email('root#localhost','angeli.surend...@gmail.com','testing-email','test-not-done-yet',header='',footer='')Out[7]: TrueIn [8]: send_email('root#localhost','kksurend...@iitbombay.org','testing-email','test-not-done-yet',header='',footer='')Out[8]: True In the above [6] and [7] corresponding to the users doing websubmit DID NOT receive the mail while [8] corresponding to invenio admin received it. Kindly suggest how I can rectify the situation. The configuration in invenio.conf is standard: CFG_MISCUTIL_SMTP_HOST = localhost CFG_MISCUTIL_SMTP_PORT = 25 CFG_MISCUTIL_SMTP_USER = CFG_MISCUTIL_SMTP_PASS = CFG_MISCUTIL_SMTP_TLS = False Thank you ffor your attention. Regards