Re: Websubmit Mail_Submitter Function

[Surendran Karippadath]

Hi Tibor,Is it possible that the MTA used by invenio to send forged mail, is commandeered by anonymous agents to send mails in bulk. Because yesterday, April 8 around midnight, I had shut down the invenio site to solve the problem of backing up invenio-1.1.5 tar ball from one box (Ubuntu-14.04)with websubmit data and restoring it in another box(Ubuntu-13.1) with no invenio.Within a gap of one hour the admin received a dozen 404 exceptio mails from the following diverse IP addresses:  09.161.99.26158.222.8.21 158.222.8.112178.32.115.5223.232.137.13569.12.79.70 107.182.125.251 173.44.40.252167.160.115.155 5.9.231.89 192.3.166.102They were all trying to access another virtual host on the same box. What do you suggest one should do to keep the mail daemon more secure/Thanks and RegardsSurendran
From: Tibor Simko
Posted: 08/04/2015 16:54
Subject: Websubmit Mail_Submitter Function

On Wed, 08 Apr 2015, Surendran Karippadath wrote:  I doubt that. For one, this started from Match 28 and second, the mail  was redirected to admin address which forwarded it as [SUSPECTED SPAM]  Perhaps your system sends too many emails, which raised bulk sending flag at Google?  See:    https://support.google.com/mail/answer/81126  You can try to make some experiments with manual email sending from the box, using settings recommended on that page.   Final-Recipient: rfc822; angeli.surend...@gmail.com  Original-Recipient: rfc822;angeli.surend...@gmail.com  Hmm, what is `rfc822` string doing here?  Best regards -- Tibor Simko 

Re: Websubmit Mail_Submitter Function

[Surendran Karippadath]

Hi Samuele,
   I doubt that. For one, this started 
from Match 28 and second, the mail was redirected to admin address which
 forwarded it as [SUSPECTED SPAM] to the forwarding address like this: The mail system

angeli.surend...@gmail.com: host gmail-smtp-in.l.google.com[74.125.68.26]
    said: 550-5.7.1 [117.218.165.51      12] Our system has detected that this
    message is 550-5.7.1 likely unsolicited mail. To reduce the amount of spam
    sent to Gmail, 550-5.7.1 this message has been blocked. Please visit
    550-5.7.1 http://support.google.com/mail/bin/answer.py?hl=enanswer=188131
    for 550 5.7.1 more information. hf1si2909081pbc.134 - gsmtp (in reply to
    end of DATA command)
Final-Recipient: rfc822; angeli.surend...@gmail.com
Original-Recipient: rfc822;angeli.surendran@gmail.com
Action: failed
Status: 5.7.1
Remote-MTA: dns; gmail-smtp-in.l.google.com
Diagnostic-Code: smtp; 550-5.7.1 [117.218.165.51      12] Our system has
    detected that this message is 550-5.7.1 likely unsolicited mail. To reduce
    the amount of spam sent to Gmail, 550-5.7.1 this message has been blocked.
    Please visit 550-5.7.1
    http://support.google.com/mail/bin/answer.py?hl=enanswer=188131 for 550
    5.7.1 more information. hf1si2909081pbc.134 - gsmtp
-- Forwarded message --From: DISASTER MANAGEMENT DIGITAL LIBRARY Submission Engine kksurend...@iitbombay.orgTo: angeli.surend...@gmail.comCc: Date: Sun,  5 Apr 2015 21:40:08 +0530 (IST)Subject: DMDOC-PLAN-2015-039: Document ReceivedHello:
        The document DMDOC-PLAN-2015-039
Title: National Disaster Management Guidelines: Management of Preparation of State Disaster Management Plans
Author(s): National Disaster Management Authority (NDMA)

has been correctly received

It will be soon added to our Document Server.

Once inserted, you will be able to check the  bibliographic information and the quality of the electronic documents at this URL:
http://wikilibrary.dynamic-dns.net/record/174
If you detect an error please let us know by sending an email to kksurend...@iitbombay.org.

Note that your submission has been inserted into the bibliographic task queue and is waiting for execution.
The task queue is currently running in automatic mode, and there are 
currently 2 tasks waiting to be executed. Your record should be 
available within a few minutes and searchable within an hour or 
thereabouts.
Thank you for using DISASTER MANAGEMENT DIGITAL LIBRARY Submission Interface.


Best regards
--
DISASTER MANAGEMENT DIGITAL LIBRARY http://wikilibrary.dynamic-dns.net
Need human intervention?  Contact kksurend...@iitbombay.orgRegards
From: Samuele Kaplun
Posted: 08/04/2015 00:14
Subject: Websubmit Mail_Submitter Function

Hi Surendran,  In data lunedì 6 aprile 2015 11:59:13, Surendran Karippadath ha scritto:  It appears that Google is this invenio is unable to send mail to  x.gmail.com. The re are entries in the /var/log/mail.log such as this:  $ tail /var/log/mail.logangeli-acer postfix/qmgr[24178]: C270048004F: removed  Apr  6 15:16:16 angeli-acer postfix/smtp[24652]: 08E904800A0:  to=angeli.surend...@gmail.com,  relay=gmail-smtp-in.l.google.com[74.125.68.26]:25, delay=13,  delays=0.04/0/12/1.2, dsn=5.7.1, status=bounced (host  gmail-smtp-in.l.google.com[74.125.68.26] said: 550-5.7.1  [117.218.165.51  12] Our system has detected that this message is  550-5.7.1 likely unsolicited mail. To reduce the amount of spam sent to  Gmail, 550-5.7.1 this message has been blocked. Please visit 550-5.7.1  http://support.google.com/mail/bin/answer.py?hl=enanswer=188131 for 550  5.7.1 more information. ot4si5863874pdb.82 - gsmtp (in reply to end of DATA  command)) Apr  6 15:16:16 angeli-acer postfix/qmgr[24178]: 08E904800A0:  removed  could it be connected to this?  http://www.securityweek.com/google-lets-smtp-certificate-expireCheers! 	Samuele  --  Samuele Kaplun INSPIRE Service Manager ** http://inspirehep.net/ Invenio Developer ** http://invenio-software.org/  

Re: Websubmit Mail_Submitter Function

[Tibor Simko]

On Wed, 08 Apr 2015, Surendran Karippadath wrote:
 I doubt that. For one, this started from Match 28 and second, the mail
 was redirected to admin address which forwarded it as [SUSPECTED SPAM]

Perhaps your system sends too many emails, which raised bulk sending
flag at Google?  See:

  https://support.google.com/mail/answer/81126

You can try to make some experiments with manual email sending from the
box, using settings recommended on that page.

 Final-Recipient: rfc822; angeli.surend...@gmail.com
 Original-Recipient: rfc822;angeli.surend...@gmail.com

Hmm, what is `rfc822` string doing here?

Best regards
--
Tibor Simko

Re: Websubmit Mail_Submitter Function

[Surendran Karippadath]

It appears that Google is this invenio is unable to send mail to x.gmail.com. The re are entries in the /var/log/mail.log such as this:$ tail /var/log/mail.logangeli-acer postfix/qmgr[24178]: C270048004F: removedApr  6 15:16:16 angeli-acer postfix/smtp[24652]: 08E904800A0: to=angeli.surend...@gmail.com, relay=gmail-smtp-in.l.google.com[74.125.68.26]:25, delay=13, delays=0.04/0/12/1.2, dsn=5.7.1, status=bounced (host gmail-smtp-in.l.google.com[74.125.68.26] said: 550-5.7.1 [117.218.165.51  12] Our system has detected that this message is 550-5.7.1 likely unsolicited mail. To reduce the amount of spam sent to Gmail, 550-5.7.1 this message has been blocked. Please visit 550-5.7.1 http://support.google.com/mail/bin/answer.py?hl=enanswer=188131 for 550 5.7.1 more information. ot4si5863874pdb.82 - gsmtp (in reply to end of DATA command))Apr  6 15:16:16 angeli-acer postfix/qmgr[24178]: 08E904800A0: removed
From: Surendran Karippadath
Posted: 04/04/2015 21:25
Subject: Websubmit Mail_Submitter Function
​Hello,
In Inenio-1.1.5, since March 28, two users doing websubmission to wikilibrary.dynamic-dns.net stopped getting email notifications after successful and correct submissions of documents which are in the repository now. They continue to do submissions but do not receive mail. I checked the same using the following code:
$ ipython
In [1]: from invenio.webuser import *In [2]: run_sql(SELECT id, nickname FROM user)Out[2]: ((1L, 'admin'), (2L, 'jekyll'), (3L, 'hyde'), (4L, 'dorian'), (5L, 'romeo'), (6L, 'juliet'), (7L, 'benvolio'), (8L, 'balthasar'), (9L, 'shashikalam'), (10L, 'Vinod'), (11L, 'angeli'))In [3]: get_user_preferences(9)Out[3]: {'language': 'en', 'login_method': 'Local'}In [4]: get_user_preferences(11)Out[4]: {'language': 'en', 'login_method': 'Local'}In [5]: get_user_preferences(1)Out[5]: {'language': 'en', 'login_method': 'Local'}In [6]: send_email('root#localhost','shashika...@gmail.com','testing-email','test-not-done-yet',header='',footer='')Out[6]: TrueIn [7]: send_email('root#localhost','angeli.surend...@gmail.com','testing-email','test-not-done-yet',header='',footer='')Out[7]: TrueIn [8]: send_email('root#localhost','kksurend...@iitbombay.org','testing-email','test-not-done-yet',header='',footer='')Out[8]: True
In the above [6] and [7] corresponding to the users doing websubmit DID NOT receive the mail while [8] corresponding to invenio admin received it. 
Kindly suggest how I can rectify the situation. The configuration in invenio.conf is standard:
CFG_MISCUTIL_SMTP_HOST = localhost  CFG_MISCUTIL_SMTP_PORT = 25  CFG_MISCUTIL_SMTP_USER =  CFG_MISCUTIL_SMTP_PASS =  CFG_MISCUTIL_SMTP_TLS = False
Thank you ffor your attention.
Regards

Websubmit Mail_Submitter Function

[Surendran Karippadath]

​Hello,
In Inenio-1.1.5, since March 28, two users doing websubmission to wikilibrary.dynamic-dns.net stopped getting email notifications after successful and correct submissions of documents which are in the repository now. They continue to do submissions but do not receive mail. I checked the same using the following code:
$ ipython
In [1]: from invenio.webuser import *In [2]: run_sql(SELECT id, nickname FROM user)Out[2]: ((1L, 'admin'), (2L, 'jekyll'), (3L, 'hyde'), (4L, 'dorian'), (5L, 'romeo'), (6L, 'juliet'), (7L, 'benvolio'), (8L, 'balthasar'), (9L, 'shashikalam'), (10L, 'Vinod'), (11L, 'angeli'))In [3]: get_user_preferences(9)Out[3]: {'language': 'en', 'login_method': 'Local'}In [4]: get_user_preferences(11)Out[4]: {'language': 'en', 'login_method': 'Local'}In [5]: get_user_preferences(1)Out[5]: {'language': 'en', 'login_method': 'Local'}In [6]: send_email('root#localhost','shashika...@gmail.com','testing-email','test-not-done-yet',header='',footer='')Out[6]: TrueIn [7]: send_email('root#localhost','angeli.surend...@gmail.com','testing-email','test-not-done-yet',header='',footer='')Out[7]: TrueIn [8]: send_email('root#localhost','kksurend...@iitbombay.org','testing-email','test-not-done-yet',header='',footer='')Out[8]: True
In the above [6] and [7] corresponding to the users doing websubmit DID NOT receive the mail while [8] corresponding to invenio admin received it. 
Kindly suggest how I can rectify the situation. The configuration in invenio.conf is standard:
CFG_MISCUTIL_SMTP_HOST = localhost  CFG_MISCUTIL_SMTP_PORT = 25  CFG_MISCUTIL_SMTP_USER =  CFG_MISCUTIL_SMTP_PASS =  CFG_MISCUTIL_SMTP_TLS = False
Thank you ffor your attention.
Regards