I've just got a bunch of:
<xxx@gmail.com> (expanded from <xxx@fedoraproject.org>): host gmail-smtp-in.l.google.com[142.250.102.26] said: 550-5.7.26 This message does not have authentication information or fails to 550-5.7.26 pass authentication checks. To best protect our users from spam, the 550-5.7.26 message has been blocked. Please visit 550-5.7.26 https://support.google.com/mail/answer/81126#authentication for more 550 5.7.26 information....
I can privately share the entire rejection email if it helps. No idea if this is some misconfiguration at Red Hat SMTP or at fedoraproject.org level.
Metadata Update from @zlopez: - Issue priority set to: Waiting on External (was: Needs Review) - Issue tagged with: high-trouble, medium-gain
We have had this issue previously where gmail marks fedoraproject mails as spam. From what I remember its on the gmail side so not sure we can do much
Metadata Update from @mobrien: - Issue untagged with: high-trouble, medium-gain - Issue priority set to: Needs Review (was: Waiting on External)
Can you send me the entire email with headers?
I've sent you a couple to your Red Hat email address.
Thanks.
I think I see one issue that might help.
We were taking emails in from @redhat.com and validating the DKIM and then stripping it off. Instead we should just trust the internal mx and not verify or strip DKIM from it. This should allow those emails to have the orig redhat.com signature and hopefully make google more likely to accept them.
I have pushed this change out now. I sent a test email from my redhat.com account to someone who bounced from your emails and it worked. :)
Can you resend some bounced stuff and see if it sends to gmail better now?
I will send regular spam on Monday, does that work?
EDIT: By spam, I mean Orphaned packages...
Sure, sounds good. I guess I can close this and if it has problems monday let me know and I can look more, but this is all that I have found to do. ;(
Metadata Update from @kevin: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
OK, will do. And thank you!
All emails for gmail recipients were rejected again today.
Metadata Update from @churchyard: - Issue status updated to: Open (was: Closed)
Yes, redhat.com switched to hard fail on it's SPF record, which breaks anything that forwards email to gmail (which stupidly honors hard fail SPF).
I have an internal ticket open on this... so far with no response.
Just an update here:
I asked to have our smtp servers added to the SPF list The IT folks in the ticket I orig opened wanted me to file it as a new change and I have done so. I am now waiting to hear back on that.
Very sorry this is continuing to happen. If I don't hear anything early next week, I will begin escalating up my management chain.
Thanks for the update! I realize this is not yours nor Fedora's fault :)
Metadata Update from @kevin: - Issue tagged with: blocked
ok, sorry for all the delay and hassles here. I was pushing to get us added to the redhat.com SPF records so we could send for redhat.com addresses. This proved to be... very difficult.
As I was replying to the latest ticket (there have been 4 so far) I got a hackish idea on how to fix this without doing that.
So, I have implemented my hack and it seems to be working. Can any/all of you having problems please test and see if it seems working now?
If it's not please re-open and let me know.
Metadata Update from @kevin: - Issue close_status updated to: Fixed with Explanation - Issue status updated to: Closed (was: Open)
Seems to work. At least I don't get the reject messages anymore.
Login to comment on this ticket.