Use an externally resolvable mail server for QMO

RESOLVED FIXED

Status

mozilla.org Graveyard
Server Operations
RESOLVED FIXED
11 years ago
3 years ago

People

(Reporter: coop, Assigned: mrz)

Tracking

Details

(Reporter)

Description

11 years ago
We had at least 3 confirmed reports of users (myself included) who have never received their registration confirmation email from QMO. This is insidious, because we don't know how many people have tried to sign up, not received the email, and then lost interest and and never returned.

I solved the problem on my end my talking to my mail server admin (a friend), who showed me the headers that got bounced:

Mar 23 06:38:47 cthulhu postfix/smtpd[14213]: NOQUEUE: reject: RCPT from pubdmz01.sj.mozilla.com[63.245.208.139]: 450 <apache@dm-qmo01.mozilla.org>: Sender address rejected: Domain not found; from=<apache@dm-qmo01.mozilla.org> to=<ccooper@deadsquid.com> proto=ESMTP helo=<dm-qmo01.mozilla.org>

This host, dm-qmo01.mozilla.org, doesn't resolve outside the Moz firewall. A common mail server anti-spam configuration is to reject mail from hosts that cannot be resolved.

cthulhu:/var/log# host dm-qmo01.mozilla.org
Host dm-qmo01.mozilla.org not found: 3(NXDOMAIN)

Can we have QMO use the stmp.mozilla.org (or some other externally resolvable mail server)?

Comment 1

11 years ago
A few users are saying they are not getting the activation email, and therefore cannot complete registration to login.  Assigning to Jeremy for investigation, since he's been my QMO goto guy. :-)
Assignee: nobody → oremj
Assignee: oremj → server-ops
Component: quality.mozilla.org → Server Operations
Product: Websites → mozilla.org
QA Contact: quality-mozilla-org → justin
Version: unspecified → other
That log entry is from March, and that machine has been masquerading as "qmo.mozilla.org" which does exist outside the firewall for the last 2 weeks or so.  Have any recent bounces?
host qmo.mozilla.org
Host qmo.mozilla.org not found: 3(NXDOMAIN)

(Reporter)

Comment 4

11 years ago
Shouldn't the machine name/masq be quality.mozilla.org? qmo.mozilla.org seems self-referential to me.

Comment 5

11 years ago
yeah, not sure where qmo.mozilla.org came from, but we should be using quality.mozilla.org.  
(Assignee)

Comment 6

11 years ago
This is wrong then:

sendmail.mc:MASQUERADE_AS(`qmo.mozilla.org')dnl

But you can't really call yourself quality.mozilla.org either and expect dns forward & reverse to match.  quality.mozilla.org is fronted by the Netscaler but when you go out to the Internet you're NAT'd out as the general pubdmz host.

I think this can be fixed by using dm-mail01/dm-mail02 as your smart host relays or, worst case, adding a static NAT for "qmo" but I'm less inclined to do that since there isn't any other inbound access to this host.

justdave, can you comment?
(Assignee)

Comment 7

11 years ago
I updated the .mc file with the correct hostname and rebuilt sendmail.cf.  Stopped and restarted.
Status: NEW → RESOLVED
Last Resolved: 11 years ago
Resolution: --- → FIXED
Assignee: server-ops → mrz
yeah, cleared it up on IRC, I had the wrong hostname in the masquerade, quality.mozilla.org is what should have been in there.  It'll buy more points for the anti-spam folks if we have working inbound mail for that domain, but it's not completely necessary.  The inbound mail doesn't have to be on that machine, and can be limited to postmaster/webmaster/abuse/etc.
Product: mozilla.org → mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.