929526 - RITM0021108 - Receiving undeliverable mail from press@mozilla.com

Status: RESOLVED INVALID

(Infrastructure & Operations :: Infrastructure: Mail, task)

Description

[Joel Braddock :jbraddock]

From Justin OKelly, ServiceNow request:

"Mike Manning, Shannon Prior and I are all getting lots of 'mail undelivered' notices today to addresses we never consciously emailed.  Not sure if this is a system wide problem but would love to know!"

From looking at the bounce back emails, it looks like press@mozilla.com is in some way black-listed on a mail server list:

--
Taken from "Returned mail: see transcript for details" email in Justin OKelly's inbox:
while talking to gmail-smtp-in.l.google.com.:
>>> DATA
<<< 550-5.7.1 [2001:380:140:0:a800:dbff:fea6:6aa      12] Our system has detected
<<< 550-5.7.1 that this message is likely unsolicited mail. To reduce the amount of
<<< 550-5.7.1 spam sent to Gmail, this message has been blocked. Please visit
<<< 550-5.7.1 http://support.google.com/mail/bin/answer.py?hl=en&answer=188131 for
<<< 550 5.7.1 more information. e5si7328650pbj.98 - gsmtp
554 5.0.0 Service unavailable
--

Bumping this bug to major since Mozilla press is going to hold on sending any additional emails until this is resolved.

Comment 1

[Joel Braddock :jbraddock]

Header info from "Returned mail: see transcript for details" email in Justin OKelly's inbox:

--Return-Path: press-bounces@mozilla.org
Received: from zmmta2.mail.corp.phx1.mozilla.com (LHLO
 zmmta2.mail.corp.phx1.mozilla.com) (10.20.77.30) by
 zmmbox2.mail.corp.phx1.mozilla.com with LMTP; Mon, 21 Oct 2013 10:43:16
 -0700 (PDT)
Received: from zmmta2.mail.corp.phx1.mozilla.com (localhost6.localdomain [127.0.0.1])
	by zmmta2.mail.corp.phx1.mozilla.com (Postfix) with ESMTP id A0838102154;
	Mon, 21 Oct 2013 10:43:16 -0700 (PDT)
Received: from mail.mozilla.org (zlb1.mail.corp.phx1.mozilla.com [10.20.77.200])
	by zmmta2.mail.corp.phx1.mozilla.com (Postfix) with ESMTP id 967A3102011;
	Mon, 21 Oct 2013 10:43:16 -0700 (PDT)
Received: from mailman1.mail.corp.phx1.mozilla.com (localhost6.localdomain [127.0.0.1])
	by mailman1.mail.corp.phx1.mozilla.com (Postfix) with ESMTP id 92E7AF241C;
	Mon, 21 Oct 2013 10:43:16 -0700 (PDT)
X-Original-To: press@mozilla.org
Delivered-To: press@mailman1.mail.corp.phx1.mozilla.com
Received: from zmmta1.mail.corp.phx1.mozilla.com
	(zmmta1.mail.corp.phx1.mozilla.com [10.20.77.21])
	by mailman1.mail.corp.phx1.mozilla.com (Postfix) with ESMTP id
	E8068F218D
	for <press@mozilla.org>; Mon, 21 Oct 2013 10:43:14 -0700 (PDT)
Received: from zmmta1.mail.corp.phx1.mozilla.com (localhost6.localdomain
	[127.0.0.1])
	by zmmta1.mail.corp.phx1.mozilla.com (Postfix) with ESMTP id
	D26CB10644A; Mon, 21 Oct 2013 10:43:14 -0700 (PDT)
Received: from psmtp.com (exprod5mx268.postini.com [64.18.0.91])
	by zmmta1.mail.corp.phx1.mozilla.com (Postfix) with ESMTPS id
	23CA0106407
	for <press@mozilla.com>; Mon, 21 Oct 2013 10:43:14 -0700 (PDT)
Received-SPF: none (google.com: madoka.ootani.nagata.kobe.jp does not
	designate permitted sender hosts) client-ip=219.166.6.170; 
Received: from madoka.ootani.nagata.kobe.jp ([219.166.6.170]) (using TLSv1) by
	exprod5mx268.postini.com ([64.18.4.10]) with SMTP; 
	Mon, 21 Oct 2013 13:43:14 EDT
Received: from localhost (localhost) by madoka.ootani.nagata.kobe.jp
	(8.14.7/8.12.11/OOTANI-NAGATA-JM3SPA-MANGAJIAN(200509161203))/inet
	id r9LHhClx020314; Tue, 22 Oct 2013 02:43:12 +0900 (JST)
	(envelope-from MAILER-DAEMON)
Date: Tue, 22 Oct 2013 02:43:12 +0900 (JST)
From: Mail Delivery Subsystem <MAILER-DAEMON@madoka.ootani.nagata.kobe.jp>
Message-Id: <201310211743.r9LHhClx020314@madoka.ootani.nagata.kobe.jp>
To: <press@mozilla.com>
MIME-Version: 1.0
Subject: Returned mail: see transcript for details
Auto-Submitted: auto-generated (failure)
X-pstn-neptune: 0/0/0.00/0
X-pstn-levels: (S:61.41030/99.90000 CV:99.9000 FC:95.5390 LC:95.5390 R:95.9108
	P:95.9108 M:97.0282 C:98.6951 )
X-pstn-dkim: 0 skipped:not-enabled
X-pstn-settings: 5 (2.0000:2.0000) s cv gt4 gt3 gt2 gt1 r p m c 
X-pstn-addresses: from <MAILER-DAEMON@madoka.ootani.nagata.kobe.jp> [140/6] 
X-BeenThere: press@mozilla.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <press.mozilla.org>
List-Unsubscribe: <https://mail.mozilla.org/options/press>,
	<mailto:press-request@mozilla.org?subject=unsubscribe>
List-Archive: <https://mail.mozilla.org/private/press/>
List-Post: <mailto:press@mozilla.org>
List-Help: <mailto:press-request@mozilla.org?subject=help>
List-Subscribe: <https://mail.mozilla.org/listinfo/press>,
	<mailto:press-request@mozilla.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============5759858054041699057=="
Errors-To: press-bounces@mozilla.org
Sender: "Press" <press-bounces@mozilla.org>

This is a MIME-encapsulated message

--===============5759858054041699057==
Content-Type: multipart/report; report-type=delivery-status;
	boundary="r9LHhClx020314.1382377392/madoka.ootani.nagata.kobe.jp"
Content-Transfer-Encoding: 8bit

This is a MIME-encapsulated message

--r9LHhClx020314.1382377392/madoka.ootani.nagata.kobe.jp

The original message was received at Tue, 22 Oct 2013 02:43:09 +0900 (JST)
from [110.205.34.216]

   ----- The following addresses had permanent fatal errors -----
hajime.morito@gmail.com
    (reason: 550-5.7.1 [2001:380:140:0:a800:dbff:fea6:6aa      12] Our system has detected)
    (expanded from: <hajime@morito.org>)

   ----- Transcript of session follows -----
... while talking to gmail-smtp-in.l.google.com.:
>>> DATA
<<< 550-5.7.1 [2001:380:140:0:a800:dbff:fea6:6aa      12] Our system has detected
<<< 550-5.7.1 that this message is likely unsolicited mail. To reduce the amount of
<<< 550-5.7.1 spam sent to Gmail, this message has been blocked. Please visit
<<< 550-5.7.1 http://support.google.com/mail/bin/answer.py?hl=en&answer=188131 for
<<< 550 5.7.1 more information. e5si7328650pbj.98 - gsmtp
554 5.0.0 Service unavailable

--r9LHhClx020314.1382377392/madoka.ootani.nagata.kobe.jp
Content-Type: message/delivery-status

Reporting-MTA: dns; madoka.ootani.nagata.kobe.jp
Received-From-MTA: DNS; [110.205.34.216]
Arrival-Date: Tue, 22 Oct 2013 02:43:09 +0900 (JST)

Final-Recipient: RFC822; hajime@morito.org
X-Actual-Recipient: RFC822; hajime.morito@gmail.com
Action: failed
Status: 5.7.1
Remote-MTA: DNS; gmail-smtp-in.l.google.com
Diagnostic-Code: SMTP; 550-5.7.1 [2001:380:140:0:a800:dbff:fea6:6aa      12] Our system has detected
Last-Attempt-Date: Tue, 22 Oct 2013 02:43:12 +0900 (JST)

--r9LHhClx020314.1382377392/madoka.ootani.nagata.kobe.jp
Content-Type: message/rfc822
Content-Transfer-Encoding: 8bit

Return-Path: <press@mozilla.com>
Received: from mozilla.com ([110.205.34.216])
	by madoka.ootani.nagata.kobe.jp (8.14.7/8.12.11/OOTANI-NAGATA-JM3SPA-MANGAJIAN(200509161203)) with ESMTP/inet id r9LHfOm0027300
	for <hajime@morito.org>; Tue, 22 Oct 2013 02:43:09 +0900 (JST)
	(envelope-from press@mozilla.com)
Message-Id: <201310211743.r9LHfOm0027300@madoka.ootani.nagata.kobe.jp>
From: "fathmq981" <press@mozilla.com>
Subject: =?GB2312?B?s8m5prXEsvrGt76twO0xMzk5Mjg=?=
To: "hajime" <hajime@morito.org>
Content-Type: text/plain;
	charset="gb2312"
Content-Transfer-Encoding: 8bit
Date: Tue, 22 Oct 2013 01:42:49 +0800
X-Mailer: Foxmail 4.1 [cn]

������������������������������������������������������������������������������������

				  �ɹ��IJ�Ʒ����

            2013��10��25-26��[����]��10��28-29��[�Ϻ�]��10��31-11��1��[����]
������������������������������������������������������������������������������������

����ѵ������ҵCEO/�ܾ������з��ܾ���/���ܡ���˾�ܹ�/�����ܼࡢ ��˾������Դ��
            �ࡢ��Ʒ���ܼࡢ��Ʒ����/��Ŀ������PMO����Ŀ�����칫�ң���Ա���г���
            �ࡢ����֧���ܼ�ȡ�

����ѵ���á�4300Ԫ/���� ������ͬһ���µ�ͬһ�γ̲����д��Żݣ�����һ���շ�2800Ԫ��
           ���������в͡�ָ���̲ġ�֤�顢��㣩

������ѯ��0755-61283071  021-51619667 186-2763-1286��

������������������������������������������������������������������������������������
���γ̱�����

��Ϊ���ںܶ�Ƽ���ҵ����Ĺ����У�������ҵ���ձ�����������⣺
?  ��Ʒ���������쳵��ֻ��ע����������ע�ͻ����з�����æ��������Ʒ�����IJ��٣���׬Ǯ
�IJ�Ʒ��ָ����
?  ��Ʒ�����������ҿͻ��������㣬������Ա��Թ���ǵIJ�Ʒ����̥�г��������ڵ����ϣ���
Ʒû�����ƣ�Ҳ��֪���������ֲ�Ʒ�����㣬�����Dz�Ʒ����������������ץס
?  ����û�в�Ʒ·��Ĺ滮���й滮Ҳ��Ҫ�Ǽ����������ͻ����

Comment 2

[Dave Miller [:justdave]]

That's forged mail.  Someone is "Joe Jobbing" you.  There is nothing we can do about this, it's just how email works.

http://en.wikipedia.org/wiki/Joe_job

Comment 3

[Joel Braddock :jbraddock]

Thanks Dave!

Justin - I checked all of the other undeliverable email that you forwarded to me and those received by press@mozilla.com and all were forged emails (same as Dave mentioned above). After speaking with Dave, there is unfortunately little that we can do to avoid these types of undeliverable emails. What I would like for the team to do is to keep me informed on if these emails are becoming more or less frequent with time. Bottom line is these emails are not valid and are nothing to worry about.

Comment 4

[justinokelly]

Thanks Joel and Dave.

Understood re the outcome. When you say there is little we can do, do you mean there's nothing we can do? I am concerned that this situation could get worse and we might end up wasting time deleting bunches of emails. Is there any way to know whether it's going to get worse or hold steady?

I imagine if we changed our alias to pr@mozilla.com this would not protect us against someone else doing this?

Justin

Comment 5

[Joel Braddock :jbraddock]

Justin - Dave mentioned to me that we could implement an email check system (SPF, [1]) that would reduce or eliminate these type emails, but there are also drawbacks to this method. One drawback is that it breaks people who forward mail and would take 2-3 weeks of communication to prepare people for the change. 

At this point, I think it would be best if you let me know if the emails increase/decrease in the coming weeks and if they increase, we can create an appropriate action plan. Does this work for you? And you are correct, changing to pr@mozilla.com would not protect against these forged emails.

@Dave - feel free to add to the above if I missed something

[1] http://en.wikipedia.org/wiki/Sender_Policy_Framework