Closed Bug 929526 Opened 11 years ago Closed 11 years ago

RITM0021108 - Receiving undeliverable mail from press@mozilla.com

Categories

(Infrastructure & Operations :: Infrastructure: Mail, task)

Product:
Infrastructure & Operations
Component:
Infrastructure: Mail
Platform:
x86
macOS
Type:
task
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: jbraddock, Unassigned)

Details

From Justin OKelly, ServiceNow request: "Mike Manning, Shannon Prior and I are all getting lots of 'mail undelivered' notices today to addresses we never consciously emailed. Not sure if this is a system wide problem but would love to know!" From looking at the bounce back emails, it looks like press@mozilla.com is in some way black-listed on a mail server list: -- Taken from "Returned mail: see transcript for details" email in Justin OKelly's inbox: while talking to gmail-smtp-in.l.google.com.: >>> DATA <<< 550-5.7.1 [2001:380:140:0:a800:dbff:fea6:6aa 12] Our system has detected <<< 550-5.7.1 that this message is likely unsolicited mail. To reduce the amount of <<< 550-5.7.1 spam sent to Gmail, this message has been blocked. Please visit <<< 550-5.7.1 http://support.google.com/mail/bin/answer.py?hl=en&answer=188131 for <<< 550 5.7.1 more information. e5si7328650pbj.98 - gsmtp 554 5.0.0 Service unavailable -- Bumping this bug to major since Mozilla press is going to hold on sending any additional emails until this is resolved.
Header info from "Returned mail: see transcript for details" email in Justin OKelly's inbox: --Return-Path: press-bounces@mozilla.org Received: from zmmta2.mail.corp.phx1.mozilla.com (LHLO zmmta2.mail.corp.phx1.mozilla.com) (10.20.77.30) by zmmbox2.mail.corp.phx1.mozilla.com with LMTP; Mon, 21 Oct 2013 10:43:16 -0700 (PDT) Received: from zmmta2.mail.corp.phx1.mozilla.com (localhost6.localdomain [127.0.0.1]) by zmmta2.mail.corp.phx1.mozilla.com (Postfix) with ESMTP id A0838102154; Mon, 21 Oct 2013 10:43:16 -0700 (PDT) Received: from mail.mozilla.org (zlb1.mail.corp.phx1.mozilla.com [10.20.77.200]) by zmmta2.mail.corp.phx1.mozilla.com (Postfix) with ESMTP id 967A3102011; Mon, 21 Oct 2013 10:43:16 -0700 (PDT) Received: from mailman1.mail.corp.phx1.mozilla.com (localhost6.localdomain [127.0.0.1]) by mailman1.mail.corp.phx1.mozilla.com (Postfix) with ESMTP id 92E7AF241C; Mon, 21 Oct 2013 10:43:16 -0700 (PDT) X-Original-To: press@mozilla.org Delivered-To: press@mailman1.mail.corp.phx1.mozilla.com Received: from zmmta1.mail.corp.phx1.mozilla.com (zmmta1.mail.corp.phx1.mozilla.com [10.20.77.21]) by mailman1.mail.corp.phx1.mozilla.com (Postfix) with ESMTP id E8068F218D for <press@mozilla.org>; Mon, 21 Oct 2013 10:43:14 -0700 (PDT) Received: from zmmta1.mail.corp.phx1.mozilla.com (localhost6.localdomain [127.0.0.1]) by zmmta1.mail.corp.phx1.mozilla.com (Postfix) with ESMTP id D26CB10644A; Mon, 21 Oct 2013 10:43:14 -0700 (PDT) Received: from psmtp.com (exprod5mx268.postini.com [64.18.0.91]) by zmmta1.mail.corp.phx1.mozilla.com (Postfix) with ESMTPS id 23CA0106407 for <press@mozilla.com>; Mon, 21 Oct 2013 10:43:14 -0700 (PDT) Received-SPF: none (google.com: madoka.ootani.nagata.kobe.jp does not designate permitted sender hosts) client-ip=219.166.6.170; Received: from madoka.ootani.nagata.kobe.jp ([219.166.6.170]) (using TLSv1) by exprod5mx268.postini.com ([64.18.4.10]) with SMTP; Mon, 21 Oct 2013 13:43:14 EDT Received: from localhost (localhost) by madoka.ootani.nagata.kobe.jp (8.14.7/8.12.11/OOTANI-NAGATA-JM3SPA-MANGAJIAN(200509161203))/inet id r9LHhClx020314; Tue, 22 Oct 2013 02:43:12 +0900 (JST) (envelope-from MAILER-DAEMON) Date: Tue, 22 Oct 2013 02:43:12 +0900 (JST) From: Mail Delivery Subsystem <MAILER-DAEMON@madoka.ootani.nagata.kobe.jp> Message-Id: <201310211743.r9LHhClx020314@madoka.ootani.nagata.kobe.jp> To: <press@mozilla.com> MIME-Version: 1.0 Subject: Returned mail: see transcript for details Auto-Submitted: auto-generated (failure) X-pstn-neptune: 0/0/0.00/0 X-pstn-levels: (S:61.41030/99.90000 CV:99.9000 FC:95.5390 LC:95.5390 R:95.9108 P:95.9108 M:97.0282 C:98.6951 ) X-pstn-dkim: 0 skipped:not-enabled X-pstn-settings: 5 (2.0000:2.0000) s cv gt4 gt3 gt2 gt1 r p m c X-pstn-addresses: from <MAILER-DAEMON@madoka.ootani.nagata.kobe.jp> [140/6] X-BeenThere: press@mozilla.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: <press.mozilla.org> List-Unsubscribe: <https://mail.mozilla.org/options/press>, <mailto:press-request@mozilla.org?subject=unsubscribe> List-Archive: <https://mail.mozilla.org/private/press/> List-Post: <mailto:press@mozilla.org> List-Help: <mailto:press-request@mozilla.org?subject=help> List-Subscribe: <https://mail.mozilla.org/listinfo/press>, <mailto:press-request@mozilla.org?subject=subscribe> Content-Type: multipart/mixed; boundary="===============5759858054041699057==" Errors-To: press-bounces@mozilla.org Sender: "Press" <press-bounces@mozilla.org> This is a MIME-encapsulated message --===============5759858054041699057== Content-Type: multipart/report; report-type=delivery-status; boundary="r9LHhClx020314.1382377392/madoka.ootani.nagata.kobe.jp" Content-Transfer-Encoding: 8bit This is a MIME-encapsulated message --r9LHhClx020314.1382377392/madoka.ootani.nagata.kobe.jp The original message was received at Tue, 22 Oct 2013 02:43:09 +0900 (JST) from [110.205.34.216] ----- The following addresses had permanent fatal errors ----- hajime.morito@gmail.com (reason: 550-5.7.1 [2001:380:140:0:a800:dbff:fea6:6aa 12] Our system has detected) (expanded from: <hajime@morito.org>) ----- Transcript of session follows ----- ... while talking to gmail-smtp-in.l.google.com.: >>> DATA <<< 550-5.7.1 [2001:380:140:0:a800:dbff:fea6:6aa 12] Our system has detected <<< 550-5.7.1 that this message is likely unsolicited mail. To reduce the amount of <<< 550-5.7.1 spam sent to Gmail, this message has been blocked. Please visit <<< 550-5.7.1 http://support.google.com/mail/bin/answer.py?hl=en&answer=188131 for <<< 550 5.7.1 more information. e5si7328650pbj.98 - gsmtp 554 5.0.0 Service unavailable --r9LHhClx020314.1382377392/madoka.ootani.nagata.kobe.jp Content-Type: message/delivery-status Reporting-MTA: dns; madoka.ootani.nagata.kobe.jp Received-From-MTA: DNS; [110.205.34.216] Arrival-Date: Tue, 22 Oct 2013 02:43:09 +0900 (JST) Final-Recipient: RFC822; hajime@morito.org X-Actual-Recipient: RFC822; hajime.morito@gmail.com Action: failed Status: 5.7.1 Remote-MTA: DNS; gmail-smtp-in.l.google.com Diagnostic-Code: SMTP; 550-5.7.1 [2001:380:140:0:a800:dbff:fea6:6aa 12] Our system has detected Last-Attempt-Date: Tue, 22 Oct 2013 02:43:12 +0900 (JST) --r9LHhClx020314.1382377392/madoka.ootani.nagata.kobe.jp Content-Type: message/rfc822 Content-Transfer-Encoding: 8bit Return-Path: <press@mozilla.com> Received: from mozilla.com ([110.205.34.216]) by madoka.ootani.nagata.kobe.jp (8.14.7/8.12.11/OOTANI-NAGATA-JM3SPA-MANGAJIAN(200509161203)) with ESMTP/inet id r9LHfOm0027300 for <hajime@morito.org>; Tue, 22 Oct 2013 02:43:09 +0900 (JST) (envelope-from press@mozilla.com) Message-Id: <201310211743.r9LHfOm0027300@madoka.ootani.nagata.kobe.jp> From: "fathmq981" <press@mozilla.com> Subject: =?GB2312?B?s8m5prXEsvrGt76twO0xMzk5Mjg=?= To: "hajime" <hajime@morito.org> Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: 8bit Date: Tue, 22 Oct 2013 01:42:49 +0800 X-Mailer: Foxmail 4.1 [cn] ������������������������������������������������������������������������������������ �ɹ��IJ�Ʒ���� 2013��10��25-26��[����]��10��28-29��[�Ϻ�]��10��31-11��1��[����] ������������������������������������������������������������������������������������ ����ѵ������ҵCEO/�ܾ������з��ܾ���/���ܡ���˾�ܹ�/�����ܼࡢ ��˾������Դ�� �ࡢ��Ʒ���ܼࡢ��Ʒ����/��Ŀ������PMO����Ŀ�����칫�ң���Ա���г��� �ࡢ����֧���ܼ�ȡ� ����ѵ���á�4300Ԫ/���� ������ͬһ���µ�ͬһ�γ̲����д��Żݣ�����һ���շ�2800Ԫ�� ���������в͡�ָ���̲ġ�֤�顢��㣩 ������ѯ��0755-61283071 021-51619667 186-2763-1286�� ������������������������������������������������������������������������������������ ���γ̱����� ��Ϊ���ںܶ�Ƽ���ҵ����Ĺ����У�������ҵ���ձ�����������⣺ ? ��Ʒ���������쳵��ֻ��ע����������ע�ͻ����з�����æ��������Ʒ�����IJ��٣���׬Ǯ �IJ�Ʒ��ָ���� ? ��Ʒ�����������ҿͻ��������㣬������Ա��Թ���ǵIJ�Ʒ����̥�г��������ڵ����ϣ��� Ʒû�����ƣ�Ҳ��֪���������ֲ�Ʒ�����㣬�����Dz�Ʒ����������������ץס ? ����û�в�Ʒ·��Ĺ滮���й滮Ҳ��Ҫ�Ǽ����������ͻ����
That's forged mail. Someone is "Joe Jobbing" you. There is nothing we can do about this, it's just how email works. http://en.wikipedia.org/wiki/Joe_job
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → INVALID
Thanks Dave! Justin - I checked all of the other undeliverable email that you forwarded to me and those received by press@mozilla.com and all were forged emails (same as Dave mentioned above). After speaking with Dave, there is unfortunately little that we can do to avoid these types of undeliverable emails. What I would like for the team to do is to keep me informed on if these emails are becoming more or less frequent with time. Bottom line is these emails are not valid and are nothing to worry about.
Resolution: INVALID → FIXED
Thanks Joel and Dave. Understood re the outcome. When you say there is little we can do, do you mean there's nothing we can do? I am concerned that this situation could get worse and we might end up wasting time deleting bunches of emails. Is there any way to know whether it's going to get worse or hold steady? I imagine if we changed our alias to pr@mozilla.com this would not protect us against someone else doing this? Justin
Justin - Dave mentioned to me that we could implement an email check system (SPF, [1]) that would reduce or eliminate these type emails, but there are also drawbacks to this method. One drawback is that it breaks people who forward mail and would take 2-3 weeks of communication to prepare people for the change. At this point, I think it would be best if you let me know if the emails increase/decrease in the coming weeks and if they increase, we can create an appropriate action plan. Does this work for you? And you are correct, changing to pr@mozilla.com would not protect against these forged emails. @Dave - feel free to add to the above if I missed something [1] http://en.wikipedia.org/wiki/Sender_Policy_Framework
Resolution: FIXED → INVALID
You need to log in before you can comment on or make changes to this bug.