Jump to content
Sign in to follow this  
jhatala

[Resolved] "204.15.80.50" missing from SPF record for "bounces.spamcop.net"

Recommended Posts

The SPF record for bounces.spamcop.net is:

$ host -t TXT bounces.spamcop.net

bounces.spamcop.net descriptive text "v=spf1 ip4:204.15.82.0/24 ip4:216.154.195.32/27 -all"

spamcop was trying to send me one of the spam report confirmations from the server [204.15.80.50] (calling itself "sc-smtp9.soma.ironport.com"), which is not in the list of IP blocks in the SPF record.

The end result was that my mail server rejected that email as instructed by the -all, and the reporting page of SC now greets me with a "Bounce error".

2007-11-16 12:42:07 H=204-15-80-50.ironport.com (sc-smtp9.soma.ironport.com) [204.15.80.50] rejected MAIL <spamid.XXXXXXXX[at]bounces.spamcop.net>: XXXXXXXXXX: domain of bounces.spamcop.net does not designate 204.15.80.50 as permitted sender

Would you guys mind updating the SPF record?

Share this post


Link to post
Share on other sites

This has nothing to do with the "MailHost Configuration of your Reporting Account" .. moving to the Reporting Help Forum section.

This is something that none of the volunteers can actually handle. You've pointed out that the maintainers of the IronPort servers need to take action on this. To put it bluntly, IronPort staff does not make its presence known here. So the way to handle this is to contact SpamCop.net staff themselves so they can pass on the request. How to 'contact official/staff' is documented in numerous places.

Share this post


Link to post
Share on other sites
Would you guys mind updating the SPF record?
We're aware of the SPF and rDNS problems with the four new SpamCop servers we just installed. A trouble ticket has been opened on the issue.

If necessary, you can contact me directly at service[at]admin.spamcop.net

Wazoo could have easily told you that, but for some reason, he didn't. I'm sorry that he couldn't see his way clear to be more helpful than he was.

- Don D'Minion - SpamCop Admin -

Share this post


Link to post
Share on other sites
...Wazoo could have easily told you that, but for some reason, he didn't. I'm sorry that he couldn't see his way clear to be more helpful than he was.
He's busy, not unhelpful. Perhaps he was confident one of the moderators would do that for him, or contact you on the O/P's behalf. As I did (that is, I emailed you, pointing "here"). Within an hour of Wazoo's post IIRC (from another location). Teamwork.

Share this post


Link to post
Share on other sites
He's busy, not unhelpful.
Sorry, I'm not buying any of that. It took longer to tell the user to go find the staff addresses than it would have to simply provide the proper addresses, which Wazoo knows without having to look them up. It's just another example of pushing the user around instead of actually answering the question. Not cool!

- Don D'Minion - SpamCop Admin -

Share this post


Link to post
Share on other sites
...Sorry, I'm not buying any of that. ...
That's a pity - but thanks for the response (over the weekend too!) on the O/P's issue. That's my principal concern/all that really matters from my point of view.

Share this post


Link to post
Share on other sites
We're aware of the SPF and rDNS problems with the four new SpamCop servers we just installed. A trouble ticket has been opened on the issue.

If necessary, you can contact me directly at service[at]admin.spamcop.net

Wazoo could have easily told you that, but for some reason, he didn't. I'm sorry that he couldn't see his way clear to be more helpful than he was.

Rather laughing my ass off at this .... there is "we" and there is "us" .... "we" sure didn't get a heads-up on this. There is nothing posted into the newsgroups as a heads-up, there is nothing 'here' as far as an announcement.

Let's put this blame where it belongs .. those who "knew" about the issue didn't bother to make it known.

If you'd read what transpired, post was moved from where it was wrongly posted. As I recollect, the thought was to do some reseach onto just what was going on with the servers/SPF records .... real-life happened. Phone-call came in, ended up racing the ambulance to the hospital, next many hours spent outside the ER/OR ..... pushing people around ??? geezeus ...

Share this post


Link to post
Share on other sites

I emailed Don at 6:49 am about this post. Since I had already emailed him, I didn't take the time to reply to the OP's post figuring that several emails on the same subject would not help. I would have told the OP I had done that, but am unsure of what Don would think of the propriety of announcing publicly that a user emailed him on the behalf of another user and, of whether he would be working on the weekend. If Don didn't answer promptly, then it would make him look bad which I would not want to do.

This isn't my job. I just try to be helpful. Like Wazoo, I had a full day ahead - though, a fun experience unlike his - we packed 84 boxes to send to local troops deployed in Iraq and 19 more boxes to local troops who are deployed around the world!

As a matter of fact, telling the OP that he could contact the correct person by looking for the address on the forum is, in a way, more helpful to future users than giving the address. Depending on the problem, there are several people to email. Looking at the list might give future users a hint that a question to the right person would get answered faster than just using an email address found in a post. It all depends on how volunteers look at it - and how much time is at their disposal - when they read a post. Volunteers have a different perspective than those who are paid to respond to questions.

Miss Betsy

Share this post


Link to post
Share on other sites
I emailed Don at 6:49 am about this post. Since I had already emailed him, I didn't take the time to reply to the OP's post figuring that several emails on the same subject would not help. I would have told the OP I had done that, but am unsure of what Don would think of the propriety of announcing publicly that a user emailed him on the behalf of another user and, of whether he would be working on the weekend. If Don didn't answer promptly, then it would make him look bad which I would not want to do.
In retrospect I might have PM'd the O/P to let him know I'd sent an email - but figured it wouldn't hurt for him to do the work for himself. Second-guessing what others might make of what action just too much of a waste of time to agonize over it.
This isn't my job. I just try to be helpful. Like Wazoo, I had a full day ahead - though, a fun experience unlike his - we packed 84 boxes to send to local troops deployed in Iraq and 19 more boxes to local troops who are deployed around the world!
Hey, that's neat. Don't know if "our" RC do the same - they're not publicizing it if they do - http://www.redcross.org.au/ourservices_acr...ces_default.htm - must find out. Worked most of the weekend myself. Deadlines (some of which have been missed). No time to give much attention anywhere outside of that. Neglected family would have to be first in line.

Share this post


Link to post
Share on other sites
"we" sure didn't get a heads-up on this. There is nothing posted into the newsgroups as a heads-up, there is nothing 'here' as far as an announcement.
Adding four new servers to the farm is invisible to the users. It's not an "issue" that requires notice because there was no system downtime or delays involved. No notice was needed.

The problem is that the engineers didn't quite get all the details finished. They forgot to update the SPF and DNS records. That wasn't a "Planned Error," is was just a mistake. I knew about it and had already taken action before Miss Betsy and Farelf wrote to me.

real-life happened. Phone-call came in, ended up racing the ambulance to the hospital
I'm sorry to hear that! I hope everything came out OK.

next many hours spent outside the ER/OR .....
Yet you still had time to type up the instructions to tell the user to go look up the staff addresses himself. It would have been quicker to simply give him my address. You know that. I know that, Everybody knows that. There is no point in denying it.

pushing people around ??? geezeus ...
Yes! Exactly! That's what you're doing when you tell people to go look it up themselves instead of giving them a straight answer. This "Teaching Them to Fish" business is for third graders and third world countries, not for users in the support forums. If you feel compelled to point people to the FAQs for information, do it *AFTER* you answer their question.

- Don D'Minion - SpamCop Admin -

Share this post


Link to post
Share on other sites
Adding four new servers to the farm is invisible to the users. It's not an "issue" that requires notice because there was no system downtime or delays involved. No notice was needed.

The problem is that the engineers didn't quite get all the details finished. They forgot to update the SPF and DNS records. That wasn't a "Planned Error," is was just a mistake. I knew about it and had already taken action before Miss Betsy and Farelf wrote to me.

OK, I'll continue the disruption I asked you not to do ....

The way I read the "story" ....

"we" added some servers - should have been "invisible to the users"

"we" made some mistakes

"I" knew about it

"I" decided not to pass this data on, put up a notice that some users could be impacted, let other folks in the act of trying to help other users, provide answers, etc., know that there was an issue .. be it temporary

"I" decide to change the focus of a user's query into pointing out that Wazoo does not do things the way Don does them.

While "I" am doing that, I'll also ignore all the other user queries that might actually need "my" input, as "I" know that the Forum Volunteers don't have the inside access needed to explain what's actually happening on/in the Parsing & Reporting System.

"I" will ignore the fact that the Forum is not e-mail .. a one-on-one scenario .... that other and future folks will stumble across a lot of the data in Forum Topics/Discussion via search engine results (noting that no one knows if there's any work going on to 'fix' the "Official" Help page search function or not ..???)

"I" will ignore the fact that the How to contact 'Official' help exists in over a dozen places, linked to by direct titles, Bold titles, colored titles, not to mention the hundreds upon hundreds of existing Topics/Discussions/Posts .....

There's a whole different concept of "working together" going on there. Using "my" defintion of "we" .. had "we" known about the issue, this post probably would not have even been made because 'someone' would have posted an Announcement that there was in fact a current issue with the Parsing & Reporting System.

That's what you're doing when you tell people to go look it up themselves instead of giving them a straight answer. This "Teaching Them to Fish" business is for third graders and third world countries, not for users in the support forums.

That's actually hilarious .... I am continually teaching people "how" to use tools like search engines, how to branch out and find definitions for words in those results that aren't understood, how to dig deeper until they can actually find a result that is 'understandable' .... For instance, the panic phone calls about a 'virus alert' ... the 'answer' really doesn't help if the discussion is limited to "that specific imstance" .. much better to 'learn' how to do research on if the virus alert is real, what virus it is, where to go look for removal intructions (if they exist), what 'damage' to expect, how it got loaded onto their system, etc., etc., etc. Again, stuff I do on basically a daily basis. As you continue to point out, this is a completely different philosophy between you and I ... yet not deserving of all this wasted time, effort, and energy.

Sure, I live in Iowa, but most folks don't consider that to be a third-world location.

This off-topic crap is not appreciated in the public-access sections of this Forum. I ask you again to focus your time and energies on answering user queries instead of looking for 'Wazoo posts' to vent your issues upon.

Share this post


Link to post
Share on other sites
Don't know if "our" RC do the same - they're not publicizing it if they do - http://www.redcross.org.au/ourservices_acr...ces_default.htm - must find out. Worked most of the weekend myself. Deadlines (some of which have been missed). No time to give much attention anywhere outside of that. Neglected family would have to be first in line.

It's not the Red Cross. The Red Cross supports community based military support groups and gives us support, but we are a separate organization. I wear two hats - I am a Red Cross Armed Forces Emergency Services volunteer, but I am also part of this other group. Part of the reason the Red Cross doesn't do packages is because of privacy laws, but my group is composed of families so we don't have that problem.

There was a time when I wouldn't have been able to do it either, but that's the way it has worked out at this time. Enjoy your work & family now!

Miss Betsy

Share this post


Link to post
Share on other sites
<snip> That's what you're doing when you tell people to go look it up themselves instead of giving them a straight answer. This "Teaching Them to Fish" business is for third graders and third world countries, not for users in the support forums. If you feel compelled to point people to the FAQs for information, do it *AFTER* you answer their question.

The point is that we are simply users. Wazoo thinks that encouraging people to use the FAQ /is/ helpful. I don't agree, but if I had answered this post, I would have said the same thing because it is NOT easier for me to remember the correct email or to find the link to the FAQ and like Wazoo, I think saying that the information is available if you look for it, is better than no answer at all, and is possibly helpful for future questioners who may really need one of the other email addresses available or who would be better off using the web form.

When we had a public discussion before about this, there were a couple of others who felt that saying the answer is in the FAQ was not 'kind', but since this is a user forum, there is plenty of opportunity for them to add their input. If someone doesn't like the way Wazoo answers, s/he can always answer the post the way they think it should be answered. Since the OP has not expressed an opinion yet, IMHO, those who are 'insulted' by Wazoo are generally arrogant and lazy - or so frustrated that no matter how 'kind' the answer is, if it doesn't solve their problem, they will get upset. The latter eventually calm down and find that Wazoo is a very good troubleshooter. If I were being paid for answering, I might have to learn to cope with the former, but since I am not, if they don't want my help, it's not my problem, it's theirs.

One of the recommendations for ngs and forums is to lurk a while to see the 'personality' It's a good one and one I actually found on my own. While I have a lot of empathy for people who can't find anything in a FAQ, I have no sympathy for those who get insulted by Wazoo's comments.

Now I have another kids' saying "it's your issue, your tissue" - not that I would ever use it pointedly, but that's how I feel about those who don't calm down - especially after others chime in with different advice. You may champion them, if you wish, but I don't agree with you any more than I agree with Wazoo that it is useful to point out that answers can be found in the FAQ. IMHO, you are both wasting your time. Arrogant and lazy people are still going to expect someone else to 'fix' their problem for them. Some people just don't have the aptitude to find the answer in the FAQ no matter how many times you tell them.

Miss Betsy

Share this post


Link to post
Share on other sites

Well, the O/P has not logged in again since posting (may have checked as a guest). Possibly confident that having raised the issue and documented it he could leave it in SC's "capable hands". Well, that has been the net effect though maybe notification about the server setup would have saved him the bother.

But that seems unlikely in this case - most infrequent visitors are going to hop into either the NGs or these forums from the SC help pages and it won't be reasonable to expect them all to hunt around for existing answers or resources. As in this case - a simple enough "here's your problem, it is causing me problems, you fix it, thanks" - it has to be just that quick and easy in such an eventuality. Well, we try and if our efforts aren't up to SC's standards then the solution is evident.

Certainly some notification would have avoided some or all of the ensuing discourse. Which was not all conflict and difference, well, not in the O/T parts (thanks Miss Betsy).

Share this post


Link to post
Share on other sites

But there is a 'ticket' in about it so there is nothing more to do. Unless, of course, it goes on for weeks and weeks in which case the only thing for anyone to do is to request the deputies to follow up on their 'ticket.'

Miss Betsy

Share this post


Link to post
Share on other sites
But there is a 'ticket' in about it so there is nothing more to do. Unless, of course, it goes on for weeks and weeks in which case the only thing for anyone to do is to request the deputies to follow up on their 'ticket.'

I just find it odd that the only "public disclosure" of the issue is here in this Topic .....

Share this post


Link to post
Share on other sites
I just find it odd that the only "public disclosure" of the issue is here in this Topic .....

(OT retort follows) Well, maybe they were taught the same lessons about admitting errors as "The Decider" and some of his minions. :P

DT

Share this post


Link to post
Share on other sites

Actually, Don has replied in the newsgroup. He says that he has been following up on the ticket, but that he hasn't gotten a reply yet.

a comment on the situation from user name Garen Erdoisa in the ngs:

Just a comment: In the future, as a suggestion I would make updating the

SPF record part of a checklist item that must be signed off on before a

new mail sending server goes live. Also add that the time to live (TTL)

on the DNS entry needs enough time to propagate. The TTL for this

particular record is 48 hours which it can remain in DNS caches around

the internet. Problems like this can be avoided if you use checklists.

Until the SPF entry is updated and propagated, I would take the servers

off line so they don't cause problems. I too had to reset a bounce flag

on my spamcop reporting account last night, which was quite probably

because of this. Can't tell for sure if that was the cause though,

because my server rejects messages that fail an SPF check.

Another thought, SpamBouncer - (a procmail based spam filter), for

example uses SPF records on occasion as a data source for white listing

certain sites such as SpamCop within the filter's hard code. I happen to

know this because I wrote that section of code at part of the

handshaking that takes place between the SpamBouncer and SpamCop.

SpamBouncer can be user configured to auto-submit email that meets

certain criteria to SpamCop. If you make a change like this which may

affect a spam filter's internal whitelist, or that may affect that

handshaking process between the filter and SpamCop for the distributed

spam filter feeds, you may also want to make a checklist item to send a

notification email to the filter maintainers so the internal whitelists

can be updated, or changes in the handshaking can be accommodated in the

filters.

Miss Betsy

Share this post


Link to post
Share on other sites

DNS records fixed for four new servers, as mentioned in

Update: sc-smtp[7-10]-inbound.soma.ironport.com are now visible via akamai.
Now, I have no idea how/whether this affects the SPF question:
;; ANSWER SECTION:

bounces.spamcop.net. 172800 IN TXT "v=spf1 ip4:204.15.82.0/24 ip4:216.154.195.32/27 -all"

;; AUTHORITY SECTION:

spamcop.net. 165167 IN NS asia3.akam.net.

spamcop.net. 165167 IN NS ns1-11.akam.net.

spamcop.net. 165167 IN NS ns1-73.akam.net.

spamcop.net. 165167 IN NS ns1-90.akam.net.

spamcop.net. 165167 IN NS ns1-93.akam.net.

spamcop.net. 165167 IN NS ns1-109.akam.net.

spamcop.net. 165167 IN NS ns1-117.akam.net.

spamcop.net. 165167 IN NS use1.akam.net.

Help ...

Share this post


Link to post
Share on other sites

The DNS and SPF problems have been fixed. All we can do now is wait for the info to propagate. It shouldn't take long.

- Don D'Minion - SpamCop Admin -

Share this post


Link to post
Share on other sites
The DNS and SPF problems have been fixed. All we can do now is wait for the info to propagate. It shouldn't take long.
Thanks Don.

Share this post


Link to post
Share on other sites

SPF now promulgated (on my check):

H:\>NSLOOKUP

Default Server: x

Address: x

> set type=txt

> bounces.spamcop.net

Server: x

Address: x

Non-authoritative answer:

bounces.spamcop.net text =

"v=spf1 ip4:204.15.80.0/22 ip4:216.154.195.32/27 -all"

>

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×