rspamd icon indicating copy to clipboard operation
rspamd copied to clipboard

Published 20 hours ago verified publisher icon rspamd

[BUG] MX_INVALID trigged for every email from genuine Czech free mail - seznam.cz

Open ShaiMagal opened this issue 6 months ago • 3 comments

Prerequisites

  • [X] Put an X between the brackets on this line if you have done all of the following:
    • Read about bug reporting in general: https://rspamd.com/doc/faq.html#how-to-report-bugs-found-in-rspamd
    • Enabled relevant debugging logs: https://rspamd.com/doc/faq.html#how-to-debug-some-module-in-rspamd
    • Checked the FAQs about Core files in case of fatal crash: https://rspamd.com/doc/faq.html#how-to-figure-out-why-rspamd-process-crashed
    • Tried ASAN package and obtained the ASAN report (if possible): https://rspamd.com/doc/faq.html#asan-builds
    • Checked that your issue isn't already filed: https://github.com/issues?utf8=%E2%9C%93&q=is%3Aissue+user%3Arspamd
    • Checked that there is not already an experimental package or master branch

Describe the bug If you send email from [email protected], and you have enabled plugin "mx_check", it will every time trigger like "MX_INVALID". But MX is valid. Changing timeout from 1sec to 30sec (for example), without any impact. Other MX are OK (for example google.com).

Steps to Reproduce

  1. create free mail at seznam.cz
  2. send email to your service, where are you running rspamd
  3. you will see MX_INVALID.

Expected behavior MX_VALID for [email protected] (MX is valid)

Versions

rspamd 3.7.5, Ubuntu 22 TLS

Untitled

MX is valid:

dig MX seznam.cz

; <<>> DiG 9.18.18-0ubuntu0.22.04.1-Ubuntu <<>> MX seznam.cz
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19285
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;seznam.cz.                     IN      MX

;; ANSWER SECTION:
seznam.cz.              2520    IN      MX      20 mx2.seznam.cz.
seznam.cz.              2520    IN      MX      10 mx1.seznam.cz.

;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Mon Jan 01 23:30:23 CET 2024
;; MSG SIZE  rcvd: 78

ShaiMagal avatar Jan 01 '24 22:01 ShaiMagal

It takes a moment for these servers to return a banner so it's necessary to set timeout to some larger than default value (maybe timeout = 2 is good enough).

fatalbanana avatar Jan 01 '24 22:01 fatalbanana

@fatalbanana Like I already wrote at my first post "Changing timeout from 1sec to 30sec (for example), without any impact."

I tried 30sec for testing purposes, and it's same behaviour.

ShaiMagal avatar Jan 02 '24 15:01 ShaiMagal

It worked for me; logs should provide some indication about a reason; redis cache key will need to be deleted for it to really try again.

fatalbanana avatar Jan 02 '24 16:01 fatalbanana