rspamd
rspamd copied to clipboard
[BUG] MX_INVALID trigged for every email from genuine Czech free mail - seznam.cz
Prerequisites
- [X] Put an X between the brackets on this line if you have done all of the following:
- Read about bug reporting in general: https://rspamd.com/doc/faq.html#how-to-report-bugs-found-in-rspamd
- Enabled relevant debugging logs: https://rspamd.com/doc/faq.html#how-to-debug-some-module-in-rspamd
- Checked the FAQs about Core files in case of fatal crash: https://rspamd.com/doc/faq.html#how-to-figure-out-why-rspamd-process-crashed
- Tried ASAN package and obtained the ASAN report (if possible): https://rspamd.com/doc/faq.html#asan-builds
- Checked that your issue isn't already filed: https://github.com/issues?utf8=%E2%9C%93&q=is%3Aissue+user%3Arspamd
- Checked that there is not already an experimental package or master branch
Describe the bug If you send email from [email protected], and you have enabled plugin "mx_check", it will every time trigger like "MX_INVALID". But MX is valid. Changing timeout from 1sec to 30sec (for example), without any impact. Other MX are OK (for example google.com).
Steps to Reproduce
- create free mail at seznam.cz
- send email to your service, where are you running rspamd
- you will see MX_INVALID.
Expected behavior MX_VALID for [email protected] (MX is valid)
Versions
rspamd 3.7.5, Ubuntu 22 TLS
MX is valid:
dig MX seznam.cz
; <<>> DiG 9.18.18-0ubuntu0.22.04.1-Ubuntu <<>> MX seznam.cz
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19285
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;seznam.cz. IN MX
;; ANSWER SECTION:
seznam.cz. 2520 IN MX 20 mx2.seznam.cz.
seznam.cz. 2520 IN MX 10 mx1.seznam.cz.
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Mon Jan 01 23:30:23 CET 2024
;; MSG SIZE rcvd: 78
It takes a moment for these servers to return a banner so it's necessary to set timeout
to some larger than default value (maybe timeout = 2
is good enough).
@fatalbanana Like I already wrote at my first post "Changing timeout from 1sec to 30sec (for example), without any impact.
"
I tried 30sec for testing purposes, and it's same behaviour.
It worked for me; logs should provide some indication about a reason; redis cache key will need to be deleted for it to really try again.