[Haskell-cafe] Missing messages in the ML

Viktor Dukhovni ietf-dane at dukhovni.org
Mon Nov 22 08:10:46 UTC 2021 

On Mon, Nov 22, 2021 at 07:33:43AM +0000, Tom Smeding wrote:

> I got at least one message from Tom Ellis in the Logging conversation,
> one from Joachim Durchholz, and some more. I'm definitely not included
> in the conversation personnally.
> 
> I have no idea what might be going wrong, but I think it's not
> forgetting to reply to all.

[ TL;DR haskell.org DNS is misconfigured ]

I guess I can put my SMTP/DNS guru hat on and explain what is happening.
Here's some (cryptic) data from my logs:

    Nov 22 01:42:13 straasha postfix/smtpd[52426]:
        disconnect from unknown[145.40.99.54]
        ehlo=2 starttls=1 mail=1
-->     rcpt=0/1 data=0/1 rset=1 quit=1 commands=6/8

    Nov 22 02:19:13 straasha postfix/smtpd[52686]:
        disconnect from unknown[2604:1380:4641:a100::5]
        ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7

    Nov 22 02:35:10 straasha postfix/smtpd[53049]:
        disconnect from unknown[2604:1380:4641:a100::5]
        ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7

    Nov 22 02:42:51 straasha postfix/smtpd[53100]:
        disconnect from unknown[145.40.99.54]
        ehlo=2 starttls=1 mail=1
-->     rcpt=0/1 data=0/1 rset=1 quit=1 commands=6/8

The first and last message were rejected: "rcpt=0/1, data=0/1" mean that
"RCPT TO" and "DATA" commands were refused.  The middle two messages
were accepted.

The reason is DNS misconfiguration of the of mta1.haskell.org:

    $ set -- mta1.haskell.org misc-services-origin-migration.haskell.org
    $ brief() { dig +noall +ans +nocl +nottl "$@"; }
    $ echo; for fwd; do brief -t a $fwd; brief -t aaaa $fwd; done

    mta1.haskell.org.	A	145.40.99.54

    $ brief() { dig +noall +ans +nocl +nottl "$@"; }
    $ set -- 145.40.99.54 2604:1380:4641:a100::5
    $ echo; for rev; do brief -t ptr -x $rev; done

    5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.a.1.4.6.4.0.8.3.1.4.0.6.2.ip6.arpa. PTR misc-services-origin-migration.haskell.org.

Only the IPv6 address has a PTR record, and even then it does not
forward resolve.  SMTP clients with no PTR records are routinely refused
service.  My mail server tolerates lack of forward mappings, but the PTR
is required.

The correct DNS configuration would be:

    forward zone:
        mta1.haskell.org.   A       145.40.99.54
        mta1.haskell.org.   AAAA    2604:1380:4641:a100::5

    reverse IPv6 zone
        5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.a.1.4.6.4.0.8.3.1.4.0.6.2.ip6.arpa. PTR mta1.haskell.org.

    reverse IPv4 zone
        54.99.40.145.in-addr.arpa. PTR mta.haskell.org.

-- 
    Viktor.

More information about the Haskell-Cafe mailing list