Hi Mark,
On Sat, Jul 09, 2022 at 09:06:55AM -0700, Mark Sapiro wrote:
I can't explain what happened in your case. It seems that somehow the original post was delivered to the -bounces address and parsed by one of the heuristic recognizers (probably simplematch), but how could that happen?
This seems to have been the DSN that caused that bounce score (Exim mainlog):
2022-07-09 12:46:13 1oA9qf-007qVv-2R <= <> R=1oA9qc-007qOx-0T U=Debian-exim P=local S=44941 2022-07-09 12:46:13 1oA9qf-007qVv-2R => users-bounces@mailman.bitfolk.com R=mailman3_router T=mailman3_transport H=127.0.0.1 [127.0.0.1] C="250 Ok" 2022-07-09 12:46:13 1oA9qf-007qVv-2R Completed
The P=local is a local submission, so I think that was generated by Mailman in response to the SMTP reject.
In the smtp.log, mail from list poster came in:
Jul 09 12:46:04 2022 (71509) ('127.0.0.1', 45530) handling connection Jul 09 12:46:04 2022 (71509) ('127.0.0.1', 45530) Data: b'LHLO lists0.bitfolk.com' Jul 09 12:46:04 2022 (71509) ('127.0.0.1', 45530) Data: b'MAIL FROM:<xxxxx@xxxxx.com>' Jul 09 12:46:04 2022 (71509) ('127.0.0.1', 45530) sender: xxxxx@xxxxx.com Jul 09 12:46:04 2022 (71509) ('127.0.0.1', 45530) Data: b'RCPT TO:<users@mailman.bitfolk.com>' Jul 09 12:46:04 2022 (71509) ('127.0.0.1', 45530) recip: users@mailman.bitfolk.com Jul 09 12:46:04 2022 (71509) ('127.0.0.1', 45530) Data: b'DATA' Jul 09 12:46:04 2022 (71509) ('127.0.0.1', 45530) Data: b'QUIT' Jul 09 12:46:04 2022 (71509) ('127.0.0.1', 45530) connection lost Jul 09 12:46:04 2022 (71509) Connection lost during _handle_client()
Over in Exim's mainlog I then see that delivered out to list members. One of them rejects it at SMTP time, which I think causes this:
Jul 09 12:46:13 2022 (71509) Available AUTH mechanisms: LOGIN(builtin) PLAIN(builtin) Jul 09 12:46:13 2022 (71509) Peer: ('127.0.0.1', 35440) Jul 09 12:46:13 2022 (71509) ('127.0.0.1', 35440) handling connection Jul 09 12:46:13 2022 (71509) ('127.0.0.1', 35440) Data: b'LHLO lists0.bitfolk.com' Jul 09 12:46:13 2022 (71509) ('127.0.0.1', 35440) Data: b'MAIL FROM:<>' Jul 09 12:46:13 2022 (71509) ('127.0.0.1', 35440) sender: <> Jul 09 12:46:13 2022 (71509) ('127.0.0.1', 35440) Data: b'RCPT TO:<users-bounces@mailman.bitfolk.com>' Jul 09 12:46:13 2022 (71509) ('127.0.0.1', 35440) recip: users-bounces@mailman.bitfolk.com Jul 09 12:46:13 2022 (71509) ('127.0.0.1', 35440) Data: b'DATA' Jul 09 12:46:13 2022 (71509) ('127.0.0.1', 35440) Data: b'QUIT' Jul 09 12:46:13 2022 (71509) ('127.0.0.1', 35440) connection lost Jul 09 12:46:13 2022 (71509) Connection lost during _handle_client()
…and I think that bounce message somehow incremented the bounce score for andy@bitfolk.com even though that address was only present in the original post's Cc: and body.
Is there a good way to further debug this? Maybe by being able to see the full content of the DSNs that Mailman generates?
I think I've seen this before in the last couple of weeks so I'm sure it'll crop up again soon. I've seen it mention about bounce score for users-leave before, but I only really paid attention today when it also listed my own address.
Thanks, Andy