outgoing mail failure - SPF fail

General

Additional Info

General

Additional Info

Description

Hi,

When adding a reviewer to a patch on gerrit, I get an email:

The original message was received at Mon, 31 Oct 2016 05:07:32 -0400
from gerrit.ovirt.org [127.0.0.1]

The following addresses had permanent fatal errors -----
<sbonazzo@redhat.com>
(reason: 551 5.7.1 SPF fail: 'gerrit.ovirt.org'[107.22.212.69],
'redhat.com'; REJECT)

Transcript of session follows -----
... while talking to mx1.redhat.com.:
>>> DATA
<<< 551 5.7.1 SPF fail: 'gerrit.ovirt.org'[107.22.212.69], 'redhat.com'; REJECT
550 5.1.1 <sbonazzo@redhat.com>... User unknown
<<< 554 5.5.1 Error: no valid recipients

Final-Recipient: RFC822; sbonazzo@redhat.com
Action: failed
Status: 5.7.1
Remote-MTA: DNS; mx1.redhat.com
Diagnostic-Code: SMTP; 551 5.7.1 SPF fail:
'gerrit.ovirt.org'[107.22.212.69], 'redhat.com'; REJECT
Last-Attempt-Date: Mon, 31 Oct 2016 05:07:33 -0400

Please check/handle. Thanks.
–
Didi

Activity

Show:

Former user November 2, 2016 at 4:58 PM

Hi @Former user, I've got some requests from developers on whether it's possible tho use the author's name in the subject of the email while using the ovirt email address to comply to SPF rules. Would that be possible?

Example:

before:
From: John Doe <john@doe.com>

currently:
From: Code Review <gerrit@ovirt.org>

requested:
From: John Doe <gerrit@ovirt.org>

Former user November 1, 2016 at 9:23 AM

I've updated the email section in gerrit server with the following change:
replaced from: from = USER
replaced to: from = Code Review <gerrit@ovirt.org>

Marc Dequènes (Duck) October 31, 2016 at 3:55 PM

Summary from the mail thread follows.

Gerrit spoof the sender of notifications using the user's address. But Gerrit is not allowed to send mails from any domain due to SPF policy. The Red Hat policy is getting stricter, and other companies also do so, so we need to change this behavior.

According to:
https://review.openstack.org/Documentation/config-gerrit.html#sendemail
I suggested we could update the sendemail.from setting with the wanted address
instead of USER. I never touched this software so maybe someone more familiar could do the change if it looks ok. Also we need to schedule this to avoid bothering people.

Evgheni suggested using automation@ovirt.org as From.

Moreover, to be able to send from the oVirt domain the SPF settings in DNS was changed.

Eyal Edri October 31, 2016 at 9:35 AM

We already got a few reports on this, @Marc Dequènes (Duck)@Former user can you have a look?

Fixed

Details
Assignee
Former user(Deactivated)
Reporter
Yedidyah Bar David(Deactivated)
Priority
Medium
Parent
OVIRT-403 oVirt infra services maintenance and upgrades

Created October 31, 2016 at 9:16 AM

Updated November 29, 2016 at 12:18 PM

Resolved November 1, 2016 at 1:56 PM

outgoing mail failure - SPF fail

Description

Activity

Former user November 2, 2016 at 4:58 PM

Former user November 1, 2016 at 9:23 AM

Marc Dequènes (Duck) October 31, 2016 at 3:55 PM

Eyal Edri October 31, 2016 at 9:35 AM

Details
Assignee
Former user(Deactivated)
Reporter
Yedidyah Bar David(Deactivated)
Priority
Medium
Parent
OVIRT-403 oVirt infra services maintenance and upgrades

Details

Assignee

Reporter

Priority

Parent

Flag notifications

Something's gone wrong

outgoing mail failure - SPF fail

Description

Activity

Former user November 2, 2016 at 4:58 PM

Former user November 1, 2016 at 9:23 AM

Marc Dequènes (Duck) October 31, 2016 at 3:55 PM

Eyal Edri October 31, 2016 at 9:35 AM

DetailsAssigneeFormer userFormer user(Deactivated)ReporterYedidyah Bar DavidYedidyah Bar David(Deactivated)PriorityMediumParentOVIRT-403 oVirt infra services maintenance and upgrades

Details

Assignee

Reporter

Priority

Parent

Flag notifications

Something's gone wrong

Details
Assignee
Former user(Deactivated)
Reporter
Yedidyah Bar David(Deactivated)
Priority
Medium
Parent
OVIRT-403 oVirt infra services maintenance and upgrades