www-infrastructure-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hoss Man (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (INFRA-11022) qmail using DNS ANY requests, may be blocked by DDoS mitigation strategies.
Date Wed, 13 Jan 2016 17:39:39 GMT

    [ https://issues.apache.org/jira/browse/INFRA-11022?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15096650#comment-15096650
] 

Hoss Man commented on INFRA-11022:
----------------------------------

I was asked to add the following contact info for the person who initially sent the email
(apparently she's having problems adding jira comments?) with the hope that someone from infra
can contact her directly if there are any questions that can help expedite a fix ...

: From: "Crum, Janice (NIH/CIT) [C]" <GeesamaJ@mail.nih.gov>

: Chris
:
: I was not able to add comments, that is why I wrote to you.  Could you 
: please add my email address and phone number 301.204.5840 to the case
: and request that I be contacted and mark it urgent?
: 
: Thank you,
: Janice


> qmail using DNS ANY requests, may be blocked by DDoS mitigation strategies.
> ---------------------------------------------------------------------------
>
>                 Key: INFRA-11022
>                 URL: https://issues.apache.org/jira/browse/INFRA-11022
>             Project: Infrastructure
>          Issue Type: Bug
>          Components: Mail (qmail)
>            Reporter: Hoss Man
>
> the following information was received in email to the moderators of the solr-user@lucene
mailing list in response to an automated email from ezmlm to a user informing them that many
emails sent to them have been bouncing.
> I've removed any persona/organizational identifying details from the email, and will
encourage the original sender to contact infra directly if they wish to share more confidential
details (referencing this jira)
> ----
> I am an Email Administrator at [GOV AGENCY].  I have investigated this issue for [USER]
and found the following:
> It appears your organization is using Qmail to send email.  Based on our analysis, Qmail
poses a potential delivery
> problem between our systems.  The problem is routed in the configuration of the Qmail
system.  Specifically, Qmail
> performs DNS "ANY" requests to find the MX records for the destination host of a message.
  As have many Federal
> Agencies, [GOV AGENCY] has blocked DNS "ANY" queries over UDP (and only "ANY" queries)
as part of our DDoS mitigation
> strategy. We believe this results in the failure of the DNS queries from Qmail and the
rejection of your emails.
> Please forward this information to your Email/Network Administrators and request that
they update your Qmail system
> and discontinue the usage of the "ANY" query as part of your Qmail's delivery process.
 Based on our research, the
> "ANY" query that Qmail performs is no longer required as part of a standard Qmail system,
as outlined below:
> (http://fanf.livejournal.com/122220.html , http://www.memoryhole.net/qmail/ ).



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message