0sg.net bouncing for bad reverse lookups?

Use this forum to get help.

Re: 0sg.net bouncing for bad reverse lookups?

Postby Flounder9964 » Thu Jan 26, 2023 6:46 pm

That means SG addresses are still broken on 3 of the most notable privacy friendly mail providers (Protonmail, Tutanota, Riseup).

Can anyone explain why this seems to be resolved for some email providers and not others?
Flounder9964
 
Posts: 2
Joined: Thu Jan 26, 2023 5:56 am

Re: 0sg.net bouncing for bad reverse lookups?

Postby Clewby » Fri Jan 27, 2023 8:56 am

I could be experiencing more than one problem, but it looks like mail is not being forwarded to protected addresses from neverbox addresses, in my case, since approximately 2023-01-17 03:00 and still not working now. I see mails going into spamgourmet and being processed, as the counter for various addresses is decrementing, but nothing is being delivered to the protected addresses (this applies to more than one account).

Furthermore, (Tests now on 2023-01-27 at about 08:30 UTC) if I send a message to a new neverbox address, the address is (auto)created, and I can see that as far as spamgourmet is concerned, the message has been forwarded/processed as the message counter is decremented, but nothing arrives at the protected address.
A subsequent message to the same address shows the same behaviour - the message counter is decremented, but nothing arrives at the protected address.

If I use the feature that allows me to send a message that appears to come from the spamgourmet neverbox address, it does not appear to be processed, and the message counter is not decremented.

If I subsequently send a normal message the message counter is decremented, but nothing arrives at the protected address.

I don't run my own mail server, so I can't contribute more to diagnosis and testing. Sorry about that. I hope the problem is identified and resolved soon.

Edit to add:

If I need to contact the email provider of the protected address to advise that they need to make some configuration changes, please put a notice in this thread.

Edit to further add:

I don't know if this is correct. It looks a bit inconsistent.
Code: Select all
$ dig @1.1.1.1 +noall +answer 0sg.net
0sg.net.      1800   IN   A   216.75.62.102
$ dig @1.1.1.1 +noall +answer neverbox.com
neverbox.com.      1800   IN   A   216.75.62.100
$ dig @1.1.1.1 +noall +answer xoxy.net
xoxy.net.      1795   IN   A   216.75.62.100
dig @1.1.1.1 +noall +answer spamgourmet.com
spamgourmet.com.   1800   IN   A   216.75.62.102
$ dig @1.1.1.1 +noall +answer 9ox.net
9ox.net.      1800   IN   A   216.75.62.100
$ dig @1.1.1.1 +noall +answer dfgh.net
<blank>
dig @1.1.1.1 +noall +answer antichef.com
antichef.com.      1800   IN   A   216.75.62.100
dig @1.1.1.1 +noall +answer recursor.net
recursor.net.      1800   IN   A   216.75.62.100


All of the above have gourmet7.spamgourmet.com as their MX record.
Code: Select all
dig @1.1.1.1 +noall +answer gourmet7.spamgourmet.com
gourmet7.spamgourmet.com. 1800   IN   A   216.75.62.102


Edit further again to add:

Used https://dnschecker.org/ for convenience, but presenting salient results from dig

Code: Select all
$ dig @one.one.one.one -t A  +noall +answer neverbox.com
neverbox.com.      1800   IN   A   216.75.62.100
$ dig @one.one.one.one -t MX  +noall +answer neverbox.com
neverbox.com.      1800   IN   MX   10 gourmet7.spamgourmet.com.
$ dig @one.one.one.one -t PTR  +noall +answer neverbox.com
<blank>
$ dig @one.one.one.one -t TXT  +noall +answer neverbox.com
neverbox.com.      1800   IN   TXT   "v=spf1 mx ip4:216.75.62.81 ip4:216.75.62.102 -all"

//Comment: 216.75.62.81 is gourmet8.spamgourmet.com , 216.75.62.102 is gourmet7.spamgourmet.com , and not listed is 216.75.62.100 which is gourmet9.spamgourmet.com


look at gourmet7
Code: Select all
$ dig @one.one.one.one -t MX  +noall +answer gourmet7.spamgourmet.com
<blank>


look at gourmet8
Code: Select all
$ dig @one.one.one.one -t MX  +noall +answer gourmet8.spamgourmet.com
gourmet8.spamgourmet.com. 1799   IN   MX   10 gourmet8.spamgourmet.com.


So gourmet 7 has no MX record, but gourmet 8 has.

look at gourmet7
Code: Select all
$ dig @one.one.one.one -t TXT  +noall +answer gourmet7.spamgourmet.com


look at gourmet8
Code: Select all
$ dig @one.one.one.one -t TXT  +noall +answer gourmet8.spamgourmet.com
gourmet8.spamgourmet.com. 1800   IN   TXT   "v=spf1 mx ip4:216.75.62.102 ip4:216.75.62.81 ip4:216.75.62.100 -all"


So gourmet 7 has no TXT-SPF record, but gourmet8 has. And note that gourmet 8's TXT-SPF record lists three host ip addresses: those of gourmet7 (216.75.62.102), gourmet8 (216.75.62.81) and gourmet9 (216.75.62.100)

So, for completeness, look at gourmet9
Code: Select all
$ dig @one.one.one.one -t MX  +noall +answer gourmet9.spamgourmet.com
<blank>
dig @one.one.one.one -t TXT  +noall +answer gourmet9.spamgourmet.com
<blank>


I am no expert. At all. But it does look a little inconsistent.

Note that the last email I received via spamgourmet came from gourmet8 - from the header
Code: Select all
Received-SPF: pass client-ip=216.75.62.102; helo=gourmet8.spamgourmet.com


Is the issue that the DNS MX and TXT-SPF records are missing for gourmet7 and gourmet9?

Reverse lookups
Code: Select all
$ dig  @1.1.1.1 +noall +answer -x 216.75.62.102 //IP address of gourmet7
102.62.75.216.in-addr.arpa. 43200 IN   PTR   gourmet.spamgourmet.com.
$ dig  @1.1.1.1 +noall +answer -x 216.75.62.81 //IP address of gourmet8
81.62.75.216.in-addr.arpa. 43200 IN   PTR   gourmet8.spamgourmet.com.
$ dig  @1.1.1.1 +noall +answer -x 216.75.62.100 //IP address of gourmet9
100.62.75.216.in-addr.arpa. 43200 IN   PTR   gourmet.spamgourmet.com.


...and gourmet.spamgourmet.com
Code: Select all
$ dig  @1.1.1.1 -t A +noall +answer gourmet.spamgourmet.com
gourmet.spamgourmet.com. 1800   IN   A   216.75.62.102 //Same IP as gourmet7
$ dig  @1.1.1.1 -t MX +noall +answer gourmet.spamgourmet.com
<blank>
$ dig  @1.1.1.1 -t TXT +noall +answer gourmet.spamgourmet.com
<blank>
Clewby
 
Posts: 44
Joined: Mon Jun 13, 2011 4:48 pm

Re: 0sg.net bouncing for bad reverse lookups?

Postby Clewby » Sat Jan 28, 2023 3:40 pm

Mail is still not successfully being delivered for me.

If I send to a neverbox address, I can see that the 'remaining' counter is decremented, but the message does not get through to the protected mailbox.

Is anyone working on the problem?

Is there a diagnosis?

++++++
Update
I've tried changing the protected address to a different provider, in this case Protonmail. The confirmation message to the new protected address does not get through.

I've tried setting up a new username, with the protected email address as a Protonmail address. The setup confirmation message to the new protected address does not get through.
Last edited by Clewby on Sat Jan 28, 2023 8:36 pm, edited 1 time in total.
Clewby
 
Posts: 44
Joined: Mon Jun 13, 2011 4:48 pm

Re: 0sg.net bouncing for bad reverse lookups?

Postby klyigb » Sat Jan 28, 2023 7:10 pm

edited
Last edited by klyigb on Mon Jan 30, 2023 4:58 pm, edited 1 time in total.
klyigb
 
Posts: 2
Joined: Thu Jan 26, 2023 6:25 pm

Re: 0sg.net bouncing for bad reverse lookups?

Postby Clewby » Sun Jan 29, 2023 8:51 pm

Turns out that if I change the protected address to a Gmail account, the mail gets through.

Unfortunately, I have never used Gmail, and I'm not about to start now.

I have raised a ticket with my email provider, as I'm guessing the problem lies with them. If it's some new anti-spam/anti-throwaway/anti-anonymous mail rules where they will not grant an exception for Spamgourmet, it'll looks like I'll have to use a different service that offers a similar way of working as Spamgourmet. After more than two decades with Spamgourmet, that will be irksome.
Clewby
 
Posts: 44
Joined: Mon Jun 13, 2011 4:48 pm

Re: 0sg.net bouncing for bad reverse lookups?

Postby facetto » Mon Jan 30, 2023 9:01 am

Hi, I can confirm that both protonmail and freenet.de seem to have issues with spamgourmet currently. I now changed the forwarding adress to gmail and contacted protommail for support.
facetto
 
Posts: 6
Joined: Mon Sep 05, 2022 8:48 am

Re: 0sg.net bouncing for bad reverse lookups?

Postby Clewby » Mon Jan 30, 2023 11:26 am

I've now registered with another email provider which (currently) works with Spamgourmet and changed my protected address to the new provider..

From reading around this forum, it looks like Spamgourmet is not currently working with

protonmail
tutanota
riseup
freenet.de

I know that at least one other provider (mine) is not working with Spamgourmet right now. I have raised a ticket with my provider, but have not had any feedback as yet.
Clewby
 
Posts: 44
Joined: Mon Jun 13, 2011 4:48 pm

Re: 0sg.net bouncing for bad reverse lookups?

Postby derday » Mon Jan 30, 2023 11:32 am

facetto wrote:[...] I now changed the forwarding adress to gmail and contacted protommail for support.

how could you change to the new forwarding adress? you have to confirm a link in an email to the old/actual adress. this email gets lost (again). is there a switch where you can cancel this security option?

Clewby wrote:[...] and changed my protected address to the new provider..

From reading around this forum, it looks like Spamgourmet is not currently working with

protonmail
tutanota
riseup
freenet.de
[...]

add gmx.de to your list. and again, how could you get the confirmation mail for changing the forwarding adress?
derday
 
Posts: 9
Joined: Mon Mar 23, 2020 12:12 pm

Re: 0sg.net bouncing for bad reverse lookups?

Postby Clewby » Mon Jan 30, 2023 12:13 pm

Code: Select all
how could you change to the new forwarding address? you have to confirm a link in an email to the old/actual address. this email gets lost (again). is there a switch where you can cancel this security option?


No, there is no switch.

The confirmation of change of protected address gets sent to the new address.

At first sight, this seems crazy, but:
- you can only do this process when logged in to your spamgourmet account. So for someone to do this maliciously, they would have to know your account name and password. This is why it is important to set a good password. Anyone who knows the password can ruin your day.
- if you make a mistake, and set your protected address incorrectly, you do not need to have access to the incorrect address to change it to the correct address. You just need to log in to your spamgourmet account and change it. This guards against typographic errors, or email service providers unexpectedly ceasing service.

Updated (thanks) list of providers where incoming mail from spamgourmet doesn't currently work:

freenet.de
gmx.de
protonmail
riseup
tutanota
Clewby
 
Posts: 44
Joined: Mon Jun 13, 2011 4:48 pm

Re: 0sg.net bouncing for bad reverse lookups?

Postby derday » Mon Jan 30, 2023 12:43 pm

Clewby wrote:The confirmation of change of protected address gets sent to the new address.


omg, if I had read correctly, I would have recognized it myself! big thanks! I was confused, because the confirmation mail didn't arrive at the old adress but also not at the new adress.
but so you can add mailbox.org also to your list of not-working mailprovider :mrgreen:
derday
 
Posts: 9
Joined: Mon Mar 23, 2020 12:12 pm

Re: 0sg.net bouncing for bad reverse lookups?

Postby Clewby » Mon Jan 30, 2023 12:49 pm

@derday

You're welcome.

List updated. Thank you.

Updated (thanks) list of providers where incoming mail from spamgourmet doesn't currently work:

freenet.de
gmx.de
mailbox.org
protonmail
riseup
tutanota
Clewby
 
Posts: 44
Joined: Mon Jun 13, 2011 4:48 pm

Re: 0sg.net bouncing for bad reverse lookups?

Postby foo » Mon Jan 30, 2023 5:58 pm

Well it has taken me days to register this account using tutanota as my destination. I tried to change to protonmail but the activation never arrives.

Code: Select all
Received: from w4.tutanota.de ([192.168.1.165])
        by tutadb.w10.tutanota.de
        with SMTP (SubEthaSMTP 3.1.7)
        Mon, 30 Jan 2023 16:39:19 +0100 (CET)
Received: from gourmet8.spamgourmet.com (gourmet.spamgourmet.com [216.75.62.102])
   by w4.tutanota.de (Postfix) with ESMTPS
   Mon, 30 Jan 2023 15:39:19 +0000 (UTC)
Received: from spamgourmet by gourmet7.spamgourmet.com with local (Exim 4.94.2)
   (envelope-from <board@bbs.spamgourmet.com>)
   id 1pME2n-0006bS-IO
   Sun, 29 Jan 2023 20:12:53 +0000
Received: from server322-5.web-hosting.com ([198.54.116.172])
   by gourmet7.spamgourmet.com with esmtps  (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
   (Exim 4.94.2)
   (envelope-from <board@bbs.spamgourmet.com>)
   Sun, 29 Jan 2023 20:12:53 +0000
Received: from [::1] (port=60834 helo=server322.web-hosting.com)
   by server322.web-hosting.com with esmtp (Exim 4.95)
   (envelope-from <board@bbs.spamgourmet.com>)
   Sun, 29 Jan 2023 15:12:52 -0500


It is basically impossible to use this service for confirmation emails, which means I am locked out of several accounts with no ability to fix them.

Email seems to eventually trickle through after 1-4 days.
foo
 
Posts: 3
Joined: Sun Jan 29, 2023 8:12 pm

Re: 0sg.net bouncing for bad reverse lookups?

Postby JFK » Mon Jan 30, 2023 11:22 pm

Is the original problem with reverse DNS lookup (/"550 X-Host-Lookup-Failed" problem) solved now?
Because, I guess, it should be much easier to convince a provider to allow SG emails again, if you(/we) could tell them, there was a temporary problem (with reverse DNS lookup), which was solved after a few days.

For me, it seems that it depends on the provider of your "protected address":

- Some were only very unreliable (and "ate" at least 50 % of all incoming emails) because of reverse DNS lookup problems between January 16th and 20th (/21st/22nd).
- Others started rejecting all emails to a protected email address starting from January 16th, 2023: For those there is a good chance, that the counter at the SG website ("advanced mode") is still increasing/counting, while you don't receive any emails.

I experience both cases with different SG accounts related to different protected addresses (/providers).

@derday: By the way, the problems with GMX are not new and are known for at least a year: Very unreliable, only some e-mails get through (often with a huge delay), apparently both for sending and receiving emails through SG(-aliases).
Last edited by JFK on Thu Feb 02, 2023 2:34 pm, edited 1 time in total.
JFK
 
Posts: 12
Joined: Mon Mar 30, 2020 7:53 pm

Re: 0sg.net bouncing for bad reverse lookups?

Postby notmysgusername1 » Tue Jan 31, 2023 12:41 am

Going to +1, #metoo

I was getting SG e-mails at Proton.me until the 16th, then nothing. On the 21st or so I reverted to an older outlook.com e-mail. Everything came through just fine. When I was not receiving e-mails at Proton I saw the count for addresses decrease, so I know e-mails were getting _to_ SG, but not to Proton.

Still, at the moment, I can't get a confirmation e-mail to go through to Proton to change back.

I've been on the line with their support, and last remarks are,

The following is a summary of the two (Spamgourmet bbs) articles you provided.

1. Spamgourmet refused to forward some original emails due to a PTR error (a "Reverse DNS lookup" error).

MEANING:
(1) Those emails were never forwarded to the final recipient. Spamgourmet refused to forward those emails.
(2) Spamgourmet refused to forward those emails because Spamgourmet considered them from spammers. Spamgourmet even refused to forward emails from Gmail.
(3) A Spamgourmet user said the original sender server did have set up the PTR record, and this could be a tech issue with Spamgourmet. Spamgourmet's tech team should look into this issue.

2. The problem was/is with Spamgourmet's official domains (0sg.net / neverbox.com / spamgourmet.com).
3. This could be a DNS issue with Spamgourmet's service provider, Namecheap. Namecheap's DNS server did not provide the correct (lateset) PTR results.
4. This could be a TLS cert-checking issue on Spamgourmet. Spamgourmet did not seem to accept all common TLS certs.

The situation you described is consistent with the issues mentioned in those articles. It seems to be a technical issue with Spamgourmet.

We (Proton) also checked our ban list. Spamgourmet [216.75.62.102] is not on our ban list. We do not reject emails from Spamgourmet.


c'mon, SpamGourmet, any additional info??

I've dug into the DNS for spamgourmet.com and ob.0sg.net and such and didn't see any missing PTR records (though all domains point to an IP that PTR's to spamgourmet.com). I don't think the spamgourmet domain would prevent e-mails from being delivered to other domains, though. A TLS issue would, if the SG MTA is running on like Ubuntu 14.04.

When I check out ssl (`openssl s_client -connect mail.protonmail.ch:25 -starttls smtp`), the cert looks ok.
Code: Select all
Certificate chain
 0 s:CN = protonmail.com
   i:C = US, O = Let's Encrypt, CN = R3
   a:PKEY: rsaEncryption, 4096 (bit); sigalg: RSA-SHA256
   v:NotBefore: Dec 27 13:13:08 2022 GMT; NotAfter: Mar 27 13:13:07 2023 GMT
 1 s:C = US, O = Let's Encrypt, CN = R3
   i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
   v:NotBefore: Sep  4 00:00:00 2020 GMT; NotAfter: Sep 15 16:00:00 2025 GMT


It works with TLS 1.3, TLS 1.2, and falls over with TLS 1.1.

Outlook.com, my protected address provider, doesn't enable TLS 1.1 either though. Perhaps there's a feature trying to get the accepted TLS versions that isn't implemented on Proton's side.

Or -- the cert above said, "protonmail.com" and the host connected to (and the MX record) says "mail.protonmail.ch". ?
notmysgusername1
 
Posts: 9
Joined: Fri Jan 27, 2023 12:58 am

Re: 0sg.net bouncing for bad reverse lookups?

Postby foo » Tue Jan 31, 2023 5:31 am

I just changed to a gmail protected address, confirmed immediately, so at least that's a stopgap for me to go change all my email addresses away from SG.
foo
 
Posts: 3
Joined: Sun Jan 29, 2023 8:12 pm

PreviousNext

Return to Support / Hilfe / ayuda / ondersteuning / ...

Who is online

Users browsing this forum: No registered users and 24 guests