Bug #16767
Schleuder mailing lists non functional: MXs of Autistici/Inventati are misconfigured
0%
Description
Updates about the ongoing A/I infra migration:
Hi!
some mailing lists seem to “sleep”. I’ve sent email to -summit and -accounting, none of which arrived. May you please check what’s going on here? Thanks!
Subtasks
Related issues
Related to Tails - Bug #12113: Make sure tails.boum.org is available over IPv6 | Confirmed | 2017-01-05 | |
Related to Tails - |
Resolved | 2018-12-11 |
History
#1 Updated by Anonymous 2019-05-30 11:32:04
Mailserver log says:
connect to mx2.investici.org[94.23.50.208]:25: Connection refused
connect to mx10.investici.org[198.167.222.108]:25: Connection refused
connect to mx2.investici.org[94.23.50.208]:25: Connection refused
connect to mx9.investici.org[212.103.72.250]:25: Connection refused
Connections over IPv6 seem to be impossible.
telnetting those IPs on port 25 from elsewhere is also impossible, so I guess the issue is not on my mailserver.
#2 Updated by Anonymous 2019-05-30 11:33:58
- Subject changed from Mailing lists non functional to Mailing lists non functional : MXs of investici unreachable
#3 Updated by goupille 2019-05-30 13:38:34
when sending an email to tails-bugs@ I get an ‘Undelivered Mail Returned to Sender’ with this error :
Diagnostic-Code: X-Postfix; Host or domain name not found. Name service error
for name=mail.tails.boum.org type=AAAA: Host not found
I’ve got nothing explicit about not being able to connect to the MX…
#4 Updated by Anonymous 2019-05-31 10:38:23
- Assignee set to groente
- Priority changed from Normal to Urgent
I also receive these messages:
<tails-accounting@boum.org>: Host or domain name not found. Name service error
for name=mail.tails.boum.org type=AAAA: Host not found
Reporting-MTA: dns; mx1.investici.org
X-Postfix-Queue-ID: 7269C1207FA
AAAA = IPv6, right? I seem to remember that there is no IPv6 on t.b.o
This is still broken, I cannot send emails to our lists that are hosted on investici.org. Please fix this because noone can write to us currently on tails, tails-accounting
and -summit, and possibly other lists.
Tentatively assigning this to one of our sysadmins.
#5 Updated by sajolida 2019-05-31 10:38:41
- Subject changed from Mailing lists non functional : MXs of investici unreachable to Mailing lists non functional : MXs of autistici unreachable
- Assignee deleted (
groente) - Priority changed from Urgent to Normal
Mailing list archives return 404: https://lists.autistici.org/list/tails-project.html
It could be a different problem and I’ll create a dedicated ticket if it turns out not to be.
#6 Updated by sajolida 2019-05-31 10:40:46
If I understanding correctly:
- Our public mailing lists are hosted by autistici
- Our schleuder mailing lists are hosted either by puscii either by ourselves
I can write myself fine to tails-fundraising@boum.org for example.
#7 Updated by Anonymous 2019-05-31 10:42:26
I now sent a private email to all of the sysadmins because nobody reacted to this since 24 hours.
#8 Updated by Anonymous 2019-05-31 10:43:53
sajolida wrote:
> If I understanding correctly:
>
> * Our public mailing lists are hosted by autistici
> * Our schleuder mailing lists are hosted either by puscii either by ourselves
>
> I can write myself fine to tails-fundraising@boum.org for example.
I think this assumption is incorrect.
Currently affected:
-accounting@
-bugs@
-summit@
-sysadmins@
#9 Updated by Anonymous 2019-05-31 10:45:09
sajolida wrote:
> If I understanding correctly:
>
> * Our public mailing lists are hosted by autistici
> * Our schleuder mailing lists are hosted either by puscii either by ourselves
>
> I can write myself fine to tails-fundraising@boum.org for example.
On top of that, their SSL cert is insecure.
#10 Updated by Anonymous 2019-05-31 10:45:31
- Assignee set to groente
- Priority changed from Normal to Urgent
sajolida wrote:
> Mailing list archives return 404: https://lists.autistici.org/list/tails-project.html
>
> It could be a different problem and I’ll create a dedicated ticket if it turns out not to be.
On top of that, their SSL cert is insecure.
#11 Updated by Anonymous 2019-05-31 10:46:21
- Assignee deleted (
groente)
groente
bertagaz @intrigeri I don’t know who if you will handle this?
#12 Updated by Anonymous 2019-05-31 10:55:10
Also sent email to info@investici.org now.
#13 Updated by Anonymous 2019-05-31 10:56:32
- Subject changed from Mailing lists non functional : MXs of autistici unreachable to Mailing lists non functional : MXs of autistici bounces back for mail.tails.boum.org
#14 Updated by Anonymous 2019-05-31 10:57:19
- related to Bug #12113: Make sure tails.boum.org is available over IPv6 added
#15 Updated by Anonymous 2019-05-31 10:57:39
- related to
Bug #16121: Migrate our Schleuder lists outside of boum.org added
#16 Updated by Anonymous 2019-05-31 11:57:20
- Assignee set to groente
@groente seems to be on sysadmin duty, so reassigning back to him.
#18 Updated by intrigeri 2019-05-31 16:50:39
- Subject changed from Mailing lists non functional : MXs of autistici bounces back for mail.tails.boum.org to Schleuder mailing lists non functional : MXs of autistici bounces back for mail.tails.boum.org
- Assignee changed from groente to intrigeri
(It seems that Mailman lists work just fine, apart of the archives part.)
I’ll sum up what I understand of the problem to my contact at A/I.
We might have to wait a bit while their infrastructure is ongoing a full technological migration: they might have issues to fix that affect all their users, not just Tails.
#19 Updated by intrigeri 2019-05-31 16:57:23
- Subject changed from Schleuder mailing lists non functional : MXs of autistici bounces back for mail.tails.boum.org to Schleuder mailing lists non functional: MXs of Autistici/Inventati are misconfigured
(This report is not only about lists we host at mail.tails.b.o.)
#20 Updated by intrigeri 2019-05-31 16:58:49
- Status changed from Confirmed to In Progress
sajolida wrote:
> If I understanding correctly:
>
> * Our public mailing lists are hosted by autistici
> * Our schleuder mailing lists are hosted either by puscii either by ourselves
FTR, since this was challenged later here: this is entirely correct (as per the final decision, that was made on tails@).
#21 Updated by intrigeri 2019-05-31 17:02:20
- Description updated
#22 Updated by Anonymous 2019-05-31 20:03:03
intrigeri wrote:
> sajolida wrote:
> > If I understanding correctly:
> >
> > * Our public mailing lists are hosted by autistici
> > * Our schleuder mailing lists are hosted either by puscii either by ourselves
>
> FTR, since this was challenged later here: this is entirely correct (as per the final decision, that was made on tails@).
Right. But this is not the issue causing the bug.
#23 Updated by intrigeri 2019-06-01 05:49:53
- Assignee changed from intrigeri to groente
@groente has more direct means of communication with A/I folks at the moment so it probably makes more sense that he handles this :)
#24 Updated by groente 2019-06-01 22:39:34
- Status changed from In Progress to Resolved
everything seems to work again \o/
#25 Updated by intrigeri 2019-06-02 06:59:24
- Status changed from Resolved to In Progress
- Assignee changed from groente to intrigeri
> everything seems to work again \o/
Woohoo!
… except that none of our systems can deliver email to @boum.org, because the TLS policy we have in place does not match the new A/I setup. I’ll handle it.
#26 Updated by intrigeri 2019-06-02 07:16:14
- Assignee changed from intrigeri to groente
- QA Check set to Ready for QA
It seems the best we can do at the moment is https://git.tails.boum.org/puppet-tails/commit/?id=5b8c54b46820f25fda812d0f1e73f7807cdca420. Deployed on a few systems and confirmed it allowed email flow to resume (see e.g. the Icinga2 notifications that just arrived on our team’s list). I’ve also confirmed that it allowed whisperback.lizard to deliver a bunch of queued WhisperBack reports to our Help Desk.
#27 Updated by intrigeri 2019-06-02 14:42:59
- Status changed from In Progress to Needs Validation
#28 Updated by groente 2019-06-27 08:43:31
- Status changed from Needs Validation to Resolved