Expiry notifications marked as spam

Hey, didn’t know where to put this but the expiry emails have been going straight to my junk folder. I marked the emails as safe but just wanted to let you know in case it’s a widespread issue. The email provider is Gmail in my case.

Cheers,

Ale

1 Like

Hi,

Thank you for this information.
Pinging Let’s Encrypt staff for attention. @lestaff

Thank you

1 Like

For @lestaff s information, these are the SpamAssassin tests my recent (13-10) notification I was getting:

BAYES_00=-1.9
DKIM_INVALID=0.1
DKIM_SIGNED=0.1
HEADER_FROM_DIFFERENT_DOMAINS=0.25
RCVD_IN_BL_SPAMCOP_NET=1.347
RCVD_IN_DNSWL_NONE=-0.0001

It also has two DKIM signatures. One with d=mandrillapp.com and one with d=letsencrypt.org. Apparently, my SpamAssassin things something is wrong with the DKIM signature or signatures.

2 Likes

For extra precautions, Let’s Encrypt might also want to implement DMARC, and change the envelope address from mandrillapp.com to a let’s encrypt return path.

https://mandrill.zendesk.com/hc/en-us/articles/205582727-Can-I-customize-the-Return-Path-bounce-address-used-for-my-emails-

1 Like

@aaaleee We’re continuing to monitor our email statistics, but there’s nothing out of the ordinary from what’s being reported by Mandrill. According to MX Toolbox, we have a clean bill of health.

@Osiris The Mandrill DKIM/SPF validator states we have a valid configuration. Testing with http://dkimvalidator.com/ also gave back favorable results.

@stevenzhu We’re discussing the return-path address internally and will also be deploying DMARC in monitoring mode.

2 Likes

I'm not sure if that works, searching for the IP address behind the MX record for letsencrypt.org, when the e-mails are being sent through mandrillapp.com (in my case mail179-17.suw41.mandrillapp.com):

We notice you are on a blacklist.

1 Like

Well, that site is a little contradictory: the top test says my DKIM signature is valid but at the same time, the SpamAssassin of that site (on the bottom of the tests) says the DKIM signature is invalid :stuck_out_tongue_winking_eye:

So perhaps it's a problem with SAs DKIM validation in general.. Both dkimvalidator.com as my own SA mark a valid DKIM signature as invalid..

:rofl:


Here's the response I got from dkimvalidator.org

SpamAssassin Score: -0.161
Message is NOT marked as spam
Points breakdown: 
-0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at http://www.dnswl.org/, no
                            trust
                            [209.85.210.54 listed in list.dnswl.org]
 0.0 RCVD_IN_MSPIKE_H3      RBL: Good reputation (+3)
                            [209.85.210.54 listed in wl.mailspike.net]
 0.0 HTML_MESSAGE           BODY: HTML included in message
-0.1 DKIM_VALID             Message has at least one valid DKIM or DK signature
-0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from author's
                            domain
 0.1 DKIM_SIGNED            Message has a DKIM or DK signature, not necessarily valid
 0.0 RCVD_IN_MSPIKE_WL      Mailspike good senders
-0.1 DKIMWL_WL_HIGH         DKIMwl.org - Whitelisted High sender

Regarding MX Toolbox, I did not see letsencrypt.org on any blacklists. However, https://www.ultratools.com/tools/spamDBLookupResult states that Google IP 172.217.197.27 is on several of the SORBS blacklists.

Doing some digging inside of SORBS, we had 5 spam hits on SORBS lists back on August 31, 2018. Afaict, those entries have since expired.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.