Many websites do not have the language or locale set in the URL string. They instead pull this out of the "Accept-Language" HTTP header. Is it possible with CDN's like CloudFlare and CloudFront to cache different versions of the page based on this header, or if not - what is the recommended best practice for this?
This is the DMARC record we have set
v=DMARC1; p=reject; rua=mailto:[redacted]@coinbase.com; adkim=r; aspf=s
So we are rejecting any not match with SPF strictly, and DKIM is relaxed.
Here is the SPF record:
v=spf1 mx ptr include:_spf.google.com include:amazonses.com include:servers.mcsv.net ip4:216.146.46.11/24 ip4:54.240.0.0/16 -all
servers.mcsv.net is the relevant one here, this is for MailChimp.
Now, when mailchimp sends emails, here are the relevant headers (taken from before we had DMARC set to reject):
Delivered-To: [redacted]@gmail.com
Return-Path: <bounce-mc.us5_10399111.473393-[redacted][email protected]>
Received: from mail43.atl11.rsgsv.net (mail43.atl11.rsgsv.net. [205.201.133.43])
by mx.google.com with ESMTP id j28si35440183yha.171.2014.05.21.09.07.49
for <[redacted]@gmail.com>;
Wed, 21 May 2014 09:07:49 -0700 (PDT)
Received-SPF: pass (google.com: domain of bounce-mc.us5_10399111.473393-[redacted][email protected] designates 205.201.133.43 as permitted sender) client-ip=205.201.133.43;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of bounce-mc.us5_10399111.473393-[redacted][email protected] designates 205.201.133.43 as permitted sender) smtp.mail=bounce-mc.us5_10399111.473393-[redacted][email protected];
dkim=pass [email protected];
dmarc=fail (p=NONE dis=NONE) header.from=coinbase.com
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=k1; d=mail43.atl11.rsgsv.net;
h=Subject:From:Reply-To:To:Date:Message-ID:List-Unsubscribe:Sender:Content-Type:MIME-Version; i=[redacted][email protected];
bh=o5A5eXnTv4l6rsLeAnZJnMWMM68=;
b=TuFkaiUuroZ81dqLE6inBqApDru17Je2eBBRhPSwcLjFqSnQYasdQeoKdSseroRiNsVwR2l+VMgo
AjDCgEcXlmKQ1OZwgFJRoy/YKcV2aWfAaNttoLg/Ia1mqRVI+KOA6CIHE+1sbjc8vGdbkxHpnhkw
vyKFBZn8BdHmLyBUr88=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=k1; d=gmail.mcsv.net;
h=Subject:From:Reply-To:To:Date:Message-ID:X-Feedback-ID:List-Unsubscribe:Sender:Content-Type:MIME-Version;
bh=o5A5eXnTv4l6rsLeAnZJnMWMM68=;
b=pUJSVxxUhdCyKquMzC3XoV8/vdntYc9D9PPEi8+kGHPzyX9JYz2abxclEKparO5titfvKxda7K6R
m65UTHrkFeMh+lQw7KruA0YBI4ixq07xVUiQkyZRTTuV8oW0R1a/gwWqr4zCnrHbgBmtSg1lKRWF
Zo4frwnJ67K8gPd/Qlk=
DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=k1; d=mail43.atl11.rsgsv.net;
b=WU6GQW9PExrQou81SYai+uiOzWU9FjHdzXPh2NA+g0aKjcDx08ujAcfkOjLRtD6ceTEwdS4GNeyc
3iwdIXMjwYN1qDzo4Ug3yeKCTjidqcjdxJcRN1pBJ6Dq+bsGkcNiwlh7cFlmTSQEeIobmRCO3FEA
mEJ3ZB59fs0X9VhAiiw=;
Received: from (127.0.0.1) by mail43.atl11.rsgsv.net id hfj7la1lgi03 for <[redacted]@gmail.com>; Wed, 21 May 2014 16:07:09 +0000 (envelope-from <bounce-mc.us5_10399111.473393-[redacted][email protected]>)
Subject: =?utf-8?Q?Posts=20from=20The=20Coinbase=20Blog=20for=2005=2F21=2F2014?=
From: =?utf-8?Q?The=20Coinbase=20Blog?= <[redacted]@coinbase.com>
You can see DMARC failed. But I don't understand why. The SPF record passes. DKIM does also (although we have that requirement relaxed here).
Maybe I'm misunderstanding something about DMARC, but it seems like this should work.
Thank you for the help!
Woke up today to see my site slow/unresponsive. Pulled up top and it looks like a ton of saslauthd processes have spun up using about 64m of RAM each, causing the machine to enter swap space. I've never seen this many used on there.
top - 16:54:13 up 85 days, 11:48, 1 user, load average: 0.32, 0.50, 0.38
Tasks: 143 total, 1 running, 142 sleeping, 0 stopped, 0 zombie
Cpu(s): 0.7%us, 0.3%sy, 0.0%ni, 97.3%id, 0.2%wa, 0.0%hi, 0.0%si, 1.4%st
Mem: 1048796k total, 1025904k used, 22892k free, 14032k buffers
Swap: 2097144k total, 332460k used, 1764684k free, 194348k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
848 admin 20 0 263m 115m 4840 S 0 11.3 5:02.91 ruby
906 admin 20 0 265m 113m 4828 S 0 11.1 5:37.24 ruby
30484 admin 20 0 248m 91m 4256 S 6 9.0 219:02.30 delayed_job
4075 root 20 0 160m 65m 952 S 0 6.4 0:24.22 saslauthd
4080 root 20 0 162m 64m 936 S 0 6.3 0:24.48 saslauthd
4079 root 20 0 162m 64m 936 S 0 6.3 0:24.70 saslauthd
4078 root 20 0 164m 63m 936 S 0 6.2 0:24.66 saslauthd
4077 root 20 0 163m 62m 936 S 0 6.1 0:24.66 saslauthd
3718 mysql 20 0 312m 52m 3588 S 1 5.1 3499:40 mysqld
699 root 20 0 72744 7640 2164 S 0 0.7 0:00.50 ruby
15701 postfix 20 0 106m 5712 4164 S 1 0.5 0:00.50 smtpd
15702 postfix 20 0 52444 3252 2452 S 1 0.3 0:00.06 cleanup
4062 postfix 20 0 41884 3104 1788 S 0 0.3 125:26.01 qmgr
15683 root 20 0 51504 2780 2180 S 0 0.3 0:00.04 sshd
14595 postfix 20 0 52308 2548 2304 S 1 0.2 0:24.60 proxymap
15483 postfix 20 0 43380 2544 1992 S 0 0.2 0:00.38 smtp
15486 postfix 20 0 43380 2544 1992 S 0 0.2 0:00.36 smtp
15488 postfix 20 0 43380 2540 1992 S 0 0.2 0:00.38 smtp
15485 postfix 20 0 43380 2532 1984 S 0 0.2 0:00.36 smtp
15489 postfix 20 0 43380 2532 1984 S 0 0.2 0:00.40 smtp
Wasn't sure what Saslauthd is, Google says it handles plantext authentication. The machine has been sending a lot of email through postfix, so this could be related.
Anyone know why so many may have spun up? Are they safe to kill? Thanks!
I always thought that the return-path header was used for bounced messages, so I have my email newsletter software setup to unsubscribe anyone whose email address replies back to the return-path email address.
But recently some users started telling me their out-of-office replies where unsubscribing them. Do out-of-office replies get sent to the return-path on some email servers?
I could check all emails to that address and see if they have the "message/delivery-status" content-type in one of the parts, but I wasn't sure if this was necessary.
Is it possible for a database to be of one type (MyISAM) and the tables to be of another type (InnoDB) or is this a bug in phpMyAdmin?
It is showing exactly that. Picture Here http://www.startbreakingfree.com/wp-content/uploads/2009/11/Picture-10.png
I tried to verify the database type from the command but couldn't find the right command to show it. If the database is in fact MyISAM how can I change it to InnoDB?
Thank you!
I'm running an app at www.universitytutor.com which lets people find tutors. Most of the tutors are college students.
We send out a follow up email 2 weeks after someone contacts a tutor to ask how it went and currently 70% of them say the tutor never responded to their inquiry!
So I'm trying to figure out how we can improve the deliverability of emails to our tutors. We're running postfix on ubuntu. Here is all the stuff I've checked:
- The server IP (67.207.137.223) is not on any blacklists
- RDNS is configured correctly and resolves to a FQDN
- we have SPF records in place
- using DKIM signatures on outgoing emails
The volume is still pretty low (maybe 500 messages per day). And most of them are unique where one person contacted another with a specific inquiry, so it's not bulk mail. I've spot checked the messages going through the site (for tutoring jobs) and they are legitimate, warranting a response and a possible job for the tutor. I can't see any reason why they wouldn't respond if they had actually gotten the email.
All the tutors had to click a confirmation link in an email when they created their account so I KNOW they got at least one email from us. We also automatically take down tutor profiles when someone reports they didn't respond. So I don't think it's a situation that built up over time where most of the tutors have graduated and are now gone. 70% is too high to be explained just by that.
I've wondered if it could be something special with university email servers? Most of the tutors are college students and have .edu email addresses. Is there anything special to worry about here in terms of deliverability to .edu mail servers?
Or am I missing something else with my mail server configuration that is causing these messages to get lost in spam filters?
Let me know if there is any other info I can provide which might be helpful.
P.S. When sending test messages to myself from the site they always come through (Gmail shows a 'pass' in the headers for both SPF and DKIM). I've tested it with Gmail and Yahoo which both work but obviously I can't get an account on their .edu mail servers to see if it works there.
I got DKIM setup on my mail server (postfix and ubuntu) so it signs outgoing emails. I used these instructions: https://help.ubuntu.com/community/Postfix/DKIM
However, I need it to sign emails from any domain (in the From address) and not just my own. I'm building an email newsletter service and clients will be sending their own email through the server.
First I set "Domain *" in /etc/dkim-filter.conf. This got it to include the DKIM headers in all outgoing emails, no matter what the domain.
However, the verification check fails on gmail because it is checking the domain in the from address, and not my domain (and dns record). Does anyone know how to do this?
I want to improve deliverability for my outgoing emails with DKIM. I've gotten dkim-filter installed for postfix, using this tutorial https://help.ubuntu.com/community/Postfix/DKIM
It seems to be working, my /var/log/mail.log shows it starting:
Aug 10 18:34:13 mail dkim-filter[5284]: Sendmail DKIM Filter v2.8.2 starting (args: -x /etc/dkim-filter.conf -u dkim-filter -P /var/run/dkim-filter/dkim-filter.pid -p inet:8891@localhost)
However, no headers are being generated when I send email and I can't figure out why.
Here is my /etc/dkim-filter.conf https://gist.github.com/6dc92c7efc29aa45991f
And here's what I added to the bottom of /etc/postfix/main.cf
# DKIM
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
Any ideas? Thank you!
P.S. I have the DNS entry setup for it as well at feedmailpro.com (may still be propagating), but I assume it isn't even being checked without the headers in outgoing emails. Thanks!
This is related to this question:
linux - Ways to get a bounceback report for my newsletter application? - Server Fault
Let's say I'm generating email addresses like this when I send out newsletters to identify bounces and unsubscribe them from my newsletter: [email protected]
I assume I'd use this in the return-path, right?
Then how would I set it up in postfix to collect all these addresses prefixed with "bounce-" into one mailbox?
Finally, I've heard people mention a soft bounce vs. a hard bounce. Can someone explain the different and how they should be counted to know when to permanently remove someone from an email newsletter?