NANOG List Update - Moving Forward

Steve_Feldman4 · July 12, 2011, 2:00pm

We're aware of the spam problem and have our top people working on it.

Reports of other lingering issues from the change would be appreciated, though.

Thanks,
Steve

Ben_Carleton1 · July 12, 2011, 2:35pm

Steve,

I'm seeing the following issues, also as reported by others:

* No RFC 2369 headers means a fun time filtering and no unsubscribe info (maybe that one is on purpose? I kid!)
* The mailing list is stripping out all Received: headers from prior to the message hitting the listserver
* For me at least, messages seem to be delivered out of order - I received this message almost immediately, but messages from 2 hours ago are still making their way into my mailbox. This was not occurring before and it's not a problem with my mail provider.

Warm regards,
Ben

Jay_Ashworth · July 12, 2011, 4:13pm

You're the third person to report that, but *I* am seeing incoming Received
headers in my messages here -- yours, for example, has them all, even prior
to the message hitting s0.

Great name, there, BTW. "s0".

Cheers,
-- jra

Brian_Bruns · July 12, 2011, 4:23pm

Looks like parts of the received like are still there, though butchered and mashed in (most likely in a non-RFC compliant manner) with the one added by 'bulk_maler v1.13' (great name for the mailer, btw, sets off my spammy sense something fierce).

Received: from mail.amsl.com ([2001:1890:1112:1::14])
  by mail.sosdg.org with esmtp (Exim 4.72-SOSDG)
  id 1QgVBE-0001sm-Oh; Mon, 11 Jul 2011 23:06:46 -0600
Received: by c1a.amsl.com (Postfix, from userid 65534)
  id 005B01C39169; Mon, 11 Jul 2011 22:01:16 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
  by c1a.amsl.com (Postfix) with SMTP id F26731C39160;
  Mon, 11 Jul 2011 22:01:16 -0700 (PDT)
Received: by nanog.org (bulk_mailer v1.13); Mon, 11 Jul 2011 22:01:01 -0700
X-Virus-Scanned: amavisd-new at amsl.com
  by localhost (c1a.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
  with ESMTP id Yrl8e1RiNVz9 for <c5-22-1041@c1a.amsl.com>;
  Mon, 11 Jul 2011 22:01:00 -0700 (PDT)
  by c1a.amsl.com (Postfix) with ESMTPS id E2ED01C38FB6
  for <nanog@nanog.org>; Mon, 11 Jul 2011 22:00:59 -0700 (PDT)
  by s0.nanog.org with esmtp (Exim 4.72 (FreeBSD))
  (envelope-from <xxxxxxxxxxxxxxx>)
  id 1QgV5e-000MmM-OE
  for nanog@nanog.org; Tue, 12 Jul 2011 05:00:58 +0000
  (using TLSv1 with cipher AES128-SHA (128/128 bits))
  (No client certificate requested)
  by mail-in02.adhost.com (Postfix) with ESMTPS id 0691FCBCD35
  for <nanog@nanog.org>; Mon, 11 Jul 2011 22:00:58 -0700 (PDT)
  (envelope-from xxxxxxxxxxx)

Ben_Carleton1 · July 12, 2011, 4:25pm

Right, you should, because we are back on s0 (server zero?) and mailman. The headers were being suppressed by the AMSL servers, which are running that strange "bulk_mailer 1.13" software. If you inspect the headers for any of the messages that were forwarded to us from that server (the one that started the thread called "NANOG List Update - Moving Forward" from Michael K Smith, for example), you will see that the headers are being stripped...

--bc

Jared_Mauch · July 12, 2011, 4:37pm

You seem to be new here.

bulk_mailer was something used back in the day to workaround limitations in sendmail for those people operating majordomo (and those using smail etc). it broke the chunks into something that sendmail would then allocate multiple processes to. most other mail subsystems can handle the multiple-rcpts in different manners.

while it may 'feel' spammy to you, it's certainly not.

a simple google of "majordomo and bulk_mailer" should give you a good idea of what's going on.

there were a lot of other mail systems that served to help integrate and interoperate back in the day, including qmailer, smail, etc that all attempted to replace sendmail, including providing the uucp interaction necessary for those behind dialup.

either way, please try to keep the feedback off-list for now as we undergo this transition. It's hard to move a large list like this without trouble. I've been party to many such list moves in the past and they usually have all sorts of trouble.

admins@nanog.org is the right place for your feedback right now.

- Jared

Brian_Bruns · July 12, 2011, 5:05pm

You seem to be new here.

Since you asked, no, been around alot longer then I care to remember.

bulk_mailer was something used back in the day to workaround
limitations in sendmail for those people operating majordomo (and
those using smail etc). it broke the chunks into something that
sendmail would then allocate multiple processes to. most other mail
subsystems can handle the multiple-rcpts in different manners.

I actually was writing sendmail mc/cf files back in the 90s, and used to have a reasonably high traffic majordomo setup. Don't remember anything about bulk_mailer, but then again I stopped using majordomo around 10 years ago, so my memory may be going on stuff like that.

while it may 'feel' spammy to you, it's certainly not.

Hey, I call it as I see it. When you get to pour through spamtraps all day and evening looking at headers for common traits, yeah, things like 'bulk_mailer' stand out.

a simple google of "majordomo and bulk_mailer" should give you a good
idea of what's going on.

Googling generic terms is quite fruitless these days, esp when all the spammers like to call their products bulk mailers. But, thank you for pointing out the context it is used in.

I'm not the only one who expressed curiosity over this 'bulk_mailer' program, so please don't shoot me just cause I mentioned something about a pretty generic program name that throws up red flags whenever I see it.

ljb · July 13, 2011, 3:46am

Feeling a bit of Déjà vu as I deployed bulk_mailer for the NANOG
list back in November of 1996. It used sendmail+bulk_mailer
for delivery until March of 1999 when we transitioned to Postfix.
It was transitioned again in April 2008 to Exim and Mailman.
Unfortunately, my memory is a bit hazy on whether there were any
specific issues with bulk_mailer that caused the switch to Postfix.
My main concern with the bulk_mailer code is that it hasn't
been touched in over a decade -- ftp://cs.utk.edu/pub/moore/bulk_mailer

I've have some concerns with AMS based on my experience
with the IETF mailing list. It has had ongoing issues with
out-of-sequence delivery. Based on the Received headers, it's
seems pretty clear the re-ordering is occurring internal to the
AMS servers. It appears they may be trying something different
with the NANOG list as the IETF list does not employ bulk_mailer.

-Larry

Joel_Jaeggli · July 13, 2011, 4:50am

I've have some concerns with AMS based on my experience
with the IETF mailing list. It has had ongoing issues with
out-of-sequence delivery. Based on the Received headers, it's
seems pretty clear the re-ordering is occurring internal to the
AMS servers. It appears they may be trying something different
with the NANOG list as the IETF list does not employ bulk_mailer.

ietf.org is mailman and postfix.

ljb · July 13, 2011, 5:11am

>
> I've have some concerns with AMS based on my experience
> with the IETF mailing list. It has had ongoing issues with
> out-of-sequence delivery. Based on the Received headers, it's
> seems pretty clear the re-ordering is occurring internal to the
> AMS servers. It appears they may be trying something different
> with the NANOG list as the IETF list does not employ bulk_mailer.

ietf.org is mailman and postfix.

Right, should have mentioned that. Here's the Received headers
from a message yesterday that apparently had a 23 hour delay
internal to ietfa.amsl.org. You can also see it is out of sequence in
the IETF mailing list archives. There are some other recent emails
that were sent on July 8th and did not get delivered until Juth 11th.

-Larry

Received: from mail.ietf.org ([64.170.98.30])
  by sfpop-ironport04.merit.edu with ESMTP; 12 Jul 2011 11:06:29 -0400
Received: from ietfa.amsl.com (localhost [127.0.0.1])
  by ietfa.amsl.com (Postfix) with ESMTP id 7027F21F8CB4;
  Tue, 12 Jul 2011 08:06:29 -0700 (PDT)
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
  by ietfa.amsl.com (Postfix) with ESMTP id E4D7D21F8E58
  for <ietf@ietfa.amsl.com>; Mon, 11 Jul 2011 09:01:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.30])
  by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
  with ESMTP id TAHKv2903pQw for <ietf@ietfa.amsl.com>;
  Mon, 11 Jul 2011 09:01:31 -0700 (PDT)
Received: from nostrum.com (nostrum-pt.tunnel.tserv2.fmt.ipv6.he.net
  [IPv6:2001:470:1f03:267::2])
  by ietfa.amsl.com (Postfix) with ESMTP id CE6E321F8E4F
  for <ietf@ietf.org>; Mon, 11 Jul 2011 09:01:26 -0700 (PDT)
Received: from dn3-227.estacado.net (vicuna-alt.estacado.net [75.53.54.121])
  (authenticated bits=0)
  by nostrum.com (8.14.3/8.14.3) with ESMTP id p6BG1O4H054438
  (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO);
  Mon, 11 Jul 2011 11:01:25 -0500 (CDT) (envelope-from ben@nostrum.com)
Mime-Version: 1.0 (Apple Message framework v1084)
In-Reply-To: <AE447DE4-CD85-4386-9C97-2008524D2402@nist.gov>
Message-Id: <5BB77043-1674-4FD6-87CB-17DDC1CEEC1C@nostrum.com>

James_Cloos · July 13, 2011, 2:13pm

That is because they switched back to the mailman infrastructure, again,
after just a few hours on the bulk_mailer infrastructure.

Look for mail with an envelope from of help@nanog for the problematic ones.

-JimC

Suresh_Ramasubramani · July 13, 2011, 2:51pm

Unconfigured bulk_mailer = lots of unsolicited bulk mail

Oh well

--srs