Back to Home / #linode / 2020 / 01 / Prev Day | Next Day
#linode IRC Logs for 2020-01-24

---Logopened Fri Jan 24 00:00:25 2020
00:24-!-xtrWrithe [~xtrWrithe@00027ade.user.oftc.net] has quit [Read error: Connection reset by peer]
00:42-!-fstd [~fstd@xdsl-87-79-46-16.nc.de] has joined #linode
00:42-!-fstd is "fstd" on #oftc #linode #debian #kernelnewbies
00:42-!-fstd_ [~fstd@xdsl-87-79-46-16.nc.de] has quit [Remote host closed the connection]
01:54<linbot>New news from community: Error during creating Linode instance from the api <https://www.linode.com/community/questions/19351>
02:31-!-dsapikas [~dsapikas@ppp-94-69-228-65.home.otenet.gr] has joined #linode
02:31-!-dsapikas is "purple" on #linode
05:32-!-NomadJim_ [~Jim@2001:5b0:2d54:5818:55f7:2bfb:f1ec:b0fc] has joined #linode
05:32-!-NomadJim_ is "Nomad" on #debian #linode
05:40-!-NomadJim [~Jim@72.168.160.207] has quit [Ping timeout: 480 seconds]
05:56-!-saintdev [sid25343@00011f03.user.oftc.net] has quit []
05:56-!-saintdev [sid25343@00011f03.user.oftc.net] has joined #linode
05:56-!-saintdev is "Nathan Caldwell" on #linode
06:32-!-j_ [~oftc-webi@41.84.159.143.dyn.plus.net] has joined #linode
06:32-!-j_ is "OFTC WebIRC Client" on #linode
06:32-!-j_ [~oftc-webi@41.84.159.143.dyn.plus.net] has quit []
06:32-!-primitiv [~oftc-webi@107-179-235-132.cpe.teksavvy.com] has joined #linode
06:32-!-primitiv is "OFTC WebIRC Client" on #linode
06:33<primitiv>one of my wordpress sites is experiencing the same issue as before
06:33<primitiv>but its a different issue not related to selinux
06:33<primitiv>The authenticity of wordpress-5.3.2-new-bundled.zip could not be verified as no signature was found. Unpacking the update… Could not create directory. Installation Failed
06:33<primitiv>same thing with plugins
06:33<primitiv>audit log shows nothing this time
06:33<rsdehart>sounds like it could be a problem on wordpress's end
06:34<primitiv>i checked the site error log nothing there 2
06:37<primitiv>wwhere should it show an error in which log?
06:38<chonk>is this from a script?
06:38<primitiv>ahhhh was permissions issue this time
06:38<primitiv>did 775
06:38<primitiv>works now
06:38<rsdehart>that's... weird
06:38-!-chonk [~chonk@yeah.thats.gonna.be.a.nofromme.dog] has quit [Quit: POOF!]
06:39<primitiv>how so
06:39<rsdehart>maybe it was fixed on their end in the time it took you to do that
06:39<primitiv>i think i just did not have correct permissions
06:39<rsdehart>that wouldn't cause the error you posted
06:39<primitiv>as plugins n wordpress update did the same
06:39<primitiv>i mean the error did say couldnt create directory
06:40<rsdehart>oh
06:40<primitiv>that is 100% somrthing permission issues would afffect
06:40<rsdehart>I overlooked that part
06:40<rsdehart>the certificate would be on their end
06:40<primitiv>yes true but i think its all down to my issues that caused that as well
06:41-!-chonk [~chonk@yeah.thats.gonna.be.a.nofromme.dog] has joined #linode
06:41-!-chonk is "b" on #linode
06:41<rsdehart>ok I'm probably just dumb
06:43<primitiv>do you know how to debug emails not being sent by plugins, thats the last issue at hand for this site]
06:50<chonk>are the emails completely being dropped? like are they never leaving the server?
06:51<primitiv>https://bpaste.net/JAYA
06:52<primitiv>this is what happens when my wp site tries to send mail
06:52<primitiv>not entirely sure what im reading
06:52<primitiv> /usr/sbin/setsebool httpd_can_network_connect true woukd seLinux be the culprit again perhaps?
06:53<primitiv>seems like all mails for all site has stopped working
06:55<chonk>this log reads like gmail is rejecting your mail
06:55<linbot>New news from community: can't access tomcat homepage <https://www.linode.com/community/questions/19352>
06:55<chonk>You can try https://www.mail-tester.com/ for clues
06:55<primitiv>i dont see why gmail would reject the email
06:55<primitiv>it would go into spam if anything
06:56<primitiv>ok i did what the site recommended
06:57<chonk>what did the site recommend
06:57<primitiv>says i mnot fully authentcated
06:57<primitiv>it was able to receive the message at it shows the content isent
06:58<primitiv>You do not have a SPF record, please add the following one to your domain localhost.localdomain: v=spf1 a mx ip4:172.105.19.22 ~all
06:58<primitiv>would this be why?
06:58<primitiv>https://www.mail-tester.com/test-rs038rh0w
06:58<chonk>could be that gmail rejects mail from localhost.localdomain
06:58<hawk>Well, "your domain" being localhost.localdomain surely won't help anything
06:59<primitiv>yea that doesnt look right either
06:59<primitiv>mayeb something got changed
06:59<primitiv>what should it be
07:00<chonk><user>@domainyouaresendingmailfrom.tld
07:00<primitiv>and where do i change this?
07:00<chonk>wherever your mail plugin pulls that information from
07:00<primitiv>right now nothing sends mail
07:01<primitiv>its not just wordpress
07:01<primitiv>php mail() fails 2
07:01<primitiv>its a server issue i think
07:01<chonk>server issue?
07:01<primitiv>i sent the bpaste containing php mail logs
07:02<primitiv>that shows php mail is failing at some point
07:02<primitiv>doesnt matter on the app
07:02<chonk>sent it where?
07:03<primitiv>my gmail
07:03<chonk>you sent the bpaste of the php fail log to your gmail?
07:03<primitiv>no here
07:03<primitiv>above
07:03<primitiv>https://bpaste.net/JAYA
07:04<chonk>okay if it's this https://bpaste.net/JAYA then whatever you are using in PHP is calling sendmail
07:05<chonk>https://serverfault.com/questions/484777/how-to-configure-a-real-domain-name-for-sender-address
07:05<primitiv>https://bpaste.net/RGQQ
07:05<primitiv>heres another one sent to my business email
07:05<primitiv>gives different errors
07:05<chonk>indeed
07:06<primitiv>im using mail()
07:07<chonk>it might be good to focus on one issue at a time and debug from there
07:07<primitiv>https://bpaste.net/KLEQ
07:07<chonk>for example, your logs show that sendmail is trying to send mail with localhost.localdomain in the FROM field
07:07<primitiv>so this is my hosst file
07:07<primitiv>im not sure where to put my domain on which line
07:07<primitiv>is it the first one?
07:11<primitiv>i tried changing it but now mail doersnt send at all
07:14<primitiv>Jan 24 12:13:53 localhost sendmail[29942]: 00OCDrBl029940: 00OCDrBl029942: DSN: Host unknown (Name server: primitiv.medi: host not found)
07:16<primitiv>i dont know where this typo is coming from
07:16<primitiv>any idea, i think thats my issue
07:22<chonk>have you confirmed that you can send to other places yet?
07:23<primitiv>i already said i cannot send mai lanyewhre
07:24<chonk>okay but the issue you are having with the hostname being truncated is unrelated to your previous issue
07:24<chonk>of not being able to send email to anywhere
07:24<primitiv>so which do i focus one first
07:24<chonk>so i would first figure out why you can't send mail and then figure out why the hostname is being truncated
07:30<primitiv>how do i do that
07:30<primitiv>i get different error messages depending who is end it to
07:31<chonk>do you still get the 5.0.0 Service Unavailable message when sending to gmail?
07:32<rsdehart>500
07:32<rsdehart>?
07:32<rsdehart>sorry disregard
07:32<primitiv>https://bpaste.net/CS7Q
07:32<primitiv>Ok i made a typo in my php file, fixed that
07:33<primitiv>this is the error i get when sending to my business
07:33<primitiv>this is error for gmail
07:33<chonk>okay you are still sending mail from localhost.localdomain
07:33<primitiv>https://bpaste.net/26JA
07:33<primitiv>seems both erors match now which is good
07:34<primitiv>both bpaste**
07:34<primitiv>friedchicken@localhost.localdomain yes
07:34<primitiv>idk how to change it
07:35<chonk>this might help: https://www.linode.com/community/questions/11262/email-being-sent-from-php-mail-from-address
07:35<primitiv>OK changed that
07:35<primitiv>https://bpaste.net/DJHA
07:35<primitiv>friedchicken@primitiv.media
07:35<primitiv>so that should be Ok now\
07:35<primitiv>i think its just dns now
07:37-!-DrJ [~asdf@li1303-21.members.linode.com] has quit []
07:43<primitiv>that link didnt help :(
07:43<chonk>okay well you've fixed the hostname issue, now you have to figure out why servers are straight up rejecting your mail
07:45<primitiv>yes that seems to be the case
07:45<primitiv>idk what to look for tho not too experienced with the issue
07:47<chonk>try sending mail manually from the terminal with the 'sendmail' command with all of the required fields set and in verbose mode -- you might get more information about why gmail is rejecting your mail
07:48<chonk>also from your last paste https://bpaste.net/DJHA gmail is trying to send an email back with an error messages but it errors out likely because the user "friedchicken" doesn't exist at whatever mail relay you are using
07:48<chonk>which looks like hover in this case
07:48<chonk>dig MX primitiv.media +short
07:48<chonk>10 mx.hover.com.cust.hostedemail.com
07:50<primitiv>you want me to run dig?
07:50<chonk>no i just ran dig
07:50<chonk>the mail server for your domain name is mx.hover.com.cust.hostedemail.com
07:50<chonk>the robots at google were trying to send you a message at friedchicken@primitiv.media but it failed
07:51<chonk>i am speculating, but it's probably because there is no user "friedchicken" at that mail address
07:55<primitiv>that couldb e true
07:55<primitiv>how do i create one?
07:55<primitiv>wait
07:55<primitiv>user friedchicken does exist
07:56<chonk>ah i misread, that wasn't google trying to send you an error message
07:56<chonk>did you tried to send to your own email?
07:56<chonk>did you try*
07:57<primitiv>what d oyou mean\
07:58<chonk>nevermind -- i misread your logs
07:58<chonk>anywho i would try sending mail manually with the verbose flag set
08:01<chonk>you could literally do echo "Subject: this is a test" | sendmail -v <myusername>@gmail.com>
08:14<primitiv>let me try
08:14<primitiv>bash: syntax error near unexpected token `newline'
08:14<primitiv>is what i get when i try that command
08:16<chonk>did you type it out or did you copy paste
08:16<primitiv>"Subject: this is a test" | sendmail -v <nicolasmontigny95>@gmail.com>
08:16<primitiv>this is what i ran
08:16<primitiv>\i di copy n paste then change the email
08:16<chonk>you dropped the echo
08:16<primitiv>lol
08:16<chonk>you also do not need the < >
08:17<primitiv>https://bpaste.net/YW7Q
08:18<chonk>groovy, do you see the email in your inbox or spam folder?
08:18<primitiv>no where to be found
08:19<chonk>oh wait
08:19<chonk>derp this is just the connection status from the local sendmail instance
08:21<chonk>welp -- you should be able to find the whole message at wherever sendmail is keeping logs or wherever your local mail is stored
08:22<primitiv>like spool folder?
08:25<chonk>maybe? i don't manually use sendmail or php mail so i have no idea
08:25<chonk>could be in /var/spool/ or /var/log/mail etc
08:25<primitiv>i see freidchciken
08:25<primitiv>but it doesnt show all messages sent
08:25<primitiv>i sent one 2 mins ago
08:26<primitiv>it doesnt have any messages for that one, is that good or bad?
08:26<chonk>i think /var/spool/$USER is messages received
08:26<chonk>i could be wrong though
08:26<primitiv>i think youre right
08:36<@bbigger>!point cews
08:36<linbot>bbigger: Point given to cews. (1)
08:36<primitiv>https://bpaste.net/ZI6A]i found this but idk what it means
08:36<primitiv>!point cews
08:37<linbot>primitiv: Point given to cews. (2)
08:42<chonk>bingo!
08:42<chonk>lines 56 - 61
08:43<chonk>well thats still from one of the messages sent from localhost.localdomain
08:44<chonk>but the info is still relevant
08:44<primitiv>do uthink thats the issue?
08:44<chonk>i guess gmail straight up rejects messages without an AAAA and an PTR (reverse DNS record) if sending over IPv6
08:44<chonk>s/an PTR/a PTR/
08:45<primitiv>do u know how to fix this idk what any of this means lol
08:45<primitiv>besides ipv6
08:45<chonk>https://www.linode.com/docs/networking/dns/configure-your-linode-for-reverse-dns/
08:46<chonk>https://www.linode.com/docs/networking/dns/dns-records-an-introduction/
08:46<primitiv>mmm but ive never had to do this before
08:46<primitiv>and its not just gmail affected
08:46<primitiv>i dont think i should be required to do this tbh
08:46<chonk>well i guess if you've never had to do that before you should probably just ignore that very specific error message
08:47<primitiv>well what would explain that all of a sudden i get this?
08:47<primitiv>it wsnt trigerred before
08:56<primitiv>will i need to do anything prior to the reverse dns
08:56<primitiv>or can i just go straight into it
09:08-!-anomie [~anomie@00018802.user.oftc.net] has joined #linode
09:08-!-anomie is "Anomie" on #linode
09:15<primitiv>am i setting it for ipv6 or ipv4
09:20-!-T_Ro111 [~T_Ro@114.124.196.194] has joined #linode
09:20-!-T_Ro111 is "T_Ro" on #linode
09:20-!-eyepulp [~eyepulp@107.152.3.83] has joined #linode
09:20-!-eyepulp is "eyepulp" on #linode
09:25-!-andrew__ [~oftc-webi@pool-72-93-59-197.bstnma.east.verizon.net] has joined #linode
09:25-!-andrew__ is "OFTC WebIRC Client" on #linode
09:31-!-andrew__ [~oftc-webi@pool-72-93-59-197.bstnma.east.verizon.net] has quit [Quit: Page closed]
09:40-!-primitiv [~oftc-webi@107-179-235-132.cpe.teksavvy.com] has quit [Quit: Page closed]
09:41<cews>/21/28
09:41<cews>epic
09:41<cews>o7
10:08-!-tux0r [~tux0r@host-64-47-44-1.masergy.com] has joined #linode
10:08-!-tux0r is "realname" on #linode #linux #debian
10:08-!-tux0r [~tux0r@host-64-47-44-1.masergy.com] has quit []
10:35-!-theckman [sid295081@2001:67c:2f08:5::4:80a9] has quit []
10:35-!-theckman [sid295081@id-295081.charlton.irccloud.com] has joined #linode
10:35-!-theckman is "Tim Heckman" on #linode
10:50-!-avril [wha@00028d51.user.oftc.net] has quit []
10:59-!-avril [wha@ivana.humpalot.org] has joined #linode
10:59-!-avril is "..." on #tor-bots #moocows #linode
11:20<linbot>New news from blog: DDoS: An Additional Layer of Security from Linode <https://www.linode.com/2020/01/24/ddos-an-additional-layer-of-security-from-linode/>
11:34<cews>LINODE <3
11:38<nate>It's a nice concept but with as automated as it is I worry about possible false positives :P
11:39<millisa>False positives is my primary concern. I have several sites here that get celeb mentions and a good social media spike can be indistinguishable from a ddos
11:41<millisa>(I'm not that concerned about them getting it wrong, but would like more info on how it is making the decision)
11:44<cews>I believe CF is used
11:46<millisa>I'll wager that its been in place for X weeks and if a problem hasn't been noticed, then it's all fine
11:50-!-Shentino [~desktop@96-41-208-125.dhcp.elbg.wa.charter.com] has joined #linode
11:50-!-Shentino is "realname" on #qemu #mm #linode #tux3
11:50<cews>"using machine learning"
11:51<millisa>"see, we've got this perl script..."
11:51<cews>Linode’s advanced DDoS protection has the capacity to withstand attacks larger than any seen in the industry to date,
11:51<cews>That is some, statement
11:52<cews>applying real-time behavioral algorithms that detect and block volumetric traffic before it reaches a customer’s infrastructure.
11:54-!-Shentino_ [~desktop@96-41-208-125.dhcp.elbg.wa.charter.com] has quit [Ping timeout: 480 seconds]
12:04<@mcintosh>cews: our DDoS protection is not backed by cloudflare
12:05<cews>That is pretty neat
12:06<@mcintosh>millisa: i'm not aware of any false positives (and has been in-place long enough that I feel confident saying you don't need to worry about it ;))
12:07<millisa>figured that was the case (had one of those celeb things 7 days ago, and it was happily pointing out how I should have switched to a dedicated cpu already)
12:11<chesty>hmmm, I see it has got NGN, ML and AI, but I can't see blockchain mentioned. where does blockchain fit into the layer?
12:11<millisa>it's what's moving the boxes in the 3 factorio-esque images
12:18-!-dsapikas [~dsapikas@ppp-94-69-228-65.home.otenet.gr] has quit [Ping timeout: 480 seconds]
12:32-!-T_Ro111 [~T_Ro@114.124.196.194] has quit [Quit: Nettalk6 - www.ntalk.de]
12:37-!-dmonschein [~dmonschei@00020eb4.user.oftc.net] has quit [Quit: WeeChat 1.9.1]
13:54-!-jsnadeau [~jsnadeau@107.159.18.208] has joined #linode
13:54-!-jsnadeau is "jsnadeau-user" on #linode
14:14<Zr40>chesty: back in the day you'd call all of that 'fuzzy logic'
14:19<chesty>I heard of fuzzy logic back in the day. also protocol analysers which where basically industrial laptops running dos with an isa ethernet card, before laptops were common, had "smart chips" or something similar
14:22-!-primitiv [~oftc-webi@107-179-235-132.cpe.teksavvy.com] has joined #linode
14:22-!-primitiv is "OFTC WebIRC Client" on #linode
14:22-!-jsnadeau [~jsnadeau@107.159.18.208] has quit [Quit: jsnadeau]
14:24<primitiv>still unable to fix my mail issue :(
14:26<chesty>I used to work in a small team in a government department, and we had a rival team, same government, different department. One day we got this new ethernet analyser, it was a lot of fun, I really impressed with the tech. the rival team said it wasn't very good because it didn't have a smart chip. much later I realised it was a portable 386 computer
14:26<chesty>running dos and while very useful, wasn't any better tcpdump. it just had menus instead of command line switches.
14:26<chesty>primitiv, what's your mail issue?
14:28<chesty>getting email accepted as legit and not blackholed as spam?
14:38<primitiv>my bpastes should still be up there
14:38<primitiv>sendmail not working on my server
14:38<primitiv>no email can be sent with mail() php
14:39<millisa>Use a valid from address. Use a valid from address in the envelope. The domain used in the from addresses should be listed as allowed in your SPF. Use a valid A record for the server that matches the reverse (ptr) record for the IP. Use that same name in the helo/ehlo string. You're not doing a number of those.
14:39<millisa>maybe even all of those looking at some of those bpastes
14:40-!-dmonschein [~dmonschei@00020eb4.user.oftc.net] has joined #linode
14:40-!-dmonschein is "dmonschein" on @#linode-notifications #ceph-dashboard #ceph-devel #ceph #linode
14:40-!-mode/#linode [+o dmonschein] by ChanServ
14:40<primitiv>but i never had issues before
14:40<primitiv>so i refuse to setup reverse dns
14:40<millisa>irrelevant
14:40<primitiv>it wasnt needed before
14:42<millisa>what google (and many other providers) finds acceptable is becoming more stringent. but that earlier mail likely wouldn't be accepted by anyone with any type of spam scanning
14:43<millisa>from 'nginx@localhost.localdomain' for both the from and envelope from? that's going to not be accepted or at best marked as spam 99.(add lots of 9's) percent of the time
14:44<millisa>assuming you set it to valid from address for both the from and envelope, you still need to address spf. which if it's the site mentioned in the msgid, they have an spf record that includes no linode addresses and ends in -all. so when you fix the from addresses, you still need to fix the spf record to include the linode that is trying to send
14:45<primitiv>it worked with wordpress etc before
14:45<primitiv>from address should b fixed
14:45<millisa>irrelevant
14:45<primitiv>its sending from my domain
14:46<millisa>the forward-reverse-ehlo always applies - if they don't match up, most places will just mark what you're sending as junk if they accept it at all. that isn't new; it's been that way for nearly a decade
14:46<millisa>linode doesn't even open the mail port for new customers if they don't do that bare minimum
14:48<millisa>(see https://www.linode.com/docs/email/running-a-mail-server/#sending-email-on-linode if you want proof out of their docs)
14:48<primitiv>ok and am i doing reverse dns on my ipv4 or ipv6
14:48<millisa>both is good. https://media.giphy.com/media/3o7aCRloybJlXpNjSU/giphy.gif
14:49<millisa>if you don't send via ipv6, that won't matter (but that earlier attempt to gmail appeared to try to use ipv6)
14:51<primitiv>im not running my own mail server tho
14:51<primitiv>thats not what im trying to do
14:51<millisa>your web server sends mail. it is a mail server
14:51<millisa>if your webserver submitted mail to someone else's server, then it isn't a mail server, it is a mail client
14:51<primitiv>sure
14:51<dzho>"submitted"
14:52<primitiv>im not setting up an spam filter n all that seems like the link u sent has a lot of steps that dont apply
14:52<dzho>is that a technical distinction between a MUA and a MTA
14:53<millisa>nah, it's a badly worded statement.
14:54<dzho>fair enough
14:55<millisa>primitiv: the link I sent was more about the bit that even linode requires you to do a valid A record and corresponding reverse before they open up the ability to send out on the mail ports
14:55<millisa>it was to counter your argument about not wanting to setup a reverse
14:57<primitiv>you think reverse dns is better?
14:57<millisa>better than what?
14:58<primitiv>required **
14:58<millisa>in 2020, yes. at least if you want mail to be accepted reliably and when it is, have some chance of not being marked spam or put in junk
14:59<primitiv>my ipv4 shows something underr ipv4
14:59<primitiv>do i need to do it again or just ipv6
14:59<primitiv>under reverse dns****
14:59<millisa>when setting a reverse ,you do it once for each ipv4, one for each ipv6
14:59<primitiv>ive never done it but under the column inside linode i see a value for reverse dns
14:59<primitiv>is that normal?
14:59<millisa>assuming it hasn't changed it'll say something like 'found this A record for this ip' or 'found this AAAA record for this IP' and ask if you want to set it as the reverse.
15:00<millisa>you can check your reverse with dig. dig -x youriphere
15:00<primitiv>dig -x youriphere
15:00<primitiv>do i need to instal ldig first on my linode
15:00<millisa>if you don't have it, it's a useful tool to have around
15:01<millisa>if it's a centos system - yum install bind-utils
15:01<primitiv>ok i am going to get a shot then i shall be back to test the reverse dns
15:01<millisa>ubuntu i *think* it's dnsutils that has it
15:02<millisa>you'll want to provide a fresh set of logs/example if it's still not working after you fix the sender from, envelope from, reverse/forward/helo-ehlo
15:03<primitiv>will u b around later?
15:03<millisa>doing monthly patches tonight, so probably
15:04<primitiv>sounds like fun times
15:09-!-primitiv [~oftc-webi@107-179-235-132.cpe.teksavvy.com] has quit [Remote host closed the connection]
15:31-!-jfred9 [~jfred@li652-25.members.linode.com] has quit [Remote host closed the connection]
15:40-!-jfred9 [~jfred@li1922-83.members.linode.com] has joined #linode
15:40-!-jfred9 is "Jonathan Frederickson" on #linode
16:11-!-jsnadeau [~jsnadeau@107.159.18.208] has joined #linode
16:11-!-jsnadeau is "jsnadeau-user" on #linode
16:12-!-jfred9 is now known as jfred
16:24-!-anomie [~anomie@00018802.user.oftc.net] has quit [Quit: Leaving]
16:59-!-jsnadeau [~jsnadeau@107.159.18.208] has quit [Quit: jsnadeau]
18:12-!-Netsplit charon.oftc.net <-> liquid.oftc.net quits: TonyL, Spydar007, Hazelesque, phyber
18:12-!-Netsplit over, joins: Spydar007, TonyL, Hazelesque, phyber
18:13-!-fstd_ [~fstd@xdsl-85-197-61-212.nc.de] has joined #linode
18:13-!-fstd_ is "fstd" on #oftc #linode #debian #kernelnewbies
18:17<linbot>New news from community: My game says cannot reach the server <https://www.linode.com/community/questions/19353>
18:21-!-fstd [~fstd@xdsl-87-79-46-16.nc.de] has quit [Ping timeout: 480 seconds]
18:21<FluffyFoxeh>dnsutils is correct, yes
18:22-!-Netsplit charon.oftc.net <-> liquid.oftc.net quits: TonyL, Spydar007, Hazelesque, phyber
18:26-!-Hazelesque [~hazel@phobos.hazelesque.uk] has joined #linode
18:26-!-Spydar007 [spydar007@spydar007.user.oftc.net] has joined #linode
18:26-!-phyber [phyber@000207f2.user.oftc.net] has joined #linode
18:26-!-TonyL [~Tony@000207d6.user.oftc.net] has joined #linode
18:32-!-dsapikas [~dsapikas@ppp-94-69-228-65.home.otenet.gr] has joined #linode
18:32-!-dsapikas is "purple" on #linode
18:34<nyancat>Thanks for making DDOS protection a thing!!!
18:37<linbot>New news from community: PVC limits on LKE <https://www.linode.com/community/questions/19354>
18:38-!-Netsplit charon.oftc.net <-> liquid.oftc.net quits: phyber, Spydar007, TonyL, Hazelesque
18:39-!-Netsplit over, joins: Spydar007, TonyL, Hazelesque, phyber
18:39-!-joecool|mobile is now known as joecool
18:57-!-|GIG [~MYOB@158.115.253.31] has joined #linode
18:57-!-|GIG is "J" on #linode #moocows
19:07-!-Winckle0 [~winckle@cpc110907-live30-2-0-cust103.17-2.cable.virginm.net] has joined #linode
19:07-!-Winckle0 is "The Lounge User" on #linode
19:07-!-Winckle [~winckle@cpc110907-live30-2-0-cust103.17-2.cable.virginm.net] has quit [Read error: Connection reset by peer]
19:07-!-Winckle0 is now known as Winckle
19:16-!-eyepulp [~eyepulp@107.152.3.83] has quit [Remote host closed the connection]
19:20-!-|GIG-1 [~MYOB@158.115.253.31] has joined #linode
19:20-!-|GIG-1 is "J" on #moocows #linode
19:20-!-|GIG [~MYOB@158.115.253.31] has quit [Remote host closed the connection]
19:20-!-|GIG-1 [~MYOB@158.115.253.31] has quit []
19:20-!-|GIG [~MYOB@158.115.253.31] has joined #linode
19:20-!-|GIG is "J" on #linode #moocows
20:02-!-chesty [~chesty@li2087-83.members.linode.com] has quit [Quit: the ting go skrra]
20:02-!-chesty [~chesty@li2087-83.members.linode.com] has joined #linode
20:02-!-chesty is "chesty" on #moocows #linode #debian
20:15-!-dsapikas [~dsapikas@ppp-94-69-228-65.home.otenet.gr] has quit [Ping timeout: 480 seconds]
21:10-!-primitiv [~oftc-webi@107-179-235-132.cpe.teksavvy.com] has joined #linode
21:10-!-primitiv is "OFTC WebIRC Client" on #linode
21:11<primitiv>hey im trying to setup reverse dns but it says my doamin isnt good
21:11<primitiv>Reverse DNS must have a matching forward entry
21:11<millisa>do you have the matching forward entry?
21:11<primitiv>an A record yes?
21:11<primitiv>pointing to my IP
21:11<millisa>what is it?
21:11<primitiv>my ip?
21:11<primitiv>172.105.19.22
21:11<millisa>and the A record?
21:11<primitiv>primitiv.media
21:14<millisa>so when you goto the networking tab of the linode, and click on the '...' next to the IP and choose 'edit rdns' and get the edit reverse dns window - you are tryping 'primitiv.media' in the box and hitting save?
21:14<primitiv>it works for my ipv4
21:14<primitiv>it accepted
21:14<primitiv>but not ipv6
21:14<Peng_>!dns6 primitiv.media
21:14<linbot>Peng_: 172.105.19.22 [AD=0]
21:14<Peng_>You don't have an AAAA record.
21:14<primitiv>only A
21:14<primitiv>do i need AAAA
21:14<primitiv>as well
21:14<millisa>if you want the ipv6 reverse
21:15<primitiv>i never set an AAAA record
21:15<primitiv>do i put either @ or www
21:15<primitiv>for hostname
21:16<primitiv>so now thats done, do i try sending mail?
21:16<millisa>dont see the aaaa record
21:17<primitiv>what about now
21:17<millisa>i see it at your provider with 900s ttl.
21:17<primitiv> 2600:3c04::f03c:91ff:fec1:903f is my ipv6
21:18<millisa>that's what I see if I ask your nameservers. my linode I was testing from still has the nxdomain cached
21:18<millisa>did the linode UI let you set the rdns for the ipv6 address?
21:18<primitiv>yes
21:18<primitiv>err no nvm
21:18<primitiv>it didnt
21:19<millisa>(i don't see the ipv4 reverse yet either)
21:19<primitiv>my ipv4 i just changed it, fro mthe default entry
21:19<primitiv>so that might just need to propagate
21:19<millisa>well, I mean, I *do* see a record, but it's the default li####-##.members.linode.com record still
21:19<primitiv>thats what it was yes
21:20<primitiv>so just propagation
21:20<millisa>and your mail server; it looked like sendmail, it's saying it's name is 'primitiv.media' when it does its greeting?
21:20<primitiv>how do i check
21:20<millisa>telnet to port 25 locally and say 'ehlo'. or 'helo'
21:21<primitiv>i dont use telnet
21:21<primitiv>can i do it from putty
21:22<primitiv>what command do irun
21:22<primitiv>im inside in in my windows
21:22<millisa>do you have port 25 open on your linode to your windows machine?
21:22<primitiv>not sure
21:23<primitiv>also i have 2 ipv6 address is that normal?
21:24-!-Shentino [~desktop@96-41-208-125.dhcp.elbg.wa.charter.com] has quit [Ping timeout: 480 seconds]
21:24-!-Shentino [~desktop@96-41-208-125.dhcp.elbg.wa.charter.com] has joined #linode
21:24-!-Shentino is "realname" on #tux3 #linode #mm #qemu
21:25<primitiv>it finally accepted it
21:25<primitiv>do u see them now????
21:26<millisa>i don't, but i'm probably seeing cached info at this point
21:26<primitiv>assuming its set now
21:26<millisa>if the manager says you've got them set, then it'll get them updated
21:26<primitiv>whats my next step
21:26<millisa>make sure sendmail is using that same name when it talks to other servers.
21:27<millisa>the easiest way i know to do that is to telnet to port 25 from the shell on the system and look what it says in the greeting
21:27<millisa>it should also give it if you send a 'ehlo server'
21:27<primitiv>https://bpaste.net/
21:27<primitiv>heres what the logs show after i run the coe below the ---
21:27<primitiv>code*
21:28<primitiv>https://bpaste.net/VWKA
21:28<primitiv>sorry
21:30<millisa>the domain in your from address would need to have an spf record that includes your linode's ip
21:30<primitiv>spf?
21:30<primitiv>thats not an option
21:30<millisa>your test says "this is a mail from someone at primitiv.media" - the primitiv.media spf record says "mailgun is ok! meh to the rest"
21:32<primitiv>whats the content of my spf record
21:32<millisa>however, line3 seems to indicate that google accepted that mail
21:32<millisa>dig -t txt primitiv.media <--- that would show you your txt records which spf will be one of 'em
21:33<millisa>oh. line3 is your local system accepting it
21:33<primitiv>yum install dig doesnt work
21:34<millisa>bind-util is the name of the package on centos.
21:34<millisa>er, bind-utils
21:35<primitiv>primitiv.media. 585 IN TXT "v=spf1 include:mailgun.org ~all
21:35<primitiv>is this what i need?
21:35<millisa>that's your spf record. it only has mailgun listed as a valid sender for your domain. it ends in ~all which means 'dont take this as authoritative' but lots of places do anyways
21:36<millisa>that record is likely causing issues for you sending from your regular mail provider, too
21:36<primitiv>so should iadd it or rectify it first
21:36<primitiv>also wouldi inluce the " or no
21:37<millisa>usually you want to have anything in your spf that reasonably would send mail for you or on behalf of you
21:37<primitiv>s that works then?
21:38<primitiv>what do i put for hostname for my spf record
21:38<millisa>a record often will look like: v=spf1 a mx include:someotherpeoplelikemailgun include:maybeyourmailprovider ip4:123.45.67.89 ip6:2001:1234:1234::yadda ~all
21:38<millisa>mxtoolbox has a good tool that breaks down an spf
21:39<millisa>or used to...
21:39<primitiv>would it be either @ or www ?
21:39<millisa>https://mxtoolbox.com/SuperTool.aspx?action=spf%3aprimtiv.media&run=networktools
21:39<millisa>oops
21:39<millisa>https://mxtoolbox.com/SuperTool.aspx?action=spf%3aprimitiv.media&run=networktools
21:40<primitiv>what am i looking for her
21:40<millisa>assuming 'primitiv.media' points at this specific host, just adding the 'a' in there is probably good enough
21:41<primitiv>ok added the spf record
21:41<millisa>(though you *should* add your mail providers info in there too)
21:41<primitiv>YESSSSSSS
21:42<primitiv>it went to my pam folder
21:42<primitiv>spam***
21:43<millisa>it's going to keep ending up in spam until your spf is fixed and those reverses propagate
21:43<millisa>i mean, it could end up in spam even if you fix all those things
21:43<primitiv>so how do i fix my spf again?
21:43<millisa>your spf should contain anyone that sends mail for your domain.
21:43<primitiv>like the domains?
21:43<primitiv>of the websites
21:44<millisa>your mail provider, 3rd party mailers, your webservers if they mail directly
21:44<primitiv>okay and do i do seperate include or all one with commas
21:44<millisa>right now the only thing your spf record says is a good source of mail is mailgun
21:45<primitiv>so my php file works to get into spam
21:45<primitiv>my other sites still cannot send tho
21:45<millisa>a record typically looks like v=spf1 goodsource1 goodsource2 goodsource3 etc ~all (or -all if you are sure about all the sources)
21:45<primitiv>https://bpaste.net/KH3Q
21:46<primitiv>this is the code used on my personal site that doesnt trigger
21:46<primitiv>so i wouldnt need the inlucde at all then?
21:47<millisa>I don't follow the question
21:47<primitiv>in your spf example
21:47<primitiv>you did not use include
21:47<primitiv>my spf has it
21:47<millisa>goodsource1 could be 'a' or 'mx' or 'ip4:123.45.67.89' or 'ip6:2600:yaddayadda' or 'include:someotherprovidersrecord.tld'
21:48<primitiv>v=spf1 include:bnicolasmontigny.com include:grinsgo.com ~all
21:48<primitiv>like this?
21:48<primitiv>minus the typo
21:48<millisa>it's not unusual to see a record with 'a mx include:3rdpartymailer.tld include:mymailproviderspf.tld ip4:123.45.67.89 -all'
21:49<millisa>your spf record is just about who can send for your domain. an spf for primitiv.media is what other mail servers will lookup to see 'who is allowed to send mail that looks as if it comes from primitiv.media'
21:50<primitiv>ohh my personal one goes to spam now
21:50<primitiv>im confused
21:50<primitiv>v=spf1 include:bnicolasmontigny.com include:grinsgo.com ~all
21:50<primitiv>is this correct?
21:50<millisa>probably not
21:51<primitiv>ok all sites going to spam
21:51<primitiv>if we can work on that i'll be happy
21:51<primitiv>so far tho !point millisa
21:52<primitiv>oh
21:52<primitiv>!point millisa
21:52<linbot>primitiv: Point given to millisa. (122) (Biggest fan: mcintosh, total: 18)
21:52<millisa>well, start by adding an 'a' or 'ip4:172.105.19.22' to your existing spf
21:52<millisa>right now you have this: v=spf1 include:mailgun.org ~all
21:53<millisa>change it to: v=spf1 a include:mailgun.org ip4:172.105.19.22 ~all
21:53<primitiv>i dont use mailgun with my server
21:53<primitiv>can i remove that?
21:53<millisa>(the 'a' and ip4 bit are redundant in this specific case, but it may help you see how it works). it's still technically not right (you don't have your actual mail servers listed so your regular mail client mail (outlook, macmail, whatever) is going to end up in spam)
21:54<millisa>if you don't use mailgun to send mail that looks like it comes from '@primitiv.media' then, sure, remove it
21:54<primitiv>receiving mail servers u mean?
21:55<primitiv>if we can egt nicolasmontigny.com to not go to spam
21:55<primitiv>i should be able to apply it to other domains
21:56<millisa>that domain doesn't appear to have an spf record
21:57<primitiv>i dont think it does
21:57<primitiv>does every domain pointed towards my domain need an spf record to not go to spam when sending?
21:58<millisa>not necessarily. gmail seems to treat mail more favorably if you have an spf record that passes for the from address
21:58<primitiv>so what should i be doing
21:58<millisa>creating an spf record that includes your mail provider and any place that could generate mail that looks like it comes from @nicolasmontigny.com
21:59<primitiv>mail provider meaning what
21:59<primitiv>the receiving provider or the one sending it?
21:59<primitiv>because its always php sending
21:59<millisa>you don't use outlook or macmail or some other mail client to send/receive mail on that domain name?
22:00<primitiv>idont use my server no
22:00<primitiv>i have hover for my mailboxes and connect that to outlook
22:00<primitiv>so would it b outlook?
22:00<millisa>do you send mail from hover from a @nicolasmontigny.com address?
22:00<primitiv>oh no
22:00<primitiv>i dont have any emaisl with that domain
22:00<primitiv>only primitiv.media
22:01<millisa>an spf record is for letting other mail servers lookup "what is a valid source for mail for your domain"
22:01<millisa>if the only legitimate place that mail could come from is your webserver, then only put that webserver in your spf record.
22:03<primitiv>and that should help?
22:03<millisa>it can
22:03<millisa>it gives some assurance to the recipient mail server "hey this mail came from somewhere that the owner of the domain said is where it should have come from"
22:04<primitiv>still goes to spam tho...
22:04<primitiv>even wordpress emails
22:05<millisa>most of the things you are fixing have TTL's that wrong info will be cached
22:05<millisa>and again, you can have a good spf that passes for this mail, a good forward/reverse/greeting and have done everything right and it doesn't mean your stuff can't end up in spam for other reasons.
22:06<millisa>how a provider decides to weight things is completely up to them
22:06<primitiv>true, important part is being able to send email
22:06<primitiv>appreciate the help as always
22:06<millisa>some providers will give you info in the headers no why it put something in spam
22:11-!-primitiv [~oftc-webi@107-179-235-132.cpe.teksavvy.com] has quit [Quit: Page closed]
22:15<millisa>!boo millisa
22:15<linbot>millisa: Point taken from millisa! (121)
22:15<millisa>diesel's going to end up in the gas tank.
22:27-!-primitiv [~oftc-webi@107-179-235-132.cpe.teksavvy.com] has joined #linode
22:27-!-primitiv is "OFTC WebIRC Client" on #linode
22:28<primitiv>https://www.mail-tester.com/test-ffeq4gjfh&reloaded=1?fbclid=IwAR1OQIlTdYtGyUbZeXPaeWViU2NkZg0ERvZovhMM13dYbuTnWrxiZunsgAY
22:28<millisa>you see the bit about having multiple spf records?
22:29<primitiv>i did but cannot find it anymore
22:29<millisa> dig -t txt primitiv.media <---that should show it
22:29<millisa>interestingly, they give you the dig commands. nice of them
22:29<primitiv> ;; ANSWER SECTION: primitiv.media. 900 IN TXT "v=spf1 a ip4:172.105.19.22 ~all " primitiv.media. 300 IN TXT "v=spf1 include:mailgun.org ~all
22:30<millisa>check your dns, you've got 2
22:30<primitiv> etc/hosts you mean
22:30<primitiv>?
22:30<millisa>at your dns provider. looks like hover
22:31<primitiv>ahh ok removed that
22:32<millisa>if you wanted to check to see if hover has actually done the removal, you can make dig request a specific nameserver: dig -t txt primitiv.media @ns1.hover.com
22:33<millisa>see the bit further down in that report about the sending domain not matching the reverse?
22:33<millisa>it shows you the helo that was sent (looks like 'localhost.localdomain' which is just not right)
22:34<millisa>you have to configure your mail server (looked like sendmail in one of the earlier pastes) to announce itself with a good name for itself.
22:35<primitiv>https://bpaste.net/GJ4A
22:35<primitiv>this is my hosts file
22:36<millisa>i'm not great with sendmail. /etc/mail/sendmail.mc would have something like define(`confDOMAIN_NAME', `primitiv.media')dnl
22:37<primitiv>confDOMAIN_NAME does not exist
22:37<primitiv>dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl this does tho
22:37<millisa>might be that then
22:37<primitiv>LOCAL_DOMAIN(`localhost.localdomain')dnl
22:37<primitiv>i think its this right?
22:38<millisa>or potentially that.
22:38<primitiv>change to rpimtiiv.media?
22:38<millisa>if a remote mail server sees your server say 'hi i am localhost.localdomain' their response is going to be 'ok, spammer'
22:39<primitiv>ok changed to primitiv.media
22:40<millisa>if you want to check if it worked, that's where you do the 'telnet localhost 25' test from the linode and see what it says its name is
22:40<primitiv>https://www.mail-tester.com/test-g0ievzrmg&reloaded=1
22:40<primitiv>new link
22:41<primitiv>still shows localhost.localdomain
22:41<primitiv>do i need to restart something?
22:43<millisa>again, not great with sendmail, but usually it's something like 'edit the sendmail.mc', compile with the m4 command like 'm4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf' then restart sendmail
22:44<primitiv>kk restartd generating new link
22:44<millisa>after restarting sendmail, I would telnet to the local port 25 and look at what it says its name is
22:44<primitiv>i cant use that site anymore
22:44<primitiv>not more than 3 times
22:44<primitiv>lol
22:45<primitiv>what do i debug now
22:45-!-kharlan [~abi@2600:3c02::f03c:91ff:fe60:7771] has quit [Quit: WeeChat 1.0.1]
22:46<millisa>other than telnetting to localhost 25 on the system and see what it says its name is?
22:52<primitiv>idk how to o that
22:52<millisa>on the linode, telnet localhost 25
22:55<millisa>it'll look something like this: https://bpaste.net/BZBQ
22:56<millisa>(won't look exactly like it since that's postfix, but should be similar with a 220 line that gives its name, and if you say helo or helo probably in one of the 250 lines)
22:56<millisa>er, helo or ehlo
22:59-!-kharlan [~abi@0002967b.user.oftc.net] has joined #linode
22:59-!-kharlan is "abi" on #linode
23:01<primitiv>unknwon host it says
23:01<primitiv>telnet locahost 25 is what i ranm
23:01<millisa>paste what you see
23:01<millisa>localhost
23:01<primitiv>locahost: Unknown host
23:01<millisa>localhost
23:02<millisa>or if you prefer: telnet 127.0.0.1 25
23:02<primitiv>kk connected lol sorry
23:02<primitiv>501 5.0.0 ehlo requires domain address
23:02<millisa>ehlo whateveryouwant
23:03<millisa>(it doesn't matter for the test, mostly you are looking for the 220 line or the 250 line that has what sendmail says its name is)
23:03<primitiv>https://bpaste.net/BUDA
23:03<primitiv>i think it got changed successfully
23:03<millisa>looks right to me
23:03<millisa>that should fix the helo problem that mailtester complained about
23:03<primitiv>assuming thats OK and the issue is still there whats next?
23:04<millisa>content or dkim
23:04<primitiv>can u paste the link youre looking at
23:04<primitiv>want to make sure its the same as me
23:04<millisa>er, it was the links you sent earlier
23:05<millisa>this one was the last - https://www.mail-tester.com/test-ffeq4gjfh&reloaded=1?fbclid=IwAR1OQIlTdYtGyUbZeXPaeWViU2NkZg0ERvZovhMM13dYbuTnWrxiZunsgAY
23:06<millisa>that should address the forward/reverse/helo which makes other mail servers think 'maybe you are not scum'. the spf record that includes your linode ip makes them think 'maybe this scum is allowed to send for this domain'
23:07<millisa>it's often enough to get gmail to not dump you in spam unless you've got something else egregious. it does mean if you are going to send mail looking like it's from @someotherdomain.com that you'll want to get the spf for someotherdomain.com updated to include your linode (you shouldn't need to further mess with the forward/reverse/ehlo though)
23:09<millisa>i'll wager if you do your mail-tester thing again tomorrow when they let you do 3 more, it'll give you a 9/10 and just complain about the dkim
23:10<primitiv>what do i do about the dkim
23:10<kharlan>use vestacp and save all this headache
23:17<millisa>dkim - start by reading up on it and deciding if you want to improve deliverability further. it's similar to spf in that you'd be doing setup for each domain in dns that does further proof that "I am a legit source for mail for this domain".
23:19<millisa>in your shoes, I'd wait to work on it until after your changes today are picked up by everyone. (I can see your reverses/forwards match now, but not if I ask a server that has things cached)
23:19<millisa>https://bpaste.net/IG7Q
23:21<primitiv>should my wordpress emails still go into spam?
23:21<millisa>probably
23:22<millisa>(it would depend who it's claiming to send from, whether who you sent it to has picked up the changes you've made, and whether they think it's spammy for other reasons)
23:24<millisa>if it's coming from an @primitiv.media address, going out that linode, and going to a recipient that's on a server that does see your current settings (which may not be until tomorrow since the reverses had long TTLs), you'd have to look further at why
23:28<primitiv>i will check tomorrow and go from there thank you
23:38-!-primitiv [~oftc-webi@107-179-235-132.cpe.teksavvy.com] has quit [Quit: Page closed]
---Logclosed Sat Jan 25 00:00:26 2020