Mail problems...why?

After having to abandon Librem chat because of chronic flakiness that could not be cured despite my pestering of,and then being ignored by, Purism support, I have maintained my paid account purely because Librem Mail worked for my wife. Now, for no reason she is unable to send messages except to herself. She receives messages. There has been no alterations to anything in this account. It just now has packed up.

When sending to gmail messages come back undelivered with the message
“Our system has detected that this message is 550-5.7.1 likely suspicious due to very low reputation of the 550-5.7.1 domain. To best protect our users from spam the message has been 550-5.7.1 blocked”
That is verbatim with the wonky grammar.

Other messages appear in the “Sent” folder but don’t arrive at their destination. Others sit in the “Outbox” and can’t be sent.

Yes, I know that support should be the people for this, but to be frank, I’ve received better support from the forum in the past.

Anybody got any suggestions? Not a thing has been changed, and it appears that the last working Librem thing has gone flaky, just after I renewed my sub. Typical.

Any help is gratefully accepted.

I’m not speaking for Purism, but as a mail server operator, I have similar problems. At least Google is not silently canning the messages while they are busy doing the gatekeeping, like they do for me… I’ve lost contact to some people on gmail because Google unilaterally decided I’m not worth their attention.

And seriously, please people stop using hotmail. They will happily drop messages from your loved ones. Even if those are replies to messages that the hotmail account sent in the first place.

/rant

What I don’t get is that yesterday it was fine. And its not just gmail. This account can’t send messages to anyone.

I just realised I still have my Librem email account on my tablet. We can send between Librem accounts but mine has the exact same issues. Exactly. Its an account that I stopped using long ago, but same problem.

And although I hate gmail, LOTS of people use it and the ability to send to gmail us sort of essential for a lot of people.

Perhaps the server got on some blacklist. I’ll pass this on internally.

I appreciate that. But its also bigpond.com,the largest ISP in Australia. In that case messages appear in the “sent” folder but don’t arrive. I think it points to something else really.

Blacklists are often shared between operators, so I think that’s where the evidence points.

I don’t understand why some messages sit in the outbox and won’t go.

I’ve just managed to find the incoming and outgoing server settings. All is good and changing to the alternative settings makes no difference. Beats me.

One last question from me.

Is it possible to have mail sent to librem.one forwarded to another email address?

Yes of course it is possible. But if the mail can’t get too the Librem.one mail server to begin with then there will be no way for the Librem.one mail server to forward the mail.

The issue here seems to be blacklisting. Only Purism and Google can sort that out. (Although if you were to try and pester them otherwise, who is to say that wouldn’t also help?)

Mail is able to be delivered to the account. That part works.

Mail goes both to and from separate Librem accounts.

Mail comes back undeliveraable, most, not all times, to gmail and bigpond. If the mail does not come back it shows as sent but never arrives at its destination.

Some mail never goes, it just sits in the outbox and I can’t send it.

Both our accounts have been fine. I was still able to send from mine on 28 Oct (which I use in sharing weblinks etc), and my wife’s was working two days ago. Now both are kaput.

Where is mail forwarding in the Librem settings?

There do not appear to be dmarc records configured for librem.one https://mxtoolbox.com/SuperTool.aspx?action=mx%3ALibrem.one&run=toolpage

It is becoming more and more common to drop mail from servers that don’t have dmarc configured, AOL did that many years ago (silently) and other providers have followed over the years.

Personally I consider lack of dmarc to be an incomplete configuration of the mail server.

Also, per the same mxtoolbox website referenced above I see librem.one on 3 different blacklists currently. (Use the blacklist check option from the drop down to see the current status). @dcz it may be worth passing along internally that there is an option to sign up to receive alerts that librem.one has been added to a blacklist.

I will add to the information on this. I received 4 spam email messages from mx1.librem.one in the last couple of days to one or other of my sysop email accounts. The spam was phishing spam. It is clear that one or more librem.one accounts have had their passwords stolen and abused to send an amount of spam.
Unfortunately when you allow more than a trivial number of people use an email service sooner or later one of them will have their password stolen.
So if if you can’t physically slap your users around after they get stupid you must (as an email operator) limit the number of messages they can send per hour or per day or something. If the spammer can only send 20 or 50 messages (or whatever reasonable limit) the consequences are much less painful after they abuse a stolen account.
I would also recommend an antispam scan of even outgoing messages.

I wouldn’t know about phish, no phish, or go phish. But yes I agree delivery has been slow. I had to switch to an SMS message for the 2 part authentication to log into my bank. The email version I asked for first arrived an hour later.

I put my bets on an Op by one of the security services. There was announcement in the news about a threat on Friday. I would guess their vacuum cleaner is sucking it all it in but they are slow at emptying the dust bag. Besides it is a weekend, day workers worn’t be there until tomorrow.

If true, some smart cookie could probably trace traffic flow and figure out where it is going. But we won’t hear about it until a week or two later.

Addendum: Not a single email in 6 hours. But gmail seems to be working fine. I’m getting emails from duplicate subscriptions from list servers there but not librem.one.

Both of our email accounts still not working. It appears that something has been going on, but this is days now.

I dread going down the support road due to past dealings.

Can anyone tell me how to have mail forwarded in Librem.one?

In the old days all you needed was a .forward file in your mail directory. But it presupposes you’re getting mail in the first place. So no joy on this.

Mail arrives at Librem but we can’t send which may make the possibility of forwarding not possible.

I fear that this mail problem won’t get resolved and Librem.one will go the way that Librem chat went for me and the people I’d gotten to change over.

What happens is that the internal mail queue fills with thousands or tens of thousands of messages if the spammer is not rate limited.
Hopefully someone is working to identify the spam messages in the queue and remove them. Then messages can start to be processed in a timely fashion. Then they need to work on the blacklists. Some bliacklists time out fairly quickly. With others you have to beg.

It appears they’ve dropped off of one of the blacklists, the other two that I see their IP listed on (Uceprotectl2 and Uceprotectl3) say:

Uceprotectl2 Automatically Delists Entries

This blacklist does not offer any form of manual request to delist. Your IP Address will either automatically expire from listing after a given timeframe, or after time expires from the last receipt of spam into their spamtraps from your IP Address.

The IP that is blacklisted (192.241.214.14) is the only IP in their SPF record that does not have an MX record, there are plenty of valid reasons this might be configured as such, but it is worth noting.

I also now see a dmarc record in dns, currently the policy is “none” which is what it should be for initial testing to make sure all IP’s that are valid to send as/on behalf of the domain are included in the SPF record before eventually setting a quarantine or reject policy so that other mail servers know not to accept mail from servers purporting to be yours but actually aren’t.

Based on the progress it seems like someone is likely working on this issue, unfortunately some blacklists just take time before you’re delighted from them.

I’m up to 23 hours, no email from any source on any of my librem.one accounts.

Today is a business day. Will have to switch to gmail. Then set from nomail to mail on my list-serv subscriptions and flip to gmail on my other email notifications from other services.