Thank you for this information. I have forwarded that on to our mail provider.
During our troubleshooting yesterday, I found that if I completely turned off the SPAM detection on my account that the emails from Scoutbook would make it thru. I asked our provider to look into what was goin on with that. Thier response is below:
The DKIM signature provided by that e-mail for scoutbook.scouting.org is invalid -
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
d=scoutbook.scouting.org; s=scoutbook;
h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type;
bh=d37MwUHNyg016si4HxRP2e/cssFkJW/Re/As3XUR9Cw=;
b=gKe8Dt1KmIQ/7Kmh02jYH4xYlckGTFVQ0znKI/Pypn5bXhAkDC+SfYxlOXWhgl6/
XGRgFcWYoUaFfYR2ni+FFheJlYzCG9Em4zopdDSK7qYymXZWtBPIBYGKbogBjAYu
Uo3gA8ryXZN1ICDWvFa/VQJNi/Ydgbi9SE3BBHLIp9M=
…
X-DKIM: signer=‘scoutbook.scouting.org’ status=‘invalid’ reason=‘pubkey_unavailable’
DKIMCheck: Invalid DKIM, 100 Spam score. May be a temporary problem.
It looks like someone forgot to make a DKIM record for scoutbook.scouting.org - strictly speaking scoutbook.scouting.org isn’t being sent from (the e-mail itself originates from scouting.org), but the presence of an unused/invalid signature is causing Spamassassin to flag it as wrong.
Spamassassin itself is following the standard for how bad DKIM signatures may be handled - I suspect more people than just you are impacted.
Please send the below information from our IT lead on this to the Server administrators of the email systems @ BSA IT.
Addressing several points on that forum post directly -
Addressing the post you sent (Not getting reminders for Scoutbook created events now in IA - #21 by Stephen_Hornak) -
- The issue is with messages sent by scouting.org to pack134.com. Whether or not the pack134.com servers are blacklisted is irrelevant.
- Even if a blacklist discussion was relevant, outbound mail isn’t sent from 162.244.93.4 - the server used for inbound requests is not the same server used for outbound email.
- The listed issues with the parent nameservers do not impact e-mail deliverability to pack134.com. While some (ex. DMARC) might impact deliverability from pack134.com, that hasn’t been an issue (as far as I am aware - if I’m wrong, we can look into it, but that’s a separate matter).
Addressing Stephen_Hornak’s latest post (Not getting reminders for Scoutbook created events now in IA - #23 by Stephen_Hornak) -
That screenshot is from scouting.org. The DKIM signature is from scoutbook.scouting.org. Even so, that tool isn’t going to be able to catch that issue, because multiple DKIM signatures for a given domain can exist; standard mail check tools can’t identify which one to use with the domain alone. You need to look at the headers from the e-mail that was sent. Doing that, we see the following signatures:
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
d=scoutbook.scouting.org; s=scoutbook;
h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type;
bh=;
b=
AND
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=scouting.org; s=mail;
t=1713912025; bh=;
h=From:To:Reply-To:Subject:Date;
b=
The second signature claims to be from mail._domainkey.scouting.org (value of s, followed by ._domainkey, followed by value of d). If I look up that record (using the selector value of “mail” and the domain value of “scouting.org”) using MXToolbox, I see a valid record.
If I look at the first signature, no DKIM record is found. When a signature is provided without a valid DNS record alongside it, the mail server will reject the message, in accordance with RFC6376 6.3. Either the DKIM record needs to be added to scoutbook._domainkey.scoutbook.scouting.org or Scoutbook needs to stop signing with an invalid signature.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.
The DKIM certificate has been updated. Can you please try again and let us know if this fixes your issue?
I can only get messages if i turn the Spam filter off at the server. Still have some errors in the header.
X-DKIM: signer=‘scouting.org’ status=‘pass’ reason=‘’
DKIMCheck: Server passes DKIM test, -20 Spam score
X-DKIM: signer=‘scoutbook.scouting.org’ status=‘invalid’ reason=‘pubkey_unavailable’
DKIMCheck: Invalid DKIM, 100 Spam score. May be a temporary problem.
SpamTally: Final spam score: unset because ESF not run (SpamAssassin unset, whitelist, or skipped)
X-Antivirus-Scanner: Clean mail though you should still use an Antivirus
Please try again. Apparently the update was not complete when I asked you to test. The update is now complete.
Another DKIM fix was released today. Please try again.
Emails are now getting into my mailbox, just in the Spam folder. (at least they make it into my email system, vs being completely blocked). I then added Scoutbook.DoNotReply@scouting.org to the whitelist & emails finaly show up in inbox. Below is the header of email that went to Spam folder:
From Scoutbook.DoNotReply@scouting.org Thu May 30 15:01:31 2024
Return-path: Scoutbook.DoNotReply@scouting.org
Envelope-to: jason.kracht@pack134.com
Delivery-date: Thu, 30 May 2024 15:01:31 -0700
Received: from comail2.netbsa.org ([209.246.150.168])
by lv-shared03.dapanel.net with esmtps (TLS1.2) tls TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
(Exim 4.97.1)
(envelope-from Scoutbook.DoNotReply@scouting.org)
id 1sCnpy-0000000BPAe-2JIP
for jason.kracht@pack134.com;
Thu, 30 May 2024 15:01:31 -0700
Received: from comail2.netbsa.org (unknown [127.0.0.1])
by IMSVA (Postfix) with ESMTP id F3C7213A661
for jason.kracht@pack134.com; Thu, 30 May 2024 17:01:27 -0500 (CDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=scouting.org; s=mail;
t=1717106488; bh=X0GVwB0Mvjq0LkIjl6f1Spd/qUut54rhDWRYCBDg2mU=;
h=From:To:Reply-To:Subject:Date;
b=BRuRqQHtF//3OQxxn1i+1BdoYuzOw8xCA+5UldkxETTJ5/M16+t33CEfrSGgdW847
AKnee4ecDNZOEg5BDtQxixUHB7lKh8Rkzu0UU0cN9hX3Nnpn6pi2oHHbPbIhDVCdBq
ceGlx6tajXAcgSo2MiM+wHN8dqJz9DpcienqUgA0=
Received: from AWSWEBSBPD2A.netbsa.org (unknown [52.72.106.238])
by comail2.netbsa.org (Postfix) with ESMTP id CA71413A53E;
Thu, 30 May 2024 17:01:27 -0500 (CDT)
From: “Jason Kracht via scoutbook.scouting.org” Scoutbook.DoNotReply@scouting.org
To: “Jason Kracht” jason.kracht@pack134.com
Reply-To: “Jason Kracht” jason.kracht@pack134.com
Date: Thu, 30 May 2024 17:01:20 -0500
Message-ID: 20240530-17012014-1fbc-0@AWSWEBSBPD2A.netbsa.org
DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple;
d=scouting.org; s=sb1;
h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type;
bh=3rbKM8iBK4ACCIcuxDGtWGCVlhw=;
b=dQ2Lx1z+SmhfsJBYN1t442gmCbN7WAQrGlC38KAvtw+IOIQSgMh/ggUCER5Yqhxf
lhOzO5Sqw+VQd8lkhsixgmlO513waL5M0ngfvGJyglYeIGiJgarROnDUYMZSD25Z
Het5TbGz95338Kwn865UHW6NgykPDEG5dst/S8mUZ6g=
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary=“–=B666DB247C6B42A38D8B_53D3_AEFC_D9F6”
X-TM-AS-GCONF: 00
X-TM-AS-Product-Ver: IMSVA-9.0.0.1623-8.2.0.1013-27616.004
X-TM-AS-Result: No–4.806-5.0-31-10
X-imss-scan-details: No–4.806-5.0-31-10
X-TMASE-Version: IMSVA-9.0.0.1623-8.2.1013-27616.004
X-TMASE-Result: 10–4.805700-10.000000
X-TMASE-MatchedRID: ukkUHjchLqVZOsnyt7un1gK0s4VR9K3p807t+VEWpebm/BtOvxDD0UZf
VdxawLw/hcd75SabrT6+vuhCHYf16wYAPqHoVmYRp2tlJQG2Xmcc3ovV4KGuUQ4DVn51Ob6wVWS
7GR4Fp25VjvyT+b0B3eQYBHVKqgDUfS0Ip2eEHnws9RiuVJL/jndEsZciRJFfmiLlEt3ZDOybUA
FNHphXzaHoBIyyzndRoCWHJePfRxJ1GtmLTcEj94VWpSBkHzHrfrqIRBjiM0JX3B2mftBvL/Cbn
T5nMP7PqG6zzv4AaA3VbCUgZIjUj/bB1Y0oyuwUUqWa7buSv9yuxXnIa9H0E/PBeNFkI0RL2SH/
JMkfnVgwz5sG6a+0BOXVkHheF3l9CStjCuOR/hg=
X-TMASE-SNAP-Result: 1.821001.0001-0-1-22:0,33:0,34:0-0
Forward-Confirmed-ReverseDNS: Reverse and forward lookup success on 209.246.150.168, -10 Spam score
SPFCheck: Server passes SPF test, -30 Spam score
X-DKIM: signer=‘scouting.org’ status=‘pass’ reason=‘’
DKIMCheck: Server passes DKIM test, -20 Spam score
X-Spam-Score: 6.7 (++++++)
X-Spam-Report: Action: add header
Symbol: DKIM_TRACE(0.00)
Symbol: FROM_HAS_DN(0.00)
Symbol: FROM_EQ_ENVFROM(0.00)
Symbol: DMARC_POLICY_ALLOW(-0.50)
Symbol: TO_MATCH_ENVRCPT_ALL(0.00)
Symbol: PREVIOUSLY_DELIVERED(0.00)
Symbol: TO_DN_ALL(0.00)
Symbol: R_DKIM_ALLOW(-0.20)
Symbol: MIME_GOOD(-0.10)
Symbol: RCVD_COUNT_THREE(0.00)
Symbol: RCVD_TLS_LAST(0.00)
Symbol: REPLYTO_EQ_TO_ADDR(5.00)
Symbol: MIME_HTML_ONLY(0.20)
Symbol: R_SPF_ALLOW(-0.20)
Symbol: RCPT_COUNT_ONE(0.00)
Symbol: ASN(0.00)
Symbol: MISSING_XM_UA(0.00)
Symbol: MIME_TRACE(0.00)
Symbol: ARC_NA(0.00)
Symbol: CTYPE_MIXED_BOGUS(1.00)
Symbol: HAS_REPLYTO(0.00)
Symbol: SUBJ_EXCESS_BASE64(1.50)
Message-ID: 20240530-17012014-1fbc-0@AWSWEBSBPD2A.netbsa.org
X-Old-Subject:Testing Spamassasin
Subject:Testing Spamassasin
X-Spam-Status: Yes, score=6.7, +20 total spam score
X-Spam-Bar: ++++++
SpamTally: Final spam score: 27
X-Antivirus-Scanner: Clean mail though you should still use an Antivirus
While I am getting most calendar reminders & direct messages, I am not getting messages sent via the calendar with “Send Now” as the selection. There is something different about those messages.
Yes I am finding that since the calendar has changed to Scoutbook Plus, the RSVP is really weird. The emails now seem to be coming from “Boy Scouts of America” as opposed to “Scoutbook”. So the event I just created is going to junk mail. However, meanwhile I’m also still getting reminders from Scoutbook at the exact same time for other events. Why is this happening?! And why does the new calendar default sending reminders only to those who replied “yes”?! Like it’s my first email out about the event no one has replied yet!! Very frustrating.
This is the case for the “Send Now” reminders. The scheduled reminders still come out “as usual”. There have been requests to modify the sender and format of the “Send Now” messages, but we don’t know when or if the BSA will act on the requests.
Hello, I recently created event 6009983 in IA calendar, set three reminders for three different times, but neither I nor anyone in my den received any reminders.
@SaritaPandey_Schein did you turn RSVP On? If so did you set the reminder to RSVP Yes Only?
I checked “Event with RSVP,” as well as "Send only to RSVP “Yes” and “Maybe.” No one RSVP’d but I understand then everyone is considered a “Maybe” and hence should get the reminder emails anyways.
Hello again, just checking if someone is working on this issue, or if I need to report it somewhere or to someone else for proper resolution. Thank you!
Which den is this for? What is the event name, date, and time?