Jump to content
  • 1

Does Blesta have a Privacy Policy?


Ryan

Question

Hello,

I was checking out Blesta again and finally managed to get it to work. But then I realized I had to have a cookie policy and privacy policy and all that jazz and the system I'm using wants a link to the privacy policy of the software/services I'm using.

I can't seem to find any sort of privacy policy or cookie policy for Blesta anywhere. I was hoping to link to it.

Is there at least a list of cookies that Blesta can use on a regular client user? All I've seen so far was the sid cookie but wondering if there are others in some cases.

Thanks!

Link to comment
Share on other sites

9 answers to this question

Recommended Posts

  • 0

I get it when the forum sends me an email when you respond to my post.

Subject: Does Blesta have a Privacy Policy?
From: "Blesta Community Forums"<forums@blesta.com>
Date: Wed, 11 Nov 2020 16:07:01 +0000

Actually to explain further, the forum sends email to my gmail account and I forward all of my gmail to another email system and that system rejects that forward with that error when it comes from blesta.com. It gets bounced back to gmail into my inbox from Mail Delivery Subsystem <mailer-daemon@googlemail.com> with subject Delivery Status Notification (Failure) with that error on it Diagnostic-Code: smtp; 550 5.7.1 Email rejected per DMARC policy for blesta.com

So I'm guessing the blesta mail server's SPF or DKIM doesn't align with the DMARC policy or something or other.

I also found this extra info in the logs if it's helpful in some way:

dsn=5.2.1, stat=failure, 5.2.1 DMARC failed

Link to comment
Share on other sites

  • 0
5 hours ago, Ryan said:

I get it when the forum sends me an email when you respond to my post.

Subject: Does Blesta have a Privacy Policy?
From: "Blesta Community Forums"<forums@blesta.com>
Date: Wed, 11 Nov 2020 16:07:01 +0000

Actually to explain further, the forum sends email to my gmail account and I forward all of my gmail to another email system and that system rejects that forward with that error when it comes from blesta.com. It gets bounced back to gmail into my inbox from Mail Delivery Subsystem <mailer-daemon@googlemail.com> with subject Delivery Status Notification (Failure) with that error on it Diagnostic-Code: smtp; 550 5.7.1 Email rejected per DMARC policy for blesta.com

So I'm guessing the blesta mail server's SPF or DKIM doesn't align with the DMARC policy or something or other.

I also found this extra info in the logs if it's helpful in some way:

dsn=5.2.1, stat=failure, 5.2.1 DMARC failed

I think it happens because of your forward, Google is then seen as the sender. Our forum email is sent through Mailgun, which validates DKIM and thus DMARC. It must become broken when forwarded. Google is not permitted in our SPF policy, and they might be stripping out the DKIM headers Mailgun adds.

Link to comment
Share on other sites

  • 0

Per dmarcian:

Quote

Forwarded email can only be authenticated via DKIM. Due to how messages are forwarded through different types of infrastructure, DKIM signatures are often inadvertently broken by forwarders. For forwarded email, your DMARC compliance is equal to the 'survival' of your DKIM signatures as they travel through forwarders

Google's DMARC report to us early this morning showed a forward to a domain starting with "fastcp...", don't know if that's you. If so, the mailgun DMARC probably did not survive the forward.

Link to comment
Share on other sites

  • 0

OK that makes sense then. I don't think that was me but this is why I'm trying to move away from gmail. I changed my email on my account now to the one it was forwarding to before.

I just thought I should report it since I don't get those sorts of errors too often at all and thought maybe something could be wrong somewhere. I'm glad there isn't though.

Thanks!

Link to comment
Share on other sites

  • 0
1 hour ago, Ryan said:

OK that makes sense then. I don't think that was me but this is why I'm trying to move away from gmail. I changed my email on my account now to the one it was forwarding to before.

I just thought I should report it since I don't get those sorts of errors too often at all and thought maybe something could be wrong somewhere. I'm glad there isn't though.

Thanks!

Awesome! Let us know if it happens again without the forward. Thanks for the report also - will be on the watch for any other issues. Our DMARC policy is relatively new. We implemented it in part because we had security researchers opening tickets at least once or twice a week for the past year complaining that we had no DMARC policy. Was less work just to implement it, but these kinds of issues are why we were hesitant to do so.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...