SMTP connection from my laptop to my ISP has worked fine for years when my computer sends "EHLO [10.0.0.107]" to introduce itself. It happens to be a Mac OSX using Mail, but that's irrelevant because I'm typing the tests manually using telnet command line, tested from a Mac, a Win10, even a Pi, and also from elsewhere in the nation.
Recently my for-pay ATSPACE.COM SMTP server has begun failing with a "#103b" error as soon as I complete the "rcpt to:" command in the SMTP conversation. I've traced this back to the EHLO command because any other fully qualified domain name submitted with the EHLO command works without a #103b error -- even domain names that have nothing to do with me.
I've also tried SMTP conversation with another ISP SMTP server (1and1.com) using the identical commands and everything works fine.
Two questions:
1) If you have an ATSPACE.COM account, can you test your SMTP capability manually with telnet and post a log of your command line conversation? Please mask out your username and password before posting it.
2) I think submitting my local IP with the EHLO command is okay (it worked for years with atspace and still works with 1and1) and I know submitting any other URL works fine. Can you point me toward a reference that says submitting a local IP address is within specs? I need to press this point with atspace tech support which has run me around the pole for about a month now.
Any help appreciated!
From RFC5321:
2.3.5. Domain Names
(...) The domain name given in the EHLO command MUST be either a
primary host name (a domain name that resolves to an address RR) or,
if the host has no name, an address literal (...)
4.1.3. Address Literals
Sometimes a host is not known to the domain name system and
communication (and, in particular, communication to report and repair
the error) is blocked. To bypass this barrier, a special literal form
of the address is allowed as an alternative to a domain name. For IPv4
addresses, this form uses four small decimal integers separated by
dots and enclosed by brackets such as [123.255.37.2], which indicates
an (IPv4) Internet Address in sequence-of-octets form. (...)
But then in 7.9:
It is a well-established principle that an SMTP server may refuse to
accept mail for any operational or technical reason that makes sense
to the site providing the server. (...)
Related
Not sure if this belongs on Stack Overflow or somewhere else but I'll try here first.
I have multiple servers, each with the same setup where nearly everything running on the server is in a docker container. I have two goals I would like to achieve. First, the host machine is setup to send emails for users with uid < 1000 to my external email address. Second, on one server, I have a docker-mailserver container running to handle random, seldom used emails (for log files, etc.).
It seems I can have either the host machine running postfix OR the docker-mailserver running (and bound to port 25). Currently, I have the docker container, running the mail server, full operational and everything can send and receive just fine.
However, now I am unable to start postfix on the host machine so that I can receive emails sent to the root user (things like cron output) since port 25 is --rightfully-- in use by the actual mail server receiving email.
Questions:
1) How can I tell postfix on the host to not bind to port 25? If port 25 is only used for receiving mail, why would my outgoing-only postfix config need to use port 25?
2) I am perfectly comfortable not receiving emails for the root user, if whatever would normally be sent to the root user is logged elsewhere (perhaps, syslog?). Are the emails to root only maintained as emails or are they somewhere else, negating the need for postfix on the host for forwarding to a real account?
Thanks in advance.
Specifically answering your questions first:
You should be able to have postfix listen on any port you specify by editing the main.cf configuration file and changing the smtp listener to a numbered port of your choice. Of course, if it isn't a "known" port, I'm not sure what/who will ever connect to it, but maybe you don't care in this situation as you are only using postfix as a relay?
It may depend some on the Linux distribution or setup of your host, but most systems will leave email in the local delivery "mail spool" if there is no system/daemon set up to move it anywhere else. Back when that was the normal way to handle multi-user mail on UNIX systems, a login user used a mail reader client to read through email in your local "spool", and of course if you don't have that, you can simply vi your mail file and read the raw contents if necessary. These mail files are normally located in /var/spool/mail on most systems.
Stepping away from your questions, I would guess you don't necessarily need postfix running on your host, especially as your containerized mailserver is handling the port 25 SMTP traffic for the host. Local email will stay local, I assume, without postfix, and be available through local means; and you might even find a simpler solution to external forwarding (e.g. a script that can parse mail spools and just connect to an SMTP relay and send it to an external address) if you want that.
We have a VPS with CentOS combined with DirectAdmin which we use for a Magento shop. This runs fine, except for sending email.
Problem:
It appears that some specific domains won't receive our emails and we get a bounce. If we use any other email sending systems, the mails arrive without problems.
The bounce mail contains the following error:
SMTP error from remote mail server after HELO Company-Shops:
host mx-cluster-b2.one.com [IP ADRESS]: 504 5.5.2 :
Helo command rejected: need fully-qualified hostname
After googling and trying things for a week now, I am a bit lost. I tried checking postfix in CentOS, but this is not installed and I'm not quite sure if this is needed.
Possible issue?
I believe the hostfile in CentOS is setup incorrectly:
127.0.0.1 localhost localhost.localdomain localhost4 ... etc
OUR IP Company-Shops
'Company-Shops' should probably be a domain name, am I right? The same as the rDNS. But I'm afraid if I change this it will kill my site and whatnot. I'm not sure if this entry correlates with the 'company-Shops' helo label in the bounce error.
Some extra info:
- We use the webmail Roundcube from DirectAdmin
- At the moment we run one shop, but this might grow a bit (multiple sites on 1 IP)
- We don't use subdomains
- We've set up a reverse DNS, with the domain
Is there anyone with similiar experiences or with a bit more knowledge about this subject? I appreciate any advice we can get, as we are stuck..
Many thanks.
Yes, that's right: your mail server should identify itself using a fully-qualified domain name when it connects to send mail via SMTP. You don't say what mail server you're running, but since you're using DA, it's probably Exim. If so, you want to edit /etc/exim.conf and set primary_hostname to the FQDN of your server.
This would also be a good time to double-check that reverse DNS is set up properly for your IP address. Many hosts will also reject email from servers on IPs without a valid rDNS record.
I'm not familiar with Magento, but I can't see any way that changing the Exim configuration in this way could impact that program.
Following Problem: I have written a mailing-list via PHP, SwiftMailer and Postfix. On my Old server it worked without any problems, but Since I moved to another Server (Exactly same configuration, but other IP) the list-mails stuck in the Spamfilter of the Receivers. (Espacially in Google Mail)
Is there anything I have to do escept rerouting the URL DNS-Records, that Google sees, that "I am that Server" and the mail is no spam?
First, check that your outgoing mail server is identifying itself correctly in the HELO command (or EHLO command) when it connects to a receiving mail server. There should also be an A record for this name that should point to the IP address of the mail server. Also, this IP address should reverse to some name (possibly, but not necessarily, the same name as above), and this name should point to the mail server's IP. If any of this is not right, then most spam filters will not consider your server to be a 'real' mail server, and will most likely flag any message sent from your server as spam. This is how many spam filters block spam that originates from computers that have been taken over as 'zombies'.
Another thing to do is to check that you mail server IP is not on any blacklists. You can use MXToolbox for this: http://mxtoolbox.com/blacklists.aspx
Another thing you can do is use port25's verifier tool. This tool will spot any red flags that might be causing your messages to be flagged as spam. See http://www.port25.com/support/authentication-center/email-verification/ for more info.
Last but not least, you might want to setup an SPF record for the domain that you are sending these messages from, to indicate that the IP of your mail server is authorized to send mail from this domain. This will help a lot. For more info, see: www.openspf.org.
I am trying to avoid running through DNS servers to get an email message to an address on one of my hosted virtual accounts.
I know I can surround the IP address with square brackets but how do I designate the mailbox username for the (virtual) hosted account on the server?
In other words,
I have multiple domains hosted on a virtual server -- all sharing the same IP address
obviously, user#domain.com works fine
but how do I send to user#[123.456.78.90]
Is what I want to do, possible?
Thanks.
A virtual host needs a domain name in order to figure out what to do. You want to send it to an IP address instead of a domain name. Thus it is not going to work through normal methods. You might be able to specify a "default" domain if none match Otherwise, your only hope is to manually forge email. By this, I mean:
telnet 123.456.78.9 25
HELO myhostname.mydomain
MAIL From: <myemail#mydomain>
RCPT To: <user#domain.com>
DATA
From: myemail#mydomain
To: user#domain.com
Subject: Testing
This is a test
.
QUIT
What you want to do is possible, and even secure when using Cjdns IPs. Some clients (e.g. mutt) are "broken" and choke on raw ips as domain. (While technically broken, it is an uncommon use case - mutt is a good client.)
You'll need to tell your MTA to accept the raw ip. E.g. on sendmail, add
[123.456.78.9]
to /etc/mail/local-host-names
You'll also have to turn on accept_unresolvable_domains as sendmail doesn't seem to regard already resolved domains as "resolvable". (Other MTAs may require different tweaks.)
I use thunderbird to send to raw ips, and it works just fine. A friend uses claws-mail with no problems.
I've recently setup my Ubuntu web server with exim4 so my PHP website applications can send email such as "thank you" and "confirmation" notices.
I've got it setup and working such that I can send email to gmail, Yahoo! and my work address. However, my work email gets caught up in our spam filter. I'm new to setting up mail servers so I'm not sure what I might need to look for in making this mail server more trusted, while keeping is secure.
Here are some details:
Server is NATed behind a firewall.
Firewall has port 25 open for outgoing SMTP traffic (from server to anywhere).
Server is virtual hosting a couple different of our websites
The server is running the following exim4 config:
dc_eximconfig_configtype='internet'
dc_other_hostnames='web-serv.example1.com;example2.com'
dc_local_interfacees='127.0.0.1'
dc_readhost=''
dc_relay_domains=''
dc_minimaldns='false'
dc_relay_nets='' dc_smarthost=''
CFILEMODE='644'
dc_use_split_config='false'
Questions:
Do I need to open port 25 to incoming SMTP mail (anywhere to server)? I wonder if other mail servers need to talk to my mail server to verify itself, in a sort of handshake attempt.
I have not created any MX records primarily because the server has different websites on it the mail server should send mail for all the websites. Do I need to pick/create a domain address and create MX records for it?
One thing of note is that the mail headers look like this:
Return-Path: <www-data#example2.com>
Received: from web-serv.example1.com ([Firewall public IP Address])
Received-SPF: neutral (google.com: [Firewall public IP Address] is neither permitted nor denied by best guess record for domain of www-data#example2.com)
"web-serv" is the host name of the server, such that you get this if you type it into the command line:
$ hostname
web-serv
and "www-data" is the account name for the Apache2 server that Ubuntu gave it as default.
Any other general advice would be appreciated. It's all new to me.
Cheers!
One item of note, since I posted this question time time ago (almost 10 months) is that I found out the biggest issue I had was with setting up the DNS for reverse DNS on our hosting providers side of things.
In other words, our hosting provider (the people who give us our IP address and manage our hardware) had to enter a record to match my server(s) hostname to whatever IP address it used.
There's a specific name for this. I believe it's a "PTR" record but the name escapes me at the moment, but you basically tell them "my server hostname is ..." and they do a quick update to the DNS for reverse DNS purposes.
When I asked this question, we had a different hosting provider who didn't really help explain this to me, and after switching providers, I got to talk to someone who was happy to help me understand that side of the equation.
And as I understand it, this is setup by the people who assign you the IP addresses. But there's probably more to it than that.
Once I got that setup properly, email had no problem getting through the spam filters and Gmail/Yahoo showed SPF as "passed". It was showing neutral before.
Our company email was set to drop any email that would not resolve reverse DNS, which is why I could not even receive the email or find it in the spam filter. Of course, that situation would be dependent on the company and what email policy and software they're using to manage spam. Some might just drop all email that does not reverse DNS and some might dump it in to spam filters instead.
Hope that might help some people with similar issues.
Cheers!