I'm running a small IRCd on a vps. No firewall. When users register their nicks, a confirmation email is sent out to them by Sendmail to the email address they entered during registration. All but Gmail users get email. I found this and made an spf record using my IP address and placed it my MX record:
"v=spf1 ip4:168.235.75.84 include:_spf.google.com ~all"
But Gmail emails still aren't received. Here's some text from /var/mail/root
----- The following addresses had permanent fatal errors -----
<email.address#gmail.com>
(reason: 550-5.7.1 [2604:180:3:284::8c64] Our system has detected that this message does)
----- Transcript of session follows -----
... while talking to gmail-smtp-in.l.google.com.:
>>> DATA
<<< 550-5.7.1 [2604:180:3:284::8c64] Our system has detected that this message does
<<< 550-5.7.1 not meet IPv6 sending guidelines regarding PTR records and
<<< 550-5.7.1 authentication. Please review
<<< 550-5.7.1 https://support.google.com/mail/?p=ipv6_authentication_error for more
<<< 550 5.7.1 information. hn5si5276310pac.203 - gsmtp
554 5.0.0 Service unavailable
--u4AMhua5032690.1462920236/xtremeirc.net
Content-Type: message/delivery-status
Reporting-MTA: dns; xtremeirc.net
Received-From-MTA: DNS; localhost.localdomain
Arrival-Date: Tue, 10 May 2016 18:43:55 -0400
Final-Recipient: RFC822; email.address#gmail.com
Action: failed
Status: 5.7.1
Remote-MTA: DNS; gmail-smtp-in.l.google.com
Diagnostic-Code: SMTP; 550-5.7.1 [2604:180:3:284::8c64] Our system has detected that this message does
Last-Attempt-Date: Tue, 10 May 2016 18:43:56 -0400
--u4AMhua5032690.1462920236/xtremeirc.net
Content-Type: text/rfc822-headers
Return-Path: <root#xtremeirc.net>
Received: from xtremeirc.net (localhost.localdomain [127.0.0.1])
by xtremeirc.net (8.14.4/8.14.4/Debian-8) with ESMTP id u4AMhsa5032688;
Tue, 10 May 2016 18:43:55 -0400
Received: (from root#localhost)
by xtremeirc.net (8.14.4/8.14.4/Submit) id u4AMhsQs032687;
Tue, 10 May 2016 18:43:54 -0400
Date: Tue, 10 May 2016 18:43:54 -0400
From: root <root#xtremeirc.net>
Message-Id: <201605102243.u4AMhsQs032687#xtremeirc.net>
--u4AMhua5032690.1462920236/xtremeirc.net--
For what it's worth, I have an IPv6 address set up for my domain.
I'm out of my league on this and don't know what I'm doing wrong here? If I need to post more information, please advise. Thanks.
Your SPF record should include your IPv6 address.
"v=spf1 ip4:168.235.75.84 ip6:2604:180:3:284::8c64 include:_spf.google.com ~all"
Related
We got a server with mails and several clients send us this issue can somebody help with this issue?
subject: Mail delivery failed: returning message to sender
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es)
failed:
elise.dullers#spectrumstudent.be
SMTP error from remote mail server after end of data:
host ASPMX.L.GOOGLE.COM [2a00:1450:4013:c00::1b]:
550-5.7.1 [2a01:7c8:aaaa:3e7::1] Our system has detected that this message does
550-5.7.1 not meet IPv6 sending guidelines regarding PTR records and
550-5.7.1 authentication. Please review
550-5.7.1 https://support.google.com/mail/?p=IPv6AuthError for more information
550 5.7.1 . z13si75087edl.403 - gsmtp
------ This is a copy of the message, including all the headers. ------
Return-path: Received: from
109.131-67-87.adsl-dyn.isp.belgacom.be ([87.67.131.109] helo=[192.168.1.55]) by server.ireto.be with esmtpa (Exim 4.83)
(envelope-from ) id 1egDid-0005am-Ee for
elise.dullers#spectrumstudent.be; Mon, 29 Jan 2018 18:59:48 +0100
SavedFromEmail: info#beringsetaxi.be Date: Mon, 29 Jan 2018 18:59:44
+0100 Subject: Re: Kostprijs taxi In-Reply-To:
Importance: normal From: info To: Elise Dullers
MIME-Version: 1.0 Content-Type:
multipart/alternative;
boundary="--_com.samsung.android.email_2340489603438420"
----_com.samsung.android.email_2340489603438420 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: base64
I installed Postfix on an Ubuntu 14.04 server running Nginx. While I was installing it, I put the system email as 'info#mydomain.com' not realising that it would now think that this was a local mailbox. This email address is a gmail account and so the server needs to look at the MX records.
I'm guessing what is happening is that it sees that its a local address and just sends it locally. I sent a test with:
echo "This is the body of the email" | mail -s "This is the subject line" info#mydomain.com
And sure enough in /var/mail/root there was a message:
From MAILER-DAEMON Wed Sep 30 19:05:59 2015
Return-Path: <>
X-Original-To: root#mydomain.com
Delivered-To: root#mydomain.com
Received: by mydomain.com (Postfix)
id 5D29F1249E9; Wed, 30 Sep 2015 19:05:59 -0400 (EDT)
Date: Wed, 30 Sep 2015 19:05:59 -0400 (EDT)
From: MAILER-DAEMON#mydomain.com (Mail Delivery System)
Subject: Undelivered Mail Returned to Sender
To: root#mydomain.com
Auto-Submitted: auto-replied
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="52BC21249E1.1443654359/mydomain.com"
Message-Id: <20150930230559.5D29F1249E9#mydomain.com>
This is a MIME-encapsulated message.
--52BC21249E1.1443654359/mydomain.com
Content-Description: Notification
Content-Type: text/plain; charset=us-ascii
This is the mail system at host mydomain.com.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<info#mydomain.com>: unknown user: "info"
--52BC21249E1.1443654359/mydomain.com
Content-Description: Delivery report
Content-Type: message/delivery-status
Reporting-MTA: dns; mydomain.com
X-Postfix-Queue-ID: 52BC21249E1
X-Postfix-Sender: rfc822; root#mydomain.com
Arrival-Date: Wed, 30 Sep 2015 19:05:59 -0400 (EDT)
Final-Recipient: rfc822; info#mydomain.com
Action: failed
Status: 5.1.1
Diagnostic-Code: X-Postfix; unknown user: "info"
--52BC21249E1.1443654359/mydomain.com
Content-Description: Undelivered Message
Content-Type: message/rfc822
Return-Path: <root#mydomain.com>
Received: by mydomain.com (Postfix, from userid 0)
id 52BC21249E1; Wed, 30 Sep 2015 19:05:59 -0400 (EDT)
Subject: This is the subject line
To: <info#mydomain.com>
X-Mailer: mail (GNU Mailutils 2.99.98)
Message-Id: <20150930230559.52BC21249E1#mydomain.com>
Date: Wed, 30 Sep 2015 19:05:59 -0400 (EDT)
From: root#mydomain.com (root)
This is the body of the email
--52BC21249E1.1443654359/mydomain.com--
I'm not sure how I can get the server to send the emails to the right place? Should I change the system email to something random?
I'm guessing that you've probably got the machine installed with mydomain.com as the hostname and so Postfix is configured to think it's answering email for mydomain.com. You probably want to edit your /etc/postfix/main.cf and remove your domain from the mydestination line there. (And then restart Postfix.)
I've been frequently receiving emails with the subject line "failure notice" and I've included one example below.
Should I be concerned about this and what, if any actions do I have available, as it looks like my email address is being used as the return path.
Note I have changed the details sightly to "mydomain.co.uk", the email that is not mine to "removed_not_my_email#yahoo.com" and my email to "my_email#mydomain.co.uk"
Hi. This is the qmail-send program at mydomain.co.uk.
I tried to deliver a bounce message to this address, but the bounce bounced!
<removed_not_my_email#yahoo.com>:
98.136.217.202 failed after I sent the message.
Remote host said: 554 delivery error: dd This user doesn't have a yahoo.com account (removed_not_my_email#yahoo.com) [0] - mta1335.mail.gq1.yahoo.com
--- Below this line is the original bounce.
Return-Path: <>
Received: (qmail 9093 invoked for bounce); 12 Mar 2014 11:08:39 +0100
Date: 12 Mar 2014 11:08:39 +0100
From: MAILER-DAEMON#mydomain.co.uk
To: removed_not_my_email#yahoo.com
Subject: failure notice
Hi. This is the qmail-send program at mydomain.co.uk.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<moggiex#gmail.com>:
173.194.68.26 failed after I sent the message.
Remote host said: 552-5.7.0 This message was blocked because its content presents a potential
552-5.7.0 security issue. Please visit http://support.google.com/mail/bin/answe
552-5.7.0 r.py?answer=6590 to review our message content and attachment content
552 5.7.0 guidelines. s4si12659992qan.75 - gsmtp
--- Below this line is a copy of the message.
Return-Path: <removed_not_my_email#yahoo.com>
Received: (qmail 9089 invoked by uid 110); 12 Mar 2014 11:08:37 +0100
Delivered-To: mydomain.co.uk-my_email#mydomain.co.uk
Received: (qmail 9083 invoked from network); 12 Mar 2014 11:08:37 +0100
Received: from triband-del-59.177.226.218.bol.net.in (59.177.226.218)
by mydomain.co.uk with SMTP; 12 Mar 2014 11:08:32 +0100
Received: from apache by sdsgtchsccutvijfsjftr. with local (Exim 4.63)
(envelope-from <removed_not_my_email#yahoo.com>)
id YMVXBT-G78HLB-XN
for <my_email#mydomain.co.uk>; Wed, 12 Mar 2014 15:38:31 +0530
To: <my_email#mydomain.co.uk>
Subject: Image has been sent my_email
Date: Wed, 12 Mar 2014 15:38:31 +0530
From: "Evernote service" <removed_not_my_email#yahoo.com>
Message-ID: <7CC92FB2B133AA0F3984DE6BA6E33439#sdsgtchsccutvijfsjftr.>
X-Priority: 3
X-Mailer: PHPMailer 5.1 (phpmailer.sourceforge.net)
MIME-Version: 1.0
etc...
There is no verification on the sender in SMTP. Anyone can send email from whatever emailadress they can think of.
Spam & malware is distributed using this fact. Circumventing certain spamfilters because the sender-address/return-path seems legitimate.
The notice that 'content presents a potential 552-5.7.0 security issue' could mean that an executable was attached. Maybe harmless, but probably a virus or malware.
Not nice, but also not much you can do about it.
To avoid your email address being used, in the future, as source of this practice, protect your email address.
Don't post it on webpages in clear.
Use a temporary emailaddress when subscribing to sites and or mailinglists.
I have a problem with all the mails sent from my company, often ending up in the recipients spam folder. It's from approximately 5-6 different mail adresses sending from the same mail server. We have a dedicated server that is both hosting out website aswell as managing all mails and so forth.
We usually don't get any error messages when the mails either never arrives, or ends up in the recipients spam folder.
But we received this 1 error message, so i hope you have an idea of what to do to keep our mails out of the spam folders. We might have to hire external developers to take care of the problem, i just want to get an idea of what the problem is, so i know if i can fix it, or tell the developers what to do.
"ANON" is put in, to keep mails involved anonymous. Should i delete anything else?
Error message:
-----Oprindelig meddelelse-----
Fra: Mail Delivery Subsystem [mailto:mailer-daemon#googlemail.com]
Sendt: 27. september 2013 08:26
Til: support#example.com
Emne: Delivery Status Notification (Failure)
Delivery to the following recipient failed permanently:
ANON#ANON.dk
Technical details of permanent failure:
Message rejected by Google Groups. Please visit
http://mail.google.com/support/bin/answer.py?hl=en&answer=188131 to review our Bulk Email Senders Guidelines.
----- Original message -----
X-Received: by 10.14.109.66 with SMTP id r42mr7804640eeg.43.1380263171652;
Thu, 26 Sep 2013 23:26:11 -0700 (PDT)
Return-Path: <support#example.com>
Received: from server.example.com ([2a01:4f8:121:267::2])
by mx.google.com with ESMTPS id
o7si4443732eep.48.1969.12.31.16.00.00
(version=TLSv1 cipher=RC4-SHA bits=128/128);
Thu, 26 Sep 2013 23:26:11 -0700 (PDT)
Received-SPF: neutral (google.com: 2a01:4f8:121:267::2 is neither permitted nor denied by best guess record for domain of support#example.com) client-ip=2a01:4f8:121:267::2;
Authentication-Results: mx.google.com;
spf=neutral (google.com: 2a01:4f8:121:267::2 is neither permitted nor denied by best guess record for domain of support#example.com) smtp.mail=support#example.com;
dkim=neutral (bad format) header.i=#example.com
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=example.com; s=default;
h=Content-Type:MIME-Version:Message-ID:Date:Subject:In-Reply-To:References:T
o:From; bh=E5v2ubiy1T/bYA8pEndEZlZwb928MRpgJuoPSy8WsQE=;
b=AbAc/65Y88xmhdGHxUUs3kK/1rOvTH0uEpPAVEN1sv8KNdJvzvRqiO72gqXan0M7wXRVeev6IJ
0iumBwj875irmYAaST9hzm+eIF02whaZDgkzRr2jjJKN9bn11tBmtlTK0JzTGDUMf1Ij+qmI
0iumBwj875irmYAaST9hzm+eIF02whaZDgkzRr2jjJKN9bn11tBmtlTK0JzTGDUMf1Ij+vdF
0iumBwj875irmYAaST9hzm+eIF02whaZDgkzRr2jjJKN9bn11tBmtlTK0JzTGDUMf1Ij+f
64lUpYIyyaqlNUYnaPt28=;
Received: from post.ABCDEFGHIJK.com ([xxx.xxx.xxx.xxx]:49696
helo=WIN7UVQT1EBIRO)
by server.example.com with esmtpa (Exim 4.80.1)
(envelope-from <support#example.com>)
id 1VPRUi-0008Dh-Os
for ANON#ANON.dk; Fri, 27 Sep 2013 06:25:41 +0000
From: "ANON - example.com" <support#example.com>
To: "'XYZ ABC'" <a.bcd#efg.hi>
References: <E1VORD0-0007hu-Jn#server.example.com>
<CACyHzxudCSh+4NOEu-_QR1yQYA=uR0DOrTTcgDsg9KcRLTWDFQ#mail.gmail.com>
In-Reply-To:
<CACyHzxudCSh+4NOEu-_QR1yQYA=uR0DOrTTcgDsg9KcRLTWDFQ#mail.gmail.com>
Subject: SV: example.com: Ordre # 700003820 opdatering
Date: Fri, 27 Sep 2013 08:25:38 +0200
Message-ID: <00d501cebb4a$637159b0$2a540d10$#example.com>
MIME-Version: 1.0
Content-Type: multipart/related;
boundary="----=_NextPart_000_00D6_01CEBB5B.26FF0BB0"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQGYr839QgwXgZ5pAdux+XF0Yh5W4AHfGYRhmjY70GA=
Content-Language: da
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server.example.com
X-AntiAbuse: Original Domain - ANON.dk
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - example.com
X-Get-Message-Sender-Via: server.example.com: authenticated_id:
support#example.com
X-Source:
X-Source-Args:
X-Source-Dir:
I needed to edit the MX records for the domains sending the mails, as the domains and websites were on the same server the mail server couldn't comprehend it.
We have an application sending mail with reply-to addresses in the form of NNN#email.example.com. The mail is sent via Sendgrid and replies are parsed using Sendgrid's Parse API. The problem is some email doesn't get back to us because the reply-to address has been changed to NNN#sendgrid.net. Sendgrid support says they never touch the reply-to and we've confirmed by a Gmail logging account that our application sends mail out correctly. So that leaves me suspecting certain mail servers are switching the domain name with that of the MX host. Our MX records for email.example.com are:
mx3.sendgrid.net 20
mx4.sendgrid.net 20
mx5.sendgrid.net 20
mx.sendgrid.net 10
mx2.sendgrid.net 20
Are there any mail servers or clients that are known to modify reply-to addresses? Or is there any other possible explanation?
Edit Headers from an email send by our app and logged with a Gmail account (sanitized to remove client information):
Delivered-To: logger#company.com
Received: by 10.112.62.41 with SMTP id v9csp143404lbr;
Tue, 31 Jul 2012 04:25:29 -0700 (PDT)
Received: by 10.182.51.37 with SMTP id h5mr22717342obo.35.1343733928944;
Tue, 31 Jul 2012 04:25:28 -0700 (PDT)
Return-Path: <Editors#domain.com>
Received: from o1.email.domain.com (o1.email.domain.com. [208.117.48.105])
by mx.google.com with SMTP id m6si10752851oec.6.2012.07.31.04.25.27;
Tue, 31 Jul 2012 04:25:28 -0700 (PDT)
Received-SPF: pass (google.com: domain of Editors#domain.com designates 208.117.48.105 as permitted sender) client-ip=208.117.48.105;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of Editors#domain.com designates 208.117.48.105 as permitted sender) smtp.mail=Editors#domain.com; dkim=pass header.i=#Domain.com
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=Domain.com; h=date
:from:reply-to:to:message-id:subject:mime-version:content-type
:content-transfer-encoding; s=smtpapi; bh=+VZlU9LWGUpMR4neAk/JMo
1DD2E=; b=T3Be3k1Gp+shIGgQZPJ1vtx1kUCRMCRAqRgf8LxVUdvQ1/7YWRKnls
+zrXi6dhJXaLrEyVmt7MyYgxvkVvnJqWYy4tAQABtANQHdLSle4AK1+BY+/m2h4E
fj91rMgQySNbrVV+mhaiE5Q7NxvIa35azUUO0/zRYpluDUt6UBEcQ=
Received: by 10.16.69.117 with SMTP id mf20.27729.5017C0A66
Tue, 31 Jul 2012 06:25:26 -0500 (CDT)
Received: from email.domain.com (unknown [10.60.208.17])
by mi15 (SG) with ESMTP id 5017c0a6.202a.a5e396
Tue, 31 Jul 2012 06:25:26 -0500 (CST)
Date: Tue, 31 Jul 2012 07:25:25 -0400
From: Editors <Editors#domain.com>
Reply-To: 5005#email.domain.com,
Editors <Editors#domain.com>
To: user#example.com
Message-ID: <5017c0a5d4365_e294729d8c86360#app02.manuscripts.domain.com.mail>
Subject: Invitation
Mime-Version: 1.0
Content-Type: text/html;
charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Sendgrid-EID: lcSu+eeYyj7byVT4rUR8IwFlWv7xwmQ9mjigbpHftFWQeg+HlxpNd7F1nbL2uoqLRAg4sHwj57Rrx78FZhDo2L2DCVfamQm0+wEFzkMnensGOv19JFRIAeDMZY53SVpKMwm4Klqcm6L6s9+UaFtqnRUE3/jexZ6uJAFc5x57JG4=
So you see the reply-to is set properly in these headers, but when the recipient replied we saw the reply-to address change to 5005#sendgrid.net.
We have the exact same issue. I'm no Exhange guru so I can't validate this - but I'm willing to bet the company you are sending mail to has a configuration flag that states to NOT use a 'reply to' command. Our application sends out as ourcompany#appmail.com with the reply to address set to user#mycompany.com. I can test with gmail and yahoo and it works great!
But certain companies we email always come back t the 'ourcompany#appmail.com' address as if there was no reply to set. Think about all the junk mail you get where the reply address is your own email address. I can only imagine MS and Novell have flags to force replies to the actual sender.
Now if we could just get clarification from a real expert as to whether or not this flag is out there.