I was newly install cpanel on centos 7 and i want set smtp, and i already set it, but i got some errors, please help me
Reporting-MTA: dns; server.hiz-panel.com
Action: failed
Final-Recipient: rfc822;rizkyyunasrianto12#gmail.com
Status: 5.0.0
Remote-MTA: dns; smtprelay.snel.com
Diagnostic-Code: smtp; 554 5.7.1 <rizkyyunasrianto12#gmail.com>: Relay access denied
I'm running a small IRCd on a vps. No firewall. When users register their nicks, a confirmation email is sent out to them by Sendmail to the email address they entered during registration. All but Gmail users get email. I found this and made an spf record using my IP address and placed it my MX record:
"v=spf1 ip4:168.235.75.84 include:_spf.google.com ~all"
But Gmail emails still aren't received. Here's some text from /var/mail/root
----- The following addresses had permanent fatal errors -----
<email.address#gmail.com>
(reason: 550-5.7.1 [2604:180:3:284::8c64] Our system has detected that this message does)
----- Transcript of session follows -----
... while talking to gmail-smtp-in.l.google.com.:
>>> DATA
<<< 550-5.7.1 [2604:180:3:284::8c64] Our system has detected that this message does
<<< 550-5.7.1 not meet IPv6 sending guidelines regarding PTR records and
<<< 550-5.7.1 authentication. Please review
<<< 550-5.7.1 https://support.google.com/mail/?p=ipv6_authentication_error for more
<<< 550 5.7.1 information. hn5si5276310pac.203 - gsmtp
554 5.0.0 Service unavailable
--u4AMhua5032690.1462920236/xtremeirc.net
Content-Type: message/delivery-status
Reporting-MTA: dns; xtremeirc.net
Received-From-MTA: DNS; localhost.localdomain
Arrival-Date: Tue, 10 May 2016 18:43:55 -0400
Final-Recipient: RFC822; email.address#gmail.com
Action: failed
Status: 5.7.1
Remote-MTA: DNS; gmail-smtp-in.l.google.com
Diagnostic-Code: SMTP; 550-5.7.1 [2604:180:3:284::8c64] Our system has detected that this message does
Last-Attempt-Date: Tue, 10 May 2016 18:43:56 -0400
--u4AMhua5032690.1462920236/xtremeirc.net
Content-Type: text/rfc822-headers
Return-Path: <root#xtremeirc.net>
Received: from xtremeirc.net (localhost.localdomain [127.0.0.1])
by xtremeirc.net (8.14.4/8.14.4/Debian-8) with ESMTP id u4AMhsa5032688;
Tue, 10 May 2016 18:43:55 -0400
Received: (from root#localhost)
by xtremeirc.net (8.14.4/8.14.4/Submit) id u4AMhsQs032687;
Tue, 10 May 2016 18:43:54 -0400
Date: Tue, 10 May 2016 18:43:54 -0400
From: root <root#xtremeirc.net>
Message-Id: <201605102243.u4AMhsQs032687#xtremeirc.net>
--u4AMhua5032690.1462920236/xtremeirc.net--
For what it's worth, I have an IPv6 address set up for my domain.
I'm out of my league on this and don't know what I'm doing wrong here? If I need to post more information, please advise. Thanks.
Your SPF record should include your IPv6 address.
"v=spf1 ip4:168.235.75.84 ip6:2604:180:3:284::8c64 include:_spf.google.com ~all"
I installed Postfix on an Ubuntu 14.04 server running Nginx. While I was installing it, I put the system email as 'info#mydomain.com' not realising that it would now think that this was a local mailbox. This email address is a gmail account and so the server needs to look at the MX records.
I'm guessing what is happening is that it sees that its a local address and just sends it locally. I sent a test with:
echo "This is the body of the email" | mail -s "This is the subject line" info#mydomain.com
And sure enough in /var/mail/root there was a message:
From MAILER-DAEMON Wed Sep 30 19:05:59 2015
Return-Path: <>
X-Original-To: root#mydomain.com
Delivered-To: root#mydomain.com
Received: by mydomain.com (Postfix)
id 5D29F1249E9; Wed, 30 Sep 2015 19:05:59 -0400 (EDT)
Date: Wed, 30 Sep 2015 19:05:59 -0400 (EDT)
From: MAILER-DAEMON#mydomain.com (Mail Delivery System)
Subject: Undelivered Mail Returned to Sender
To: root#mydomain.com
Auto-Submitted: auto-replied
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="52BC21249E1.1443654359/mydomain.com"
Message-Id: <20150930230559.5D29F1249E9#mydomain.com>
This is a MIME-encapsulated message.
--52BC21249E1.1443654359/mydomain.com
Content-Description: Notification
Content-Type: text/plain; charset=us-ascii
This is the mail system at host mydomain.com.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<info#mydomain.com>: unknown user: "info"
--52BC21249E1.1443654359/mydomain.com
Content-Description: Delivery report
Content-Type: message/delivery-status
Reporting-MTA: dns; mydomain.com
X-Postfix-Queue-ID: 52BC21249E1
X-Postfix-Sender: rfc822; root#mydomain.com
Arrival-Date: Wed, 30 Sep 2015 19:05:59 -0400 (EDT)
Final-Recipient: rfc822; info#mydomain.com
Action: failed
Status: 5.1.1
Diagnostic-Code: X-Postfix; unknown user: "info"
--52BC21249E1.1443654359/mydomain.com
Content-Description: Undelivered Message
Content-Type: message/rfc822
Return-Path: <root#mydomain.com>
Received: by mydomain.com (Postfix, from userid 0)
id 52BC21249E1; Wed, 30 Sep 2015 19:05:59 -0400 (EDT)
Subject: This is the subject line
To: <info#mydomain.com>
X-Mailer: mail (GNU Mailutils 2.99.98)
Message-Id: <20150930230559.52BC21249E1#mydomain.com>
Date: Wed, 30 Sep 2015 19:05:59 -0400 (EDT)
From: root#mydomain.com (root)
This is the body of the email
--52BC21249E1.1443654359/mydomain.com--
I'm not sure how I can get the server to send the emails to the right place? Should I change the system email to something random?
I'm guessing that you've probably got the machine installed with mydomain.com as the hostname and so Postfix is configured to think it's answering email for mydomain.com. You probably want to edit your /etc/postfix/main.cf and remove your domain from the mydestination line there. (And then restart Postfix.)
I find out my server is sending a spam. Spam is sent by postfix server. It has large queue of emails, that are going to be sent without my help. I cant understand which script is added these emails to postfix queue.
Now I have these questions:
How to determine what script is adding mails to postfix queue?
How to clear postfix queue from spam? (all emails are spam, there are no emails sent by me)
Why reports are recieved by user123? (user123 - is ubuntu user, not original, changed by security reason)
Report from /var/mail/user123:
From MAILER-DAEMON Tue Nov 11 04:01:47 2014
Return-Path: <>
X-Original-To: user123#ubuntu
Delivered-To: user123#ubuntu
Received: by ubuntu (Postfix)
id 8F0D227364; Mon, 10 Nov 2014 15:15:52 -0500 (EST)
Date: Mon, 10 Nov 2014 15:15:52 -0500 (EST)
From: MAILER-DAEMON#ubuntu (Mail Delivery System)
Subject: Undelivered Mail Returned to Sender
To: user123#ubuntu
Auto-Submitted: auto-replied
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="C0BE92ECAB.1415650552/ubuntu"
Message-Id: <20141110201552.8F0D227364#ubuntu>
This is a MIME-encapsulated message.
--C0BE92ECAB.1415650552/ubuntu
Content-Description: Notification
Content-Type: text/plain; charset=us-ascii
This is the mail system at host ubuntu.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<quirin.cyrille#orange.fr>: delivery temporarily suspended: host
smtp-in.orange.fr[80.12.242.9] refused to talk to me: 550 mwinf5c20 ME
Adresse IP source bloquee pour incident de spam. Client host blocked for
spamming issues. OFR006_102 Ref
http://csi.cloudmark.com/reset-request/?ip=74.218.214.24 [102]
--C0BE92ECAB.1415650552/ubuntu
Content-Description: Delivery report
Content-Type: message/delivery-status
Reporting-MTA: dns; ubuntu
X-Postfix-Queue-ID: C0BE92ECAB
X-Postfix-Sender: rfc822; user123#ubuntu
Arrival-Date: Wed, 5 Nov 2014 13:50:50 -0500 (EST)
Final-Recipient: rfc822; quirin.cyrille#orange.fr
Action: failed
Status: 4.0.0
Diagnostic-Code: X-Postfix; delivery temporarily suspended: host
smtp-in.orange.fr[80.12.242.9] refused to talk to me: 550 mwinf5c20 ME
Adresse IP source bloquee pour incident de spam. Client host blocked for
spamming issues. OFR006_102 Ref
http://csi.cloudmark.com/reset-request/?ip=74.218.214.24 [102]
--C0BE92ECAB.1415650552/ubuntu
Content-Description: Undelivered Message Headers
Content-Type: text/rfc822-headers
Return-Path: <user123#ubuntu>
Received: by ubuntu (Postfix, from userid 1006)
id C0BE92ECAB; Wed, 5 Nov 2014 13:50:50 -0500 (EST)
From: =?UTF-8?B?T25seSBDYXNpbm8=?= <only_casino#bingo-chips.us>
To: "MOIDU88480" <quirin.cyrille#orange.fr>
Subject: =?UTF-8?B?Qm9uam91ciBNT0lEVTg4NDgwLiBWZWdhcyBEYXlzIENhc2lubyAtIExhcyBWZWdhcyBzJ2ludml0ZSBjaGV6IHZvdXMgc3VyIFZlZ2FzIERheSBDYXNpbm8h?=
Content-Type: multipart/mixed; boundary="PHP-mixed-3b3472b0874837cf2218d941eec5b6d8"
Message-Id: <20141105185050.C0BE92ECAB#ubuntu>
Date: Wed, 5 Nov 2014 13:50:50 -0500 (EST)
--C0BE92ECAB.1415650552/ubuntu--
Googling gives no result.
My google search queries could be wrong, but I really need to fix this problem.
So any help is appreciated.
If I can provide more useful information please ask it in comments.
P.S. Server is hosting magento and wordpress sites.
P.S.S. 74.218.214.24 - is IP of my dedicated server, not original. It was changed in this post due to security reason.
UPDATE
Some lines from /var/log/mail.log:
Nov 9 06:40:05 u17135818 postfix/smtp[10428]: 65EDE3C718: to=<mywookie#ymail.com>, relay=mta6.am0.yahoodns.net[98.136.216.25]:25, delay=7.7, delays=7.4/0/0.19/0.06, dsn=5.7.1, status=bounced (host mta6.am0.yahoodns.net[98.136.216.25] said: 553 5.7.1 [BL21] Connections will not be accepted from 74.218.214.24, because the ip is in Spamhaus's list; see http://postmaster.yahoo.com/550-bl23.html (in reply to MAIL FROM command))
Nov 9 06:40:05 u17135818 postfix/smtp[10428]: 65EDE3C718: lost connection with mta6.am0.yahoodns.net[98.136.216.25] while sending RCPT TO
Nov 9 06:40:05 u17135818 postfix/pickup[10080]: 1338B3ED4A: uid=1006 from=<user123>
Nov 9 06:40:05 u17135818 postfix/cleanup[12998]: 1338B3ED4A: message-id=<20141109114005.1338B3ED4A#ubuntu>
Nov 9 06:40:05 u17135818 postfix/cleanup[13261]: 133D53ED54: message-id=<20141109114005.133D53ED54#ubuntu>
Nov 9 06:40:05 u17135818 postfix/smtp[10424]: DECBB27368: to=<toshiki_6#hotmail.com>, relay=mx2.hotmail.com[207.46.8.199]:25, delay=9.6, delays=9.3/0.02/0.19/0.06, dsn=5.0.0, status=bounced (host mx2.hotmail.com[207.46.8.199] said: 550 OU-002 (BAY004-MC6F11) Unfortunately, messages from 74.218.214.24 weren't sent. Please contact your Internet service provider since part of their network is on our block list. You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors. (in reply to MAIL FROM command))
Nov 9 06:40:05 u17135818 postfix/smtp[12030]: EFA783D645: to=<festefaen#gmail.com>, relay=gmail-smtp-in.l.google.com[2607:f8b0:4001:c08::1b]:25, delay=7.3, delays=6.6/0/0.09/0.64, dsn=5.7.1, status=bounced (host gmail-smtp-in.l.google.com[2607:f8b0:4001:c08::1b] said: 550-5.7.1 [2607:f1c0:841:fe00::66:d8fd 12] Our system has detected that 550-5.7.1 this message is likely unsolicited mail. To reduce the amount of spam 550-5.7.1 sent to Gmail, this message has been blocked. Please visit 550-5.7.1 http://support.google.com/mail/bin/answer.py?hl=en&answer=188131 for 550 5.7.1 more information. sd5si10854734igb.33 - gsmtp (in reply to end of DATA command))
...
Nov 11 04:01:54 u17135818 postfix/smtp[17765]: E01792762C: host mx1.free.fr[212.27.48.6] said: 451 too many errors detected from your IP (74.218.214.24), please visit http://postmaster.free.fr/ (in reply to DATA command)
Nov 11 04:01:54 u17135818 postfix/smtp[17797]: 953592B312: host cluster1.eu.messagelabs.com[85.158.143.99] refused to talk to me: 450 Requested action aborted [7.2] 21614, please visit www.messagelabs.com/support for more details about this error message.
Nov 11 04:01:54 u17135818 postfix/qmgr[17712]: C7D883257C: from=<user123#ubuntu>, status=expired, returned to sender
Nov 11 04:01:54 u17135818 postfix/qmgr[17712]: 0799A259AD: removed
Nov 11 04:01:54 u17135818 postfix/qmgr[17712]: 90F4332280: removed
Nov 11 04:01:54 u17135818 postfix/qmgr[17712]: 67B8B2E7C7: from=<user123#ubuntu>, status=expired, returned to sender
Nov 11 04:01:54 u17135818 postfix/qmgr[17712]: 9063532F5D: removed
Nov 11 04:01:54 u17135818 postfix/qmgr[17712]: EE4222A874: removed
Nov 11 04:01:54 u17135818 postfix/smtp[17724]: 61C22360A0: to=<lgennuso#princetonhcs.org>, relay=smtp4.princetonhcs.org[209.123.81.114]:25, delay=381492, delays=381485/5.6/0.59/0, dsn=4.5.0, status=deferred (host smtp4.princetonhcs.org[209.123.81.114] refused to talk to me: 550 5.5.0 74.218.214.24 is blacklisted by FortiGuard. This email from IP has been rejected. The email message was detected as spam.)
Nov 11 04:01:54 u17135818 postfix/smtp[17800]: 61B3A3AD2C: to=<bigboy#starbucks.org>, relay=none, delay=259892, delays=259884/2.2/5.5/0, dsn=4.4.3, status=deferred (Host or domain name not found. Name service error for name=starbucks.org type=MX: Host not found, try again)
Nov 11 04:01:54 u17135818 postfix/smtp[17787]: CD3312175D: host mx1.free.fr[212.27.48.7] said: 451 too many errors detected from your IP (74.218.214.24), please visit http://postmaster.free.fr/ (in reply to DATA command)
Nov 11 04:01:54 u17135818 postfix/smtp[17819]: 780C624266: to=<max.charlene#aliceadsl.fr>, relay=mx1.free.fr[212.27.48.7]:25, conn_use=5, delay=227385, delays=227377/6.5/0.66/0.34, dsn=4.0.0, status=deferred (host mx1.free.fr[212.27.48.7] said: 451 too many errors detected from your IP (74.218.214.24), please visit http://postmaster.free.fr/ (in reply to DATA command))
Nov 11 04:01:54 u17135818 postfix/smtp[17778]: CE12E26756: to=<rcataldo#laposte.net>, relay=smtpz4.laposte.net[194.117.213.1]:25, delay=133031, delays=133023/6.5/0.79/0.27, dsn=5.0.1, status=bounced (host smtpz4.laposte.net[194.117.213.1] said: 501 5.0.1 Emetteur invalide. Invalid Sender. LPN007_405 (in reply to MAIL FROM command))
It looks like one service or software triggering this mails. You can block all outgoing mails frompostfix by using the mail relaying options for external domains, this is possible if you don't want to send any mails from your machine.
You can check the maillog file inside /var/log - that will give the more details, also check the command mailq to see how many mails are pending.
Update:-
Do you allowed any of other people in your network to send mail through your machine ?, then you can suspect that case. Few things I can notice from the log is that -
The mail being rejected by the receiver end saying your public IP is flooding mails.
If these mails are coming periodically and not from any of other machines in your network, then you have to find out which process or application doing this. For that you have to use the tcpdump and monitor for the TCP packets. From that you can see that, the mail client first pushing the mail to your local postfix server, then that's being forwarded to the target mail server.
This is the way I can see to find out which application sending mails from your computer.
Hope this will help you to figure out the culprit.
Mail server using sendmail+dovecot ,
I have a problem from returned mail system.
When I changed old_domain to new_domain.com,
smtp server works fine, but returned mail have wrong message:
The original message was received at Wed, 20 Aug 2014 09:24:41 +0800
from old_domain.com [xx.xx.xx.xx]
----- The following addresses had permanent fatal errors -----
<asdddxzx#gmsddf.vcom>
(reason: 550 Host unknown)
----- Transcript of session follows -----
550 5.1.2 <asdddxzx#gmsddf.vcom>... Host unknown (Name server: gmsddf.vcom: host not found)
this is error message in Mail Delivery Subsystem sent back:
Reporting-MTA: dns; new_domain.com
Received-From-MTA: DNS; old_domain.com
Arrival-Date: Wed, 20 Aug 2014 16:28:02 +0800
Final-Recipient: RFC822; asdddd#fma.ckfs
Action: failed
Status: 5.1.2
Remote-MTA: DNS; fma.ckfs
Diagnostic-Code: SMTP; 550 Host unknown
Last-Attempt-Date: Wed, 20 Aug 2014 16:28:05 +0800
I found the answer!
sendmail server uses Hostname setting and host setting
so make sure your setting is correct
/etc/hosts
/etc/sysconfig/network
and it works fine!