I have configured Windows Live Mail for my Gmail account. It uses IMAP for incoming and SMTP for outgoing mail. I collected packets recvd/sent by the application over a period of 4 hours using Netmon. I observed that the server every now or then sends a TLS packet of TCP payload length 39. I decrypted the packet and it contains:
* 554 EXISTS
Can anyone tell me what is going on?
I found the answer: The server is basically saying it has 554 messages. Each message is assigned a unique identifier. I have told Live Mail to check for new mail every 5 minutes and I indeed see see this packet every 5 minutes.
Related
I've configured several email addresses using the built-in CPanel email utility, and they're all able to successfully send outgoing mail. Incoming mail however is bounced back, with one of the following two errors:
Address not found:
The response from the remote server was:
550 5.1.1 <email#domain.com> Recipient not found.
Message not delivered:
The response from the remote server was:
550 5.4.1 [nathan#fortunesfavored.com]: Recipient address rejected: Access denied
I believe that these error codes (550 5.4.1 and 550 5.1.1) are Exchange server errors, meaning that incoming mail is being directed to the wrong server. (I'm hosting on a GoDaddy service). Is that correct? If so, is this an issue that I would solve in my DNS settings under the MX entry? Here's what I have now:
Priority Host Points to TTL
10 # mailstore1.secureserver.net 1 Hour
0 # smtp.secureserver.net 1 Hour
yes you have to edit your MX entries.
Login to you cpanel account.
under emails click on MX entries.
if there is no MX entry then add a MX entry.
mail.yourdomainname.com and set priority 10
I'm trying to stablish a SMTP connection with hotmail or yahoo (both giving the same issue). They connect to my server (192.168.1.220) on port 25 and I send the 220 confirmation, but they don't reply with HELO, EHLO nor anything.
So I scanned the packages and I found this:
http://i.stack.imgur.com/Kj4r0.jpg
As far as I see, SYN is sent without any problems, SYN-ACK works right, then ACK doesn't reply with the right Seq value (it should be 2, right?).
Do you know what could be causing the connection issue? Should I try UDP or nothing here is wrong and I am misunderstanding the whole situation?
Thank you very much!
The problem wasn't here.
We were sending our 220 message just with \n and no \r. So we sent "220 Hello\n\r" and it worked.
I am developing a bulk email procedure, in that I have no issues in sending emails in batches. My problem starts when the recipients address is invalid or rejected by the host server.
Simply how can I tell the SMTP server not to retry it the original email was bounced.
I can only use MS Exchange Server.
The number of retries is a setting that you can configure in MS Exchange. See: http://technet.microsoft.com/en-us/library/jj891103(v=exchg.150).aspx
I would like like guidance regarding an issue we are having on our CentOS server.
Just recently we noticed that we cannot send emails to Hotmail.com mailboxes from our domain email. I also discovered that we're getting a lot of mail delivery failure emails in one of the inbox's that we don't use.
I've checked the mail logs and saw some suspicious activity. Unfortunately, I don't know much with regards to mail server and how they behave. Can someone shine some light on this situation and tell me if some is connecting to our SMTP server remotely and sending spam emails to various recipients? What other steps should I take to prevent this?
Here is part of the log:
2013-06-09 05:43:27 SMTP connection from [110.52.1.237]:13088 (TCP/IP connection count = 1)
2013-06-09 05:43:32 no host name found for IP address 110.52.1.237
2013-06-09 05:43:41 SMTP connection from [110.52.1.237]:13461 (TCP/IP connection count = 2)
2013-06-09 05:43:46 no host name found for IP address 110.52.1.237
2013-06-09 05:43:46 unexpected disconnection while reading SMTP command from (iem.net) [110.52.1.237]:13088
2013-06-09 05:43:55 H=(qbnngj.com) [110.52.1.237]:13461 sender verify fail for <wqnsjzyyc#qbnngj.com>: The mail server could not deliver mail to wqnsjzyyc#qbnngj.com. The account or domain may not exist, they may be blacklisted, or missing the proper dns entries.
2013-06-09 05:43:55 H=(qbnngj.com) [110.52.1.237]:13461 F=<wqnsjzyyc#qbnngj.com> rejected RCPT <support#greenXXXX.com>: Sender verify failed
2013-06-09 05:43:55 unexpected disconnection while reading SMTP command from (qbnngj.com) [110.52.1.237]:13461
As you can see above, the IP that connected to the SMTP server is from China. I have a dozen of similar connections made in the log.
I am not sure how to resolve this issue.
Any help would be appreciated.
Thank you,
Max
You have two separate problems.
Sending to Hotmail: They have a web page regarding their own private white list, and if you're not on the list, you get blocked.
Receiving delivery status notices for messages not sent: Someone is spoofing your domain in messages they're sending to others. You need to protect your domain with some authentication technology. The two most common are called "sender policy framework" and domainkeys.
As I know the email message sending process looks like this:
The message is sent from sender's client to his server (say mail.com).
The mail.com server redirects the message to recipients server (say gmail.com).
Recipient's client connects to gmail.com and recieves new messages.
I'm interested in stage 2.
I thought that the servers use SMTP protocol to make this negotiation. And gmail.com server should listen to 25 port to recieve a connection from mail.com and other servers.
But then I try to connect gmail.com (exactly, Google service) on port 25, the server is not responding...
Why? What's wrong?
You need to delve into MX records a bit: Oversimplified DNS and MX record. The SMTP gateways use the MX records to route emails between each other. So, for a domain X the SMTP gateway might be mail.X : in other words, for gmail.com the mail gateway might be mail.gmail.com (example).
Mail servers do not redirect.
You have to use MX records to find a mail server. You can't just assume that there will be one on the bare domain name.
But then the mail server will either accept or reject your message. In some cases, usually only between very close and trusted friends, the mail server might RELAY your message onward to another mail server.
At one time, in the mid 90's, just about any mail server would accept a message and relay it. Many people relied on this behavior because IP packets would only travel 30 hops, and the edges of the Internet were more than 30 hops apart. For instance, Peru and Ukraine could not contact each other with IP packets, but they could both send mail to a server at aol.com and that mail server would relay it on to its destination.
It is best not to play around with email unless you read some modern up-to-date descriptions of how it works, and perhaps check the white papers at maawg.org. Also, many domains now expect strangers to submit their email via port 587 and authentication is required.