Author: Frank S. Bernhardt Date: CC: exim users Subject: Re: [exim] Problems with hichina.com mail servers?
Bill, >>
>> I have a customer that can't send e-mails to two of his suppliers in
>> China in that his e-mails keep bouncing back with a '452 Invalid sender'
>> messages.
>>
>
> Not spcifically so stated, but shall we presume that these come from your mail
> server, and that it is an Exim MTA you are running?
>
> If so - are you supporting what the destination needs if it does a sender verify
> callout?
>
> (extended logging should show at least a connection from them shortly after your
> message hits the remote_smtp delivery phase).
>
> Call that possibility ONE.
>
> Ah, you may have something there. I don't know if the firewall that was
set up by people from Pintar's head office has opened up port 113 for
the ident server. I will check.
>> I tried sending an email to the postmaster there and it bounced back with:
>>
>>
>>> <postmaster@???>:
>>> 218.30.103.130 failed after I sent the message.
>>> Remote host said: 552 This user's disk quota exceeded, anyway you can
>>> send a smail (<1KB) message to inform the person.
>>>
>> The email was way less than 1K.
>>
>>
>
> Different issue - not related to your problem.
>
Ok, a red herring. >
>> I tried a telnet to mail.promexsh.com 25 and as soon as I did:
>>
>> mail from: phil@???
>>
>> I immediately got the 452 error.
>>
>>
>
> I'll call thei possibility TWO.
>
> pintar.ca resolves to IP 209.250.128.44
>
> but IP 209.250.128.44 resolves to webhost02.pathcom.com
>
> The same telnet from one of my Hong Kong servers, HELO'ing with the hostname in
> the rDNS, succeeds to the next step:
>
> ========
>
> conducive# telnet mail.promexsh.com 25
>
> Trying 218.30.103.130...
>
> Connected to mail.promexsh.com.
> Escape character is '^]'.
> 220-W E L C O M E T O H I C H I N A S M T P S E R V I C E !
> 220 mxvip2.hichina.com ESMTP server (quarkmail server - version 1.2.1) ready at
> Thu, 20 Jul 2006 01:12:27 +0800
>
> helo conducive.org
>
> 250 mxvip2.hichina.com Hello conducive.org
>
> ^]
> telnet>
> quit
>
> 221 mxvip2.hichina.com Out
> Connection closed by foreign host.
>
> ========
>
> Perhaps the distant end has an overly strict HELO match rule in place.
>
> What happens if you try to HELO as webhost02.pathcom.com?
>
I tried that from the pintar.pintar.ca server. It accepted the HELO but
when I did the
mail from: phil@???
there was a delay and I got a 452.
>
>> This happens as well with the mail.jinmao.com server.
>>
>>
>
> Likewise - it talks to a server with HELO / rDNS match:
>
> ========
>
> conducive# telnet mail.jinmao.com 25
>
> Trying 218.244.143.23...
>
> Connected to mail.jinmao.com.
> Escape character is '^]'.
> 220-W E L C O M E T O H I C H I N A S M T P S E R V I C E !
> 220 mxdxt3.hichina.com ESMTP server (quarkmail server - version 1.2.1) ready at
> Thu, 20 Jul 2006 01:14:57 +0800
>
> helo conducive.org
>
> 250 mxdxt3.hichina.com Hello conducive.org
> ^]
> telnet>
> quit
> 221 mxdxt3.hichina.com Out
> Connection closed by foreign host.
>
> ====
>
>
>
>> On further investigation I see mail.promexsh.com announces itself as
>> mxvip2.hichina.com (218.244.159.32) and mail.jinmao.com announces itself
>> as mxdxt3.hichina.com (218.244.143.23).
>>
>>
>
> smtp banner aside, does your log show the same on actual incoming traffic?
>
>> From the above I surmise that hichina.com has some serious problems or
>> am I totally out to lunch (ok, I may be right and still be out to lunch
>> but you know what I mean).
>>
>> Any constructive advice would be appreciated.
>>
>>
>
> Well - they *may* be more strict about HELO/DNS match on arrival than they are
> themselves on departure, and/or they use separate servers for incoming and
> outgoing - not at all uncommon, and not always doen with the best of DNS
> entries. The banner alone is not conclusive.
>
> But if 'job ONE' is to just get your users' mail to be accepted by them, all you
> *may* need to do is insure your rDNS and HELO match on your own server.
>
> Easy to try that anyway.
>
>
Yes, I agree. I will contact their ISP, pathcom.com and get them to set
it up. I was sure it was set up originally when they signed up with them
as I always insist that the rDNS be set up that way. I know patchcom.com
switched DNS servers a while ago so I bet they forgot the rDNS.
I checked another customer of mine that is with pathcom.com
(standardmechanical.com) and a telnet test to mail.promexsh.com passes
the 'mail from:' message.
What threw me was the quota exceeded message from postmaster and a post
I read on the Neohapsis list about a "452 Too Many" message in response
to too many recipients.
I really appreciate the time and effort you put into your response.