Re: [exim] Mail from remote server sending to my dedicated s…

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Albert Wong
Ημερομηνία:  
Προς: 'exim users'
Αντικείμενο: Re: [exim] Mail from remote server sending to my dedicated site: 550Error Relay not permitted
Hello everyone, :-) ...

And a special thanks to Bill Hacker for his extensive reply to my last mail
message. It took me a while to digest it all.... but it was *very* very
much appreciated... I feel like a baby here, I know, so thanks so much for
all the help. :-)

Anyhow, things are going much better (whew! :) and I think I've gotten my
hosting provider to set up the rDNS appropriately. [Finally!]

But there are some new issues happening that maybe you guys could help me
with:

So, drumrolll.... here's THE PROBLEM.....

_The Problem_
***For SELECTED users, email sent from my dedicated box appears to get
*rejected* with a "rejected RCPT" error.***

Here's the actual logs from my mainlog file. You can see that *most* of the
messages get sent out ok, but some of them get rejected.

--------------------------------------------------------------
2006-08-24 10:42:00 1GGHLE-000IMU-Iy <=
improv+mythafsaneh=yahoo.com@??? U
=og2list P=local S=714 id=1156433936.527928406@???
2006-08-24 10:42:00 1GGHLE-000IMW-Jg <=
improv+ey=elizabethyochim.com@???
U=og2list P=local S=716 id=1156433936.527928406@???
2006-08-24 10:42:00 1GGHLE-000IMY-KN <= improv+theo2012=aol.com@???
U=og2l
ist P=local S=704 id=1156433936.527928406@???
2006-08-24 10:42:00 1GGHLE-000IMa-LB <=
improv+razzz=mindspring.com@??? U=
og2list P=local S=712 id=1156433936.527928406@???
2006-08-24 10:42:00 1GGHLE-000IMd-Lx <=
improv+heartseed=sbcglobal.net@???
U=og2list P=local S=718 id=1156433936.527928406@???
2006-08-24 10:42:00 1GGHLE-000IMf-Me <=
improv+f.kahane1=verizon.net@??? U
=og2list P=local S=714 id=1156433936.527928406@???
2006-08-24 10:42:00 1GGHLE-000IMh-NM <= improv+jo=movinground.com@???
U=og
2list P=local S=708 id=1156433936.527928406@???
2006-08-24 10:42:00 1GGHLE-000IMj-O3 <= improv+jugree=aol.com@???
U=og2lis
t P=local S=700 id=1156433936.527928406@???

**HERE'S THE WEIRD PART: BEGIN WEIRD***

2006-08-24 10:42:01 H=sv10pub.verizon.net [206.46.252.146] F=<> rejected
RCPT <i
mprov+f.kahane1=verizon.net@???>: Unrouteable address
2006-08-24 10:42:01 H=sv10pub.verizon.net [206.46.252.146]
F=<antispam445943@wes
t.verizon.net> rejected RCPT <improv+f.kahane1=verizon.net@???>:
Unrouteab
le address
2006-08-24 10:42:01 unexpected disconnection while reading SMTP command from
sv1
0pub.verizon.net [206.46.252.146]
2006-08-24 10:42:01 1GGHLE-000IMf-Me ** f.kahane1@??? R=dnslookup
T=remo
te_smtp: SMTP error from remote mail server after MAIL
FROM:<improv+f.kahane1=ve
rizon.net@???> SIZE=1755: host relay.verizon.net [206.46.232.11]: 550
You
are not allowed to send mail:sv10pub.verizon.net

** END WEIRD **

2006-08-24 10:42:01 1GGHLF-000IMp-1X <= <> R=1GGHLE-000IMf-Me U=mailnull
P=local
S=1760
2006-08-24 10:42:01 1GGHLE-000IMf-Me Completed
2006-08-24 10:42:01 1GGHLF-000IMp-1X **
improv+f.kahane1=verizon.net@???:
Unrouteable address
2006-08-24 10:42:01 1GGHLF-000IMp-1X Frozen (delivery error message)
2006-08-24 10:42:02 1GGHLE-000IMh-NM => jo@??? R=dnslookup
T=remote_
smtp H=mx2.balanced.swarthy.mail.dreamhost.com [208.97.132.58]
X=TLSv1:DHE-RSA-A
ES256-SHA:256
2006-08-24 10:42:02 1GGHLE-000IMh-NM Completed
2006-08-24 10:42:04 1GGHLE-000IMU-Iy => mythafsaneh@??? R=dnslookup
T=remo
te_smtp H=mx2.mail.yahoo.com [67.28.113.72]
2006-08-24 10:42:04 1GGHLE-000IMU-Iy Completed


****AND THIS IS ALSO WEIRD ***

2006-08-24 10:42:05 H=sv22pub.verizon.net [206.46.252.158] F=<> rejected
RCPT <i
mprov+jo=movinground.com@???>: Unrouteable address
2006-08-24 10:42:05 H=sv22pub.verizon.net [206.46.252.158]
F=<antispam471203@wes
t.verizon.net> rejected RCPT <improv+jo=movinground.com@???>:
Unrouteable
address
2006-08-24 10:42:05 unexpected disconnection while reading SMTP command from
sv2
2pub.verizon.net [206.46.252.158]

** END WEIRD **


2006-08-24 10:42:05 1GGHLE-000IMW-Jg => ey@??? R=dnslookup
T=rem
ote_smtp H=q1.netfirms.com [64.34.66.80]
2006-08-24 10:42:05 1GGHLE-000IMW-Jg Completed
2006-08-24 10:42:06 1GGHLE-000IMa-LB => razzz@??? R=dnslookup
T=remot
e_smtp H=mx09.mindspring.com [207.69.200.36]
2006-08-24 10:42:06 1GGHLE-000IMa-LB Completed
2006-08-24 10:42:06 1GGHLE-000IMY-KN => theo2012@??? R=dnslookup
T=remote_sm
tp H=mailin-03.mx.aol.com [64.12.138.120]
2006-08-24 10:42:06 1GGHLE-000IMY-KN Completed
2006-08-24 10:42:06 1GGHLE-000IMj-O3 => jugree@??? R=dnslookup
T=remote_smtp
H=mailin-02.mx.aol.com [205.188.157.25]
2006-08-24 10:42:06 1GGHLE-000IMj-O3 Completed

** WEIRD AGAIN

2006-08-24 10:42:09 H=sd-green-bigip-60.dreamhost.com
(swarthymail-mx1.dreamhost
.com) [208.97.132.60] F=<> rejected RCPT
<improv+jo=movinground.com@???>:
Unrouteable address

** END WEIRD

2006-08-24 10:42:11 1GGHLE-000IMd-Lx => heartseed@??? R=dnslookup
T=re
mote_smtp H=sbcmx5.prodigy.net [207.115.20.21]
2006-08-24 10:42:11 1GGHLE-000IMd-Lx Completed
--------------------------------------------------------------

If anyone has any thoughts or ideas about what is going on, it would be
muchos appreciated. Thanks!

Albert
www.ithou.org

PS. I'm getting the following -- which looks good, finally! :-)
*******
$ host ithou.org
ithou.org has address 216.32.94.10
ithou.org mail is handled by 30 mail.ithou.org.
ithou.org mail is handled by 10 mx.ithou.org.
$ host 216.32.94.10
10.94.32.216.in-addr.arpa domain name pointer www.ithou.org.
*******

PPS. The "uname -n" command gives "newinst.layeredtech.com" ... which I'm
pretty sure I could reset -- but I've already changed the value:

primary_hostname = ithou.org

in the exim.configure file, so I think that the messages are getting wrapped
correctly [no forgery concerns?]

Thanks again, ajw.

> -----Original Message-----
> From: exim-users-bounces@??? [mailto:exim-users-bounces@exim.org] On
> Behalf Of W B Hacker
> Sent: Monday, August 14, 2006 9:51 PM
> To: exim users
> Subject: Re: [exim] Mail from remote server sending to my dedicated site:
> 550 Error Relay not permitted
>
> Albert Wong wrote:
> > So, I posted this before, but I did some more work on this.
> >
> > _On my Dedicated Box_
> > Exim's primary_host / local_domains / ACL section *does* seem to be
> > configured to receive the mail to the appropriate domains
> [local_domains]
> > when mail is sent out **from the local "mail" command line** on the
> > dedicated box... However, when the mail is sent **from a remote mail
> > server**, [like yahoo.com or my ISP dslextreme.com] to the dedicated
> box, I
> > get the "550 Error Relay not permitted".
> >
>
> Your hosting provider is doing several weird things. See below, and see
> their
> 'explanation' in their online FAQ.
>
> Then go and get a proper hosting provider.
>
>
> > I think that the locally originating mail gets appropriately passed
> through
> > the exim.configure file, but remotely originating mail does not .
> >
> > When I dig "ithou.org" when I am logged onto the localhost, I get this:
> >
> > dig ithou.org -t mx
> >
> > gives:
> >
> > ;; QUESTION SECTION:
> > ;ithou.org. IN MX
> >
> > ;; ANSWER SECTION:
> > ithou.org. 3600 IN MX 20 mail.ithou.org.
> > ithou.org. 3600 IN MX 10 mx.ithou.org.
> >
> > ;; AUTHORITY SECTION:
> > ithou.org. 3600 IN NS ns2.ithou.org.
> > ithou.org. 3600 IN NS ns1.ithou.org.
> >
> > ;; ADDITIONAL SECTION:
> > mx.ithou.org. 3600 IN A 216.32.94.10
> > mail.ithou.org. 3600 IN A 216.32.94.10
> > ns1.ithou.org. 3600 IN A 216.32.94.10
> > ns2.ithou.org. 3600 IN A 216.32.94.10
> >
> > ;; Query time: 0 msec
> > ;; SERVER: 127.0.0.1#53(127.0.0.1)
> > ;; WHEN: Mon Aug 14 11:24:01 2006
> > ;; MSG SIZE rcvd: 167
> >
> > whereas the actual godaddy nameservers [where my site nameservers are
> set up
> > right now] yields the following:
> >
> > dig @park29.secureserver.net ithou.org -t mx
> >
> > gives this output:
> >
> > ;; QUESTION SECTION:
> > ;ithou.org. IN MX
> >
> > ;; ANSWER SECTION:
> > ithou.org. 3600 IN MX 10 mx.ithou.org.
> > ithou.org. 3600 IN MX 30 mail.ithou.org.
> >
> > ;; ADDITIONAL SECTION:
> > mail.ithou.org. 3600 IN A 216.32.94.10
> > mx.ithou.org. 3600 IN A 216.32.94.10
> >
> > ;; Query time: 39 msec
> > ;; SERVER: 64.202.165.19#53(64.202.165.19)
> > ;; WHEN: Mon Aug 14 11:29:15 2006
> > ;; MSG SIZE rcvd: 99
> >
> > ---------------
>
> There is more to it.
>
> Do 'host mx.ithou.org', which returns 216.32.94.10
>
> Now do 'host 216.32.94.10' and get:
> 10.94.32.216.in-addr.arpa domain name pointer
> 10.94.32.216.reverse.layeredtech.com.
>
> Then try:
>
> dig any reverse.layeredtech.com
> dig any PTR reverse.layeredtech.com
>
> Note the 'NS' and 'A' records do NOT end up on your IP, nor is there a PTR
> record.
>
> >
> > Additionally, here's the main parts of the exim configure file:
> >
> > primary_hostname = ithou.org
> >
> > domainlist local_domains = @ : ithou.org : <http://www.ithou.org>
> > www.ithou.org
> > domainlist relay_to_domains = *.ithou.org : ithou.org
> > hostlist relay_from_hosts = localhost : 216.32.94.10
> >
> > Thanks for any ideas! :-)
> >
> > Finally: and this might be key... when I try to do a telnet test send
> > message from exim, I get the following response:
> >
> > #telnet ithou.org 25
> > Connected to ithou.org.
> > Escape character is '^]'.
> > 220 newinst.layeredtech.com ESMTP Exim 4.62 Mon, 14 Aug 2006 11:37:00 -
> 0500
>
> The 'banner' should reflect *your* server ID, not that of the upstream.
> Aside from their proprietary idea of what a PTR record is (see their FAQ),
> they are doing something else strange.
>
> Note that *your* DNS has 'A' and 'MX' records.
>
> Note that layeredtech has constructed an rDNS for your IP, but have
> assigned it
> to *their* domain.tld, not to your domain.tld.
>
> Do a traceroute to your IP, your domain.tld and save the last two lines.
>
> Now do the same to one or more other mail servers, (mine, sesame, etc.).
>
> Compare the last two lines with the last two lines from these with the
> last two
> lines where layeredtech is mis-labeling your server.
>
> Then go and find a proper hosting provider.
>
> Meanwhile, rude as that is, as you DO have an A record, it should not stop
> the
> world from turning.
>
> > ehlo ithou.org
> > 250-newinst.layeredtech.com Hello ithou.org [216.32.94.10]
> > 250-SIZE 52428800
> > 250-PIPELINING
> > 250 HELP
> > MAIL FROM: wonga@???
> > 250 OK
> > RCPT TO: wonga@???
> > 451 Temporary local problem - please try later
> >
>
> This is a separate issue.
>
> If I follow the same procedure, but use *my* address as 'MAIL FROM:'
> with RCPT TO: wonga@???, I get 'accepted', not the 451 error
> message.
>
> Your Exim is seeing a remote client attempt to impersonate a local
> domain.tld
> (probably doesn't let it get far enough to care about the local_part).
>
> > Thanks for all your ideas!
> >
> > I've tried to contact LayeredTech.com which is my hosting company to try
> and
> > set things up with a PTR / DNS record upstream. because Bill Hacker
> > graciously recommended that I do so earlier, but the hosting company is
> > being kinda unresponsive.
> >
>
> More accurately, responsive in a proprietary and unhelpful way - one taht
> will
> throw you into the penalty box for apparent 'forgery' as you move forward.
>
> > Anyhow, thanks for your help!
> >
> > Albert
> >
> >
> >
>
> Suggest you use a 'real' remote address for MAIL FROM: on telnet testing
> so as
> not to complicate/obscure the issues.
>
> HTH,
>
> Bill
>
>
> --
> ## List details at http://www.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://www.exim.org/eximwiki/