On 08/09/16 13:56, Daniel Bareiro wrote: > I recently set up an relay SMTP server on a host of Digital Ocean, using > Debian and Postfix. > > The main reason for setting up this relay is that the cPanel VPS is > hosted at Godaddy, and they force everyone to send email through their > shared SMTP relay. As expected, that shared relay is continually being > flagged for spam. > > So the outgoing emails are routed through this server. Usually > everything worked smoothly. Mails to accounts on Google, Yahoo, Hotmail > and other servers are delivered. But I found a problem with a specific > domain: > > ----------------------------------------------------------------------- > Sep 7 14:36:11 smtp postfix/smtp[8036]: 5EAA520AAD: > to=<xxxx@lkeusa.com>, relay=lkeusa.com[50.87.144.56]:25], delay=13, > delays=0.91/0.06/6.1/5.9, dsn=5.0.0, status=bounced (host > lkeusa.com[50.87.144.56] said: 550-Please turn on SMTP Authentication in > your mail client, or login to the 550-IMAP/POP3 server before sending > your message. smtp.server.com 550-[x.y.z.t]:41988 is not permitted to > relay through this server 550 without authentication. (in reply to RCPT > TO command)) > ----------------------------------------------------------------------- > > I'm not sure why this specific domain is complaining in this way. > > Another thing that is strange to me is that apparently a dig query is > not returning nothing: > > ----------------------------------------------------------------------- > $ dig -t mx lkeusa.com > > ; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> -t mx lkeusa.com > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 31796 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 > > ;; OPT PSEUDOSECTION: > ; EDNS: version: 0, flags:; udp: 4096 > ;; QUESTION SECTION: > ;lkeusa.com. IN MX > > ;; Query time: 531 msec > ;; SERVER: 10.1.0.6#53(10.1.0.6) > ;; WHEN: Thu Sep 08 13:48:38 ART 2016 > ;; MSG SIZE rcvd: 39 > ----------------------------------------------------------------------- > > But Postfix was trying to deliver the mail in 50.87.144.56. > > Maybe they were making changes to the remote server? Well, it seems that in the absence of an MX record, Postfix uses the A record that it find by querying that domain and in that IP address an Exim server responds: ----------------------------------------------------------------------- # telnet lkeusa.com 25 Trying 50.87.144.56... Connected to lkeusa.com. Escape character is '^]'. 220-gator3037.hostgator.com ESMTP Exim 4.86_1 #1 Thu, 08 Sep 2016 12:15:19 -0500 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. ----------------------------------------------------------------------- But I have not yet determined what the cause of that error 550 which is not present with other SMTP servers like Gmail. I will continue investigating. Any comments that shed some more light on this will be appreciated. Kind regards, Daniel
Attachment:
signature.asc
Description: OpenPGP digital signature