LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices



Reply
 
Search this Thread
Old 08-02-2013, 02:09 PM   #1
tonmoy
LQ Newbie
 
Registered: Apr 2013
Location: Dhaka, Bangladesh
Distribution: CentOS, Red Hat
Posts: 28

Rep: Reputation: 2
SMTP error - Outgoing Mail Problem


Dear All:

Since my mail server's rDNS information wasn't my domain name, I have changed the rDNS (PTR Record) information correctly of the live mail server (postfix + dovecot).

Now suddenly, users have been unable to send mails through the relay where IMAP is working as OK.

Many DNSBL servers had listed my ip (x.x.x.x) as spam source, and after requesting now it's unlisted, but still our users can not send mail to outside world.

In mail queue there was too many mails and continuously /var/log/maillog file is being filled with new logs. After "postsuper -d ALL" mail queue is cleared but the mail log is continuously filling the file.

In the mail log file, there was many SMTP errors (450, 421 etc.) like "450 4.7.1 Recipient address rejected" or "421 4.7.0 ts01 messages from x.x.x.x temporarily deferred due to user complaints"

But now there is only the below errors:

Quote:

Aug 2 23:58:14 my-mail-server-domain postfix/smtpd[2399]: NOQUEUE: reject: RCPT from unknown[123.161.152.48]: 554 5.7.1 <ee0303qeghz8@yahoo.com.tw>: Relay access denied; from=<vsuqlgjev@yahoo.com> to=<ee0303qeghz8@yahoo.com.tw> proto=SMTP helo=<my.mail.server.ip>
Aug 2 23:58:15 my-mail-server-domain postfix/smtpd[2405]: NOQUEUE: reject: RCPT from unknown[1.86.65.216]: 554 5.7.1 <p5pkimo@yahoo.com.tw>: Relay access denied; from=<crqgxvh@yahoo.com> to=<p5pkimo@yahoo.com.tw> proto=SMTP helo=<my.mail.server.ip>
Aug 2 23:58:16 my-mail-server-domain postfix/smtpd[2399]: NOQUEUE: reject: RCPT from unknown[123.161.152.48]: 554 5.7.1 <phz8@yahoo.com.tw>: Relay access denied; from=<vsuqlgjev@yahoo.com> to=<phz8@yahoo.com.tw> proto=SMTP helo=<my.mail.server.ip>
Aug 2 23:58:17 my-mail-server-domain postfix/smtpd[2405]: NOQUEUE: reject: RCPT from unknown[1.86.65.216]: 554 5.7.1 <benlin8pkimo@yahoo.com.tw>: Relay access denied; from=<crqgxvh@yahoo.com> to=<benlin8pkimo@yahoo.com.tw> proto=SMTP helo=<my.mail.server.ip>
Aug 2 23:58:18 my-mail-server-domain postfix/smtpd[2399]: NOQUEUE: reject: RCPT from unknown[123.161.152.48]: 554 5.7.1 <vearringmeiz8@yahoo.com.tw>: Relay access denied; from=<vsuqlgjev@yahoo.com> to=<vearringmeiz8@yahoo.com.tw> proto=SMTP helo=<my.mail.server.ip>
Aug 2 23:58:19 my-mail-server-domain postfix/smtpd[2405]: NOQUEUE: reject: RCPT from unknown[1.86.65.216]: 554 5.7.1 <aaapkimo@yahoo.com.tw>: Relay access denied; from=<crqgxvh@yahoo.com> to=<aaapkimo@yahoo.com.tw> proto=SMTP helo=<my.mail.server.ip>
Aug 2 23:58:20 my-mail-server-domain postfix/smtpd[2405]: NOQUEUE: reject: RCPT from unknown[1.86.65.216]: 554 5.7.1 <soniccapkimo@yahoo.com.tw>: Relay access denied; from=<crqgxvh@yahoo.com> to=<soniccapkimo@yahoo.com.tw> proto=SMTP helo=<my.mail.server.ip>
Aug 2 23:58:21 my-mail-server-domain postfix/smtpd[2399]: NOQUEUE: reject: RCPT from unknown[123.161.152.48]: 554 5.7.1 <amiz8@yahoo.com.tw>: Relay access denied; from=<vsuqlgjev@yahoo.com> to=<amiz8@yahoo.com.tw> proto=SMTP helo=<my.mail.server.ip>
Aug 2 23:58:25 my-mail-server-domain postfix/smtpd[2405]: NOQUEUE: reject: RCPT from unknown[1.86.65.216]: 554 5.7.1 <littlecapkimo@yahoo.com.tw>: Relay access denied; from=<crqgxvh@yahoo.com> to=<littlecapkimo@yahoo.com.tw> proto=SMTP helo=<my.mail.server.ip>
Aug 2 23:58:27 my-mail-server-domain postfix/smtpd[2407]: NOQUEUE: reject: RCPT from unknown[1.85.81.228]: 554 5.7.1 <moulder113@yahoo.com.tw>: Relay access denied; from=<daghabumbrnmd@yahoo.com> to=<moulder113@yahoo.com.tw> proto=SMTP helo=<my.mail.server.ip>
Aug 2 23:58:29 my-mail-server-domain postfix/smtpd[2407]: NOQUEUE: reject: RCPT from unknown[1.85.81.228]: 554 5.7.1 <loveer113@yahoo.com.tw>: Relay access denied; from=<daghabumbrnmd@yahoo.com> to=<loveer113@yahoo.com.tw> proto=SMTP helo=<my.mail.server.ip>
Aug 2 23:58:30 my-mail-server-domain postfix/smtpd[2405]: NOQUEUE: reject: RCPT from unknown[1.86.65.216]: 554 5.7.1 <oscapkimo@yahoo.com.tw>: Relay access denied; from=<crqgxvh@yahoo.com> to=<oscapkimo@yahoo.com.tw> proto=SMTP helo=<my.mail.server.ip>
Aug 2 23:58:30 my-mail-server-domain postfix/smtpd[2407]: NOQUEUE: reject: RCPT from unknown[1.85.81.228]: 554 5.7.1 <junfer113@yahoo.com.tw>: Relay access denied; from=<daghabumbrnmd@yahoo.com> to=<junfer113@yahoo.com.tw> proto=SMTP helo=<my.mail.server.ip>
Aug 2 23:58:32 my-mail-server-domain postfix/smtpd[2405]: too many errors after RCPT from unknown[1.86.65.216]
Aug 2 23:58:32 my-mail-server-domain postfix/smtpd[2405]: disconnect from unknown[1.86.65.216]
Aug 2 23:58:33 my-mail-server-domain postfix/smtpd[2406]: connect from www.srv-exch-01.cloud-sp.com[185.8.7.10]
Aug 2 23:58:33 my-mail-server-domain postfix/smtpd[2407]: NOQUEUE: reject: RCPT from unknown[1.85.81.228]: 554 5.7.1 <goodfather113@yahoo.com.tw>: Relay access denied; from=<daghabumbrnmd@yahoo.com> to=<goodfather113@yahoo.com.tw> proto=SMTP helo=<my.mail.server.ip>
Aug 2 23:58:33 my-mail-server-domain postfix/smtpd[2406]: NOQUEUE: reject: RCPT from www.srv-exch-01.cloud-sp.com[185.8.7.10]: 550 5.1.1 <kevinmacdonald@my-mail-server-domain.com>: Recipient address rejected: User unknown in local recipient table; from=<> to=<kevinmacdonald@my-mail-server-domain.com> proto=ESMTP helo=<srv-exch-01.cloud-sp.com>
Aug 2 23:58:33 my-mail-server-domain postfix/smtpd[2406]: disconnect from www.srv-exch-01.cloud-sp.com[185.8.7.10]
Aug 2 23:58:34 my-mail-server-domain postfix/smtpd[2407]: NOQUEUE: reject: RCPT from unknown[1.85.81.228]: 554 5.7.1 <foxfather113@yahoo.com.tw>: Relay access denied; from=<daghabumbrnmd@yahoo.com> to=<foxfather113@yahoo.com.tw> proto=SMTP helo=<my.mail.server.ip>

Please help me to clarify the situation and as well as find the solution.

Thanks...
 
Old 08-03-2013, 06:55 AM   #2
descendant_command
Member
 
Registered: Mar 2012
Posts: 859

Rep: Reputation: 191Reputation: 191
Quote:
After "postsuper -d ALL" mail queue is cleared
Congratulations, you just deleted all your users queued mail!

The logs show lots of properly rejected spam relay attempts and a reject of mail to an unknown user.

Where is the logs of the problem?

Quote:
Many DNSBL servers had listed my ip (x.x.x.x) as spam source, and after requesting now it's unlisted, but still our users can not send mail to outside world.

...

In the mail log file, there was many SMTP errors (450, 421 etc.) like "450 4.7.1 Recipient address rejected" or "421 4.7.0 ts01 messages from x.x.x.x temporarily deferred due to user complaints"
^^^This.
It seems you might have previously been running an open relay.
This would explain your listing on blocklists, and the large amounts of attempts to relay via your server.
Unfortunately, errors like that do not just go away when you fix the problem, but will haunt you for some time yet.

Last edited by descendant_command; 08-03-2013 at 07:00 AM.
 
Old 08-03-2013, 10:49 AM   #3
tonmoy
LQ Newbie
 
Registered: Apr 2013
Location: Dhaka, Bangladesh
Distribution: CentOS, Red Hat
Posts: 28

Original Poster
Rep: Reputation: 2
Yes, you are right. Previously it was set up as open relay.

My current Infrastructure is as drawn below:

.......................................................................
| LAN | -----> | Mail Server | --(?)---> | ISP Cloud |
.......................................................................

As I suspect, my business opponent and some bad IT guys are working against me. Now I am thinking to implement a firewall type appliance (?) so that I can save the mail server for inside and outside holy world from the attackers. What can be a good suggestion if I wish to choose any Open source/free/low cost system. [I have spare CPUs, so I can easily install any ISO and keep it running to serve as the firewall]
 
Old 08-05-2013, 08:14 AM   #4
sharadchhetri
Member
 
Registered: Aug 2008
Location: INDIA
Distribution: Redhat,Debian,Suse,Windows
Posts: 179

Rep: Reputation: 23
First of all tonmoy, never reveal the email address in any forum ,blog. If you want to show the logs like this replace the real email id.

OK For open source and low cost system, I will suggest you to use iredmail. Its community version is also available which is free. For how to setup you can read my this post and explore it.

Second thing it is a open relay ,you are inviting hackers and spammers. I will suggest you to install postfix 2.10,use spamassasin,amavisd,clamav, SMTP authentication, required HELO request ,configure DNSBL in main.cf file. There are much more to configure and manage mail server . Search a good how to and test your mail server with telnet command.

Last edited by sharadchhetri; 08-05-2013 at 08:20 AM.
 
Old 08-05-2013, 04:27 PM   #5
descendant_command
Member
 
Registered: Mar 2012
Posts: 859

Rep: Reputation: 191Reputation: 191
Quote:
Originally Posted by sharadchhetri View Post
First of all tonmoy, never reveal the email address in any forum ,blog. If you want to show the logs like this replace the real email id.
He didn't. The real addresses are munged, the rest are spam.
Quote:
OK For open source and low cost system, I will suggest you to use iredmail. Its community version is also available which is free. For how to setup you can read my this post and explore it.

Second thing it is a open relay ,you are inviting hackers and spammers. I will suggest you to install postfix 2.10,use spamassasin,amavisd,clamav, SMTP authentication, required HELO request ,configure DNSBL in main.cf file. There are much more to configure and manage mail server . Search a good how to and test your mail server with telnet command.
It is no longer an open relay, as shown by the rejects listed above.
Get a clue and offer some real advice ... and take your advertising elsewhere.
 
Old 08-07-2013, 04:38 AM   #6
farooklk
LQ Newbie
 
Registered: Aug 2011
Posts: 11
Blog Entries: 1

Rep: Reputation: Disabled
refuse to talk to me: 501 5.5.4 Invalid domain name on postfix

Hi there,
when i send email on my postfix. i am getting a return mail with bellow error code

"refuse to talk to me: 501 5.5.4 Invalid domain name"

* i have four domain in this server
* my ip all ways blacklisted in CBL

Have you know any solution for this
 
Old 08-07-2013, 04:41 AM   #7
descendant_command
Member
 
Registered: Mar 2012
Posts: 859

Rep: Reputation: 191Reputation: 191
Quote:
Originally Posted by farooklk View Post
Hi there,
when i send email on my postfix. i am getting a return mail with bellow error code

"refuse to talk to me: 501 5.5.4 Invalid domain name"

* i have four domain in this server
* my ip all ways blacklisted in CBL

Have you know any solution for this
Yes.
Stop sending spam and use a proper domain name.

edit: ... and stop hijacking other peoples threads.

Last edited by descendant_command; 08-07-2013 at 04:42 AM.
 
Old 08-07-2013, 04:54 AM   #8
farooklk
LQ Newbie
 
Registered: Aug 2011
Posts: 11
Blog Entries: 1

Rep: Reputation: Disabled
Thumbs up

Quote:
Originally Posted by descendant_command View Post
Yes.
Stop sending spam and use a proper domain name.

edit: ... and stop hijacking other peoples threads.

sorry bro...
 
Old 09-09-2013, 05:29 AM   #9
tonmoy
LQ Newbie
 
Registered: Apr 2013
Location: Dhaka, Bangladesh
Distribution: CentOS, Red Hat
Posts: 28

Original Poster
Rep: Reputation: 2
Thanks everyone for trying to help me...
 
Old 09-09-2013, 05:39 AM   #10
descendant_command
Member
 
Registered: Mar 2012
Posts: 859

Rep: Reputation: 191Reputation: 191
How did it go?
Are you still having trouble with being blacklisted?
 
Old 09-09-2013, 08:06 AM   #11
tombelcher7
Member
 
Registered: Feb 2008
Location: Surrey
Distribution: Debian
Posts: 184

Rep: Reputation: 5
Would SPF also be advisable for prevention of unintended relay on the mail server? I'm not an expert on this subject; what do others feel?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
forward outgoing smtp traffic from linux mail server to window machine using iptables r.bhange Linux - Networking 2 06-04-2009 01:39 AM
Which qmail log file details outgoing mail? (have huge outgoing mail volume) hilljockey Linux - Server 2 12-08-2008 05:26 PM
Setup outgoing mail to Yahoo smtp using command line trigggl Linux - Server 2 03-11-2008 03:06 AM
How do I configure Postfix to save my outgoing SMTP mail in my IMAP "Sent Items"? wired Linux - Newbie 1 02-01-2006 01:12 AM
How to implement a SMTP server for outgoing mail? Nerox Programming 1 07-02-2004 04:43 AM


All times are GMT -5. The time now is 11:27 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration