One of our applications started erroring out and a result was that hundreds of error emails were being sent in matter of seconds. This got the email sender (seems to be just the from address, not the IP) banned. We use the IIS 6 SMTP server. This is the entry from the bad mail file:
Diagnostic-Code: smtp;553 sorry, your envelope sender is in my badmailfrom list (#5.7.1)
I would like to remove the email sender from the list, but I cannot find it. I search the web for the location, but I didn't turn up anything.
Any help on this would be appreciated.
Thanks,
Darren
The error although recorded on the server hosting IIS actually originated from our 3rd Party email host. The email address being used to send the email was actually blocked from the email host. Calling them and getting them to remove the email address from their block list resolved this issue.
Related
I'm using zen.spamhaus.org in my sendmail config.
FEATURE(dnsbl',zen.spamhaus.org')dnl
I'm using AWS SES to send email and when I try to relay an email I get:
Nov 9 09:01:00 Web-Mail sendmail[12751]: ruleset=check_relay, arg1=e226-2.smtp-out.us-east-2.amazonses.com, arg2=127.255.255.254, relay=e226-2.smtp-out.us-east-2.amazonses.com [23.251.226.2], reject=550 5.7.1 Rejected: 23.251.226.2 listed at zen.spamhaus.org
But if I go to the the spamhaus website and check the IP it says there are no issues.
https://check.spamhaus.org/not_listed/?searchterm=23.251.226.2
23.251.226.2 has no issues
This has just started happening recently. I tried white listing the SES server in my access.db to no avail.
Any help would be appreciated.
I tried white listing the SES server in my access.db to no avail.
Also tried sbl.spamhaus.org with the same results.
Turns out it's also blocking other valid MTA's
Nov 9 09:43:26 Web-Mail sendmail[12990]: ruleset=check_relay, arg1=mail-dm6nam10olkn2106.outbound.protection.outlook.com, arg2=127.255.255.254, relay=mail-dm6nam10olkn2106.outbound.protection.outlook.com [40.92.41.106], reject=550 5.7.1 Rejected: 40.92.41.106 listed at zen.spamhaus.org
Which explains why I'm getting reports from other people saying their emails are being returned.
I am experiencing a similar issue, lots of people receiving rejected email notices because of zen.spamhaus.org wrongly sending blocked responses.
As you have found going to the spamhaus website indicates no issues with the ips.
But this is the only mention of the issue that I can find!
I am using postfix
I ahve removed zen.spamhause.org from my smtpd_recipient_restrictions config for now and things are returning to normal.
Looks like the DNS for zen.spamhaus.org isn't resolving. Could be the issue
Ok looks like I was rate limited - I am working on a project that sent my 203 emails in error. I think I fell foul of samhaus's rate limiter for too many queries in a short time.
I am serving my Rails 3 app on Heroku, my mail through Google, and the domain through Enom. This is for www.challengage.com
This works 95% of the time, however, once in a while, when someone tries to reply to an email I send them, it fails with the below error message because my email, josh#challengage.com, somehow got replaced with josh#herokuapp.challengage.com when they recieved it. I think it has something to do with Mail Delivery Subsystems, but I'm not sure. It also only seems to happen when emailing University professionals.
Error Message:
From: Mail Delivery Subsystem [mailto:MAILER-DAEMON#smtp2.syr.edu]
Sent: Monday, July 15, 2013 2:08 PM
To: David DiMaggio
Subject: Undeliverable: FW: Challengage - Work Team Simulation product for interviewing evaluations
Delivery has failed to these recipients or groups:
paul#challengage.herokuapp.com
The server has tried to deliver this message, without success, and has stopped trying. Please try sending this message again. If the problem continues, contact your helpdesk.
The following organization rejected your message: challengage.herokuapp.com.
Any ideas?
Thanks everyone.
This is almost certainly because you're using a CNAME for your email records.
Although most email servers will reflect the original domain when sending a message, others will replace it with the domain that's at the end of the CNAME.
This means that instead of sending to someone#challengage.com they send to someone#challengage.herokuapp.com instead.
The mail server sees the request to send to someone#challengage.herokuapp.com and decides that it doesn't look after challengage.herokuapp.com and so from it's perspective the message is rejected.
We used to see this issue with CloudMailin customers and started to recommend that they don't use CNAMES where email is involved and just make use of adding MX records direct to the Apex domain.
With Heroku this poses a problem though as you don't have a single IP that you can use to access their servers. We eventually ended up using Route 53 to host our domain, then adding an SSL endpoint (to get load balancer details) and then adding that load balancer to Route 53's Alias command so that it automatically always gave the correct results. Alternatively you can setup some sort of static IP based system on your apex domain to redirect.
Is it possible to obtain the website's IP address that you are connecting to on a HTTPWebRequest session?
I'm looking to do this for an authentication check in a licensing class to prevent people from chainging their hosts.etc file and sending false replies to crack my software.
When retrieving URL via HttpWebRequest, can I see the IP address of the destination server?
Check out the thread about this might help you
Cheers
Truez
Above thread was correct, code used below:
For Each IP In Dns.GetHostEntry("website.com").AddressList
If IP.ToString() <> "websiteip" Then
MessageBox.Show("Not connecting to correct IP address")
Exit Sub
End If
Next
When sending emails through our rails app they are going to spam in some email accounts(hotmail) and not coming at all in others.
We are using sendmail to send the emails. The sender email id is no-reply#xyz.com. What could be the possible reasons for this. Where do we check the logs for the sendmail(ubuntu).
Regards,
Pankaj
I think its with your SMTP mail server. if you can send the mail using like Gmail SMTP server you will overcome this prob !
check this list and see if your ip is in the list. Replace your 1.2.3.4 with your ip.
http://bgp.he.net/ip/1.2.3.4#_rbl
Check the full headers of the messages that are ending up in spam folders. The sendmail logs on your end won't tell you anything, unless the recipient's server is refusing your traffic at the SMTP level. Anti-spam software will often add header lines showing which tests failed -- maybe the IP address you're sending from is blacklisted or has a poor reputation; maybe there's something about the content that looks spammy.
I was told that my program was not issuing a MAIL/EXPN/VRFY/ETRN when sending an email by the web hosting company we are connecting to.
Anyone know what this means and how I do it?
I am sending an email with SmtpClient and I have no problems with other clients.
Here is what I was told:
Thanks for the additional info, here
is what I found...
Aug 4 11:16:48 smtp1 sendmail[2729]:
o74GGU5F002729:
xx-xx-xx-xx.static.xxx.mo.charter.com
[xx.xx.xx.xx] did not issue
MAIL/EXPN/VRFY/ETRN during connection
to TLSMTA
Notice the time and the IP address
which is your static from Charter. Now
here is a good connection.
Aug 4 11:18:22 smtp1 sendmail[2745]:
STARTTLS=server,
relay=xx.xx.xx.xx.static.xxx.mo.charter.com [xx.xx.xx.xx], version=TLSv1/SSLv3,
verify=NO, cipher=RC4-MD5,
bits=128/128 Aug 4 11:18:23 smtp1
sendmail[2745]: AUTH=server,
relay=xx.xx.xx.xx.static.stls.mo.charter.com
[xx.xx.xx.xx], authid=ronmid,
mech=LOGIN, bits=0
Since their email program did not
issue MAIL/EXPN/VRFY/ETRN during
connection, my server would not
continue the transaction.
Any suggestions?
Thanks!
You app didn't issue any of those 4 commands after connecting. This could be because the server didn't respond correctly and so your app was waiting for that response until it timed out. You can check this by trying to send an email with a simple telnet connection as described here. After you connect and send the EHLO or HELO command (depending on what the server wants) you should get a 250 response.
If you do get the 250 response with telnet but your app still doesn't work, then maybe it's something in your application that tries to send an incorrect command. Maybe you've setup your application to use SSL or credentials, and the SMTP server don't support that or something similar?