FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 04-12-2012, 11:35 AM
Peter Peltonen
 
Default help from community

Hi,

On Thu, Apr 12, 2012 at 2:29 PM, Prabhpal S. Mavi
<prabhpal@digital-infotech.net> wrote:
> it is something out of control, because it is not my problem. Our server
> has all record created (A,MX,PTR,SPF etc). i have three relay hosts fully
> functional. destination server is not accepting from any relay host.

Looking at the error msg briefly I think the problem is with the DNS records:

> rejected: cannot find your hostname, [205.234.223.198] (in reply to RCPT
> TO command) (in reply to RCPT TO command))

$ host 205.234.223.198
198.223.234.205.in-addr.arpa domain name pointer mx4.servershost.net.

$ host mx4.servershost.net
mx4.servershost.net has address 66.225.237.241

As you can see the DNS resolves to different IP address than given by
the PTR record. Some email systems consider this as an indication of a
misconfigured mail server (spam sending attempt) and refuse to relay.

Best,
Peter
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-12-2012, 11:56 AM
Markus Falb
 
Default help from community

On 12.4.2012 13:29, Prabhpal S. Mavi wrote:
> Dear All Greetings,
>
> i am admin for ISP two years now, relay emails for more than 300 companies
> (CentOS/Postfix). Relaying more than 10,000 messages every hours
> successfully. no one has ever compliant for non delivery. but i cannot
> relay to this domain. The servers responsible for accepting messages are
> rejecting. i have given the whole log for experts to monitor.
>
> it is something out of control, because it is not my problem. Our server
> has all record created (A,MX,PTR,SPF etc). i have three relay hosts fully
> functional. destination server is not accepting from any relay host.
>
> can anyone try from his server and see if it is deliverable to
> ray@tata-nigeria.com
>
> Thanks / Regards
> Prabhpal S. Mavi
>
> Apr 12 11:06:00 titan postfix/qmgr[11860]: C3C142E4012:
> from=<****@digital-infotech.net>, size=1391, nrcpt=1 (queue active)
> Apr 12 11:06:02 titan postfix/smtp[12039]: C3C142E4012: host
> mx2.servershost.net[205.234.223.160] said: 450 4.1.7
> <****@digital-infotech.net>: Sender address rejected: unverified address:
> host mail.digital-infotech.net[41.211.25.193] said: 450 4.7.1 Client host
> rejected: cannot find your hostname, [205.234.223.198] (in reply to RCPT
> TO command) (in reply to RCPT TO command)
> Apr 12 11:06:03 titan postfix/smtp[12039]: C3C142E4012:
> to=<ray@tata-nigeria.com>, relay=mx3.servershost.net[66.225.214.101]:25,
> delay=1381, delays=1377/0.03/3.4/0.31, dsn=4.1.7, status=deferred (host
> mx3.servershost.net[66.225.214.101] said: 450 4.1.7
> <****@digital-infotech.net>: Sender address rejected: unverified address:
> host mail.digital-infotech.net[41.211.25.193] said: 450 4.7.1 Client host
> rejected: cannot find your hostname, [205.234.223.198] (in reply to RCPT
> TO command) (in reply to RCPT TO command))
>
> Thanks / Regards
> Prabhpal S. Mavi

I think the destination server is trying a callback verification
http://en.wikipedia.org/wiki/Callback_verification
but that fails because your server is doing checks as described in
http://en.wikipedia.org/wiki/FCrDNS

$ host 205.234.223.198
198.223.234.205.in-addr.arpa domain name pointer mx4.servershost.net.
$ host mx4.servershost.net.
mx4.servershost.net has address 66.225.237.241
--
Kind Regards, Markus Falb

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-12-2012, 11:59 AM
John Doe
 
Default help from community

From: Prabhpal S. Mavi <prabhpal@digital-infotech.net>

> Sender address rejected: unverified address:
> host mail.digital-infotech.net[41.211.25.193]
> said: 450 4.7.1 Client host rejected: cannot find your hostname, [205.234.223.198]

Is this the issue...?
$ host 41.211.25.193
193.25.211.41.in-addr.arpa has no PTR record

JD
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-12-2012, 12:01 PM
"Prabhpal S. Mavi"
 
Default help from community

Dear Peter,

Thanks for your swift response, well diagnosed.

my_server=mail.digital-infotech.net (sending)
destination=mx4.servershost.net (receiving)

I feel that part of log
[host mail.digital-infotech.net[41.211.25.193] said: 450 4.7.1 Client host
rejected:cannot find your hostname, [205.234.223.198]

is logged by my server, perhaps it is receiving bounce back. because if my
server is sending mail, it don't have to perform any look up expect MX.

The DNS record problem is with receiver server not sender. why receiver
said [Sender address rejected: unverified address]. this is what i have
problem with. Kindly advice ....

Thanks / Regards

> Hi,
>
> On Thu, Apr 12, 2012 at 2:29 PM, Prabhpal S. Mavi
> <prabhpal@digital-infotech.net> wrote:
>> it is something out of control, because it is not my problem. Our server
>> has all record created (A,MX,PTR,SPF etc). i have three relay hosts
>> fully
>> functional. destination server is not accepting from any relay host.
>
> Looking at the error msg briefly I think the problem is with the DNS
> records:
>
>> rejected: cannot find your hostname, [205.234.223.198] (in reply to RCPT
>> TO command) (in reply to RCPT TO command))
>
> $ host 205.234.223.198
> 198.223.234.205.in-addr.arpa domain name pointer mx4.servershost.net.
>
> $ host mx4.servershost.net
> mx4.servershost.net has address 66.225.237.241
>
> As you can see the DNS resolves to different IP address than given by
> the PTR record. Some email systems consider this as an indication of a
> misconfigured mail server (spam sending attempt) and refuse to relay.
>
> Best,
> Peter
> _______________________________________________
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>


Thanks / Regards
Prabhpal S. Mavi



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-12-2012, 12:04 PM
John R Pierce
 
Default help from community

On 04/12/12 4:35 AM, Peter Peltonen wrote:
> $ host 205.234.223.198
> 198.223.234.205.in-addr.arpa domain name pointer mx4.servershost.net.
>
> $ host mx4.servershost.net
> mx4.servershost.net has address 66.225.237.241
>
> As you can see the DNS resolves to different IP address than given by
> the PTR record. Some email systems consider this as an indication of a
> misconfigured mail server (spam sending attempt) and refuse to relay.

except, thats the receiving server, and it shouldn't be rejecting itself.

$ host -t MX tata-nigeria.com
tata-nigeria.com mail is handled by 30 mx4.servershost.net.
tata-nigeria.com mail is handled by 10 mx2.servershost.net.
tata-nigeria.com mail is handled by 20 mx3.servershost.net.
$ host mx4.servershost.net
mx4.servershost.net has address 66.225.237.241

the host is probably dualhomed, and that 66 IP matches the reverse...

$ host 66.225.237.241
241.237.225.66.in-addr.arpa domain name pointer mx4.servershost.net.

servershost.net appears to be a US based hosting company, yet their
WHOIS data is shrouded, and they dont have any websites at that domain
name, further
http://rbls.org/servershost.net
says they are broken, and have no postmaster or abuse alias as required
by the internet RFCs.





--
john r pierce N 37, W 122
santa cruz ca mid-left coast

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-12-2012, 12:16 PM
"Prabhpal S. Mavi"
 
Default help from community

Dear Markus Falb

Thanks for your response,

i know these commands but if you will carefully look into logs, you will
notice that my server is sending mail not receiving. therefor it has
nothing to do with their PTR weather it is correct or in correct. that is
according to the logic. anyways

Thanks / Regards


> On 12.4.2012 13:29, Prabhpal S. Mavi wrote:
>> Dear All Greetings,
>>
>> i am admin for ISP two years now, relay emails for more than 300
>> companies
>> (CentOS/Postfix). Relaying more than 10,000 messages every hours
>> successfully. no one has ever compliant for non delivery. but i cannot
>> relay to this domain. The servers responsible for accepting messages are
>> rejecting. i have given the whole log for experts to monitor.
>>
>> it is something out of control, because it is not my problem. Our server
>> has all record created (A,MX,PTR,SPF etc). i have three relay hosts
>> fully
>> functional. destination server is not accepting from any relay host.
>>
>> can anyone try from his server and see if it is deliverable to
>> ray@tata-nigeria.com
>>
>> Thanks / Regards
>> Prabhpal S. Mavi
>>
>> Apr 12 11:06:00 titan postfix/qmgr[11860]: C3C142E4012:
>> from=<****@digital-infotech.net>, size=1391, nrcpt=1 (queue active)
>> Apr 12 11:06:02 titan postfix/smtp[12039]: C3C142E4012: host
>> mx2.servershost.net[205.234.223.160] said: 450 4.1.7
>> <****@digital-infotech.net>: Sender address rejected: unverified
>> address:
>> host mail.digital-infotech.net[41.211.25.193] said: 450 4.7.1 Client
>> host
>> rejected: cannot find your hostname, [205.234.223.198] (in reply to RCPT
>> TO command) (in reply to RCPT TO command)
>> Apr 12 11:06:03 titan postfix/smtp[12039]: C3C142E4012:
>> to=<ray@tata-nigeria.com>, relay=mx3.servershost.net[66.225.214.101]:25,
>> delay=1381, delays=1377/0.03/3.4/0.31, dsn=4.1.7, status=deferred (host
>> mx3.servershost.net[66.225.214.101] said: 450 4.1.7
>> <****@digital-infotech.net>: Sender address rejected: unverified
>> address:
>> host mail.digital-infotech.net[41.211.25.193] said: 450 4.7.1 Client
>> host
>> rejected: cannot find your hostname, [205.234.223.198] (in reply to RCPT
>> TO command) (in reply to RCPT TO command))
>>
>> Thanks / Regards
>> Prabhpal S. Mavi
>
> I think the destination server is trying a callback verification
> http://en.wikipedia.org/wiki/Callback_verification
> but that fails because your server is doing checks as described in
> http://en.wikipedia.org/wiki/FCrDNS
>
> $ host 205.234.223.198
> 198.223.234.205.in-addr.arpa domain name pointer mx4.servershost.net.
> $ host mx4.servershost.net.
> mx4.servershost.net has address 66.225.237.241
> --
> Kind Regards, Markus Falb
>
> _______________________________________________
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>


Thanks / Regards
Prabhpal S. Mavi



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-12-2012, 12:24 PM
"Prabhpal S. Mavi"
 
Default help from community

Hi JD,

Thanks for your response,

i am sure, it is some problem where you tried to resolve from. There is
PTR for the host and it exists in my own authoritative DNS server. i tried
to dig using through google DNS as well. Result shows that PTR is there.

[root@mailer mailer]# dig @8.8.8.8 -x 41.211.25.193

; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6_2.2 <<>> @8.8.8.8 -x 41.211.25.193
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48506
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;193.25.211.41.in-addr.arpa. IN PTR

;; ANSWER SECTION:
193.25.211.41.in-addr.arpa. 10800 IN PTR mail.digital-infotech.net.

;; Query time: 255 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Apr 12 12:08:14 2012
;; MSG SIZE rcvd: 83

Thanks / Regards
Prabhpal

> From: Prabhpal S. Mavi <prabhpal@digital-infotech.net>
>
>> Sender address rejected: unverified address:
>> host mail.digital-infotech.net[41.211.25.193]
>> said: 450 4.7.1 Client host rejected: cannot find your hostname,
>> [205.234.223.198]
>
> Is this the issue...?
> $ host 41.211.25.193
> 193.25.211.41.in-addr.arpa has no PTR record
>
> JD
> _______________________________________________
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>


Thanks / Regards
Prabhpal S. Mavi



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-12-2012, 12:27 PM
"Prabhpal S. Mavi"
 
Default help from community

Dear John,

Thanks for your response. good information provided.
Thanks / Regards

> On 04/12/12 4:35 AM, Peter Peltonen wrote:
>> $ host 205.234.223.198
>> 198.223.234.205.in-addr.arpa domain name pointer mx4.servershost.net.
>>
>> $ host mx4.servershost.net
>> mx4.servershost.net has address 66.225.237.241
>>
>> As you can see the DNS resolves to different IP address than given by
>> the PTR record. Some email systems consider this as an indication of a
>> misconfigured mail server (spam sending attempt) and refuse to relay.
>
> except, thats the receiving server, and it shouldn't be rejecting itself.
>
> $ host -t MX tata-nigeria.com
> tata-nigeria.com mail is handled by 30 mx4.servershost.net.
> tata-nigeria.com mail is handled by 10 mx2.servershost.net.
> tata-nigeria.com mail is handled by 20 mx3.servershost.net.
> $ host mx4.servershost.net
> mx4.servershost.net has address 66.225.237.241
>
> the host is probably dualhomed, and that 66 IP matches the reverse...
>
> $ host 66.225.237.241
> 241.237.225.66.in-addr.arpa domain name pointer mx4.servershost.net.
>
> servershost.net appears to be a US based hosting company, yet their
> WHOIS data is shrouded, and they dont have any websites at that domain
> name, further
> http://rbls.org/servershost.net
> says they are broken, and have no postmaster or abuse alias as required
> by the internet RFCs.
>
>
>
>
>
> --
> john r pierce N 37, W 122
> santa cruz ca mid-left coast
>
> _______________________________________________
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>


Thanks / Regards
Prabhpal S. Mavi



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-12-2012, 12:29 PM
John R Pierce
 
Default help from community

On 04/12/12 4:59 AM, John Doe wrote:
> Is this the issue...?
> $ host 41.211.25.193
> 193.25.211.41.in-addr.arpa has no PTR record

worked here.

$ host 41.211.25.193
193.25.211.41.in-addr.arpa domain name pointer mail.digital-infotech.net.

but it was a little slow coming back the first time (as reverse DNS
often is).



--
john r pierce N 37, W 122
santa cruz ca mid-left coast

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-12-2012, 12:51 PM
Markus Falb
 
Default help from community

On 12.4.2012 14:16, Prabhpal S. Mavi wrote:
...
> i know these commands but if you will carefully look into logs, you will
> notice that my server is sending mail not receiving. therefor it has
> nothing to do with their PTR weather it is correct or in correct. that is
> according to the logic.
...

If the receiving server is doing callback than the logic is reversed, so
no, at that point your server turns into the receiver.
please read my *whole* message again, not only the part with the
commands. Have a look at the links I provided.
--
Kind Regards, Markus Falb
Resident do not top post guerilla
http://centos.org/modules/tinycontent/index.php?id=16
(The guidelines part)

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 02:48 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org