Solved

Postfix error when sending a message.

Posted on 2008-10-22
23
7,589 Views
Last Modified: 2013-11-10
I don't know how best to troubleshoot this. Also, if there is a work around I would like to employ it while this issue is being resolved. This is an issue brought to me by my CEO soooooo......

Here is the undelivered text;
This is the mail system at host myDomain.com.

I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can delete your own text from the attached returned message.

                   The mail system

<carol@domainName.com>: host domainName.com.inbound10.mxlogicmx.net[xxx.xx.xxx.x]
    said: 554 Denied (Mode: normal) (in reply to end of DATA command)
0
Comment
Question by:Bradley Haynes
  • 13
  • 9
23 Comments
 
LVL 19

Expert Comment

by:bevhost
ID: 22783856
Could you please goto this smtp diagnostics web page and try your servers details.

http://tools.bevhost.com/spf/

It could point out some configuration errors..

There is an SPF record checker and a live server test.

If you can't understand the results post them here and we can help to interpret them for you.
0
 
LVL 8

Author Comment

by:Bradley Haynes
ID: 22787586
Here is the result of the test, what I don't understand is the SPF test results.
Your assistance is appreciated.


Beveridge Hosting - SPF Test
This page requires JavaScript to be Enabled
Email Origin
Sending IP Address  
123.45.67.89 resolves to hostname myDomainName.com
myDomainName.com resolves to ip address 123.45.67.89 which is a match  
Lookup who owns this IP Address Space
Sender Details
Sender Email Address  
Domain has MX records  
myDomainName.com
Host Name HELO / EHLO
Senders Computer Name  
myDomainName.com resolves to 123.45.67.89
123.45.67.89 resolves to myDomainName.com which is a match  

SPF Check none SPF: domain of sender bhaynes@myDomainName.com does not designate mailers tools.bevhost.com: domain of bhaynes@myDomainName.com does not designate permitted sender hosts HASH(0x82e17c8)

Perform Live Server Test
Connecting to tools.bevhost.com
220 tools.bevhost.com ESMTP Postfix
HELO myDomainName.com
250 tools.bevhost.com
MAIL FROM:
250 2.1.0 Ok
RCPT TO:
250 2.1.5 Ok
QUIT
221 2.0.0 Bye

________________________________________
www.bevhost.com Other Tools by David Beveridge
0
 
LVL 8

Author Comment

by:Bradley Haynes
ID: 22787618
Also, I failed to mention this only occurs on messages that we reply to. And not all messages and not every account is experiencing this. Which as you can imagine makes it even more difficult for me to figure out.
0
 
LVL 19

Expert Comment

by:bevhost
ID: 22790825
Your DNS entries forward and reverse match and they match the HELO name which is good and you have no SPF record so that should be ok as well.

0
 
LVL 8

Author Comment

by:Bradley Haynes
ID: 22790861
I have done a reply to a message and it gave me the error. I then copy and paste the recipients address in a new message and there is no problem. As mentioned I get this happening only with some messages. I have not been able to identify a pattern.
0
 
LVL 19

Expert Comment

by:bevhost
ID: 22790874
Does this happen across the board to all servers or if only to a specific server try contacting the administrator of that server and ask them to investigate for you.
0
 
LVL 8

Author Comment

by:Bradley Haynes
ID: 22790910
I am the administrator. . . and it is happening only on the one server.
Which is the only server running the Postfix app.
0
 
LVL 19

Expert Comment

by:bevhost
ID: 22791185
Is this the server in question?
domainName.com.inbound10.mxlogicmx.net[xxx.xx.xxx.x]
0
 
LVL 19

Expert Comment

by:bevhost
ID: 22791256
What content filtering do you have on the postfix server?
Do you have any header_checks or body_checks?
0
 
LVL 19

Expert Comment

by:bevhost
ID: 22791269
Do your email clients have only a single email account set up each?
Replies will send from the account the mail was sent to, but
creating a new message will be from the default account.
0
 
LVL 8

Author Comment

by:Bradley Haynes
ID: 22791539
Is this the server in question?
domainName.com.inbound10.mxlogicmx.net[xxx.xx.xxx.x]

YES

What content filtering do you have on the postfix server?
Do you have any header_checks or body_checks?

NO and NO

Do your email clients have only a single email account set up each?
Replies will send from the account the mail was sent to, but
creating a new message will be from the default account.

They have one account. note: the domain name was change from abc...inc.com to abc...international.com that was eight months ago with out issues of this nature.


0
Are end users causing IT problems again?

You’ve taken the time to design and update all your end user’s email signatures, only to find out they’re messing up the HTML, changing the font and ruining the imagery. What can you do to prevent this? Find out how you can save your signatures from end users today.

 
LVL 19

Expert Comment

by:bevhost
ID: 22791698
When you reply, can you remove any attachements and try that.

You may also want to try changing the mode to RTF/TEXT/HTML etc
0
 
LVL 8

Author Comment

by:Bradley Haynes
ID: 22791728
Reply without attachments did not work.
Changing text mode does not work.
0
 
LVL 19

Expert Comment

by:bevhost
ID: 22791783
Which email clients software are you using/have you tried? eg Outllook Express?
0
 
LVL 8

Author Comment

by:Bradley Haynes
ID: 22791804
We are using Outlook 2003.
0
 
LVL 19

Expert Comment

by:bevhost
ID: 22791841
can you try outlook express?
0
 
LVL 19

Expert Comment

by:bevhost
ID: 22791852
Can you do a

postconf -n

on your postfix server and post the ouput here..

0
 

Expert Comment

by:BolAcc
ID: 22795203
My company is experiencing the exact same problem. We use Lotus Domino 7 mailservers with lLotus Notes 7 clients.

The error we get is "Error transferring to sappi.com.inbound15.mxlogicmx.net; SMTP Protocol Returned a Permanent Error 554 Denied (Mode: normal)", where sappi.com is the domain we are trying to send e-mail to. We get this error when sending mail to some other domains as well.

I did the spf test, the results were fine.

Just sent an email to mxlogic to verify that our mailservers are not listed on their blacklist, they haven't responded yet.
If anyone finds a solution, please post it here.
0
 
LVL 19

Expert Comment

by:bevhost
ID: 22800161
Seems to me like mxlogicmx.net have some kind of filter that is causing this problem

perhaps some kind of transparent smtp proxy
similar to this one
http://smtp-proxy.klolik.org/


0
 
LVL 8

Author Comment

by:Bradley Haynes
ID: 22823887
Here is the result of the postconf -n ... .. .. .. ..


> postconf -n
alias_maps = mysql:/etc/postfix/mysql-aliases.cf
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
html_directory = /usr/share/doc/postfix-2.4.7-documentation/html
inet_interfaces = $myhostname, localhost
local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = mydomainName.com, $transport_maps
mydomain = $myhostname
myhostname = mydomainName.com
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.4.7-documentation/readme
relocated_maps = mysql:/etc/postfix/mysql-relocated.cf
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-client.cf
smtpd_recipient_restrictions = permit_sasl_authenticated,       permit_mynetworks,       reject_unauth_destination,      check_policy_service inet:127.0.0.1:10023,      permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-sender.cf
smtpd_tls_CAfile = /usr/local/ssl/PositiveSSL-bundle.crt
smtpd_tls_cert_file = /usr/local/ssl/dajainternational.com.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_tls_loglevel = 0
smtpd_tls_security_level = may
smtpd_use_tls = yes
transport_maps = mysql:/etc/postfix/mysql-transport.cf
unknown_local_recipient_reject_code = 450
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf
virtual_gid_maps = mysql:/etc/postfix/mysql-virtual-gid.cf
virtual_mailbox_base = /home/vmail
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf
virtual_uid_maps = mysql:/etc/postfix/mysql-virtual-uid.cf
0
 
LVL 19

Expert Comment

by:bevhost
ID: 22826807
So I assume then that you are using SMTP AUTH (SASL) in Outlook?

Can you enable the attached in your master.cf

Ensure that port 587 is open in your firewall and have the outlook client use port 587 instead of 25.



submission inet n       -       n       -       -       smtpd 

  -o smtpd_enforce_tls=yes

  -o smtpd_sasl_auth_enable=yes

  -o smtpd_client_restrictions=permit_sasl_authenticated,reject

Open in new window

0
 
LVL 8

Author Comment

by:Bradley Haynes
ID: 22827239
So I assume then that you are using SMTP AUTH (SASL) in Outlook?

Yes. I am using SSL on port 993 and TLS on port 25.
0
 
LVL 19

Accepted Solution

by:
bevhost earned 500 total points
ID: 22828357
If you try the TLS on port 587 (submission port) you may bypass any transparent proxy filtering at the ISP.

0

Featured Post

The problems with reply email signatures

Do you wish that you could place an email signature under a reply? Well, unfortunately, you can't. That great Exchange/Office 365 signature you've created will just appear at the bottom of an email chain. What a pain! Is there really no way to solve this? Well, there might be...

Join & Write a Comment

Utilizing an array to gracefully append to a list of EmailAddresses
Email signatures have numerous marketing benefits. Here are 8 top reasons to turn your email signature into a marketing channel.
Familiarize people with the process of utilizing SQL Server functions from within Microsoft Access. Microsoft Access is a very powerful client/server development tool. One of the SQL Server objects that you can interact with from within Microsoft Ac…
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now