Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Postfix error when sending a message.

Posted on 2008-10-22
23
Medium Priority
?
7,632 Views
Last Modified: 2013-11-10
I don't know how best to troubleshoot this. Also, if there is a work around I would like to employ it while this issue is being resolved. This is an issue brought to me by my CEO soooooo......

Here is the undelivered text;
This is the mail system at host myDomain.com.

I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can delete your own text from the attached returned message.

                   The mail system

<carol@domainName.com>: host domainName.com.inbound10.mxlogicmx.net[xxx.xx.xxx.x]
    said: 554 Denied (Mode: normal) (in reply to end of DATA command)
0
Comment
Question by:Bradley Haynes
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 13
  • 9
23 Comments
 
LVL 19

Expert Comment

by:bevhost
ID: 22783856
Could you please goto this smtp diagnostics web page and try your servers details.

http://tools.bevhost.com/spf/

It could point out some configuration errors..

There is an SPF record checker and a live server test.

If you can't understand the results post them here and we can help to interpret them for you.
0
 
LVL 8

Author Comment

by:Bradley Haynes
ID: 22787586
Here is the result of the test, what I don't understand is the SPF test results.
Your assistance is appreciated.


Beveridge Hosting - SPF Test
This page requires JavaScript to be Enabled
Email Origin
Sending IP Address  
123.45.67.89 resolves to hostname myDomainName.com
myDomainName.com resolves to ip address 123.45.67.89 which is a match  
Lookup who owns this IP Address Space
Sender Details
Sender Email Address  
Domain has MX records  
myDomainName.com
Host Name HELO / EHLO
Senders Computer Name  
myDomainName.com resolves to 123.45.67.89
123.45.67.89 resolves to myDomainName.com which is a match  

SPF Check none SPF: domain of sender bhaynes@myDomainName.com does not designate mailers tools.bevhost.com: domain of bhaynes@myDomainName.com does not designate permitted sender hosts HASH(0x82e17c8)

Perform Live Server Test
Connecting to tools.bevhost.com
220 tools.bevhost.com ESMTP Postfix
HELO myDomainName.com
250 tools.bevhost.com
MAIL FROM:
250 2.1.0 Ok
RCPT TO:
250 2.1.5 Ok
QUIT
221 2.0.0 Bye

________________________________________
www.bevhost.com Other Tools by David Beveridge
0
 
LVL 8

Author Comment

by:Bradley Haynes
ID: 22787618
Also, I failed to mention this only occurs on messages that we reply to. And not all messages and not every account is experiencing this. Which as you can imagine makes it even more difficult for me to figure out.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 19

Expert Comment

by:bevhost
ID: 22790825
Your DNS entries forward and reverse match and they match the HELO name which is good and you have no SPF record so that should be ok as well.

0
 
LVL 8

Author Comment

by:Bradley Haynes
ID: 22790861
I have done a reply to a message and it gave me the error. I then copy and paste the recipients address in a new message and there is no problem. As mentioned I get this happening only with some messages. I have not been able to identify a pattern.
0
 
LVL 19

Expert Comment

by:bevhost
ID: 22790874
Does this happen across the board to all servers or if only to a specific server try contacting the administrator of that server and ask them to investigate for you.
0
 
LVL 8

Author Comment

by:Bradley Haynes
ID: 22790910
I am the administrator. . . and it is happening only on the one server.
Which is the only server running the Postfix app.
0
 
LVL 19

Expert Comment

by:bevhost
ID: 22791185
Is this the server in question?
domainName.com.inbound10.mxlogicmx.net[xxx.xx.xxx.x]
0
 
LVL 19

Expert Comment

by:bevhost
ID: 22791256
What content filtering do you have on the postfix server?
Do you have any header_checks or body_checks?
0
 
LVL 19

Expert Comment

by:bevhost
ID: 22791269
Do your email clients have only a single email account set up each?
Replies will send from the account the mail was sent to, but
creating a new message will be from the default account.
0
 
LVL 8

Author Comment

by:Bradley Haynes
ID: 22791539
Is this the server in question?
domainName.com.inbound10.mxlogicmx.net[xxx.xx.xxx.x]

YES

What content filtering do you have on the postfix server?
Do you have any header_checks or body_checks?

NO and NO

Do your email clients have only a single email account set up each?
Replies will send from the account the mail was sent to, but
creating a new message will be from the default account.

They have one account. note: the domain name was change from abc...inc.com to abc...international.com that was eight months ago with out issues of this nature.


0
 
LVL 19

Expert Comment

by:bevhost
ID: 22791698
When you reply, can you remove any attachements and try that.

You may also want to try changing the mode to RTF/TEXT/HTML etc
0
 
LVL 8

Author Comment

by:Bradley Haynes
ID: 22791728
Reply without attachments did not work.
Changing text mode does not work.
0
 
LVL 19

Expert Comment

by:bevhost
ID: 22791783
Which email clients software are you using/have you tried? eg Outllook Express?
0
 
LVL 8

Author Comment

by:Bradley Haynes
ID: 22791804
We are using Outlook 2003.
0
 
LVL 19

Expert Comment

by:bevhost
ID: 22791841
can you try outlook express?
0
 
LVL 19

Expert Comment

by:bevhost
ID: 22791852
Can you do a

postconf -n

on your postfix server and post the ouput here..

0
 

Expert Comment

by:BolAcc
ID: 22795203
My company is experiencing the exact same problem. We use Lotus Domino 7 mailservers with lLotus Notes 7 clients.

The error we get is "Error transferring to sappi.com.inbound15.mxlogicmx.net; SMTP Protocol Returned a Permanent Error 554 Denied (Mode: normal)", where sappi.com is the domain we are trying to send e-mail to. We get this error when sending mail to some other domains as well.

I did the spf test, the results were fine.

Just sent an email to mxlogic to verify that our mailservers are not listed on their blacklist, they haven't responded yet.
If anyone finds a solution, please post it here.
0
 
LVL 19

Expert Comment

by:bevhost
ID: 22800161
Seems to me like mxlogicmx.net have some kind of filter that is causing this problem

perhaps some kind of transparent smtp proxy
similar to this one
http://smtp-proxy.klolik.org/


0
 
LVL 8

Author Comment

by:Bradley Haynes
ID: 22823887
Here is the result of the postconf -n ... .. .. .. ..


> postconf -n
alias_maps = mysql:/etc/postfix/mysql-aliases.cf
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
html_directory = /usr/share/doc/postfix-2.4.7-documentation/html
inet_interfaces = $myhostname, localhost
local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = mydomainName.com, $transport_maps
mydomain = $myhostname
myhostname = mydomainName.com
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.4.7-documentation/readme
relocated_maps = mysql:/etc/postfix/mysql-relocated.cf
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-client.cf
smtpd_recipient_restrictions = permit_sasl_authenticated,       permit_mynetworks,       reject_unauth_destination,      check_policy_service inet:127.0.0.1:10023,      permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-sender.cf
smtpd_tls_CAfile = /usr/local/ssl/PositiveSSL-bundle.crt
smtpd_tls_cert_file = /usr/local/ssl/dajainternational.com.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_tls_loglevel = 0
smtpd_tls_security_level = may
smtpd_use_tls = yes
transport_maps = mysql:/etc/postfix/mysql-transport.cf
unknown_local_recipient_reject_code = 450
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf
virtual_gid_maps = mysql:/etc/postfix/mysql-virtual-gid.cf
virtual_mailbox_base = /home/vmail
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf
virtual_uid_maps = mysql:/etc/postfix/mysql-virtual-uid.cf
0
 
LVL 19

Expert Comment

by:bevhost
ID: 22826807
So I assume then that you are using SMTP AUTH (SASL) in Outlook?

Can you enable the attached in your master.cf

Ensure that port 587 is open in your firewall and have the outlook client use port 587 instead of 25.



submission inet n       -       n       -       -       smtpd 
  -o smtpd_enforce_tls=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject

Open in new window

0
 
LVL 8

Author Comment

by:Bradley Haynes
ID: 22827239
So I assume then that you are using SMTP AUTH (SASL) in Outlook?

Yes. I am using SSL on port 993 and TLS on port 25.
0
 
LVL 19

Accepted Solution

by:
bevhost earned 2000 total points
ID: 22828357
If you try the TLS on port 587 (submission port) you may bypass any transparent proxy filtering at the ISP.

0

Featured Post

Moving data to the cloud? Find out if you’re ready

Before moving to the cloud, it is important to carefully define your db needs, plan for the migration & understand prod. environment. This wp explains how to define what you need from a cloud provider, plan for the migration & what putting a cloud solution into practice entails.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links.
Want to know how to use Exchange Server Eseutil command? Go through this article as it gives you the know-how.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question