merrydownx
asked on
Mail Sending Error 501/Error 554 Problem Ubuntu 8.04 Dovecot Squirrelmail On Private Server
I am a web-developer who built a server for a client a couple of years ago but have no previous or ongoing linux experience. I have full access to their server and configuration - but very little experience in linux / server configuration, so clear helpful advice and troubleshooting help would be gratefully received. Thanks in advance!
My client is able to receive mails fine but when they try to send a mail from their webmail it fails when the recipient is anyone (except for their own email account which receives the mail fine. I set up squirrelmail for them on their server and that is what they use.
They didn't have a problem sending mail from their squirrelmail webmail system until I upgraded their server recently from the previous incarnation (gutsy gibbon). The error email received (with domain xx'd out but all characters crossed out are alphabetical) :
MAIL SUBJECT
------------------
Returned mail: see transcript for details
MAIL BODY
--------------
The original message was received at Tue, 23 Mar 2010 11:08:59 GMT
from localhost [127.0.0.1]
----- The following addresses had permanent fatal errors -----
<ian@xxxxxxx.com>
(reason: 501 Syntactically invalid HELO argument(s))
----- Transcript of session follows -----
... while talking to xxxxxxx.com.:
>>> HELO ;; connection timed out; no servers could be reached
<<< 501 Syntactically invalid HELO argument(s)
554 5.0.0 Service unavailable
Full HEADER
---------------
Return-Path: <MAILER-DAEMON>
Received: from localhost (localhost)
by ;; connection timed out; no servers could be reached (8.14.1/8.14.1/Debian-8ubu
Tue, 23 Mar 2010 11:09:00 GMT
Date: Tue, 23 Mar 2010 11:09:00 GMT
From: Mail Delivery Subsystem <MAILER-DAEMON>
Message-Id: <201003231109.o2NB90LC0168
To: <info@xxxxxxx.co.uk>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-statu
boundary="o2NB90LC016868.1
Subject: Returned mail: see transcript for details
Auto-Submitted: auto-generated (failure)
My client is able to receive mails fine but when they try to send a mail from their webmail it fails when the recipient is anyone (except for their own email account which receives the mail fine. I set up squirrelmail for them on their server and that is what they use.
They didn't have a problem sending mail from their squirrelmail webmail system until I upgraded their server recently from the previous incarnation (gutsy gibbon). The error email received (with domain xx'd out but all characters crossed out are alphabetical) :
MAIL SUBJECT
------------------
Returned mail: see transcript for details
MAIL BODY
--------------
The original message was received at Tue, 23 Mar 2010 11:08:59 GMT
from localhost [127.0.0.1]
----- The following addresses had permanent fatal errors -----
<ian@xxxxxxx.com>
(reason: 501 Syntactically invalid HELO argument(s))
----- Transcript of session follows -----
... while talking to xxxxxxx.com.:
>>> HELO ;; connection timed out; no servers could be reached
<<< 501 Syntactically invalid HELO argument(s)
554 5.0.0 Service unavailable
Full HEADER
---------------
Return-Path: <MAILER-DAEMON>
Received: from localhost (localhost)
by ;; connection timed out; no servers could be reached (8.14.1/8.14.1/Debian-8ubu
Tue, 23 Mar 2010 11:09:00 GMT
Date: Tue, 23 Mar 2010 11:09:00 GMT
From: Mail Delivery Subsystem <MAILER-DAEMON>
Message-Id: <201003231109.o2NB90LC0168
To: <info@xxxxxxx.co.uk>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-statu
boundary="o2NB90LC016868.1
Subject: Returned mail: see transcript for details
Auto-Submitted: auto-generated (failure)
ASKER
Hi Tobias, thanks for your answer.
I can telnet from my location to my clients server. Is it possible to perform this test remotely somehow (from my machine -> his -> someone else server)? I work remotely on it now that it has been delivered - though I can go on site if absolutely required.
Jim
I can telnet from my location to my clients server. Is it possible to perform this test remotely somehow (from my machine -> his -> someone else server)? I work remotely on it now that it has been delivered - though I can go on site if absolutely required.
Jim
ASKER
When I tried telnet mail.xxxxxx.co.uk 25 which is my company's mail server I got a reply back: 220 smtp-in-127.livemail.co.uk
Kind regards,
Jim
Kind regards,
Jim
Hi!
Do you have SSH installed on the server? If not, look here: http://www.cyberciti.biz/faq/ubuntu-linux-openssh-server-installation-and-configuration/
Then use PuTTY to connect via SSH to your remote server: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
Now you can run 'telnet' to test if you can connect to port 25 on a remote computer. You can use 'nslookup' to get the mail servers addresses.
Example:
user@ubuntu910-desktop:~$ nslookup
> set type=mx
> xpro.se
Server: 172.16.64.3
Address: 172.16.64.3#53
Non-authoritative answer:
xpro.se mail exchanger = 10 mx-cluster-b1.one.com.
xpro.se mail exchanger = 10 mx-cluster-b2.one.com.
Authoritative answers can be found from:
mx-cluster-b1.one.com internet address = 195.47.247.194
mx-cluster-b2.one.com internet address = 195.47.247.195
then use 'telnet mx-cluster-b1.one.com 25' to test SMTP.
Regards, Tobias
Do you have SSH installed on the server? If not, look here: http://www.cyberciti.biz/faq/ubuntu-linux-openssh-server-installation-and-configuration/
Then use PuTTY to connect via SSH to your remote server: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
Now you can run 'telnet' to test if you can connect to port 25 on a remote computer. You can use 'nslookup' to get the mail servers addresses.
Example:
user@ubuntu910-desktop:~$ nslookup
> set type=mx
> xpro.se
Server: 172.16.64.3
Address: 172.16.64.3#53
Non-authoritative answer:
xpro.se mail exchanger = 10 mx-cluster-b1.one.com.
xpro.se mail exchanger = 10 mx-cluster-b2.one.com.
Authoritative answers can be found from:
mx-cluster-b1.one.com internet address = 195.47.247.194
mx-cluster-b2.one.com internet address = 195.47.247.195
then use 'telnet mx-cluster-b1.one.com 25' to test SMTP.
Regards, Tobias
ok! That's good!
Can you continue to test the mail via telnet to see if you can send a message too?
Use this guide for the test: http://support.microsoft.com/kb/153119
Regards, Tobias
Can you continue to test the mail via telnet to see if you can send a message too?
Use this guide for the test: http://support.microsoft.com/kb/153119
Regards, Tobias
ASKER
Thanks for the link Tobias.
I tried that and it worked fine. I received that message at my own email account from the server I am testing using telnet to create the simple message. So it looks like smtp is not firewalled - if I am reading these tests right.
Jim
I tried that and it worked fine. I received that message at my own email account from the server I am testing using telnet to create the simple message. So it looks like smtp is not firewalled - if I am reading these tests right.
Jim
ok!
Mail Sending Error 501/Error 554 is frequently related to errors in DNS. Some ISP's (the list is growing) will do different types of verification to check if a message is valid before receiving it. I am sure we are all familiar with the lack of a reverse lookup for a mail server, but some ISP's are also checking to see if an email account is valid before receiving the message.
This validation is done by looking up the MX record for a given domain and then checking the mail server listed in the MX record to verify that the sender has an account on that machine. Most mail servers will respond to this query. Once it is known that the user does exist in the mail domain, the mail is received and delivered to the appropriate box.
If the server does not respond to this query or the senders account does not exist on the server referenced in the DNS MX record for that domain, the 554 DNR error message is issued.
Check your MX Records and your PTR records on your DNS server. If you have more than one MX record for domain make sure the records are valid and the priorities are properly set. This will fix a lot of the 554 problems.
Also, did you set up a SPF record for your domain? You can let disappear certain relaying issues (mostly due to spam filters) using an SPF record.
A question though: Is it only through webmail it fails? The same recipient works when using telnet?
Regards, Tobias
Mail Sending Error 501/Error 554 is frequently related to errors in DNS. Some ISP's (the list is growing) will do different types of verification to check if a message is valid before receiving it. I am sure we are all familiar with the lack of a reverse lookup for a mail server, but some ISP's are also checking to see if an email account is valid before receiving the message.
This validation is done by looking up the MX record for a given domain and then checking the mail server listed in the MX record to verify that the sender has an account on that machine. Most mail servers will respond to this query. Once it is known that the user does exist in the mail domain, the mail is received and delivered to the appropriate box.
If the server does not respond to this query or the senders account does not exist on the server referenced in the DNS MX record for that domain, the 554 DNR error message is issued.
Check your MX Records and your PTR records on your DNS server. If you have more than one MX record for domain make sure the records are valid and the priorities are properly set. This will fix a lot of the 554 problems.
Also, did you set up a SPF record for your domain? You can let disappear certain relaying issues (mostly due to spam filters) using an SPF record.
A question though: Is it only through webmail it fails? The same recipient works when using telnet?
Regards, Tobias
ASKER
Ok, thanks for your help so far, this is where it gets sticky... I hope you have the patience to bear with me on this one as your help has been terrific so far!
I never got mail working through a mail client using these accounts., they have always used the webmail which worked until recently. I don't know if this does suggest that its some element of dns/smtp not working rather than the squirrelmail config, but I thought I'd mention it in case.
I will try to check DNS, I think the place to be check would be somewhere within BIND DNS Server (I am using webmin to remotely administrate currently). I am not sure where to look for this really. Can you point me at a file location on the server or section of the BIND DNS Server interface through webmin?
Jim
I never got mail working through a mail client using these accounts., they have always used the webmail which worked until recently. I don't know if this does suggest that its some element of dns/smtp not working rather than the squirrelmail config, but I thought I'd mention it in case.
I will try to check DNS, I think the place to be check would be somewhere within BIND DNS Server (I am using webmin to remotely administrate currently). I am not sure where to look for this really. Can you point me at a file location on the server or section of the BIND DNS Server interface through webmin?
Jim
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Tobias.
SOME SUCCESS HERE THANK YOU SO MUCH! (answers first, strategy below)
yes when I followed the link you sent to me for telneting a mail to someone I tried successfully to send myself a mail from the server having the problem. This did not work via webmail.
The xxx.com address above is a recipient email address it seems the mail is being bounced on arrival yes. I doubt the server could be blacklisted as it is a private server, by which I mean it is running out of my clients office and they have less than 100 users currently. They never mail out for marketing, just to reply to clients.
Successful Bit
------------------
Right, now I skipped to the end of the text at the end of the first link to where it mentions: removing the following lines from sendmail.mc (which I found on my server at: /etc/mail/sendmail.mc and /usr/share/sendmail/cf/deb
include(`/etc/mail/m4/dial
include(`/etc/mail/m4/prov
------------------
Questions
-------------
Now, I haven't too much of a clue whether this jury-rigged fix is likely to have some unwanted side effects, or if there is a better fix for this. I'm happy to take your advice on that Tobias, but I have tested sending to my company's mail and my gmail and both are working.
So just a few questions:
Are we to assume that this is - as you describe it above - a bug of this version or a rough patch for a configuration error I have made?
Do you think that this is a safe fix for the server or basis for further investigation?
Was I right to comment out the lines from both locations I gave above?
I am unlikely to upgrade the server again this decade ;) I only performed the last upgrade in order to get SSH/telnet access working properly ironically. Thanks for your help so far Tobias. If I could trouble you to give me pointers on the above questions I would be most grateful!!!
Jim
SOME SUCCESS HERE THANK YOU SO MUCH! (answers first, strategy below)
yes when I followed the link you sent to me for telneting a mail to someone I tried successfully to send myself a mail from the server having the problem. This did not work via webmail.
The xxx.com address above is a recipient email address it seems the mail is being bounced on arrival yes. I doubt the server could be blacklisted as it is a private server, by which I mean it is running out of my clients office and they have less than 100 users currently. They never mail out for marketing, just to reply to clients.
Successful Bit
------------------
Right, now I skipped to the end of the text at the end of the first link to where it mentions: removing the following lines from sendmail.mc (which I found on my server at: /etc/mail/sendmail.mc and /usr/share/sendmail/cf/deb
include(`/etc/mail/m4/dial
include(`/etc/mail/m4/prov
------------------
Questions
-------------
Now, I haven't too much of a clue whether this jury-rigged fix is likely to have some unwanted side effects, or if there is a better fix for this. I'm happy to take your advice on that Tobias, but I have tested sending to my company's mail and my gmail and both are working.
So just a few questions:
Are we to assume that this is - as you describe it above - a bug of this version or a rough patch for a configuration error I have made?
Do you think that this is a safe fix for the server or basis for further investigation?
Was I right to comment out the lines from both locations I gave above?
I am unlikely to upgrade the server again this decade ;) I only performed the last upgrade in order to get SSH/telnet access working properly ironically. Thanks for your help so far Tobias. If I could trouble you to give me pointers on the above questions I would be most grateful!!!
Jim
I think you should reboot the server to see if the fix stays put!
I think you did right to comment out the lines from both locations!
Regards, Tobias
I think you did right to comment out the lines from both locations!
Regards, Tobias
ASKER
I rebooted it after applying the fix and just rebooted it on your suggestion to see if it held (which it did).
Unless you think there is room for improvement with this fix Tobias, I will be happy to close this case. I am very grateful for your help. I didn't come to the advice you found via google myself, I was getting hung up in investigating DNS and settings for domain which seem not to be the cause this time!!!
Let me know if you would.
Jim
Unless you think there is room for improvement with this fix Tobias, I will be happy to close this case. I am very grateful for your help. I didn't come to the advice you found via google myself, I was getting hung up in investigating DNS and settings for domain which seem not to be the cause this time!!!
Let me know if you would.
Jim
ok! Then I would say this problem is solved. I was unsure if the fix would remain after a reboot, but it seems like it did. The problem looks like a bug in the upgrade affecting sendmails config files.
Regards, Tobias
Regards, Tobias
ASKER
Thanks for the confirmation, time and help with this Tobias!
Jim
Jim
ASKER
Thanks very much for your help getting to this solution Tobias. I doubt I'd have got to the bottom of the problem this decade without help!
Have you checked the firewall if it's blocking SMTP traffic? Can you test a TELNET session from your clients server to a external SMTP server?
Regards, Tobias