Solved

How do I configure DNS and qmail to send email on second ip / domain?

Posted on 2011-02-27
9
1,289 Views
Last Modified: 2013-12-02
Hi all,

This is my first ever post. I hope you can help - I've been searching the web for days now.

I am having the problem that many of my emails from a simple local PHP mail() command are not being successfully received:

Remote host said: 550-Verification failed for <anonymous@localhost.localdomain>
550-Unrouteable address
550 Sender verify failed

When I run a SMTP test on MXToolbox, it says: Warning - Reverse DNS does not match SMTP Banner

I can verify that my host has set the reverse DNS and this is proven via a ptr lookup too.

The server situation - Plesk with qmail. Two IP address / two websites.

The second IP address (i.e. not the primary IP) is the one that I need to send emails from the website. I assume this may have something to do with it?

I have tried to set the TXT record of this domain to include ip4:IP-Address-of-first-ip.

I imagine, I'm missing something basic? I'm afraid my knowledge is fairly limited - hence being on here.

Any assistance would be very much appreciated.

Thank you,

D
0
Comment
Question by:djp120
  • 5
  • 2
  • 2
9 Comments
 
LVL 20

Accepted Solution

by:
Daniel McAllister earned 500 total points
ID: 34997859
Firstly djp120, welcome to EE!

You have unwittingly asked two questions -- or rather, you unknowingly have two separate problems.

The latter may in fact be the easiest to repair -- asking QMail to use a specific IP address on outbound mail -- and in fact, QMail is probably more powerful than you'll need in this respect.

First, a little background so you'll understand a little of the why and how:
QMail was written in 1995 by a guy who thought UNIX's sendmail was an atrocity and an affront to all that UNIX hoped to be... and he was right. Still, the gifted systems programmer that he was, once he "solved" the e-mail server problem, he got bored and moved on to other things. As a result, the "latest" QMail (version 1.03) hasn't been upgraded or touched in many MANY years. What has changed is the number of 3rd-party "tweaks" and "add-ons" that work with QMail.

By far, the most common set of those "tweaks" became a single package called NetQMail -- the overall stability of NetQMail is similarly demonstrated by its version number -- 1.06 -- which dates to 2007.

The point of the above is that QMail is not a single program with a single company (or person) behind it. It's more like a Linux distribution -- a collaborative effort with nearly as many implementation choices as there are Linux versions. As a result, what I suggest below SHOULD work for you, as it is common for the appropriate patches to have been installed... BUT it is possible that they will not... it depends on how YOUR QMail was built.

The QMail configuration folder is usually located at /var/qmail/control, and there is a common QMail patch that supports an assignment of outgoing IP addresses on a per-domain-name basis. The file name (you'll need to create it) is outgoingips and the format of the file is a line-by-line declaration of domain:IP

So, if you have 3 domains, and 3 IP addresses (each domain assigned to an IP), your file contents would look like:

domain1.com:1.1.1.1
domain2.com:2.2.2.2
domain3.com:3.3.3.3

I will mention 1 thing here: CAVEAT EMPTOR -- getting "tricky" with IP addresses and domain names is mostly going to get your QMail configuration convoluted and difficult to administer -- especially if someone has to come in AFTER you leave! Consider that far fewer than 1% of Internet users ever check the mail headers to see what the "real" name of the MTA was on any given message. So what if all of domain2.com's and domain3.com's messages say they came from an MTA named "mail.domain1.com" -- virtually no-one will care!

OK -- now on to the FIRST problem -- your PHP script isn't using the mail() function properly (or your php.ini isn't setup properly). The QMail program is complaining about:
 1) there is no "sent from" address, so anonymous is assumed -- and it is invalid, so far as QMail is concerned, and
 2) the send-to address is not valid -- although it may simply be missing -- either way, QMail can't determine where it's going

Hopefully this'll get you through to the next questions!

Regards,

Dan
IT4SOHO
0
 

Author Comment

by:djp120
ID: 34998083
Hi Dan,

I think that may have done it - thank you! Essentially, I was hosting the site on another server, copied it to a new one and thought it would continue to work.

I have simply added '-f sales@mydomain.com' to the 5th parameter of mail function.

This started sending the email, but the next problem I just changed was the line feeds in the header, to change \r\n to just \n.

I have yet to add the outgoingips part - it works so tempted to leave it. - What do you think?

Thanks again (I now have another problem but will post that separately),

Dan
0
 

Author Closing Comment

by:djp120
ID: 34998091
Superb and thorough answer - great stuff. It is very much appreciated!!
0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 
LVL 40

Expert Comment

by:noci
ID: 34998356

Remote host said: 550-Verification failed for <anonymous@localhost.localdomain>
550-Unrouteable address
550 Sender verify failed

This tells you that the REMOTE host tried to verify the sender address by connecting to the node localhost.localdomain (ie. back to itself) and asking if the anonymous mailbox is a valid name.

If the remote server doesn't have an anonymous mailbox (username etc.) then the check will fail.
If sender verify is used then you need to specify a valid sender for the server involved.

If this is your server then you either need to disable send verification for mail though 127.0.0.1 (or all).
Or you need create an anonymous maildrop on your systems, so sender verify does work.
0
 

Author Comment

by:djp120
ID: 34998384
I do apologise, how do I disable send verification? It's an Ubuntu/Plesk server with qmail.

Thank you.
0
 
LVL 40

Expert Comment

by:noci
ID: 34998652
qmail is mostly configured with control files, so if you can place a file in the qmail config (.../control/ ) directory you can control qmail.
(That depends on how plesk operates, i have no plesk knowledge).

You should be able to disable sender verification by inserting the hostname/ipaddresss in the rcpthosts control file.
(That would allow all from addresses from that system).
If restrictions on domains are used: (This assumes the qmail patch from http://www.fehcom.de/qmail/mav/README.mav is used.) you can enter lines in the mailfromrules control file.
0
 

Author Comment

by:djp120
ID: 34998760
Thanks noci,

It runs plesk, but I have access to edit such files. I've just ran:

cat /var/qmail/control/rcpthosts

and the domains are in there. No Ip addresses though. I imagine Plesk added these automatically on creation of the domain/email.
0
 
LVL 20

Expert Comment

by:Daniel McAllister
ID: 34999406
Hmmmm... I guess remote depends on which log file you're looking at -- I was assuming we were looking at the PHP script's log file, not the local qmail-send logfile.

In the former case, I stand by my statement that there was simply no "from" address listed, and so chkuser stalled the message send process.

You CAN get around that by modifying the file /etc/tcprules.d/tcp.smtp -- and make an entry like:
127.0.0.1:allow,RELAYCLIENT="",SENDER_NOCHECK="1"

Which says that for messages sent from the localhost (127.0.0.1), you always allow relaying and you don't check for sender validity.
Of course, that's no guarantee the recipient MTA will accept your message -- I know that if you send a message from "anonymous@localhost.localdomain" to my mailserver (on a public IP address), you'll be marked as SPAM and deleted (no error message back -- just deleted).

But I thought djp120 said it was working now...

Dan
IT4SOHO

PS: If you make the above change, you'll need to recompile the tcprules (usually with a command like qmailcitl cdb)
0
 

Author Comment

by:djp120
ID: 34999441
It is working, I think i'll leave it alone know, but thank you all for your help...It is very much appreciated.

D
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
DNS error assumed 8 59
RRAS AND DNS 15 46
SMTP ReturnPath address for forwarded messages does not match the mailbox's ReplyTo address. 1 46
Handling abuse of email address 7 34
Workplace bullying has increased with the use of email and social media. Retain evidence of this with email archiving to protect your employees.
Granting full access permission allows users to access mailboxes present in their database. By giving full access permission one can open and read the content of any mailbox but cannot send emails from that mailbox.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question