Solved

Google tried to deliver your message, but it was rejected by the server for the recipient

Posted on 2014-01-26
24
6,476 Views
Last Modified: 2014-11-12
Dear expert,

My Linux sever doesn't send emails out, the error message I am getting from gmail is:

Google tried to deliver your message, but it was rejected by the server for the recipient domain outbounds10.obsmtp.com by outbounds10.obsmtp.com. [74.125.244.12].

After checking Linux maillog, I sofrom email is @localhost.localdomain.  before it was the machine name with the domain which was Linux.mydomain.com.  but it is changed to default.  see attachment.

How can I solve this please
maillog.txt
0
Comment
Question by:uknet80
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 10
  • 3
  • +1
24 Comments
 
LVL 96

Expert Comment

by:Experienced Member
ID: 39810064
Do you have a Reverse Lookup for your server?  When you send mail, the recipient will often look back to see if you are alive and proper (Reverse Lookup). If it cannot find you, it considers the mail to be spam and does not deliver.

Ask your ISP to implement Reverse Lookup. They have to do it.

... Thinkpads_User
0
 

Author Comment

by:uknet80
ID: 39811110
I have never had this before, that is for almost a year, and never had problem.
as I mentioned above.  something changed within the server.
"After checking Linux maillog, the @Linux.mydomain.com has changed to @localhost.localdomain.
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39811315
First off... this is not the exact issue due to which your message was might rejected by google. .

Can you please paste the bounce back message or the mail headers from google so i can see and suggest something here...

To change this domain name you can simply configure MASQUERADE domain name in sendmail.

TY/SA
0
Linux Academy Android App Now Supports Chromecast

We have some fantastic news for our Android fans. We’re so excited to announce that the Linux Academy Android app is now available with Chromecast support. That’s right – simply download the latest update of the Linux Academy App and start casting your favorite course videos!

 

Author Comment

by:uknet80
ID: 39811715
please check the attachment, I am using SMTP Relay.  which authenticate a single user google account.

please ignore the log I sent previously and look at the attachment document.
maillog.txt
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39811771
STARTTLS=client: file /etc/mail/certs/sendmail.pem unsafe: Group readable file

check the permission of this file must be 400


TY/SA
0
 

Author Comment

by:uknet80
ID: 39811846
the file wasn't even available, it is now
-rw-r--r-- 1 root root 2144 Jan 27 15:40 sendmail.pem

still having same issue.  check updated attachment
maillog.txt
0
 

Author Comment

by:uknet80
ID: 39811883
this was solved,

check this link:

http://alexcline.net/2011/03/22/fix-from-address-rootlocalhost-localdomain-in-sendmail/

the error message changed to

return to sender: Service unavailable


Jan 27 15:55:59 abc-koha sendmail[13636]: STARTTLS=client, relay=smtp.gmail.com, version=TLSv1/SSLv3, verify=OK, cipher=RC4-SHA, bits=128/128
Jan 27 15:56:00 abc-koha sendmail[13636]: s0RCtrao013634: to=<user1@abc.edu.iq>, delay=00:00:07, xdelay=00:00:07, mailer=relay, pri=120306, relay=smtp.gmail.com [74.125.25.108], dsn=5.0.0, [b]stat=Service unavailable[/b]
Jan 27 15:56:00 abc-koha sendmail[13636]: s0RCtrao013634: s0RCu0ao013636: DSN: Service unavailable
Jan 27 15:56:00 abc-koha sendmail[13636]: s0RCu0ao013636: to=<root@abc-koha.abc.local>, delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=31532, relay=smtp.gmail.com, dsn=5.0.0, [b]stat=Service unavailable[/b]
Jan 27 15:56:00 abc-koha sendmail[13636]: s0RCu0ao013636: s0RCu0ap013636: return to sender: Service unavailable

Open in new window



?
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39811901
but this will not cause any issue
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39811909
either remove TLS or configure correct cacert.

TY/SA
0
 

Author Comment

by:uknet80
ID: 39811984
have a look at the log message for the latest error message I am getting
maillog.txt
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39812051
telnet 74.125.244.12 25

HELO localhost

mail from:a@a.com
rcpt to:b@b.com


paste the output here from your linux machine pls

TY/SA
0
 
LVL 30

Expert Comment

by:Sudeep Sharma
ID: 39812370
>>>>telnet 74.125.244.12 25
It should be

telnet smtp.gmail.com 587

SMTP to gmail would not work on port 25.

Further don't mentioned the IP, it might change when you try to email at your time and location.

Also your logs suggests "DSN: Service unavailable" which means that your server is unable to reach smtp.gmail.com or even smtp.gmail.com is rejecting your server's public IP address.

Sudeep
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39812418
Not abt google..... I was trying to see whether remote server accept the helo or not..
0
 
LVL 30

Expert Comment

by:Sudeep Sharma
ID: 39812583
Well if you look at the question again you would realize that the user is actually using gmail as smarthost to send the emails out.
Secondly the IP that you have mentioned belongs to the Postini. Which would though offer the port 25, but user is actually not sending the emails directly to it. So checking whether it is accepting connection or not would not resolve the issue which user is facing.

Sudeep
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39812642
Agree with what you say Genuis ;) .. i wanted to see whether user is getting any error msg while checking the connection without STARTTLS hence asked to check once.

And yes, he wanted to use SMART_RELAY FOR that i mentioned earlier to configure TLS properly.

TY/SA
0
 
LVL 30

Expert Comment

by:Sudeep Sharma
ID: 39812722
Agree with you too AgarwalJI,

But what TLS has to do with the error which user was getting "Google tried to deliver your message, but it was rejected by the server for the recipient domain outbounds10.obsmtp.com by outbounds10.obsmtp.com."

It is simply because Postini is rejecting the emails from the User. Most likely user's email address. In this case what user is using for connecting to the gmail.com.

User must need to speak with the recipient of the mail as in Postini User's also have ability to have there own whitelist and black list of email addresses.

Thanks,
Sudeep
0
 

Author Comment

by:uknet80
ID: 39814161
because I am using SMTP relay, I assume there is no need to TLS, because through the relay I use gmail account to authenticate.  and I have other servers that uses SMTP relay without an issue.

her is the log of the command you sent me:
[root@library auth]# telnet smtp.gmail.com 587
Trying 74.125.129.108...
Connected to smtp.gmail.com (74.125.129.108).
Escape character is '^]'.
220 mx.google.com ESMTP qf7sm101559551pac.14 - gsmtp
HELO localhost
250 mx.google.com at your service
mail from:no-reply@abc.com
530 5.7.0 Must issue a STARTTLS command first. qf7sm101559551pac.14 - gsmtp
rcpt to:no-reply@abc.com
530 5.7.0 Must issue a STARTTLS command first. qf7sm101559551pac.14 - gsmtp

Open in new window

0
 
LVL 13

Expert Comment

by:Sandy
ID: 39814191
See google requires TLS authentication to be enabled to relay your mails.

250 mx.google.com at your service
mail from:no-reply@abc.com
530 5.7.0 Must issue a STARTTLS command first. qf7sm101559551pac.14 - gsmtp
rcpt to:no-reply@abc.com
530 5.7.0 Must issue a STARTTLS command first. qf7sm101559551pac.14 - gsmtp

TY/SA
0
 

Author Comment

by:uknet80
ID: 39814220
Even from the server that already work, after issuing that command, I get same message.

because I use SMTP relay I don't think TLS to be required
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39814255
then remove use TLS from email client and use simple plain text auth to relay the mails.

TY/SA
0
 

Author Comment

by:uknet80
ID: 39820154
would you tell me how to do that, I don't have much experience with Sendmail.

I will provide you with the changes I have done under sendmail:

Following command added to sendmail.mc

FEATURE(`authinfo', `hash /etc/mail/auth/client-info.db')dnl
define(`SMART_HOST', `smtp.gmail.com')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl

define(`CERT_DIR', `/etc/mail/certs')dnl
define(`confCACERT_PATH', `CERT_DIR')dnl
define(`confCACERT', `CERT_DIR/ca-bundle.crt')dnl
define(`confCRL', `CERT_DIR/ca-bundle.crt')dnl
define(`confSERVER_CERT', `CERT_DIR/sendmail.pem')dnl
define(`confSERVER_KEY', `CERT_DIR/sendmail.pem')dnl
define(`confCLIENT_CERT', `CERT_DIR/sendmail.pem')dnl
define(`confCLIENT_KEY', `CERT_DIR/sendmail.pem')dnl

define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl

Open in new window


under /etc/mail/auth/ path there is the authentication gmail username and password:
uthInfo:smtp.gmail.com "U:no-reply" "I:no-reply@abc.com" "P:XXXXXX" "M:PLAIN"
AuthInfo:smtp.gmail.com:587 "U:no-reply" "I:no-reply@abc.com" "XXXXXX" "M:PLAIN"

Open in new window


under /etc/mail/certs there is Generate SSL certificate


what do I need to change?
0
 

Author Comment

by:uknet80
ID: 39827562
any update on this please?
0
 
LVL 13

Accepted Solution

by:
Sandy earned 500 total points
ID: 39828846
under /etc/mail/auth/ path there is the authentication gmail username and password:

uthInfo:smtp.gmail.com "U:no-reply" "I:no-reply@abc.com" "P:XXXXXX" "M:PLAIN"
AuthInfo:smtp.gmail.com:587 "U:no-reply" "I:no-reply@abc.com" "XXXXXX" "M:PLAI


here is the mistake

uthInfo:smtp.gmail.com  ==> AuthInfo

TY/SA
0
 

Author Closing Comment

by:uknet80
ID: 39838505
Thanks for your support, the issue was permission on the files under /etc/mail/auth/,

chmod 600 filename

thanks
0

Featured Post

Database Solutions Engineer FAQs

In this series, we will discuss common questions received as a database Solutions Engineer at Percona. In this role, we speak with a wide array of MySQL and MongoDB users responsible for both extremely large and complex environments to smaller single-server environments.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In the first part of this tutorial we will cover the prerequisites for installing SQL Server vNext on Linux.
This Micro Tutorial demonstrates in Google Analytics how to create a custom report that shows you traffic over time using the month of year dimensions. There are also instructions on how to fix Google's odd month of year formatting, which Microsoft …
This Micro Tutorial will demonstrate using Google Doc how to import live data to another spreadsheet in Google Spreadsheets using the IMPORTRANGE function.
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question