PDA

View Full Version : Error 5.7.1 Relaying denied



Corrado Fiore
07-05-2004, 07:37 AM
Hi,

I am experiencing a weird e-mail problem.

I have some working mail accounts on a VDS. When sending mail from external accounts, I get a 5.7.1 error ("relaying denied"). This happens only when sending from certain addresses.

For example, sending from corrado underscore fiore at jumpy dot it would always work, but sending from corrado at sintetica dot it would never.

This is the error I get:


- these recipients were processed by the mail server:
myaccount@my-name-based-vds.com; didn't work; 5.1.1. (bad destination address)

remote MTA name-based-vds.com: SMTP diagnostics: 550 5.7.1 <myaccount@my-name-based-vds.com>... relaying denied

I tried to disable the "use local mail server" option on the vds, but got no luck.

Oddly enough, the telnet shows no errors:


telnet my-name-based-vds.com 25
Trying 69.36.161.61...
Connected to my-name-based-vds.com.
Escape character is '^]'.
220 ESMTP Sendmail 8.11.6/8.11.6; Thu, 17 Jun 2004 07:29:46 -0600
MAIL FROM: corrado at sintetica dot it
250 OK.
rcpt to: account@my-name-based-vds.com
250 2.1.5 accoutn@my-name-based-vds.com... Recipient ok
DATA
354 Enter mail, end with "." on a line by itself
This is a test
.
250 2.0.0 i5HDTv427082 Message accepted for delivery
QUIT
221 2.0.0 my-name-based-vds.com closing connection

I'm really stuck. Does anyone have an idea about what can cause the problem?

Thanks,
Corrado

jalal
07-06-2004, 12:56 AM
If you have the email address "john@example.com" you can send email that is from "john". But "jack@spammer.com" can't send an email. This is to stop the SMTP server from becoming an open relay.

Does that help?

Corrado Fiore
07-06-2004, 01:22 AM
Hi Jalal,

I see what you mean, but it's not my case :(.

The destination address is just one, and it "lives" on a WH virtual dedicated server. Let's call it mydestaddress@my-vds.com.

When I send e-mails (both using a webmail application and a mail client) from any account "at sintetica dot it" to mydestaddress@my.vds.com, I get a "relaying denied error".

Messages from any other accounts that I've used are accepted instead.

Telnetting on port 25 works fine (see above).

Thanks for your help,
Corrado

jalal
07-06-2004, 08:54 AM
Ah, I see. So SMTP at 'my-vds.com' is refusing to accept mail for the account 'mydestaddress' when sent via 'sintetica.it'?

I don't know why that would happen from just that domain. On my setup I have some addresses set in /etc/mail/access that give 550 errors, but they would give that error to all callers, not just to one domain. Unless you have sintetica.it listed in the access file, but you would know if you did.

I don't have an answer to your problem, I can only guess (and this is just a guess) that the MTA at sintetica.it is doing something to the headers that sendmail at my-vds.com doesn't like, but I don't know what.

HTH

FZ
07-06-2004, 12:21 PM
If I remember correctly, there is an as yet "unfixed" bug sending mail from one VPS to another - I can't remember if it occurs when sending mail to and from one name-based VPS to another, or if it occurs when sending mail from a 1.0 to a 2.0 (or vice versa). There was a thread about this a while ago, but I can't find it...

FZ
07-06-2004, 12:26 PM
Hmm, seems like your sintetica.it is on 2.0 and your jumpy.it is on 1.0 - that might be the source of the problem. Perhaps someone from WestHost can confirm this.

Corrado Fiore
07-06-2004, 02:52 PM
Hi FZ,

I remember the thread you mean. I tried to disable the "use local mail server" option in the VDS configuration but got no luck. As usual, mail sent from Sintetica.it causes the error while mail sent from other providers, including WH accounts, seems to be working fine. By the way, Sintetica.it mail server is not on WH: it's managed by a third party provider here in Milan.

In conclusion, seems to me that this problem was never experienced by other WH customers before, so it's probably not a WH fault --I think it must be caused by my ISP.

I'll start investigating with them (fastweb.it) and post here any results.

Thanks a lot for taking the time to share your thoughts.

Corrado

FZ
07-06-2004, 03:53 PM
Sintetica.it mail server is not on WH: it's managed by a third party provider here in Milan.

Then I think it is safe to assume that is probably where the problem lies. If I had to guess, I would say it has something to do with your domain's MX records. You say mail is handled by a third party: how did you set that up? Did you change MX records manually, or what? I think in this case, you should definitely keep "Use local mail server" disabled for that domain, since you do not want to use it. I have gone through a somewhat similar process: I had two domains (an old and a new). The old one was added as a pointer, and since I received nothing but spam on that, I wanted to disable mail for it. I did so, using the option in my Site Manager, but this still used up bandwidth, and sent out the exact same error you get (the 5.7.1) when mail was sent to that domain. In the end, I had to completely remove that domain from my VPS, and use that domain's registrar to add a URL forward to my new domain, and explicitly added an MX record that pointed to the registrar's mail server. I did not set up any e-mail addresses, but now my VPS does not see any mail whatsoever for that domain: mail sent to it now rejects with a 5.7.1, but this time [the error] is generated by my registrar's mail server, not mine (so I save on bandwidth/resources).

The point of telling you all that is my theory for your problem/situation is that for mail accounts where you get the 5.7.1 error, the WestHost NameServers are the ones that are "used" (possibly using your old MX record, which still points to your VPS) - perhaps because they are cached by the ISP(s) concerned - meaning your VPS' Sendmail "receives" the mail, which it cannot do anything with since it is forbidden by configuration (since you have disabled use local mail server), hence it generates that error.

If it has not been more than 48 hours, it is possible that full "propagation" of your mail server changes has not occurred. In my experience, there seem to be some very stubborn/outdated ISPs that still insist on sending mail for my old domain to my VPS (i.e. they think the domain still has the same MX record, and same WestHost NameServers). I say this because in my stats I can see that there are still a couple of attempts to relay mail for the old domain - and this is more than 1 week after I made the changes. It is possible your ISP simply has not "checked" for the changes yet.

Of course, I am no expert on domains and related records, so my understanding as above is from a completely "logical" perspective. Somebody correct me if I am incorrect about caching and how it all works, etc.

Hope that makes sense to you.


Thanks a lot for taking the time to share your thoughts.

No problem. Keep us updated on your progress.

Corrado Fiore
08-23-2004, 06:03 AM
Hi,

although I've not solved the problem yet, I got some news. The sending address (corrado at sintetica dot it) is being run using IMail Server from IpSwitch.

I read on some newsgroups that other IMail users are experiencing the same problem so, using FZ's words, that's probably where the problem lies (on the other hand, telnetting "by hand" on port 25 has always worked fine).

If I got some news from the IMail administrator at Sintetica.it, I'll post the results here.

Corrado Fiore