I manage a server with Plesk 12.5 since a couple of years.
Everything (emails, websites, etc.) works perfectly with our main domain (let's call it myfirstdomain.com).
Since a couple of weeks, I added a new domain (let's cal it myseconddomain.fr) and everything seems to work too (emails and websites), except the following error: when a sender sends an email to us, he receives the following error after 5 days:
This is the mail system at host myfirstdomain.com.
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<fabrice#myseconddomain.fr>: Message can not be delivered at this time
Reporting-MTA: dns; myfirstdomain.com
X-Postfix-Queue-ID: DC0B1702585
X-Postfix-Sender: rfc822; xxx#xxx.net
Arrival-Date: Tue, 5 Mar 2019 21:18:00 +0100 (CET)
Final-Recipient: rfc822; fabrice#myseconddomain.fr
Original-Recipient: rfc822;fabrice#myseconddomain.fr
Action: failed
Status: 4.2.1
Diagnostic-Code: x-unix; Message can not be delivered at this time
De: XXX XXX <xxx#uxxxvi.net>
Objet: Testing title
Date: 5 mars 2019 à 21:17:58 UTC+1
À: Fabrice Troilo <fabrice#myseconddomain.fr>
Testing body
You can see that the reporting-MTA is myfirstdomain.com, so maybe there is confusion between the two domains?
Here is our SPF:
"v=spf1 a mx include:_spf.google.com ip4:XX.XX.XX.XX ~all"
I will try with this update for the two domains:
"v=spf1 +a +mx +a:myfirstdomain.com +a:myseconddomain.fr include:_spf.google.com ip4:62.210.16.40 ~all "
Also, the email address is simply forwarding to a gmail address.
Do you please have any clue to look at?
If you can send mail from the domain, but not receive it, it's not related to SPF. SPF authenticates when you send mail, not receive it.
Have you ensured that an MX record is set up for the secondary domain?
You can test this using the terminal on Linux or macOS with host -t MX myseconddomain.fr
If you are on Windows, then open a command prompt, type nslookup. Then when in nslookup, switch to query MX types with set q=mx and press enter. Then enter your domain myseconddomain.frand press enter.
If the MX records looks correct, then it must be some configuration in Plesk. We can test this by trying to deliver mail ourselves with telnet.
Open a terminal/command prompt and type telnet <myserverIP> 25 and press enter. This connects to your mailserver. It should respond with a line beginning with 220, and it's hostname. Then you can try and deliver a simple test mail, let's say from account1#example.net
EHLO example.NET
MAIL FROM:<account1#example.net>
RCPT TO:<fabrice#myseconddomain.fr>
DATA
This is a test email. To test delivery.
.
QUIT
The first few lines introduces yourself, sender and receiver to the mail server. DATA indicates you want to start the body of your email. And the period on a line by itself indicates that you are done with the body. QUIT then terminates the connection.
Then watch what your server says in reply to each command. If you can successfully deliver this way, then it's like a problem with your MX record.
I don't know if you have solve this Problem. If you have please let me know. We have a similar error.
I found out that is has to do with the E-Mail-Header because it may have two domains in it because it gets forwarded. Google don't like this :)
Google has opened a thread about it and they say you can enter the Domain that forward to the gmail address so it is not detected as some kind of spam.
I can not test it because I it is an gmail account from an client and I have no access.
May my executions help. I hope you have an better answer.
Greets Matt
Related
So recently we started to get this issue of email rejected by SPF, We we using the fraud-detector.eu site as away to send mails to test SPF :
Recipient: [SMTP:spf#fraud-detector.eu] Reason: Remote SMTP Server Returned: 550 5.7.23 <spf#fraud-detector.eu>: Recipient address rejected: Message rejected due to: SPF fail - not authorized. Please see http://www.openspf.net/Why? s=helo;id=mail.domain.co.uk;ip=45.83.xxx.xxx;r=<UNKNOWN>
**We have tweaked SPF and tested again with such tools as:**
[https://www.mail-tester.com][1]
[https://www.spf-record.com/analyzer][2]
[https://www.kitterman.com/spf/validate.html][3]
[https://mxtoolbox.com][4]
and they all gives the thumbs up, but still we are receiving these SPF rejection messages. So I'm sort of out of ideas.
**Current SPF on our domain names:**"
v=spf1 mx ip4:45.83.xxx.xxx ip4:45.83.xxx.xxx include:crm.cloud-example.com -all"
**The two listed ip4's represents:**
**1.)** our mail server
**2.)** Our business application server which also sends emails and host various busyness systems including our company's CRM which obviously also sends emails from staff and marketing mails.
We have updated the SPF records, but the result is nevertheless the same. We have checked and validated both SPF, Dmarc and DMKIM and they all turn out green and authenticated correctly on test tools such as:
[1]: https://www.mail-tester.com
[2]: https://www.spf-record.com/analyzer
[3]: https://www.kitterman.com/spf/validate.html
[4]: https://mxtoolbox.com
Feedback please?
I am trying to send email via linux command line using following command
echo "This is body part" | mail -s "this is subject" username#domain.com
If I send to gmail it works but if i send to office365 it does not work.
Could you help me?
This can also quite often be because of the mail relay server you are using (where the SMTP mail is routing through from the Linux box) not having been set up properly with public RDNS records. Many mail servers reject mail that comes from a domain without the appropriate RDNS configuration.
User checklist for "non delivered messages"
Checked Junk/Spam folder in the receiving mailbox.
Check sender mailbox for bounce (delivery problem report) mail messages.
You may receive first "warning email" after a few hours (e.g. 4h) of failing delivery attempts.
Some botched anti-spam system throw away messages "classified as spam" without any hint to the sender or the recipient -> ask admin/postmaster of the receiving mail server
I have a Problem with my virtual Server and the Combination of forwarding mails to googlemail.
I thry to forward mails to my googlemail-account, in the mail.log seems everything ok, but the mails never arrived.
Line in the mail.log:
postfix/smtp[3496]: F354E10E145: to=<xxxxx#gmail.com>, orig_to=<xxxxx#plockbrothers.de>, relay=gmail-smtp-in.l.google.com[74.125.136.26]:25, delay=0.96, delays=0.3/0/0.07/0.59, dsn=2.0.0, status=sent (250 2.0.0 OK 1420233196 ev12si92450098wjc.67 - gsmtp)
When I´m forwarding the mails for example to an web.de account, everything works fine. The mails arrived.
Anybody an Idea?
Had the same thing happen, thing is: they do arrive - but they do not appear in the Inbox or anywhere. However they still can be found in "All Mail"!
I found the Solution. The Mails arrived, but they dosn't appear in the inbox.
When you forwarded mails to the same address from where you sended it, the mail will not been shown by googlemail cause its the same mail like the mail in the outbox.
I configured catchall for postfix as follows:-
"#vim /etc/postfix/virtual
#example.com test"
So if we send mail to xyzjsdv#example.com will get delivered to test#example.com.
But the problem was it always shows the same user name in the mail header "test#example.com". I created a script for checking the mail header, so that I need the particular user#example should be display at the mail header since I need to differentiate all the users.
Please help me how to configure the postfix, so that I will get this outcome. Sudden answers would be appreciated
Not an answer - but some questions as I have no rep I can't put comments on.
What version of postfix are you running?
I'm doing a similar thing on 2.8, and it is working as expected, ie: the message itself (not the "envelope") has the correct headers - ie: the message is unmodified.
What test message are you sending? I would suggest testing with something simple, using telnet run the following, eg:
telnet <server> 25
Connected to <server>.
Escape character is '^]'.
220 mail.example.com ESMTP
helo test.com
250 nbb-dev.safenetbox.biz
mail from:<somewhere#example.com>
250 2.1.0 Ok
rcpt to: <def#example.com>
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
Sender: abc#example.com
Subject: testing
body
.
quit
For me this gives the "letter" message with the sender as "abc#example.com".
Also ensure there are no *header_rewrite* settings, except defaults (I have never used these, but could be related).
How are you getting the message, from a mailbox, or is it getting sent to a program directly? If going to a mailbox, is it getting forwarded?
I'm creating a function uses Google's API to import contacts from a person's gmail account. However I'm aware that many businesses sign up to Google in order to have a more professional domain name( eg. some_name#bislr.com) but still belongs to Gmail.
Is there a way to check for that?
Option 1
if you do a DNS lookup for the MX records on bislr.com, you get the following:
$ host -t mx bislr.com
bislr.com mail is handled by 10 aspmx.l.google.com.
bislr.com mail is handled by 20 alt1.aspmx.l.google.com.
bislr.com mail is handled by 20 alt2.aspmx.l.google.com.
bislr.com mail is handled by 30 aspmx2.googlemail.com.
bislr.com mail is handled by 30 aspmx3.googlemail.com.
bislr.com mail is handled by 30 aspmx4.googlemail.com.
bislr.com mail is handled by 30 aspmx5.googlemail.com.
Anyone hosting their email Google Apps will have MX records very similar to these. You can do a MX lookup with any common DNS mechanism and test the MX records for Google's most-recommended mail servers - aspmx.l.google.com, alt1.aspmx.l.google.com, and alt2.aspmx.l.google.com, or look for any/all of the servers in this list.
This won't show you anyone who uses an external forwarding/filtering service but it will work for all of the common cases.
Option 2
You can connect to a mail server to verify if it will accept mail to a specific address. Using this, we can connect to asmpx.l.google.com and ask it whether an address is a valid Google Mail account.
If you connect to aspmx.l.google.com:25 and send this string (replace the email addresses as appropriate):
HELO
MAIL FROM:<ping#mydomain.com>
RCPT TO:<user#theirdomain.com>
Google's mail server will respond with a smtp status code, probably a line starting with something like 250 2.1.5 OK if it's a valid address. This is a cleaner and far more reliable way than simply checking DNS records, and should work as long as you don't get the checking IP blacklisted by using it to send actual spam to gmail.
Here is a full walkthrough of the process.
You can't be certain.
The MX record check described by #lunixbochs covers most cases, but many corporates will use Postini, which has different domain names. They might also be using any number of other mail pre-processing engines which will hide the aspmx records.
One other way to check is to see if they have an active domain name:
curl http://www.google.com/a/DOMAINNAME | grep "domain that isn't using Google Apps"
Use your language / library of choice instead of curl to fetch the url...