Outgoing mails bounces

Hi,

On one server, I have a lot of mails bouncing when sent to specific providers (like Yahoo for instance). All the domains concerned have just a website hosted on this server. The DNS and mail server are handled elsewhere, so they don't have "DNS domain" or "Mail for domain" enabled.

The emails sent directly from the external mail server are fine. Only some mails sent from the website (via PHP mail function) are bouncing.

When I look in the mail log, I see 4 different type of errors for those bounced mails (the message seems to depend to which provider they are sent) :

Domain of sender address dgcogito@localdomain does not exist (in reply to RCPT TO command))

501 #5.1.3 Partial domain not allowed: 'localdomain' (in reply to MAIL FROM command))

501 Syntax error in parameters or arguments (in reply to MAIL FROM command))

552 sorry, your envelope sender domain must exist (#5.7.1)

I guess something must not be configured right on my server, but I have no idea where to look. Hope you can help.

Status: 
Active

Comments

Howdy -- you'll want to make sure that your application is setting the "From" address of any emails being sent out. If it's not, the lack of a correct From address might be causing the errors and bounces that you're seeing.

Thank you Andrey.

So I started to look in the headers of the mail and this is what I found. Last week, I had a major break down of my servers (due to a problem at the hosting company), and it is after that that one of my client reported the mail problem.

Since for these particular mails I get a copy (and unlike him keep receiving them), I checked the last mail he received (before the break down) and the first one after the server was restored :

MAIL BEFORE SERVER DOWN :

Return-Path: dgcogito@developpement-joomla.be Delivered-To: webdesign@betterliving.be Received: from avas3.clm.net4all.ch (unknown [10.4.0.3]) by mail1.clm.net4all.ch (Postfix) with ESMTP id 0928340D1353 for webdesign@betterliving.be; Tue, 4 Oct 2011 20:15:00 +0200 (CEST) X-Greylist: Passed host: 95.142.168.189 Received: from serv03deb5.developpement-joomla.be (xvm-168-189.ghst.net [95.142.168.189]) by avas3.clm.net4all.ch (Postfix) with ESMTP id DDAD4ECC04C for webdesign@betterliving.be; Tue, 4 Oct 2011 20:11:03 +0200 (CEST) Received: by serv03deb5.developpement-joomla.be (Postfix, from userid 1001) id BDA1520B57; Tue, 4 Oct 2011 18:12:15 +0000 (UTC) To: webdesign@betterliving.be Subject: =xxxxxx Date: Tue, 4 Oct 2011 18:12:15 +0000 From: Cogito info@cogitobelgium.com

MAIL AFTER SERVER DOWN :

Return-Path: dgcogito@localdomain.clm.net4all.ch Delivered-To: webdesign@betterliving.be Received: from avas2.clm.net4all.ch (unknown [10.4.0.2]) by mail1.clm.net4all.ch (Postfix) with ESMTP id D89D840F0D14 for webdesign@betterliving.be; Thu, 6 Oct 2011 12:08:55 +0200 (CEST) X-Greylist: Passed host: 95.142.168.189 Received: from serv03deb5.localdomain (xvm-168-189.ghst.net [95.142.168.189]) by avas2.clm.net4all.ch (Postfix) with ESMTP id BA4A6203BFC4 for webdesign@betterliving.be; Thu, 6 Oct 2011 12:08:45 +0200 (CEST) Received: by serv03deb5.localdomain (Postfix, from userid 1001) id 9AD2620B55; Thu, 6 Oct 2011 09:59:09 +0000 (UTC) To: webdesign@betterliving.be Subject: xxxxxx Date: Thu, 6 Oct 2011 09:59:09 +0000 From: Cogito info@cogitobelgium.com

Somehow, "dgcogito@developpement-joomla.be" turned into "dgcogito@localdomain.clm.net4all.ch" (net4all.ch is my hosting company for my domain "betterliving.be") and "serv03deb5.developpement-joomla.be" into "serv03deb5.localdomain" ("serv03deb5" is the name of my server as given by the "hostname" command).

I don't know what this can mean, but I am quite sure there is a relation to the problem.

What output do you receive if you run these two commands on your server:

hostname

postconf -n

That might offer some insight into the headers you're seeing there.

In response to "hostname" : serv03deb5

In response to "postconf -n" :

alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases allow_percent_hack = no append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes config_directory = /etc/postfix home_mailbox = Maildir/ mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME mailbox_size_limit = 0 mydestination = $myhostname, localhost.$mydomain, $mydomain, serv03deb5.developpement-joomla.be mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 myorigin = $mydomain readme_directory = no recipient_delimiter = + sender_bcc_maps = hash:/etc/postfix/bcc smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes virtual_alias_maps = hash:/etc/postfix/virtual

Okay, I see two issues that we may want to change.

First, your hostname isn't an FQDN (a name in the format host.domain.tld)... try setting your hostname to an FQDN like this:

hostname host.domain.tld

Then, edit your /etc/postfix/main.cf file, and comment out the line that looks like this:

myorigin = $mydomain

Lastly, restart Postfix with this command:

/etc/init.d/postfix restart

Once you do that, do your headers look more like you'd expect?

Well, I think you saved the day.

Now I have this :

Received: from serv03deb5.developpement-joomla.be (xvm-168-189.ghst.net [95.142.168.189]) by avas4.clm.net4all.ch (Postfix) with ESMTP id 5B1DD200C3E8 for jfquestiaux@betterliving.be; Thu, 13 Oct 2011 21:50:39 +0200 (CEST)

and I tested to send an email to address where I did not received mail and I got it!

Thank you for your quick and efficient intervention.

To be on the safe side, I'll be monitoring the mail logs in the next days to see if everything is fine.

Best regards, jean-Fran├žois

What we did just changed your hostname until the next time you reboot -- now that it's working properly, you'll also want to edit /etc/hostname, and set your full FQDN there as well.

OK. I had the impression I changed that hostname before and however it got reset anyway.

While I am with you, I take the opportunity to ask you this :

Since a few weeks, I get the message, in the "system information" window : "4 updates to system packages are available. Use the Virtualmin Package Updates module to install them selectively.", but when I click, there is nothing to update.

I remembered it stated with 2 packages, after one update, and now it is 4 after the last update. I have the same thing on my 2 servers running Debian 5. The third one, running Debian 6 is fine.

Maybe there is an update that went wrong and if not, how can "reset" the message ?

Well, try running "apt-get update && apt-get upgrade" on those servers, and once the update completes, give it a couple of hours... at that point, try restarting webmin with "/etc/init.d/webmin restart".

If that doesn't help, open up a new support ticket -- we get confused pretty easily, and having too many topics in one support request is one of the many ways we get confused :-) Thanks!

OK, I'll try that.

For the "hostname" getting reseet, I thing I have an explanation because I checked /etc/hostname and the setting is correct for each server.

In my hostname file, the name is "host.domain.tld" but at my hosting company, that server is just "host" (that is how I called it when I created it), so I guess everytime the server is restarted from there (like after the crash last week), the hostname got reset to just "host"!

I will look whether I can change the name there.

Well, what do you know!

"apt-get update && apt-get upgrade" found... 4 packages to update, and after that the message was gone.

Thanks again.

Just FYI

Since your server sent "spammy looking" emails, you should also check whether your mail server got blacklisted somewere. You could check for example with mxtoolbox.