[Declude.JunkMail] noticed problem after upgrade to beta
Hi All; We have been experiencing the same declude shutdown errors when running declude for smartermail that some of you have been seeing. On Friday I upgraded to the beta version as had been suggested. We had some customers who were not seeing some incoming messages. Declude was tripping on a couple vulnerabilities (see below). I turned off those tests, and have since went back to the production version. Did anyone else see this? There were no attachments in the message. 10/08/2007 07:06:40.687 20122895 Vulnerability flags = 4 10/08/2007 07:06:40.687 20122895 Outlook 'MIME segment in MIME Postamble' vulnerability in line 21 10/08/2007 07:06:40.687 20122895 Outlook 'MIME segment in MIME Postamble' vulnerability in line 24 10/08/2007 07:06:40.687 20122895 Outlook 'MIME segment in MIME Postamble' vulnerability in line 25 10/08/2007 07:06:40.687 20122895 Outlook 'MIME segment in MIME Postamble' vulnerability in line 29 10/08/2007 07:06:40.687 20122895 Outlook 'MIME segment in MIME Postamble' vulnerability in line 30 10/08/2007 07:06:40.687 20122895 Outlook 'MIME segment in MIME Postamble' vulnerability in line 36 10/08/2007 07:06:40.687 20122895 Outlook 'MIME segment in MIME Postamble' vulnerability in line 37 10/08/2007 07:06:40.687 20122895 Outlook 'MIME segment in MIME Postamble' vulnerability in line 39 10/08/2007 07:06:40.687 20122895 Deleting file with vulnerability 10/08/2007 07:06:40.687 20122895 Deleting E-mail with vulnerability! -- Herb Guenther Lanex, LLC www.lanex.com (262)789-0966x102 Office (262)780-0424 Direct This e-mail is confidential and is for the use of the intended recipient(s)only. If you are not an intended recipient please advise us of our error by return e-mail then delete this e-mail and any attached files. You may not copy, disclose or use the contents in any way. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] noticed problem after upgrade to beta
Herb, There were a lot of posts on this late last week on the forum. Declude is working on the fix. -- Check out http://www.invariantsystems.com for utilities for Declude, Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Herb Guenther wrote: Hi All; We have been experiencing the same declude shutdown errors when running declude for smartermail that some of you have been seeing. On Friday I upgraded to the beta version as had been suggested. We had some customers who were not seeing some incoming messages. Declude was tripping on a couple vulnerabilities (see below). I turned off those tests, and have since went back to the production version. Did anyone else see this? There were no attachments in the message. 10/08/2007 07:06:40.687 20122895 Vulnerability flags = 4 10/08/2007 07:06:40.687 20122895 Outlook 'MIME segment in MIME Postamble' vulnerability in line 21 10/08/2007 07:06:40.687 20122895 Outlook 'MIME segment in MIME Postamble' vulnerability in line 24 10/08/2007 07:06:40.687 20122895 Outlook 'MIME segment in MIME Postamble' vulnerability in line 25 10/08/2007 07:06:40.687 20122895 Outlook 'MIME segment in MIME Postamble' vulnerability in line 29 10/08/2007 07:06:40.687 20122895 Outlook 'MIME segment in MIME Postamble' vulnerability in line 30 10/08/2007 07:06:40.687 20122895 Outlook 'MIME segment in MIME Postamble' vulnerability in line 36 10/08/2007 07:06:40.687 20122895 Outlook 'MIME segment in MIME Postamble' vulnerability in line 37 10/08/2007 07:06:40.687 20122895 Outlook 'MIME segment in MIME Postamble' vulnerability in line 39 10/08/2007 07:06:40.687 20122895 Deleting file with vulnerability 10/08/2007 07:06:40.687 20122895 Deleting E-mail with vulnerability! -- --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
[Declude.JunkMail] SMTP_DELIV_FAILED
I'm not sure if this is the right place to post this issue, but here goes: We recently upgraded our server (to Server2003 - running Imail. 8.21, Declude 4.3) and we're getting a lot of delivery failures to specific domains. It looks like the error we used to get before we had a PTR record setup correctly - certain domains refusing to connect with us. But I believe our PTR record is setup correctly. We upgraded our server, and so it has a different local IP address, but the same external IP, so our PTR record shouldn't have to change. The domain is rogersbenefit.com The errors in the imail log look like this: 10:08 13:20 SMTP-(57f5021f4794) Trying LifeWiseHealth.com (0) 10:08 13:20 SMTP-(5b9502064c35) Trying healthnet.com (0) 10:08 13:20 SMTP-(66fa0818097c) Trying healthnet.com (0) 10:08 13:20 SMTP-(593902374927) Trying healthnet.com (0) 10:08 13:20 SMTP-(69ac02185d9b) Trying taylorjohnsongroup.com (0) 10:08 13:20 SMTP-(64bd009a57db) Trying heiworld.com (0) and end like this: 10:08 13:20 SMTP-(6863023f5c41) 421 Service not available, closing transmission channel 10:08 13:20 SMTP-(6863023f5c41) SMTP_DELIV_FAILED 10:08 13:20 SMTP-(6863023f5c41) QUIT I can ping our DNS servers fine. Any ideas? Thanks - Kevin --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] SMTP_DELIV_FAILED
Your A / PTR records look fine. mail.rogersbenefit.com. 7200IN A 207.47.22.58 58.22.47.207.in-addr.arpa. 86288 IN PTR mail.rogersbenefit.com Your listed in one RBL - backscatter so it would seem that it should not be related to spam. Can you post a more detailed smtp log for the 6863023f5c41 transaction. This would help more. You can out any addresses etc to prevent harvesting.. Darrell -- Check out http://www.invariantsystems.com for utilities for Declude, Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Kevin Rogers wrote: I'm not sure if this is the right place to post this issue, but here goes: We recently upgraded our server (to Server2003 - running Imail. 8.21, Declude 4.3) and we're getting a lot of delivery failures to specific domains. It looks like the error we used to get before we had a PTR record setup correctly - certain domains refusing to connect with us. But I believe our PTR record is setup correctly. We upgraded our server, and so it has a different local IP address, but the same external IP, so our PTR record shouldn't have to change. The domain is rogersbenefit.com The errors in the imail log look like this: 10:08 13:20 SMTP-(57f5021f4794) Trying LifeWiseHealth.com (0) 10:08 13:20 SMTP-(5b9502064c35) Trying healthnet.com (0) 10:08 13:20 SMTP-(66fa0818097c) Trying healthnet.com (0) 10:08 13:20 SMTP-(593902374927) Trying healthnet.com (0) 10:08 13:20 SMTP-(69ac02185d9b) Trying taylorjohnsongroup.com (0) 10:08 13:20 SMTP-(64bd009a57db) Trying heiworld.com (0) and end like this: 10:08 13:20 SMTP-(6863023f5c41) 421 Service not available, closing transmission channel 10:08 13:20 SMTP-(6863023f5c41) SMTP_DELIV_FAILED 10:08 13:20 SMTP-(6863023f5c41) QUIT I can ping our DNS servers fine. Any ideas? Thanks - Kevin --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. -- --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] SMTP_DELIV_FAILED
10:08 10:26 SMTPD(6863023f5c41) [192.168.0.4] connect 216.84.38.124 port 3894 10:08 10:26 SMTPD(6863023f5c41) [216.84.38.124] EHLO Becky 10:08 10:26 SMTPD(6863023f5c41) Authenticated [EMAIL PROTECTED], session treated as local. 10:08 10:26 SMTPD(6863023f5c41) [216.84.38.124] MAIL FROM: [EMAIL PROTECTED] 10:08 10:26 SMTPD(6863023f5c41) [216.84.38.124] RCPT TO: [EMAIL PROTECTED] 10:08 10:26 SMTPD(6863023f5c41) [216.84.38.124] d:\imail\spool\D6863023f5c41.SMD 3855 10:08 10:27 SMTP-(6863023f5c41) processing d:\imail\spool\q6863023f5c41.smd 10:08 10:27 SMTP-(6863023f5c41) Trying healthnet.com (0) 10:08 10:27 SMTP-(6863023f5c41) Connect healthnet.com [204.107.47.189:25] (1) 10:08 10:27 SMTP-(6863023f5c41) 421 Service not available, closing transmission channel 10:08 10:27 SMTP-(6863023f5c41) SMTP_DELIV_FAILED 10:08 10:27 SMTP-(6863023f5c41) QUIT 10:08 10:27 SMTP-(6863023f5c41) 10:08 10:27 SMTP-(6863023f5c41) requeuing d:\imail\spool\q6863023f5c41.smd R0 T1 10:08 10:27 SMTP-(6863023f5c41) finished d:\imail\spool\q6863023f5c41.smd status=3 10:08 10:46 SMTP-(6863023f5c41) processing d:\imail\spool\q6863023f5c41.smd 10:08 10:46 SMTP-(6863023f5c41) Trying healthnet.com (0) 10:08 10:46 SMTP-(6863023f5c41) Connect healthnet.com [204.107.47.187:25] (1) 10:08 10:46 SMTP-(6863023f5c41) 421 Service not available, closing transmission channel 10:08 10:46 SMTP-(6863023f5c41) SMTP_DELIV_FAILED 10:08 10:46 SMTP-(6863023f5c41) QUIT 10:08 10:46 SMTP-(6863023f5c41) 10:08 10:46 SMTP-(6863023f5c41) requeuing d:\imail\spool\q6863023f5c41.smd R0 T2 10:08 10:46 SMTP-(6863023f5c41) finished d:\imail\spool\q6863023f5c41.smd status=3 10:08 11:17 SMTP-(6863023f5c41) processing d:\imail\spool\q6863023f5c41.smd 10:08 11:17 SMTP-(6863023f5c41) Trying healthnet.com (0) 10:08 11:17 SMTP-(6863023f5c41) Connect healthnet.com [204.107.47.187:25] (1) 10:08 11:17 SMTP-(6863023f5c41) 421 Service not available, closing transmission channel 10:08 11:17 SMTP-(6863023f5c41) SMTP_DELIV_FAILED 10:08 11:17 SMTP-(6863023f5c41) QUIT 10:08 11:17 SMTP-(6863023f5c41) 10:08 11:17 SMTP-(6863023f5c41) requeuing d:\imail\spool\q6863023f5c41.smd R0 T3 10:08 11:17 SMTP-(6863023f5c41) finished d:\imail\spool\q6863023f5c41.smd status=3 etc. Thanks Kevin Darrell ([EMAIL PROTECTED]) wrote: Your A / PTR records look fine. mail.rogersbenefit.com. 7200IN A 207.47.22.58 58.22.47.207.in-addr.arpa. 86288 IN PTR mail.rogersbenefit.com Your listed in one RBL - backscatter so it would seem that it should not be related to spam. Can you post a more detailed smtp log for the 6863023f5c41 transaction. This would help more. You can out any addresses etc to prevent harvesting.. Darrell -- Check out http://www.invariantsystems.com for utilities for Declude, Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Kevin Rogers wrote: I'm not sure if this is the right place to post this issue, but here goes: We recently upgraded our server (to Server2003 - running Imail. 8.21, Declude 4.3) and we're getting a lot of delivery failures to specific domains. It looks like the error we used to get before we had a PTR record setup correctly - certain domains refusing to connect with us. But I believe our PTR record is setup correctly. We upgraded our server, and so it has a different local IP address, but the same external IP, so our PTR record shouldn't have to change. The domain is rogersbenefit.com The errors in the imail log look like this: 10:08 13:20 SMTP-(57f5021f4794) Trying LifeWiseHealth.com (0) 10:08 13:20 SMTP-(5b9502064c35) Trying healthnet.com (0) 10:08 13:20 SMTP-(66fa0818097c) Trying healthnet.com (0) 10:08 13:20 SMTP-(593902374927) Trying healthnet.com (0) 10:08 13:20 SMTP-(69ac02185d9b) Trying taylorjohnsongroup.com (0) 10:08 13:20 SMTP-(64bd009a57db) Trying heiworld.com (0) and end like this: 10:08 13:20 SMTP-(6863023f5c41) 421 Service not available, closing transmission channel 10:08 13:20 SMTP-(6863023f5c41) SMTP_DELIV_FAILED 10:08 13:20 SMTP-(6863023f5c41) QUIT I can ping our DNS servers fine. Any ideas? Thanks - Kevin --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] SMTP_DELIV_FAILED
FYI - I just noticed that on the SMTP Advanced tab of Imail, the option to Enable SMTP to Listen On All IP's was NOT selected. I'm not sure if this could've been the problem, but I've now selected that option and will watch the logs. Kevin Darrell ([EMAIL PROTECTED]) wrote: Your A / PTR records look fine. mail.rogersbenefit.com. 7200IN A 207.47.22.58 58.22.47.207.in-addr.arpa. 86288 IN PTR mail.rogersbenefit.com Your listed in one RBL - backscatter so it would seem that it should not be related to spam. Can you post a more detailed smtp log for the 6863023f5c41 transaction. This would help more. You can out any addresses etc to prevent harvesting.. Darrell -- Check out http://www.invariantsystems.com for utilities for Declude, Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Kevin Rogers wrote: I'm not sure if this is the right place to post this issue, but here goes: We recently upgraded our server (to Server2003 - running Imail. 8.21, Declude 4.3) and we're getting a lot of delivery failures to specific domains. It looks like the error we used to get before we had a PTR record setup correctly - certain domains refusing to connect with us. But I believe our PTR record is setup correctly. We upgraded our server, and so it has a different local IP address, but the same external IP, so our PTR record shouldn't have to change. The domain is rogersbenefit.com The errors in the imail log look like this: 10:08 13:20 SMTP-(57f5021f4794) Trying LifeWiseHealth.com (0) 10:08 13:20 SMTP-(5b9502064c35) Trying healthnet.com (0) 10:08 13:20 SMTP-(66fa0818097c) Trying healthnet.com (0) 10:08 13:20 SMTP-(593902374927) Trying healthnet.com (0) 10:08 13:20 SMTP-(69ac02185d9b) Trying taylorjohnsongroup.com (0) 10:08 13:20 SMTP-(64bd009a57db) Trying heiworld.com (0) and end like this: 10:08 13:20 SMTP-(6863023f5c41) 421 Service not available, closing transmission channel 10:08 13:20 SMTP-(6863023f5c41) SMTP_DELIV_FAILED 10:08 13:20 SMTP-(6863023f5c41) QUIT I can ping our DNS servers fine. Any ideas? Thanks - Kevin --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] SMTP_DELIV_FAILED
I've turned on verbose logging and it appears that the listen on all IPs option did not work. But here is a better log snippet: 10:08 15:32 SMTPD(b01501a702f1) [192.168.0.4] connect 64.121.33.15 port 5672 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] EHLO [192.168.1.110] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) Authenticated [EMAIL PROTECTED], session treated as local. 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] MAIL FROM:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] RCPT TO:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] DATA 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] d:\imail\spool\Db01501a702f1.SMD 558 10:08 15:32 SMTP-() Info - Adding Queue file d:\imail\spool\qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) processing d:\imail\spool\qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) [x] looking up healthnet.com in HOSTS and MX 10:08 15:32 SMTP-(b01501a702f1) Info - Adding healthnet.com to DNS cache - TTL = 1724 10:08 15:32 SMTP-(b01501a702f1) [Att-Blk] Got Attachment Blocking Host Info for Rogersbenefit.com 10:08 15:32 SMTP-(b01501a702f1) Trying healthnet.com (0) 10:08 15:32 SMTP-(b01501a702f1) [x] Connecting socket to service SMTP on host healthnet.com using protocol tcp 10:08 15:32 SMTP-(b01501a702f1) [x] using source IP for Rogersbenefit.com [192.168.0.4] 10:08 15:32 SMTP-(b01501a702f1) Info - Found healthnet.com in DNS Cache 10:08 15:32 SMTP-(b01501a702f1) Connect healthnet.com [204.107.47.187:25] (1) 10:08 15:32 SMTP-(b01501a702f1) 421 Service not available, closing transmission channel 10:08 15:32 SMTP-(b01501a702f1) SMTP_DELIV_FAILED 10:08 15:32 SMTP-(b01501a702f1) QUIT 10:08 15:32 SMTP-(b01501a702f1) 10:08 15:32 SMTP-(b01501a702f1) [u] closing socket (u) 10:08 15:32 SMTP-(b01501a702f1) requeuing d:\imail\spool\qb01501a702f1.smd R0 T1 10:08 15:32 SMTP-(b01501a702f1) finished d:\imail\spool\qb01501a702f1.smd status=3 Does this help? Kevin Rogers wrote: FYI - I just noticed that on the SMTP Advanced tab of Imail, the option to Enable SMTP to Listen On All IP's was NOT selected. I'm not sure if this could've been the problem, but I've now selected that option and will watch the logs. Kevin Darrell ([EMAIL PROTECTED]) wrote: Your A / PTR records look fine. mail.rogersbenefit.com. 7200IN A 207.47.22.58 58.22.47.207.in-addr.arpa. 86288 IN PTR mail.rogersbenefit.com Your listed in one RBL - backscatter so it would seem that it should not be related to spam. Can you post a more detailed smtp log for the 6863023f5c41 transaction. This would help more. You can out any addresses etc to prevent harvesting.. Darrell -- Check out http://www.invariantsystems.com for utilities for Declude, Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Kevin Rogers wrote: I'm not sure if this is the right place to post this issue, but here goes: We recently upgraded our server (to Server2003 - running Imail. 8.21, Declude 4.3) and we're getting a lot of delivery failures to specific domains. It looks like the error we used to get before we had a PTR record setup correctly - certain domains refusing to connect with us. But I believe our PTR record is setup correctly. We upgraded our server, and so it has a different local IP address, but the same external IP, so our PTR record shouldn't have to change. The domain is rogersbenefit.com The errors in the imail log look like this: 10:08 13:20 SMTP-(57f5021f4794) Trying LifeWiseHealth.com (0) 10:08 13:20 SMTP-(5b9502064c35) Trying healthnet.com (0) 10:08 13:20 SMTP-(66fa0818097c) Trying healthnet.com (0) 10:08 13:20 SMTP-(593902374927) Trying healthnet.com (0) 10:08 13:20 SMTP-(69ac02185d9b) Trying taylorjohnsongroup.com (0) 10:08 13:20 SMTP-(64bd009a57db) Trying heiworld.com (0) and end like this: 10:08 13:20 SMTP-(6863023f5c41) 421 Service not available, closing transmission channel 10:08 13:20 SMTP-(6863023f5c41) SMTP_DELIV_FAILED 10:08 13:20 SMTP-(6863023f5c41) QUIT I can ping our DNS servers fine. Any ideas? Thanks - Kevin --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- This E-mail came from the
Re: [Declude.JunkMail] SMTP_DELIV_FAILED
As a test, try ping something on the Internet when you see this delivery message. Like Yahoo.com. On Oct 8, 2007, at 6:52 PM, Kevin Rogers wrote: I've turned on verbose logging and it appears that the listen on all IPs option did not work. But here is a better log snippet: 10:08 15:32 SMTPD(b01501a702f1) [192.168.0.4] connect 64.121.33.15 port 5672 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] EHLO [192.168.1.110] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) Authenticated [EMAIL PROTECTED], session treated as local. 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] MAIL FROM:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] RCPT TO:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] DATA 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] d:\imail\spool \Db01501a702f1.SMD 558 10:08 15:32 SMTP-() Info - Adding Queue file d: \imail\spool\qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) processing d:\imail\spool \qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) [x] looking up healthnet.com in HOSTS and MX 10:08 15:32 SMTP-(b01501a702f1) Info - Adding healthnet.com to DNS cache - TTL = 1724 10:08 15:32 SMTP-(b01501a702f1) [Att-Blk] Got Attachment Blocking Host Info for Rogersbenefit.com 10:08 15:32 SMTP-(b01501a702f1) Trying healthnet.com (0) 10:08 15:32 SMTP-(b01501a702f1) [x] Connecting socket to service SMTP on host healthnet.com using protocol tcp 10:08 15:32 SMTP-(b01501a702f1) [x] using source IP for Rogersbenefit.com [192.168.0.4] 10:08 15:32 SMTP-(b01501a702f1) Info - Found healthnet.com in DNS Cache 10:08 15:32 SMTP-(b01501a702f1) Connect healthnet.com [204.107.47.187:25] (1) 10:08 15:32 SMTP-(b01501a702f1) 421 Service not available, closing transmission channel 10:08 15:32 SMTP-(b01501a702f1) SMTP_DELIV_FAILED 10:08 15:32 SMTP-(b01501a702f1) QUIT 10:08 15:32 SMTP-(b01501a702f1) 10:08 15:32 SMTP-(b01501a702f1) [u] closing socket (u) 10:08 15:32 SMTP-(b01501a702f1) requeuing d:\imail\spool \qb01501a702f1.smd R0 T1 10:08 15:32 SMTP-(b01501a702f1) finished d:\imail\spool \qb01501a702f1.smd status=3 Does this help? Kevin Rogers wrote: FYI - I just noticed that on the SMTP Advanced tab of Imail, the option to Enable SMTP to Listen On All IP's was NOT selected. I'm not sure if this could've been the problem, but I've now selected that option and will watch the logs. Kevin Darrell ([EMAIL PROTECTED]) wrote: Your A / PTR records look fine. mail.rogersbenefit.com. 7200IN A 207.47.22.58 58.22.47.207.in-addr.arpa. 86288 IN PTR mail.rogersbenefit.com Your listed in one RBL - backscatter so it would seem that it should not be related to spam. Can you post a more detailed smtp log for the 6863023f5c41 transaction. This would help more. You can out any addresses etc to prevent harvesting.. Darrell -- Check out http://www.invariantsystems.com for utilities for Declude, Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Kevin Rogers wrote: I'm not sure if this is the right place to post this issue, but here goes: We recently upgraded our server (to Server2003 - running Imail. 8.21, Declude 4.3) and we're getting a lot of delivery failures to specific domains. It looks like the error we used to get before we had a PTR record setup correctly - certain domains refusing to connect with us. But I believe our PTR record is setup correctly. We upgraded our server, and so it has a different local IP address, but the same external IP, so our PTR record shouldn't have to change. The domain is rogersbenefit.com The errors in the imail log look like this: 10:08 13:20 SMTP-(57f5021f4794) Trying LifeWiseHealth.com (0) 10:08 13:20 SMTP-(5b9502064c35) Trying healthnet.com (0) 10:08 13:20 SMTP-(66fa0818097c) Trying healthnet.com (0) 10:08 13:20 SMTP-(593902374927) Trying healthnet.com (0) 10:08 13:20 SMTP-(69ac02185d9b) Trying taylorjohnsongroup.com (0) 10:08 13:20 SMTP-(64bd009a57db) Trying heiworld.com (0) and end like this: 10:08 13:20 SMTP-(6863023f5c41) 421 Service not available, closing transmission channel 10:08 13:20 SMTP-(6863023f5c41) SMTP_DELIV_FAILED 10:08 13:20 SMTP-(6863023f5c41) QUIT I can ping our DNS servers fine. Any ideas? Thanks - Kevin --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list.
[Declude.JunkMail] OT: Setting Up DNS Service on Server 2003
Does anyone have any simple instructions on how to setup the DNS service for Windows 2003 Server? We only host 2 domains and our DNS records are hosted by Network Solutions. Our old server (windows 2000 server) had the DNS service setup already when I took over the admin, so I never had to set it up from scratch. So we're only using the DNS service to allow Imail to run more efficiently - we're not actually using the DNS service to act as the authority for these domains. As you can probably tell, the simpler the instructions, the better ;) Thanks - Kevin --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] SMTP_DELIV_FAILED
I can ping yahoo.com. These errors are happening all the time. They are occuring only with specific recipient domains - not all domains. Incoming traffic appears normal even from these domains. Richard Lyon wrote: As a test, try ping something on the Internet when you see this delivery message. Like Yahoo.com. On Oct 8, 2007, at 6:52 PM, Kevin Rogers wrote: I've turned on verbose logging and it appears that the listen on all IPs option did not work. But here is a better log snippet: 10:08 15:32 SMTPD(b01501a702f1) [192.168.0.4] connect 64.121.33.15 port 5672 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] EHLO [192.168.1.110] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) Authenticated [EMAIL PROTECTED], session treated as local. 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] MAIL FROM:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] RCPT TO:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] DATA 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] d:\imail\spool\Db01501a702f1.SMD 558 10:08 15:32 SMTP-() Info - Adding Queue file d:\imail\spool\qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) processing d:\imail\spool\qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) [x] looking up healthnet.com in HOSTS and MX 10:08 15:32 SMTP-(b01501a702f1) Info - Adding healthnet.com to DNS cache - TTL = 1724 10:08 15:32 SMTP-(b01501a702f1) [Att-Blk] Got Attachment Blocking Host Info for Rogersbenefit.com 10:08 15:32 SMTP-(b01501a702f1) Trying healthnet.com (0) 10:08 15:32 SMTP-(b01501a702f1) [x] Connecting socket to service SMTP on host healthnet.com using protocol tcp 10:08 15:32 SMTP-(b01501a702f1) [x] using source IP for Rogersbenefit.com [192.168.0.4] 10:08 15:32 SMTP-(b01501a702f1) Info - Found healthnet.com in DNS Cache 10:08 15:32 SMTP-(b01501a702f1) Connect healthnet.com [204.107.47.187:25] (1) 10:08 15:32 SMTP-(b01501a702f1) 421 Service not available, closing transmission channel 10:08 15:32 SMTP-(b01501a702f1) SMTP_DELIV_FAILED 10:08 15:32 SMTP-(b01501a702f1) QUIT 10:08 15:32 SMTP-(b01501a702f1) 10:08 15:32 SMTP-(b01501a702f1) [u] closing socket (u) 10:08 15:32 SMTP-(b01501a702f1) requeuing d:\imail\spool\qb01501a702f1.smd R0 T1 10:08 15:32 SMTP-(b01501a702f1) finished d:\imail\spool\qb01501a702f1.smd status=3 Does this help? Kevin Rogers wrote: FYI - I just noticed that on the SMTP Advanced tab of Imail, the option to Enable SMTP to Listen On All IP's was NOT selected. I'm not sure if this could've been the problem, but I've now selected that option and will watch the logs. Kevin Darrell ([EMAIL PROTECTED]) wrote: Your A / PTR records look fine. mail.rogersbenefit.com. 7200IN A 207.47.22.58 58.22.47.207.in-addr.arpa. 86288 IN PTR mail.rogersbenefit.com Your listed in one RBL - backscatter so it would seem that it should not be related to spam. Can you post a more detailed smtp log for the 6863023f5c41 transaction. This would help more. You can out any addresses etc to prevent harvesting.. Darrell -- Check out http://www.invariantsystems.com for utilities for Declude, Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Kevin Rogers wrote: I'm not sure if this is the right place to post this issue, but here goes: We recently upgraded our server (to Server2003 - running Imail. 8.21, Declude 4.3) and we're getting a lot of delivery failures to specific domains. It looks like the error we used to get before we had a PTR record setup correctly - certain domains refusing to connect with us. But I believe our PTR record is setup correctly. We upgraded our server, and so it has a different local IP address, but the same external IP, so our PTR record shouldn't have to change. The domain is rogersbenefit.com The errors in the imail log look like this: 10:08 13:20 SMTP-(57f5021f4794) Trying LifeWiseHealth.com (0) 10:08 13:20 SMTP-(5b9502064c35) Trying healthnet.com (0) 10:08 13:20 SMTP-(66fa0818097c) Trying healthnet.com (0) 10:08 13:20 SMTP-(593902374927) Trying healthnet.com (0) 10:08 13:20 SMTP-(69ac02185d9b) Trying taylorjohnsongroup.com (0) 10:08 13:20 SMTP-(64bd009a57db) Trying heiworld.com (0) and end like this: 10:08 13:20 SMTP-(6863023f5c41) 421 Service not available, closing transmission channel 10:08 13:20 SMTP-(6863023f5c41) SMTP_DELIV_FAILED 10:08 13:20 SMTP-(6863023f5c41) QUIT I can ping our DNS servers fine. Any ideas? Thanks - Kevin --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL
Re: [Declude.JunkMail] OT: Setting Up DNS Service on Server 2003
Kevin, All you need to do is install the service and your already in caching mode. Just limit the outsides ability to query it since you will need to have recursion enabled and MSDNS does not allow you to set what ip blocks can and can not query the dns service. Any problems let me know and I can help you out. -- Check out http://www.invariantsystems.com for utilities for Declude, Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Kevin Rogers wrote: Does anyone have any simple instructions on how to setup the DNS service for Windows 2003 Server? We only host 2 domains and our DNS records are hosted by Network Solutions. Our old server (windows 2000 server) had the DNS service setup already when I took over the admin, so I never had to set it up from scratch. So we're only using the DNS service to allow Imail to run more efficiently - we're not actually using the DNS service to act as the authority for these domains. As you can probably tell, the simpler the instructions, the better ;) Thanks - Kevin --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. -- --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] OT: Setting Up DNS Service on Server 2003
Thanks Darrell. So if my server's local IP is 192.168.0.4 and I have simply installed the DNS service, I can change Imail's SMTP settings to include 192.168.0.4 as one of my DNS servers? In my Network Connection applet in the control panel, I can also put 192.168.0.4 as my primary DNS IP? (I also have 2 external ones from my ISP.) And I can do this without adding any forward or reverse lookup zones? On my old server, someone had setup a Forward Lookup Zone Could this be the problem with not being able to reach certain domains via SMTP (the other problem I posted earlier)? It seems like there was domain name resolution, but our connection was being halted by the recipient server - I'm not sure why DNS would be involved in that - just checking. Thanks. Kevin Darrell ([EMAIL PROTECTED]) wrote: Kevin, All you need to do is install the service and your already in caching mode. Just limit the outsides ability to query it since you will need to have recursion enabled and MSDNS does not allow you to set what ip blocks can and can not query the dns service. Any problems let me know and I can help you out. -- Check out http://www.invariantsystems.com for utilities for Declude, Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Kevin Rogers wrote: Does anyone have any simple instructions on how to setup the DNS service for Windows 2003 Server? We only host 2 domains and our DNS records are hosted by Network Solutions. Our old server (windows 2000 server) had the DNS service setup already when I took over the admin, so I never had to set it up from scratch. So we're only using the DNS service to allow Imail to run more efficiently - we're not actually using the DNS service to act as the authority for these domains. As you can probably tell, the simpler the instructions, the better ;) Thanks - Kevin --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] SMTP_DELIV_FAILED
Are you using DNS caching, turn that off. It is on the QueueManger service properties. John T -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Rogers Sent: Monday, October 08, 2007 4:37 PM To: declude.junkmail@declude.com Subject: Re: [Declude.JunkMail] SMTP_DELIV_FAILED I can ping yahoo.com. These errors are happening all the time. They are occuring only with specific recipient domains - not all domains. Incoming traffic appears normal even from these domains. Richard Lyon wrote: As a test, try ping something on the Internet when you see this delivery message. Like Yahoo.com. On Oct 8, 2007, at 6:52 PM, Kevin Rogers wrote: I've turned on verbose logging and it appears that the listen on all IPs option did not work. But here is a better log snippet: 10:08 15:32 SMTPD(b01501a702f1) [192.168.0.4] connect 64.121.33.15 port 5672 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] EHLO [192.168.1.110] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) Authenticated [EMAIL PROTECTED], session treated as local. 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] MAIL FROM:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] RCPT TO:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] DATA 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] d:\imail\spool\Db01501a702f1.SMD 558 10:08 15:32 SMTP-() Info - Adding Queue file d:\imail\spool\qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) processing d:\imail\spool\qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) [x] looking up healthnet.com in HOSTS and MX 10:08 15:32 SMTP-(b01501a702f1) Info - Adding healthnet.com to DNS cache - TTL = 1724 10:08 15:32 SMTP-(b01501a702f1) [Att-Blk] Got Attachment Blocking Host Info for Rogersbenefit.com 10:08 15:32 SMTP-(b01501a702f1) Trying healthnet.com (0) 10:08 15:32 SMTP-(b01501a702f1) [x] Connecting socket to service SMTP on host healthnet.com using protocol tcp 10:08 15:32 SMTP-(b01501a702f1) [x] using source IP for Rogersbenefit.com [192.168.0.4] 10:08 15:32 SMTP-(b01501a702f1) Info - Found healthnet.com in DNS Cache 10:08 15:32 SMTP-(b01501a702f1) Connect healthnet.com [204.107.47.187:25] (1) 10:08 15:32 SMTP-(b01501a702f1) 421 Service not available, closing transmission channel 10:08 15:32 SMTP-(b01501a702f1) SMTP_DELIV_FAILED 10:08 15:32 SMTP-(b01501a702f1) QUIT 10:08 15:32 SMTP-(b01501a702f1) 10:08 15:32 SMTP-(b01501a702f1) [u] closing socket (u) 10:08 15:32 SMTP-(b01501a702f1) requeuing d:\imail\spool\qb01501a702f1.smd R0 T1 10:08 15:32 SMTP-(b01501a702f1) finished d:\imail\spool\qb01501a702f1.smd status=3 Does this help? Kevin Rogers wrote: FYI - I just noticed that on the SMTP Advanced tab of Imail, the option to Enable SMTP to Listen On All IP's was NOT selected. I'm not sure if this could've been the problem, but I've now selected that option and will watch the logs. Kevin Darrell ([EMAIL PROTECTED]) wrote: Your A / PTR records look fine. mail.rogersbenefit.com. 7200IN A 207.47.22.58 58.22.47.207.in-addr.arpa. 86288 IN PTR mail.rogersbenefit.com Your listed in one RBL - backscatter so it would seem that it should not be related to spam. Can you post a more detailed smtp log for the 6863023f5c41 transaction. This would help more. You can out any addresses etc to prevent harvesting.. Darrell -- Check out http://www.invariantsystems.com for utilities for Declude, Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Kevin Rogers wrote: I'm not sure if this is the right place to post this issue, but here goes: We recently upgraded our server (to Server2003 - running Imail. 8.21, Declude 4.3) and we're getting a lot of delivery failures to specific domains. It looks like the error we used to get before we had a PTR record setup correctly - certain domains refusing to connect with us. But I believe our PTR record is setup correctly. We upgraded our server, and so it has a different local IP address, but the same external IP, so our PTR record shouldn't have to change. The domain is rogersbenefit.com The errors in the imail log look like this: 10:08 13:20 SMTP-(57f5021f4794) Trying LifeWiseHealth.com (0) 10:08 13:20 SMTP-(5b9502064c35) Trying healthnet.com (0) 10:08 13:20 SMTP-(66fa0818097c) Trying healthnet.com (0) 10:08 13:20 SMTP-(593902374927) Trying healthnet.com (0) 10:08 13:20 SMTP-(69ac02185d9b)
RE: [Declude.JunkMail] OT: Setting Up DNS Service on Server 2003
1) My policy and the way I setup my servers and clients is that the local DNS service on the Imail server is ONLY used for Imail and related software. I leave the OS to use what ever DNS server is used normally on the network. 2) On your forwarder question, yes, if the forward look up zone is for a domain that you are having problems with, yes, that is the problem. John T -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Rogers Sent: Monday, October 08, 2007 5:36 PM To: declude.junkmail@declude.com Subject: Re: [Declude.JunkMail] OT: Setting Up DNS Service on Server 2003 Thanks Darrell. So if my server's local IP is 192.168.0.4 and I have simply installed the DNS service, I can change Imail's SMTP settings to include 192.168.0.4 as one of my DNS servers? In my Network Connection applet in the control panel, I can also put 192.168.0.4 as my primary DNS IP? (I also have 2 external ones from my ISP.) And I can do this without adding any forward or reverse lookup zones? On my old server, someone had setup a Forward Lookup Zone Could this be the problem with not being able to reach certain domains via SMTP (the other problem I posted earlier)? It seems like there was domain name resolution, but our connection was being halted by the recipient server - I'm not sure why DNS would be involved in that - just checking. Thanks. Kevin Darrell ([EMAIL PROTECTED]) wrote: Kevin, All you need to do is install the service and your already in caching mode. Just limit the outsides ability to query it since you will need to have recursion enabled and MSDNS does not allow you to set what ip blocks can and can not query the dns service. Any problems let me know and I can help you out. -- Check out http://www.invariantsystems.com for utilities for Declude, Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Kevin Rogers wrote: Does anyone have any simple instructions on how to setup the DNS service for Windows 2003 Server? We only host 2 domains and our DNS records are hosted by Network Solutions. Our old server (windows 2000 server) had the DNS service setup already when I took over the admin, so I never had to set it up from scratch. So we're only using the DNS service to allow Imail to run more efficiently - we're not actually using the DNS service to act as the authority for these domains. As you can probably tell, the simpler the instructions, the better ;) Thanks - Kevin --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] OT: Setting Up DNS Service on Server 2003
So if my server's local IP is 192.168.0.4 and I have simply installed the DNS service, I can change Imail's SMTP settings to include 192.168.0.4 as one of my DNS servers? I would use 127.0.0.1 as it speeds things up a bit opposed to using the IP address. In my Network Connection applet in the control panel, I can also put 192.168.0.4 as my primary DNS IP? (I also have 2 external ones from my ISP.) And I can do this without adding any forward or reverse lookup zones? Yes, you can do that. The caching dns server will find that netsol is authoritative for your dns and end up querying the correct dns servers for your domain. On my old server, someone had setup a Forward Lookup Zone You can do this, but its not necessary. Could this be the problem with not being able to reach certain domains via SMTP (the other problem I posted earlier)? It seems like there was domain name resolution, but our connection was being halted by the recipient server - I'm not sure why DNS would be involved in that - just checking. No this would not be the issue since your logs show you connecting to the server. However, as John suggested I would turn off all the DNS caching that Imail does for the Queuemgr it causes a lot of problems. Darrell -- Check out http://www.invariantsystems.com for utilities for Declude, Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] SMTP_DELIV_FAILED
OK - I turned that off and restarted the SMTP and QManager services. I then tried to send an email to healthnet.com again (one of about 15 domains that I've noticed this problem with) and it still did not go through. (By the way, why is it displaying the AUTH three times like that?) My SMTP settings are: Default Mail Host: localhost Domain Name Server address: 207.47.4.2 207.47.2.178 (these are 2 provided by my connection provider - I am not attempting to use my local DNS yet) Enable TLS is checked (nothing else is on the main screen) Security Tab: No mail relay Allow remote mail to local groups Allow remote view of local groups Auto-deny possible hack attempts are all checked - nothing else Advanced Tab: Delivery App: d:\imail\Declude.exe Enable SMTP TO Listen On All IPs is checked. the rest is pretty standard. QManager settings: DNS Cache is now disabled. I have enabled Failed Domain Skipping (Max entries 500 - skip time 30) Log snippet 10:08 20:18 SMTPD(f30001890106) [192.168.0.4] connect 64.121.33.15 port 6609 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] EHLO [192.168.1.110] 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] AUTH 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] AUTH 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] AUTH 10:08 20:18 SMTPD(f30001890106) Authenticated [EMAIL PROTECTED], session treated as local. 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] MAIL FROM:[EMAIL PROTECTED] 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] RCPT TO:[EMAIL PROTECTED] 10:08 20:18 SMTPD(f30001890106) [x] looking up healthnet.com in HOSTS 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] DATA 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] d:\imail\spool\Df30001890106.SMD 759 10:08 20:18 SMTP-(f30001890106) processing d:\imail\spool\qf30001890106.smd 10:08 20:18 SMTP-(f30001890106) [x] looking up healthnet.com in HOSTS and MX 10:08 20:18 SMTP-(f30001890106) [Att-Blk] Got Attachment Blocking Host Info for Rogersbenefit.com 10:08 20:18 SMTP-(f30001890106) Trying healthnet.com (0) 10:08 20:18 SMTP-(f30001890106) [x] Connecting socket to service SMTP on host healthnet.com using protocol tcp 10:08 20:18 SMTP-(f30001890106) [x] using source IP for Rogersbenefit.com [192.168.0.4] 10:08 20:18 SMTP-(f30001890106) Connect healthnet.com [204.107.47.187:25] (1) 10:08 20:18 SMTP-(f30001890106) 421 Service not available, closing transmission channel 10:08 20:18 SMTP-(f30001890106) SMTP_DELIV_FAILED 10:08 20:18 SMTP-(f30001890106) QUIT 10:08 20:18 SMTP-(f30001890106) 10:08 20:18 SMTP-(f30001890106) [u] closing socket (u) 10:08 20:18 SMTP-(f30001890106) requeuing d:\imail\spool\qf30001890106.smd R0 T1 10:08 20:18 SMTP-(f30001890106) finished d:\imail\spool\qf30001890106.smd status=3 Thanks for your help. John T (lists) wrote: Are you using DNS caching, turn that off. It is on the QueueManger service properties. John T -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Rogers Sent: Monday, October 08, 2007 4:37 PM To: declude.junkmail@declude.com Subject: Re: [Declude.JunkMail] SMTP_DELIV_FAILED I can ping yahoo.com. These errors are happening all the time. They are occuring only with specific recipient domains - not all domains. Incoming traffic appears normal even from these domains. Richard Lyon wrote: As a test, try ping something on the Internet when you see this delivery message. Like Yahoo.com. On Oct 8, 2007, at 6:52 PM, Kevin Rogers wrote: I've turned on verbose logging and it appears that the listen on all IPs option did not work. But here is a better log snippet: 10:08 15:32 SMTPD(b01501a702f1) [192.168.0.4] connect 64.121.33.15 port 5672 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] EHLO [192.168.1.110] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) Authenticated [EMAIL PROTECTED], session treated as local. 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] MAIL FROM:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] RCPT TO:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] DATA 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] d:\imail\spool\Db01501a702f1.SMD 558 10:08 15:32 SMTP-() Info - Adding Queue file d:\imail\spool\qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) processing d:\imail\spool\qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) [x] looking up healthnet.com in HOSTS and MX 10:08 15:32 SMTP-(b01501a702f1) Info - Adding healthnet.com to DNS cache - TTL = 1724 10:08 15:32 SMTP-(b01501a702f1) [Att-Blk] Got Attachment Blocking Host Info for Rogersbenefit.com 10:08 15:32 SMTP-(b01501a702f1) Trying healthnet.com (0)
Re: [Declude.JunkMail] SMTP_DELIV_FAILED
Kevin, I haven't followed this thread much, but it seems fairly obvious what the the problem is related to. When your server is connecting to the recipient's server, it fails to establish a connection with that server. This log line indicates the likely source of the problem: 10:08 20:18 SMTP-(f30001890106) [x] using source IP for Rogersbenefit.com [192.168.0.4] While you might be doing NAT on your network, it doesn't appear that this is the case here, and the failure is probably being caused by your server thinking that it needs to send E-mail for rogersbenefit.com from a private IP, and it is unable to make a connection since that IP isn't routable across the Internet, and you are either not NATing and IMail is misconfigured for this domain, or your NATing is not set up properly. You need to check the configuration for this domain and make sure that it is bound to a public IP or if a virtual domain, that the server's primary domain is bound to a public IP address...or if you are NATing, you need to check this configuration in your router. I suppose that IMail might be screwy, but you should start with those choices. Note that your first log sample shows that you were properly resolving the recipient's MX records, and at least in my test from a second ago, their primary MX server is answering just fine. Matt Kevin Rogers wrote: OK - I turned that off and restarted the SMTP and QManager services. I then tried to send an email to healthnet.com again (one of about 15 domains that I've noticed this problem with) and it still did not go through. (By the way, why is it displaying the AUTH three times like that?) My SMTP settings are: Default Mail Host: localhost Domain Name Server address: 207.47.4.2 207.47.2.178 (these are 2 provided by my connection provider - I am not attempting to use my local DNS yet) Enable TLS is checked (nothing else is on the main screen) Security Tab: No mail relay Allow remote mail to local groups Allow remote view of local groups Auto-deny possible hack attempts are all checked - nothing else Advanced Tab: Delivery App: d:\imail\Declude.exe Enable SMTP TO Listen On All IPs is checked. the rest is pretty standard. QManager settings: DNS Cache is now disabled. I have enabled Failed Domain Skipping (Max entries 500 - skip time 30) Log snippet 10:08 20:18 SMTPD(f30001890106) [192.168.0.4] connect 64.121.33.15 port 6609 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] EHLO [192.168.1.110] 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] AUTH 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] AUTH 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] AUTH 10:08 20:18 SMTPD(f30001890106) Authenticated [EMAIL PROTECTED], session treated as local. 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] MAIL FROM:[EMAIL PROTECTED] 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] RCPT TO:[EMAIL PROTECTED] 10:08 20:18 SMTPD(f30001890106) [x] looking up healthnet.com in HOSTS 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] DATA 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] d:\imail\spool\Df30001890106.SMD 759 10:08 20:18 SMTP-(f30001890106) processing d:\imail\spool\qf30001890106.smd 10:08 20:18 SMTP-(f30001890106) [x] looking up healthnet.com in HOSTS and MX 10:08 20:18 SMTP-(f30001890106) [Att-Blk] Got Attachment Blocking Host Info for Rogersbenefit.com 10:08 20:18 SMTP-(f30001890106) Trying healthnet.com (0) 10:08 20:18 SMTP-(f30001890106) [x] Connecting socket to service SMTP on host healthnet.com using protocol tcp 10:08 20:18 SMTP-(f30001890106) [x] using source IP for Rogersbenefit.com [192.168.0.4] 10:08 20:18 SMTP-(f30001890106) Connect healthnet.com [204.107.47.187:25] (1) 10:08 20:18 SMTP-(f30001890106) 421 Service not available, closing transmission channel 10:08 20:18 SMTP-(f30001890106) SMTP_DELIV_FAILED 10:08 20:18 SMTP-(f30001890106) QUIT 10:08 20:18 SMTP-(f30001890106) 10:08 20:18 SMTP-(f30001890106) [u] closing socket (u) 10:08 20:18 SMTP-(f30001890106) requeuing d:\imail\spool\qf30001890106.smd R0 T1 10:08 20:18 SMTP-(f30001890106) finished d:\imail\spool\qf30001890106.smd status=3 Thanks for your help. John T (lists) wrote: Are you using DNS caching, turn that off. It is on the QueueManger service properties. John T -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Rogers Sent: Monday, October 08, 2007 4:37 PM To: declude.junkmail@declude.com Subject: Re: [Declude.JunkMail] SMTP_DELIV_FAILED I can ping yahoo.com. These errors are happening all the time. They are occuring only with specific recipient domains - not all domains. Incoming traffic appears normal even from these domains. Richard Lyon wrote: As a test, try ping something on the Internet when you see this delivery message. Like Yahoo.com. On Oct 8, 2007, at 6:52 PM,