Re: [Declude.JunkMail] SMTP_DELIV_FAILED
Just as a quick follow up: I spoke with Ipswitch support and we seem to have things working a little better. I can now send to those trouble domains (at least most of the time). The tech said to change the 127.0.0.1 IP from Imail's DNS server field back to 192.168.0.4, which seemed to help. But I did a quick test at dnsstuff.com and it looks like I am failing one of their tests: FAIL Mismatched glue ERROR: Your nameservers report glue that is different from what the parent servers report. This will cause DNS servers to get confused; some may go to the IP provided by the parent servers, while others may get to the ones provided by your authoritative DNS servers. Problem record(s) are: NS1.WORLDNIC.com.: Parent server (d.gtld-servers.net) says A record is 205.178.190.1, but authoritative DNS server (205.178.190.1) says it is 209.62.20.186 NS2.WORLDNIC.com.: Parent server (d.gtld-servers.net) says A record is 205.178.189.1, but authoritative DNS server (205.178.190.1) says it is 209.62.20.186 NS1.WORLDNIC.com.: Parent server (d.gtld-servers.net) says A record is 205.178.190.1, but authoritative DNS server (205.178.189.1) says it is 209.62.20.186 NS2.WORLDNIC.com.: Parent server (d.gtld-servers.net) says A record is 205.178.189.1, but authoritative DNS server (205.178.189.1) says it is 209.62.20.186 We use Myriad Network as a backup MX record in case our server is down. The 209.62.20.186 IP is their IP. I don't know how their IP got into my DNS records, except as a backup MX record (not for the A record). I am waiting on hearing back from them. Could this have been part of the problem before? We host our DNS records at Network Solutions (that's the 205.178.190.1 IP) - I'm not really understanding what's going on here. Sorry for being a pain - I appreciate your help. Kevin Kevin Rogers wrote: I appear to be able to telnet to that address - it says 220 mailgate02.healthnet.com ESMTP * SMTP Ready * Darrell ([EMAIL PROTECTED]) wrote: Matt wrote: I haven't followed this thread much, but it seems fairly obvious what the the problem is related to. When your server is connecting to the recipient's server, it fails to establish a connection with that server. This log line indicates the likely source of the problem: 10:08 20:18 SMTP-(f30001890106) [x] using source IP for Rogersbenefit.com [192.168.0.4] While you might be doing NAT on your network, it doesn't appear that this is the case here, and the failure is probably being caused by your If he was not doing NAT he would not be able to send mail to anyone since his server is on private ip. No ISP will route RFC1918 addresses across the public internet. So it's doubtful its a NAT issue. Kevin - are you able to telnet to their mailserver from any other machines on your network? telnet 204.107.47.187 25 Darrell --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. ---This E-mail came from the Declude.JunkMail mailing list. Tounsubscribe, just send an E-mail to [EMAIL PROTECTED], andtype "unsubscribe Declude.JunkMail". The archives can be foundat http://www.mail-archive.com.
Re: [Declude.JunkMail] SMTP_DELIV_FAILED
Well, aside from that dnsstuff.com error, here is one last clue to the mystery. I've noticed some irregular notes in the logs where it almost looks like some malformed string is inserting itself into the message and causing some trouble. Notice the last part of the log (in bold). I've also noticed other things - may be nothing, but I posted a few examples at the end 10:10 04:57 SMTP-(be2b15846057) processing d:\imail\spool\QHEbe2b15846057.VAC 10:10 04:57 SMTP-(be2b15846057) [x] looking up healthnet.com in HOSTS and MX 10:10 04:57 SMTP-(be2b15846057) [Att-Blk] Got Attachment Blocking Host Info for Rogersbenefit.com 10:10 04:57 SMTP-(be2b15846057) Trying healthnet.com (0) 10:10 04:57 SMTP-(be2b15846057) [x] Connecting socket to service SMTP on host healthnet.com using protocol tcp 10:10 04:57 SMTP-(be2b15846057) [x] using source IP for Rogersbenefit.com [192.168.0.4] 10:10 04:57 SMTP-(be2b15846057) Connect healthnet.com [204.107.47.187:25] (1) 10:10 04:57 SMTP-(be2b15846057) 220 mailgate02.healthnet.com ESMTP * SMTP Ready * 10:10 04:57 SMTP-(be2b15846057) EHLO Rogersbenefit.com 10:10 04:57 SMTP-(be2b15846057) 250-mailgate02.healthnet.com 10:10 04:57 SMTP-(be2b15846057) 250-PIPELINING 10:10 04:57 SMTP-(be2b15846057) 250-SIZE 104857600 10:10 04:57 SMTP-(be2b15846057) 250-ETRN 10:10 04:57 SMTP-(be2b15846057) 250-STARTTLS 10:10 04:57 SMTP-(be2b15846057) 250 8BITMIME 10:10 04:57 SMTP-(be2b15846057) MAIL FROM:[EMAIL PROTECTED] 10:10 04:57 SMTP-(be2b15846057) 250 Ok 10:10 04:57 SMTP-(be2b15846057) RCPT To:[EMAIL PROTECTED] 10:10 04:57 SMTP-(be2b15846057) 250 Ok 10:10 04:57 SMTP-(be2b15846057) DATA 10:10 04:57 SMTP-(be2b15846057) 354 End data with CRLF.CRLF 10:10 04:57 SMTP-(be2b15846057) . 10:10 04:58 SMTP-(be2b15846057) rl-recv: connection reset 10:10 04:58 SMTP-(be2b15846057) 10:10 04:58 SMTP-(be2b15846057) SMTP_DELIV_FAILED 10:10 04:58 SMTP-(be2b15846057) QUIT 10:10 04:58 SMTP-(be2b15846057) [E] didn't send "QUIT ": connection reset10:10 04:58 SMTP-(be2b15846057) rl-recv: connection reset 10:10 04:58 SMTP-(be2b15846057) 10:10 04:58 SMTP-(be2b15846057) [u] closing socket (u) 10:10 04:58 SMTP-(be2b15846057) requeuing d:\imail\spool\QHEbe2b15846057.VAC R0 T1 10:10 04:58 SMTP-(be2b15846057) finished d:\imail\spool\QHEbe2b15846057.VAC status=3 10:10 04:25 SMTP-(b67101e20e53) [E] didn't send "Checked by AVG Anti-Virus.br ": connection reset10:10 04:25 SMTP-(b67101e20e53) [X] send error 4294967295 != 32 10:10 04:25 SMTP-(b67101e20e53) . 10:10 04:25 SMTP-(b67101e20e53) [E] didn't send ". ": connection reset10:10 04:25 SMTP-(b67101e20e53) rl-recv: connection reset 10:10 04:25 SMTP-(b67101e20e53) 10:10 04:25 SMTP-(b67101e20e53) SMTP_DELIV_FAILED 10:10 04:25 SMTP-(b67101e20e53) QUIT 10:10 04:25 SMTP-(b67101e20e53) [E] didn't send "QUIT ": connection reset10:10 04:25 SMTP-(b67101e20e53) rl-recv: connection reset Again, thanks for helping out. Kevin Kevin Rogers wrote: I appear to be able to telnet to that address - it says 220 mailgate02.healthnet.com ESMTP * SMTP Ready * Darrell ([EMAIL PROTECTED]) wrote: Matt wrote: I haven't followed this thread much, but it seems fairly obvious what the the problem is related to. When your server is connecting to the recipient's server, it fails to establish a connection with that server. This log line indicates the likely source of the problem: 10:08 20:18 SMTP-(f30001890106) [x] using source IP for Rogersbenefit.com [192.168.0.4] While you might be doing NAT on your network, it doesn't appear that this is the case here, and the failure is probably being caused by your If he was not doing NAT he would not be able to send mail to anyone since his server is on private ip. No ISP will route RFC1918 addresses across the public internet. So it's doubtful its a NAT issue. Kevin - are you able to telnet to their mailserver from any other machines on your network? telnet 204.107.47.187 25 Darrell --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. ---This E-mail came from the Declude.JunkMail mailing list. Tounsubscribe, just send an E-mail to [EMAIL PROTECTED], andtype "unsubscribe Declude.JunkMail". The archives can be foundat http://www.mail-archive.com.
Re: [Declude.JunkMail] SMTP_DELIV_FAILED
. It is on the QueueManger service properties. John T -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Rogers Sent: Monday, October 08, 2007 4:37 PM To: declude.junkmail@declude.com Subject: Re: [Declude.JunkMail] SMTP_DELIV_FAILED I can ping yahoo.com. These errors are happening all the time. They are occuring only with specific recipient domains - not all domains. Incoming traffic appears normal even from these domains. Richard Lyon wrote: As a test, try ping something on the Internet when you see this delivery message. Like Yahoo.com. On Oct 8, 2007, at 6:52 PM, Kevin Rogers wrote: I've turned on verbose logging and it appears that the listen on all IPs option did not work. But here is a better log snippet: 10:08 15:32 SMTPD(b01501a702f1) [192.168.0.4] connect 64.121.33.15 port 5672 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] EHLO [192.168.1.110] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) Authenticated [EMAIL PROTECTED], session treated as local. 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] MAIL FROM:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] RCPT TO:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] DATA 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] d:\imail\spool\Db01501a702f1.SMD 558 10:08 15:32 SMTP-() Info - Adding Queue file d:\imail\spool\qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) processing d:\imail\spool\qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) [x] looking up healthnet.com in HOSTS and MX 10:08 15:32 SMTP-(b01501a702f1) Info - Adding healthnet.com to DNS cache - TTL = 1724 10:08 15:32 SMTP-(b01501a702f1) [Att-Blk] Got Attachment Blocking Host Info for Rogersbenefit.com 10:08 15:32 SMTP-(b01501a702f1) Trying healthnet.com (0) 10:08 15:32 SMTP-(b01501a702f1) [x] Connecting socket to service SMTP on host healthnet.com using protocol tcp 10:08 15:32 SMTP-(b01501a702f1) [x] using source IP for Rogersbenefit.com [192.168.0.4] 10:08 15:32 SMTP-(b01501a702f1) Info - Found healthnet.com in DNS Cache 10:08 15:32 SMTP-(b01501a702f1) Connect healthnet.com [204.107.47.187:25] (1) 10:08 15:32 SMTP-(b01501a702f1) 421 Service not available, closing transmission channel 10:08 15:32 SMTP-(b01501a702f1) SMTP_DELIV_FAILED 10:08 15:32 SMTP-(b01501a702f1) QUIT 10:08 15:32 SMTP-(b01501a702f1) 10:08 15:32 SMTP-(b01501a702f1) [u] closing socket (u) 10:08 15:32 SMTP-(b01501a702f1) requeuing d:\imail\spool\qb01501a702f1.smd R0 T1 10:08 15:32 SMTP-(b01501a702f1) finished d:\imail\spool\qb01501a702f1.smd status=3 Does this help? Kevin Rogers wrote: FYI - I just noticed that on the SMTP Advanced tab of Imail, the option to Enable SMTP to Listen On All IP's was NOT selected. I'm not sure if this could've been the problem, but I've now selected that option and will watch the logs. Kevin Darrell ([EMAIL PROTECTED]) wrote: Your A / PTR records look fine. mail.rogersbenefit.com. 7200IN A 207.47.22.58 58.22.47.207.in-addr.arpa. 86288 IN PTR mail.rogersbenefit.com Your listed in one RBL - backscatter so it would seem that it should not be related to spam. Can you post a more detailed smtp log for the 6863023f5c41 transaction. This would help more. You can out any addresses etc to prevent harvesting.. Darrell -- Check out http://www.invariantsystems.com for utilities for Declude, Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Kevin Rogers wrote: I'm not sure if this is the right place to post this issue, but here goes: We recently upgraded our server (to Server2003 - running Imail. 8.21, Declude 4.3) and we're getting a lot of delivery failures to specific domains. It looks like the error we used to get before we had a PTR record setup correctly - certain domains refusing to connect with us. But I believe our PTR record is setup correctly. We upgraded our server, and so it has a different local IP address, but the same external IP, so our PTR record shouldn't have to change. The domain is rogersbenefit.com The errors in the imail log look like this: 10:08 13:20 SMTP-(57f5021f4794) Trying LifeWiseHealth.com (0) 10:08 13:20 SMTP-(5b9502064c35) Trying healthnet.com (0) 10:08 13:20 SMTP-(66fa0818097c) Trying healthnet.com (0) 10:08 13:20 SMTP-(593902374927) Trying healthnet.com (0) 10:08 13:20 SMTP-(69ac02185d9b) Trying taylorjohnsongroup.com (0) 10:08 13:20 SMTP-(64bd009a57db) Trying heiworld.com (0) and end like this: 10:08 13:20 SMTP-(6863023f5c41) 421
Re: [Declude.JunkMail] SMTP_DELIV_FAILED
transmission channel 10:08 20:18 SMTP-(f30001890106) SMTP_DELIV_FAILED 10:08 20:18 SMTP-(f30001890106) QUIT 10:08 20:18 SMTP-(f30001890106) 10:08 20:18 SMTP-(f30001890106) [u] closing socket (u) 10:08 20:18 SMTP-(f30001890106) requeuing d:\imail\spool\qf30001890106.smd R0 T1 10:08 20:18 SMTP-(f30001890106) finished d:\imail\spool\qf30001890106.smd status=3 Thanks for your help. John T (lists) wrote: Are you using DNS caching, turn that off. It is on the QueueManger service properties. John T -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Rogers Sent: Monday, October 08, 2007 4:37 PM To: declude.junkmail@declude.com Subject: Re: [Declude.JunkMail] SMTP_DELIV_FAILED I can ping yahoo.com. These errors are happening all the time. They are occuring only with specific recipient domains - not all domains. Incoming traffic appears normal even from these domains. Richard Lyon wrote: As a test, try ping something on the Internet when you see this delivery message. Like Yahoo.com. On Oct 8, 2007, at 6:52 PM, Kevin Rogers wrote: I've turned on verbose logging and it appears that the listen on all IPs option did not work. But here is a better log snippet: 10:08 15:32 SMTPD(b01501a702f1) [192.168.0.4] connect 64.121.33.15 port 5672 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] EHLO [192.168.1.110] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) Authenticated [EMAIL PROTECTED], session treated as local. 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] MAIL FROM:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] RCPT TO:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] DATA 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] d:\imail\spool\Db01501a702f1.SMD 558 10:08 15:32 SMTP-() Info - Adding Queue file d:\imail\spool\qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) processing d:\imail\spool\qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) [x] looking up healthnet.com in HOSTS and MX 10:08 15:32 SMTP-(b01501a702f1) Info - Adding healthnet.com to DNS cache - TTL = 1724 10:08 15:32 SMTP-(b01501a702f1) [Att-Blk] Got Attachment Blocking Host Info for Rogersbenefit.com 10:08 15:32 SMTP-(b01501a702f1) Trying healthnet.com (0) 10:08 15:32 SMTP-(b01501a702f1) [x] Connecting socket to service SMTP on host healthnet.com using protocol tcp 10:08 15:32 SMTP-(b01501a702f1) [x] using source IP for Rogersbenefit.com [192.168.0.4] 10:08 15:32 SMTP-(b01501a702f1) Info - Found healthnet.com in DNS Cache 10:08 15:32 SMTP-(b01501a702f1) Connect healthnet.com [204.107.47.187:25] (1) 10:08 15:32 SMTP-(b01501a702f1) 421 Service not available, closing transmission channel 10:08 15:32 SMTP-(b01501a702f1) SMTP_DELIV_FAILED 10:08 15:32 SMTP-(b01501a702f1) QUIT 10:08 15:32 SMTP-(b01501a702f1) 10:08 15:32 SMTP-(b01501a702f1) [u] closing socket (u) 10:08 15:32 SMTP-(b01501a702f1) requeuing d:\imail\spool\qb01501a702f1.smd R0 T1 10:08 15:32 SMTP-(b01501a702f1) finished d:\imail\spool\qb01501a702f1.smd status=3 Does this help? Kevin Rogers wrote: FYI - I just noticed that on the SMTP Advanced tab of Imail, the option to Enable SMTP to Listen On All IP's was NOT selected. I'm not sure if this could've been the problem, but I've now selected that option and will watch the logs. Kevin Darrell ([EMAIL PROTECTED]) wrote: Your A / PTR records look fine. mail.rogersbenefit.com. 7200IN A 207.47.22.58 58.22.47.207.in-addr.arpa. 86288 IN PTR mail.rogersbenefit.com Your listed in one RBL - backscatter so it would seem that it should not be related to spam. Can you post a more detailed smtp log for the 6863023f5c41 transaction. This would help more. You can out any addresses etc to prevent harvesting.. Darrell -- Check out http://www.invariantsystems.com for utilities for Declude, Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Kevin Rogers wrote: I'm not sure if this is the right place to post this issue, but here goes: We recently upgraded our server (to Server2003 - running Imail. 8.21, Declude 4.3) and we're getting a lot of delivery failures to specific domains. It looks like the error we used to get before we had a PTR record setup correctly - certain domains refusing to connect with us. But I believe our PTR record is setup correctly. We upgraded our server, and so it has a different local IP address, but the same
Re: [Declude.JunkMail] SMTP_DELIV_FAILED
Matt wrote: I haven't followed this thread much, but it seems fairly obvious what the the problem is related to. When your server is connecting to the recipient's server, it fails to establish a connection with that server. This log line indicates the likely source of the problem: 10:08 20:18 SMTP-(f30001890106) [x] using source IP for Rogersbenefit.com [192.168.0.4] While you might be doing NAT on your network, it doesn't appear that this is the case here, and the failure is probably being caused by your If he was not doing NAT he would not be able to send mail to anyone since his server is on private ip. No ISP will route RFC1918 addresses across the public internet. So it's doubtful its a NAT issue. Kevin - are you able to telnet to their mailserver from any other machines on your network? telnet 204.107.47.187 25 Darrell --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] SMTP_DELIV_FAILED
I appear to be able to telnet to that address - it says 220 mailgate02.healthnet.com ESMTP * SMTP Ready * Darrell ([EMAIL PROTECTED]) wrote: Matt wrote: I haven't followed this thread much, but it seems fairly obvious what the the problem is related to. When your server is connecting to the recipient's server, it fails to establish a connection with that server. This log line indicates the likely source of the problem: 10:08 20:18 SMTP-(f30001890106) [x] using source IP for Rogersbenefit.com [192.168.0.4] While you might be doing NAT on your network, it doesn't appear that this is the case here, and the failure is probably being caused by your If he was not doing NAT he would not be able to send mail to anyone since his server is on private ip. No ISP will route RFC1918 addresses across the public internet. So it's doubtful its a NAT issue. Kevin - are you able to telnet to their mailserver from any other machines on your network? telnet 204.107.47.187 25 Darrell --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
[Declude.JunkMail] SMTP_DELIV_FAILED
I'm not sure if this is the right place to post this issue, but here goes: We recently upgraded our server (to Server2003 - running Imail. 8.21, Declude 4.3) and we're getting a lot of delivery failures to specific domains. It looks like the error we used to get before we had a PTR record setup correctly - certain domains refusing to connect with us. But I believe our PTR record is setup correctly. We upgraded our server, and so it has a different local IP address, but the same external IP, so our PTR record shouldn't have to change. The domain is rogersbenefit.com The errors in the imail log look like this: 10:08 13:20 SMTP-(57f5021f4794) Trying LifeWiseHealth.com (0) 10:08 13:20 SMTP-(5b9502064c35) Trying healthnet.com (0) 10:08 13:20 SMTP-(66fa0818097c) Trying healthnet.com (0) 10:08 13:20 SMTP-(593902374927) Trying healthnet.com (0) 10:08 13:20 SMTP-(69ac02185d9b) Trying taylorjohnsongroup.com (0) 10:08 13:20 SMTP-(64bd009a57db) Trying heiworld.com (0) and end like this: 10:08 13:20 SMTP-(6863023f5c41) 421 Service not available, closing transmission channel 10:08 13:20 SMTP-(6863023f5c41) SMTP_DELIV_FAILED 10:08 13:20 SMTP-(6863023f5c41) QUIT I can ping our DNS servers fine. Any ideas? Thanks - Kevin --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] SMTP_DELIV_FAILED
Your A / PTR records look fine. mail.rogersbenefit.com. 7200IN A 207.47.22.58 58.22.47.207.in-addr.arpa. 86288 IN PTR mail.rogersbenefit.com Your listed in one RBL - backscatter so it would seem that it should not be related to spam. Can you post a more detailed smtp log for the 6863023f5c41 transaction. This would help more. You can out any addresses etc to prevent harvesting.. Darrell -- Check out http://www.invariantsystems.com for utilities for Declude, Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Kevin Rogers wrote: I'm not sure if this is the right place to post this issue, but here goes: We recently upgraded our server (to Server2003 - running Imail. 8.21, Declude 4.3) and we're getting a lot of delivery failures to specific domains. It looks like the error we used to get before we had a PTR record setup correctly - certain domains refusing to connect with us. But I believe our PTR record is setup correctly. We upgraded our server, and so it has a different local IP address, but the same external IP, so our PTR record shouldn't have to change. The domain is rogersbenefit.com The errors in the imail log look like this: 10:08 13:20 SMTP-(57f5021f4794) Trying LifeWiseHealth.com (0) 10:08 13:20 SMTP-(5b9502064c35) Trying healthnet.com (0) 10:08 13:20 SMTP-(66fa0818097c) Trying healthnet.com (0) 10:08 13:20 SMTP-(593902374927) Trying healthnet.com (0) 10:08 13:20 SMTP-(69ac02185d9b) Trying taylorjohnsongroup.com (0) 10:08 13:20 SMTP-(64bd009a57db) Trying heiworld.com (0) and end like this: 10:08 13:20 SMTP-(6863023f5c41) 421 Service not available, closing transmission channel 10:08 13:20 SMTP-(6863023f5c41) SMTP_DELIV_FAILED 10:08 13:20 SMTP-(6863023f5c41) QUIT I can ping our DNS servers fine. Any ideas? Thanks - Kevin --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. -- --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] SMTP_DELIV_FAILED
10:08 10:26 SMTPD(6863023f5c41) [192.168.0.4] connect 216.84.38.124 port 3894 10:08 10:26 SMTPD(6863023f5c41) [216.84.38.124] EHLO Becky 10:08 10:26 SMTPD(6863023f5c41) Authenticated [EMAIL PROTECTED], session treated as local. 10:08 10:26 SMTPD(6863023f5c41) [216.84.38.124] MAIL FROM: [EMAIL PROTECTED] 10:08 10:26 SMTPD(6863023f5c41) [216.84.38.124] RCPT TO: [EMAIL PROTECTED] 10:08 10:26 SMTPD(6863023f5c41) [216.84.38.124] d:\imail\spool\D6863023f5c41.SMD 3855 10:08 10:27 SMTP-(6863023f5c41) processing d:\imail\spool\q6863023f5c41.smd 10:08 10:27 SMTP-(6863023f5c41) Trying healthnet.com (0) 10:08 10:27 SMTP-(6863023f5c41) Connect healthnet.com [204.107.47.189:25] (1) 10:08 10:27 SMTP-(6863023f5c41) 421 Service not available, closing transmission channel 10:08 10:27 SMTP-(6863023f5c41) SMTP_DELIV_FAILED 10:08 10:27 SMTP-(6863023f5c41) QUIT 10:08 10:27 SMTP-(6863023f5c41) 10:08 10:27 SMTP-(6863023f5c41) requeuing d:\imail\spool\q6863023f5c41.smd R0 T1 10:08 10:27 SMTP-(6863023f5c41) finished d:\imail\spool\q6863023f5c41.smd status=3 10:08 10:46 SMTP-(6863023f5c41) processing d:\imail\spool\q6863023f5c41.smd 10:08 10:46 SMTP-(6863023f5c41) Trying healthnet.com (0) 10:08 10:46 SMTP-(6863023f5c41) Connect healthnet.com [204.107.47.187:25] (1) 10:08 10:46 SMTP-(6863023f5c41) 421 Service not available, closing transmission channel 10:08 10:46 SMTP-(6863023f5c41) SMTP_DELIV_FAILED 10:08 10:46 SMTP-(6863023f5c41) QUIT 10:08 10:46 SMTP-(6863023f5c41) 10:08 10:46 SMTP-(6863023f5c41) requeuing d:\imail\spool\q6863023f5c41.smd R0 T2 10:08 10:46 SMTP-(6863023f5c41) finished d:\imail\spool\q6863023f5c41.smd status=3 10:08 11:17 SMTP-(6863023f5c41) processing d:\imail\spool\q6863023f5c41.smd 10:08 11:17 SMTP-(6863023f5c41) Trying healthnet.com (0) 10:08 11:17 SMTP-(6863023f5c41) Connect healthnet.com [204.107.47.187:25] (1) 10:08 11:17 SMTP-(6863023f5c41) 421 Service not available, closing transmission channel 10:08 11:17 SMTP-(6863023f5c41) SMTP_DELIV_FAILED 10:08 11:17 SMTP-(6863023f5c41) QUIT 10:08 11:17 SMTP-(6863023f5c41) 10:08 11:17 SMTP-(6863023f5c41) requeuing d:\imail\spool\q6863023f5c41.smd R0 T3 10:08 11:17 SMTP-(6863023f5c41) finished d:\imail\spool\q6863023f5c41.smd status=3 etc. Thanks Kevin Darrell ([EMAIL PROTECTED]) wrote: Your A / PTR records look fine. mail.rogersbenefit.com. 7200IN A 207.47.22.58 58.22.47.207.in-addr.arpa. 86288 IN PTR mail.rogersbenefit.com Your listed in one RBL - backscatter so it would seem that it should not be related to spam. Can you post a more detailed smtp log for the 6863023f5c41 transaction. This would help more. You can out any addresses etc to prevent harvesting.. Darrell -- Check out http://www.invariantsystems.com for utilities for Declude, Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Kevin Rogers wrote: I'm not sure if this is the right place to post this issue, but here goes: We recently upgraded our server (to Server2003 - running Imail. 8.21, Declude 4.3) and we're getting a lot of delivery failures to specific domains. It looks like the error we used to get before we had a PTR record setup correctly - certain domains refusing to connect with us. But I believe our PTR record is setup correctly. We upgraded our server, and so it has a different local IP address, but the same external IP, so our PTR record shouldn't have to change. The domain is rogersbenefit.com The errors in the imail log look like this: 10:08 13:20 SMTP-(57f5021f4794) Trying LifeWiseHealth.com (0) 10:08 13:20 SMTP-(5b9502064c35) Trying healthnet.com (0) 10:08 13:20 SMTP-(66fa0818097c) Trying healthnet.com (0) 10:08 13:20 SMTP-(593902374927) Trying healthnet.com (0) 10:08 13:20 SMTP-(69ac02185d9b) Trying taylorjohnsongroup.com (0) 10:08 13:20 SMTP-(64bd009a57db) Trying heiworld.com (0) and end like this: 10:08 13:20 SMTP-(6863023f5c41) 421 Service not available, closing transmission channel 10:08 13:20 SMTP-(6863023f5c41) SMTP_DELIV_FAILED 10:08 13:20 SMTP-(6863023f5c41) QUIT I can ping our DNS servers fine. Any ideas? Thanks - Kevin --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] SMTP_DELIV_FAILED
FYI - I just noticed that on the SMTP Advanced tab of Imail, the option to Enable SMTP to Listen On All IP's was NOT selected. I'm not sure if this could've been the problem, but I've now selected that option and will watch the logs. Kevin Darrell ([EMAIL PROTECTED]) wrote: Your A / PTR records look fine. mail.rogersbenefit.com. 7200IN A 207.47.22.58 58.22.47.207.in-addr.arpa. 86288 IN PTR mail.rogersbenefit.com Your listed in one RBL - backscatter so it would seem that it should not be related to spam. Can you post a more detailed smtp log for the 6863023f5c41 transaction. This would help more. You can out any addresses etc to prevent harvesting.. Darrell -- Check out http://www.invariantsystems.com for utilities for Declude, Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Kevin Rogers wrote: I'm not sure if this is the right place to post this issue, but here goes: We recently upgraded our server (to Server2003 - running Imail. 8.21, Declude 4.3) and we're getting a lot of delivery failures to specific domains. It looks like the error we used to get before we had a PTR record setup correctly - certain domains refusing to connect with us. But I believe our PTR record is setup correctly. We upgraded our server, and so it has a different local IP address, but the same external IP, so our PTR record shouldn't have to change. The domain is rogersbenefit.com The errors in the imail log look like this: 10:08 13:20 SMTP-(57f5021f4794) Trying LifeWiseHealth.com (0) 10:08 13:20 SMTP-(5b9502064c35) Trying healthnet.com (0) 10:08 13:20 SMTP-(66fa0818097c) Trying healthnet.com (0) 10:08 13:20 SMTP-(593902374927) Trying healthnet.com (0) 10:08 13:20 SMTP-(69ac02185d9b) Trying taylorjohnsongroup.com (0) 10:08 13:20 SMTP-(64bd009a57db) Trying heiworld.com (0) and end like this: 10:08 13:20 SMTP-(6863023f5c41) 421 Service not available, closing transmission channel 10:08 13:20 SMTP-(6863023f5c41) SMTP_DELIV_FAILED 10:08 13:20 SMTP-(6863023f5c41) QUIT I can ping our DNS servers fine. Any ideas? Thanks - Kevin --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] SMTP_DELIV_FAILED
I've turned on verbose logging and it appears that the listen on all IPs option did not work. But here is a better log snippet: 10:08 15:32 SMTPD(b01501a702f1) [192.168.0.4] connect 64.121.33.15 port 5672 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] EHLO [192.168.1.110] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) Authenticated [EMAIL PROTECTED], session treated as local. 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] MAIL FROM:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] RCPT TO:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] DATA 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] d:\imail\spool\Db01501a702f1.SMD 558 10:08 15:32 SMTP-() Info - Adding Queue file d:\imail\spool\qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) processing d:\imail\spool\qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) [x] looking up healthnet.com in HOSTS and MX 10:08 15:32 SMTP-(b01501a702f1) Info - Adding healthnet.com to DNS cache - TTL = 1724 10:08 15:32 SMTP-(b01501a702f1) [Att-Blk] Got Attachment Blocking Host Info for Rogersbenefit.com 10:08 15:32 SMTP-(b01501a702f1) Trying healthnet.com (0) 10:08 15:32 SMTP-(b01501a702f1) [x] Connecting socket to service SMTP on host healthnet.com using protocol tcp 10:08 15:32 SMTP-(b01501a702f1) [x] using source IP for Rogersbenefit.com [192.168.0.4] 10:08 15:32 SMTP-(b01501a702f1) Info - Found healthnet.com in DNS Cache 10:08 15:32 SMTP-(b01501a702f1) Connect healthnet.com [204.107.47.187:25] (1) 10:08 15:32 SMTP-(b01501a702f1) 421 Service not available, closing transmission channel 10:08 15:32 SMTP-(b01501a702f1) SMTP_DELIV_FAILED 10:08 15:32 SMTP-(b01501a702f1) QUIT 10:08 15:32 SMTP-(b01501a702f1) 10:08 15:32 SMTP-(b01501a702f1) [u] closing socket (u) 10:08 15:32 SMTP-(b01501a702f1) requeuing d:\imail\spool\qb01501a702f1.smd R0 T1 10:08 15:32 SMTP-(b01501a702f1) finished d:\imail\spool\qb01501a702f1.smd status=3 Does this help? Kevin Rogers wrote: FYI - I just noticed that on the SMTP Advanced tab of Imail, the option to Enable SMTP to Listen On All IP's was NOT selected. I'm not sure if this could've been the problem, but I've now selected that option and will watch the logs. Kevin Darrell ([EMAIL PROTECTED]) wrote: Your A / PTR records look fine. mail.rogersbenefit.com. 7200IN A 207.47.22.58 58.22.47.207.in-addr.arpa. 86288 IN PTR mail.rogersbenefit.com Your listed in one RBL - backscatter so it would seem that it should not be related to spam. Can you post a more detailed smtp log for the 6863023f5c41 transaction. This would help more. You can out any addresses etc to prevent harvesting.. Darrell -- Check out http://www.invariantsystems.com for utilities for Declude, Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Kevin Rogers wrote: I'm not sure if this is the right place to post this issue, but here goes: We recently upgraded our server (to Server2003 - running Imail. 8.21, Declude 4.3) and we're getting a lot of delivery failures to specific domains. It looks like the error we used to get before we had a PTR record setup correctly - certain domains refusing to connect with us. But I believe our PTR record is setup correctly. We upgraded our server, and so it has a different local IP address, but the same external IP, so our PTR record shouldn't have to change. The domain is rogersbenefit.com The errors in the imail log look like this: 10:08 13:20 SMTP-(57f5021f4794) Trying LifeWiseHealth.com (0) 10:08 13:20 SMTP-(5b9502064c35) Trying healthnet.com (0) 10:08 13:20 SMTP-(66fa0818097c) Trying healthnet.com (0) 10:08 13:20 SMTP-(593902374927) Trying healthnet.com (0) 10:08 13:20 SMTP-(69ac02185d9b) Trying taylorjohnsongroup.com (0) 10:08 13:20 SMTP-(64bd009a57db) Trying heiworld.com (0) and end like this: 10:08 13:20 SMTP-(6863023f5c41) 421 Service not available, closing transmission channel 10:08 13:20 SMTP-(6863023f5c41) SMTP_DELIV_FAILED 10:08 13:20 SMTP-(6863023f5c41) QUIT I can ping our DNS servers fine. Any ideas? Thanks - Kevin --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- This E-mail came from the
Re: [Declude.JunkMail] SMTP_DELIV_FAILED
As a test, try ping something on the Internet when you see this delivery message. Like Yahoo.com. On Oct 8, 2007, at 6:52 PM, Kevin Rogers wrote: I've turned on verbose logging and it appears that the listen on all IPs option did not work. But here is a better log snippet: 10:08 15:32 SMTPD(b01501a702f1) [192.168.0.4] connect 64.121.33.15 port 5672 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] EHLO [192.168.1.110] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) Authenticated [EMAIL PROTECTED], session treated as local. 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] MAIL FROM:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] RCPT TO:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] DATA 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] d:\imail\spool \Db01501a702f1.SMD 558 10:08 15:32 SMTP-() Info - Adding Queue file d: \imail\spool\qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) processing d:\imail\spool \qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) [x] looking up healthnet.com in HOSTS and MX 10:08 15:32 SMTP-(b01501a702f1) Info - Adding healthnet.com to DNS cache - TTL = 1724 10:08 15:32 SMTP-(b01501a702f1) [Att-Blk] Got Attachment Blocking Host Info for Rogersbenefit.com 10:08 15:32 SMTP-(b01501a702f1) Trying healthnet.com (0) 10:08 15:32 SMTP-(b01501a702f1) [x] Connecting socket to service SMTP on host healthnet.com using protocol tcp 10:08 15:32 SMTP-(b01501a702f1) [x] using source IP for Rogersbenefit.com [192.168.0.4] 10:08 15:32 SMTP-(b01501a702f1) Info - Found healthnet.com in DNS Cache 10:08 15:32 SMTP-(b01501a702f1) Connect healthnet.com [204.107.47.187:25] (1) 10:08 15:32 SMTP-(b01501a702f1) 421 Service not available, closing transmission channel 10:08 15:32 SMTP-(b01501a702f1) SMTP_DELIV_FAILED 10:08 15:32 SMTP-(b01501a702f1) QUIT 10:08 15:32 SMTP-(b01501a702f1) 10:08 15:32 SMTP-(b01501a702f1) [u] closing socket (u) 10:08 15:32 SMTP-(b01501a702f1) requeuing d:\imail\spool \qb01501a702f1.smd R0 T1 10:08 15:32 SMTP-(b01501a702f1) finished d:\imail\spool \qb01501a702f1.smd status=3 Does this help? Kevin Rogers wrote: FYI - I just noticed that on the SMTP Advanced tab of Imail, the option to Enable SMTP to Listen On All IP's was NOT selected. I'm not sure if this could've been the problem, but I've now selected that option and will watch the logs. Kevin Darrell ([EMAIL PROTECTED]) wrote: Your A / PTR records look fine. mail.rogersbenefit.com. 7200IN A 207.47.22.58 58.22.47.207.in-addr.arpa. 86288 IN PTR mail.rogersbenefit.com Your listed in one RBL - backscatter so it would seem that it should not be related to spam. Can you post a more detailed smtp log for the 6863023f5c41 transaction. This would help more. You can out any addresses etc to prevent harvesting.. Darrell -- Check out http://www.invariantsystems.com for utilities for Declude, Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Kevin Rogers wrote: I'm not sure if this is the right place to post this issue, but here goes: We recently upgraded our server (to Server2003 - running Imail. 8.21, Declude 4.3) and we're getting a lot of delivery failures to specific domains. It looks like the error we used to get before we had a PTR record setup correctly - certain domains refusing to connect with us. But I believe our PTR record is setup correctly. We upgraded our server, and so it has a different local IP address, but the same external IP, so our PTR record shouldn't have to change. The domain is rogersbenefit.com The errors in the imail log look like this: 10:08 13:20 SMTP-(57f5021f4794) Trying LifeWiseHealth.com (0) 10:08 13:20 SMTP-(5b9502064c35) Trying healthnet.com (0) 10:08 13:20 SMTP-(66fa0818097c) Trying healthnet.com (0) 10:08 13:20 SMTP-(593902374927) Trying healthnet.com (0) 10:08 13:20 SMTP-(69ac02185d9b) Trying taylorjohnsongroup.com (0) 10:08 13:20 SMTP-(64bd009a57db) Trying heiworld.com (0) and end like this: 10:08 13:20 SMTP-(6863023f5c41) 421 Service not available, closing transmission channel 10:08 13:20 SMTP-(6863023f5c41) SMTP_DELIV_FAILED 10:08 13:20 SMTP-(6863023f5c41) QUIT I can ping our DNS servers fine. Any ideas? Thanks - Kevin --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list.
Re: [Declude.JunkMail] SMTP_DELIV_FAILED
I can ping yahoo.com. These errors are happening all the time. They are occuring only with specific recipient domains - not all domains. Incoming traffic appears normal even from these domains. Richard Lyon wrote: As a test, try ping something on the Internet when you see this delivery message. Like Yahoo.com. On Oct 8, 2007, at 6:52 PM, Kevin Rogers wrote: I've turned on verbose logging and it appears that the listen on all IPs option did not work. But here is a better log snippet: 10:08 15:32 SMTPD(b01501a702f1) [192.168.0.4] connect 64.121.33.15 port 5672 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] EHLO [192.168.1.110] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) Authenticated [EMAIL PROTECTED], session treated as local. 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] MAIL FROM:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] RCPT TO:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] DATA 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] d:\imail\spool\Db01501a702f1.SMD 558 10:08 15:32 SMTP-() Info - Adding Queue file d:\imail\spool\qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) processing d:\imail\spool\qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) [x] looking up healthnet.com in HOSTS and MX 10:08 15:32 SMTP-(b01501a702f1) Info - Adding healthnet.com to DNS cache - TTL = 1724 10:08 15:32 SMTP-(b01501a702f1) [Att-Blk] Got Attachment Blocking Host Info for Rogersbenefit.com 10:08 15:32 SMTP-(b01501a702f1) Trying healthnet.com (0) 10:08 15:32 SMTP-(b01501a702f1) [x] Connecting socket to service SMTP on host healthnet.com using protocol tcp 10:08 15:32 SMTP-(b01501a702f1) [x] using source IP for Rogersbenefit.com [192.168.0.4] 10:08 15:32 SMTP-(b01501a702f1) Info - Found healthnet.com in DNS Cache 10:08 15:32 SMTP-(b01501a702f1) Connect healthnet.com [204.107.47.187:25] (1) 10:08 15:32 SMTP-(b01501a702f1) 421 Service not available, closing transmission channel 10:08 15:32 SMTP-(b01501a702f1) SMTP_DELIV_FAILED 10:08 15:32 SMTP-(b01501a702f1) QUIT 10:08 15:32 SMTP-(b01501a702f1) 10:08 15:32 SMTP-(b01501a702f1) [u] closing socket (u) 10:08 15:32 SMTP-(b01501a702f1) requeuing d:\imail\spool\qb01501a702f1.smd R0 T1 10:08 15:32 SMTP-(b01501a702f1) finished d:\imail\spool\qb01501a702f1.smd status=3 Does this help? Kevin Rogers wrote: FYI - I just noticed that on the SMTP Advanced tab of Imail, the option to Enable SMTP to Listen On All IP's was NOT selected. I'm not sure if this could've been the problem, but I've now selected that option and will watch the logs. Kevin Darrell ([EMAIL PROTECTED]) wrote: Your A / PTR records look fine. mail.rogersbenefit.com. 7200IN A 207.47.22.58 58.22.47.207.in-addr.arpa. 86288 IN PTR mail.rogersbenefit.com Your listed in one RBL - backscatter so it would seem that it should not be related to spam. Can you post a more detailed smtp log for the 6863023f5c41 transaction. This would help more. You can out any addresses etc to prevent harvesting.. Darrell -- Check out http://www.invariantsystems.com for utilities for Declude, Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Kevin Rogers wrote: I'm not sure if this is the right place to post this issue, but here goes: We recently upgraded our server (to Server2003 - running Imail. 8.21, Declude 4.3) and we're getting a lot of delivery failures to specific domains. It looks like the error we used to get before we had a PTR record setup correctly - certain domains refusing to connect with us. But I believe our PTR record is setup correctly. We upgraded our server, and so it has a different local IP address, but the same external IP, so our PTR record shouldn't have to change. The domain is rogersbenefit.com The errors in the imail log look like this: 10:08 13:20 SMTP-(57f5021f4794) Trying LifeWiseHealth.com (0) 10:08 13:20 SMTP-(5b9502064c35) Trying healthnet.com (0) 10:08 13:20 SMTP-(66fa0818097c) Trying healthnet.com (0) 10:08 13:20 SMTP-(593902374927) Trying healthnet.com (0) 10:08 13:20 SMTP-(69ac02185d9b) Trying taylorjohnsongroup.com (0) 10:08 13:20 SMTP-(64bd009a57db) Trying heiworld.com (0) and end like this: 10:08 13:20 SMTP-(6863023f5c41) 421 Service not available, closing transmission channel 10:08 13:20 SMTP-(6863023f5c41) SMTP_DELIV_FAILED 10:08 13:20 SMTP-(6863023f5c41) QUIT I can ping our DNS servers fine. Any ideas? Thanks - Kevin --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL
RE: [Declude.JunkMail] SMTP_DELIV_FAILED
Are you using DNS caching, turn that off. It is on the QueueManger service properties. John T -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Rogers Sent: Monday, October 08, 2007 4:37 PM To: declude.junkmail@declude.com Subject: Re: [Declude.JunkMail] SMTP_DELIV_FAILED I can ping yahoo.com. These errors are happening all the time. They are occuring only with specific recipient domains - not all domains. Incoming traffic appears normal even from these domains. Richard Lyon wrote: As a test, try ping something on the Internet when you see this delivery message. Like Yahoo.com. On Oct 8, 2007, at 6:52 PM, Kevin Rogers wrote: I've turned on verbose logging and it appears that the listen on all IPs option did not work. But here is a better log snippet: 10:08 15:32 SMTPD(b01501a702f1) [192.168.0.4] connect 64.121.33.15 port 5672 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] EHLO [192.168.1.110] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) Authenticated [EMAIL PROTECTED], session treated as local. 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] MAIL FROM:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] RCPT TO:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] DATA 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] d:\imail\spool\Db01501a702f1.SMD 558 10:08 15:32 SMTP-() Info - Adding Queue file d:\imail\spool\qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) processing d:\imail\spool\qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) [x] looking up healthnet.com in HOSTS and MX 10:08 15:32 SMTP-(b01501a702f1) Info - Adding healthnet.com to DNS cache - TTL = 1724 10:08 15:32 SMTP-(b01501a702f1) [Att-Blk] Got Attachment Blocking Host Info for Rogersbenefit.com 10:08 15:32 SMTP-(b01501a702f1) Trying healthnet.com (0) 10:08 15:32 SMTP-(b01501a702f1) [x] Connecting socket to service SMTP on host healthnet.com using protocol tcp 10:08 15:32 SMTP-(b01501a702f1) [x] using source IP for Rogersbenefit.com [192.168.0.4] 10:08 15:32 SMTP-(b01501a702f1) Info - Found healthnet.com in DNS Cache 10:08 15:32 SMTP-(b01501a702f1) Connect healthnet.com [204.107.47.187:25] (1) 10:08 15:32 SMTP-(b01501a702f1) 421 Service not available, closing transmission channel 10:08 15:32 SMTP-(b01501a702f1) SMTP_DELIV_FAILED 10:08 15:32 SMTP-(b01501a702f1) QUIT 10:08 15:32 SMTP-(b01501a702f1) 10:08 15:32 SMTP-(b01501a702f1) [u] closing socket (u) 10:08 15:32 SMTP-(b01501a702f1) requeuing d:\imail\spool\qb01501a702f1.smd R0 T1 10:08 15:32 SMTP-(b01501a702f1) finished d:\imail\spool\qb01501a702f1.smd status=3 Does this help? Kevin Rogers wrote: FYI - I just noticed that on the SMTP Advanced tab of Imail, the option to Enable SMTP to Listen On All IP's was NOT selected. I'm not sure if this could've been the problem, but I've now selected that option and will watch the logs. Kevin Darrell ([EMAIL PROTECTED]) wrote: Your A / PTR records look fine. mail.rogersbenefit.com. 7200IN A 207.47.22.58 58.22.47.207.in-addr.arpa. 86288 IN PTR mail.rogersbenefit.com Your listed in one RBL - backscatter so it would seem that it should not be related to spam. Can you post a more detailed smtp log for the 6863023f5c41 transaction. This would help more. You can out any addresses etc to prevent harvesting.. Darrell -- Check out http://www.invariantsystems.com for utilities for Declude, Imail, mxGuard, and ORF. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Kevin Rogers wrote: I'm not sure if this is the right place to post this issue, but here goes: We recently upgraded our server (to Server2003 - running Imail. 8.21, Declude 4.3) and we're getting a lot of delivery failures to specific domains. It looks like the error we used to get before we had a PTR record setup correctly - certain domains refusing to connect with us. But I believe our PTR record is setup correctly. We upgraded our server, and so it has a different local IP address, but the same external IP, so our PTR record shouldn't have to change. The domain is rogersbenefit.com The errors in the imail log look like this: 10:08 13:20 SMTP-(57f5021f4794) Trying LifeWiseHealth.com (0) 10:08 13:20 SMTP-(5b9502064c35) Trying healthnet.com (0) 10:08 13:20 SMTP-(66fa0818097c) Trying healthnet.com (0) 10:08 13:20 SMTP-(593902374927) Trying healthnet.com (0) 10:08 13:20 SMTP-(69ac02185d9b
Re: [Declude.JunkMail] SMTP_DELIV_FAILED
OK - I turned that off and restarted the SMTP and QManager services. I then tried to send an email to healthnet.com again (one of about 15 domains that I've noticed this problem with) and it still did not go through. (By the way, why is it displaying the AUTH three times like that?) My SMTP settings are: Default Mail Host: localhost Domain Name Server address: 207.47.4.2 207.47.2.178 (these are 2 provided by my connection provider - I am not attempting to use my local DNS yet) Enable TLS is checked (nothing else is on the main screen) Security Tab: No mail relay Allow remote mail to local groups Allow remote view of local groups Auto-deny possible hack attempts are all checked - nothing else Advanced Tab: Delivery App: d:\imail\Declude.exe Enable SMTP TO Listen On All IPs is checked. the rest is pretty standard. QManager settings: DNS Cache is now disabled. I have enabled Failed Domain Skipping (Max entries 500 - skip time 30) Log snippet 10:08 20:18 SMTPD(f30001890106) [192.168.0.4] connect 64.121.33.15 port 6609 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] EHLO [192.168.1.110] 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] AUTH 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] AUTH 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] AUTH 10:08 20:18 SMTPD(f30001890106) Authenticated [EMAIL PROTECTED], session treated as local. 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] MAIL FROM:[EMAIL PROTECTED] 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] RCPT TO:[EMAIL PROTECTED] 10:08 20:18 SMTPD(f30001890106) [x] looking up healthnet.com in HOSTS 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] DATA 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] d:\imail\spool\Df30001890106.SMD 759 10:08 20:18 SMTP-(f30001890106) processing d:\imail\spool\qf30001890106.smd 10:08 20:18 SMTP-(f30001890106) [x] looking up healthnet.com in HOSTS and MX 10:08 20:18 SMTP-(f30001890106) [Att-Blk] Got Attachment Blocking Host Info for Rogersbenefit.com 10:08 20:18 SMTP-(f30001890106) Trying healthnet.com (0) 10:08 20:18 SMTP-(f30001890106) [x] Connecting socket to service SMTP on host healthnet.com using protocol tcp 10:08 20:18 SMTP-(f30001890106) [x] using source IP for Rogersbenefit.com [192.168.0.4] 10:08 20:18 SMTP-(f30001890106) Connect healthnet.com [204.107.47.187:25] (1) 10:08 20:18 SMTP-(f30001890106) 421 Service not available, closing transmission channel 10:08 20:18 SMTP-(f30001890106) SMTP_DELIV_FAILED 10:08 20:18 SMTP-(f30001890106) QUIT 10:08 20:18 SMTP-(f30001890106) 10:08 20:18 SMTP-(f30001890106) [u] closing socket (u) 10:08 20:18 SMTP-(f30001890106) requeuing d:\imail\spool\qf30001890106.smd R0 T1 10:08 20:18 SMTP-(f30001890106) finished d:\imail\spool\qf30001890106.smd status=3 Thanks for your help. John T (lists) wrote: Are you using DNS caching, turn that off. It is on the QueueManger service properties. John T -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Rogers Sent: Monday, October 08, 2007 4:37 PM To: declude.junkmail@declude.com Subject: Re: [Declude.JunkMail] SMTP_DELIV_FAILED I can ping yahoo.com. These errors are happening all the time. They are occuring only with specific recipient domains - not all domains. Incoming traffic appears normal even from these domains. Richard Lyon wrote: As a test, try ping something on the Internet when you see this delivery message. Like Yahoo.com. On Oct 8, 2007, at 6:52 PM, Kevin Rogers wrote: I've turned on verbose logging and it appears that the listen on all IPs option did not work. But here is a better log snippet: 10:08 15:32 SMTPD(b01501a702f1) [192.168.0.4] connect 64.121.33.15 port 5672 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] EHLO [192.168.1.110] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] AUTH 10:08 15:32 SMTPD(b01501a702f1) Authenticated [EMAIL PROTECTED], session treated as local. 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] MAIL FROM:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] RCPT TO:[EMAIL PROTECTED] 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] DATA 10:08 15:32 SMTPD(b01501a702f1) [64.121.33.15] d:\imail\spool\Db01501a702f1.SMD 558 10:08 15:32 SMTP-() Info - Adding Queue file d:\imail\spool\qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) processing d:\imail\spool\qb01501a702f1.smd 10:08 15:32 SMTP-(b01501a702f1) [x] looking up healthnet.com in HOSTS and MX 10:08 15:32 SMTP-(b01501a702f1) Info - Adding healthnet.com to DNS cache - TTL = 1724 10:08 15:32 SMTP-(b01501a702f1) [Att-Blk] Got Attachment Blocking Host Info for Rogersbenefit.com 10:08 15:32 SMTP-(b01501a702f1) Trying healthnet.com (0
Re: [Declude.JunkMail] SMTP_DELIV_FAILED
Kevin, I haven't followed this thread much, but it seems fairly obvious what the the problem is related to. When your server is connecting to the recipient's server, it fails to establish a connection with that server. This log line indicates the likely source of the problem: 10:08 20:18 SMTP-(f30001890106) [x] using source IP for Rogersbenefit.com [192.168.0.4] While you might be doing NAT on your network, it doesn't appear that this is the case here, and the failure is probably being caused by your server thinking that it needs to send E-mail for rogersbenefit.com from a private IP, and it is unable to make a connection since that IP isn't routable across the Internet, and you are either not NATing and IMail is misconfigured for this domain, or your NATing is not set up properly. You need to check the configuration for this domain and make sure that it is bound to a public IP or if a virtual domain, that the server's primary domain is bound to a public IP address...or if you are NATing, you need to check this configuration in your router. I suppose that IMail might be screwy, but you should start with those choices. Note that your first log sample shows that you were properly resolving the recipient's MX records, and at least in my test from a second ago, their primary MX server is answering just fine. Matt Kevin Rogers wrote: OK - I turned that off and restarted the SMTP and QManager services. I then tried to send an email to healthnet.com again (one of about 15 domains that I've noticed this problem with) and it still did not go through. (By the way, why is it displaying the AUTH three times like that?) My SMTP settings are: Default Mail Host: localhost Domain Name Server address: 207.47.4.2 207.47.2.178 (these are 2 provided by my connection provider - I am not attempting to use my local DNS yet) Enable TLS is checked (nothing else is on the main screen) Security Tab: No mail relay Allow remote mail to local groups Allow remote view of local groups Auto-deny possible hack attempts are all checked - nothing else Advanced Tab: Delivery App: d:\imail\Declude.exe Enable SMTP TO Listen On All IPs is checked. the rest is pretty standard. QManager settings: DNS Cache is now disabled. I have enabled Failed Domain Skipping (Max entries 500 - skip time 30) Log snippet 10:08 20:18 SMTPD(f30001890106) [192.168.0.4] connect 64.121.33.15 port 6609 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] EHLO [192.168.1.110] 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] AUTH 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] AUTH 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] AUTH 10:08 20:18 SMTPD(f30001890106) Authenticated [EMAIL PROTECTED], session treated as local. 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] MAIL FROM:[EMAIL PROTECTED] 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] RCPT TO:[EMAIL PROTECTED] 10:08 20:18 SMTPD(f30001890106) [x] looking up healthnet.com in HOSTS 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] DATA 10:08 20:18 SMTPD(f30001890106) [64.121.33.15] d:\imail\spool\Df30001890106.SMD 759 10:08 20:18 SMTP-(f30001890106) processing d:\imail\spool\qf30001890106.smd 10:08 20:18 SMTP-(f30001890106) [x] looking up healthnet.com in HOSTS and MX 10:08 20:18 SMTP-(f30001890106) [Att-Blk] Got Attachment Blocking Host Info for Rogersbenefit.com 10:08 20:18 SMTP-(f30001890106) Trying healthnet.com (0) 10:08 20:18 SMTP-(f30001890106) [x] Connecting socket to service SMTP on host healthnet.com using protocol tcp 10:08 20:18 SMTP-(f30001890106) [x] using source IP for Rogersbenefit.com [192.168.0.4] 10:08 20:18 SMTP-(f30001890106) Connect healthnet.com [204.107.47.187:25] (1) 10:08 20:18 SMTP-(f30001890106) 421 Service not available, closing transmission channel 10:08 20:18 SMTP-(f30001890106) SMTP_DELIV_FAILED 10:08 20:18 SMTP-(f30001890106) QUIT 10:08 20:18 SMTP-(f30001890106) 10:08 20:18 SMTP-(f30001890106) [u] closing socket (u) 10:08 20:18 SMTP-(f30001890106) requeuing d:\imail\spool\qf30001890106.smd R0 T1 10:08 20:18 SMTP-(f30001890106) finished d:\imail\spool\qf30001890106.smd status=3 Thanks for your help. John T (lists) wrote: Are you using DNS caching, turn that off. It is on the QueueManger service properties. John T -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Rogers Sent: Monday, October 08, 2007 4:37 PM To: declude.junkmail@declude.com Subject: Re: [Declude.JunkMail] SMTP_DELIV_FAILED I can ping yahoo.com. These errors are happening all the time. They are occuring only with specific recipient domains - not all domains. Incoming traffic appears normal even from these domains. Richard Lyon wrote: As a test, try ping something on the Internet when you see this delivery message. Like Yahoo.com. On Oct 8, 2007, at 6:52 PM
