Re: [Mailman-Users] emails from mailman rejected with error "reject=550 Relaying denied. IP name possibly forged"
Stephen J. Turnbull wrote: > It occurs to me that the DNS problem may be that your HELO > hostname (in the SMTP transaction) doesn't match the reverse > lookup for the IP observed in the TCP connection. That > should be easy to fix in the Sendmail configuration. That sounds like something similar to what happened to us when someone decided they'd reconfigure our mail server to send from a different ip address than we receive mail on. We got away with it for a long time, but as more recipients installed spam filters (this was a few years ago), we began to see more bounces when we sent mail. Fixed by setting up reverse lookup for the sending address. Peter Shute -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] emails from mailman rejected with error "reject=550 Relaying denied. IP name possibly forged"
Abdullah AL-Maskari writes: > I will look at the spam filter configurations and my DNS but I dont see > how any of those systems could be broken if the original mailman server > is working fine. It's not a question of whether something is broken; something is. The fact that your own logs record that your mailhost "may be forged" proves that. The questions are what it is, and whether this breakage is causing you problems.[1] If you have another Mailman host that works, you can check for differences in their configurations (including the list memberships!), as well as any aspects of the mailhost configuration that might treat them differently. But I still think it would be a good idea to configure your mailhost so that in the DNS it looks like a responsible citizen rather than a 'bot sending spam. It occurs to me that the DNS problem may be that your HELO hostname (in the SMTP transaction) doesn't match the reverse lookup for the IP observed in the TCP connection. That should be easy to fix in the Sendmail configuration. As for spam filters, it's probably not your spam filters that are rejecting your mail, it's filters on the recipient hosts. It's hard to tell from the log, though. Footnotes: [1] You'll have to figure those out for yourself because you've redacted all useful information about your network. That's entirely up to you, of course, and it's more secure. But if you insist on security, you're going to have to take our wild guesses seriously. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] emails from mailman rejected with error "reject=550 Relaying denied. IP name possibly forged"
Abdullah AL-Maskari wrote: > I should have probably mentioned that I have another instance > of mailman running on another server on the network and it is > not having any trouble sending mail through mailhost. The > sendmail files I am using for my mailman installation have > been copied from the other server as the whole idea is to > migrate from the currently working server to the one I built. > > I will look at the spam filter configurations and my DNS but > I dont see how any of those systems could be broken if the > original mailman server is working fine. Because different recipient servers respond differently to wrongly configured DNS, it might just be coincidence that the other list isn't having the same trouble. It might also be that it is having the same trouble, but with far less recipients. Peter Shute -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] emails from mailman rejected with error "reject=550 Relaying denied. IP name possibly forged"
Hi, thanks for your reply. I should have probably mentioned that I have another instance of mailman running on another server on the network and it is not having any trouble sending mail through mailhost. The sendmail files I am using for my mailman installation have been copied from the other server as the whole idea is to migrate from the currently working server to the one I built. I will look at the spam filter configurations and my DNS but I dont see how any of those systems could be broken if the original mailman server is working fine. Thanks Abdullah On 27/07/2014 00:54, Stephen J. Turnbull wrote: Abdullah Maskari writes: > Jul 24 09:09:16 mailhost sm-mta[3309]: s6O89FAL003309: > ruleset=check_rcpt, arg1=, > relay=mailhost.server.in-dmz.on.internal-domain.com [mailhost ip > address] (may be forged), reject=550 5.7.1 > ... Relaying denied. IP name > possibly forged [mailhost ip address] Looks to me like your DNS is quite broken (the references to IP addresses being forged). Many destination hosts will filter such mail. The enhanced status code is 5.7.1, an administrative reject. You've violated somebody's spam-filtering policy, and they're not accepting mail from you. You might want to check if your IP address(es) are on a blackhole list. However, I think the immediate priority is fixing your DNS so that your external mail server is the MX for your domain, which has a proper A and/or address (ie, the domain name advertised is not a CNAME), and has PTR record from the MX name to the server's IP. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
