Previous 1 2 Next 16 Replies Latest reply: Nov 29, 2012 3:23 AM by James Rothschild
James Rothschild Level 1 Level 1 (55 points)

Mail works fine on our OSX Server 10.7.5 and the DNS for the domian name is OK, has been for a year :-) work great.

 

We have a new website designed for us, and the web site hosting server for the website is sending email as noreply@ourdomain.com, to: info@ourdomain.com and the enquirers email@address.

 

We have an SPF TXT record setup to allow the web hosting server, it's smtp domain, and it's IP to send mail as @ourdomain.com.

That SPF TXT record and syntax checks out fine using various tools, and our domain name host says AOK too on their ZONE file.

 

Problem is emails sent from the web hosting server never arrive at info@ourdomain.com.

Everyone else gets the emails, but not our mail server :-(

 

Help ! (in plain English please)

 

Thank you,


Mac mini, Mac OS X (10.7.4), Server
  • pterobyte Level 6 Level 6 (10,910 points)

    While it is possible, I doubt the SPF record is the culprit. Usually spam filters don't give much weight to that (unless you specifically configured yours to do so).

     

    That said, check the log on the sending server (where your web site resides) and mail.log on your server. Since "email@address" receives the mail, chances are your server is blocking the e-mail. /var/log/mail.log on your server will tell you why.

     

    There can be several reasons why, but quite often mails generated on a webserver are malformed because of poor scripting.

     

    HTH,

    Alex

  • James Rothschild Level 1 Level 1 (55 points)

    Thank you Alex,

     

    I have errors like:

     

    Nov 23 16:48:35 ourdomain postfix/smtpd[60089]: NOQUEUE: reject: RCPT from mail-wg0-f50.google.com[74.125.82.50]: 450 4.7.1 <info@ourdomain.com>: Recipient address rejected: Service is unavailable; from=<paul@theirdomain.co.uk> to=<info@ourdomain.com> proto=ESMTP helo=<mail-wg0-f50.google.com>

     

    Nov 23 18:13:56 ourdomain /usr/libexec/postfix/greylist.pl[62413]: Temporary message rejection to: <ian@ourdomain.com> from: <website+ian=ourdomain.com@bounce.baplc.com> sent from: [207.126.144.137] for: 60 seconds due to greylisting

     

    I ended up here google'ing for an answer to 'osx server  "Recipient address rejected: Service is unavailable;"

    http://osx.topicdesk.com/content/view/144/45/

    Would that Tutorial apply in this case to our 10.7.5 OSX Server?

     

    Message was edited by: James Rothschild

  • pterobyte Level 6 Level 6 (10,910 points)

    Yes, that should work. Although, the sending server should normally retry. If it doesn't, then yes, you will have to disable greylisting or whitelist the sender. If the sending mail server is part of a large ISP, do NOT whitelist it by IP as you will open the floodgates for spam.

  • James Rothschild Level 1 Level 1 (55 points)

    And finally Alex, the Newbie question...

     

    Is there a nice App that lets us edit these AntiSpam settings, specifically to add, remove, white, grey ... by IP or Domain, or are we stuck in the world of Terminal :-(

     

    Maybe there is a file somwhere in the OS X System I acn edit by hand with an editor like TextWrangler ?

     

    Thank you :-)

  • James Rothschild Level 1 Level 1 (55 points)

    Update:

     

    I have done the suggestion at: http://osx.topicdesk.com/content/view/144/45/

     

    No change, emails do not come through and we still get:

     

    Nov 24 22:47:43 ourdomain postfix/smtp[94204]: DA91B2EBA01: to=<info@mail.ourdomain.com>, orig_to=<info@ourdomain.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.9, delays=0.36/0.02/0.01/1.5, dsn=2.0.0, status=sent (250 2.0.0 from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 6DBF52EBA18)

     

    Nov 24 22:47:43 ourdomain postfix/pipe[94208]: 6DBF52EBA18: to=<info@mail.ourdomain.com>, relay=dovecot, delay=0.05, delays=0.01/0.01/0/0.03, dsn=2.0.0, status=sent (delivered via dovecot service)

     

    Nov 24 22:47:47 ourdomain /usr/libexec/postfix/greylist.pl[94227]: Temporary message rejection to: <info@ourdomain.com> from: <paul@theirdomain.co.uk> sent from: [209.85.212.170] for: 60 seconds due to greylisting

     

    Nov 24 22:47:47 ourdomain postfix/smtpd[94224]: NOQUEUE: reject: RCPT from mail-wi0-f170.google.com[209.85.212.170]: 450 4.7.1 <info@ourdomain.com>: Recipient address rejected: Service is unavailable; from=<paul@theirdomain.co.uk> to=<info@ourdomain.com> proto=ESMTP helo=<mail-wi0-f170.google.com>

     

    I have also added (from some www research at: http://wiki.apache.org/spamassassin/ManualWhitelist )

     

    # whitelist everyone at theirdomain.co.uk:

    whitelist_from  *@theridomain.co.uk

     

    But, no change.

     

    Message was edited by: James Rothschild

  • pterobyte Level 6 Level 6 (10,910 points)

    Doesn't look like you disabled greylisting. Could you please post the output of:

    sudo postconf -n

  • James Rothschild Level 1 Level 1 (55 points)

    Thank you Alex ...

     

    Last login: Sun Nov 25 17:50:45 on ttys000

    jrpserver:~ cloudserver$ sudo postconf -n

    Password:

    biff = no

    command_directory = /usr/sbin

    config_directory = /etc/postfix

    content_filter = smtp-amavis:[127.0.0.1]:10024

    daemon_directory = /usr/libexec/postfix

    data_directory = /Library/Server/Mail/Data/mta

    debug_peer_level = 2

    enable_server_options = yes

    header_checks =

    html_directory = /usr/share/doc/postfix/html

    imap_submit_cred_file = /private/etc/postfix/submit.cred

    inet_interfaces = all

    inet_protocols = all

    mail_owner = _postfix

    mailbox_size_limit = 0

    mailbox_transport = dovecot

    mailq_path = /usr/bin/mailq

    manpage_directory = /usr/share/man

    maps_rbl_domains =

    message_size_limit = 10485760

    mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

    mydomain = jrpserver.co.uk

    mydomain_fallback = localhost

    myhostname = mail.jrpserver.co.uk

    mynetworks = 127.0.0.0/8

    newaliases_path = /usr/bin/newaliases

    postscreen_dnsbl_sites =

    queue_directory = /Library/Server/Mail/Data/spool

    readme_directory = /usr/share/doc/postfix

    recipient_canonical_maps = hash:/etc/postfix/system_user_maps

    recipient_delimiter = +

    relayhost =

    sample_directory = /usr/share/doc/postfix/examples

    sendmail_path = /usr/sbin/sendmail

    setgid_group = _postdrop

    smtp_sasl_auth_enable = no

    smtp_sasl_password_maps =

    smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated permit

    smtpd_enforce_tls = no

    smtpd_helo_required = no

    smtpd_helo_restrictions =

    smtpd_pw_server_security_options = cram-md5,login,plain

    smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks  reject_unauth_destination permit

    smtpd_sasl_auth_enable = yes

    smtpd_tls_CAfile = /etc/certificates/server.jrpserver.co.uk.4B02208AB2A54447F85C4A07BCC48BD823ACA0 F6.chain.pem

    smtpd_tls_cert_file = /etc/certificates/server.jrpserver.co.uk.4B02208AB2A54447F85C4A07BCC48BD823ACA0 F6.cert.pem

    smtpd_tls_ciphers = medium

    smtpd_tls_exclude_ciphers = SSLv2, aNULL, ADH, eNULL

    smtpd_tls_key_file = /etc/certificates/server.jrpserver.co.uk.4B02208AB2A54447F85C4A07BCC48BD823ACA0 F6.key.pem

    smtpd_tls_loglevel = 0

    smtpd_use_pw_server = yes

    smtpd_use_tls = yes

    tls_random_source = dev:/dev/urandom

    unknown_local_recipient_reject_code = 550

    use_sacl_cache = yes

    virtual_alias_domains = $virtual_alias_maps hash:/etc/postfix/virtual_domains

    virtual_alias_maps = $virtual_maps hash:/etc/postfix/virtual_users

    jrpserver:~ cloudserver$

  • pterobyte Level 6 Level 6 (10,910 points)

    Are you sure the log entries are not from an earlier attempt?

    Please try and send a message again and follow it through the logs.

  • James Rothschild Level 1 Level 1 (55 points)

    jrpserver:~ cloudserver$ sudo postconf -n

    biff = no

    command_directory = /usr/sbin

    config_directory = /etc/postfix

    content_filter = smtp-amavis:[127.0.0.1]:10024

    daemon_directory = /usr/libexec/postfix

    data_directory = /Library/Server/Mail/Data/mta

    debug_peer_level = 2

    enable_server_options = yes

    header_checks =

    html_directory = /usr/share/doc/postfix/html

    imap_submit_cred_file = /private/etc/postfix/submit.cred

    inet_interfaces = all

    inet_protocols = all

    mail_owner = _postfix

    mailbox_size_limit = 0

    mailbox_transport = dovecot

    mailq_path = /usr/bin/mailq

    manpage_directory = /usr/share/man

    maps_rbl_domains =

    message_size_limit = 10485760

    mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

    mydomain = jrpserver.co.uk

    mydomain_fallback = localhost

    myhostname = mail.jrpserver.co.uk

    mynetworks = 127.0.0.0/8,46.236.8.2,server1.el-roboto-host.com,capitan-cms.com

    newaliases_path = /usr/bin/newaliases

    postscreen_dnsbl_sites =

    queue_directory = /Library/Server/Mail/Data/spool

    readme_directory = /usr/share/doc/postfix

    recipient_canonical_maps = hash:/etc/postfix/system_user_maps

    recipient_delimiter = +

    relayhost =

    sample_directory = /usr/share/doc/postfix/examples

    sendmail_path = /usr/sbin/sendmail

    setgid_group = _postdrop

    smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated permit

    smtpd_enforce_tls = no

    smtpd_helo_required = no

    smtpd_helo_restrictions = reject_non_fqdn_helo_hostname

    smtpd_pw_server_security_options = cram-md5,login,plain

    smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks  reject_unauth_destination permit

    smtpd_sasl_auth_enable = yes

    smtpd_tls_CAfile = /etc/certificates/server.jrpserver.co.uk.933554825BB90F2C584E4AFA680BA9BE629578 77.chain.pem

    smtpd_tls_cert_file = /etc/certificates/server.jrpserver.co.uk.933554825BB90F2C584E4AFA680BA9BE629578 77.cert.pem

    smtpd_tls_ciphers = medium

    smtpd_tls_exclude_ciphers = SSLv2, aNULL, ADH, eNULL

    smtpd_tls_key_file = /etc/certificates/server.jrpserver.co.uk.933554825BB90F2C584E4AFA680BA9BE629578 77.key.pem

    smtpd_tls_loglevel = 0

    smtpd_use_pw_server = yes

    smtpd_use_tls = yes

    tls_random_source = dev:/dev/urandom

    unknown_local_recipient_reject_code = 550

    use_sacl_cache = yes

    virtual_alias_domains = $virtual_alias_maps hash:/etc/postfix/virtual_domains

    virtual_alias_maps = $virtual_maps hash:/etc/postfix/virtual_users

    jrpserver:~ cloudserver$

  • James Rothschild Level 1 Level 1 (55 points)

    Hmmm,

     

    I cannot see anything in the logs from this SPF email source at all now :-(

    I can see the usual traffic for email.

     

    cc'd emails are coming through OK to other domains, just not to our domain.

     

    #very-confsed now.

  • pterobyte Level 6 Level 6 (10,910 points)

    Take a step back.

     

    Send yourself an e-mail from the external server to your server. Follow it through the logs. If nothing at all shows in your log for this sender, then it is not leaving the sending server.

  • James Rothschild Level 1 Level 1 (55 points)

    Thanks Alex.

     

    The external server sends an email from the web page Form.

     

    This email, arrives at every domains email addresses ... except for our Mac OS X 10.7 Mail Server hosted domain and related emails.

     

    Emails sent from anywhere else to our Mac OS X 10.7 Mail Server hosted domain and related emails, arrive OK.

     

    So it's only from this one domain server that emails do not arrive to our our Mac OS X 10.7 Mail Server.

     

    If the external domain server sends emails to other dmoains, they arrive OK

     

    Madness !

  • pterobyte Level 6 Level 6 (10,910 points)

    If it doesn't reach your mail server then the sending server's logs will know why.

  • James Rothschild Level 1 Level 1 (55 points)

    Here is the actual email header FYI,

    I had been expressing it before as my jrpserver.co.uk for my clients security but I think you need to see the headers fully now, sorry.

    I will have to delete this information/thread later.

     

     

    Return-path: <pantheonmacro@capitan-cms.com>

    Envelope-to: info@jrpmedia.co.uk

    Delivery-date: Wed, 28 Nov 2012 14:21:27 +0000

    Received: from server1.el-roboto-host.com ([46.236.8.2]:39630)

              by server.jrphosting.co.uk with esmtps (TLSv1:DHE-RSA-AES256-SHA:256)

              (Exim 4.80)

              (envelope-from <pantheonmacro@capitan-cms.com>)

              id 1TdiVz-0002Xa-EU

              for info@jrpmedia.co.uk; Wed, 28 Nov 2012 14:21:27 +0000

    Received: from [127.0.0.1] (port=33251 helo=www.pantheonmacro.com)

              by server1.el-roboto-host.com with esmtpsa (TLSv1:AES256-SHA:256)

              (Exim 4.77)

              (envelope-from <pantheonmacro@capitan-cms.com>)

              id 1TdiW1-0007fY-0O

              for info@jrpmedia.co.uk; Wed, 28 Nov 2012 14:21:29 +0000

    Sender: pantheonmacro@capitan-cms.com

    Message-ID: <1354112489.50b61de900eda@www.pantheonmacro.com>

    Date: Wed, 28 Nov 2012 14:21:29 +0000

    Subject: New Online Enquiry

    From: Pantheon Macroeconomic Advisors <noreply@pantheonmacro.com>

    To: info@jrpmedia.co.uk

    MIME-Version: 1.0

    Content-Type: multipart/alternative;

    boundary="_=_swift_v4_135411248950b61de902268_=_"

    X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

    X-AntiAbuse: Primary Hostname - server1.el-roboto-host.com

    X-AntiAbuse: Original Domain - jrpmedia.co.uk

    X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

    X-AntiAbuse: Sender Address Domain - capitan-cms.com

    X-Source:

    X-Source-Args:

    X-Source-Dir:

Previous 1 2 Next