DSN: Service unavailable
in [Sendmail]
|
Prev: sendmail log question?
Next: makeconnection (gmail domain.com[1.2.3.4]) failed: Invalid argument
From: Lennart on 26 Jul 2008 15:10 Hi, I'm setting up my website at my debian server, and I can't get sendmail to send mails to some addresses (using a php script). It gives an error: DSN: Service unavailable. /var/log/mail after trying to send a mail from lennart(a)dlnet.nl to lennartackermans(a)gmail.com: Jul 26 20:34:02 lenserver sendmail[2742]: m6QIY2VV002742: Authentication-Warning: lenserver: www-data set sender to lennart(a)dlnet.nl using -f Jul 26 20:34:02 lenserver sendmail[2742]: m6QIY2VV002742: from=lennart(a)dlnet.nl, size=1020, class=0, nrcpts=1, msgid=<a5bb487f05efc66dfe0b851a06f94f24(a)dlnet.nl>, relay=www-data(a)localhost Jul 26 20:34:02 lenserver sm-mta[2743]: m6QIY2ED002743: from=<lennart(a)dlnet.nl>, size=1201, class=0, nrcpts=1, msgid=<a5bb487f05efc66dfe0b851a06f94f24(a)dlnet.nl>, proto=ESMTP, daemon=MTA, relay=www-data(a)localhost [127.0.0.1] Jul 26 20:34:03 lenserver sendmail[2742]: m6QIY2VV002742: to=Lennart <lennartackermans(a)gmail.com>, ctladdr=lennart(a)dlnet.nl (33/33), delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=31020, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (m6QIY2ED002743 Message accepted for delivery) Jul 26 20:34:06 lenserver sm-mta[2759]: m6QIY2ED002743: to=<lennartackermans(a)gmail.com>, ctladdr=<lennart(a)dlnet.nl> (1000/1000), delay=00:00:04, xdelay=00:00:03, mailer=esmtp, pri=121201, relay=gmail-smtp-in.l.google.com. [64.233.183.27], dsn=5.0.0, stat=Service unavailable Jul 26 20:34:06 lenserver sm-mta[2759]: m6QIY2ED002743: m6QIY6ED002759: DSN: Service unavailable Jul 26 20:34:06 lenserver sm-mta[2759]: m6QIY6ED002759: to=<lennart(a)dlnet.nl>, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=30000, dsn=2.0.0, stat=Sent I read on the internet that it might have something to do with /etc/hosts. I tried a lot but it didn't help so far. /etc/hosts: 127.0.0.1 localhost 127.0.1.1 dlnet.nl 192.168.1.49 dlnet.nl # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters ff02::3 ip6-allhosts I hope someone can help me. Thanks, Lennart --------------= Posted using GrabIt =---------------- ------= Binary Usenet downloading made easy =--------- -= Get GrabIt for free from http://www.shemes.com/ =-
From: hume.spamfilter on 27 Jul 2008 12:43 Lennart <lennartackermans(a)gmail.com> wrote: > Jul 26 20:34:06 lenserver sm-mta[2759]: m6QIY2ED002743: to=<lennartackermans(a)gmail.com>, ctladdr=<lennart(a)dlnet.nl> (1000/1000), delay=00:00:04, xdelay=00:00:03, mailer=esmtp, pri=121201, relay=gmail-smtp-in.l.google.com. [64.233.183.27], dsn=5.0.0, stat=Service unavailable This seems to indicate that GMail itself is rejecting your mail. GMail shouldn't care what's in your /etc/hosts. What happens if you try sending email to that address via some other mechanism? Preferably with the same content? I've seen antispam appliances reject mail they dislike with the retarded "Service unavailable". NAI's devices, for example, will do so if they spot "bad" characters in the MAIL FROM or RCPT TO. Is their anything in your mails that might cause them to be marked as spam? Are you leaving out certain headers, like Message-Id? It might be useful to have your script write out the mail it generates to a file so you can inspect it, and perhaps try sending it manually to see if it gets the same response. -- Brandon Hume - hume -> BOFH.Ca, http://WWW.BOFH.Ca/
From: Bill Cole on 27 Jul 2008 21:02 In article <488b76d3$0$26285$4c4139f9(a)reader.powernews.nl>, "Lennart" <lennartackermans(a)gmail.com> wrote: > Hi, > > I'm setting up my website at my debian server, and I can't get sendmail to > send mails to some addresses (using a php script). It gives an error: DSN: > Service unavailable. > > /var/log/mail after trying to send a mail from lennart(a)dlnet.nl to > lennartackermans(a)gmail.com: > > Jul 26 20:34:02 lenserver sendmail[2742]: m6QIY2VV002742: > Authentication-Warning: lenserver: www-data set sender to lennart(a)dlnet.nl > using -f > Jul 26 20:34:02 lenserver sendmail[2742]: m6QIY2VV002742: > from=lennart(a)dlnet.nl, size=1020, class=0, nrcpts=1, > msgid=<a5bb487f05efc66dfe0b851a06f94f24(a)dlnet.nl>, relay=www-data(a)localhost > Jul 26 20:34:02 lenserver sm-mta[2743]: m6QIY2ED002743: > from=<lennart(a)dlnet.nl>, size=1201, class=0, nrcpts=1, > msgid=<a5bb487f05efc66dfe0b851a06f94f24(a)dlnet.nl>, proto=ESMTP, daemon=MTA, > relay=www-data(a)localhost [127.0.0.1] > Jul 26 20:34:03 lenserver sendmail[2742]: m6QIY2VV002742: to=Lennart > <lennartackermans(a)gmail.com>, ctladdr=lennart(a)dlnet.nl (33/33), > delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=31020, relay=[127.0.0.1] > [127.0.0.1], dsn=2.0.0, stat=Sent (m6QIY2ED002743 Message accepted for > delivery) > Jul 26 20:34:06 lenserver sm-mta[2759]: m6QIY2ED002743: > to=<lennartackermans(a)gmail.com>, ctladdr=<lennart(a)dlnet.nl> (1000/1000), > delay=00:00:04, xdelay=00:00:03, mailer=esmtp, pri=121201, > relay=gmail-smtp-in.l.google.com. [64.233.183.27], dsn=5.0.0, stat=Service > unavailable > Jul 26 20:34:06 lenserver sm-mta[2759]: m6QIY2ED002743: m6QIY6ED002759: DSN: > Service unavailable > Jul 26 20:34:06 lenserver sm-mta[2759]: m6QIY6ED002759: > to=<lennart(a)dlnet.nl>, delay=00:00:00, xdelay=00:00:00, mailer=local, > pri=30000, dsn=2.0.0, stat=Sent > > I read on the internet that it might have something to do with /etc/hosts. That is not likely. The generic 'dsn=5.0.0' which sendmail logged indicates that the machine at gmail-smtp-in.l.google.com actively rejected the message without using any of the specific response codes that sendmail reports more helpfully in logs. Read the DSN message that was delivered to the local account <lennart(a)dlnet.nl> for more specific and definitive details. The text of that DSN message should include the literal response from Google's mail server, which should include a more specific formal response code and may include a helpful text part of the rejection response explaining it in words. I am just making an informed guess, but I think it is most likely that the reason for Google rejecting your mail is related to one or more of these: 1. The DNS SOA, NS, and A records for dlnet.nl have absurdly short TTL's 2. The A address for dlnet.nl resolves (currently) to an IP address that is allocated to UPC (aka Chello) 3. That IP address is listed in the Spamhaus PBL, a DNSBL of addresses whose owners probably do not want them used for autonomous mail transport. 4. That IP address has exactly one PTR record, which resolves to a name other than dlnet.nl. 5. That PTR name implies that UPC assigns that IP address dynamically and doesn't consider it worthwhile to change DNS for it when the assignment changes. This is typical for addresses in the pools of large providers of casual consumer-focused Internet access. This makes dlnet.nl look a little like a user of the "fast flux" DNS trick commonly used by phishers, and if the machine you are sending from is on that consumer-grade link from UPC then your sendmail machine looks very much more like a trojanned machine being used for sending phish spam than it does like a legitimate mail server. For many large systems like Google, >90% of all SMTP connections and unique SMTP peers offer them no mail other than undebatable spam. On the other hand, the overwhelming majority of legitimate mail comes from IP's and domains which are not listed on any reputable DNSBL or RHSBL, which have long-TTL DNS records that have some form of A/PTR symmetry, and which are not connected to the net in ways that make them resemble the average PC sitting in some teenager's bedroom. If you run a system in a way that makes it blend into the huge sea of botnet spam sources, you can expect to have it treated like a botnet spam source. -- Now where did I hide that website...
From: Lennart Ackermans on 28 Jul 2008 07:02 Bill Cole schreef: > I am just making an informed guess, but I think it is most likely that > the reason for Google rejecting your mail is related to one or more of > these: > > 1. The DNS SOA, NS, and A records for dlnet.nl have absurdly short TTL's > 2. The A address for dlnet.nl resolves (currently) to an IP address that > is allocated to UPC (aka Chello) > 3. That IP address is listed in the Spamhaus PBL, a DNSBL of addresses > whose owners probably do not want them used for autonomous mail > transport. > 4. That IP address has exactly one PTR record, which resolves to a name > other than dlnet.nl. > 5. That PTR name implies that UPC assigns that IP address dynamically > and doesn't consider it worthwhile to change DNS for it when the > assignment changes. This is typical for addresses in the pools of large > providers of casual consumer-focused Internet access. I'm a upc customer indeed. However, I'm going to move my server to another location with a faster internet connection next week. It will still have a dynamic ip though. Is it possible it'll work there? And what exactly is a PTR record? A reverse dns lookup doesn't show dlnet.nl, if that is what you mean. There's a little message of google delivered to local mail at my server: ----- Transcript of session follows ----- .... while talking to gmail-smtp-in.l.google.com.: >>> DATA <<< 550-5.7.1 [77.249.206.53] The IP you're using to send mail is not authorized <<< 550-5.7.1 to send email directly to our servers. Please use the SMTP <<< 550-5.7.1 relay at your service provider instead. Learn more at <<< 550 5.7.1 http://mail.google.com/support/bin/answer.py?answer=10336 d24si20574764nfh.39 554 5.0.0 Service unavailable The website says: In order to prevent spam, Gmail refuses mail when the sending IP address does not match the sending domain.
From: Bill Cole on 28 Jul 2008 11:19 In article <488da672$0$25871$4c4139f9(a)reader.powernews.nl>, Lennart Ackermans <lennartackermans(a)gmail.com> wrote: > Bill Cole schreef: > > I am just making an informed guess, but I think it is most likely that > > the reason for Google rejecting your mail is related to one or more of > > these: > > > > 1. The DNS SOA, NS, and A records for dlnet.nl have absurdly short TTL's > > 2. The A address for dlnet.nl resolves (currently) to an IP address that > > is allocated to UPC (aka Chello) > > 3. That IP address is listed in the Spamhaus PBL, a DNSBL of addresses > > whose owners probably do not want them used for autonomous mail > > transport. > > 4. That IP address has exactly one PTR record, which resolves to a name > > other than dlnet.nl. > > 5. That PTR name implies that UPC assigns that IP address dynamically > > and doesn't consider it worthwhile to change DNS for it when the > > assignment changes. This is typical for addresses in the pools of large > > providers of casual consumer-focused Internet access. > > I'm a upc customer indeed. However, I'm going to move my server to > another location with a faster internet connection next week. It will > still have a dynamic ip though. Is it possible it'll work there? It is possible, but I wouldn't expect what you are trying to work well. A dynamic IP that is identifiable as such is not fit for use with unauthenticated SMTP in the modern world. It looks like you are already using Google's inbound mail service, so you should also be able to use them as an outbound "smarthost" using authenticated submission instead of simple SMTP. > And what exactly is a PTR record? A reverse dns lookup doesn't show > dlnet.nl, if that is what you mean. PTR (for "pointer") if the DNS record type used to map IP addresses to names. That is what is commonly called 'reverse DNS' in modern times. It used to be an occasional point of confusion when using the phrase 'reverse DNS' between PTR's and true inverse queries (a bad idea from the early days of DNS.) > > There's a little message of google delivered to local mail at my server: > ----- Transcript of session follows ----- > ... while talking to gmail-smtp-in.l.google.com.: > >>> DATA > <<< 550-5.7.1 [77.249.206.53] The IP you're using to send mail is not > authorized > <<< 550-5.7.1 to send email directly to our servers. Please use the SMTP > <<< 550-5.7.1 relay at your service provider instead. Learn more at > <<< 550 5.7.1 http://mail.google.com/support/bin/answer.py?answer=10336 > d24si20574764nfh.39 > 554 5.0.0 Service unavailable > > The website says: In order to prevent spam, Gmail refuses mail when the > sending IP address does not match the sending domain. That's a bit vague, and I am pretty sure that whatever it means to say is not a strict rule on GMail's end, but it should not matter if you use their authenticated mail submission instead. -- Now where did I hide that website...
|
Next
|
Last
Pages: 1 2 Prev: sendmail log question? Next: makeconnection (gmail domain.com[1.2.3.4]) failed: Invalid argument |