Prev: Tracing down a spammer
Next: monitoring sevreal postfix serevrs.
From: /dev/rob0 on 26 Apr 2010 23:25
On Mon, Apr 26, 2010 at 04:17:48PM -0700, Eric Jain wrote:
> I'm able to use Postfix to send mail to e.g. GMail accounts:
>
> Apr 26 22:41:14 blog postfix/pickup[14939]: 49ACD8081A: uid=1000 from=<ejain>
> Apr 26 22:41:14 blog postfix/cleanup[14969]: 49ACD8081A:
> message-id=<20100426224114.49ACD8081A@...>
> Apr 26 22:41:14 blog postfix/qmgr[4627]: 49ACD8081A: from=<ejain@...>,
> size=352, nrcpt=1 (queue active)
> Apr 26 22:41:15 blog postfix/smtp[14972]: 49ACD8081A:
> to=<...@gmail.com>,
> relay=gmail-smtp-in.l.google.com[209.85.217.51]:25, delay=1.1,
> delays=0.02/0.01/0.31/0.71, dsn=2.0.0, status=sent (250 2.0.0 OK
> 1272321675 19si6283624gxk.13)
> Apr 26 22:41:15 blog postfix/qmgr[4627]: 49ACD8081A: removed
>
>
> But when I log in as a different user on the same machine, Google's
> mail server no longer accepts mail (the reverse DNS lookup test
> appears to fail):

I don't understand this. The snippet above is over two minutes PRIOR
to the snippet below. When/how did rDNS fail, and how did you confirm
this?

> Apr 26 22:38:58 blog postfix/pickup[14939]: E5ECD8081A: uid=33 from=<www-data>
> Apr 26 22:38:58 blog postfix/cleanup[14951]: E5ECD8081A:
> message-id=<20100426223858.E5ECD8081A@...>
> Apr 26 22:38:58 blog postfix/qmgr[4627]: E5ECD8081A:
> from=<www-data@...>, size=355, nrcpt=1 (queue active)
> Apr 26 22:39:30 blog postfix/smtp[14953]: E5ECD8081A:
> to=<...@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.67.27]:25,
> delay=31, delays=0.03/0.03/0.34/31, dsn=5.7.1, status=bounced (host
> gmail-smtp-in.l.google.com[74.125.67.27] said: 550-5.7.1 [...] The IP
> you're using to send mail is not authorized 550-5.7.1 to send email
> directly to our servers. Please use the SMTP relay at 550-5.7.1 your
> service provider instead. Learn more at 550
> 5.7.1 http://mail.google.com/support/bin/answer.py?answer=10336
> a22si14294522anp.42 (in reply to end of DATA command))

Did you read the link?

End of DATA is interesting. It suggests that the decision was made by
a content filter.

> Any idea what could be going on here?

It's quite possible that gmail is regarding a localpart of "www-data"
as a spam sign.

It is NOT possible for us to guess at what gmail is doing for spam
control. The only way to get an authoritative answer on that is to
ask them directly. The gmail postmasters are probably not reading
this list, and if they are, they're highly unlikely to reply.

Details which might have helped us make general deliverability
suggestions were munged out of the post, so only general comments can
be given.

Good FCrDNS is very important. Your IP address should resolve to
exactly one PTR record, and that value should resolve to your IP
address. Additionally that name should be your myhostname (or
smtp_helo_name if that is set.)

IP reputation is very important. If you got a sweet deal on hosting
from a provider which is infested with spammers, you might have
delivery issues. You might be a "human shield".

Look up your IP address on various DNSBLs, including but not limited
to: Spamhaus, SORBS, Spamcop, Spameatingmonkey, and Barracuda. My
guess is that you're listed in Spamhaus Zen/PBL, and for some reason
gmail is not using that for outright rejection at RCPT TO:.
--
Offlist mail to this address is discarded unless
"/dev/rob0" or "not-spam" is in Subject: header

 | 
Pages: 1
Prev: Tracing down a spammer
Next: monitoring sevreal postfix serevrs.