Topic: bogux mx records error

[trey.hunsucker]

When certain people email us, they get this error: 550 domain has demonstrably bogus mx records.

We have bought the domain, and have dns setup for it. It's been running for years and a while back updated to sme7. We haven't had any problems until now.

There is a valid PTR record setup for reverse dns.

The server hasn't restarted in several months, I'm going to bounce it today to see if that helps. Any suggestions would be great!

If you want to know the domain name, you can possibly im me on here or ask for my email.

[CharlieBrady]

When certain people email us, they get this error: 550 domain has demonstrably bogus mx records.

The sender's domain is probably listed in rfc-ignorant.org's RBL, which you have configured on your server. They should fix their MX configuration (they probably have a CNAME mentioned in an MX) and you can remove that RBL if you wish to receive their email and a little more spam.

[trey.hunsucker]

I found the code to disable all rbl's, but not just that one. how do i do it?

[raem]

trey.hunsucker

http://wiki.contribs.org/SME_Server:Documentation:FAQ#Real-time_Blackhole_List_.28RBL.29

Re-enter the command to set RBL's, but leave out any you don't want.
eg
config setprop qpsmtpd RBLList zen.spamhaus.org:dnsbl.njabl.org
signal-event email-update

[mercyh]

I had the same problem and fixed it by removing the SBLList bolded below. (THIS IS ONLY FOR THE SPECIFIC 550 MESSAGE INDICATED IN THE FIRST POST)

Following is a quote from the excellent Sonora Communications howto located here:
http://www.sonoracomm.com/index.php?option=com_content&task=view&id=49&Itemid=32

config setprop qpsmtpd SBLList \
bogusmx.rfc-ignorant.org:multi.surbl.org:black.uribl.com\
:rhsbl.sorbs.net:bulk.rhs.mailpolice.com:fraud.rhs.mailpolice.com\
:porn.rhs.mailpolice.com:adult.rhs.mailpolice.com:ex.dnsbl.org\
:blackhole.securitysage.com

EDIT: the following is not needed per CharlieBrady's post below: If you are going to cut and paste this into the command line, you must remove the \ and the carriage returns to create one long line of text.

and don't forget> signal-event email-update
 

Royce Holdeman

[CharlieBrady]

If you are going to cut and paste this into the command line, you must remove the \ and the carriage returns to create one long line of text.

No, that is not true. Cut & paste including the \ and carriage returns is fine.

[trey.hunsucker]

Ok I removed that SBL List per mercyh's instructions.

I'll test again and let you know.

[mercyh]

Sonora recommends also doing the following command after signal-event email-update


svc -t /service/qpsmtpd


(I don't know if it is necessary or not)

[mercyh]

Trey,

Did removing the SBL list get your mail through? I see several other people in the forums have had this same message and would direct them here if your issue is resolved.

Removing the SBL may be like using a sledgehammer to drive a finish nail. I think if you installed dmay's contrib from here:
http://mirror.pacific.net.au/linux/smeserver/contribs/dmay/smeserver/7.x/testing/smeserver-wbl/smeserver-wbl-0.0.1-a8.dmay.noarch.rpm

you could whitelist that site on the front end before it hits the SBL lists.

[trey.hunsucker]

Ok disabling the sbl trick didnt' work.

I just issued the command recommended: svc -t /service/qpsmtpd and will try again

If it still doesn't work, I'll try that contrib to whitelist that site.

The person trying to email us now really makes me mad. He's sending from say user@domain1.com using mail.domain2.com. Domain1 is his website domain and domain2 is his isp. I understand that some ISP's block port 25 forcing you to relay through their server but if you have a business, get a business account or use imap!

[mercyh]

You might run the following command to make sure that list is really gone.

config show qpsmtpd

[trey.hunsucker]

Interesting, it's still there!

[root@mail ~]# config show qpsmtpd
qpsmtpd=service
    Bcc=disabled
    BccMode=cc
    BccUser=maillog
    DNSBL=enabled
    LogLevel=6
    MaxScannerSize=25000000
    RBLList=sbl-xbl.spamhaus.org
    RHSBL=enabled
    RequireResolvableFromHost=no
    SBLList=bogusmx.rfc-ignorant.org:multi.surbl.org:black.uribl.com:rhsbl.sorbs.net:bulk.rhs.mailpolice.com:fraud.rhs.mailpolice.com:porn.rhs.mailpolice.com:adult.rhs.mailpolice.com:ex.dnsbl.org:blackhole.securitysage.com
    access=public
    status=enabled

[mercyh]

Maybe I was unclear in my post.

The actual cut and past code to remove would be as follows:

config setprop qpsmtpd SBLList \
multi.surbl.org:black.uribl.com\
:rhsbl.sorbs.net:bulk.rhs.mailpolice.com:fraud.rhs.mailpolice.com\
:porn.rhs.mailpolice.com:adult.rhs.mailpolice.com:ex.dnsbl.org\
:blackhole.securitysage.com

don't forget>

signal-event email-update

and>

svc -t /service/qpsmtpd

then check with>

config show qpsmtpd

[trey.hunsucker]

Thank you! It's gone now. I'll test again.

[trey.hunsucker]

That fixed it, thank you!