Topic: Bounce Mail can't receive mail [Solved]

[kryptos]

Hi All,
Good Day!

Just want to ask this error I have recently encountered with our two sme mail servers.


============================================
This is the mail system at host mymail.com

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

                   The mail system

<admin@mydomain.com>: host smtp.mydomain.com[1x.9x.2xx.2xx] said: 550 v=spf1
    a -all (in reply to RCPT TO command)
====================


Coincidentally they identical problem encounted today. What's weird I have third SME Mail Server also that don't exhibit the same problem.

Both version is 8.0

Third Server is 8.1

I expect if I upgrade the two the problem will be solve. But i had to know exactly what is the problem with this.

Hope you could help me.

Thanks,
Rocel

 

[kryptos]

just an update im getting this error

check_badmailfrom plugin (mail): Bad badmailfrom config: No @ sign in authorstream.com
check_badmailfrom plugin (mail): Bad badmailfrom config: No @ sign in www.twitter.com


something to do with qpsmtd plugin.  Any ideas how to correct this?

Regards,
Rocel

[kryptos]

Already fixed the problem myself seems the SBLLIst I used no longer works. Just copied the SBLList from a working qpsmtpd config. Also I forgot that I still use 7.5.1 scheduled for update next time just not yet.

Thanks SME

[Zen]

Same problem here, smeserver 7.6.
Could you post the right SBLList you found?
Thanks

[scree74]

Hi I am a real novice with SME server could you advise me how to fix this problem in a little more detail it would be much appreciated.

Many thanks in advance
Scott

[Zen]

Hi, i'm not an expert but temporarily i solved in this way:
- login on the console and write:

Code: [Select]

config show qpsmtpd
the result could be something similar to:

Code: [Select]

qpsmtpd=service
    Bcc=enabled
    BccMode=bcc
    BccUser=maillog
    DNSBL=enabled
    LogLevel=6
    MaxScannerSize=30000000
    RBLList=combined.njabl.org:dnsbl.ahbl.org:list.dsbl.org:multihop.dsbl.org:zen.spamhaus.org
    RHSBL=disabled
    RequireResolvableFromHost=yes
    SBLList=bogusmx.rfc-ignorant.org:multi.surbl.org:black.uribl.com:bulk.rhs.mailpolice.com:fraud.rhs.mailpolice.com:porn.rhs.mailpolice.com:adult.rhs.mailpolice.com:ex.dnsbl.org
    TlsBeforeAuth=1
    access=public
    qplogsumm=disabled
    status=enabled

I think that in your configuration there is: RHSBL=enabled (this item enables/disables the SBLList).
I disabled it, because, seems to be wrong:

Code: [Select]

config setprop qpsmtpd RHSBL disabled
signal-event email-update

Now my server works again ^_^

[CharlieBrady]

Problem appears to be a fault with the rhs.mailpolice.com blacklists:

bash-4.1$ dig txt anything.com.fraud.rhs.mailpolice.com.

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> txt anything.com.fraud.rhs.mailpolice.com.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44079
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;anything.com.fraud.rhs.mailpolice.com. IN TXT

;; ANSWER SECTION:
anything.com.fraud.rhs.mailpolice.com. 300 IN TXT "v=spf1 a -all"

;; Query time: 58 msec
;; SERVER: 10.44.17.11#53(10.44.17.11)
;; WHEN: Wed May 21 11:50:31 2014
;; MSG SIZE  rcvd: 81

bash-4.1$

[CharlieBrady]

If you are seeing this problem, then it's very likely that your system hasn't been kept up to date.

http://bugs.contribs.org/show_bug.cgi?id=8235

...
Fixed in smeserver-qpsmtpd-2.2.0-20.el5.sme.noarch

%changelog
* Sun Feb 23 2014 Ian Wells <esmith@wellsi.com> 2.2.0-20.sme
- Update SBL and RBL Lists [SME: 8235]
...

[CharlieBrady]

Same problem here, smeserver 7.6.

SME server 7.x is no longer maintained. You shouldn't be using it.

[Zen]

SME server 7.x is no longer maintained. You shouldn't be using it.

i know I can not find the time to upgrade to 8

[Fumetto]

i know I can not find the time to upgrade to 8

...therefore you must die crazy

[CharlieBrady]

just an update im getting this error

check_badmailfrom plugin (mail): Bad badmailfrom config: No @ sign in authorstream.com
check_badmailfrom plugin (mail): Bad badmailfrom config: No @ sign in www.twitter.com

That's a completely unrelated issue. Please start a new thread for a new issue.

something to do with qpsmtd plugin.  Any ideas how to correct this?

Check:

/var/qmail/control/badmailfromto

There are entries there which aren't valid email addresses - they don't have an @ sign.

To reject all senders from a specified domain, use @domain.name. Find our why your templates are generating invalid format entries, and fix the problem. I suspect it might be a buggy contrib.

 

[janet]

Zen, kryptos et al

i know I can not find the time to upgrade to 8

Here is the sme8.0 release announcement on 25 May 2012, 2 years ago now !
http://forums.contribs.org/index.php/topic,48671.0.html
You have been running an insecure server all that time, many packages in sme 7.6 are buggy or have security issues.

All I can say is that one day (soon) you may get hacked, your data lost or corrupted, and you will have to spend much more time resolving those issues than it would take to do the upgrade now to sme 8.1 (& be secure).

[CharlieBrady]

Here is the sme8.0 release announcement on 25 May 2012, 2 years ago now !
http://forums.contribs.org/index.php/topic,48671.0.html

This is really the announcement you should be highlighting, from April 02, 2013 (not two years, but still, *more than one year* ago):

http://forums.contribs.org/index.php/topic,49749.0.html

[kryptos]

To those that had error like mine

I just do invoke this command.

config setprop qpsmtpd SBLList multi.surbl.org:black.uribl.com:rhsbl.sorbs.net
signal-event email-update
svc -t /service/qpsmtpd


@charlie yup you are right the second error I mentioned is unrelated to this issue that was my WBL panel entry.

[pcdoc]

Thanks for your entry kryptos. It will help a lot of others who ARE using 8.1 (constantly updated) but were using bulk.rhs.mailpolice.com as part of the SBLLIST.

For others who were not helping him find an answer, but just pointing out he should have upgraded a while ago, yes you are right, but why not help to resolve the issue FIRST, then chew him out for having an insecure server AFTER the fix. I am sure he, like myself would have been stressing if he was getting several hundred reject emails per hour and feeling bad because you have not updated your server when it should have been would just have been exacerbating the situation.

My mail server has been rejecting mail for over 12 hours waiting for me to have the time available to track down the issue. Thankfully, I don't use mailpolice on any of my clients SBLLIST or I would be getting a lot of angry calls.

This is the third time over the years the mail server has had issues because of RBL or SBL servers going off line. I need to find the time to look into what would be required to tell qpsmtpd to ignore a server if it fails. Any ideas Charlie? or others?

[CharlieBrady]

For others who were not helping him find an answer, but just pointing out he should have upgraded a while ago, yes you are right, but why not help to resolve the issue FIRST, then chew him out for having an insecure server AFTER the fix.

I don't see anyone pointing out that he should have upgraded, until *after* I tracked down the root cause of the rejections. By that time, kryptos had already isolated the problem to SBLList. Please keep your criticisms soundly based in reality.

[CharlieBrady]

Thanks for your entry kryptos. It will help a lot of others who ARE using 8.1 (constantly updated) but were using bulk.rhs.mailpolice.com as part of the SBLLIST.

There should be no servers which are constantly updates which were using  bulk.rhs.mailpolice.com as part of the SBLLIST. The recent updates strip bulk.rhs.mailpolice.com from the list if it is found.

This is the third time over the years the mail server has had issues because of RBL or SBL servers going off line. I need to find the time to look into what would be required to tell qpsmtpd to ignore a server if it fails. Any ideas Charlie? or others?

The problem here isn't that the SBL server went off-line. It's that it started returning bogus information, essentially adding all sender domains to the blacklist. I think the only protection against that is not use SBL servers.