Koozali.org: home of the SME Server

550 relay denied sending to one particular domain

Offline itguy2012

  • *
  • 23
  • +0/-0
550 relay denied sending to one particular domain
« on: April 16, 2015, 05:21:05 PM »
Hello,

I'm having problems with email going out to a particular domain of a client.
They recently (I believe at the weekend just gone) changed provider for their emails, and it seems since then that emails are no longer getting to them from us.
I'm not 100% sure at this point that change is the cause of the issue, could just be coincidence but am assuming so for now...

When sending an email to this domain from our exchange/sme server, the following rejection is received (edited to remove real info)

<person@domain.com>:
1.2.3.4 does not like recipient.
Remote host said: 550 Relaying is not permitted Giving up on 1.2.3.4

According to their provider there isn't any mail from our domain getting to their servers. (i.e. they don't think it's being rejected)
I have checked the dns/mx records and the ip address given in the rejection appears to be correct so our sme server does seem to know where to send it.

Mail to that domain is being received from other sources so the problem seems specifically between our server and theirs.

It's possible the mail is never actually leaving the server here but I'm not quite sure how to check that.

Any thoughts much appreciated!!!

Offline Stefano

  • *
  • 10,836
  • +2/-0
Re: 550 relay denied sending to one particular domain
« Reply #1 on: April 16, 2015, 06:47:17 PM »
if you need help, you must post here real info

Offline CharlieBrady

  • *
  • 6,918
  • +3/-0
Re: 550 relay denied sending to one particular domain
« Reply #2 on: April 16, 2015, 11:11:46 PM »
When sending an email to this domain from our exchange/sme server, the following rejection is received (edited to remove real info)

<person@domain.com>:
1.2.3.4 does not like recipient.
Remote host said: 550 Relaying is not permitted Giving up on 1.2.3.4

EIther your server shouldn't be trying to send it to 1.2.3.4 (probably a DNS problem), or the server at 1.2.3.4 hasn't been configured to receive email for domain.com.

Offline itguy2012

  • *
  • 23
  • +0/-0
Re: 550 relay denied sending to one particular domain
« Reply #3 on: April 17, 2015, 12:10:46 PM »
thanks for the replies.

I did a quick test last night changing the SMTP proxy status to disabled, so the Exchange server could send straight through.
This went fine and the test message was received, switching it back to enabled and the bounce back is received again.

I don't want to disable the proxy (seems like a good thing to have in place and has never caused problems with any other emails)

So...I guess I have a couple of questions.
1. What difference would the SME server stmp proxy make to not be able to deliver the email?
2. could it be the SME server has cached the address of the old destination and just not using the correct address?

It seems strange that everything works fine for our email and theirs (incoming and outgoing) just not us sending to them through the SME.

Offline Stefano

  • *
  • 10,836
  • +2/-0
Re: 550 relay denied sending to one particular domain
« Reply #4 on: April 17, 2015, 12:30:45 PM »
if something doesn't work out of the box it's likely a bug

please go to bugzilla and open a new one, giving all the infos.

please, when done, report here the reference, thank you

Offline itguy2012

  • *
  • 23
  • +0/-0
Re: 550 relay denied sending to one particular domain
« Reply #5 on: April 17, 2015, 12:45:05 PM »
ok thanks,

There are some updates to install on it, so will do that over the weekend to rule out anything there are reboot it too.

Offline mmccarn

  • *
  • 2,626
  • +10/-0
Re: 550 relay denied sending to one particular domain
« Reply #6 on: April 17, 2015, 01:26:02 PM »
...
So...I guess I have a couple of questions.
1. What difference would the SME server stmp proxy make to not be able to deliver the email?
2. could it be the SME server has cached the address of the old destination and just not using the correct address?
...

If the client's domain or one of the client's MX servers is defined in some way on your SME server you might get odd behavior.

Here are some commands to run on the SME server, and some info on what they might tell you:

db domains show |grep -i domain.com
- if the client's domain is defined and you have NOT also configured specific mail routing rules, the SME server will try to accept all email for the domain.
- If the client's domain is defined, it might also be configured to use a specific dns server -- you'll need to check that dns server for incorrect information.
- If the domain is defined, you could have an old/invalid setting configured for 'MailServer'

dig domain.com -t mx
#
# then, for each host listed as an mx server for domain.com, do some checking on your sme:
db domains show |grep -i <last part of mx hostname>
db hosts show |grep <hostname>

- If you have the client's primary mx hostname defined on your SME then your SME will use the locally defined address and not the publicized address.

db accounts show |grep pseudonym
- If you have a pseudonym defined for person@domain.com then the pseudonym will (probably) override any other settings on the SME.

Finally, you can find out from /var/log/qmail/current what your SME server is actually trying to do when it attempts to deliver email to domain.com

Offline CharlieBrady

  • *
  • 6,918
  • +3/-0
Re: 550 relay denied sending to one particular domain
« Reply #7 on: April 17, 2015, 05:32:53 PM »
Finally, you can find out from /var/log/qmail/current what your SME server is actually trying to do when it attempts to deliver email to domain.com

And we already know that, it's trying to SMTP forward it to a some server which itguy2012 identifies as "1.2.3.4".

If itguy2012 really wants us to help him, he would do well to show us the actual bounce message, not one which he has 'edited to remove real info'.

Offline itguy2012

  • *
  • 23
  • +0/-0
Re: 550 relay denied sending to one particular domain
« Reply #8 on: April 17, 2015, 06:21:38 PM »
The problem with putting the actual message is that it gives the domains and addresses of both company and client, which don't necessarily want to be publicly linked in that way.

Also you don't necessarily want to advertise to the world what gateway software you're running.

Offline CharlieBrady

  • *
  • 6,918
  • +3/-0
Re: 550 relay denied sending to one particular domain
« Reply #9 on: April 17, 2015, 10:12:29 PM »
We only want to know who you are trying to send a message to, and what IP address SME server thinks their mail server is at.

If you don't want to tell us, then you are on your own. We've done what we can.

Offline Stefano

  • *
  • 10,836
  • +2/-0
Re: 550 relay denied sending to one particular domain
« Reply #10 on: April 17, 2015, 11:17:58 PM »
The problem with putting the actual message is that it gives the domains and addresses of both company and client, which don't necessarily want to be publicly linked in that way.

Also you don't necessarily want to advertise to the world what gateway software you're running.

please, don't get me wrong but.. are you serious?

I mean.. we're talking about a public server.. it's already public.. so, I can't se the problem..

in any case, as Charlie pointed out, if you need help you have to give us all the info.. if you don't want/can, you're on your own..

Offline itguy2012

  • *
  • 23
  • +0/-0
Re: 550 relay denied sending to one particular domain
« Reply #11 on: April 20, 2015, 10:26:22 AM »
Actually I was serious. I appreciate DNS and MX records are public, but the bounce message contains email addresses which for reasons stated above I didn't want to post.

Not to worry I'll see if I can resolve myself for the time being.