English
Chinese (Simplified)
French
German
Italian
Japanese
Russian
Spanish
Vietnamese
Send emails by port 587
-
Hello everyone.
I tell you my topic. I'm getting bounces from servers telling me that they don't receive mail on port 25, which is the SMTP I currently use on my MDaemon. I registered a certificate and enabled the SSL and STATLTLS options within MDaemon's security settings.
In the port configuration in the outbound SMTP I have port 25, if I put 587 there I can send to the servers that bounced me but not to the others (eg: GMAIL) so I put 25 again and again I can't reach the domains that bounced me at first.If I put port 27 in the SMTP, when sending emails to GMAIL, for example, the following happens: (I attach the SMPT log out)
Mon 2023-09-04 10:48:04.383: [23833808] REMOTE message: pd3501001229761.msg
Mon 2023-09-04 10:48:04.383: [23833808] * Session 23833808; child 0001
Mon 2023-09-04 10:48:04.384: [23833808] * From: soporte@lazar.com.ar
Mon 2023-09-04 10:48:04.384: [23833808] * To: schjonatan2@gmail.com
Mon 2023-09-04 10:48:04.384: [23833808] * Subject: Prueba 2 10.48
Mon 2023-09-04 10:48:04.384: [23833808] * Message-ID: <000d01d9df36$7bc36010$734a2030$@lazar.com.ar>
Mon 2023-09-04 10:48:04.384: [23833808] * Size: 4656; <c:\mdaemon\queues\remote\pd3501001229761.msg>
Mon 2023-09-04 10:48:04.385: [23833808] MTA-STS policy for gmail.com found in cache
Mon 2023-09-04 10:48:04.386: [23833808] * version: STSv1
Mon 2023-09-04 10:48:04.386: [23833808] * mode: enforce
Mon 2023-09-04 10:48:04.386: [23833808] * mx: gmail-smtp-in.l.google.com
Mon 2023-09-04 10:48:04.386: [23833808] * mx: *.gmail-smtp-in.l.google.com
Mon 2023-09-04 10:48:04.386: [23833808] * max_age: 86400
Mon 2023-09-04 10:48:04.408: [23833808] Resolving MX record for gmail.com (DNS Server: 200.32.10.115)...
Mon 2023-09-04 10:48:04.420: [23833808] * P=005 S=003 D=gmail.com TTL=(45) MX=[gmail-smtp-in.l.google.com]
Mon 2023-09-04 10:48:04.420: [23833808] * P=010 S=001 D=gmail.com TTL=(45) MX=[alt1.gmail-smtp-in.l.google.com]
Mon 2023-09-04 10:48:04.420: [23833808] * P=020 S=004 D=gmail.com TTL=(45) MX=[alt2.gmail-smtp-in.l.google.com]
Mon 2023-09-04 10:48:04.420: [23833808] * P=030 S=000 D=gmail.com TTL=(45) MX=[alt3.gmail-smtp-in.l.google.com]
Mon 2023-09-04 10:48:04.420: [23833808] * P=040 S=002 D=gmail.com TTL=(45) MX=[alt4.gmail-smtp-in.l.google.com]
Mon 2023-09-04 10:48:04.420: [23833808] Attempting SMTP connection to gmail-smtp-in.l.google.com
Mon 2023-09-04 10:48:04.422: [23833808] Resolving A record for gmail-smtp-in.l.google.com (DNS Server: 200.32.10.115)...
Mon 2023-09-04 10:48:04.428: [23833808] * D=gmail-smtp-in.l.google.com TTL=(3) A=[64.233.186.27]
Mon 2023-09-04 10:48:04.428: [23833808] Attempting SMTP connection to 64.233.186.27:587
Mon 2023-09-04 10:48:04.428: [23833808] * 64.233.186.27 in connection failure cache for up to 5 minutes due to previous connection failure(s)
Mon 2023-09-04 10:48:04.429: [23833808] Attempting SMTP connection to alt1.gmail-smtp-in.l.google.com
Mon 2023-09-04 10:48:04.430: [23833808] Resolving A record for alt1.gmail-smtp-in.l.google.com (DNS Server: 200.32.10.115)...
Mon 2023-09-04 10:48:04.437: [23833808] * D=alt1.gmail-smtp-in.l.google.com TTL=(3) A=[64.233.184.26]
Mon 2023-09-04 10:48:04.437: [23833808] Attempting SMTP connection to 64.233.184.26:587
Mon 2023-09-04 10:48:04.437: [23833808] * 64.233.184.26 in connection failure cache for up to 5 minutes due to previous connection failure(s)
Mon 2023-09-04 10:48:04.438: [23833808] Attempting SMTP connection to alt2.gmail-smtp-in.l.google.com
Mon 2023-09-04 10:48:04.439: [23833808] Resolving A record for alt2.gmail-smtp-in.l.google.com (DNS Server: 200.32.10.115)...
Mon 2023-09-04 10:48:04.445: [23833808] * D=alt2.gmail-smtp-in.l.google.com TTL=(3) A=[142.250.27.27]
Mon 2023-09-04 10:48:04.445: [23833808] Attempting SMTP connection to 142.250.27.27:587
Mon 2023-09-04 10:48:04.446: [23833808] Waiting for socket connection...
Mon 2023-09-04 10:48:25.446: [23833808] * Socket error 10060 - The connection timed out.
Mon 2023-09-04 10:48:25.446: [23833808] * 142.250.27.27 added to connection failure cache for 5 minutes
Mon 2023-09-04 10:48:25.446: [23833808] Attempting SMTP connection to alt3.gmail-smtp-in.l.google.com
Mon 2023-09-04 10:48:25.446: [23833808] Resolving A record for alt3.gmail-smtp-in.l.google.com (DNS Server: 200.32.10.115)...
Mon 2023-09-04 10:48:25.451: [23833808] * D=alt3.gmail-smtp-in.l.google.com TTL=(0) A=[142.250.153.26]
Mon 2023-09-04 10:48:25.451: [23833808] Attempting SMTP connection to 142.250.153.26:587
Mon 2023-09-04 10:48:25.451: [23833808] * 142.250.153.26 in connection failure cache for up to 5 minutes due to previous connection failure(s)
Mon 2023-09-04 10:48:25.451: [23833808] Attempting SMTP connection to alt4.gmail-smtp-in.l.google.com
Mon 2023-09-04 10:48:25.453: [23833808] Resolving A record for alt4.gmail-smtp-in.l.google.com (DNS Server: 200.32.10.115)...
Mon 2023-09-04 10:48:25.457: [23833808] * D=alt4.gmail-smtp-in.l.google.com TTL=(3) A=[142.251.9.26]
Mon 2023-09-04 10:48:25.457: [23833808] Attempting SMTP connection to 142.251.9.26:587
Mon 2023-09-04 10:48:25.459: [23833808] Waiting for socket connection...
Mon 2023-09-04 10:48:46.462: [23833808] * Socket error 10060 - The connection timed out.
Mon 2023-09-04 10:48:46.462: [23833808] * 142.251.9.26 added to connection failure cache for 5 minutes
Mon 2023-09-04 10:48:46.463: [23833808] * This message is 2 minutes old; it has 28 minutes left in this queue
Mon 2023-09-04 10:48:46.463: [23833808] SMTP session terminated (Bytes in/out: 0/0)I attach a log placing the outbound SMTP at 587 and you can see how the mail arrives at the domain where 25 is blocked
SMTP=587
Wed 2023-09-06 23:09:24.501: [23913287] REMOTE message: pd3501001231761.msg
Wed 2023-09-06 23:09:24.501: [23913287] * Session 23913287; child 0001
Wed 2023-09-06 23:09:24.502: [23913287] * From: soporte@lazar.com.ar
Wed 2023-09-06 23:09:24.502: [23913287] * To: ventas1@instrulab.com.ar
Wed 2023-09-06 23:09:24.502: [23913287] * Subject: Prueba de Correo Lab. Dr. Lazar
Wed 2023-09-06 23:09:24.502: [23913287] * Message-ID: <019e01d9e130$9b7e5d50$d27b17f0$@lazar.com.ar>
Wed 2023-09-06 23:09:24.502: [23913287] * Size: 7527; <c:\mdaemon\queues\remote\pd3501001231761.msg>
Wed 2023-09-06 23:09:24.524: [23913287] Resolving MX record for instrulab.com.ar (DNS Server: 200.32.10.115)...
Wed 2023-09-06 23:09:24.542: [23913287] * P=000 S=000 D=instrulab.com.ar TTL=(141) MX=[instrulab.com.ar]
Wed 2023-09-06 23:09:24.542: [23913287] * P=020 S=001 D=instrulab.com.ar TTL=(141) MX=[mx1.instrulab.com.ar]
Wed 2023-09-06 23:09:24.542: [23913287] Attempting SMTP connection to instrulab.com.ar
Wed 2023-09-06 23:09:24.544: [23913287] Resolving A record for instrulab.com.ar (DNS Server: 200.32.10.115)...
Wed 2023-09-06 23:09:24.548: [23913287] * D=instrulab.com.ar TTL=(141) A=[200.58.110.143]
Wed 2023-09-06 23:09:24.548: [23913287] Attempting SMTP connection to 200.58.110.143:587
Wed 2023-09-06 23:09:24.551: [23913287] Waiting for socket connection...
Wed 2023-09-06 23:09:24.558: [23913287] * Connection established 192.168.1.20:62397 --> 200.58.110.143:587
Wed 2023-09-06 23:09:24.558: [23913287] Waiting for protocol to start...
Wed 2023-09-06 23:09:24.837: [23913287] <-- 220-c184.dattaweb.com ESMTP Exim 4.93 #5 Wed, 06 Sep 2023 23:11:48 -0300
Wed 2023-09-06 23:09:24.837: [23913287] <-- 220- We do not authorize the use of this system to transport unsolicited,
Wed 2023-09-06 23:09:24.837: [23913287] <-- 220 and/or bulk e-mail.
Wed 2023-09-06 23:09:24.839: [23913287] --> EHLO mail.lazar.com.ar
Wed 2023-09-06 23:09:24.845: [23913287] <-- 250-c184.dattaweb.com Hello mail.lazar.com.ar [200.73.158.98]
Wed 2023-09-06 23:09:24.845: [23913287] <-- 250-SIZE 73400320
Wed 2023-09-06 23:09:24.845: [23913287] <-- 250-8BITMIME
Wed 2023-09-06 23:09:24.845: [23913287] <-- 250-PIPELINING
Wed 2023-09-06 23:09:24.845: [23913287] <-- 250-AUTH LOGIN
Wed 2023-09-06 23:09:24.845: [23913287] <-- 250-CHUNKING
Wed 2023-09-06 23:09:24.845: [23913287] <-- 250-STARTTLS
Wed 2023-09-06 23:09:24.845: [23913287] <-- 250 HELP
Wed 2023-09-06 23:09:24.846: [23913287] --> STARTTLS
Wed 2023-09-06 23:09:24.853: [23913287] <-- 220 TLS go ahead
Wed 2023-09-06 23:09:24.937: [23913287] SSL negotiation successful (TLS 1.2, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P521)
Wed 2023-09-06 23:09:24.958: [23913287] SSL certificate is not valid (does not match instrulab.com.ar)
Wed 2023-09-06 23:09:24.958: [23913287] --> EHLO mail.lazar.com.ar
Wed 2023-09-06 23:09:24.964: [23913287] <-- 250-c184.dattaweb.com Hello mail.lazar.com.ar [200.73.158.98]
Wed 2023-09-06 23:09:24.965: [23913287] <-- 250-SIZE 73400320
Wed 2023-09-06 23:09:24.965: [23913287] <-- 250-8BITMIME
Wed 2023-09-06 23:09:24.965: [23913287] <-- 250-PIPELINING
Wed 2023-09-06 23:09:24.965: [23913287] <-- 250-AUTH LOGIN
Wed 2023-09-06 23:09:24.965: [23913287] <-- 250-CHUNKING
Wed 2023-09-06 23:09:24.965: [23913287] <-- 250 HELP
Wed 2023-09-06 23:09:24.965: [23913287] --> MAIL From:<soporte@lazar.com.ar> SIZE=7527
Wed 2023-09-06 23:09:24.965: [23913287] --> RCPT To:<ventas1@instrulab.com.ar>
Wed 2023-09-06 23:09:24.965: [23913287] --> DATA
Wed 2023-09-06 23:09:24.972: [23913287] <-- 250 OK
Wed 2023-09-06 23:09:24.998: [23913287] <-- 250 Accepted
Wed 2023-09-06 23:09:24.998: [23913287] <-- 354 Enter message, ending with "." on a line by itself
Wed 2023-09-06 23:09:24.998: [23913287] Sending <c:\mdaemon\queues\remote\pd3501001231761.msg> to [200.58.110.143]
Wed 2023-09-06 23:09:24.999: [23913287] Transfer Complete
Wed 2023-09-06 23:09:27.631: [23913287] <-- 250 OK id=1qe4Um-0006ZZ-Bc
Wed 2023-09-06 23:09:27.632: [23913287] --> QUIT
Wed 2023-09-06 23:09:27.647: [23913287] <-- 221 c184.dattaweb.com closing connection
Wed 2023-09-06 23:09:27.647: [23913287] SMTP session successful (Bytes in/out: 4978/8487)
Wed 2023-09-06 23:09:27.647: ----------SMTP=25
[23913656] REMOTE message: pd3501001231766.msg
[23913656] * Session 23913656; child 0001
[23913656] * From: soporte@lazar.com.ar
[23913656] * To: ventas1@instrulab.com.ar
[23913656] * Subject: Prueba de Correo Lab. Dr. Lazar
[23913656] * Message-ID: <01c501d9e134$c88552f0$598ff8d0$@lazar.com.ar>
[23913656] * Size: 7877; <xxxxxxxxxxxxxxxxxxxxxxxx\pd3501001231766.msg>
[23913656] Resolving MX record for instrulab.com.ar (DNS Server: 200.32.10.115)...
[23913656] * P=000 S=001 D=instrulab.com.ar TTL=(111) MX=[instrulab.com.ar]
[23913656] * P=020 S=000 D=instrulab.com.ar TTL=(111) MX=[mx1.instrulab.com.ar]
[23913656] Attempting SMTP connection to instrulab.com.ar
[23913656] Resolving A record for instrulab.com.ar (DNS Server: 200.32.10.115)...
[23913656] * D=instrulab.com.ar TTL=(111) A=[200.58.110.143]
[23913656] Attempting SMTP connection to 200.58.110.143:25
[23913656] Waiting for socket connection...
[23913656] * Connection established 192.168.1.20:63083 --> 200.58.110.143:25
[23913656] Waiting for protocol to start...
[23913656] <-- 550-No se aceptan conexiones al puerto 25, cambiar este por 587 o 465.
[23913656] <-- 550-https://ayuda-correo-electronico.donweb.com/crear-correos/usar-mi-correo-desde/usar-desde-outlook#outlook-de-escritorio
[23913656] <-- 550 Listed in DYN - Dynamic IPs - see https://www.nszones.com/bl?ip=200.73.158.98
[23913656] --> QUIT========================
= End Transcript =
========================
How should I configure so that my emails go out in their entirety through port 587? Do I have to change the outbound SMTP to 587 or should I leave it at 25?Thank you so much!!
Greetings!!
-
Arron Staff
You should be using port 25 to send out emails. Port 587 is used for email clients to send out mail. Some servers require connections on port 587 to authenticate, other servers may not be listening on port 587 at all.
In the log snippet provided, the reason the email was not accepted on port 25 is because your IP is listed on a DNS block list that the receiving server is checking.
[23913656] Waiting for protocol to start...
[23913656] <-- 550-No se aceptan conexiones al puerto 25, cambiar este por 587 o 465.
[23913656] <-- 550-https://ayuda-correo-electronico.donweb.com/crear-correos/usar-mi-correo-desde/usar-desde-outlook#outlook-de-escritorio
[23913656] <-- 550 Listed in DYN - Dynamic IPs - see https://www.nszones.com/bl?ip=200.73.158.98
[23913656] --> QUITThis message indicates that your IP is listed because it is a dynamic IP. Is your IP address dynamic? It doesn't look like it is to me, in which case you should just be able to report it to nszones.com and they "should" correct it. If your IP is a dynamic IP address, then you will need to either get a static IP or route your mail through a service that can send from a static IP address.
I also checked your IP on mxtoolbox and it looks like there is one other DNS BL listing your IP.
https://mxtoolbox.com/SuperTool.aspx?action=blacklist%3a200.73.158.98&run=toolpage
-
Hello Arron!
First of all thank you very much for your answer.
I have been complaining for days and I see that I was on the wrong track... My IP is not dynamic, so I am going to make the claim that you tell me...
Likewise, in previous days it did not tell me anything about the IP list and it also bounced me through port 25, I am attaching the log:[23553281] REMOTE message: pd3501001224156.msg
[23553281] * Session 23553281; child 0013
[23553281] * From: soporte@lazar.com.ar
[23553281] * To: daniel@acrilicosanbyn.com.ar
[23553281] * Subject: Prueba
[23553281] * Message-ID: <00fa01d9d528$255adc20$
70109460$@lazar.com.ar> [23553281] * Size: 5436; <xxxxxxxxxxxxxxxxxxxxxxxx\
pd3501001224156.msg> [23553281] Resolving MX record for acrilicosanbyn.com.ar (DNS Server: 200.32.10.115)...
[23553281] * P=000 S=000 D=acrilicosanbyn.com.ar TTL=(136) MX=[acrilicosanbyn.com.ar]
[23553281] Attempting SMTP connection to acrilicosanbyn.com.ar
[23553281] Resolving A record for acrilicosanbyn.com.ar (DNS Server: 200.32.10.115)...
[23553281] * D=acrilicosanbyn.com.ar TTL=(136) A=[200.58.123.109]
[23553281] Attempting SMTP connection to 200.58.123.109:587
[23553281] Waiting for socket connection...
[23553281] * Connection established 192.168.1.20:54220 --> 200.58.123.109:587
[23553281] Waiting for protocol to start...
[23553281] <-- 220 Wellcome to SMTP Server
[23553281] --> EHLO mail.lazar.com.ar
[23553281] <-- 250-dtc009.dattaweb.com
[23553281] <-- 250-SIZE 71680000
[23553281] <-- 250 AUTH LOGIN PLAIN
[23553281] --> MAIL From:<soporte@lazar.com.ar> SIZE=5436
[23553281] <-- 550 No se aceptan conexiones al puerto 25, ver https://ayuda-correo-
electronico.donweb.com/ [23553281] --> QUIT
========================
= End Transcript =
========================
In that case, how can I fix it?
Thank you so much!!
Greetings!!
-
Arron Staff
The error is a bit confusing as it indicates that they do not accept mail on port 25, but if we look at the log transcript closer we can see that MDaemon was connecting to port 587. Port 587 should only be used for email clients to send mail.
[23553281] * Connection established 192.168.1.20:54220 --> 200.58.123.109:587
I was able to send a message to the same email address on port 25 and the log shows it being successfully delivered to the server. If you are having issues delivering mail to them on port 25, please post an SMTP sessions that shows this occurring.
-
I am attaching an SMTP log of one of the cases that I mentioned before...
Fri 2023-09-08 09:48:25.341: 01: [23963578] REMOTE message: pd3501001232435.msg
Fri 2023-09-08 09:48:25.341: 01: [23963578] * Session 23963578; child 0010
Fri 2023-09-08 09:48:25.342: 01: [23963578] * From: soporte@lazar.com.ar
Fri 2023-09-08 09:48:25.342: 01: [23963578] * To: daniel@acrilicosanbyn.com.ar
Fri 2023-09-08 09:48:25.342: 01: [23963578] * Subject: Prueba de Correo Lab. Dr. Lazar
Fri 2023-09-08 09:48:25.342: 01: [23963578] * Message-ID: <024b01d9e253$005dcad0$01196070$@lazar.com.ar>
Fri 2023-09-08 09:48:25.342: 01: [23963578] * Size: 6294; <c:\mdaemon\queues\remote\pd3501001232435.msg>
Fri 2023-09-08 09:48:25.343: 08: [23963578] Resolving TXT record for _mta-sts.acrilicosanbyn.com.ar (DNS Server: 200.32.10.115)...
Fri 2023-09-08 09:48:25.410: 08: [23963578] No MTA-STS TXT record found
Fri 2023-09-08 09:48:25.445: 05: [23963578] Resolving MX record for acrilicosanbyn.com.ar (DNS Server: 200.32.10.115)...
Fri 2023-09-08 09:48:25.468: 05: [23963578] * P=000 S=000 D=acrilicosanbyn.com.ar TTL=(240) MX=[acrilicosanbyn.com.ar]
Fri 2023-09-08 09:48:25.468: 05: [23963578] Attempting SMTP connection to acrilicosanbyn.com.ar
Fri 2023-09-08 09:48:25.470: 05: [23963578] Resolving A record for acrilicosanbyn.com.ar (DNS Server: 200.32.10.115)...
Fri 2023-09-08 09:48:25.482: 05: [23963578] * D=acrilicosanbyn.com.ar TTL=(240) A=[200.58.123.109]
Fri 2023-09-08 09:48:25.482: 05: [23963578] Attempting SMTP connection to 200.58.123.109:25
Fri 2023-09-08 09:48:25.484: 05: [23963578] Waiting for socket connection...
Fri 2023-09-08 09:48:25.497: 05: [23963578] * Connection established 192.168.1.20:64150 --> 200.58.123.109:25
Fri 2023-09-08 09:48:25.497: 05: [23963578] Waiting for protocol to start...
Fri 2023-09-08 09:48:25.513: 02: [23963578] <-- 220 Wellcome to SMTP Server
Fri 2023-09-08 09:48:25.514: 03: [23963578] --> EHLO mail.lazar.com.ar
Fri 2023-09-08 09:48:25.527: 02: [23963578] <-- 250-dtc009.dattaweb.com
Fri 2023-09-08 09:48:25.527: 02: [23963578] <-- 250-SIZE 71680000
Fri 2023-09-08 09:48:25.527: 02: [23963578] <-- 250 AUTH LOGIN PLAIN
Fri 2023-09-08 09:48:25.527: 03: [23963578] --> MAIL From:<soporte@lazar.com.ar> SIZE=6294
Fri 2023-09-08 09:48:25.849: 02: [23963578] <-- 550 No se aceptan conexiones al puerto 25, ver https://ayuda-correo-electronico.donweb.com/
Fri 2023-09-08 09:48:25.850: 03: [23963578] --> QUIT
Fri 2023-09-08 09:48:25.870: 21: [23963578] Creating delivery failure DSN...
Fri 2023-09-08 09:48:25.870: 21: [23963578] * Recipient: soporte@lazar.com.ar
Fri 2023-09-08 09:48:25.870: 21: [23963578] * Session-ID: 23963578
Fri 2023-09-08 09:48:25.870: 21: [23963578] * Queue-ID: pd3501001232435.msg
Fri 2023-09-08 09:48:25.870: 21: [23963578] * Message-ID: 024b01d9e253$005dcad0$01196070$@lazar.com.ar
Fri 2023-09-08 09:48:25.870: 21: [23963578] --- End DSN message creation
Fri 2023-09-08 09:48:25.872: 02: [23963578] <-- 221 goodbye
Fri 2023-09-08 09:48:25.872: 04: [23963578] SMTP session terminated (Bytes in/out: 201/74)
-
Arron Staff
They are refusing to accept connections from you on port 25, but they don't say why, at least not that I have found.
It could be they are blocking you because of a DNS BL list but just not telling you or any other number of reasons.
Are you a customer of donweb.com?
If you are, they may be expecting you to authenticate with them when you send.
Either way, the only way to know for sure whey they are rejecting connections from your server would be to contact them.
-
I am not a DonWeb customer.
Some of the domains I'm trying to send to are clients or host their domains on Dnweb, apparently. I have the biggest rejections with DonWeb and with Outlook (or the domains hosted on them).How to go clean. My settings should be, SSL/TLS enabled in security settings, valid certificate and ports SMTP Outbound 25, SMTP Inbound 25, MAS 587, SMTP SSL 465, ODMR 366, correct?
Thank you so much!!!
-
Arron Staff
The ports you have listed are correct.
I'd also suggest setting up SPF, DKIM, and DMARC if you have not already. You can send an email to domain-test@mdaemon.com to test your setup.
Another possibility is that they are blocking emails from soporte@lazar.com.ar, have you tried sending from a different address on your domain?
Contacting DonWeb might be the fastest way to figure out why they are rejecting your emails, and it may be the only way to fix it.
-
I'm going to contact them and check my MDaemon setup.
As soon as I have something new, I'll post it, maybe it will be of help to someone in the future.
Thank you very much for your dedication Arron!!Greetings!!
-
Hello everyone again!!
I still have the problem of bounces of emails sent from our domain to different domains, hosted on different hostings. Attached is a sample MDaemon report. Can I solve this on my side, on my server, somehow? Since the hosting of those domains does not give me a response since I am not particularly a customer of theirs.
Can you think of any solution?Thank you so much!!
-----Mensaje original-----
De: MDaemon at mail.lazar.com.ar <postmaster@lazar.com.ar> Enviado el: lunes, 25 de septiembre de 2023 16:04
Para: aborrelli@lazar.com.ar
Asunto: WARNING: Message delivery failed
============================================================ =====
= Greetings from the MDaemon mail system at mail.lazar.com.ar = ============================================================ =====
The following message:
Session-ID: 24453172 (specific to this delivery attempt)
Queue-ID: pd3501001239681.msg
Message-ID: !&!AAAAAAAAAAAYAAAAAAAAAA928mqwam5AlNDIJ2Q5tDLCgAAAEAAAAEAhb SpyS15Lva2na+pbsS8BAAAAAA==@la zar.com.ar
could not be delivered to the following recipient(s):
siniestros@cioseguros.com.ar (unrecoverable error)
despite one or more unsuccessful attempts to do so.
No further delivery attempts will be made and the message has been removed from the queue.
The original message headers may follow at the end of this report. For information on DSN messages see https://www.mdaemon.com/dsn/.
Please quote the Queue-ID, Session-ID, and Message-ID found above in any inquiries regarding this message.
========================
= Session Transcript =
========================
[24453172] REMOTE message: pd3501001239681.msg
[24453172] * Session 24453172; child 0013
[24453172] * From: aborrelli@lazar.com.ar
[24453172] * To: siniestros@cioseguros.com.ar
[24453172] * Subject: RE: mail a La asegurodarora x sieniestro, de Fernando Pistoia Apm Neuquen vw vento 766
[24453172] * Message-ID: <!&!AAAAAAAAAAAYAAAAAAAAAA928mqwam5AlNDIJ2Q5tDLCgAAAEAAAAEAh bSpyS15Lva2na+pbsS8BAAAAAA==@l azar.com.ar>
[24453172] * Size: 48188; <xxxxxxxxxxxxxxxxxxxxxxxx\pd3501001239681.msg>
[24453172] Resolving TXT record for _mta-sts.cioseguros.com.ar (DNS Server: 200.32.10.115)...
[24453172] No MTA-STS TXT record found
[24453172] Resolving MX record for cioseguros.com.ar (DNS Server: 200.32.10.115)...
[24453172] * P=000 S=001 D=cioseguros.com.ar TTL=(240) MX=[mail.cioseguros.com.ar]
[24453172] * P=005 S=000 D=cioseguros.com.ar TTL=(240) MX=[mx1.cioseguros.com.ar]
[24453172] Attempting SMTP connection to mail.cioseguros.com.ar
[24453172] Resolving A record for mail.cioseguros.com.ar (DNS Server: 200.32.10.115)...
[24453172] * D=mail.cioseguros.com.ar TTL=(240) A=[200.58.120.104]
[24453172] Attempting SMTP connection to 200.58.120.104:25
[24453172] Waiting for socket connection...
[24453172] * Connection established 192.168.1.20:58661 --> 200.58.120.104:25
[24453172] Waiting for protocol to start...
[24453172] <-- 220 Wellcome to SMTP Server
[24453172] --> EHLO mail.lazar.com.ar
[24453172] <-- 250-dtcwin118.dattaweb.com
[24453172] <-- 250-SIZE 71680000
[24453172] <-- 250 AUTH LOGIN PLAIN
[24453172] --> MAIL From:<aborrelli@lazar.com.ar> SIZE=48188
[24453172] <-- 550 No se aceptan conexiones al puerto 25, ver https://ayuda-correo-electronico.donweb.com/
[24453172] --> QUIT
========================
= End Transcript =
========================
-
Arron Staff
Were you able to contact the administrator of the receiving server to find out why they are rejecting the messasges? Unfortunatley without more information from the recipient about why they are blocking your mail, there isn't much we can do.
While looking over your domain, I noticed your SPF record is not correct.
"v=spf1 ip4:192.185.142.248 ip4:200.73.158.98 mx" Your SPF record needs to end with the "all" mechanism.
This may not be related to the problems sending to some servers, but it would be a good idea to fix it as your current record does not limit who can send mail using your domain name.
-
@Arron
Thank you very much for your answer!!
They do not give me a response from the hosting side that is blocking us, since we are not their clients they do not give me any response or help.
If anyone has contact with an administrator of "DONWEB" or "DATATEC" to contact me, it would be of great help to me.I already made the modification to the SPF. At a security level, my server currently has the DKIM and the SPF active, the DMARC caused me problems when I activated it, is it advisable that I activate the DMARC and try to resolve the problems that doing so brings me or is it not such a priority to have it active?
Thank you so much!!
Greetings!!
-
Arron Staff
Have you considered contact the recipient of the email or the IT team for the receiving domain using some other means and asking them to contact Donweb on your behalf?
Yes, I would reccomend resolving the issues that you are having with DMARC. What issue are you having with DMARC?
-
@Arron
I asked the owners of the domains with which we have problems to take action with their IT departments or directly with the hosting, but I had no news. In most cases they are small companies that do not have administrators for this type of issues, they only contract hosting, create accounts and nothing more. That is why it is difficult for me as an administrator to sometimes make progress on these issues.
DMARC
When I upgraded the server security, I enabled SPF, DKIM and DMARC together. At that time our server was blocking and bouncing emails from company clients, that is why we decided to do it more gradually, and left SPF and DKIM active and deactivated DMARC. Then we moved on to SSL and the issues that I have been asking you about and DMARC was left for later. I'm going to activate it and see the issues that result from that... is there any MDaemon bibliography with more detail on these issues, how to do it correctly or minimize the "negative" impacts of this on my domain?
As I write to you I am already activating DMARC!
-
Arron Staff
Configuring SPF, DKIM, and DMARC for your domain does not affect how your server handles inbound email from other domains. Implementing SPF, DKIM, and DMARC for your domain protects your domain.
When you turn on SPF, DKIM, and DMARC verification in MDaemon, it checks inbound messages using these tools and will affect inbound messages into MDaemon.
If you look at DKIM by itself, it simply verifies the DKIM signature. DKIM itself does not offer any way to take puntitive action based on a DKIM signature failing.
SPF and DMARC both offer the ability to take punitive action on messages that "fail". If your clients don't have SPF and DMARC setup correctly, it could cause your server to reject or flag their mail as spam.
If you'd like to troubleshoot the issues further, please provide inbound SMTP logs from MDaemon that show the issues occurring.
-
@Arron
"SPF and DMARC both offer the ability to take punitive action on messages that "fail". If your clients don't have SPF and DMARC setup correctly, it could cause your server to reject or flag their mail as spam."
Of course, that's what happened, we bounced emails from servers or hostings that were not properly configured and were valid emails... until I started adding them to the exception lists and the issue stabilized again.
I am going to continue insisting to the administrators of the domains that are bouncing us to see if I can resolve this issue.
I greatly appreciate your help! If there is any inconvenience, I will be contacting you again!Greetings!
