MDaemon rejecting email forwarded from another mail host | MDaemon Technologies, Ltd.
  1. Forum
  2. MDaemon
  3. MDaemon rejecting email forwarded from another mail host

MDaemon rejecting email forwarded from another mail host

  • P

    I have issue with MDaemon rejecting forwarded emails from another mail host.

    The error given was 550 5.7.1 Sender unknown

    Have anyone come across this before?

    Thanks in advance!

    0 likes
  • A

    What does MDaemon's inbound SMTP log show is occurring?

    Based on the error, I'd guess that the value passed in the MAIL FROM command is an unknown local address or the inbound session is matching a value in the Host Screening configurations causing the session to be blocked.  

    The inbound SMTP log will tell you for sure.  

    If its because the message is from an unknown local user you can adjust the configurations by going to Security / Security Mananger / Relay Control.  Adjusting the options under SMTP mail address must exist if it uses a local domain will help to have MDaemon accept the mail, however, I would not reccomend disabling the option completely.

    If the value passed in the EHLO command of the inbound smtp session is matching a value in the host screening configurations, you can adjust your configurations by going to Security / Security Manager / Screening / Host Screen.

    --
    Arron Caruth

  • P

    @Arron 

    Thanks a lot for your advice.

    This is from the SMTP in log (looks okay to me):

    Fri 2023-10-06 07:14:29.827: 02: <-- MAIL FROM:<#####@gmail.com> SIZE=2539
    Fri 2023-10-06 07:14:29.827: 05: Performing PTR lookup (169.166.85.209.IN-ADDR.ARPA)
    Fri 2023-10-06 07:14:29.832: 05: *  D=169.166.85.209.IN-ADDR.ARPA TTL=(48) PTR=[mail-il1-f169.google.com]
    Fri 2023-10-06 07:14:29.851: 05: *  D=mail-il1-f169.google.com TTL=(60) A=[209.85.166.169]
    Fri 2023-10-06 07:14:29.851: 05: ---- End PTR results
    Fri 2023-10-06 07:14:29.851: 05: Performing IP lookup (gmail.com)
    Fri 2023-10-06 07:14:29.856: 05: *  D=gmail.com TTL=(1) A=[172.253.118.19]
    Fri 2023-10-06 07:14:29.856: 05: *  D=gmail.com TTL=(1) A=[172.253.118.83]
    Fri 2023-10-06 07:14:29.856: 05: *  D=gmail.com TTL=(1) A=[172.253.118.18]
    Fri 2023-10-06 07:14:29.856: 05: *  D=gmail.com TTL=(1) A=[172.253.118.17]
    Fri 2023-10-06 07:14:29.860: 05: *  P=005 S=000 D=gmail.com TTL=(38) MX=[gmail-smtp-in.l.google.com]
    Fri 2023-10-06 07:14:29.860: 05: *  P=010 S=001 D=gmail.com TTL=(38) MX=[alt1.gmail-smtp-in.l.google.com]
    Fri 2023-10-06 07:14:29.860: 05: *  P=020 S=003 D=gmail.com TTL=(38) MX=[alt2.gmail-smtp-in.l.google.com]
    Fri 2023-10-06 07:14:29.860: 05: *  P=030 S=004 D=gmail.com TTL=(38) MX=[alt3.gmail-smtp-in.l.google.com]
    Fri 2023-10-06 07:14:29.860: 05: *  P=040 S=002 D=gmail.com TTL=(38) MX=[alt4.gmail-smtp-in.l.google.com]
    Fri 2023-10-06 07:14:29.867: 05: *  D=gmail-smtp-in.l.google.com TTL=(5) A=[172.217.194.27]
    Fri 2023-10-06 07:14:29.873: 05: *  D=alt1.gmail-smtp-in.l.google.com TTL=(5) A=[173.194.202.27]
    Fri 2023-10-06 07:14:29.878: 05: *  D=alt2.gmail-smtp-in.l.google.com TTL=(5) A=[142.250.141.26]
    Fri 2023-10-06 07:14:29.888: 05: *  D=alt3.gmail-smtp-in.l.google.com TTL=(5) A=[142.250.115.27]
    Fri 2023-10-06 07:14:29.896: 05: *  D=alt4.gmail-smtp-in.l.google.com TTL=(5) A=[64.233.171.26]
    Fri 2023-10-06 07:14:29.896: 05: ---- End IP lookup results
    Fri 2023-10-06 07:14:29.896: 09: Performing SPF lookup (mail-il1-f169.google.com / 209.85.166.169)
    Fri 2023-10-06 07:14:29.945: 09: *  Result: none; no SPF record in DNS
    Fri 2023-10-06 07:14:29.945: 09: ---- End SPF results
    Fri 2023-10-06 07:14:29.945: 09: Performing SPF lookup (gmail.com / 209.85.166.169)
    Fri 2023-10-06 07:14:29.945: 09: *  Policy (cache): v=spf1 redirect=_spf.google.com
    Fri 2023-10-06 07:14:29.945: 09: *  Evaluating redirect=_spf.google.com: 
    Fri 2023-10-06 07:14:29.945: 09: *  Evaluating redirect=_spf.google.com: performing lookup
    Fri 2023-10-06 07:14:29.945: 09: *    Policy (cache): v=spf1 include:_netblocks.google.com include:_netblocks2.google.com include:_netblocks3.google.com ~all
    Fri 2023-10-06 07:14:29.945: 09: *    Evaluating include:_netblocks.google.com: performing lookup
    Fri 2023-10-06 07:14:29.945: 09: *      Policy (cache): v=spf1 ip4:35.190.247.0/24 ip4:64.233.160.0/19 ip4:66.102.0.0/20 ip4:66.249.80.0/20 ip4:72.14.192.0/18 ip4:74.125.0.0/16 ip4:108.177.8.0/21 ip4:173.194.0.0/16 ip4:209.85.128.0/17 ip4:216.58.192.0/19 ip4:216.239.32.0/19 ~all
    Fri 2023-10-06 07:14:29.946: 09: *      Evaluating ip4:35.190.247.0/24: no match
    Fri 2023-10-06 07:14:29.946: 09: *      Evaluating ip4:64.233.160.0/19: no match
    Fri 2023-10-06 07:14:29.946: 09: *      Evaluating ip4:66.102.0.0/20: no match
    Fri 2023-10-06 07:14:29.946: 09: *      Evaluating ip4:66.249.80.0/20: no match
    Fri 2023-10-06 07:14:29.946: 09: *      Evaluating ip4:72.14.192.0/18: no match
    Fri 2023-10-06 07:14:29.946: 09: *      Evaluating ip4:74.125.0.0/16: no match
    Fri 2023-10-06 07:14:29.946: 09: *      Evaluating ip4:108.177.8.0/21: no match
    Fri 2023-10-06 07:14:29.946: 09: *      Evaluating ip4:173.194.0.0/16: no match
    Fri 2023-10-06 07:14:29.946: 09: *      Evaluating ip4:209.85.128.0/17: match
    Fri 2023-10-06 07:14:29.946: 09: *    Evaluating include:_netblocks.google.com: match
    Fri 2023-10-06 07:14:29.946: 09: *  Result: pass
    Fri 2023-10-06 07:14:29.946: 09: ---- End SPF results
    Fri 2023-10-06 07:14:29.946: 03: --> 250 2.1.0 Sender OK
    Fri 2023-10-06 07:14:29.946: 02: <-- RCPT TO:<cso@win-sin.com>
    Fri 2023-10-06 07:14:29.951: 05: Performing DNS-BL lookup (209.85.166.169 - connecting IP)
    Fri 2023-10-06 07:14:30.262: 05: *  spam.dnsbl.sorbs.net - failed - 127.0.0.6
    Fri 2023-10-06 07:14:30.262: 05: ---- End DNS-BL results
    Fri 2023-10-06 07:14:30.264: 03: --> 250 2.1.5 Recipient OK
    Fri 2023-10-06 07:14:30.264: 02: <-- BDAT 2539 LAST
    Fri 2023-10-06 07:14:30.265: 01: Message size: 2539 bytes
    Fri 2023-10-06 07:14:30.266: 10: Performing DKIM verification
    Fri 2023-10-06 07:14:30.266: 10: *  File: d:\mdaemon\queues\temp\md5001000002866.tmp
    Fri 2023-10-06 07:14:30.266: 10: *  Message-ID: <CAOFOkb=VmqWMLQm06ueyxqu8AhQsCDOy7gLp_jga_hXKdKQhew@mail.gmail.com>
    Fri 2023-10-06 07:14:30.273: 10: * DKIM-Signature 1: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1696547860; x=1697152660; darn=win-sin.com; <some tags are not logged>
    Fri 2023-10-06 07:14:30.273: 10: *    Verification result: good signature
    Fri 2023-10-06 07:14:30.274: 10: *  Result: pass
    Fri 2023-10-06 07:14:30.274: 10: ---- End DKIM results
    Fri 2023-10-06 07:14:30.278: 19: Performing DMARC processing
    Fri 2023-10-06 07:14:30.278: 19: *  File: d:\mdaemon\queues\temp\md5001000002866.tmp
    Fri 2023-10-06 07:14:30.278: 19: *  Message-ID: <CAOFOkb=VmqWMLQm06ueyxqu8AhQsCDOy7gLp_jga_hXKdKQhew@mail.gmail.com>
    Fri 2023-10-06 07:14:30.278: 19: *  Author domain: gmail.com
    Fri 2023-10-06 07:14:30.278: 19: *  Organizational domain: gmail.com
    Fri 2023-10-06 07:14:30.278: 19: *  Query domain: _dmarc.gmail.com
    Fri 2023-10-06 07:14:30.283: 19: *    Policy record: v=DMARC1; p=none; sp=quarantine; rua=mailto:mailauth-reports@google.com
    Fri 2023-10-06 07:14:30.286: 19: *  Verifying report recipient: mailauth-reports@google.com
    Fri 2023-10-06 07:14:30.286: 19: *  Query domain: gmail.com._report._dmarc.google.com
    Fri 2023-10-06 07:14:30.293: 19: *    Policy record: v=DMARC1
    Fri 2023-10-06 07:14:30.293: 19: *    Recipient mailauth-reports@google.com is verified
    Fri 2023-10-06 07:14:30.293: 19: *  Checking authentication mechanisms for DMARC alignment
    Fri 2023-10-06 07:14:30.293: 19: *    SPF: domain "gmail.com" passed SPF check; and domain is DMARC aligned
    Fri 2023-10-06 07:14:30.294: 19: *    DKIM: domain "gmail.com" (from d= of signature #1) verified; and domain is DMARC aligned
    Fri 2023-10-06 07:14:30.294: 19: *  Result: pass
    Fri 2023-10-06 07:14:30.294: 19: ---- End DMARC results
    Fri 2023-10-06 07:14:30.297: 06: Passing message through AntiVirus (Size: 2539)...
    Fri 2023-10-06 07:14:30.372: 06: *  Message is clean (no viruses found) scanned by (IKARUS: clean (0.03608s)) (ClamAV: clean (0.02768s))
    Fri 2023-10-06 07:14:30.372: 06: ---- End AntiVirus results
    Fri 2023-10-06 07:14:30.590: 01: Message creation successful: d:\mdaemon\queues\inbound\md5001000889493.msg
    Fri 2023-10-06 07:14:30.590: 03: --> 250 2.6.0 Ok, message saved <Message-ID: <CAOFOkb=VmqWMLQm06ueyxqu8AhQsCDOy7gLp_jga_hXKdKQhew@mail.gmail.com>>
    Fri 2023-10-06 07:14:30.592: 02: <-- QUIT
    Fri 2023-10-06 07:14:30.592: 03: --> 221 2.0.0 See ya in cyberspace
    Fri 2023-10-06 07:14:30.593: 01: SMTP session successful (Bytes in/out: 3487/3922)
    Fri 2023-10-06 07:14:30.593: 01: ----------

    The host screenare default settings... I've pretty much exhausted my options... any teeny bit of help is really much appreciated. Thanks a lot.

     

    0 likes
  • A

    MDaemon accepted the message shown in the log snippet.  It looks to me like the log snippet is not for the same message that generated the non delivery report.  

    Are there any inbound SMTP sessions in the MDaemon logs that result in a Sender unknown error being returned?

    Are there any additional details in the non delivery report, such as a log transcript?

    Does the non delivery report show what server it attempted to deliver the message to?

     

    --
    Arron Caruth

  • P

    @Arron Hi Arron, Thank you for your reply.

    I just tested and got the below:

    Mon 2023-10-09 08:45:23.753: 02: <-- MAIL FROM:<###@gmail.com> SIZE=5872
    Mon 2023-10-09 08:45:23.753: 05: Performing PTR lookup (171.166.85.209.IN-ADDR.ARPA)
    Mon 2023-10-09 08:45:23.757: 05: *  D=171.166.85.209.IN-ADDR.ARPA TTL=(123) PTR=[mail-il1-f171.google.com]
    Mon 2023-10-09 08:45:23.764: 05: *  D=mail-il1-f171.google.com TTL=(60) A=[209.85.166.171]
    Mon 2023-10-09 08:45:23.764: 05: ---- End PTR results
    Mon 2023-10-09 08:45:23.764: 09: Performing SPF lookup (mail-il1-f171.google.com / 209.85.166.171)
    Mon 2023-10-09 08:45:23.845: 09: *  Result: none; no SPF record in DNS
    Mon 2023-10-09 08:45:23.845: 09: ---- End SPF results
    Mon 2023-10-09 08:45:23.845: 09: Performing SPF lookup (gmail.com / 209.85.166.171)
    Mon 2023-10-09 08:45:23.845: 09: *  Policy (cache): v=spf1 redirect=_spf.google.com
    Mon 2023-10-09 08:45:23.845: 09: *  Evaluating redirect=_spf.google.com: 
    Mon 2023-10-09 08:45:23.845: 09: *  Evaluating redirect=_spf.google.com: performing lookup
    Mon 2023-10-09 08:45:23.845: 09: *    Policy (cache): v=spf1 include:_netblocks.google.com include:_netblocks2.google.com include:_netblocks3.google.com ~all
    Mon 2023-10-09 08:45:23.845: 09: *    Evaluating include:_netblocks.google.com: performing lookup
    Mon 2023-10-09 08:45:23.845: 09: *      Policy (cache): v=spf1 ip4:35.190.247.0/24 ip4:64.233.160.0/19 ip4:66.102.0.0/20 ip4:66.249.80.0/20 ip4:72.14.192.0/18 ip4:74.125.0.0/16 ip4:108.177.8.0/21 ip4:173.194.0.0/16 ip4:209.85.128.0/17 ip4:216.58.192.0/19 ip4:216.239.32.0/19 ~all
    Mon 2023-10-09 08:45:23.845: 09: *      Evaluating ip4:35.190.247.0/24: no match
    Mon 2023-10-09 08:45:23.845: 09: *      Evaluating ip4:64.233.160.0/19: no match
    Mon 2023-10-09 08:45:23.845: 09: *      Evaluating ip4:66.102.0.0/20: no match
    Mon 2023-10-09 08:45:23.845: 09: *      Evaluating ip4:66.249.80.0/20: no match
    Mon 2023-10-09 08:45:23.845: 09: *      Evaluating ip4:72.14.192.0/18: no match
    Mon 2023-10-09 08:45:23.845: 09: *      Evaluating ip4:74.125.0.0/16: no match
    Mon 2023-10-09 08:45:23.845: 09: *      Evaluating ip4:108.177.8.0/21: no match
    Mon 2023-10-09 08:45:23.845: 09: *      Evaluating ip4:173.194.0.0/16: no match
    Mon 2023-10-09 08:45:23.845: 09: *      Evaluating ip4:209.85.128.0/17: match
    Mon 2023-10-09 08:45:23.845: 09: *    Evaluating include:_netblocks.google.com: match
    Mon 2023-10-09 08:45:23.845: 09: *  Result: pass
    Mon 2023-10-09 08:45:23.845: 09: ---- End SPF results
    Mon 2023-10-09 08:45:23.845: 03: --> 250 2.1.0 Sender OK
    Mon 2023-10-09 08:45:23.845: 02: <-- RCPT TO:<###@###.net>
    Mon 2023-10-09 08:45:23.847: 03: --> 250 2.1.5 Recipient OK
    Mon 2023-10-09 08:45:23.847: 02: <-- BDAT 5872 LAST
    Mon 2023-10-09 08:45:23.848: 01: Message size: 5872 bytes
    Mon 2023-10-09 08:45:23.848: 03: --> 550 5.7.1 Sender unknown
    Mon 2023-10-09 08:45:23.848: 01: From: header address may not send mail from 209.85.166.171 (IP Shield)
    Mon 2023-10-09 08:45:24.056: 02: <-- QUIT
    Mon 2023-10-09 08:45:24.056: 03: --> 221 2.0.0 See ya in cyberspace
    Mon 2023-10-09 08:45:24.057: 04: SMTP session terminated (Bytes in/out: 6936/3836)

    I notice it says "header address may not send mail from 209.85.166.171 (IP Shield)". My IP shield settings are as below:

    After I enable "Do not apply IP Shield to messages sent to valid local users, it seems to work okay now... thanks a lot for your guidance! 😘

     

    0 likes
  • A

    Enabling the option for "Do not apply IP shield to messages sent to valid local users" also esssentialy disables IPShielding.  Basically, when you set that option you are telling MDaemon to not apply IP Shielding to any messages sent to local accounts, but if you have the server setup right, it should only be accepting mail to local accounts.  

    A better option would be to turn off "Do not apply IP shield to messages sent to valid local users" and "Check FROM header address against IP Shield."  This stops IP Shielding from checking the From header, which is less secure than what you had,  but its more secure than turning on "Do not apply IP Shield to messags sent to valid local users."

     

    --
    Arron Caruth

  • P

    @Arron oh okie! thanks again for your kind advice. 😘

    0 likes
Please login to reply this topic!