Mail delivery failed: returning message to sender
Good day
May I please be assisted with the error below. Some emails go through and some do not. I used different accounts, it seems that i have this error with one email account.
"
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
xxxxxx@gmail.com
host gmail-smtp-in.l.google.com [64.233.167.26]
SMTP error from remote mail server after end of data:
550-5.7.1 This message does not have authentication information or fails to pass
550-5.7.1 authentication checks. To best protect our users from spam, the
550-5.7.1 message has been blocked. Please visit
550-5.7.1 Bulk Senders Guidelines - Gmail Help for more
550 5.7.1 information. k3-v6si1282756wrh.237 - gsmtp
Reporting-MTA: dns; xxxx.dedicated.co.za
Action: failed
Final-Recipient: rfc822;xxxxxx@gmail.com
Status: 5.0.0
Remote-MTA: dns; gmail-smtp-in.l.google.com
Diagnostic-Code: smtp; 550-5.7.1 This message does not have authentication information or fails to pass
550-5.7.1 authentication checks. To best protect our users from spam, the
550-5.7.1 message has been blocked. Please visit
550-5.7.1 Bulk Senders Guidelines - Gmail Help for more
550 5.7.1 information. k3-v6si1282756wrh.237 - gsmtp
Return-path:
Received: from [105.12.x.xxx] (port=46475 helo=someusr)
by xxxx.dedicated.co.za with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-SHA384:256)
(Exim 4.91)
(envelope-from )
id 1fxTcC-0000s4-Kw
for xxxxx@gmail.com; Wed, 05 Sep 2018 10:56:45 +0200
Reply-To:
From: "xxxxxxx"
To:
References:
In-Reply-To:
Subject: subject line here
Date: Wed, 5 Sep 2018 10:56:43 +0200
Organization: xxxxxxxx
Message-ID: <008b01d444f6$5f01bce0$1d0536a0$@zxxxxx.co.za>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_008C_01D44507.228CFDE0"
X-Mailer: Microsoft Outlook 15.0
Thread-Index: AdRE9iCgebDiQtcHSpeDwtrb7jvI4AAACNvw
Content-Language: en-za
X-Antivirus: AVG (VPS 180904-4, 2018-09-04), Outbound message
X-Antivirus-Status: Clean
X-Exim-DSN-Information: Due to administrative limits only headers are returned
-
Enable DKIM & Enable SPF 0 -
Enable DKIM & Enable SPF
Thank you. i have enabled Enable DKIM & Enable SPF on my cpanel--> email-->authentication. The warning that i get is that "Warning: cPanel is unable to verify that this server is an authoritative nameserver for "example.co.za"." how do i move forward from this?0 -
Hello @rorisang This indicates that your DNS is hosted elsewhere meaning that your nameservers are pointed somewhere else. You will not be able to enable SPF on the server locally (or add any DNS records locally) if the DNS is hosted somewhere else. You'll need to add the SPF where DNS for the domain is hosted (Where the nameservers are pointed) Thanks! 0 -
i Hello @rorisang This indicates that your DNS is hosted elsewhere meaning that your nameservers are pointed somewhere else. You will not be able to enable SPF on the server locally (or add any DNS records locally) if the DNS is hosted somewhere else. You'll need to add the SPF where DNS for the domain is hosted (Where the nameservers are pointed) Thanks!
have added records the error has changed to " host za-smtp-inbound-2.mimecast.co.za [IP REMOVED] SMTP error from remote mail server after RCPT TO:<='EmmanuelMayise@domainremoved.com'>xxx@xxx.com>: 550 csi.mimecast.org Poor Reputation Sender. -0 -
Hi @rorisang This indicates that the IP address your mail originated from has a poor reputation and the recipient server is blocking based on this - this can be due to incorrect SPF, DKIM or PTR or due to recent spam mail being sent. Because you just changed the SPF and DKIM records I believe it makes more sense to look at that avenue. Based on the original domain name visible in the first post (pre-edit) - if you're still using the .co.za domain there are still issues with it. - You've added an SPF record that checks out but there is no DKIM record. When running the following I get no response: dig txt default._domainkey.yourdomain.co.za +short
- There are 4 differen PTR records associated with the IP address there should only be 1 PTR record that resolves the IP of the server back to the hostname of the server. You can see this by running:host0 -
I adjusted SPF and DKIM records accordingly. Upon research, it turns out that the challenge is that my IP address is blacklisted. I do not know what that means. Do anyone know how to delist a blacklisted IP address? 0 -
Hi @rorisang You need to request delisting from the organization which blacklisted you in the first place. MxToolBox can show you where specifically you're blacklisted Email Blacklist Check - See if your server is blacklisted and provide links to the organization where you can request delisting Thanks! 0 -
Hi @rorisang You need to request delisting from the organization which blacklisted you in the first place. MxToolBox can show you where specifically you're blacklisted Email Blacklist Check - IP Blacklist Check - See if your server is blacklisted however any MSG sended to GMAIL:
ECDHE-ECDSA-AES128-GCM-SHA256:128 CV=yes: SMTP error from remote mail server after end of data: 550-5.7.1 [xxx.xxx.58.38 12] Our system has detected that this message is 550-5.7.1 likely unsolicited mail. To reduce the amount of spam sent to Gmail, 550-5.7.1 this message has been blocked. Please visit 550-5.7.1 https://support.google.com/mail/?p=UnsolicitedMessageError 550 5.7.1 for more information. t11si15438733ply.274 - gsmtp
we change IP and result is IDENTIC. What we can do ?0 -
none of our IPs is listed in Cisco Talos Intelligence Group - Comprehensive Threat Intelligence if Email reputation is Poor, and also check if there any neighbouring IPs with Poor email reputation. Do you have SPF & DKIM enabled for the sending domain? Try sending a test email to the first email address here Authentication Checker to get a report for your SPF/DKIM records.
0 -
Try sending a test email to the first email address here check-auth2@verifier.port25.com and I they send this result:
This message is an automatic response from Port25's authentication verifier service at verifier.port25.com. The service allows email senders to perform a simple check of various sender authentication mechanisms. It is provided free of charge, in the hope that it is useful to the email community. While it is not officially supported, we welcome any feedback you may have at . Thank you for using the verifier, The Port25 Solutions, Inc. team ========================================================== Summary of Results ========================================================== SPF check: pass "iprev" check: pass DKIM check: pass ========================================================== Details: ========================================================== HELO hostname: MyHOSTNAME Source IP: MyIPofServer mail-from: MyUsercPanel@MyHOSTNAME ---------------------------------------------------------- SPF check details: ---------------------------------------------------------- Result: pass ID(s) verified: smtp.mailfrom=MyUsercPanel@MyHOSTNAME DNS record(s): MyHOSTNAME. 300 IN TXT "v=spf1 +mx +a +ip4:MyIPofServer ~all" MyHOSTNAME. 300 IN MX 0 MyHOSTNAME. MyHOSTNAME. 300 IN A MyIPofServer MyHOSTNAME. 300 IN A MyIP#2 ---------------------------------------------------------- "iprev" check details: ---------------------------------------------------------- Result: pass (matches MyHOSTNAME) ID(s) verified: policy.iprev=MyIPofServer DNS record(s): MyIP#1withPTR.in-addr.arpa. 300 IN PTR MyHOSTNAME. MyHOSTNAME. 300 IN A MyIPofServer MyHOSTNAME. 300 IN A MyIP#2 ---------------------------------------------------------- DKIM check details: ---------------------------------------------------------- Result: pass (matches From: r@MySLD.com) ID(s) verified: header.d=MySLD.com Canonicalized Headers: date:Sun,'20'10'20'Jan'20'2021'20'17:34:26'20'-0500'0D''0A' message-id:'0D''0A' reply-to:r@MySLD.com'0D''0A' from:r@MySLD.com'0D''0A' subject:El'20't'C3''AD'tulo'0D''0A' to:check-auth2@verifier.port25.com'0D''0A' dkim-signature:v=1;'20'a=rsa-sha256;'20'q=dns/txt;'20'c=relaxed/relaxed;'20'd=MySLD.com;'20's=default;'20'h=Date:Message-Id:Reply-To:From:Subject:To:Sender:Cc:MIME-Version'20':Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:'20'Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:'20'In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:'20'List-Post:List-Owner:List-Archive;'20'bh=JHxt86JddlBcBqs1Hkud/E5o8xPc2W/6qi1Zlv4fW7o=;'20'b=; Canonicalized Body: Hola'0D''0A' DNS record(s): default._domainkey.MySLD.com. 300 IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5ZgvaJU6PCK61nbMxseGK3mYN7FazJCaC3Lim9CX2i6w6cO3gIN+EC8RwTGI0B+ti16dc1LINZd4d0Lxhciw6uefGK+NElkjGz+3drRM5zvur+TCZfZM8xOuCbpCJAGWwEWtfQvB2FZvtQGiC5jaOyqoqQgp/d+ECZTB1eR0QhOjkWvbWu0P/rGsLffhmISI+4N+mzTx7jWCvuqAloGcjfKO63+cJ5M8kTPLsYaRfQTVO5CrpeL/RXjl9cz/LpqVJtF/x+o8916Jj6Z68P3R/LolJF+9noSsmBOW2g34CuCjCvVmedRTJUah26bvYrxrAJNdsRRPbNPm88bvd1SewIDAQAB;" Public key used for verification: default._domainkey.MySLD.com (2048 bits) NOTE: DKIM checking has been performed based on the latest DKIM specs (RFC 4871 or draft-ietf-dkim-base-10) and verification may fail for older versions. If you are using Port25's PowerMTA, you need to use version 3.2r11 or later to get a compatible version of DKIM. ============================================================== Explanation of the possible results (based on RFCs 7601, 7208) ============================================================== DKIM Results ============ none: The message was not signed. pass: The message was signed, the signature or signatures were acceptable to the ADMD, and the signature(s) passed verification tests. fail: The message was signed and the signature or signatures were acceptable to the ADMD, but they failed the verification test(s). policy: The message was signed, but some aspect of the signature or signatures was not acceptable to the ADMD. neutral: The message was signed, but the signature or signatures contained syntax errors or were not otherwise able to be processed. This result is also used for other failures not covered elsewhere in this list. temperror: The message could not be verified due to some error that is likely transient in nature, such as a temporary inability to retrieve a public key. A later attempt may produce a final result. permerror: The message could not be verified due to some error that is unrecoverable, such as a required header field being absent. A later attempt is unlikely to produce a final result. SPF Results =========== none: Either (a) no syntactically valid DNS domain name was extracted from the SMTP session that could be used as the one to be authorized, or (b) no SPF records were retrieved from the DNS. neutral: The ADMD has explicitly stated that it is not asserting whether the IP address is authorized. pass: An explicit statement that the client is authorized to inject mail with the given identity. fail: An explicit statement that the client is not authorized to use the domain in the given identity. softfail: A weak statement by the publishing ADMD that the host is probably not authorized. It has not published a stronger, more definitive policy that results in a "fail". temperror: The SPF verifier encountered a transient (generally DNS) error while performing the check. A later retry may succeed without further DNS operator action. permerror: The domain's published records could not be correctly interpreted. This signals an error condition that definitely requires DNS operator intervention to be resolved. "iprev" Results =============== pass: The DNS evaluation succeeded, i.e., the "reverse" and "forward" lookup results were returned and were in agreement. fail: The DNS evaluation failed. In particular, the "reverse" and "forward" lookups each produced results, but they were not in agreement, or the "forward" query completed but produced no result, e.g., a DNS RCODE of 3, commonly known as NXDOMAIN, or an RCODE of 0 (NOERROR) in a reply containing no answers, was returned. temperror: The DNS evaluation could not be completed due to some error that is likely transient in nature, such as a temporary DNS error, e.g., a DNS RCODE of 2, commonly known as SERVFAIL, or other error condition resulted. A later attempt may produce a final result. permerror: The DNS evaluation could not be completed because no PTR data are published for the connecting IP address, e.g., a DNS RCODE of 3, commonly known as NXDOMAIN, or an RCODE of 0 (NOERROR) in a reply containing no answers, was returned. This prevented completion of the evaluation. A later attempt is unlikely to produce a final result. ========================================================== Original Email ========================================================== Return-Path: Received: from MyHOSTNAME (MyIPofServer) by verifier.port25.com id hve0f62p2tol for ; Sun, 10 Jan 2021 22:34:27 +0000 (envelope-from ) Authentication-Results: verifier.port25.com; spf=pass smtp.mailfrom=MyUsercPanel@MyHOSTNAME; iprev=pass (matches MyHOSTNAME) policy.iprev=MyIPofServer; dkim=pass (matches From: r@MySLD.com) header.d=MySLD.com DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=MySLD.com; s=default; h=Date:Message-Id:Reply-To:From:Subject:To:Sender:Cc:MIME-Version :Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=JHxt86JddlBcBqs1Hkud/E5o8xPc2W/6qi1Zlv4fW7o=; b=M2WIgI1Acunec7Uhcc5ZZv9Xl5 7NzZ9YaPkwgNtbvSOyIOH6CPPv+Z5HqjJdwcH19dY7UTQI98wGOkJCgcwUVCBTwyqEjIE3qxRHNED 7T+7B5szMtVofaJDuGnovX8OhrAJV8b/dX3fMZBuk6Ez7kCCTKx/hVIAXBg6NrrplcvtMvDJB4ydx KNjthCvUAs/zJENSFybwNZHir0Ky3hpbQlEFNvR4UWOwqb2w8KD1aiQI5Us+Mj0NDKGK0fTLgYLew YDQMYmkaVU6At7YvTcfBTnuAGWobdEEhZRvcowwqEOSxhEwD5J0AqIP+ode57ZtWK/Pi1RGeGU7YH uUcIPayw==; Received: from MyUsercPanel by MyHOSTNAME with local (Exim 4.93) (envelope-from ) id 1kyjI2-0005jd-Mn for check-auth2@verifier.port25.com; Sun, 10 Jan 2021 17:34:26 -0500 To: check-auth2@verifier.port25.com Subject: El t"tulo X-PHP-Script: MySLD.com/pop3/index.php for 181.56.31.74 X-PHP-Originating-Script: 1040:index.php From: r@MySLD.com Reply-To: r@MySLD.com X-Mailer: PHP/7.3.25 Message-Id: Date: Sun, 10 Jan 2021 17:34:26 -0500 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - MyHOSTNAME X-AntiAbuse: Original Domain - verifier.port25.com X-AntiAbuse: Originator/Caller UID/GID - [1040 993] / [47 12] X-AntiAbuse: Sender Address Domain - MyHOSTNAME X-Get-Message-Sender-Via: MyHOSTNAME: authenticated_id: MyUsercPanel/from_h X-Authenticated-Sender: MyHOSTNAME: r@MySLD.com X-Source: X-Source-Args: php-fpm: pool MySLD_com X-Source-Dir: MySLD.com:/public_html/pop3 Hola
0 -
It looks like an entire range of IP addresses may have been blocked, which is why you're still seeing the issue after the IP switch. Can you contact your hosting provider about this to let them know about the IP problem? 0
Please sign in to leave a comment.
Comments
12 comments