Mail server: Difference between revisions
Jump to navigation
Jump to search
| (6 intermediate revisions by the same user not shown) | |||
| Line 3: | Line 3: | ||
* [[Removing Maildir Duplicates]] |
* [[Removing Maildir Duplicates]] |
||
* [[SMTP]] |
* [[SMTP]] |
||
* [[Postfix]] |
|||
== Guides == |
|||
* https://jan.wildeboer.net/2022/08/Email-0-The-Journey-2022/ |
|||
* https://vadosware.io/post/its-never-been-easier-or-harder-to-self-host-email/ |
|||
== Testing == |
|||
See also [[IMAP]] and [[SMTP]]. |
|||
* http://whatismyipaddress.com/blacklist-check |
|||
* http://www.intodns.com/ |
|||
* http://dkimvalidator.com/ |
|||
== Troubleshooting == |
== Troubleshooting == |
||
| Line 11: | Line 23: | ||
* [https://support.google.com/mail/answer/6227174 Gmail Postmaster Tools] |
* [https://support.google.com/mail/answer/6227174 Gmail Postmaster Tools] |
||
* http://whatismyipaddress.com/blacklist-check |
* http://whatismyipaddress.com/blacklist-check |
||
* https://postmaster.google.com/ |
|||
We get in {{file|/var/log/mail.log}}: |
We get in {{file|/var/log/mail.log}}: |
||
| Line 38: | Line 51: | ||
</source> |
</source> |
||
| ⚫ | |||
As reported [https://www.digitalocean.com/community/questions/temporarily-rate-limited-from-google-in-mail-relay here], the issue may be due to SPF, which "breaks" mail forwarding: we |
:As reported [https://www.digitalocean.com/community/questions/temporarily-rate-limited-from-google-in-mail-relay here], the issue may be due to SPF, which "breaks" mail forwarding: we forward a mail with <code>@twitter.com</code> as sender domain, but our server is not authorized by the SPF record in twitter.com domain. The solution is to use [http://www.openspf.org/SRS SRS], which rewrites the sender address to match the domain of the forwarding server. |
||
| ⚫ | |||
:See [[Configuration Noekeon.org]]. |
:See [[Configuration Noekeon.org]]. |
||
;Solution 2 — Add offending sender to Gmail account contact list |
|||
:May stop GMail to see your mail server as a bulk-sender-whatever. |
|||
;Solution 3 — Install opendkim |
|||
:Not tested yet. |
|||
;Solution 4 — Use POP3 on Gmail to fetch from remote account |
|||
:This bypass Gmail filtering and hence we avoid the problem. |
|||
;Final solution — Clear mail queue |
|||
Fed up of logcheck spam because postfix can't forward the mail? Then just clear the [[Postfix]] queue : |
|||
<source lang=bash> |
|||
mailq |
|||
# -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient------- |
|||
# C8E5822246 61203 Tue May 2 18:52:15 SRS0=uPVF=4I=bounce.twitter.com=n0288f29604-ddce666005a144febeb7aa8cc3accd73-keccakontwitter===noekeon.org@noekeon.org |
|||
# (host alt1.gmail-smtp-in.l.google.com[74.125.131.26] said: 421-4.7.0 [91.134.133.203 15] Our system has detected an unusual rate of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has been temporarily 421-4.7.0 rate limited. Please visit 421-4.7.0 https://support.google.com/mail/?p=UnsolicitedRateLimitError to 421 4.7.0 review our Bulk Email Senders Guidelines. u64si539507lfg.80 - gsmtp (in reply to end of DATA command)) |
|||
# night.moore.nm@gmail.com |
|||
# |
|||
# -- 60 Kbytes in 1 Request. |
|||
postsuper -d ALL deferred |
|||
</source> |
|||
Latest revision as of 05:39, 5 September 2022
Related pages:
Guides
- https://jan.wildeboer.net/2022/08/Email-0-The-Journey-2022/
- https://vadosware.io/post/its-never-been-easier-or-harder-to-self-host-email/
Testing
Troubleshooting
Google GMail - 421-4.7.0 black listing
References:
- https://www.rackaid.com/blog/gmail-blacklist-removal/
- Bulk Senders Guidelines
- Gmail Postmaster Tools
- http://whatismyipaddress.com/blacklist-check
- https://postmaster.google.com/
We get in /var/log/mail.log:
Sep 5 08:29:11 ober postfix/smtp[8491]: 43B4F22205: host gmail-smtp-in.l.google.com[66.102.1.27] said: 421-4.7.0 [91.134.133.203 15] Our system
has detected an unusual rate of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from
your IP address has been temporarily 421-4.7.0 rate limited. Please visit 421-4.7.0 https://support.google.com/mail/answer/81126 to review our Bulk
Email 421 4.7.0 Senders Guidelines. jg8si2554443wjb.4 - gsmtp (in reply to end of DATA command)
Sep 5 08:29:11 ober postfix/smtp[8490]: 6FD32222D3: host gmail-smtp-in.l.google.com[66.102.1.27] said: 421-4.7.0 [91.134.133.203 15] Our system
has detected an unusual rate of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from
your IP address has been temporarily 421-4.7.0 rate limited. Please visit 421-4.7.0 https://support.google.com/mail/?p=UnsolicitedRateLimitError to
421 4.7.0 review our Bulk Email Senders Guidelines. d66si5510162wmc.138 - gsmtp (in reply to end of DATA command)
Looking the source message, we see it is due to a forwarder from twitter to a gmail account:
grep 43B4F22205 /var/log/mail.log.1|head
# Sep 1 16:52:22 ober postfix/cleanup[8522]: 43B4F22205: message-id=<A8.4B.18871.79048C75@twitter.com>
# Sep 1 16:52:22 ober postfix/qmgr[2449]: 43B4F22205: from=<b0045f3e0b2keccakontwitter=noekeon.org@bounce.twitter.com>, size=21136, nrcpt=1 (queue active)
# Sep 1 16:52:22 ober postfix/local[8524]: A18C5222D1: to=<keccakontwitter@noekeon.org>, relay=local, delay=5.9, delays=5.8/0/0/0.06, dsn=2.0.0, status=sent (forwarded as 43B4F22205)
# Sep 1 16:52:22 ober postfix/smtp[8531]: 43B4F22205: host gmail-smtp-in.l.google.com[64.233.166.26] said: 421-4.7.0 [91.134.133.203 15] [...]
# Sep 1 16:52:23 ober postfix/smtp[8531]: 43B4F22205: to=<guido.bertoni@gmail.com>, orig_to=<keccakontwitter@noekeon.org>, relay=alt1.gmail-smtp-in.l.google.com[173.194.222.26]:25, [...]
grep keccakontwitter /etc/aliases
# keccakontwitter: gvabulk, mip, jda, gbe
grep ^gbe /etc/aliases
# gbe: guido.bertoni@gmail.com
- Solution 1 — Install postsrsd
- As reported here, the issue may be due to SPF, which "breaks" mail forwarding: we forward a mail with
@twitter.comas sender domain, but our server is not authorized by the SPF record in twitter.com domain. The solution is to use SRS, which rewrites the sender address to match the domain of the forwarding server. - See Configuration Noekeon.org.
- Solution 2 — Add offending sender to Gmail account contact list
- May stop GMail to see your mail server as a bulk-sender-whatever.
- Solution 3 — Install opendkim
- Not tested yet.
- Solution 4 — Use POP3 on Gmail to fetch from remote account
- This bypass Gmail filtering and hence we avoid the problem.
- Final solution — Clear mail queue
Fed up of logcheck spam because postfix can't forward the mail? Then just clear the Postfix queue :
mailq
# -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
# C8E5822246 61203 Tue May 2 18:52:15 SRS0=uPVF=4I=bounce.twitter.com=n0288f29604-ddce666005a144febeb7aa8cc3accd73-keccakontwitter===noekeon.org@noekeon.org
# (host alt1.gmail-smtp-in.l.google.com[74.125.131.26] said: 421-4.7.0 [91.134.133.203 15] Our system has detected an unusual rate of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has been temporarily 421-4.7.0 rate limited. Please visit 421-4.7.0 https://support.google.com/mail/?p=UnsolicitedRateLimitError to 421 4.7.0 review our Bulk Email Senders Guidelines. u64si539507lfg.80 - gsmtp (in reply to end of DATA command))
# night.moore.nm@gmail.com
#
# -- 60 Kbytes in 1 Request.
postsuper -d ALL deferred