1 Topic by Marty

  • Marty
  • Member
  • Offline
  • Registered: 2017-03-04
  • Posts: 6

Topic: Rejected E-Mails

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.6
- Linux/BSD distribution name and version: Ubuntu 16.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): PGSQL
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No
- Related log if you're reporting an issue: Logwatch 7.4.2
====

This is the first e-mail server I have commissioned and I am trying to get the feel for how the system works before I feel comfortable with deploying a few more so bare with me in my lack of understanding.

Many e-mails are not being received from specific domains/senders.  Even domains as well known as eBay.  I do not know why this is the case but this is what I see in the log:

2580   4xx Reject HELO/EHLO                        98.55%
38   4xx Reject recipient address                 1.45%

I do not know where to get more detailed information on what e-mails were rejected.  Any help would be appreciated!

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,190

Re: Rejected E-Mails

Check the reject error message in Postfix log file: /var/log/mail.log. Search HELO and EHLO related log.

3 Reply by Marty (edited by Marty 2017-03-05 06:35:19)

  • Marty
  • Member
  • Offline
  • Registered: 2017-03-04
  • Posts: 6

Re: Rejected E-Mails

Thanks for the tip.  I have been search through the log and it is filled with instances of the following error:

NOQUEUE: reject: RCPT from resqmta-ch2-06v.sys.comcast.net[69.252.207.38]: 451 4.7.1 <john@mydomain.com>: Recipient address rejected: Intentional policy rejection, please try again later; from=<****@comcast.net> to=<john@mydomain.com> proto=ESMTP helo=<resqmta-ch2-06v.sys.comcast.net>

NOQUEUE: reject: RCPT from mail01.demand.ziprecruiter.com[142.0.166.203]: 451 4.7.1 <john@mydomain.com>: Recipient address rejected: Intentional policy rejection, please try again later; from=<****@demand.ziprecruiter.com> to=<john@mydomain.com> proto=ESMTP helo=<mail01.demand.ziprecruiter.com>

NOQUEUE: reject: RCPT from lvmailappout23.intuit.com[199.16.139.27]: 451 4.7.1 <john@mydomain.com>: Recipient address rejected: Intentional policy rejection, please try again later; from=<****@intuit.com> to=<john@mydomain.com> proto=ESMTP helo=<lvmailappout23.intuit.com>

This different error pops up every now and again:

NOQUEUE: reject: RCPT from mail3.iship.com[64.74.4.33]: 450 4.7.1 <corpx04.iship.inc>: Helo command rejected: Host not found; from=<****@iship.com> to=<john@mydomain.com> proto=ESMTP helo=<corpx04.iship.inc

There are many rejected notices from non legitimate sources such as "messages@randomdomain" but the examples above are all well known domains.

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,190

Re: Rejected E-Mails

About error message "Intentional policy rejection, please try again later;", please check our tutorial:
http://www.iredmail.org/docs/errors.htm … gain-later

Marty wrote:

NOQUEUE: reject: RCPT from mail3.iship.com[64.74.4.33]: 450 4.7.1 <corpx04.iship.inc>: Helo command rejected: Host not found; from=<****@iship.com> to=<john@mydomain.com> proto=ESMTP helo=<corpx04.iship.inc

As you can see, Postfix says "Host not found", that means HELO hostname "corpx04.iship.inc..." is not resolvable by DNS query. But it's expected to be resolvable. So this rejection is ok.

5 Reply by Marty

  • Marty
  • Member
  • Offline
  • Registered: 2017-03-04
  • Posts: 6

Re: Rejected E-Mails

I went ahead and disabled the grey-listing plug-in.

Thank You!

6 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,190

Re: Rejected E-Mails

Marty wrote:

I went ahead and disabled the grey-listing plug-in.

YOU'RE DOING IT WRONG. You should keep greylisting enabled.

Please visit http://greylisting.org/ to understand what greylisting is, and how it works.

7 Reply by Marty (edited by Marty 2017-03-05 12:38:17)

  • Marty
  • Member
  • Offline
  • Registered: 2017-03-04
  • Posts: 6

Re: Rejected E-Mails

I read that website when you first suggested it.  It however does not give me a viable solution to use grey-listing.

It seems many individuals sending us e-mail are either not using RFC compliant MTAs (what greylisting.org referes to it as) so the e-mail is not being resent after receiving the "try again later".  It is not practical to take the time to whitelist every address that is not making it through.  Many important e-mails never were resent and has caused a large problem. 

Unless I misunderstood the information on greylisting.org?

8 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,190

Re: Rejected E-Mails

Nowadays most MTAs should be RFC compliant, i didn't hear complain about this.

The one issue i heard is some ISPs will resend the returned email from another server immediately, this won't bypass greylisting. But it's easy to solve by whitelisting their mail server networks (via SPF/MX DNS records) for greylisting service.

9 Reply by Marty

  • Marty
  • Member
  • Offline
  • Registered: 2017-03-04
  • Posts: 6

Re: Rejected E-Mails

Thank you again for the quick replies.  I will look into whitelisting the ISPs mail server networks and see if that resolves my greylisting issue.