1

I've got a ISPconfig 3 production server set up, running Ubuntu Server 9.04. My e-mail gets delivered ok to almost every other server I send mail to except for one (smtp.chello.nl which bounces my email). In my /var/log/mail.err I found the below error.

Sep 23 08:59:33 <MYHOSTNAME> postfix/smtp[26944]: 3DB2B1456149: to=<<RECIPIENT>@chello.nl>, relay=smtp.chello.nl[213.46.255.2]:25, delay=2, delays=0.02/0.01/1.9/0.04, dsn=5.1.0, status=bounced (host smtp.chello.nl[213.46.255.2] said: 550 5.1.0 Dynamic/Generic hostnames are blocked. Please contact your Email Provider. Your IP was <MY IP>. Your hostname was ??. (in reply to MAIL FROM command))

What could be the cause of this?

I did an SMTP check on mxtools.com and got the following:

OK - Not an open relay
OK - 0 seconds - Good on Connection time
OK - 1.482 seconds - Good on Transaction time
OK - 83.161.xx.xx resolves to a83-161-xx-xx.xxx.xxx.nl
WARNING - Reverse DNS does not match SMTP Banner

Update:
My IP is static.

Pylsa
  • 205

7 Answers7

2

sometimes error messages say what they mean and mean what they say:

550 5.1.0 Dynamic/Generic hostnames are blocked

This means that your IP address is intentionally blocked by the receiver because it matches a pattern they don't want to accept email from.

The most likely reason: either your email server's IP address is in a dynamic range, or its in a range that your ISP have registered as dynamic. Is that the case? (if you didn't obscure the IP address I could have a go at checking myself, the pattern of what you did post suggests it probably is dynamic)

If that's the case then your options are limited to either moving to a proper "fixed" IP address or relaying through a smarthost at your ISP. People don't have to accept email from your server if they don't want to.

Looking at the comments, it appears you have two problems

  1. A fixed IP address but with a "generic" DNS name (e.g. abc.171.biz.def.yourisp.nl) is a 'generic' address as opposed to 'www.BloodPhilia.nl')
  2. No correct reverse lookup (PTR record) in DNS.

Assuming you can't/don't want to just forward stuff through a smarthost (e.g. you forward all your email from your server to your ISP and they send it out into the world on your behalf) then:

  • You'd need to register a domain name, if you haven't already, e.g. 'BloodPhilia.nl' and get basic DNS set up for that domain by your ISP.
  • Then get them to create an entry for your email server in DNS, e.g. both A and PTR records for 'mail.BloodPhilia.nl' pointing at the IP address of your email server.
  • Lastly, configure the email server so it identifies itself as 'mail.BloodPhilia.nl' in its banner.
Rob Moir
  • 32,154
2

You need to get your reverse DNS fixed.

Since you have concealed your IP, I have no way of giving useful suggestions on that count.

However, if you helo as smtp.example.com, I recommend that you have your domain name provider add an A record for smtp.example.com pointing to your IP, and get your ISP to give you reverse DNS for the same name.

$ dig outbound-us1.mailhostbox.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> outbound-us1.mailhostbox.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16706 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION: ;outbound-us1.mailhostbox.com. IN A

;; ANSWER SECTION: outbound-us1.mailhostbox.com. 14369 IN A 70.87.28.138

;; Query time: 0 msec ;; SERVER: 172.16.140.35#53(172.16.140.35) ;; WHEN: Thu Sep 23 17:07:58 2010 ;; MSG SIZE rcvd: 62

$ dig -x 70.87.28.138

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> -x 70.87.28.138 ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63397 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION: ;138.28.87.70.in-addr.arpa. IN PTR

;; ANSWER SECTION: 138.28.87.70.in-addr.arpa. 86385 IN CNAME 138.28.87.70.in-addr.ev1.opticaljungle.com. 138.28.87.70.in-addr.ev1.opticaljungle.com. 86385 IN PTR outbound-us1.mailhostbox.com.

;; Query time: 6 msec ;; SERVER: 172.16.140.35#53(172.16.140.35) ;; WHEN: Thu Sep 23 17:07:46 2010 ;; MSG SIZE rcvd: 138

See the A and PTR results.

Devdas
  • 747
1

It looks like you may have a dynamic address. Many mail servers, mine included will refuse email. Check to see if you are listed at spamhaus.org. Even if your address is not dynamic it looks enough like one to get you blocked on some servers.

If you have a dynamic address relay via your ISPs server. If not get your DNS (A record in your DNS) and rDSN (PTR record from your ISP) fixed.

Ensure your server uses the fully qualified domain name in its HELO message. Using a simple host name will get you blocked on a number of servers.

BillThor
  • 28,293
  • 3
  • 39
  • 70
1

Check your domain and IP for blacklisting; your server may be blacklisted somewhere.

Falcon Momot
  • 25,584
Ahmed
  • 11
0
  1. check you ip: http://www.mxtoolbox.com/SuperTool.aspx
  2. check mailname(cat /etc/mailname), hostname($hostname), PTR (host IPADDR). well if they match
bindbn
  • 5,321
0

Have you correctly specified a valid FQDN for your email server? Does your SMTP banner give a hostname of 'localhost.localdomain' or something similarly vague.

A quick fix sounds like it would be to either change your FQDN to that of the reverse IP, or (more appropriately) ensure your reverse DNS of your IP is the same as the FQDN you are reporting to be.

Andrew Taylor
  • 904
0

The simplest fix for this is to setup your ISP's mail server as the smarthost for your existing server.

All emails your server cannot deliver locally will be handed to the ISP's SMTP server for delivery.

http://www.howtoforge.com/postfix_relaying_through_another_mailserver

Phil Hannent
  • 685