rDNS issue? Helo name contains an IP address (HELO was [127.0.0.1]) and not is valid
Hi all,
I'm on the latest mailman installation in a HestiaCP server. The past few days I have been investigating some spam issues and by using dkimvalidator.com I found the following:
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager* 3.2 HELO_DYNAMIC_IPADDR Relay HELO'd using suspicious hostname (IP addr 1)*
Note the last line on the above debug information which raises the spam score of the email. Some research showed me that I needed a rDNS entry in my server. I'm on a Hetzner cloud VM so I used the Hetzner console to change the rDNS entry from:
static.XXX.XXX.XXX.XXX.clients.your-server.de
to my initial server hostname for example:
*hestia.myserver.com <http://hestia.myserver.com>*
However, after some propagation, I found today that even though I can send email to any normal address created in the server's control panel, mailing list emails do not get sent.
I see the following in the logs: Mailman SMTP log:
Oct 24 14:17:47 2023 (3759611) <169814622178.3759638.4589434779084932533@localhost> *response exception: (550, b'Helo name contains an IP address (HELO was [127.0.0.1]) and not is valid'*, 'testlist-bounces+myusername=myproject.eu@myproject.eu')
Oct 24 14:17:47 2023 (3759611) <169814622178.3759638.4589434779084932533@localhost> smtp to testlist@myproject.eu for 1 recips, completed in 45.07745146751404 seconds
Oct 24 14:17:47 2023 (3759611) <169814622178.3759638.4589434779084932533@localhost> post to testlist@myproject.eu from testlist-confirm+07d3315fa11a75588857fc93d1832ba74fb09fdd@myproject.eu, 1633 bytes, 1 failures
Oct 24 14:17:47 2023 (3759611) <169814622178.3759638.4589434779084932533@localhost> delivery to myusername@myproject.eu failed with code 550, b*'Helo name contains an IP address (HELO was [127.0.0.1]) and not is valid'*
Exim4 log:
2023-10-24 14:17:47 H=([127.0.0.1]) [XXX.XXX.XXX.XXX] rejected MAIL <testlist-bounces+myusername=myproject.eu@myproject.eu>: *Helo name contains an IP address (HELO was [127.0.0.1]) and not is valid*
The weird thing is that when I do a mailman-web sendtestemail this email is sent successfully.
Also please note that before the rDNS change I did not have an issue with mail sending.
Last but not least, after some search I set in Exim4 the following: PRIMARY_HOST_NAME = *hestia.myserver.com <http://hestia.myserver.com>*
Any help would be greatly appreciated.
*Kyriakos Terzopoulos *Web developer / e-learning expert
*Tel:*+30 211 213 9858
*Mobile:* +30 694 526 4512
- E-mail: *kyriakos.terzopoulos@gmail.com
- Skype:* kyriakos.terzopoulos Find me on Facebook <http://www.facebook.com/cirrus3d> Follow me on Twitter <http://twitter.com/#%21/cirrus3d>
Kyriakos Terzopoulos writes:
Some research showed me that I needed a rDNS entry in my server. I'm on a Hetzner cloud VM so I used the Hetzner console to change the rDNS entry from:
static.XXX.XXX.XXX.XXX.clients.your-server.de
Don't do that. Aside from inducing the 127.0.0.1 problem you experience, some recipients insist on a reverse lookup that "round-trips", so that if you look up the HELO name, and then look up the IP returned, you get the HELO name back.
Oct 24 14:17:47 2023 (3759611) <169814622178.3759638.4589434779084932533@localhost> *response exception: (550, b'Helo name contains an IP address (HELO was [127.0.0.1]) and not is valid'*, 'testlist-bounces+myusername=myproject.eu@myproject.eu')
I don't understand why you get the loopback IP address in HELO. Maybe somebody else can explain.
The weird thing is that when I do a mailman-web sendtestemail this email is sent successfully.
That's not entirely surprising. When you send mail via a Mailman list a lot of processing gets done and it passess through three separate processes that are basically doing Internet mail: the incoming MTA, Mailman, and the outgoing MTA. mailman-web sendtestemail there's only one Internet-capable agent, which is the outgoing MTA.
Steve
Hi Stephen, all,
The issue is resolved. I had in my /etc/hosts this:
127.0.0.1 hestia.myserver.com
which I removed.
No more mail being marked as spam. However I face a (hopefully) new problem now. When I mass subscribe the users, they get an initial invitation email. However after replying I get this in the exim logs, the subsequent mails do not arrive and the users are not verified at all:
2023-10-25 13:36:41 1qvbFh-001kcb-Ig <= myname@myproject.eu H=localhost ( webmail.myproject.eu) [127.0.0.1] P=esmtpa A=dovecot_login: myname@myproject.eu S=1726 id=32091a0e12cc23fa988380639a4c44a6@ myproject .eu 2023-10-25 13:36:41 1qvbFh-001kcb-Ig == partners@myproject.eu < partners-confirm+6df62cd0f805b2b66b21a43a42ec8ee77487e8ad@myproject.eu> R=mailman3_router T=mailman3_transport defer (-54): retry time not reached for any host for ' myproject.eu'
Can you kindly provide your feedback on this?
*Kyriakos Terzopoulos *Web developer / e-learning expert
*Tel:*+30 211 213 9858
*Mobile:* +30 694 526 4512
- E-mail: *kyriakos.terzopoulos@gmail.com
- Skype:* kyriakos.terzopoulos Find me on Facebook <http://www.facebook.com/cirrus3d> Follow me on Twitter <http://twitter.com/#%21/cirrus3d>
On Tue, 24 Oct 2023 at 15:36, Stephen J. Turnbull < turnbull.stephen.fw@u.tsukuba.ac.jp> wrote:
Kyriakos Terzopoulos writes:
Some research showed me that I needed a rDNS entry in my server. I'm on a Hetzner cloud VM so I used the Hetzner console to change the rDNS entry from:
static.XXX.XXX.XXX.XXX.clients.your-server.de
Don't do that. Aside from inducing the 127.0.0.1 problem you experience, some recipients insist on a reverse lookup that "round-trips", so that if you look up the HELO name, and then look up the IP returned, you get the HELO name back.
Oct 24 14:17:47 2023 (3759611) <169814622178.3759638.4589434779084932533@localhost> *response exception: (550, b'Helo name contains an IP address (HELO was [127.0.0.1]) and not is valid'*, 'testlist-bounces+myusername=myproject.eu@myproject.eu')
I don't understand why you get the loopback IP address in HELO. Maybe somebody else can explain.
The weird thing is that when I do a mailman-web sendtestemail this email is sent successfully.
That's not entirely surprising. When you send mail via a Mailman list a lot of processing gets done and it passess through three separate processes that are basically doing Internet mail: the incoming MTA, Mailman, and the outgoing MTA. mailman-web sendtestemail there's only one Internet-capable agent, which is the outgoing MTA.
Steve
Kyriakos Terzopoulos writes:
No more mail being marked as spam. However I face a (hopefully) new problem now. When I mass subscribe the users, they get an initial invitation email. However after replying I get this in the exim logs, the subsequent mails do not arrive and the users are not verified at all:
2023-10-25 13:36:41 1qvbFh-001kcb-Ig <= myname@myproject.eu H=localhost (webmail.myproject.eu) [127.0.0.1] P=esmtpa A=dovecot_login: myname@myproject.eu S=1726 id=32091a0e12cc23fa988380639a4c44a6@ myproject.eu 2023-10-25 13:36:41 1qvbFh-001kcb-Ig == partners@myproject.eu <partners-confirm+6df62cd0f805b2b66b21a43a42ec8ee77487e8ad@myproject.eu> R=mailman3_router T=mailman3_transport defer (-54): retry time not reached for any host for ' myproject.eu'
It looks like 'myname' has replied to the invitation, and was received by this MTA (is it Mailman's MTA?). Then delivery to Mailman was deferred because delivery to ' myproject.eu' has failed, and Exim is queueing them for future delivery, until the next retry time. Try using 'runq' then checking the log to see why mail is failing in the first place.
I do not understand why there are spaces before the host name in these lines:
id=32091a0e12cc23fa988380639a4c44a6@ myproject.eu retry time not reached for any host for ' myproject.eu'
The first never happens in my Exim instance. (I have no instances of "retry time not reached" at all in my logs.) That suggests a misconfiguration, in Exim, in Mailman, or Postorius. You should check the mailman3_router and the mailman3_transport first because they're easier.
Steve
Hi Steve,
I'll check runq and let you know. As for the spaces it was just a copy/paste fail from my part since I want to obfuscate the true domain name.
*Kyriakos Terzopoulos *Web developer / e-learning expert
*Tel:*+30 211 213 9858
*Mobile:* +30 694 526 4512
- E-mail: *kyriakos.terzopoulos@gmail.com
- Skype:* kyriakos.terzopoulos Find me on Facebook <http://www.facebook.com/cirrus3d> Follow me on Twitter <http://twitter.com/#%21/cirrus3d>
On Wed, 25 Oct 2023 at 20:29, Stephen J. Turnbull < turnbull.stephen.fw@u.tsukuba.ac.jp> wrote:
Kyriakos Terzopoulos writes:
No more mail being marked as spam. However I face a (hopefully) new problem now. When I mass subscribe the users, they get an initial invitation email. However after replying I get this in the exim logs, the subsequent mails do not arrive and the users are not verified at all:
2023-10-25 13:36:41 1qvbFh-001kcb-Ig <= myname@myproject.eu H=localhost (webmail.myproject.eu) [127.0.0.1] P=esmtpa A=dovecot_login: myname@myproject.eu S=1726 id=32091a0e12cc23fa988380639a4c44a6@ myproject.eu 2023-10-25 13:36:41 1qvbFh-001kcb-Ig == partners@myproject.eu < partners-confirm+6df62cd0f805b2b66b21a43a42ec8ee77487e8ad@myproject.eu> R=mailman3_router T=mailman3_transport defer (-54): retry time not reached for any host for ' myproject.eu'
It looks like 'myname' has replied to the invitation, and was received by this MTA (is it Mailman's MTA?). Then delivery to Mailman was deferred because delivery to ' myproject.eu' has failed, and Exim is queueing them for future delivery, until the next retry time. Try using 'runq' then checking the log to see why mail is failing in the first place.
I do not understand why there are spaces before the host name in these lines:
id=32091a0e12cc23fa988380639a4c44a6@ myproject.eu retry time not reached for any host for ' myproject.eu'
The first never happens in my Exim instance. (I have no instances of "retry time not reached" at all in my logs.) That suggests a misconfiguration, in Exim, in Mailman, or Postorius. You should check the mailman3_router and the mailman3_transport first because they're easier.
Steve
participants (2)
-
Kyriakos Terzopoulos -
Stephen J. Turnbull