1

Topic: Unable to receive email from a web form on another server

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.5-1
- Linux/BSD distribution name and version: Ubuntu 14,04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No
- Related log if you're reporting an issue: mail.log
====

Hello,

I recently set up a server which works fine except for the fact that now, when I submit a web form from my own website hosted on another server, the mail is not being delivered. It used to deliver fine when I was hosting my email on Gmail which is odd because I assume they would have strong policies but apparently not?

Anyhow, here is the error from the mail.log file:

Aug  7 12:11:32 mail postfix/smtpd[2179]: NOQUEUE: reject: RCPT from unknown[X.X.X.X]: 554 5.7.1 <ip-X-X-X-XX.ec2.internal>: Helo command rejected: ACCESS DENIED. Your email was rejected because the sending mail server appears to be on a dynamic IP address that should not be doing direct mail delivery (XX-X-X-XX); from=<apache@ip-XX-X-X-XX.ec2.internal> to=<xxxxxx@xxxxxxxxxxxxx.com> proto=ESMTP helo=<ip-XX-X-X-XX.ec2.internal>

I figured I could fix this by adding a whitelist like so:

python wblist_admin.py --add --whitelist apache@ip-XX-X-X-XX.ec2.internal

But upon "service iredapd restart" the mail still does not deliver so now I am stuck and would appreciate some guidance.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Unable to receive email from a web form on another server

As an update, I figured there is a problem with the reverse DNS so I requested that Amazon AWS EC2 support create a reverse lookup and they did. Upon trying again, I received a new error:

Aug  7 15:41:32 mail postfix/smtpd[5085]: NOQUEUE: reject: RCPT from www.XXXXXXX.com[XX.X.XXX.XX]: 451 4.7.1 <XXXX@XXXXXXXX.com>: Recipient address rejected: Intentional policy rejection, please try again later; from=<apache@www.XXXXX.com> to=<XXX@XXXXXXX.com> proto=ESMTP helo=<www.XXXXXXX.com>

So this time there was no problem w/DNS or reverse lookup but greylisting was rejecting it!

I followed this to get rid of greylisting:

http://www.iredmail.org/docs/manage.ire … completely

Once I did that, the submitted forms come through normally, and I also noticed that many non-spam emails were also being blocked by greylisting. I don't think I am a fan of greylisting.

So I think that for now my problem is solved and maybe this will help someone who ran into a similar issue.

3

Re: Unable to receive email from a web form on another server

The correct, best solution is, enabling SMTP AUTH in your web form to send email.

4 (edited by rp 2016-08-09 00:13:59)

Re: Unable to receive email from a web form on another server

ZhangHuangbin wrote:

The correct, best solution is, enabling SMTP AUTH in your web form to send email.

Thanks for the advice -- I didn't even know this was an option so I appreciate it. I'm running a WP site and found these, both of which look good:

https://wordpress.org/plugins/wp-mail-smtp/

https://wordpress.org/support/view/plug … mtp-mailer

However, what about the fact that leaving graylisting activated slows the pace at which emails arrive (if ever)? I like the fact that when someone sends mail, the mail automatically arrives in the inbox rather than taking 15-30 minutes.

What are the true security risks (if any, other than occasional SPAM) if graylisting is turned off?

5

Re: Unable to receive email from a web form on another server

For technical details about greylisting, please visit http://greylisting.org/

6

Re: Unable to receive email from a web form on another server

ZhangHuangbin wrote:

For technical details about greylisting, please visit http://greylisting.org/

Interestingly, even though you replied to my inquiry before, this is the first time I received an update notification even though I was subscribed to this topic:

-------------

ZhangHuangbin has replied to the topic 'Unable to receive email from a web form on another server' to which you are subscribed. There may be more new replies, but this is the only notification you will receive until you visit the board again.

The post is located at http://www.iredmail.org/forum/post50702.html#p50702

---------------

Looking back to my logs before I deactivated graylisting, I see that "iredmail@xxxxx.bluehost.com" tried to send me notifications but they were kicked back and they were not sent again!

This is the kind of thing I am talking about..........so risky missing out on emails in my opinion. It seems like greylisting is ultimately an individual decision a system administrator has to make but for me it's probably not the right one. Thanks for providing the information!

7

Re: Unable to receive email from a web form on another server

rp wrote:

Looking back to my logs before I deactivated graylisting, I see that "iredmail@xxxxx.bluehost.com" tried to send me notifications but they were kicked back and they were not sent again!

Forum notifications are sent from our web hosting vendor's server (bluehost.com), not from '@iredmail.org'. Because it's ridiculous that they don't even allow me to use a external SMTP server to send email (they block outgoing traffic of port 25/587), and they claimed that using a external smtp server will cause their mail server been blacklisted... i'm wordless.

8 (edited by rp 2016-08-09 12:16:43)

Re: Unable to receive email from a web form on another server

ZhangHuangbin wrote:

i'm wordless.

Well, it's clear to me that you are quite the expert when it comes to email servers and open-source development with this awesome solution you've made available to the community, and this is part of the challenge: Not everyone is an expert, or thoughtful, so I think that to hope others will be "on the same level" will result in disappointment.  smile

I think that the system as you have put it together is EXCEPTIONAL but maybe a bit too hopeful (hoping other admins are on the ball and that other systems are up to par, which 99.99% are not).

This is why I think that even though the idea of graylisting is noble in its concept (in an ideal world where everyone is playing by the same rules and has their systems at peak performance and optimization)  in the *real, and disappointing world* it is too much to ask....lol.

Still, I think that the way you set it up and offer the package is the RIGHT way to do it. Leave it to those who implement to decide what they want to remove -- you offer "best of breed performance out of the box"....and that is saying something regardless of the real-world circumstances.

9

Re: Unable to receive email from a web form on another server

rp wrote:

Well, it's clear to me that you are quite the expert when it comes to email servers and open-source development with this awesome solution you've made available to the community, and this is part of the challenge: Not everyone is an expert, or thoughtful, so I think that to hope others will be "on the same level" will result in disappointment. 

i just expect him/her, as a web hosting tech support, to understand that sending email from my own mail server doesn't impact his/her mail server reputation. Not picky i guess?