Results 1 to 18 of 18
  1. #1
    Join Date
    Mar 2004
    Location
    Pennsylvania
    Posts
    74

    DNS / Mail issue with Postini relaying

    I've got a domain name ("problemdomain.com") on my server (CentOS 4, WHM/cPanel) that has been set up with Postini for quite some time. All has been working & routing correctly. I recently changed to a new server with a new IP address. I transferred the account so that the DNS is setup identically on the new server. The only thing that changed is the main server IP, and the IP addresses that ns1.myserver.com and ns2.myserver.com resolve to. That propagation went through today and should be well set in.

    Now, whenever you send an email to someone on this domain, it gets bounced back with the following:


    This is an automatically generated Delivery Status Notification
    Delivery to the following recipient failed permanently:

    [email protected]

    Technical details of permanent failure:
    PERM_FAILURE: SMTP Error (state 13): 550-exprod8mx214.postini.com (psmtp.com) [64.18.3.114] is currently not
    550-permitted to relay through this server. Perhaps you have not logged into
    550-the pop/imap server in the last 30 minutes or do not have SMTP
    550 Authentication turned on in your email client.


    The way I have the DNS setup on the server for the MX records is as follows:
    problemdomain.com., 14400, IN MX, 100, laserskinsurgery.com.s8a1.psmtp.com.
    problemdomain.com., 14400, IN MX, 200, laserskinsurgery.com.s8a2.psmtp.com.
    problemdomain.com., 14400, IN MX, 300, laserskinsurgery.com.s8b1.psmtp.com.
    problemdomain.com., 14400, IN MX, 400, laserskinsurgery.com.s8b2.psmtp.com.

    This DNS is exactly the way it was setup before when it was working. Any ideas what could be causing this?
    Steve Lundy - Web Design GT
    Custom & Professional website design services.
    Find Out More!

  2. #2

    ip

    Is it possible that postini has an ip bound to the domain and since that changed they stop accepting email for your domain ?
    BTW have you contacted postini ?
    Datums Internet Solutions, LLC
    Systems Engineering & Managed Hosting Services
    Complex Hosting Consultants

  3. #3
    Join Date
    Mar 2004
    Location
    Pennsylvania
    Posts
    74
    Postini receives the mail, filters it, then passes it back using an IP address. They updated that IP address today to be the new server's IP.

    We have been working with Postini throughout the day on this, yes. They seem to think it's something setup wrong on the server.
    Steve Lundy - Web Design GT
    Custom & Professional website design services.
    Find Out More!

  4. #4
    Join Date
    Mar 2004
    Location
    Pennsylvania
    Posts
    74
    Here's a follow-up question / tidbit of information. I checked the "/etc/localdomains" and "/etc/remotedomains" on both the old server (which was working) and the new server.

    On the old server, the domain in question was listed in the localdomains and not in the remotedomains. On the new server, it is in the remotedomains and not the localdomains.

    I'm not extremely well-versed in how these should be configured in the first place, but I assume it adds complexity since the mail is being forwarded to Postini, then back.

    One thing I read about this is: "the domain actually should not be in that localdomains file, since the MX records are pointing to remote servers. Since that is the case, the domain should be listed in /etc/remotedomains instead. It should only be listed in localdomains if the MX records are pointing back to this server."

    My question to this would be, if it's supposed to be set up that way, then why isn't it working? And why did it work on the old server when it was set up the opposite way? Any one have any ideas?
    Steve Lundy - Web Design GT
    Custom & Professional website design services.
    Find Out More!

  5. #5
    Join Date
    Oct 2005
    Posts
    436
    One thing I read about this is: "the domain actually should not be in that localdomains file, since the MX records are pointing to remote servers. Since that is the case, the domain should be listed in /etc/remotedomains instead. It should only be listed in localdomains if the MX records are pointing back to this server."
    I use MXLogic and have had quite a few problems similar to the one you're facing.

    The help text above is incorrect if the email is being hosted on your own servers. That is, if your server both sends and receives email. /etc/remotedomains/ is only when a domain's email is being hosted by an external email provider and not by your server/host. So, even if the MX records point to Postini, the domains protected by it should be in /etc/localdomains/.

    I am willing to bet that if you move the domains from /etc/remotedomains/ to /etc/localdomains/ on the new server, your problem will vanish. Additionally, ensure that in your Postini account management console, the Inbound servers are set up correctly and point to the new server's IP address.

    The other occasion when I have received similar messages from MXLogic is when an email address protected by it had an alias and I forgot to enter that alias in the MXLogic Console for that email account.

  6. #6
    Join Date
    Mar 2004
    Location
    Pennsylvania
    Posts
    74
    Thanks a lot for the reply. It's good to know someone else had this sort of problem. I had a sneaking suspicion that I should do exactly what you recommended. When I made the change, my test email went through perfectly. My only worry was/is, does this bypass Postini? From what you said it doesn't, so I should be all set.

    Thanks again.
    Steve Lundy - Web Design GT
    Custom & Professional website design services.
    Find Out More!

  7. #7
    Join Date
    Nov 2001
    Location
    Ann Arbor, MI
    Posts
    2,978
    You have the "Always accept mail locally even if the primary mx does not point to this server." checkbox checked in WHM/cpanel?
    -Mark Adams
    www.bitserve.com - Secure Michigan web hosting for your business.
    Only host still offering a full money back uptime guarantee and prorated refunds.
    Offering advanced server management and security incident response!

  8. #8
    Join Date
    Oct 2005
    Posts
    436
    Thanks a lot for the reply.
    You're welcome:-)

  9. #9
    Join Date
    Nov 2001
    Location
    Ann Arbor, MI
    Posts
    2,978
    BTW, I'm pretty sure the checkbox I mentioned makes sure the domain is in the /etc/localdomains file without having to make manual changes that bypass cpanel.
    -Mark Adams
    www.bitserve.com - Secure Michigan web hosting for your business.
    Only host still offering a full money back uptime guarantee and prorated refunds.
    Offering advanced server management and security incident response!

  10. #10

    firewall off smtp

    depending on how many domains are setup to use postini you can protect it from receiving email directly by only accepting email from the postini ip addresses. This will ensure that only email that has pass through their scanners hit your server.

    MessageLabs works in a similar way.
    Datums Internet Solutions, LLC
    Systems Engineering & Managed Hosting Services
    Complex Hosting Consultants

  11. #11
    Join Date
    Mar 2004
    Location
    Pennsylvania
    Posts
    74

  12. #12
    Join Date
    Nov 2001
    Location
    Ann Arbor, MI
    Posts
    2,978
    No, that wouldn't help. The reason your mailserver says that the sender can't relay is because it thinks it's not hosting email for problemdomain.com, therefore the sender must surely be trying to relay the email through your server to the actual server that hosts email for that domain. If you accepted it for relaying, your server would send the message off to postini who would then route it back to you. Eventually the message would be killed after looping for awhile.

    All you need to do is check the above checkbox in cpanel.
    -Mark Adams
    www.bitserve.com - Secure Michigan web hosting for your business.
    Only host still offering a full money back uptime guarantee and prorated refunds.
    Offering advanced server management and security incident response!

  13. #13
    Join Date
    Mar 2004
    Location
    Pennsylvania
    Posts
    74
    Quote Originally Posted by bitserve View Post
    All you need to do is check the above checkbox in cpanel.
    Ok, so checking that box will ensure the domain is listed in the /etc/localdomains file?

    As it turns out, the customer's email was still only working sporadically after making sure the file was in the /etc/localdomains folder, so we have temporarily removed Postini from the equation and changed the MX records to point to just my server for now.

    At some point in the next week or so they'll be sick of their spam and want to change back, so I just want to make sure I have all my ducks in a row this time.
    Steve Lundy - Web Design GT
    Custom & Professional website design services.
    Find Out More!

  14. #14
    Join Date
    Nov 2001
    Location
    Ann Arbor, MI
    Posts
    2,978
    I'm pretty sure.

    Maybe cpanel was overwriting that /etc/localdomains file when you added new domains or made any changes to the mail system?

    I don't know cpanel well enough to know.

    Have you worked to define not working in the "only working sporadically" context?
    -Mark Adams
    www.bitserve.com - Secure Michigan web hosting for your business.
    Only host still offering a full money back uptime guarantee and prorated refunds.
    Offering advanced server management and security incident response!

  15. #15
    Join Date
    Apr 2000
    Location
    California
    Posts
    3,051
    The domain has to be set local for postini, because mail will be delivered there, still, just after being filtered is all. This surely happened when you moved things around. Just add it to the localdomains and other relevant files where it's missing and remove it from the remotedomains/remotemx files.

  16. #16
    Join Date
    Nov 2001
    Location
    Ann Arbor, MI
    Posts
    2,978
    Tim, doesn't the "Always accept mail locally even if the primary mx does not point to this server" checkbox do that? Or am I mistaken?
    -Mark Adams
    www.bitserve.com - Secure Michigan web hosting for your business.
    Only host still offering a full money back uptime guarantee and prorated refunds.
    Offering advanced server management and security incident response!

  17. #17
    Join Date
    Apr 2000
    Location
    California
    Posts
    3,051
    I actually didn't read the entire thread when I replied. I'm not sure, I've never used that option myself (I rarely use the Cpanel/WHM interfaces), but by the description alone, I'd assume it does exactly that.

  18. #18
    Join Date
    Oct 2005
    Posts
    436
    As it turns out, the customer's email was still only working sporadically after making sure the file was in the /etc/localdomains folder, so we have temporarily removed Postini from the equation and changed the MX records to point to just my server for now.
    I just remembered something that might help you solve the problem. In WHM >> Tweak Settings >> Mail, uncheck the following option:
    Automatically setup /etc/localdomains, /etc/remotedomains, /etc/secondarymx based on where the mx entry is pointed.
    This came in with cPanel 11 and caused a lot of trouble. If this is checked, cPanel tries to be too smart and keeps moving domains to /etc/remotdomains if the MX records point elsewhere.

    This just might do the trick for you.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •