• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Issue Client mail rejected

Z

zszymczyk

New Pleskian
Hi,

My client wants to send an email to me but he is receiving a message from MAILER-DAEMON :

Subject: Failure notice
XX.XX.XX.XX failed on DATA command.
Remote host said: / Zdalny host odpowiedzial: 550 5.7.1 Command rejected SSL (def)

My maillog:
/var/log/maillog:5058:Feb 16 11:49:13 host postfix/smtpd[10450]: AB4D42242B: milter-reject: DATA from 5E9892C6.static.tld.pl[94.152.146.198]: 550 5.7.1 Command rejected; from=<xxx@xxx> to=<yyy@yyy> proto=ESMTP helo=<5E9892C6.static.tld.pl>

Adding 94.152.146.198/32 to whitelist is not helping.

My configuration after postconf -n:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases, hash:/var/spool/postfix/plesk/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
disable_vrfy_command = yes
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailbox_size_limit = 0
mailman_destination_recipient_limit = 1
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 26214400
mydestination = localhost.$mydomain, localhost, localhost.localdomain
myhostname = XXX
mynetworks = , hash:/var/spool/postfix/plesk-pop/poplock, 94.152.146.198/32
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters =
plesk_virtual_destination_recipient_limit = 1
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.11.5/README_FILES
sample_directory = /usr/share/doc/postfix-2.11.5/samples
sender_dependent_default_transport_maps = hash:/var/spool/postfix/plesk/sdd_transport_maps
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_send_xforward_command = yes
smtp_tls_security_level = may
smtp_use_tls = no
smtpd_authorized_xforward_hosts = 127.0.0.0/8 [::1]/128
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_rbl_client sbl.spamhaus.org, reject_rbl_client xbl.spamhaus.org
smtpd_milters = inet:127.0.0.1:12768
smtpd_proxy_timeout = 3600s
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noplaintext
smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated
smtpd_timeout = 3600s
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/postfix/postfix.pem
smtpd_tls_ciphers = medium
smtpd_tls_exclude_ciphers = aNULL
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_mandatory_protocols = TLSv1 TLSv1.1 TLSv1.2
smtpd_tls_protocols = TLSv1 TLSv1.1 TLSv1.2
smtpd_tls_security_level = may
smtpd_use_tls = yes
tls_medium_cipherlist = HIGH:!aNULL:!MD5
tls_ssl_options = NO_COMPRESSION
transport_maps = , hash:/var/spool/postfix/plesk/transport
unknown_local_recipient_reject_code = 550
virtual_alias_maps = $virtual_maps, hash:/var/spool/postfix/plesk/virtual
virtual_gid_maps = static:31
virtual_mailbox_base = /var/qmail/mailnames
virtual_mailbox_domains = $virtual_mailbox_maps, hash:/var/spool/postfix/plesk/virtual_domains
virtual_mailbox_limit = 0
virtual_mailbox_maps = , hash:/var/spool/postfix/plesk/vmailbox
virtual_transport = plesk_virtual
virtual_uid_maps = static:30
 
Hello zszymczyk,

Did you see Mail rejected when greylisting is turned on: 550 5.7.1 Command rejected ? As I see, external mail server has domain `5E9892C6.static.tld.pl` and contain word "static" in the name; it is not good PTR-record for mail-server.

I checked blacklist with the patch from the KB:
Black domains patterns list:
*[0-9][0-9]-[0-9][0-9]-[0-9][0-9]*
*[0-9][0-9].[0-9][0-9].[0-9][0-9]*
*[0-9][0-9][0-9]-[0-9][0-9][0-9]-[0-9][0-9][0-9]*
*[0-9][0-9][0-9].[0-9][0-9][0-9].[0-9[0-9]][0-9]*
dsl|broadband|hsd
dynamic|static|ppp|dyn-ip|dial-up
Click to expand...

So, I suggest changing PTR-record for the remote server if it possible because of it the best solution.
Otherwise, add to whitelist remote mail-server by the domain name (or change pattern with "static" from blacklist).
 
Thanks @Mark Muyskens and @AYamshanov.

I did what you suggested but the problem is still there. Greylisting is enabled and client domain is added to the whitelist.
So I still don't know what to change to allow mail server without reverse DNS.
 
You must log in or register to reply here.

Similar threads

Polli
Issue Getting DANE working
2
Replies
33
Views
4K
Polli
Polli
B
Resolved no SASL authentication mechanisms
2
Replies
22
Views
12K
Mark12345
Mark12345
T
Issue SMTPD No Auth from IP Issue
Replies
2
Views
2K
Tessxr
T
P
Resolved Use PLESK/Postfix mailservice in combination with Office 365 - Problems sending mails to same domain (from local to office)
Replies
3
Views
4K
Jargon
J
H
Forwarded to devs mailhandler ignores small info text in case of REJECT
Replies
4
Views
1K
hitd
H
Back
Top