| Welcome to the Zimbra :: Forums! | |
Welcome, if you would like to post a comment please register.
We also encourage you to explore all things Zimbra with our team and members of the community.
|
 | 
07-29-2009, 01:05 PM
| | |  [SOLVED] incoming mail delivered, but triggers a mystery response from <>
Quote:
Jul 28 11:52:40 zimbra postfix/smtpd[26838]: warning: 206.165.243.114: hostname email-114.paypal.com verification failed: Name or service not known
Jul 28 11:52:40 zimbra postfix/smtpd[26838]: connect from unknown[206.165.243.114]
Jul 28 11:52:50 zimbra postfix/smtpd[26838]: warning: 114.243.165.206.b.barracudacentral.org: RBL lookup error: Host or domain name not found. Name service error for name=114.243.165.206.b.barracudacentral.org type=A: Host not found, try again
| Note: barracuda seems to have been down for much of yesterday. I'm sure it's not relevant but including so the entire transaction can be seen. Quote:
Jul 28 11:52:50 zimbra postfix/smtpd[26838]: B5CD22D60001: client=unknown[206.165.243.114]
Jul 28 11:52:50 zimbra postfix/cleanup[22077]: B5CD22D60001: message-id=<PayPal.6k82dqc1z.fc4f@email.paypal.com>
Jul 28 11:52:51 zimbra postfix/qmgr[16105]: B5CD22D60001: from=<paypal@email.paypal.com>, size=23061, nrcpt=1 (queue active)
Jul 28 11:52:51 zimbra amavis[15907]: (15907-14) ESMTP::10024 /opt/zimbra/data/amavisd/tmp/amavis-20090728T104655-15907: <paypal@email.paypal.com> -> <munged_recipient@mprinc.com> SIZE=23061 Received: from zimbra.mprinc.com ([127.0.0.1]) by localhost (zimbra.mprinc.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for <munged_recipient@mprinc.com>; Tue, 28 Jul 2009 11:52:51 -0700 (PDT)
Jul 28 11:52:51 zimbra amavis[15907]: (15907-14) Checking: kKGWvt4TJQdd [206.165.243.114] <paypal@email.paypal.com> -> <munged_recipient@mprinc.com>
Jul 28 11:52:54 zimbra postfix/smtpd[19893]: connect from localhost.localdomain[127.0.0.1]
Jul 28 11:52:54 zimbra postfix/smtpd[19893]: BBC782D60002: client=localhost.localdomain[127.0.0.1]
Jul 28 11:52:54 zimbra postfix/cleanup[22077]: BBC782D60002: message-id=<PayPal.6k82dqc1z.fc4f@email.paypal.com>
Jul 28 11:52:54 zimbra postfix/qmgr[16105]: BBC782D60002: from=<paypal@email.paypal.com>, size=23750, nrcpt=1 (queue active)
Jul 28 11:52:54 zimbra postfix/smtpd[19893]: disconnect from localhost.localdomain[127.0.0.1]
Jul 28 11:52:54 zimbra amavis[15907]: (15907-14) FWD via SMTP: <paypal@email.paypal.com> -> <munged_recipient@mprinc.com>,BODY=7BIT 250 2.6.0 Ok, id=15907-14, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as BBC782D60002
Jul 28 11:52:54 zimbra amavis[15907]: (15907-14) Passed CLEAN, [206.165.243.114] [206.165.243.114] <paypal@email.paypal.com> -> <munged_recipient@mprinc.com>, Message-ID: <PayPal.6k82dqc1z.fc4f@email.paypal.com>, mail_id: kKGWvt4TJQdd, Hits: 0.604, size:
2985, queued_as: BBC782D60002, 3619 ms
Jul 28 11:52:54 zimbra postfix/smtp[26842]: B5CD22D60001: to=<munged_recipient@mprinc.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=14, delays=10/0/0/3.6, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as BBC782D60002)
Jul 28 11:52:54 zimbra postfix/qmgr[16105]: B5CD22D60001: removed
| Okay, passed CLEAN so it was delivered. Then why the following? Quote:
Jul 28 11:52:54 zimbra postfix/smtpd[26836]: connect from zimbra.mprinc.com[99.147.40.125]
Jul 28 11:52:54 zimbra postfix/smtpd[26836]: CCD192D60001: client=zimbra.mprinc.com[99.147.40.125]
Jul 28 11:52:54 zimbra postfix/cleanup[22077]: CCD192D60001: message-id=<240426796.7881248807174835.JavaMail.root@zimbr a.mprinc.com>
Jul 28 11:52:54 zimbra postfix/qmgr[16105]: CCD192D60001: from=<>, size=885, nrcpt=1 (queue active)
Jul 28 11:52:54 zimbra postfix/smtpd[26836]: disconnect from zimbra.mprinc.com[99.147.40.125]
| We interrupt this mystery mail for final delivery to the user's inbox. Quote:
Jul 28 11:52:54 zimbra postfix/lmtp[20783]: BBC782D60002: to=<munged_recipient@mprinc.com>, relay=zimbra.mprinc.com[99.147.40.125]:7025, delay=0.08, delays=0/0/0/0.07, dsn=2.1.5, status=sent (250 2.1.5 OK)
Jul 28 11:52:54 zimbra postfix/qmgr[16105]: BBC782D60002: removed
| Finished delivering to user. Back to the mystery. Quote:
Jul 28 11:52:54 zimbra amavis[22078]: (22078-11) ESMTP::10024 /opt/zimbra/data/amavisd/tmp/amavis-20090728T114138-22078: <> -> <paypal@email.paypal.com> SIZE=885 Received: from zimbra.mprinc.com ([127.0.0.1]) by localhost (zimbra.mprinc.com [127.0.0.1]) (
mavisd-new, port 10024) with ESMTP for <paypal@email.paypal.com>; Tue, 28 Jul 2009 11:52:54 -0700 (PDT)
Jul 28 11:52:54 zimbra amavis[22078]: (22078-11) Checking: AxvA2XccC7ML [99.147.40.125] <> -> <paypal@email.paypal.com>
Jul 28 11:52:54 zimbra postfix/smtpd[16763]: connect from localhost.localdomain[127.0.0.1]
Jul 28 11:52:54 zimbra postfix/smtpd[16763]: F0B702D60002: client=localhost.localdomain[127.0.0.1]
Jul 28 11:52:54 zimbra postfix/cleanup[22077]: F0B702D60002: message-id=<240426796.7881248807174835.JavaMail.root@zimbr a.mprinc.com>
Jul 28 11:52:54 zimbra postfix/qmgr[16105]: F0B702D60002: from=<>, size=1350, nrcpt=1 (queue active)
Jul 28 11:52:54 zimbra postfix/smtpd[16763]: disconnect from localhost.localdomain[127.0.0.1]
Jul 28 11:52:54 zimbra amavis[22078]: (22078-11) FWD via SMTP: <> -> <paypal@email.paypal.com>,BODY=7BIT 250 2.6.0 Ok, id=22078-11, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as F0B702D60002
Jul 28 11:52:54 zimbra amavis[22078]: (22078-11) Passed CLEAN, [99.147.40.125] [99.147.40.125] <> -> <paypal@email.paypal.com>, Message-ID: <240426796.7881248807174835.JavaMail.root@zimbra.m princ.com>, mail_id: AxvA2XccC7ML, Hits: -4.293, size: 884, queue_as: F0B702D60002, 151 ms
Jul 28 11:52:54 zimbra postfix/smtp[25555]: CCD192D60001: to=<paypal@email.paypal.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.16, delays=0.01/0/0/0.15, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as F0B702D60002)
Jul 28 11:52:54 zimbra postfix/qmgr[16105]: CCD192D60001: removed
Jul 28 11:52:57 zimbra postfix/smtpd[26838]: disconnect from unknown[206.165.243.114]
Jul 28 11:54:40 zimbra postfix/smtp[28364]: F0B702D60002: to=<paypal@email.paypal.com>, relay=mx.postdirect.com[206.165.245.160]:25, delay=106, delays=0.01/0/0.48/105, dsn=5.0.0, status=bounced (host mx.postdirect.com[206.165.245.160] said: 550 Spam detec
ed (in reply to end of DATA command))
Jul 28 11:54:40 zimbra postfix/qmgr[16105]: F0B702D60002: removed
| So ultimately the message is bounced by the remote MTA but I can't find it anywhere. |
07-29-2009, 08:41 PM
| | Outstanding Member | |
Posts: 594
| |
> status=bounced (host mx.postdirect.com[206.165.245.160] said: 550 Spam detec
Says spam detected. Check in your Junk folder |
07-30-2009, 12:50 AM
| | |
Postdirect.com is the remote host. Why did Zimbra send something to it? |
07-30-2009, 01:31 AM
| | |
Does the recipient have a OoO enabled on their account ?
__________________  |
07-30-2009, 09:57 AM
| | |
That's it. Thanks!
What threw me off was that the original email is legit--it's in the middle of a series of PayPal hosts with consecutive name/numbering, and most of them do resolve forward and backward in DNS.
I just had a look at the email and it is indeed from Paypal--an advertising newsletter. Two problems: (1) It doesn't have a Precedence header, which I believe would have prevented the autoreply from going out. (2) They marked the autoreply as spam.
I'll send them a heads-up about this. | | Thread Tools | Search this Thread | | | | | Display Modes |  Linear Mode | | Why Join? Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.   |
Bugzilla
Wiki
Source
