Results 1 to 7 of 7

Thread: * 550 Verification Failed, Unroutable Address - 550 Sender Verify Failed *

  1. #1
    initialtechnologies is offline New Member
    Join Date
    Jan 2013
    Location
    www.initialtechnologies.com
    Posts
    4
    Rep Power
    2

    Exclamation * 550 Verification Failed, Unroutable Address - 550 Sender Verify Failed *

    Hi, my company is Initial Technologies Ltd, we are a provider of IT systems and telecommunications attempting to implement Zimbra - first for ourselves, then if it proves successful, for our large customer base of businesses.
    During the installation process i have gained a reasonable grasp of Linux, however it is most likely the correct DNS settings that have eluded me. Internal emails, calendaring and tasks work excellently and we find it very promising as a replacement for Exchange for our customers - the problem comes when sending mail to SOME external domains - hotmail works fine for example but our other email domain (initialtechnologies.co.uk - squirellmail hosted by amenworld.com) spits the emails back with this error:
    This is the mail system at host mail.initialtechnologies.com.

    I'm sorry to have to inform you that your message could not
    be delivered to one or more recipients. It's attached below.

    For further assistance, please send mail to postmaster.

    If you do so, please include this problem report. You can
    delete your own text from the attached returned message.

    The mail system

    : host
    mx1.initialtechnologies.co.uk[81.88.48.106] said: 550-Verification failed
    for 550-Unrouteable address 550 Sender
    verify failed (in reply to RCPT TO command)

    : host mx3.hotmail.com[65.55.37.120] said: 550
    Requested action not taken: mailbox unavailable (in reply to RCPT TO
    command)
    Here are the outputs of our configs:
    cat /etc/resolv.conf
    # Generated by NetworkManager
    search initialtechnologies.com
    nameserver 127.0.0.1
    cat /etc/hosts
    127.0.0.1 localhost.localdomain localhost
    192.168.0.62 mail.initialtechnologies.com mail

    # The following lines are desirable for IPv6 capable hosts
    ::1 localhost ip6-localhost ip6-loopback
    fe00::0 ip6-localnet
    ff00::0 ip6-mcastprefix
    ff02::1 ip6-allnodes
    ff02::2 ip6-allrouters
    cat /etc/bind/named.conf.options
    options {
    directory "/var/cache/bind";

    // If there is a firewall between you and nameservers you want
    // to talk to, you may need to fix the firewall to allow multiple
    // ports to talk. See Vulnerability Note VU#800113 - Multiple DNS implementations vulnerable to cache poisoning

    // If your ISP provided one or more IP addresses for stable
    // nameservers, you probably want to use them as forwarders.
    // Uncomment the following block, and insert the addresses replacing
    // the all-0's placeholder.

    forwarders {
    62.193.206.145;
    62.193.201.10;
    };

    auth-nxdomain no; # conform to RFC1035
    listen-on-v6 { any; };
    };

    zone "mail.initialtechnologies.com"{
    type master;
    file "db.mail.initialtechnologies.com";
    };
    cat /var/cache/bind/db.mail.initialtechnologies.com
    ;
    ; Addresses and other host information.
    ;
    @ IN SOA mail.initialtechnologies.com. hostmaster.mail.initialtechnologies.com. (
    10118 ; Serial
    43200 ; Refresh
    3600 ; Retry
    3600000 ; Expire
    2592000 ) ; Minimum
    ; Define the nameservers and the mail servers
    IN NS 192.168.0.62
    initialtechnologies.com. IN MX 10 mail.initialtechnologies.com.
    mail.initialtechnologies.com. IN A 192.168.0.62
    I can confirm that our ISP setup ReverseDNS when asked, and the A record i setup (i hope) points mail.initialtechnologies.com to 80.229.17.180 (our wan ip). Here are the records they hold:

    . MX 80.229.17.180. 86400 5
    . MX mail.initialtechnologies.com. 86400 10
    . NS ns1.amenworld.com. 86400 0
    . NS ns2.amenworld.com. 86400 0
    authsmtp A 80.229.17.180 86400 0
    ftp A 81.88.57.71 86400 0
    imap A 80.229.17.180 86400 0
    mail A 80.229.17.180 86400 0
    mx1 A 80.229.17.180 86400 0
    pop3 A 80.229.17.180 86400 0
    smtp A 80.229.17.180 86400 0
    webmail A 80.229.17.180 86400 0
    www A 81.88.57.71 86400 0

    cat /var/log/zimbra.log (when attempting to send email)
    Jan 28 12:32:46 mail postfix/qmgr[3900]: 237A81A80702: from=, size=2249, nrcpt=1 (queue active)
    Jan 28 12:32:46 mail amavis[3555]: (03555-01) FWD from -> ,BODY=7BIT 250 2.0.0 from $
    Jan 28 12:32:46 mail amavis[3555]: (03555-01) Passed CLEAN {RelayedOutbound}, MYNETS LOCAL [127.0.0.1]:46984 [127.0.0.1] Jan 28 12:32:46 mail postfix/smtp[31409]: BF1B01A806FF: to=, relay=127.0.0.1[127.0.0.1]:10024, delay=0.47, delays=0.$
    Jan 28 12:32:46 mail postfix/qmgr[3900]: BF1B01A806FF: removed
    Jan 28 12:32:46 mail amavis[3555]: (03555-01) extra modules loaded: /opt/zimbra/zimbramon/lib/x86_64-linux-gnu-thread-multi/auto/Net/SSLeay/autospli$
    Jan 28 12:32:46 mail postfix/smtp[31412]: 237A81A80702: to=, relay=none, delay=0.14, delays=0.09/0.02/0.04/0, dsn=5.$
    Jan 28 12:32:46 mail postfix/cleanup[31403]: 5AD941A806FE: message-id=<20130128123246.5AD941A806FE@mail.initialtechnologi es.com>
    Jan 28 12:32:46 mail postfix/bounce[31413]: 237A81A80702: sender non-delivery notification: 5AD941A806FE
    Jan 28 12:32:46 mail postfix/qmgr[3900]: 5AD941A806FE: from=<>, size=4464, nrcpt=1 (queue active)
    Jan 28 12:32:46 mail postfix/qmgr[3900]: 237A81A80702: removed
    Jan 28 12:32:46 mail postfix/lmtp[31414]: 5AD941A806FE: to=, relay=mail.initialtechnologies.com[80.229.17.180]:7025, $
    Jan 28 12:32:46 mail postfix/qmgr[3900]: 5AD941A806FE: removed
    Any help would be greatly appreciated, please notify if any more information is required from us.

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    You've missed out the details of your internal DNS records and if that really is your MX record contents that you've posted (and I see it is from a dig command) above then it's incorrect - it should be the FQDN of yoru mail server. Go to the Split DNS wiki article (or read the many threads on this topic) and see the correct format for an MX record and the steps to confirm the validity of your configuration.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    initialtechnologies is offline New Member
    Join Date
    Jan 2013
    Location
    www.initialtechnologies.com
    Posts
    4
    Rep Power
    2

    Default

    Thanks for the speedy reply Bill, apologies for my ignorance but when you say "details of your internal DNS records", which files would you like to see?
    in db.mail.initialtechnologies.com i have matched the format exactly to the SplitDNS - Zimbra wiki page, replacing the example.com with our name in all instances.

    - here are the outputs of:

    dig mail.initialtechnologies.com all:
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24112
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;mail.initialtechnologies.com. IN A

    ;; ANSWER SECTION:
    mail.initialtechnologies.com. 79885 IN A 80.229.17.180

    ;; AUTHORITY SECTION:
    initialtechnologies.com. 166285 IN NS ns2.amenworld.com.
    initialtechnologies.com. 166285 IN NS ns1.amenworld.com.

    ;; Query time: 0 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Mon Jan 28 13:19:46 2013
    ;; MSG SIZE rcvd: 108

    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12319
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;all. IN A

    ;; AUTHORITY SECTION:
    . 10800 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2013012800 1800 900 604800 86400

    ;; Query time: 109 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Mon Jan 28 13:19:46 2013
    ;; MSG SIZE rcvd: 96
    and dig mail.initialtechnologies mx
    ; <<>> DiG 9.7.0-P1 <<>> mail.initialtechnologies.com mx
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26626
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;mail.initialtechnologies.com. IN MX

    ;; AUTHORITY SECTION:
    initialtechnologies.com. 4238 IN SOA ns1.amenworld.com. root.amen.fr. 2013012302 21600 3600 604800 300

    ;; Query time: 0 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Mon Jan 28 13:20:33 2013
    ;; MSG SIZE rcvd: 108
    From what i can see there are two MX records held by amenworld - one pointing at our FQDN (mail.initialtechnologies.com) and one pointing at our WAN IP (80.229.17.180) - would removal of that IP mx record make the other work? Again sorry for my ignorance, the DNS settings are currently a gap in my knowledge.

  4. #4
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    Quote Originally Posted by initialtechnologies View Post
    Thanks for the speedy reply Bill, apologies for my ignorance but when you say "details of your internal DNS records", which files would you like to see?
    I wanted to see the output of the commands from the 'Verify....' section of the article.

    Quote Originally Posted by initialtechnologies View Post
    dig mail.initialtechnologies.com all
    This is incorrect, the correct command should be (for your domain):

    Code:
    dig initialtechnologies.com mx
    Not the FQDN of your server as you've used in the previous exapmle.

    Quote Originally Posted by initialtechnologies View Post
    From what i can see there are two MX records held by amenworld - one pointing at our FQDN (mail.initialtechnologies.com) and one pointing at our WAN IP (80.229.17.180) - would removal of that IP mx record make the other work?
    You can't use an IP address in an MX record so yes, removing the record that has the priority of 5 should improve matters.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #5
    initialtechnologies is offline New Member
    Join Date
    Jan 2013
    Location
    www.initialtechnologies.com
    Posts
    4
    Rep Power
    2

    Default

    Hi Bill, thanks for your patience with this one - i have amended the MX record and now receiving the correct dig replies that WikiSplitDNS suggests. Unfortunately the error remains, even after a full Zimbra reinstall. Here is a re print of all current outputs:

    dig initialtechnologies.com mx
    ; <<>> DiG 9.7.0-P1 <<>> initialtechnologies.com mx
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20127
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

    ;; QUESTION SECTION:
    ;initialtechnologies.com. IN MX

    ;; ANSWER SECTION:
    initialtechnologies.com. 6122 IN MX 10 mail.initialtechnologies.com.

    ;; ADDITIONAL SECTION:
    mail.initialtechnologies.com. 85322 IN A 80.229.17.180

    ;; Query time: 37 msec
    ;; SERVER: 192.168.0.1#53(192.168.0.1)
    ;; WHEN: Wed Jan 30 14:28:28 2013
    ;; MSG SIZE rcvd: 78
    dig initialtechnologies.com any
    ; <<>> DiG 9.7.0-P1 <<>> initialtechnologies.com any
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33526
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 3

    ;; QUESTION SECTION:
    ;initialtechnologies.com. IN ANY

    ;; ANSWER SECTION:
    initialtechnologies.com. 6004 IN MX 10 mail.initialtechnologies.com.
    initialtechnologies.com. 9614 IN SOA ns1.amenworld.com. root.amen.fr. 2013012907 21600 3600 604800 300
    initialtechnologies.com. 85204 IN NS ns1.amenworld.com.
    initialtechnologies.com. 85204 IN NS ns2.amenworld.com.

    ;; ADDITIONAL SECTION:
    ns2.amenworld.com. 85503 IN A 62.193.201.10
    mail.initialtechnologies.com. 85204 IN A 80.229.17.180
    ns1.amenworld.com. 85503 IN A 62.193.206.145

    ;; Query time: 61 msec
    ;; SERVER: 192.168.0.1#53(192.168.0.1)
    ;; WHEN: Wed Jan 30 14:30:16 2013
    ;; MSG SIZE rcvd: 204
    host 'initialtechnologies.com'
    initialtechnologies.com has address 81.88.57.71
    initialtechnologies.com mail is handled by 10 mail.initialtechnologies.com.
    host 'mail.initialtechnologies.com'
    mail.initialtechnologies.com has address 80.229.17.180
    cat /etc/resolv.conf
    # Generated by NetworkManager
    nameserver 192.168.0.1
    cat /etc/hosts
    127.0.0.1 localhost.localdomain localhost
    192.168.0.62 mail.initialtechnologies.com mail

    # The following lines are desirable for IPv6 capable hosts
    ::1 localhost ip6-localhost ip6-loopback
    fe00::0 ip6-localnet
    ff00::0 ip6-mcastprefix
    ff02::1 ip6-allnodes
    ff02::2 ip6-allrouters
    cat /etc/bind/named.conf.options
    options {
    directory "/var/cache/bind";

    // If there is a firewall between you and nameservers you want
    // to talk to, you may need to fix the firewall to allow multiple
    // ports to talk. See Vulnerability Note VU#800113 - Multiple DNS implementations vulnerable to cache poisoning

    // If your ISP provided one or more IP addresses for stable
    // nameservers, you probably want to use them as forwarders.
    // Uncomment the following block, and insert the addresses replacing
    // the all-0's placeholder.

    forwarders {
    192.168.0.62;
    };

    auth-nxdomain no; # conform to RFC1035
    listen-on-v6 { any; };
    };
    zone "initialtechnologies.com"{
    type master;
    file "db.initialtechnologies.com";
    };
    cat /var/cache/bind/db,initialtechnologies.com
    ;
    ; Addresses and other host information.
    ;
    @ IN SOA mail.initialtechnologies.com. hostmaster.mail.initialte$
    10118 ; Serial
    43200 ; Refresh
    3600 ; Retry
    3600000 ; Expire
    2592000 ) ; Minimum
    ; Define the nameservers and the mail servers
    IN NS 192.168.0.62
    initialtechnologies.com. IN MX 10 mail.initialtechnologies.co$
    mail.initialtechnologies.com. IN A 192.168.0.62
    The mailserver is at 192.168.0.62
    The router is at 192.168.0.1 (Draytek, all ports listed on ZimbraWiki:Ports are forwarded)

    Please advise, and feel free to request anymore information.
    Cheers, James.

  6. #6
    initialtechnologies is offline New Member
    Join Date
    Jan 2013
    Location
    www.initialtechnologies.com
    Posts
    4
    Rep Power
    2

    Default Still not working

    An update: after much time wasted attempting to understand the DNS setup, a GUI called Webmin laid out the configuration process in a more user friendly way. It turns out that emails work perfectly from and to 'user@mail.initialtechnologies.com' but not 'user@initialtechnologies.com' - This is still a problem as i do not want 'mail.' on the front of my domain - especially when i roll this system out to our customers who have pre-existing exchange systems. I have attempted to create an alias domain, which sends out fine but will not recieve from external - again 'Unrouteable Address' error. I have also attempted to create a persona for the user, to have the same (recieving from external) not work. PLEASE HELP... we have spent too long attempting to get this to work - we have customers waiting for this.

  7. #7
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    Quote Originally Posted by initialtechnologies View Post
    An update: after much time wasted attempting to understand the DNS setup, a GUI called Webmin laid out the configuration process in a more user friendly way. It turns out that emails work perfectly from and to 'user@mail.initialtechnologies.com' but not 'user@initialtechnologies.com' - This is still a problem as i do not want 'mail.' on the front of my domain - especially when i roll this system out to our customers who have pre-existing exchange systems. I have attempted to create an alias domain, which sends out fine but will not recieve from external - again 'Unrouteable Address' error. I have also attempted to create a persona for the user, to have the same (recieving from external) not work.
    According to the information you posted above, your domain name is misspelt in the BIND configuration. As for the domain name itself, you were asked during the install if you wished to change the domain name, you should have said "yes" at that point and put in the correct domain name otherwise it will default to the FQDN of the server. Use zmprov to rename the domain (check the wiki or "zmprov help commands" for details).


    Quote Originally Posted by initialtechnologies View Post
    PLEASE HELP... we have spent too long attempting to get this to work - we have customers waiting for this.
    That's not my concern and answers here are on a 'best effort' basis, this is a forum where people post when they have the time - we all have other things to do in life apart from these forums. BTW, all of these questions have been answered many times in the forums and wiki.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

Thread Information

Users Browsing this Thread

There are currently 2 users browsing this thread. (0 members and 2 guests)

Similar Threads

  1. SendMessage request failed: Human Verification required
    By harrie_1974 in forum General Questions
    Replies: 2
    Last Post: 05-13-2011, 01:24 AM
  2. SendMessage request failed: Human Verification required
    By harrie_1974 in forum Error Reports
    Replies: 0
    Last Post: 07-12-2010, 07:46 AM
  3. Replies: 0
    Last Post: 03-17-2010, 07:18 PM
  4. Replies: 0
    Last Post: 03-17-2010, 07:18 PM
  5. zimbra mail's verification failed
    By kmuralidharan in forum Administrators
    Replies: 2
    Last Post: 09-15-2007, 07:20 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •