The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

550 Sender verify failed

Discussion in 'E-mail Discussions' started by selfuntitled, Nov 9, 2011.

  1. selfuntitled

    selfuntitled Registered

    Joined:
    Nov 9, 2011
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I spent two days trying to track down why exim was consistently bouncing incoming messages from reputable services like gmail.com and providing them with 550 sender verify failed while allowing other domains to deliver just fine. Figured I would share my experience here as almost all the other threads on this topic relate to outbound, not inbound messages.

    I reviewed server configurations, check to be sure none of the specific IP's of the email servers were on spamhouse or spamcop. I had sender verification turned on, and turning it off solved the problem.

    Nothing else I change in exim configuration impacted the problem other than this. I check and, of course, gmail.com does have the correct ptr set and it does resolve rdns correctly.

    I wasn't willing to run a server without sender verify.

    I found this thread: http://forums.cpanel.net/f5/help-550-sender-verify-failed-66802.html But the versions were wrong and attribs on config files were just fine.

    From that thread though I tested: dig gmail.com mx And saw one entry mail.gmail.com which routed to 127.0.0.1

    So - pretty clearly a DNS problem

    I tried traceroute gmail.com and it responded:
    1 localhost (127.0.0.1) 0.042 ms 0.019 ms 0.017 ms

    Finally I tried nslookup gmail.com 8.8.8.8 (googledns) And I got the correct set of gmail IP's

    Turned out my resolvers were either poisoned or misconfigured and routing all gmail traffic to loopback.

    When sender verify tried to test rDNS for gmail messages, it was seeing the correct gmail IP's as the email source but getting loopback when it did it's own DNS lookup - the IP's didn't match so it blocked the message.

    Solution - change resolvers to 8.8.8.8 and 8.8.4.4, which are the IP's for Google's DNS Service - it actually improved server performance a little. Hope this is helpful or saves some time for someone else.
     
    #1 selfuntitled, Nov 9, 2011
    Last edited: Nov 9, 2011
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    The resolvers file is at /etc/resolv.conf location or WHM > Networking Setup > Resolver Configuration location for those who do not know how to edit or where to edit the file.

    Of note, if you have localhost setup as your resolver, this will never work properly. Additionally, you would never want to use your own server IP(s) as the resolver. A resolver should be an off server caching nameserver service such as google's or Level 3's

    Here are a list of public resolvers and speeds for each:

    http://www.circleid.com/posts/20110407_top_public_dns_resolvers_compared/
     
  3. SrvAdmin

    SrvAdmin Registered

    Joined:
    Nov 9, 2011
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Just make sure the domain gmail.com isn't installed on the server. It could be if you provide shared hosting and some clever guy decided to install gmail.com as addon or parked. Additionally please check config of bind.

    Actually you need to follwing: Log into WHM and click on "List Subdomains" then CTLT+F and specify "gmail.com" to run search in your browser. If there is nothing then click on "List Parked" and run the search again.
     
    #3 SrvAdmin, Nov 9, 2011
    Last edited: Nov 10, 2011
Loading...

Share This Page