Email Delivery Failure Messages

[Project 18]

From the Mail Delivery Reports, we notice that we average a handful of failures that reference the following message "SMTP error from remote mail server after RCPT TO:: 550-Verification failed for \n550-The mail server could not deliver mail to [email protected]". (For the interest in privacy, I have removed the actual name and domain name, but in all cases that address is the same.)

This email address uses the domain of the website hosted on this server. We do not have that subdomain set up and therefore obviously not that email address. What is confusing, is this error only occurs on some email transactions. Most are successful. Do we have to simply set up this subdomain and email address, or can this be remedied some other way? Any help would be appreciated.

 

[Jcats]

Hello,

This usually occurs when an email is sent from a PHP script that doesn't use SMTP authentication, the return path is set to the mentioned email, if there is some kind of bounce back or automated reply, it will go to that returnpath which doesn't exist and will just sit in your mail queue until its unfrozen and removed. If you see lots of these, it could be an indication of a malicious script sending out spam. You can trace them in SSH using:

# head -1 /var/log/exim_mainlog | awk '{print $1}' ; awk '$3 ~ /^cwd/{print $3}' /var/log/exim_mainlog | sort | uniq -c | sed "s|^ *||g" | sort -nr | head --lines 15 | egrep -v ' cwd=(/$|/etc/csf|/var/spool/exim)' ; tail -1 /var/log/exim_mainlog | awk '{print From $1}'

Either way, its always best to configure the script to send out using SMTP authentication, it usually results in better delivery in terms of ending up in spam, etc.

 

[cPanelMichael]

Hello

Yes, as mentioned, this is likely the result of returned email from PHP scripts using the PHP mail function. Some users disable the PHP mail function and require their users to send from PHP scripts with SMTP authentication to avoid this issue.

Thank you.