一个英国服务器的退信和调试经历，大家一起研究研究

U-Mail

一个英国服务器的退信和调试经历，大家一起研究研究

收件人换成了XXX
发件人换成了AAA

下面是服务器的SMTP OUT 日志：




Tue 2007-07-24 16:56:48: <-- 550-Callback setup failed while verifying <AAA@AAA.com>
Tue 2007-07-24 16:56:48: <-- 550-Called:   XXX.XXX.XXX.XXX
Tue 2007-07-24 16:56:49: <-- 550-Sent:     MAIL FROM:<>
Tue 2007-07-24 16:56:49: <-- 550-Response: 550 Sorry, this server isconfigured to refuse this sort of mail (to combat the SPAM problem)
Tue 2007-07-24 16:56:49: <-- 550-The initial connection, or a HELO or MAIL FROM:<> command was
Tue 2007-07-24 16:56:49: <-- 550-rejected. Refusing MAIL FROM:<> does not help fight spam, disregards
Tue 2007-07-24 16:56:49: <-- 550-RFC requirements, and stops you from receiving standard bounce
Tue 2007-07-24 16:56:49: <-- 550-messages. This host does not accept mail from domains whose servers
Tue 2007-07-24 16:56:49: <-- 550-refuse bounces.
Tue 2007-07-24 16:56:49: <-- 550 Sender verify failed
Tue 2007-07-24 16:56:49: --> QUIT
这是以第一次发送失败后截取的日志，类似的日志GOOGLE上还能搜到不少



Tue 2007-07-24 17:57:54: <-- 550-Callback setup failed while verifying <AAA@AAA.com>
Tue 2007-07-24 17:57:54: <-- 550-(result of an earlier callout reused).
Tue 2007-07-24 17:57:55: <-- 550-The initial connection, or a HELO or MAIL FROM:<> command was
Tue 2007-07-24 17:57:55: <-- 550-rejected. Refusing MAIL FROM:<> does not help fight spam, disregards
Tue 2007-07-24 17:57:55: <-- 550-RFC requirements, and stops you from receiving standard bounce
Tue 2007-07-24 17:57:55: <-- 550-messages. This host does not accept mail from domains whose servers
Tue 2007-07-24 17:57:55: <-- 550-refuse bounces.
Tue 2007-07-24 17:57:55: <-- 550 Sender verify failed
Tue 2007-07-24 17:57:55: --> QUIT
调整了服务器的状态，第二次发送，日志也有所变化，用GOOGLE搜，看了一些老外的解决方法，再次调整服务器进行尝试


Tue 2007-07-24 19:23:05: <-- 250-ruby.uk-dns.com Hello AAA.com [XXX.XXX.XXX.XXX]
Tue 2007-07-24 19:23:05: <-- 250-SIZE 52428800
Tue 2007-07-24 19:23:05: <-- 250-PIPELINING
Tue 2007-07-24 19:23:05: <-- 250-AUTH PLAIN LOGIN
Tue 2007-07-24 19:23:05: <-- 250 HELP
Tue 2007-07-24 19:23:05: --> MAIL From:<AAA@AAA.com> SIZE=204226
Tue 2007-07-24 19:23:05: <-- 250 OK
Tue 2007-07-24 19:23:05: --> RCPT To:<XXX@XXX.co.uk>
Tue 2007-07-24 19:23:05: <-- 451 Could not complete sender verify callout
Tue 2007-07-24 19:23:05: --> QUIT
Tue 2007-07-24 19:23:06: <-- 221 ruby.uk-dns.com closing connection
再次调整后发送邮件截取的日志，，再搜出错信息，，，找不到了，没人和我一样了


这台服务器本身就是放在欧洲，非常的标准，各种解析齐全，IP非常干净，一个黑名单都没有。此前所有正常任何地方都可以发送过去

XXX@XXX.co.uk这个邮箱用126的邮箱发，暂时没收到退信。


最后的这段“451 Could not complete sender verify callout”搞不明白，有谁遇到过这样的问题？

lwz_08

立整,楼下继续

dennishan

呵呵，对方用了比较高深的邮件系统。
你发送邮件的同时，对方会对发送方的IP反过来作Callout,结果你那台欧洲服务器上肯定没有这用户帐号（应该是做中继的吧）

所以结果就是如此。

U兄可以在你的服务器上建一个AAA@AAA.com账户，然后再发送对方服务器，如果我推测的没错，你开好账户，就可以发送过去了。

对方这种系统我遇到过，非常牛的反垃圾方式，中继服务不能用，即便MX记录匹配，但如果Callback服务器上不能确定有账户，就不允许了。

dennishan

前面两次拒绝，比较普通，就是说邮件服务器必须得接受<>空发件人的邮件，说是RFC规定，必须的允许对方的bounces邮件（NDR吧），这个常见的。国内很多服务器如万网就不允许<>，造成很多客户发不到老外的服务器。

U-Mail

不是中继的方式发邮件！！

AAA@AAA.com  就是那个服务器上的本地用户，MX、SPF等记录都是完全对应的。

dennishan

给个对方地址，俺来试试看-怕不安全，就发短信给我好了。

U-Mail

大家试试这两个，这两个是同样的邮件系统，同样的反垃圾，第二个能发过去，第一个死活不成，我都怀疑是不是尝试的太多，被暂时屏蔽了

carrie@parisian.co.uk
ahmed@trackts.com

dennishan

试了，情况和我前面说的一样，对方做了Call back验证：
先看我发过去的日志：（我用上海网通一台服务器测试的）
SYSTEM          [000013CC] Tue, 24 Jul 2007 22:07:46 +0800 Client session DNS server 127.0.0.1 issuing MX query for "parisian.co.uk"
SYSTEM          [000013CC] Tue, 24 Jul 2007 22:07:47 +0800 Client session DNS server responded with 0 (OK) [1]
SYSTEM          [000013CC] Tue, 24 Jul 2007 22:07:47 +0800 Client session Connecting to "parisian.co.uk"
62.149.35.xx    [000013CC] Tue, 24 Jul 2007 22:07:52 +0800 Client session Connected
62.149.35.xx    [000013CC] Tue, 24 Jul 2007 22:07:54 +0800 Client session <<< 220 and/or bulk e-mail.
62.149.35.xx    [000013CC] Tue, 24 Jul 2007 22:07:54 +0800 Client session >>> EHLO 替代HOST
62.149.35.xx    [000013CC] Tue, 24 Jul 2007 22:07:55 +0800 Client session <<< 250 HELP
62.149.35.xx    [000013CC] Tue, 24 Jul 2007 22:07:55 +0800 Client session >>> STARTTLS
62.149.35.xx    [000013CC] Tue, 24 Jul 2007 22:07:55 +0800 Client session <<< 220 TLS go ahead
62.149.35.xx    [000013CC] Tue, 24 Jul 2007 22:07:56 +0800 Client session >>> EHLO 替代HOST
62.149.35.xx    [000013CC] Tue, 24 Jul 2007 22:07:56 +0800 Client session <<< 250 HELP
62.149.35.xx    [000013CC] Tue, 24 Jul 2007 22:07:56 +0800 Client session >>> MAIL From:<dennis@替代域名> SIZE=1547
62.149.35.xx    [000013CC] Tue, 24 Jul 2007 22:07:56 +0800 Client session <<< 250 OK
62.149.35.xx    [000013CC] Tue, 24 Jul 2007 22:07:56 +0800 Client session >>> RCPT To:<carrie@parisian.co.uk>
62.149.35.xx    [000013CC] Tue, 24 Jul 2007 22:08:01 +0800 Client session <<< 250 Accepted
62.149.35.xx    [000013CC] Tue, 24 Jul 2007 22:08:01 +0800 Client session >>> DATA
62.149.35.xx    [000013CC] Tue, 24 Jul 2007 22:08:01 +0800 Client session <<< 354 Enter message, ending with "." on a line by itself
62.149.35.xx    [000013CC] Tue, 24 Jul 2007 22:08:03 +0800 Client session <<< 250 OK id=1IDL3U-0005yo-FF
62.149.35.xx    [000013CC] Tue, 24 Jul 2007 22:08:03 +0800 Client session *** <dennis@替代域名> <carrie@parisian.co.uk> 1 1547 00:00:02 OK
62.149.35.xx    [000013CC] Tue, 24 Jul 2007 22:08:03 +0800 Client session >>> QUIT
62.149.35.xx    [000013CC] Tue, 24 Jul 2007 22:08:04 +0800 Client session <<< 221 ruby.uk-dns.com closing connection
SYSTEM          [000013CC] Tue, 24 Jul 2007 22:08:04 +0800 Client session Disconnected

dennishan

大家看，22：07：56-〉22：08：01，当中隔了5秒钟，对方服务器在干什么呢？
原来对方服务器在这个时间反过来连接了我的服务器，下面这段是对方服务器连我服务器的记录。
在得到我服务器确认有dennis@这个账户，才允许我前面那个邮件〉〉〉DATA。

这是非常严格的验证：
62.149.35.xx    [000001F8] Tue, 24 Jul 2007 22:07:59 +0800 Connected
62.149.35.xx    [000001F8] Tue, 24 Jul 2007 22:07:59 +0800 >>> 220 替代HOST ESMTP (antispam & antivirus); Tue, 24 Jul 2007 22:07:59 +0800
62.149.35.xx    [000001F8] Tue, 24 Jul 2007 22:07:59 +0800 <<< HELO ruby.uk-dns.com
62.149.35.xx    [000001F8] Tue, 24 Jul 2007 22:07:59 +0800 >>> 250 替代HOST Hello ruby.uk-dns.com [62.149.35.xx], pleased to meet you.
62.149.35.xx    [000001F8] Tue, 24 Jul 2007 22:07:59 +0800 <<< MAIL FROM:<>
62.149.35.xx    [000001F8] Tue, 24 Jul 2007 22:08:00 +0800 >>> 250 2.1.0 <>... Sender ok
62.149.35.xx    [000001F8] Tue, 24 Jul 2007 22:08:00 +0800 <<< RCPT TO:<dennis@替代域名>
62.149.35.xx    [000001F8] Tue, 24 Jul 2007 22:08:00 +0800 >>> 250 2.1.5 dennis@替代域名... Recipient ok
62.149.35.xx    [000001F8] Tue, 24 Jul 2007 22:08:01 +0800 <<< QUIT
62.149.35.xx    [000001F8] Tue, 24 Jul 2007 22:08:01 +0800 >>> 221 2.0.0 替代HOST closing connection
SYSTEM          [000001F8] Tue, 24 Jul 2007 22:08:01 +0800 Disconnected

dennishan

ahmed@trackts.com这个地址测试结果一样，所以我就不贴出来了。
U兄，2个系统完全一样的，我估计对方拒绝你，很可能是因为你的系统暂时屏蔽了对方的IP。
你反过来查查对方连你的IP日志，可能就能找到问题点了。

[ 本帖最后由 dennishan 于 2007-7-24 22:46 编辑 ]