Discussion:
Problems with hichina.com mail servers?
Frank S. Bernhardt
2006-07-19 16:07:13 UTC
Permalink
Good day.

This isn't really an EXIM problem but I'm not sure what to do.

I have a customer that can't send e-mails to two of his suppliers in
China in that his e-mails keep bouncing back with a '452 Invalid sender'
messages.
218.30.103.130 failed after I sent the message.
Remote host said: 552 This user's disk quota exceeded, anyway you can send a smail (<1KB) message to inform the person.
The email was way less than 1K.

I tried a telnet to mail.promexsh.com 25 and as soon as I did:

mail from: ***@pintar.ca

I immediately got the 452 error.

This happens as well with the mail.jinmao.com server.

On further investigation I see mail.promexsh.com announces itself as
mxvip2.hichina.com (218.244.159.32) and mail.jinmao.com announces itself
as mxdxt3.hichina.com (218.244.143.23).

From the above I surmise that hichina.com has some serious problems or
am I totally out to lunch (ok, I may be right and still be out to lunch
but you know what I mean).

Any constructive advice would be appreciated.

Cheers.
W B Hacker
2006-07-19 17:28:43 UTC
Permalink
Post by Frank S. Bernhardt
Good day.
This isn't really an EXIM problem but I'm not sure what to do.
I have a customer that can't send e-mails to two of his suppliers in
China in that his e-mails keep bouncing back with a '452 Invalid sender'
messages.
Not spcifically so stated, but shall we presume that these come from your mail
server, and that it is an Exim MTA you are running?

If so - are you supporting what the destination needs if it does a sender verify
callout?

(extended logging should show at least a connection from them shortly after your
message hits the remote_smtp delivery phase).

Call that possibility ONE.
Post by Frank S. Bernhardt
218.30.103.130 failed after I sent the message.
Remote host said: 552 This user's disk quota exceeded, anyway you can
send a smail (<1KB) message to inform the person.
The email was way less than 1K.
Different issue - not related to your problem.
Post by Frank S. Bernhardt
I immediately got the 452 error.
I'll call thei possibility TWO.

pintar.ca resolves to IP 209.250.128.44

but IP 209.250.128.44 resolves to webhost02.pathcom.com

The same telnet from one of my Hong Kong servers, HELO'ing with the hostname in
the rDNS, succeeds to the next step:

========

conducive# telnet mail.promexsh.com 25

Trying 218.30.103.130...

Connected to mail.promexsh.com.
Escape character is '^]'.
220-W E L C O M E T O H I C H I N A S M T P S E R V I C E !
220 mxvip2.hichina.com ESMTP server (quarkmail server - version 1.2.1) ready at
Thu, 20 Jul 2006 01:12:27 +0800

helo conducive.org

250 mxvip2.hichina.com Hello conducive.org

^]
telnet>
quit

221 mxvip2.hichina.com Out
Connection closed by foreign host.

========

Perhaps the distant end has an overly strict HELO match rule in place.

What happens if you try to HELO as webhost02.pathcom.com?
Post by Frank S. Bernhardt
This happens as well with the mail.jinmao.com server.
Likewise - it talks to a server with HELO / rDNS match:

========

conducive# telnet mail.jinmao.com 25

Trying 218.244.143.23...

Connected to mail.jinmao.com.
Escape character is '^]'.
220-W E L C O M E T O H I C H I N A S M T P S E R V I C E !
220 mxdxt3.hichina.com ESMTP server (quarkmail server - version 1.2.1) ready at
Thu, 20 Jul 2006 01:14:57 +0800

helo conducive.org

250 mxdxt3.hichina.com Hello conducive.org
^]
telnet>
quit
221 mxdxt3.hichina.com Out
Connection closed by foreign host.

====
Post by Frank S. Bernhardt
On further investigation I see mail.promexsh.com announces itself as
mxvip2.hichina.com (218.244.159.32) and mail.jinmao.com announces itself
as mxdxt3.hichina.com (218.244.143.23).
smtp banner aside, does your log show the same on actual incoming traffic?
Post by Frank S. Bernhardt
From the above I surmise that hichina.com has some serious problems or
am I totally out to lunch (ok, I may be right and still be out to lunch
but you know what I mean).
Any constructive advice would be appreciated.
Well - they *may* be more strict about HELO/DNS match on arrival than they are
themselves on departure, and/or they use separate servers for incoming and
outgoing - not at all uncommon, and not always doen with the best of DNS
entries. The banner alone is not conclusive.

But if 'job ONE' is to just get your users' mail to be accepted by them, all you
*may* need to do is insure your rDNS and HELO match on your own server.

Easy to try that anyway.

HTH,

Bill
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/
Frank S. Bernhardt
2006-07-19 20:30:25 UTC
Permalink
Bill,
Post by W B Hacker
Post by Frank S. Bernhardt
I have a customer that can't send e-mails to two of his suppliers in
China in that his e-mails keep bouncing back with a '452 Invalid sender'
messages.
Not spcifically so stated, but shall we presume that these come from your mail
server, and that it is an Exim MTA you are running?
If so - are you supporting what the destination needs if it does a sender verify
callout?
(extended logging should show at least a connection from them shortly after your
message hits the remote_smtp delivery phase).
Call that possibility ONE.
Ah, you may have something there. I don't know if the firewall that was
set up by people from Pintar's head office has opened up port 113 for
the ident server. I will check.
Post by W B Hacker
Post by Frank S. Bernhardt
218.30.103.130 failed after I sent the message.
Remote host said: 552 This user's disk quota exceeded, anyway you can
send a smail (<1KB) message to inform the person.
The email was way less than 1K.
Different issue - not related to your problem.
Ok, a red herring.
Post by W B Hacker
Post by Frank S. Bernhardt
I immediately got the 452 error.
I'll call thei possibility TWO.
pintar.ca resolves to IP 209.250.128.44
but IP 209.250.128.44 resolves to webhost02.pathcom.com
The same telnet from one of my Hong Kong servers, HELO'ing with the hostname in
========
conducive# telnet mail.promexsh.com 25
Trying 218.30.103.130...
Connected to mail.promexsh.com.
Escape character is '^]'.
220-W E L C O M E T O H I C H I N A S M T P S E R V I C E !
220 mxvip2.hichina.com ESMTP server (quarkmail server - version 1.2.1) ready at
Thu, 20 Jul 2006 01:12:27 +0800
helo conducive.org
250 mxvip2.hichina.com Hello conducive.org
^]
telnet>
quit
221 mxvip2.hichina.com Out
Connection closed by foreign host.
========
Perhaps the distant end has an overly strict HELO match rule in place.
What happens if you try to HELO as webhost02.pathcom.com?
I tried that from the pintar.pintar.ca server. It accepted the HELO but
when I did the

mail from: ***@pintar.ca

there was a delay and I got a 452.
Post by W B Hacker
Post by Frank S. Bernhardt
This happens as well with the mail.jinmao.com server.
========
conducive# telnet mail.jinmao.com 25
Trying 218.244.143.23...
Connected to mail.jinmao.com.
Escape character is '^]'.
220-W E L C O M E T O H I C H I N A S M T P S E R V I C E !
220 mxdxt3.hichina.com ESMTP server (quarkmail server - version 1.2.1) ready at
Thu, 20 Jul 2006 01:14:57 +0800
helo conducive.org
250 mxdxt3.hichina.com Hello conducive.org
^]
telnet>
quit
221 mxdxt3.hichina.com Out
Connection closed by foreign host.
====
Post by Frank S. Bernhardt
On further investigation I see mail.promexsh.com announces itself as
mxvip2.hichina.com (218.244.159.32) and mail.jinmao.com announces itself
as mxdxt3.hichina.com (218.244.143.23).
smtp banner aside, does your log show the same on actual incoming traffic?
Post by Frank S. Bernhardt
From the above I surmise that hichina.com has some serious problems or
am I totally out to lunch (ok, I may be right and still be out to lunch
but you know what I mean).
Any constructive advice would be appreciated.
Well - they *may* be more strict about HELO/DNS match on arrival than they are
themselves on departure, and/or they use separate servers for incoming and
outgoing - not at all uncommon, and not always doen with the best of DNS
entries. The banner alone is not conclusive.
But if 'job ONE' is to just get your users' mail to be accepted by them, all you
*may* need to do is insure your rDNS and HELO match on your own server.
Easy to try that anyway.
Yes, I agree. I will contact their ISP, pathcom.com and get them to set
it up. I was sure it was set up originally when they signed up with them
as I always insist that the rDNS be set up that way. I know patchcom.com
switched DNS servers a while ago so I bet they forgot the rDNS.

I checked another customer of mine that is with pathcom.com
(standardmechanical.com) and a telnet test to mail.promexsh.com passes
the 'mail from:' message.

What threw me was the quota exceeded message from postmaster and a post
I read on the Neohapsis list about a "452 Too Many" message in response
to too many recipients.


I really appreciate the time and effort you put into your response.

Thank you.
Frank S. Bernhardt
2006-07-26 17:28:00 UTC
Permalink
Bill
Post by W B Hacker
Post by Frank S. Bernhardt
Good day.
This isn't really an EXIM problem but I'm not sure what to do.
I have a customer that can't send e-mails to two of his suppliers in
China in that his e-mails keep bouncing back with a '452 Invalid sender'
messages.
I immediately got the 452 error.
I'll call thei possibility TWO.
pintar.ca resolves to IP 209.250.128.44
but IP 209.250.128.44 resolves to webhost02.pathcom.com
The same telnet from one of my Hong Kong servers, HELO'ing with the hostname in
========
conducive# telnet mail.promexsh.com 25
Trying 218.30.103.130...
Connected to mail.promexsh.com.
Escape character is '^]'.
220-W E L C O M E T O H I C H I N A S M T P S E R V I C E !
220 mxvip2.hichina.com ESMTP server (quarkmail server - version 1.2.1) ready at
Thu, 20 Jul 2006 01:12:27 +0800
helo conducive.org
250 mxvip2.hichina.com Hello conducive.org
^]
telnet>
quit
221 mxvip2.hichina.com Out
Connection closed by foreign host.
========
Perhaps the distant end has an overly strict HELO match rule in place.
What happens if you try to HELO as webhost02.pathcom.com?
Post by Frank S. Bernhardt
This happens as well with the mail.jinmao.com server.
========
conducive# telnet mail.jinmao.com 25
Trying 218.244.143.23...
Connected to mail.jinmao.com.
Escape character is '^]'.
220-W E L C O M E T O H I C H I N A S M T P S E R V I C E !
220 mxdxt3.hichina.com ESMTP server (quarkmail server - version 1.2.1) ready at
Thu, 20 Jul 2006 01:14:57 +0800
helo conducive.org
250 mxdxt3.hichina.com Hello conducive.org
^]
telnet>
quit
221 mxdxt3.hichina.com Out
Connection closed by foreign host.
====
Well - they *may* be more strict about HELO/DNS match on arrival than they are
themselves on departure, and/or they use separate servers for incoming and
outgoing - not at all uncommon, and not always doen with the best of DNS
entries. The banner alone is not conclusive.
But if 'job ONE' is to just get your users' mail to be accepted by them, all you
*may* need to do is insure your rDNS and HELO match on your own server.
Easy to try that anyway.
It did turn out to be a DNS issue that was solved by setting up an MX
record for the sending smtp server 'pintar.pintar.ca' along with a
corresponding reverse DNS record.

I was sure that there was a CNAME record for pintar.pintar.ca but I
think it was lost when they moved to a new loaction (with the subsequent
new IP address). I didn't think they needed an MX record because emails
are only sent from pintar.pintar.ca but email is received via the ISP's
server, which does the virus and spam scanning.

Learn something new every day.

A special thank you to Bill who pointed me in the right direction.

Cheers.

Loading...