host yy.com [XXX.XXX.XXX.XXX] said: 550-Verification failed for <email@example.com> 550-No such person at this address" 550 Sender verify failed (in reply to RCPT TO command)
Thu, 24 Apr 2014 21:35:07 GMT
Well that’s something you don’t see every day! Definitely worth mentioning and writing done, since I may refer to this story to my IT grandchildren…..
A customer of ours, suppose xx.com sends an email to yy.com
The user firstname.lastname@example.org gets a non-deliverable email from our on-premises Mail server (NDR) containing the following text:
host yy.com [XXX.XXX.XXX.XXX] said:
550-Verification failed for <email@example.com> 550-No such person at this
address" 550 Sender verify failed (in reply to RCPT TO command)
550 Sender verify failed (in reply to RCPT TO command)!!!!
Launched telnet from my pc (different external ip from the xx.com customer) and got through the smtp commands emulating an email submission to the yy.com email server
Set localecho <clrf>
O "mailserver.yy.com" 25 <clrf>
Ehlo local.domain.name <clrf>
Mail from:firstname.lastname@example.org <clrf>
Rcpt to:email@example.com <clrf>
Subject:Your message subject .<clrf>
your message <clrf>
Bingo Message delivered. Ok what’s the problem?
I login to my customer’s server and do the same (of course I changed firstname.lastname@example.org with email@example.com). No luck! Sender Verify failed!!!
I checked SPF records, I checked blacklisting….nothing, everythings clean!
But after a closer look on DNS lookups, we found out that the yy.com recipient has dns/web/email hosting to the ip 18.104.22.168 (resolving it….host.giganetworks.com)
Apparently my client xx.com has only web hosting on the same provider and its www Host A record resolves back to the same IP!!!! No DNS, no email service is provided for the xx.com, at least, that’s what I was aware of (after making the necessary changes in the ISP’s CPANEL)
WOW!!! What is happening is rather simple….
The xx.com mail server begins negotiation with the yy.com mail server. The exchange the ehlos/helos and when the xx.com claims to be the sender of firstname.lastname@example.org the yy.com mail server stops the submission since he THINKS thank the xx.com is spoofing the xx.com.
Apparently the mail fails and no submission takes place.
How we resolved this:
Simply mailed the ISP explained what we found and forced them to be secondary dns on our Primary dns servers for the xx.com domain, threating them that I will remove the domain and hosting same day….
Case closed, but will be remembered.
Copyright © Creative People 2014