Hello,
I’m not able to send any email from any test tool or email program, because it always fails on this error (seen in log and real names are replaced by fictious names):
processing error (5.5.2 <localservername>: Helo command rejected: need fully-qualified hostname)
I’m not able to find, where I can change the to my internet server name (real domain). I thought I set it everywhere, I don’t even can’t see the local name, I always see the domain name in administration, but it remains somewhere, where I can’ t see it and can’t change it. In the administration I can see “Logged in as admin on ”. Can anyone guide me, where to find this settings?
Best regards,
Pavel
Hello Pavel,
Could you please let us know your setup from: WebAadmin > Security & Filtering > Aditional Antispam Methods > DNS Check
HTH,
Ioan
PS: Why are you not just connecting to the WebMail interface, log in with the credentials for an existing account and send a test message from there?
Usually, accepting messages via an unauthenticated session is not a good ideea if some elements are not checked (one of them is to have a Fully Qualified Domain Name received into the EHLO command) - usually spammers are identifying themselves as DESKTOP-0193 or similar so it is a very simple method to filter spam just by enabling: Reject message if the originating IP does not match the HELO/EHLO declaration
Hi Indreas
the Webmail doesn’t work as well. And I need sometimes use SMTP to send an email from other programs. I never said I don’t authorize, I always authorize, but the SMTP thinks, the server has some name, but the name is only the Windows local name of the Windows server and not my domain, which the server is dedicated for.
The settings you asked, both are switched off
BR,
Pavel
When trying to send from Webmail to gmail it says this (RPA-VRAJ is my Windows server local name) and the email didn’t come:
2024-01-25 18:07:35 +0100 08 RPA-VRAJ SMTP-OUT:0000000D: Relay mail 3C4DC7: connecting to 2a00:1450:4025:402::1a:25
2024-01-25 18:07:35 +0100 08 RPA-VRAJ SMTP-OUT:0000000D: Relay mail 3C4DC7: connected to 2a00:1450:4025:402::1a:25
2024-01-25 18:07:35 +0100 08 RPA-VRAJ SMTP-OUT:0000000D: Start sending mail 3C4DC7
2024-01-25 18:07:35 +0100 08 RPA-VRAJ SMTP-OUT:0000000D: Release mail 3C4DC7
2024-01-25 18:07:36 +0100 08 RPA-VRAJ SMTP-OUT:0000000D: BDAT chunk rejected with message: 5.7.1 [2a02:25b0:aaaa:aaaa:4c46:773c:19af:0] Gmail has detected that this 5.7.1 message does not meet IPv6 sending guidelines regarding PTR records 5.7.1 and authentication. For more information, go to 5.7.1 https://support.google.com/mail/?p=IPv6AuthError v5-20020a509545000000b0055c2e91b96esi4665089eda.363 - gsmtp
2024-01-25 18:07:36 +0100 08 RPA-VRAJ SMTP-OUT:0000000D: Set recipient <pavra77@gmail.com> state to RELAY ERROR
2024-01-25 18:07:36 +0100 08 RPA-VRAJ SMTP-OUT:0000000D: Delivery attempt completed for mail 3C4DC7; schedule for cleanup
2024-01-25 18:07:36 +0100 08 RPA-VRAJ SMTP-OUT:0000000D: Set mail state to SENT
2024-01-25 18:07:36 +0100 08 RPA-VRAJ SMTP-OUT:0000000D: Disconnected from 2a00:1450:4025:402::1a
Hello Pavel,
In this case please set log level to Protocol Communication for SMTP Receiving, SMTP Sending, DNR and PROCESSING and share the log lines generated when you replicate the issue so we may try to understand what it is the reason for this abnormal situation.
BR,
Ioan
And this is the KB you may use in case you like to change the way your server is presenting to external email servers:
HTH,
Ioan
Hi,
I set the rule according the KB. Here is the log, when I try to send an email to gmail:
2024-01-26 11:55:45 +0100 08 RPA-VRAJ SMTP-OUT:00000004: Relay mail 2E2093: connecting to 2a00:1450:4025:402::1a:25
2024-01-26 11:55:45 +0100 08 RPA-VRAJ SMTP-OUT:00000004: Relay mail 2E2093: connected to 2a00:1450:4025:402::1a:25
2024-01-26 11:55:45 +0100 08 RPA-VRAJ SMTP-OUT:00000004: Start sending mail 2E2093
2024-01-26 11:55:45 +0100 08 RPA-VRAJ SMTP-OUT:00000004: Release mail 2E2093
2024-01-26 11:55:45 +0100 08 RPA-VRAJ SMTP-OUT:00000004: Release mail 2E2093
2024-01-26 11:55:46 +0100 08 RPA-VRAJ SMTP-OUT:00000004: BDAT chunk rejected with message: 5.7.1 [2a02:25b0:aaaa:aaaa:4c46:773c:19af:0] Gmail has detected that this 5.7.1 message does not meet IPv6 sending guidelines regarding PTR records 5.7.1 and authentication. For more information, go to 5.7.1 https://support.google.com/mail/?p=IPv6AuthError dn15-20020a05640222ef00b0055cecf7eb1asi517456edb.203 - gsmtp
2024-01-26 11:55:46 +0100 08 RPA-VRAJ SMTP-OUT:00000004: Set recipient <pavra77@gmail.com> state to RELAY ERROR
2024-01-26 11:55:46 +0100 08 RPA-VRAJ SMTP-OUT:00000004: Delivery attempt completed for mail 2E2093; schedule for cleanup
2024-01-26 11:55:46 +0100 08 RPA-VRAJ SMTP-OUT:00000004: Set mail state to SENT
2024-01-26 11:55:46 +0100 08 RPA-VRAJ SMTP-OUT:00000004: Disconnected from 2a00:1450:4025:402::1a
BR, Pavel
Hello Pavel,
It seems that you have not enabled the log level to Protocol Communication for SMTP Sending service thus we don’t see all relevant information into the shared log.
We could only see that Gmail is rejecting the message referring to this resource:
and checking the 5.7.1 code we see the following:
Message does not meet IPv6 sending guidelines regarding PTR records and authentication.
Now, because it seems you have connecting to Gmail via the IPv6 address 2a02:25b0:aaaa:aaaa:4c46:773c:19af:0 which does not have a PTR DNS record
$ host 2a02:25b0:aaaa:aaaa:4c46:773c:19af:0
Host 0.0.0.0.f.a.9.1.c.3.7.7.6.4.c.4.a.a.a.a.a.a.a.a.0.b.5.2.2.0.a.2.ip6.arpa not found: 3(NXDOMAIN)
my suggestion is to fix this and retry later on.
Also you may have to add that IPv6 address to your domain SPF record (if you don’t have one you should definitely put on your to-do list).
In case you like to see if using IPv4 the messages are still rejected (nevertheless please double check if your public IPv4 address has a PTR record corresponding to the EHLO string you choose to present with) the simplest way to check is to disable IPv6 for SMTP Outgoing service by configuring:
enableIPv6 = no
in axigen.cfg and restart the Axigen service.
HTH,
Ioan
Hi,
I have either TXT and A records on my domain. Here is the log with max details switched on.
2024-01-26 15:13:59 +0100 08 RPA-VRAJ SMTP-OUT:00000003: Relay mail 1F919B: connecting to 142.250.102.26:25
2024-01-26 15:13:59 +0100 08 RPA-VRAJ SMTP-OUT:00000003: Relay mail 1F919B: connected to 142.250.102.26:25
2024-01-26 15:13:59 +0100 08 RPA-VRAJ SMTP-OUT:00000003: Start sending mail 1F919B
2024-01-26 15:14:00 +0100 08 RPA-VRAJ SMTP-OUT:00000003: Release mail 1F919B
2024-01-26 15:14:00 +0100 08 RPA-VRAJ SMTP-OUT:00000003: Release mail 1F919B
2024-01-26 15:14:00 +0100 08 RPA-VRAJ SMTP-OUT:00000003: BDAT chunk rejected with message: 5.7.25 [176.102.65.95] The IP address sending this message does not have a 5.7.25 PTR record setup, or the corresponding forward DNS entry does not 5.7.25 point to the sending IP. As a policy, Gmail does not accept messages 5.7.25 from IPs with missing PTR records. For more information, go to 5.7.25 https://support.google.com/mail/answer/81126#ip-practices oq27-20020a170906cc9b00b00a30fe086fc1si592320ejb.1029 - gsmtp
2024-01-26 15:14:00 +0100 08 RPA-VRAJ SMTP-OUT:00000003: Set recipient <pavra77@gmail.com> state to RELAY ERROR
2024-01-26 15:14:00 +0100 08 RPA-VRAJ SMTP-OUT:00000003: Delivery attempt completed for mail 1F919B; schedule for cleanup
2024-01-26 15:14:00 +0100 08 RPA-VRAJ SMTP-OUT:00000003: Set mail state to SENT
2024-01-26 15:14:00 +0100 08 RPA-VRAJ SMTP-OUT:00000003: Disconnected from 142.250.102.26
I tried to find something about PTR, but wasn’t able to find any relevant information. When using this tool to validate PTR, is says OK https://mxtoolbox.com/SuperTool.aspx.
Anything?
BR, Pavel
What’s curious is sending email to other emails than gmail succeeded now.
no, it is not - please go to WebAdmin > Servicees > SMTP Sending > Logging > set the slider to Protocol Communication + Save Config
make a new test and see if the logs contains more log lines. is still same lines you have made some decisions about the maximum log level to be saved so you should review them and get full logs for that service.
The issue here is that Axigen on Windows uses the server’s NetBIOS name as the sending server name, no matter what is configured elsewhere!
I resolved this by changing my server’s NetBIOS name to be the server name of the FQDN I wanted to use (e.g. “mailserver”), then manually set the server’s domain to be the rest of the FQDN I wanted to use (e.g. “domain.com”). This then resulted in mails coming from “mailserver” which RDNS looked up to be “mailserver.domain.com”
I pointed this out as a bug to Axigen 2 years ago, but see it still hasn’t been fixed (at the time I was told it wasn’t an issue) - that’s not brilliant support or customer service.
OF COURSE: Some users may not have the freedom to randomly change the NetBIOS and DOMAIN names of their Windows servers, making this workaround impossible to use for some!
Hello Stuart,
Do you have any reference for your report (like forum post, support ticket, etc)?
It is the first time I’ve heard that the usual KB we recommend to use for changing the EHLO string when sending messages is not working on Windows.
BR,
Ioan
I will try to find the emails. I certainly raised this when I first evaluated Axigen.
Trouble with hosting on Windows and Activesync incompatibilities are the reasons I have not yet been able to fully migrate to Axigen.