GMail says 451 4.5.0 SMTP protocol violation, see RFC 2821. What the hell does that mean?
Written by Karl L. Gechlik | AskTheAdmin.com on July 17, 2008 – 12:00 am -
My mailserver pretty much told me to go fluck myself this morning when I was trying to send out some email. It looked like emails to any gMail account was returning the following error message:
Delivery failed 5 attempts: MyEmail@gmail.com
Body of message generated response:
451 4.5.0 SMTP protocol violation, see RFC 2821 23si6651713hsd.10
I went and checked out RFC 2821 like a good admin and checked each of the points. I had a abuse account, a postmaster account… But I was not an open relay to begin with. WTF?
This happened shortly after an upgrade from iMail 2006 to iMail 10.01 (2008). I checked my settings and then rechecked my settings. I had enough and called into IPSwitch Support. Strangely I got one of the lead developers on the phone who worked with me. After a few hours of him poking around my production mail server he kinda shrugged his shoulders and gave me a
Not so reassuring…
Not at all. I started sending test messages to other accounts on the web and I was not seeing any issues. Again I said
WTF? Why is Google hating on me?
Then I noticed it. There was a footer at the bottom of my email that was in my AskTheAdmin.com account, and I had eliminated that footer almost 3 years ago. I asked the tech support dude about it and he said it would live in a file called trailer.txt in the iMail root folder. I deleted it and WHAMO!
Gmail was listening to me again.
A very grueling few hours with loads of people making up excuses on how they need to email people on gMail for work… YEAH RIGHT! Did you think I wasn’t working on it?
Don’t you have some TPS reports that need to be filed on those new cover sheets?
Tags: General
Posted in General |
By JoeG on Jul 17, 2008 | Reply
Man I feel your pain. I really feel that it is high time to design and implement Email 2.0, since email was not designed for any kind of security from the start, and what has since been added on security wise is vague at best (check out RFC 2554: http://www.faqs.org/rfcs/rfc2554.html). “>http://www.faqs.org/rfcs/rfc2554.html). As someone that deals with spam on a daily basis I can tell you that the situation is completely out of control (more than 78% of the email that hits my servers daily is rejected as spam). I spend probably 10% of my day dealing with email issues related to spam and all the various filtering that I have to run to keep it out of our network (while that doesn't sound like a lot it equates to about 300+ hours per year). Here are my suggestions for Email 2.0: - Forget blacklisting, we need to be using whitelisting. Obviously blacklisting is not working well (I use multiple blacklist providers and STILL get spam to users occasionally). - All email servers should have the ability to require token based authentication. I would happily tell my users that they will not be able to send any email without this little token. DON'T LOSE IT. This would END spam. - A system that functions like DNS (totally distributed and cared for by trusted parties) needs to be put in place so that email servers are vetted prior to email being accepted by any incoming mail server (something like the current SMTP handshake, but involving a third party - this new DNS like system) so that spoofing is not possible. - Make mass spamming a crime punishable by death (I'll happily pull the trigger >:-) I'm sure I am missing some things, but someone needs to look at this stuff. Sorry for the rant, I have spent the past week cleaning spyware and adware off of multiple computers because some people can't resist clicking every damn thing they get in their webmail (I have filtering in place for anything that could be malicious in our corporate email), and this kind of struck a nerve with me.
By JoeG on Jul 17, 2008 | Reply
Man I feel your pain. I really feel that it is high time to design and implement Email 2.0, since email was not designed for any kind of security from the start, and what has since been added on security wise is vague at best (check out RFC 2554: http://www.faqs.org/rfcs/rfc2554.html). “>http://www.faqs.org/rfcs/rfc2554.html). As someone that deals with spam on a daily basis I can tell you that the situation is completely out of control (more than 78% of the email that hits my servers daily is rejected as spam). I spend probably 10% of my day dealing with email issues related to spam and all the various filtering that I have to run to keep it out of our network (while that doesn't sound like a lot it equates to about 300+ hours per year). Here are my suggestions for Email 2.0: - Forget blacklisting, we need to be using whitelisting. Obviously blacklisting is not working well (I use multiple blacklist providers and STILL get spam to users occasionally). - All email servers should have the ability to require token based authentication. I would happily tell my users that they will not be able to send any email without this little token. DON'T LOSE IT. This would END spam. - A system that functions like DNS (totally distributed and cared for by trusted parties) needs to be put in place so that email servers are vetted prior to email being accepted by any incoming mail server (something like the current SMTP handshake, but involving a third party - this new DNS like system) so that spoofing is not possible. - Make mass spamming a crime punishable by death (I'll happily pull the trigger >:-) I'm sure I am missing some things, but someone needs to look at this stuff. Sorry for the rant, I have spent the past week cleaning spyware and adware off of multiple computers because some people can't resist clicking every damn thing they get in their webmail (I have filtering in place for anything that could be malicious in our corporate email), and this kind of struck a nerve with me.
By AskTheAdmin on Jul 17, 2008 | Reply
Amen brother! Email 2.0 Where you at?
We get almost a million spam messages a day that are rejected at our Barracuda. But some of those messages get through regardless. What are you using to filter your spam Joe?
And if this wasn't bad enough today my 100mbit line went down and my backup line was giving me all of 80kbps.
Another 2 hours of my life I wont get back! I had to reroute all of our traffic over our other line handling email/vpn. When I was done guess what
the 100mbit line was back up…
Time to undo what i did…
—
By JoeG on Jul 18, 2008 | Reply
I use a blended solution (Linux based): Email is routed at our gateway to a linux server where it is received and processed by Postfix, which then passes it to Postgrey, and then in to the AmavisD process, where it is filtered for Virii (checked by ClamAV with an F-Prot backup if ClamAV fails), then passed through Spamassassin, Vipul's Razor, and Pyzor before finally being passed to Exchange for SPAM filtering there. Once it has passed all these tests it is either delivered to the user as good, or to me as possible spam depending on it's spam score. To be honest it works quite well, but is kinda labor intensive (lots of updating to be done, and I have to check an average of 45 possible spam email per day). I've been thinking about moving to an appliance, but I can't decide between the Barracuda and the IronPort solutions (I hear good things about both). Then again a good friend of mine uses Postini and says it works awesomely. If I ever get the time this is a big research project I want to work on. Too bad i can convince the vendors to send me eval units.
By AskTheAdmin on Jul 18, 2008 | Reply
Barracuda sends out units strictly with a p.o. and a 30 day money back guarantee. That was why I tried them out 5 years ago and haven't looked back since. We have since upgraded to their newest box. It sees almost 1 million spam messages a day. I have since got rid of quarantine and all that nonsense. Either a message is marked as spam or not. Our major issue was with peoples personal addresses like hotmail or gmail getting flagged as spam. But with a combination of white listing and black lists have me down to about 50 emails spread out over 500 users as spam. The users fwd those messages to spam at mydomain name .com and they are marked as spam. My whole setup was working a lot better 3 months ago and that 50 messages was more like 10. But as time goes on you need to modify your rules and roll with the punches