email loop on certain domains?

General eFa discussion
Post Reply
cxgl
Posts: 8
Joined: 15 Jun 2016 21:30

email loop on certain domains?

Post by cxgl »

Hi,

My google-fu isn't helping much here, but I seem to be having a problem with email loops on certain domains.

I have a recently-setup efa vm that is hosting the following domains

1) 1111.com mail.1111.com:465
2) 2222.com 2222.com:465
3) 3333.gl 3333.gl:465
4) 4444.cc 4444.cc:465
5) 5555.com 5555.com:465
6) 6666.org 6666.org:465
7) 7777.cc mail.7777.cc:465
8) 8888.com 8888.com:465
9) 9999.com 9999.com:465

Our ISP blocks port 25, so we are using a redirection service. Well, three... read on.

Domain 1111 above is using dnsexit.com, and works fine. dnsexit forwards to us on port 8001, the efa box sanitizes and sends to mail.1111.com, which is out of our network. Everything is great.

dnsexit.com would be a bit pricey to do all of our domains, so we were looking at other mail redirection services. We are trying ghettosmtp.com and dynu.com.

If we set the mx records for domain 3333.gl to ghettosmtp.com, which forwards to us on port 8001, and then we attempt to talk to 3333.gl directly -- just like we do with 1111.com -- we get something like the following:
2016_06_15_18_06_07_MailWatch_Filter_Report_Message_Listing.png
2016_06_15_18_06_07_MailWatch_Filter_Report_Message_Listing.png (67.32 KiB) Viewed 3324 times
Starting from the bottom, each iteration going up seems to add a conversation loop like the following:

----

Code: Select all

Received: from in1.ghettosmtp.com (in1.ghettosmtp.com [104.237.130.186])
     (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
     (No client certificate requested)
     by cxefa01.1111.com (Postfix) with ESMTPS id 4936420BDB
     for <p6b2n3aomoyb6@3333.gl>; Wed, 15 Jun 2016 13:57:12 -0400 (EDT)
Received: from huron.MyActualMailHost.com ([555.666.777.888])
     by in1.ghettosmtp.com with esmtp (Exim 4.84)
     (envelope-from <doseddt5@bk.ru>)
     id 1bDF3v-0007AM-TQ
     for p6b2n3aomoyb6@3333.gl; Wed, 15 Jun 2016 17:57:11 +0000
Received: from [111.222.333.444] (port=42779 helo=cxefa01.1111.com)
     by huron.MyActualMailHost.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
     (Exim 4.87)
     (envelope-from <doseddt5@bk.ru>)
     id 1bDF3r-001jPQ-55
     for p6b2n3aomoyb6@3333.gl; Wed, 15 Jun 2016 13:57:07 -0400
X-ChuckleBucketLtd-MailScanner-EFA-Watermark: 1466618226.22297@KMM6EbgFJ4x2LAMaxdsoTw
X-ChuckleBucketLtd-MailScanner-EFA-From: doseddt5@bk.ru
X-ChuckleBucketLtd-MailScanner-EFA-ID: 5F15620BDB.ABC7D
X-ChuckleBucketLtd-MailScanner-EFA-Information: Please contact admin.cxefa01@1111.com for more information
Received: from in1.ghettosmtp.com (in1.ghettosmtp.com [104.237.130.186])
     (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
     (No client certificate requested)
     by cxefa01.1111.com (Postfix) with ESMTPS id 5F15620BDB
     for <p6b2n3aomoyb6@3333.gl>; Wed, 15 Jun 2016 13:57:02 -0400 (EDT)
Received: from huron.MyActualMailHost.com ([555.666.777.888])
     by in1.ghettosmtp.com with esmtp (Exim 4.84)
     (envelope-from <doseddt5@bk.ru>)
     id 1bDF3m-0007AD-0T
     for p6b2n3aomoyb6@3333.gl; Wed, 15 Jun 2016 17:57:02 +0000
Received: from [111.222.333.444] (port=42777 helo=cxefa01.1111.com)
     by huron.MyActualMailHost.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
     (Exim 4.87)
     (envelope-from <doseddt5@bk.ru>)
     id 1bDF3h-001jMp-4b
     for p6b2n3aomoyb6@3333.gl; Wed, 15 Jun 2016 13:56:57 -0400
Received: from in1.ghettosmtp.com (in1.ghettosmtp.com [104.237.130.186])
     (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
     (No client certificate requested)
     by cxefa01.1111.com (Postfix) with ESMTPS id 31E3120BDB
     for <p6b2n3aomoyb6@3333.gl>; Wed, 15 Jun 2016 13:56:54 -0400 (EDT)
Received: from huron.MyActualMailHost.com ([555.666.777.888])
     by in1.ghettosmtp.com with esmtp (Exim 4.84)
     (envelope-from <doseddt5@bk.ru>)
     id 1bDF3d-00079w-Q4
     for p6b2n3aomoyb6@3333.gl; Wed, 15 Jun 2016 17:56:53 +0000
Received: from [111.222.333.444] (port=42775 helo=cxefa01.1111.com)
     by huron.MyActualMailHost.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
     (Exim 4.87)
     (envelope-from <doseddt5@bk.ru>)
     id 1bDF3Y-001jL8-W5
     for p6b2n3aomoyb6@3333.gl; Wed, 15 Jun 2016 13:56:49 -0400
Received: from in1.ghettosmtp.com (in1.ghettosmtp.com [104.237.130.186])
     (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
     (No client certificate requested)
     by cxefa01.1111.com (Postfix) with ESMTPS id 3A65020BDB
     for <p6b2n3aomoyb6@3333.gl>; Wed, 15 Jun 2016 13:56:44 -0400 (EDT)
Received: from huron.MyActualMailHost.com ([555.666.777.888])
     by in1.ghettosmtp.com with esmtp (Exim 4.84)
     (envelope-from <doseddt5@bk.ru>)
     id 1bDF3T-00079c-Rd
     for p6b2n3aomoyb6@3333.gl; Wed, 15 Jun 2016 17:56:43 +0000
Received: from [111.222.333.444] (port=42773 helo=cxefa01.1111.com)
     by huron.MyActualMailHost.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
     (Exim 4.87)
     (envelope-from <doseddt5@bk.ru>)
     id 1bDF3P-001jJo-03
     for p6b2n3aomoyb6@3333.gl; Wed, 15 Jun 2016 13:56:39 -0400
Received: from in1.ghettosmtp.com (in1.ghettosmtp.com [104.237.130.186])
     (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
     (No client certificate requested)
     by cxefa01.1111.com (Postfix) with ESMTPS id 0BF2B20BDB
     for <p6b2n3aomoyb6@3333.gl>; Wed, 15 Jun 2016 13:56:36 -0400 (EDT)
Received: from huron.MyActualMailHost.com ([555.666.777.888])
     by in1.ghettosmtp.com with esmtp (Exim 4.84)
     (envelope-from <doseddt5@bk.ru>)
     id 1bDF3L-00079N-K9
     for p6b2n3aomoyb6@3333.gl; Wed, 15 Jun 2016 17:56:35 +0000
Received: from [111.222.333.444] (port=42771 helo=cxefa01.1111.com)
     by huron.MyActualMailHost.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
     (Exim 4.87)
     (envelope-from <doseddt5@bk.ru>)
     id 1bDF3G-001jIO-SC
     for p6b2n3aomoyb6@3333.gl; Wed, 15 Jun 2016 13:56:30 -0400
Received: from in1.ghettosmtp.com (in1.ghettosmtp.com [104.237.130.186])
     (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
     (No client certificate requested)
     by cxefa01.1111.com (Postfix) with ESMTPS id 5BD2120BDB
     for <p6b2n3aomoyb6@3333.gl>; Wed, 15 Jun 2016 13:56:26 -0400 (EDT)
Received: from huron.MyActualMailHost.com ([555.666.777.888])
     by in1.ghettosmtp.com with esmtp (Exim 4.84)
     (envelope-from <doseddt5@bk.ru>)
     id 1bDF3B-000799-Vn
     for p6b2n3aomoyb6@3333.gl; Wed, 15 Jun 2016 17:56:25 +0000
Received: from [111.222.333.444] (port=42770 helo=cxefa01.1111.com)
     by huron.MyActualMailHost.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
     (Exim 4.87)
     (envelope-from <doseddt5@bk.ru>)
     id 1bDF36-001jGj-WD
     for p6b2n3aomoyb6@3333.gl; Wed, 15 Jun 2016 13:56:21 -0400
X-Spam-Status: No, No, No, No, No, No
X-ChuckleBucketLtd-MailScanner-EFA-SpamScore: sss
X-ChuckleBucketLtd-MailScanner-EFA: Found to be clean, Found to be clean, Found to be clean, Found to be clean, Found to be clean, Found to be clean
Received: from in1.ghettosmtp.com (in1.ghettosmtp.com [104.237.130.186])
     (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
     (No client certificate requested)
     by cxefa01.1111.com (Postfix) with ESMTPS id 5787B20BDB
     for <p6b2n3aomoyb6@3333.gl>; Wed, 15 Jun 2016 13:56:14 -0400 (EDT)
Received: from 200-54-147-143.static.tie.cl ([200.54.147.143])
     by in1.ghettosmtp.com with esmtp (Exim 4.84)
     (envelope-from <doseddt5@bk.ru>)
     id 1bDF2z-00078y-CQ
     for p6b2n3aomoyb6@3333.gl; Wed, 15 Jun 2016 17:56:13 +0000
To: p6b2n3aomoyb6 <p6b2n3aomoyb6@3333.gl>
Subject: Как не ошибиться при выборе ремонтной бр     игады для новостройки?
From:Елизавета<doseddt5@bk.ru>
Message-Id: <54209538.20160615134738@bk.ru>
MIME-Version: 1.0
Date: Wed, 15 Jun 2016 13:47:38 -0400
Content-Type: text/plain; charset=koi8-r
X-Priority: 3 (Normal)
X-Mailer: uwcMail
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - huron.MyActualMailHost.com
X-AntiAbuse: Original Domain - 3333.gl
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - bk.ru
X-Get-Message-Sender-Via: huron.MyActualMailHost.com: mailgid via get_recent_authed_mail_ips_entry: itsupport@1111.com/cached: in recent_authed_mail_ips_users using first address
X-Authenticated-Sender: huron.MyActualMailHost.com: itsupport@1111.com
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - huron.MyActualMailHost.com
X-AntiAbuse: Original Domain - 3333.gl
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - bk.ru
X-Get-Message-Sender-Via: huron.MyActualMailHost.com: mailgid via get_recent_authed_mail_ips_entry: itsupport@1111.com/cached: in recent_authed_mail_ips_users using first address
X-Authenticated-Sender: huron.MyActualMailHost.com: itsupport@1111.com
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - huron.MyActualMailHost.com
X-AntiAbuse: Original Domain - 3333.gl
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - bk.ru
X-Get-Message-Sender-Via: huron.MyActualMailHost.com: mailgid via get_recent_authed_mail_ips_entry: itsupport@1111.com/cached: in recent_authed_mail_ips_users using first address
X-Authenticated-Sender: huron.MyActualMailHost.com: itsupport@1111.com
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - huron.MyActualMailHost.com
X-AntiAbuse: Original Domain - 3333.gl
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - bk.ru
X-Get-Message-Sender-Via: huron.MyActualMailHost.com: mailgid via get_recent_authed_mail_ips_entry: itsupport@1111.com/cached: in recent_authed_mail_ips_users using first address
X-Authenticated-Sender: huron.MyActualMailHost.com: itsupport@1111.com
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - huron.MyActualMailHost.com
X-AntiAbuse: Original Domain - 3333.gl
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - bk.ru
X-Get-Message-Sender-Via: huron.MyActualMailHost.com: mailgid via get_recent_authed_mail_ips_entry: itsupport@1111.com/cached: in recent_authed_mail_ips_users using first address
X-Authenticated-Sender: huron.MyActualMailHost.com: itsupport@1111.com
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - huron.MyActualMailHost.com
X-AntiAbuse: Original Domain - 3333.gl
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - bk.ru
X-Get-Message-Sender-Via: huron.MyActualMailHost.com: mailgid via get_recent_authed_mail_ips_entry: itsupport@1111.com/cached: in recent_authed_mail_ips_users using first address
X-Authenticated-Sender: huron.MyActualMailHost.com: itsupport@1111.com
----

After about 10 loops, my actual mail host has had enough, and rejects the email.

Further, I tried dynu.com on 8888.com, and the same thing happens.

I don't see why the mail redirection host (in this case, in1.ghettosmtp.com) is talking directly to the end mail host like below:

Code: Select all

Received: from huron.MyActualMailHost.com ([555.666.777.888])
     by in1.ghettosmtp.com with esmtp (Exim 4.84)
What am I missing, oh efa gods?

Thank you.
User avatar
shawniverson
Posts: 3644
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: email loop on certain domains?

Post by shawniverson »

Hi :)

Can you share your MX records with the domains in question?
cxgl
Posts: 8
Joined: 15 Jun 2016 21:30

[SOLVED] Re: email loop on certain domains?

Post by cxgl »

Sorry, Shawn. I didn't see this. I guess I don't have notifications turned on.

I'm going to solve this... The final desired destination for mail, huron.MyActualMailHost.com, is using cpanel. When changing MX records, cpanel looks at whether the highest priority MX is on the local system. If it is, it'll deliver locally. If not (as is this case), it treats it as a remote server and has the system do the MX lookup, etc.

If I change the MX record to go through the smtp redirector, then right after I click 'local delivery' in cpanel, all works as expected.

So... that's all.

Thanks for looking, all.
Post Reply