Skip to content

bug report: Mail forwarding bounced by gmail #3642

Closed as not planned
Closed as not planned
bug report: Mail forwarding bounced by gmail#3642
Labels
kind/bug/reportA report about a bugmeta/closed due to age or inactivityThis issue / PR has been closed due to inactivitymeta/needs triageThis issue / PR needs checks and verification from maintainersmeta/staleThis issue / PR has become stale and will be closed if there is no further activity
@tzerber

Description

@tzerber
tzerber
opened on Nov 18, 2023

📝 Preliminary Checks

  • I tried searching for an existing issue and followed the debugging docs advice, but still need assistance.

👀 What Happened?

Hi all,
I'm using one single instance of docker mailserver to handle several domains. One of the domains is a pure forwarder, i.e. user@domain is forwarded to user@gmail and so on. All worked fine for more than a year, but last month I started getting emails bouncing from the forwarder. The sender gets the following:
host gmail-smtp-in.l.google.com[142.250.27.27] said: 550-5.7.26 This mail has been blocked because the sender is unauthenticated. 550-5.7.26 Gmail requires all senders to authenticate with either SPF or DKIM. 550-5.7.26 550-5.7.26 Authentication results: 550-5.7.26 DKIM = did not pass 550-5.7.26 SPF [sender-domain.com] with ip: [my-mail-server-ip] = did not pass 550-5.7.26 550-5.7.26 To mitigate this issue, please visit Gmail's authentication guide 550-5.7.26 for instructions on setting up authentication: 550 5.7.26

For some unknown reason, when forwarding the mail my mailserver is trying to present itself as the sender's domain. The sender's domain is properly set up (dkim,spf etc) and my server is also properly set up (dmarc dkim spf etc). Email traffic there is roughly 20 emails per day for the whole domain, most of them from postmaster's cron.

👟 Reproduction Steps

set up a forwarder with
./setup.sh alias add [email protected] [email protected]
then send an email to [email protected] from something different than gmail, in my case using latest thunderbird and a paid email hosting company

you will get the output (pasted below) and a email informing you that the email bounced (like the text above). I have snipped private domain names and IPs for obvious reasons.

🐋 DMS Version

v12.1.0

💻 Operating System and Architecture

Ubuntu 20.04.6 LTS

⚙️ Container configuration files

mailserver:
    image: docker.io/mailserver/docker-mailserver:latest
    hostname: mail
    domainname: my-domain.com
    container_name: mailserver
    ports:
      - "25:25"
      - "143:143"
      - "587:587"
      - "993:993"
    logging:
      driver: "json-file"
      options:
        max-size: "10m"
    volumes:
      - maildata:/var/mail
      - mailstate:/var/mail-state
      - maillogs:/var/log/mail
      - proxy_certs:/etc/letsencrypt/live
      - ./config/:/tmp/docker-mailserver/
      - ./cron/sa-learn:/etc/cron.d/sa-learn

📜 Relevant log output

mailserver                | Nov 18 10:59:17 mail postfix/postscreen[177010]: CONNECT from [23.83.216.34]:23397 to [172.20.0.3]:25
mailserver                | Nov 18 10:59:23 mail postfix/postscreen[177010]: PASS NEW [23.83.216.34]:23397
mailserver                | Nov 18 10:59:23 mail postfix/smtpd[177011]: connect from cheetah.pear.relay.mailchannels.net[23.83.216.34]
mailserver                | Nov 18 10:59:24 mail postfix/smtpd[177011]: Anonymous TLS connection established from cheetah.pear.relay.mailchannels.net[23.83.216.34]: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
mailserver                | Nov 18 10:59:25 mail policyd-spf[177228]: prepend Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=23.83.216.34; helo=cheetah.pear.relay.mailchannels.net; envelope-from=sender@sender-domain; receiver=<UNKNOWN>
mailserver                | Nov 18 10:59:25 mail dovecot: auth: passwd-file(test@my-domain): unknown user
mailserver                | Nov 18 10:59:25 mail dovecot: auth: passwd-file(test@my-domain): unknown user
mailserver                | Nov 18 10:59:25 mail dovecot: auth: passwd-file(test@my-domain): unknown user
mailserver                | Nov 18 10:59:25 mail dovecot: auth: passwd-file(test@my-domain): unknown user
mailserver                | Nov 18 10:59:25 mail dovecot: auth: passwd-file(test@my-domain): unknown user
mailserver                | Nov 18 10:59:25 mail dovecot: auth: passwd-file(test@my-domain): unknown user
mailserver                | Nov 18 10:59:25 mail postfix/smtpd[177011]: B0E6F5828BC: client=cheetah.pear.relay.mailchannels.net[23.83.216.34]
mailserver                | Nov 18 10:59:26 mail postfix/cleanup[177233]: B0E6F5828BC: message-id=<20c59ac9-9afc-46bc-afc9-1b4c7763e612@sender-domain>
mailserver                | Nov 18 10:59:26 mail opendkim[1138]: B0E6F5828BC: cheetah.pear.relay.mailchannels.net [23.83.216.34] not internal
mailserver                | Nov 18 10:59:26 mail opendkim[1138]: B0E6F5828BC: not authenticated
mailserver                | Nov 18 10:59:26 mail opendkim[1138]: B0E6F5828BC: DKIM verification successful
mailserver                | Nov 18 10:59:26 mail opendkim[1138]: B0E6F5828BC: s=default d=sender-domain a=rsa-sha256 SSL
mailserver                | Nov 18 10:59:26 mail opendmarc[1114]: B0E6F5828BC: ignoring invalid ARC-Authentication-Results header "i=1;#012#011rspamd-55bcb54c45-c8qs5;#012#011auth=pass smtp.auth=thundermail smtp.mailfrom=sender@sender-domain"
mailserver                | Nov 18 10:59:26 mail opendmarc[1114]: B0E6F5828BC ignoring Authentication-Results at 20 from cloud104.unlimitedwebhosting.co.uk
mailserver                | Nov 18 10:59:26 mail opendmarc[1114]: B0E6F5828BC: sender-domain none
mailserver                | Nov 18 10:59:26 mail opendkim[1138]: B0E6F5828BC: cheetah.pear.relay.mailchannels.net [23.83.216.34] not internal
mailserver                | Nov 18 10:59:26 mail opendkim[1138]: B0E6F5828BC: not authenticated
mailserver                | Nov 18 10:59:26 mail opendkim[1138]: B0E6F5828BC: DKIM verification successful
mailserver                | Nov 18 10:59:26 mail opendkim[1138]: B0E6F5828BC: s=default d=sender-domain a=rsa-sha256 SSL
mailserver                | Nov 18 10:59:26 mail opendmarc[1114]: B0E6F5828BC: ignoring invalid ARC-Authentication-Results header "i=1;#012#011rspamd-55bcb54c45-c8qs5;#012#011auth=pass smtp.auth=thundermail smtp.mailfrom=sender@sender-domain"
mailserver                | Nov 18 10:59:26 mail opendmarc[1114]: B0E6F5828BC ignoring Authentication-Results at 19 from cloud104.unlimitedwebhosting.co.uk
mailserver                | Nov 18 10:59:26 mail opendmarc[1114]: B0E6F5828BC: sender-domain none
mailserver                | Nov 18 10:59:26 mail opendkim[1138]: B0E6F5828BC: cheetah.pear.relay.mailchannels.net [23.83.216.34] not internal
mailserver                | Nov 18 10:59:26 mail opendkim[1138]: B0E6F5828BC: not authenticated
mailserver                | Nov 18 10:59:26 mail opendkim[1138]: B0E6F5828BC: DKIM verification successful
mailserver                | Nov 18 10:59:26 mail opendkim[1138]: B0E6F5828BC: s=default d=sender-domain a=rsa-sha256 SSL
mailserver                | Nov 18 10:59:26 mail opendmarc[1114]: B0E6F5828BC: ignoring invalid ARC-Authentication-Results header "i=1;#012#011rspamd-55bcb54c45-c8qs5;#012#011auth=pass smtp.auth=thundermail smtp.mailfrom=sender@sender-domain"
mailserver                | Nov 18 10:59:26 mail opendmarc[1114]: B0E6F5828BC ignoring Authentication-Results at 19 from cloud104.unlimitedwebhosting.co.uk
mailserver                | Nov 18 10:59:26 mail opendmarc[1114]: B0E6F5828BC: sender-domain none
mailserver                | Nov 18 10:59:26 mail opendkim[1138]: B0E6F5828BC: cheetah.pear.relay.mailchannels.net [23.83.216.34] not internal
mailserver                | Nov 18 10:59:26 mail opendkim[1138]: B0E6F5828BC: not authenticated
mailserver                | Nov 18 10:59:26 mail opendkim[1138]: B0E6F5828BC: DKIM verification successful
mailserver                | Nov 18 10:59:26 mail opendkim[1138]: B0E6F5828BC: s=default d=sender-domain a=rsa-sha256 SSL
mailserver                | Nov 18 10:59:26 mail opendmarc[1114]: B0E6F5828BC: ignoring invalid ARC-Authentication-Results header "i=1;#012#011rspamd-55bcb54c45-c8qs5;#012#011auth=pass smtp.auth=thundermail smtp.mailfrom=sender@sender-domain"
mailserver                | Nov 18 10:59:26 mail opendmarc[1114]: B0E6F5828BC ignoring Authentication-Results at 19 from cloud104.unlimitedwebhosting.co.uk
mailserver                | Nov 18 10:59:27 mail opendmarc[1114]: B0E6F5828BC: sender-domain none
mailserver                | Nov 18 10:59:27 mail opendkim[1138]: B0E6F5828BC: cheetah.pear.relay.mailchannels.net [23.83.216.34] not internal
mailserver                | Nov 18 10:59:27 mail opendkim[1138]: B0E6F5828BC: not authenticated
mailserver                | Nov 18 10:59:27 mail opendkim[1138]: B0E6F5828BC: DKIM verification successful
mailserver                | Nov 18 10:59:27 mail opendkim[1138]: B0E6F5828BC: s=default d=sender-domain a=rsa-sha256 SSL
mailserver                | Nov 18 10:59:27 mail opendmarc[1114]: B0E6F5828BC: ignoring invalid ARC-Authentication-Results header "i=1;#012#011rspamd-55bcb54c45-c8qs5;#012#011auth=pass smtp.auth=thundermail smtp.mailfrom=sender@sender-domain"
mailserver                | Nov 18 10:59:27 mail opendmarc[1114]: B0E6F5828BC ignoring Authentication-Results at 19 from cloud104.unlimitedwebhosting.co.uk
mailserver                | Nov 18 10:59:27 mail opendmarc[1114]: B0E6F5828BC: sender-domain none
mailserver                | Nov 18 10:59:27 mail opendkim[1138]: B0E6F5828BC: cheetah.pear.relay.mailchannels.net [23.83.216.34] not internal
mailserver                | Nov 18 10:59:27 mail opendkim[1138]: B0E6F5828BC: not authenticated
mailserver                | Nov 18 10:59:27 mail opendkim[1138]: B0E6F5828BC: DKIM verification successful
mailserver                | Nov 18 10:59:27 mail opendkim[1138]: B0E6F5828BC: s=default d=sender-domain a=rsa-sha256 SSL
mailserver                | Nov 18 10:59:27 mail opendmarc[1114]: B0E6F5828BC: ignoring invalid ARC-Authentication-Results header "i=1;#012#011rspamd-55bcb54c45-c8qs5;#012#011auth=pass smtp.auth=thundermail smtp.mailfrom=sender@sender-domain"
mailserver                | Nov 18 10:59:27 mail opendmarc[1114]: B0E6F5828BC ignoring Authentication-Results at 19 from cloud104.unlimitedwebhosting.co.uk
mailserver                | Nov 18 10:59:27 mail opendmarc[1114]: B0E6F5828BC: sender-domain none
mailserver                | Nov 18 10:59:27 mail postfix/qmgr[176941]: B0E6F5828BC: from=<sender@sender-domain>, size=5194, nrcpt=1 (queue active)
mailserver                | Nov 18 10:59:27 mail postfix/smtpd[177011]: disconnect from cheetah.pear.relay.mailchannels.net[23.83.216.34] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
mailserver                | Nov 18 10:59:27 mail postfix/smtpd-amavis/smtpd[177249]: connect from localhost[127.0.0.1]
mailserver                | Nov 18 10:59:27 mail postfix/smtpd-amavis/smtpd[177249]: E097F5828BD: client=localhost[127.0.0.1]
mailserver                | Nov 18 10:59:27 mail postfix/cleanup[177233]: E097F5828BD: message-id=<20c59ac9-9afc-46bc-afc9-1b4c7763e612@sender-domain>
mailserver                | Nov 18 10:59:27 mail postfix/qmgr[176941]: E097F5828BD: from=<sender@sender-domain>, size=5726, nrcpt=1 (queue active)
mailserver                | Nov 18 10:59:27 mail amavis[176963]: (176963-01) Passed CLEAN {RelayedOpenRelay}, [23.83.216.34]:23397 [senders-mailserver-ip] <sender@sender-domain> -> <[email protected]>, Queue-ID: B0E6F5828BC, Message-ID: <20c59ac9-9afc-46bc-afc9-1b4c7763e612@sender-domain>, mail_id: WOMGCnpLlNdK, Hits: -7.11, size: 5494, queued_as: E097F5828BD, 712 ms
mailserver                | Nov 18 10:59:27 mail postfix/smtp-amavis/smtp[177245]: B0E6F5828BC: to=<[email protected]>, orig_to=<test@my-domain>, relay=127.0.0.1[127.0.0.1]:10024, delay=2.9, delays=2.2/0.01/0.01/0.71, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as E097F5828BD)
mailserver                | Nov 18 10:59:27 mail postfix/qmgr[176941]: B0E6F5828BC: removed
mailserver                | Nov 18 10:59:28 mail postfix/smtp[177250]: Trusted TLS connection established to gmail-smtp-in.l.google.com[142.250.27.27]:25: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256
mailserver                | Nov 18 10:59:29 mail postfix/smtp[177250]: E097F5828BD: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[142.250.27.27]:25, delay=1.6, delays=0/0.01/0.94/0.64, dsn=5.7.1, status=bounced (host gmail-smtp-in.l.google.com[142.250.27.27] said: 550-5.7.1 [my-mailserver-ip      12] Gmail has detected that this message is 550-5.7.1 likely unsolicited mail. To reduce the amount of spam sent to Gmail, 550-5.7.1 this message has been blocked. Please visit 550-5.7.1  https://support.google.com/mail/?p=UnsolicitedMessageError for more 550 5.7.1 information. ay7-20020a056402202700b00546decb7a5esi2365103edb.233 - gsmtp (in reply to end of DATA command))
mailserver                | Nov 18 10:59:29 mail postfix/cleanup[177233]: 7EB625828BC: message-id=<[email protected]>
mailserver                | Nov 18 10:59:29 mail postfix/bounce[177254]: E097F5828BD: sender non-delivery notification: 7EB625828BC
mailserver                | Nov 18 10:59:29 mail postfix/qmgr[176941]: 7EB625828BC: from=<>, size=8421, nrcpt=1 (queue active)
mailserver                | Nov 18 10:59:29 mail postfix/qmgr[176941]: E097F5828BD: removed
mailserver                | Nov 18 10:59:30 mail postfix/smtp[177250]: Trusted TLS connection established to mail.sender-domain[senders-mailserver-ip]:25: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
mailserver                | Nov 18 10:59:33 mail postfix/smtp[177250]: 7EB625828BC: to=<sender@sender-domain>, relay=mail.sender-domain[senders-mailserver-ip]:25, delay=4.1, delays=0/0/0.73/3.4, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 14986C0D5A5)
mailserver                | Nov 18 10:59:33 mail postfix/qmgr[176941]: 7EB625828BC: removed
mailserver                | Nov 18 11:00:04 mail postfix/postscreen[177010]: CONNECT from [194.33.191.162]:63559 to [172.20.0.3]:25
mailserver                | Nov 18 11:00:04 mail postfix/postscreen[177010]: PASS OLD [194.33.191.162]:63559
mailserver                | Nov 18 11:00:04 mail postfix/smtpd[177011]: connect from unknown[194.33.191.162]
mailserver                | Nov 18 11:00:04 mail postfix/smtpd[177011]: Anonymous TLS connection established from unknown[194.33.191.162]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
mailserver                | Nov 18 11:00:05 mail postfix/smtpd[177011]: lost connection after AUTH from unknown[194.33.191.162]

Improvements to this form?

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/bug/reportA report about a bugmeta/closed due to age or inactivityThis issue / PR has been closed due to inactivitymeta/needs triageThis issue / PR needs checks and verification from maintainersmeta/staleThis issue / PR has become stale and will be closed if there is no further activity

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions