SMTP: 554 5.7.1 You are not allowed to connect

  • Hallo,


    seit ein paar Tagen bekomme ich vermehrt beim Emailversand folgende Fehlermeldung '554 5.7.1 You are not allowed to connect'.
    Es ist nicht bei allen, aber bei eine paar Ziel-Emailadressen der Falle.


    Return-Path und FROM habe ich gepüft - beide enthalten dieselbe Emailadresse.



    Eine Prüfung des MX-Server unter https://mxtoolbox.com ist in alle Punkten ok:


    SMTP Reverse DNS Mismatch OK
    SMTP Valid Hostname OK - Reverse DNS is a valid Hostname
    SMTP Banner Check OK - Reverse DNS matches SMTP Banner
    SMTP TLS OK - Supports TLS.
    SMTP Connection Time 1.422 seconds - Good on Connection time
    SMTP Open Relay OK - Not an open relay.
    SMTP Transaction Time 4.360 seconds - Good on Transaction Time


    Was kann hier noch das Problem sein? Bzw was kann ich noch prüfen?


    Vielen Dank
    Gruß
    funnymob


    System:
    - Debian 7.11
    - IMSCP 1.3.16
    - X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06)
    - X-Virus-Scanned: clamav-milter 0.99.2

    Edited once, last by funnymob ().

  • We need the log from /var/log/mail.og

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • @funnymob

    Anyway, for me, the helo=<[192.168.178.24]> look not correct. What is the MUA that you use for sending mail from p5DD18FF0.dip0.t-ipconnect.de?

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • Hello Nuxwin,


    thanks for your feedback.
    The topic your are talking about is another topic -> 554 5.7.1 <p5DD18FF0.dip0.t-ipconnect.de[93.209.143.240]>: Client host rejected:
    This is not a problem for me.


    I'm talking about:
    ... refused to talk to me: 554 5.7.1 You are not allowed to connect.....



    Do you have any idea what's the problem here?


    Thanks
    Regards
    Martin

  • I cannot really answer without further details.


    Thanks.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • Hi Nuxwin,


    my fqdn: mail.obsertronik.de
    IP is 85.25.108.175


    Now I have seen that the most of the emails which are blocked by '554 5.7.1 You are not allowed to connect.....' are auto-replay mails.
    In the header of these emails I have see that the FROM and Return-Path is not the same. See attached txt file.


    Did I have done a misconfiguration or is this a general problem for auto-replay emails?


    Thanks
    Regards
    Martin

  • Hi Nuxwin,


    and here a log extraction of a email which was not a auto-replay mail.
    See 'Mar 5 07:02:03 srv01 postfix/qmgr[25658]: DF6322F80E68:' and following entries

    Code
    1. Mar 5 07:01:26 srv01 dovecot: imap([email protected]): Disconnected for inactivity in=98 out=1050
    2. Mar 5 07:02:03 srv01 postfix/qmgr[25658]: DF6322F80E68: from=<[email protected]>, size=20554, nrcpt=13 (queue active)
    3. Mar 5 07:02:03 srv01 postfix/smtp[22437]: DF6322F80E68: host defnsv1599.mtu-friedrichshafen.com[46.235.193.40] refused to talk to me: 554 5.7.1 You are not allowed to connect.
    4. Mar 5 07:02:03 srv01 dovecot: imap-login: Login: user=<[email protected]>, method=PLAIN, rip=92.217.33.215, lip=85.25.108.175, mpid=22513, session=<vdKLhPVJXQBc2SHX>
    5. Mar 5 07:02:03 srv01 postfix/smtp[22511]: DF6322F80E68: host defnsv1599.mtu-friedrichshafen.com[46.235.193.40] refused to talk to me: 554 5.7.1 You are not allowed to connect.
    6. Mar 5 07:02:03 srv01 postfix/smtp[22437]: DF6322F80E68: to=<[email protected]>, relay=defnsv1598.mtu-friedrichshafen.com[46.235.193.39]:25, delay=166763, delays=166763/0/0.08/0, dsn=4.7.1, status=deferred (host defnsv1598.mtu-friedrichshafen.com[46.235.193.39] refused to talk to me: 554 5.7.1 You are not allowed to connect.)
    7. Mar 5 07:02:04 srv01 postfix/smtp[22511]: DF6322F80E68: to=<[email protected]>, relay=defnsv1598.mtu-friedrichshafen.com[46.235.193.39]:25, delay=166763, delays=166763/0.04/0.09/0, dsn=4.7.1, status=deferred (host defnsv1598.mtu-friedrichshafen.com[46.235.193.39] refused to talk to me: 554 5.7.1 You are not allowed to connect.)
    8. Mar 5 07:02:43 srv01 dovecot: imap-login: Maximum number of connections from user+IP exceeded (mail_max_userip_connections=10): user=<[email protected]>, method=PLAIN, rip=92.217.33.215, lip=85.25.108.175, session=<8YTvhvVJGgBc2SHX>
    9. Mar 5 07:02:43 srv01 dovecot: imap-login: Maximum number of connections from user+IP exceeded (mail_max_userip_connections=10): user=<[email protected]>, method=PLAIN, rip=92.217.33.215, lip=85.25.108.175, session=<kNvyhvVJWgBc2SHX>
    10. Mar 5 07:02:43 srv01 dovecot: imap-login: Maximum number of connections from user+IP exceeded (mail_max_userip_connections=10): user=<[email protected]>, method=PLAIN, rip=92.217.33.215, lip=85.25.108.175, session=<EE72hvVJTgBc2SHX>
  • Now I have seen that the most of the emails which are blocked by '554 5.7.1 You are not allowed to connect.....' are auto-replay mails.

    What are auto-replay mails for you?


    Edit: You're talking about auto-reply message (responder). ok. I'll have a look later in the night.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206