Bounce Email Event Occurred.
From Email: no-reply#somedomain
Email Subject: Some subject
Bounced Recipients:
Emailaddress: example#somedomain
Action: failed
Status: 5.7.1
Diagnosticcode: smtp;550 5.7.1 TRANSPORT.RULES.RejectMessage; the message was rejected by organization policy
Any one can help on this issue.
Related
I am running a processone/ejabberd container that i am trying to get to request a certificate via ACME to a smallstep ca container. The request fails with this error:
#{<<"kid">> =>
<<"https://ca.mydomain.local:8000/acme/acme/account/svUkT7QwXD4pBqyrVdys94VMeVCeeo0D">>,
<<"nonce">> =>
<<"..">>,
<<"url">> =>
<<"https://ca.mydomain.local:8000/acme/acme/certificate/Jks2zJjdJwqDzE7VSsLM0TOaAzzYUB2P">>}}
2022-11-07 08:30:28.355858+00:00 [debug] HTTP request: {post,{"https://ca.mydomain.local:8000/acme/acme/certificate/Jks2zJjdJwqDzE7VSsLM0TOaAzzYUB2P",
[],"application/jose+json",
<<"{\"signature\":\"....\",\"protected\":\"......\",\"payload\":\"\"}">>}}
2022-11-07 08:30:28.608072+00:00 [debug] HTTP response: {{"HTTP/1.1",200,"OK"},
[{"cache-control","no-store"},
{"date","Mon, 07 Nov 2022 08:30:28 GMT"},
{"content-length","2108"},
{"content-type",
"application/pem-certificate-chain; charset=utf-8"},
{"link",
"<https://ca.mydomain.local:8000/acme/acme/directory>;rel=\"index\""},
{"replay-nonce",
".."}],
<<"-----BEGIN CERTIFICATE-----........\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----........\n-----END CERTIFICATE-----\n">>}
2022-11-07 08:30:28.609162+00:00 [error] Failed to request certificate for jabber-gw.mydomain.me: HTTP error: unexpected content type: application/pem-certificate-chain; charset=utf-8
2022-11-07 08:30:28.609456+00:00 [debug] Unregistering ACME challenge #Ref<0.1802325958.1657798659.124306>
2022-11-07 08:35:26.914567+00:00 [debug] Error when retrieving http headers gen_tcp: timeout
Any ideas on why its not happy with the content type and how to resolve?
Prior to the error message, the logs show what looks like a successful ACME challenge:
[<<".well-known">>,<<"acme-challenge">>,
<<"3rNIelLxSuDU0tWZgb3yEw5sL6d6Z61J">>] matches [<<".well-known">>,
<<"acme-challenge">>]
2022-11-04 04:28:12.436337+00:00 [debug] Received ACME challenge request for token: blah
2022-11-04 04:28:12.546710+00:00 [debug] HTTP response: {{"HTTP/1.1",200,"OK"},
The smallstep container was built with this great blog.
Zookeeper is unable to provision the pods on Open Shift :
The client id / secret has been configured in the secrets.
It is able to pick up the client id correctly
The client id secret is valid not expired.
Seeing this issue :
Failed to provision volume with StorageClass "managed-premium": Retriable: false, RetryAfter: 0s, HTTPStatusCode: 401, RawError: Retriable: false, RetryAfter: 0s, HTTPStatusCode: 401, RawError: azure.BearerAuthorizer#WithAuthorization: Failed to refresh the Token for request to https://management.azure.com/subscriptions/<XXXXX>/resourceGroups/<XXXXX>/providers/Microsoft.Compute/disks/<XXXXX>?api-version=2019-11-01: StatusCode=401 -- Original Error: adal: Refresh request failed. Status Code = '401'. Response body: {"error":"invalid_client","error_description":"AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app '<YYYYYYY>'.\r\nTrace ID: <BLAHHHHHH>\r\nCorrelation ID: <BLAHHHHHHHH>\r\nTimestamp: 2022-11-02 16:46:19Z","error_codes":[7000215],"timestamp":"2022-11-02 16:46:19Z","trace_id":"<BLAHHHHHH>","correlation_id":"<BLAHHHHHH>","error_uri":"https://login.microsoftonline.com/error?code=7000215"} Endpoint https://login.microsoftonline.com/<BLAHHHHHH>/oauth2/token
Verified credentials are valid and not expired
{"message":"Request failed with status code 401","name":"Error","stack":"Error: Request failed with status code 401\n at createError (/home/user/Projects/HealthBlock/node_modules/axios/lib/core/createError.js:16:15)\n at settle (/home/user/Projects/HealthBlock/node_modules/axios/lib/core/settle.js:17:12)\n at IncomingMessage.handleStreamEnd (/home/user/Projects/HealthBlock/node_modules/axios/lib/adapters/http.js:260:11)\n at IncomingMessage.emit (events.js:203:15)\n at endReadableNT (_stream_readable.js:1145:12)\n at process._tickCallback (internal/process/next_tick.js:63:19)","config":{"url":"https://www.googleapis.com/fitness/v1/users/me/dataset:aggregate","method":"post","data":"{"aggregateBy":[{"dataTypeName":"com.google.step_count.delta","dataSourceId":"derived:com.google.step_count.delta:com.google.android.gms:estimated_steps"}],"bucketByTime":{"durationMillis":86400000},"startTimeMillis":1585785599000,"endTimeMillis":1585958399000}","headers":{"Accept":"application/json, text/plain, /","Content-Type":"application/json;charset=utf-8","authorization":"Bearerya29.a0ARrdaM8Rx7JTevizLGoMkJYBqAGba27LtAQKbnodcgXsqkUFVyBFgm4ZNAvci84LbiowSnmpNxFhGCKcq1UKk6819L37kd1HPPbeXNsrmrbPjZu6pM7Jsw9p7xIwsMJLYZFrg4lNkgoPbMOFA5ZIlY021C0C","User-Agent":"axios/0.21.1","Content-Length":261},"transformRequest":[null],"transformResponse":[null],"timeout":0,"xsrfCookieName":"XSRF-TOKEN","xsrfHeaderName":"X-XSRF-TOKEN","maxContentLength":-1,"maxBodyLength":-1,"Content-Type":"application/json"}}
401 error response status code indicates that the client request has not been completed. Double check your credentials (i.e. client ID and client secret) are correct and there are no blank spaces.
I've been trying to setup my hmailserver with DKIM.
I was following this guide -> https://www.hmailserver.com/forum/viewtopic.php?t=29402
And I created my keys with this site -> https://www.port25.com/dkim-wizard/
Domain name: linnabary.us
DomainKey Selector: dkim
Key size: 1024
I created a pem file;
-----BEGIN RSA PRIVATE KEY-----
<key>
-----END RSA PRIVATE KEY-----
Saved it and loaded it into hmailserver
When I set this up on NameCheap I selected TXT Record, set my host as #, and put this line in, minus key of course;
v=DKIM1; k=rsa; p=<KEY>
Now when I test with -> http://www.isnotspam.com
It says my DKIM key is as follows;
----------------------------------------------------------
DKIM check details:
----------------------------------------------------------
Result: invalid
ID(s) verified: header.From=admin#linnabary.us
Selector=
domain=
DomainKeys DNS Record=._domainkey.
I was wondering if I am making any obvious errors in my record.
Edit;
The email contains the following line;
dkim-signature: v=1; a=rsa-sha256; d=linnabary.us; s=dkim;
This is what the setup looks like on NameCheap;
And here is the next test email from ;
This message is an automatic response from isNOTspam's authentication verifier service. The service allows email senders to perform a simple check of various sender authentication mechanisms. It is provided free of charge, in the hope that it is useful to the email community. While it is not officially supported, we welcome any feedback you may have at .
Thank you for using isNOTspam.
The isNOTspam team
==========================================================
Summary of Results
==========================================================
SPF Check : pass
Sender-ID Check : pass
DKIM Check : invalid
SpamAssassin Check : ham (non-spam)
==========================================================
Details:
==========================================================
HELO hostname: [69.61.241.46]
Source IP: 69.61.241.46
mail-from: admin#linnabary.us
Anonymous To: ins-a64wsfm3#isnotspam.com
---------------------------------------------------------
SPF check details:
----------------------------------------------------------
Result: pass
ID(s) verified: smtp.mail=admin#linnabary.us
DNS record(s):
linnabary.us. 1799 IN TXT "v=spf1 a mx ip4:69.61.241.46 ~all"
----------------------------------------------------------
Sender-ID check details:
----------------------------------------------------------
Result: pass
ID(s) verified: smtp.mail=admin#linnabary.us
DNS record(s):
linnabary.us. 1799 IN TXT "v=spf1 a mx ip4:69.61.241.46 ~all"
----------------------------------------------------------
DKIM check details:
----------------------------------------------------------
Result: invalid
ID(s) verified: header.From=admin#linnabary.us
Selector=
domain=
DomainKeys DNS Record=._domainkey.
----------------------------------------------------------
SpamAssassin check details:
----------------------------------------------------------
SpamAssassin 3.4.1 (2015-04-28)
Result: ham (non-spam) (04.6points, 10.0 required)
pts rule name description
---- ---------------------- -------------------------------
* 3.5 BAYES_99 BODY: Bayes spam probability is 99 to 100%
* [score: 1.0000]
* -0.0 SPF_HELO_PASS SPF: HELO matches SPF record
* -0.0 SPF_PASS SPF: sender matches SPF record
* 0.2 BAYES_999 BODY: Bayes spam probability is 99.9 to 100%
* [score: 1.0000]
* 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
* valid
* 0.8 RDNS_NONE Delivered to internal network by a host with no rDNS
* 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
X-Spam-Status: Yes, hits=4.6 required=-20.0 tests=BAYES_99,BAYES_999,
DKIM_SIGNED,RDNS_NONE,SPF_HELO_PASS,SPF_PASS,T_DKIM_INVALID autolearn=no
autolearn_force=no version=3.4.0
X-Spam-Score: 4.6
To learn more about the terms used in the SpamAssassin report, please search
here: http://wiki.apache.org/spamassassin/
==========================================================
Explanation of the possible results (adapted from
draft-kucherawy-sender-auth-header-04.txt):
==========================================================
"pass"
the message passed the authentication test.
"fail"
the message failed the authentication test.
"softfail"
the message failed the authentication test, and the authentication
method has either an explicit or implicit policy which doesn't require
successful authentication of all messages from that domain.
"neutral"
the authentication method completed without errors, but was unable
to reach either a positive or a negative result about the message.
"temperror"
a temporary (recoverable) error occurred attempting to authenticate
the sender; either the process couldn't be completed locally, or
there was a temporary failure retrieving data required for the
authentication. A later retry may produce a more final result.
"permerror"
a permanent (unrecoverable) error occurred attempting to
authenticate the sender; either the process couldn't be completed
locally, or there was a permanent failure retrieving data required
for the authentication.
==========================================================
Original Email
==========================================================
From admin#linnabary.us Wed Apr 12 17:41:22 2017
Return-path: <admin#linnabary.us>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on isnotspam.com
X-Spam-Flag: YES
X-Spam-Level: ****
X-Spam-Report:
* 3.5 BAYES_99 BODY: Bayes spam probability is 99 to 100%
* [score: 1.0000]
* -0.0 SPF_HELO_PASS SPF: HELO matches SPF record
* -0.0 SPF_PASS SPF: sender matches SPF record
* 0.2 BAYES_999 BODY: Bayes spam probability is 99.9 to 100%
* [score: 1.0000]
* 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
* valid
* 0.8 RDNS_NONE Delivered to internal network by a host with no rDNS
* 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
X-Spam-Status: Yes, hits=4.6 required=-20.0 tests=BAYES_99,BAYES_999,
DKIM_SIGNED,RDNS_NONE,SPF_HELO_PASS,SPF_PASS,T_DKIM_INVALID autolearn=no
autolearn_force=no version=3.4.0
Envelope-to: ins-a64wsfm3#isnotspam.com
Delivery-date: Wed, 12 Apr 2017 17:41:22 +0000
Received: from [69.61.241.46] (helo=linnabary.us)
by localhost.localdomain with esmtp (Exim 4.84_2)
(envelope-from <admin#linnabary.us>)
id 1cyMGg-0007x2-1Q
for ins-a64wsfm3#isnotspam.com; Wed, 12 Apr 2017 17:41:22 +0000
dkim-signature: v=1; a=rsa-sha256; d=linnabary.us; s=dkim;
c=relaxed/relaxed; q=dns/txt; h=From:Subject:Date:Message-ID:To:MIME-Version:Content-Type:Content-Transfer-Encoding;
bh=Ns4aRUgWUtil4fiVnvitgeV+q1K/smEYtRGN497S5Ew=;
b=Nc2Kzrzas0QqMpWM4fnF5o5wLWlWYFxlGlAipe+85H9cwGgc4hvEKUj1UvgB6I2VHUbJ0OGN/sJO9tjWgwlGypaUuW7Q8x/iI0UtC6cn7X6ZLHT+K6A2A6MdoyR1NF4xxvqPadcmcQwnrY0Tth4ycydpQMlBCZS30sc1qUjUrN0=
Received: from [192.168.1.12] (Aurora [192.168.1.12])
by linnabary.us with ESMTPA
; Wed, 12 Apr 2017 13:41:28 -0400
To: ins-a64wsfm3#isnotspam.com
From: Admin <admin#linnabary.us>
Subject: Welcome to Linnabary
Message-ID: <8e8be6cd-6354-aeb9-b577-2b0efc25a1a1#linnabary.us>
Date: Wed, 12 Apr 2017 13:41:28 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101
Thunderbird/45.8.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-DKIM-Status: invalid (pubkey_unavailable)
I honestly have no idea what I should put in here in order to protect
myself from filters, so I'm just making it up as I go.
- Tad
The Host value for your TXT entry should just be dkim._domainkey. Currently your domain key is located at: dkim._domainkey.linnabary.us.linnabary.us, so you're not supposed to add the domain here.
That's why the response to the test email says X-DKIM-Status: invalid (pubkey_unavailable) - the public key can't be found where it is supposed to be.
A Mule flow I have deployed to EC2 cannot send emails to a nodejs "simplesmtp" server running on another EC2 instance. Here are the authentication details for the SMPT server
user: joseph
pass: josephk
port: 2525 (open in security group)
I can send emails to this SMTP server using various clients on other hosts, here's the auth part of a nodejs client:
var smtpTransport = nodemailer.createTransport("SMTP",{
host: 'ec2-54-211-220-210.compute-1.amazonaws.com',
secureConnection: false,
port: 2525,
auth: {
user: "joseph",
pass: "joseph12"
}
});
My Mule smpt endpoint looks like this
<smtp:outbound-endpoint
host="ec2-54-211-220-210.compute-1.amazonaws.com"
port="2525"
user="joseph"
password="joseph12"
to="cleardot#aol.com"
from="joseph#ec2-54-211-220-210.compute-1.amazonaws.com"
subject="Email from Mule ESB"
doc:name="send notification"
/>
My log error is (I hate dumping log files on here but in this case have to)
INFO 2014-11-02 12:03:08,734 [[q2].connector.smtp.mule.default.dispatcher.01] org.mule.lifecycle.AbstractLifecycleManager: Starting: 'connector.smtp.mule.default.dispatcher.1535039248'. Object is: SmtpMessageDispatcher
ERROR 2014-11-02 12:03:08,815 [[q2].connector.smtp.mule.default.dispatcher.01] org.mule.exception.DefaultMessagingExceptionStrategy:
********************************************************************************
Message : Failed to route event via endpoint: DefaultOutboundEndpoint{endpointUri=smtp://joseph:<password>#ec2-54-211-220-210.compute- 1.amazonaws.com, connector=SmtpConnector
{
name=connector.smtp.mule.default
lifecycle=start
this=54d8fd1a
numberOfConcurrentTransactedReceivers=4
createMultipleTransactedReceivers=true
connected=true
supportedProtocols=[smtp]
serviceOverrides=<none>
, name='endpoint.smtp.joseph.compute.1.amazonaws.com.2525', mep=ONE_WAY, properties={toAddresses=cleardot#aol.com, subject=Email from Mule ESB, fromAddress=joseph#ec2-54-211-220-210.compute-1.amazonaws.com}, transactionConfig=Transaction{factory=null, action=INDIFFERENT, timeout=0}, deleteUnacceptedMessages=false, initialState=started, responseTimeout=10000, endpointEncoding=UTF-8, disableTransportTransformer=false}. Message payload is of type: MimeMessage
Code : MULE_ERROR--2
--------------------------------------------------------------------------------
Exception stack is:
1. 530 5.5.1 Authentication Required
(com.sun.mail.smtp.SMTPSendFailedException)
com.sun.mail.smtp.SMTPTransport:1829 (null)
2. Failed to route event via endpoint: DefaultOutboundEndpoint{endpointUri=smtp://joseph:<password>#ec2-54-211-220-210.compute-1.amazonaws.com, connector=SmtpConnector
{
name=connector.smtp.mule.default
lifecycle=start
this=54d8fd1a
numberOfConcurrentTransactedReceivers=4
createMultipleTransactedReceivers=true
connected=true
supportedProtocols=[smtp]
serviceOverrides=<none>
}
, name='endpoint.smtp.joseph.compute.1.amazonaws.com.2525', mep=ONE_WAY, properties={toAddresses=cleardot#aol.com, subject=Email from Mule ESB, fromAddress=joseph#ec2-54-211-220-210.compute-1.amazonaws.com}, transactionConfig=Transaction{factory=null, action=INDIFFERENT, timeout=0}, deleteUnacceptedMessages=false, initialState=started, responseTimeout=10000, endpointEncoding=UTF-8, disableTransportTransformer=false}. Message payload is of type: MimeMessage (org.mule.api.transport.DispatchException)
org.mule.transport.AbstractMessageDispatcher:117 (http://www.mulesoft.org/docs/site/current3/apidocs/org/mule/api/transport/DispatchException.html)
--------------------------------------------------------------------------------
Root Exception stack trace:
com.sun.mail.smtp.SMTPSendFailedException: 530 5.5.1 Authentication Required
at com.sun.mail.smtp.SMTPTransport.issueSendCommand(SMTPTransport.java:1829)
at com.sun.mail.smtp.SMTPTransport.mailFrom(SMTPTransport.java:1368)
at com.sun.mail.smtp.SMTPTransport.sendMessage(SMTPTransport.java:886)
+ 3 more (set debug level logging or '-Dmule.verbose.exceptions=true' for everything)
********************************************************************************
INFO 2014-11-02 12:03:09,697 [[q2].processArcMessage.stage1.02] org.mule.api.processor.LoggerMessageProcessor: send alert [B#3c32fb80
ERROR 2014-11-02 12:03:09,706 [[q2].connector.smtp.mule.default.dispatcher.01] org.mule.exception.DefaultMessagingExceptionStrategy:
Other comments:
I tried using joseph#ec2-54-211-220-210.compute-1.amazonaws.com as the user param with no luck.
Am wondering if Mule smpt requires that I use a standard port, or if I must use smpts not smpt.
My SMPT server logs attempts at authentication but sees nothing coming from Mule
Any help appreciated on this and the general issue of sending email from Mule on EC2
Clearly Mule can connect to your server because its response is visible in the logs:
530 5.5.1 Authentication Required
While your server was open to the web (see my comment above), I've noticed that it issued a 250 STARTTLS so I'm thinking that you should probably use the SMTPS transport for Mule, instead of the SMTP one in order to have proper support for TLS.