host yy.com [XXX.XXX.XXX.XXX] said: 550-Verification failed for 550-No such person at this address” 550 Sender verify failed (in reply to RCPT TO command)

Well that’s something you don’t see every day! Definitely worth mentioning and writing done, since I may refer to this story to my IT grandchildren…..

A customer of ours, suppose xx.com sends an email to yy.com

The user username@xx.com gets a non-deliverable email from our on-premises Mail server (NDR) containing the following text:

host yy.com [XXX.XXX.XXX.XXX] said:

    550-Verification failed for <username@xx.com> 550-No such person at this

    address” 550 Sender verify failed (in reply to RCPT TO command)

 

550 Sender verify failed (in reply to RCPT TO command)!!!!

Launched telnet from my pc (different external ip from the xx.com customer) and got through the smtp commands emulating an email submission to the yy.com email server

Start>Run

Cmd <clrf>

Telnet <clrf>

Set localecho <clrf>

O “mailserver.yy.com” 25 <clrf>

Ehlo local.domain.name <clrf> 

Mail from:myemailaddress@creativepeople.gr <clrf>

Rcpt to:username@yy.com <clrf>

DATA <clrf>

Subject:”Your message subject” .<clrf>

“your message” <clrf>

 <clrf>. <clrf>

 

Bingo Message delivered. Ok what’s the problem?

I login to my customer’s server and do the same (of course I changed myemailaddress@creativepeople.gr with username@xx.com). No luck! Sender Verify failed!!!

I checked SPF records, I checked blacklisting….nothing, everythings clean!

But after a closer look on DNS lookups, we found out that the yy.com recipient has dns/web/email hosting to the ip 72.52.232.144 (resolving it….host.giganetworks.com)

OUPS!

Apparently my client xx.com has only web hosting on the same provider and its www Host A record resolves back to the same IP!!!! No DNS, no email service is provided for the xx.com, at least, that’s what I was aware of (after making the necessary changes in the ISP’s CPANEL)

WOW!!! What is happening is rather simple….

The xx.com mail server begins negotiation with the yy.com mail server. The exchange the ehlos/helos and when the xx.com claims to be the sender of username@xx.com the yy.com mail server stops the submission since he THINKS thank the xx.com is spoofing the xx.com.

Apparently the mail fails and no submission takes place.

How we resolved this:

Simply mailed the ISP explained what we found and forced them to be secondary dns on our Primary dns servers for the xx.com domain, threating them that I will remove the domain and hosting same day….

Case closed, but will be remembered.

Advertisements

About cpsaroudakis

IT professional, founder of CreativePeople.gr

Posted on April 24, 2014, in Everyday IT issues and tagged . Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: