HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (
-   General (
-   -   can't receive mail from GMAIL (

psychop 14th November 2011 10:23

can't receive mail from GMAIL
Have 20 acc. on my server. Can send and receive all mail except from gmail.
When send mail to from gmail no mail arrives and gmail set's an error, but from all other it arrives ok.

Error is:

Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 550 550-5.1.1 The email account that you tried to reach does not exist. Please try
550-5.1.1 double-checking the recipient's email address for typos or
550-5.1.1 unnecessary spaces. Learn more at...

till 14th November 2011 10:46

Which error message do you get in the mail log file?

psychop 14th November 2011 11:12

no errors !

till 14th November 2011 12:01

And no delivery attemps from google? Then there might be a problem with the dns MX records of that domain.

psychop 14th November 2011 14:29

DNS records for one site looks like this:

Domain NS records        Nameserver records returned by the parent servers are:  ['9x.1x.xx.xx'] (NO GLUE)  [TTL=86400]  ['9x.1x.xx.xx'] (NO GLUE)  [TTL=86400]

Pass        Your nameservers are listed        Good. The parent server has your nameservers listed. This is a must if you want to be found as anyone that does not know your DNS servers will first ask the parent nameservers.
Info        DNS Parent sent Glue        The parent nameserver is not sending out GLUE for every nameservers listed, meaning he is sending out your nameservers host names without sending the A records of those nameservers. It's ok but you have to know that this will require an extra A lookup that can delay a little the connections to your site. This happens a lot if you have nameservers on different TLD ( for example with nameserver

Pass        Nameservers A records        Good. Every nameserver listed has A records. This is a must if you want to be found.
NS        Info        NS records from your nameservers        NS records got from your nameservers listed at the parent NS are:  ['9x.1x.xx.xx']  [TTL=86400]  ['9x.1x.xx.xx']  [TTL=86400]

Pass        Recursive Queries        Good. Your nameservers (the ones reported by the parent server) do not report that they allow recursive queries for anyone.
Pass        Same Glue        The A records (the GLUE) got from the parent zone check are the same as the ones got from your nameservers. You have to make sure your parent server has the same NS records for your zone as you do according to the RFC. This tests only nameservers that are common at the parent and at your nameservers. If there are any missing or stealth nameservers you should see them below!
Information        Glue for NS records        INFO: GLUE was not sent when I asked your nameservers for your NS records.This is ok but you should know that in this case an extra A record lookup is required in order to get the IPs of your NS records. The nameservers without glue are:
You can fix this for example by adding A records to your nameservers for the zones listed above.
Pass        Mismatched NS records        OK. The NS records at all your nameservers are identical.
Pass        DNS servers responded        Good. All nameservers listed at the parent server responded.
Pass        Name of nameservers are valid        OK. All of the NS records that your nameservers report seem valid.
Pass        Multiple Nameservers        Good. You have multiple nameservers. According to RFC2182 section 5 you must have at least 3 nameservers, and no more than 7. Having 2 nameservers is also ok by me.
Pass        Nameservers are lame        OK. All the nameservers listed at the parent servers answer authoritatively for your domain.
Pass        Missing nameservers reported by parent        OK. All NS records are the same at the parent and at your nameservers.
Pass        Missing nameservers reported by your nameservers        OK. All nameservers returned by the parent server are the same as the ones reported by your nameservers.
Pass        Domain CNAMEs        OK. RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present.
Pass        NSs CNAME check        OK. RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present.
Warn        Different subnets        WARNING: Not all of your nameservers are in different subnets
Pass        IPs of nameservers are public        Ok. Looks like the IP addresses of your nameservers are public. This is a good thing because it will prevent DNS delays and other problems like
Pass        DNS servers allow TCP connection        OK. Seems all your DNS servers allow TCP connections. This is a good thing and useful even if UDP connections are used by default.
Warn        Different autonomous systems        WARNING: Single point of failure
Pass        Stealth NS records sent        Ok. No stealth ns records are sent
SOA        Info        SOA record        The SOA record is:
Primary nameserver:
Hostmaster E-mail address:
Serial #: 2011111302
Refresh: 28800
Retry: 7200
Expire: 604800  1 weeks
Default TTL: 86400
Pass        NSs have same SOA serial        OK. All your nameservers agree that your SOA serial number is 2011111302.
Pass        SOA MNAME entry        OK. That server is listed at the parent servers.
Pass        SOA Serial        Your SOA serial number is: 2011111302. This appears to be in the recommended format of YYYYMMDDnn.
Pass        SOA REFRESH        OK. Your SOA REFRESH interval is: 28800. That is OK
Pass        SOA RETRY        Your SOA RETRY value is: 7200. Looks ok
Pass        SOA EXPIRE        Your SOA EXPIRE number is: 604800.Looks ok
Pass        SOA MINIMUM TTL        Your SOA MINIMUM TTL is: 86400. This value was used to serve as a default TTL for records without a given TTL value and now is used for negative caching (indicates how long a resolver may cache the negative answer). RFC2308 recommends a value of 1-3 hours. Your value of 86400 is OK.
MX        Info        MX Records        Your MX records that were reported by your nameservers are:

20  9x.1x.xx.xx
10 (no glue)

[These are all the MX records that I found. If there are some non common MX records at your nameservers you should see them below. ]
Pass        Different MX records at nameservers        Good. Looks like all your nameservers have the same set of MX records. This tests to see if there are any MX records not reported by all your nameservers and also MX records that have the same hostname but different IPs
Pass        MX name validity        Good. I did not detect any invalid hostnames for your MX records.
Pass        MX IPs are public        OK. All of your MX records appear to use public IPs.
Pass        MX CNAME Check        OK. No problems here.
Pass        MX A request returns CNAME        OK. No CNAMEs returned for A records lookups.
Pass        MX is not IP        OK. All of your MX records are host names.
Pass        Number of MX records        Good. Looks like you have multiple MX records at all your nameservers. This is a good thing and will help in preventing loss of mail.
Pass        Mismatched MX A        OK. I did not detect differing IPs for your MX records.
Pass        Duplicate MX A records        OK. I have not found duplicate IP(s) for your MX records. This is a good thing.
Pass        Reverse MX A records (PTR)        Your reverse (PTR) record: -> ->
You have reverse (PTR) records for all your IPs, that is a good thing.
WWW        Info        WWW A Record        Your A record is:  [9x.1x.xx.xx]
Pass        IPs are public        OK. All of your WWW IPs appear to be public IPs.
Pass        WWW CNAME        OK. No CNAME

psychop 21st November 2011 23:18

Here are outputs:

dig MX

; <<>> DiG 9.6.1-P3 <<>> MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31019
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0

;                        IN      MX

;; ANSWER SECTION:        86400  IN      MX      10

;; AUTHORITY SECTION:        86400  IN      NS        86400  IN      NS

;; Query time: 185 msec
;; WHEN: Mon Nov 21 22:30:14 2011
;; MSG SIZE  rcvd: 103

and dig A

;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20141
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 10

;            IN      A

;; ANSWER SECTION:    60      IN      A      9x.1x.xx.xx

can't find the problem. Today tested all other 'outside' mail my clients have and all mail arrived except from gmail.

falko 22nd November 2011 14:36

Please check your domain on

Also, can you check if you're blacklisted? I'm not sure, but maybe Gmail refuses to send mails to blacklisted servers.

psychop 23rd December 2011 10:08

Got it all working now.

So here it goes... had to reinstall complete postfix with factory settings one more time, then configure it and same with courier and that did the trick. Guess something was wrong in any of these two .conf files.

Hope it helps someone else in future.

All times are GMT +2. The time now is 03:06.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.