Skip to main content

    Support

    Offers

U
user_793118
1st Topic
1st Like

2 Messages

Monday, August 7th, 2023 2:17 PM

Closed

Email sent through smtp.comcast.net does not seem to get delivered

I have a setup that sends email through smtp.comcast.net using the mail command and it have been working fine in the past a few years. That setup. however, stops working a couple weeks ago. I checked the postfix log and I am getting

relay=smtp.comcast.net[96.102.167.162]:587, delay=2.9, delays=0.05/0.16/1.4/1.3, dns=2.0.0, status=sent (250 2.0.0 T0aVqdmkQCZlET0aWquxRx mail accepted for delivery)

So it seems the email has been delivered to comcast smtp server, yet, it has never been delivered to its destination. I felt the issue on comcast backend. Any way to resolve this? Thanks!

Question

 • 

Updated 

2 years ago

601

4

Accepted Solution

XfinityAlex

Official Employee

 • 

902 Messages

2 years ago

@user_793118 It appears as though the domain on the message has enacted a DMARC policy, and the messages don't meet the qualifications to pass that policy.  We're getting this message in response to sending to that Gmail address.

Permanent failure: 550-5.7.26 Unauthenticated email from crashplan.com is not accepted due to\r\n550-5.7.26 domain's DMARC policy. Please contact the administrator of\r\n550-5.7.26 crashplan.com domain if this was a legitimate mail. Please visit\r\n550-5.7.26 https://support.google.com/mail/answer/2451690 to learn about the\r\n550 5.7.26 DMARC initiative. fi20-20020a056a00399400b0068208d19b1dsi5807512pfb.153 - gsmtp\r\n" banner="220 mx.google.com ESMTP fi20-20020a056a00399400b0068208d19b1dsi5807512pfb.153 - gsmtp\r\n

That DMARC policy is:

_dmarc.crashplan.com.   300     IN      TXT     "v=DMARC1; p=reject; pct=100; rua=mailto: [Edited: "Personal Information"]"


I'm guessing you don't own that domain?

(edited)

0

0

XfinityAlex

Official Employee

 • 

902 Messages

2 years ago

Also, this means you should have seen NDRs in the mailbox/account that is sending these messages.

2

0

user_793118

2 Messages

@XfinityAlex​ Thanks for the hint, I think that's what happened. Turns out it is a Google thing. I did try to send to another email without success, and it was also part of the DMARC initiative :( Yes, you are correct that I do not own that domain and I just want to send some automated message to myself, with that artificial reply email address to indicate where the email is sent from.

What made it difficult for me to diagnose, is I do not receive any NDRs, possibly because I was sending the email with mail command under Linux, and comcast server does not know where to deliver that failure message?

2 years ago

0

XfinityAlex

Official Employee

 • 

902 Messages

Right, the 5321.From address you were using was an off-domain address.  So we would have sent them there.  Had you used the same From that you were using to authenticate, you would have seen the bounces.

2 years ago

0

XfinityThomasB

Official Employee

 • 

1.9K Messages

2 years ago

Hello @user_793118

 

Is this setup for through Outlook? I was hoping that you might be able to remove the account and then re-add in the account. I did review the postfix log but was hoping we might be able to start there? Thank you for getting us in the loop to help. 

1

0

XfinityAlex

Official Employee

 • 

902 Messages

@XfinityThomasB​ This is not Outlook.  Postfix is an MTA, Outlook is an MUA.  They're using Postfix to send some automated messages from backups and so on.  The issue is that the domain on the messages is protected by DMARC, and we're not able to create an SPF or DKIM signature against that domain (crashplan.com).  As such, Gmail is rejecting the messages for DMARC failure.  See RFC7489 for technical documentation about how DMARC is meant to work.

2 years ago

forum icon

New to the Community?

Start Here