Hey William On Sun, Nov 30, 2014 at 4:39 AM, William T <[email protected]> wrote:
> In trying to sniff a successful standard Gmail SMTP connection, all > traffic is encrypted. STARTTLS is the first command of any transmission. Is > there a trick to be able to use telnet or SSH to diagnose a Gmail > connection somehow? > No, just telnet to the MX server on the standard SMTP port TCP/25 like so: $ telnet ASPMX.L.GOOGLE.COM. 25 Trying 173.194.78.26... Connected to ASPMX.L.GOOGLE.COM. Escape character is '^]'. 220 mx.google.com ESMTP hn8si26075071wjb.124 - gsmtp ehlo server.somedomain 250-mx.google.com at your service, [ 80.68.92.173] 250-SIZE 35882577 250-8BITMIME 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-CHUNKING 250 SMTPUTF8 mail from: <m e@somedomain > 250 2.1.0 OK hn8si26075071wjb.124 - gsmtp rcpt to: < recipient@googlegroup > 250 2.1.5 OK hn8si26075071wjb.124 - gsmtp data 354 Go ahead hn8si26075071wjb.124 - gsmtp Subject: test Testing 123 . 550-5.7.1 [80.68.92.173 12] Our system has detected that this message is 550-5.7.1 likely unsolicited mail. To reduce the amount of spam sent to Gmail, 550-5.7.1 this message has been blocked. Please visit 550-5.7.1 http://support.google.com/mail/bin/answer.py?hl=en&answer=188131 for 550 5.7.1 more information. hn8si26075071wjb.124 - gsmtp Connection closed by foreign host. The black text is what I typed, green text is what is returned. In the above case you can see that the Google MX rejected my message, I suspect because my ehlo statement contained an invalid FQDN and/or I did not send full headers. In my test the envelope headers were valid sender and recipient addresses. > Our SPF record does have the IP address of the sending website > (ip4:#.#.#.#) plus the CNAME (a:blah.com) of the website as well. (For > the domain the A records point to our website which is what's generating > the emails, and the MX records are pointing to Gmail, which won't forward > emails to members of the group. Dang confusing!) > I performed this test from my own VPS which has a valid PTR record, does the IP address of your website server host have a valid PTR? Is this a shared website host? Perhaps the IP address has been blacklisted. Is whatever application you are sending from using a valid, reply-able From: header? > Any pointers on *HOW TO DIAGNOSE WHY GMAIL IS BOUNCING INTERNAL EMAILS TO > INTERNAL GMAIL GROUPS* would be very thoroughly appreciated. > That depends on how you define 'internal'. You are sending mail from a external (to Google) hosted server to a Google Group. Do have a look at the guidelines as per the link returned in my test above. See https://support.google.com/mail/answer/81126?hl=en If I do the same test using a valid information, the email is accepted: $ telnet ASPMX.L.GOOGLE.COM. 25 Trying 74.125.133.27... Connected to ASPMX.L.GOOGLE.COM. Escape character is '^]'. 220 mx.google.com ESMTP d8si4359131wjy.80 - gsmtp ehlo za.atnight.co.za 250-mx.google.com at your service, [80.68.92.173] 250-SIZE 35882577 250-8BITMIME 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-CHUNKING 250 SMTPUTF8 mail from: <marko@a_domain> 250 2.1.0 OK d8si4359131wjy.80 - gsmtp rcpt to: <marko@b_domain> 250 2.1.5 OK d8si4359131wjy.80 - gsmtp data 354 Go ahead d8si4359131wjy.80 - gsmtp From: Marko <marko@a_domain> To: Marko <marko@b_domain> Subject: only testing Hello there . 250 2.0.0 OK 1417362621 d8si4359131wjy.80 - gsmtp quit 221 2.0.0 closing connection d8si4359131wjy.80 - gsmtp Connection closed by foreign host. a_domain is a valid domain that I own and b_domain also a valid domain that is on Google MX. -- Marko -- You received this message because you are subscribed to the Google Groups "Gmail-Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/gmail-users. For more options, visit https://groups.google.com/d/optout.
