修正 Linode 郵件伺服器沒有 PTR 記錄,被 Google 擋信的問題

本篇記錄我修正 Linode 郵件伺服器沒有 PTR 記錄,被 Google 擋信問題的過程。


最近發現自己的 WordPress 網站好像都沒辦法寄信,於是從 Linux 系統上用 mail 指令發了一封測試信件:

date | mail -s test guozhao.wang@gmail.com

結果真的發不出去,在系統上收到 GMail 退回來的信件,完整的內容如下:

Date: Fri, 26 May 2017 11:32:33 +0800
From: Mail Delivery System <Mailer-Daemon@linode01.gtwang.org>
To: seal@linode01.gtwang.org
Subject: Mail delivery failed: returning message to sender

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

  guozhao.wang@gmail.com
    SMTP error from remote mail server after end of data:
    host gmail-smtp-in.l.google.com [2404:6800:4003:c01::1b]:
    550-5.7.1 [2400:8901::f03c:91ff:fe67:98b] Our system has detected that this
    550-5.7.1 message does not meet IPv6 sending guidelines regarding PTR records
    550-5.7.1 and authentication. Please review
    550-5.7.1  https://support.google.com/mail/?p=IPv6AuthError for more information
    550 5.7.1 . e6si11179112pgf.386 - gsmtp

------ This is a copy of the message, including all the headers. ------

Return-path: <seal@linode01.gtwang.org>
Received: from seal by linode01.gtwang.org with local (Exim 4.82)
        (envelope-from <seal@linode01.gtwang.org>)
        id 1dE5zM-0006Xx-6E
        for guozhao.wang@gmail.com; Fri, 26 May 2017 11:32:32 +0800
Date: Fri, 26 May 2017 11:32:32 +0800
To: guozhao.wang@gmail.com
Subject: test
User-Agent: Heirloom mailx 12.5 6/20/10
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <E1dE5zM-0006Xx-6E@linode01.gtwang.org>
From: Guo-Tzau Wang <seal@linode01.gtwang.org>

Fri May 26 11:32:32 CST 2017

我用 dig 查了一下自己伺服器 IPv6 的反解(PTR):

dig -x 2400:8901::f03c:91ff:fe67:98b
; <<>> DiG 9.9.5-3ubuntu0.14-Ubuntu <<>> -x 2400:8901::f03c:91ff:fe67:98b
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56424
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;b.8.9.0.7.6.e.f.f.f.1.9.c.3.0.f.0.0.0.0.0.0.0.0.1.0.9.8.0.0.4.2.ip6.arpa. IN PTR

;; AUTHORITY SECTION:
1.0.9.8.0.0.4.2.ip6.arpa. 83890 IN  SOA ns1.linode.com. dns.linode.com. 2017052592 14400 14400 1209600 86400

;; Query time: 1 msec
;; SERVER: 139.162.21.5#53(139.162.21.5)
;; WHEN: Fri May 26 11:45:22 CST 2017
;; MSG SIZE  rcvd: 155

結果真的是我自己沒有設定。

由於這個反解要從主機商的 DNS 伺服器中修改,不同的虛擬主機商會有不同的作法,我的 WordPress 網站是使用 Linode VPS 架設的,所以要使用 Linode 所提供的 DNS 反解設定工具來設定

修正完成並且等待 DNS 紀錄更新之後,再查詢一次反解紀錄:

dig -x 2400:8901::f03c:91ff:fe67:98b
; <<>> DiG 9.8.3-P1 <<>> -x 2400:8901::f03c:91ff:fe67:98b
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40134
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 10

;; QUESTION SECTION:
;b.8.9.0.7.6.e.f.f.f.1.9.c.3.0.f.0.0.0.0.0.0.0.0.1.0.9.8.0.0.4.2.ip6.arpa. IN PTR

;; ANSWER SECTION:
b.8.9.0.7.6.e.f.f.f.1.9.c.3.0.f.0.0.0.0.0.0.0.0.1.0.9.8.0.0.4.2.ip6.arpa. 86029 IN PTR linode01.gtwang.org.

;; AUTHORITY SECTION:
1.0.9.8.0.0.4.2.ip6.arpa. 86029 IN  NS  ns1.linode.com.
1.0.9.8.0.0.4.2.ip6.arpa. 86029 IN  NS  ns2.linode.com.
1.0.9.8.0.0.4.2.ip6.arpa. 86029 IN  NS  ns5.linode.com.
1.0.9.8.0.0.4.2.ip6.arpa. 86029 IN  NS  ns4.linode.com.
1.0.9.8.0.0.4.2.ip6.arpa. 86029 IN  NS  ns3.linode.com.

;; ADDITIONAL SECTION:
ns1.linode.com.     97521   IN  A   162.159.27.72
ns1.linode.com.     97521   IN  AAAA    2400:cb00:2049:1::a29f:1a63
ns2.linode.com.     7910    IN  A   162.159.24.39
ns2.linode.com.     7910    IN  AAAA    2400:cb00:2049:1::a29f:1827
ns3.linode.com.     97521   IN  A   162.159.25.129
ns3.linode.com.     97521   IN  AAAA    2400:cb00:2049:1::a29f:1981
ns4.linode.com.     97521   IN  A   162.159.26.99
ns4.linode.com.     97521   IN  AAAA    2400:cb00:2049:1::a29f:1b48
ns5.linode.com.     97521   IN  A   162.159.24.25
ns5.linode.com.     97521   IN  AAAA    2400:cb00:2049:1::a29f:1819

;; Query time: 4 msec
;; SERVER: 140.110.96.1#53(140.110.96.1)
;; WHEN: Fri May 26 12:13:45 2017
;; MSG SIZE  rcvd: 443

設定伺服器的 DNS 反解之後,就可以正常寄信了,不過後來因為網站留言的通知信太多了,又被 Google 當成垃圾信擋掉:

Date: Fri, 26 May 2017 12:54:32 +0800
From: Mail Delivery System <Mailer-Daemon@linode01.gtwang.org>
To: www-data@linode01.gtwang.org
Subject: Mail delivery failed: returning message to sender

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

  guozhao.wang@gmail.com
    SMTP error from remote mail server after end of data:
    host gmail-smtp-in.l.google.com [2404:6800:4003:c03::1b]:
    550-5.7.1 [2400:8901::f03c:91ff:fe67:98b       7] Our system has detected that
    550-5.7.1 this message is likely unsolicited mail. To reduce the amount of spam
    550-5.7.1 sent to Gmail, this message has been blocked. Please visit
    550-5.7.1  https://support.google.com/mail/?p=UnsolicitedMessageError
    550 5.7.1  for more information. s3si29651575plb.315 - gsmtp

------ This is a copy of the message, including all the headers. ------

Return-path: <www-data@linode01.gtwang.org>
Received: from www-data by linode01.gtwang.org with local (Exim 4.82)
        (envelope-from <www-data@linode01.gtwang.org>)
        id 1dE7Gh-0006ot-MW
        for guozhao.wang@gmail.com; Fri, 26 May 2017 12:54:31 +0800
To: guozhao.wang@gmail.com
Subject: =?UTF-8?B?77y7Ry4gVC4gV2FuZ++8veiri+WvqeaguO+8muOAjOS9v+eUqCBPcA==?=
+=?UTF-8?B?ZW5TU0wg5oiWIEdudVBHIOWKoOWvhuaqlOahiOiIh+ebrumMhO+8jA==?=  =?UTF-8?B?55So5a+G56K85LiK6Y6W5L+d6K235qmf5a+G6LOH5paZ44CN?=
X-PHP-Originating-Script: 33:class-phpmailer.php
Date: Fri, 26 May 2017 04:54:31 +0000
From: WordPress <wordpress@blog.gtwang.org>
Message-ID: <bd6823e588c9792cc8d5f2cdcba457e1@blog.gtwang.org>
X-Mailer: PHPMailer 5.2.22 (https://github.com/PHPMailer/PHPMailer)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

[略]

後來直接把迴響的 Email 通知功能關掉,這樣就不會產生太多類似的 Email,浪費系統資源。

WordPress 設定

www-data 信件

由於長期被 Google 擋信,所有從 WordPress 發出又退回來的信件全部都送到系統的 www-data 帳號中,我檢查了一下 www-data 的信箱檔案,發現累積了不少信件:

ls -l /var/spool/mail/www-data
-rw-rw---- 1 www-data mail 57913373 May 26 12:26 /var/spool/mail/www-data

因為 www-data 是系統用的帳號,它的信平常不會有人去看,正常來說我們應該要把 www-data 的信件轉寄到系統管理者的帳號下(我之前忘記了),設定的方式是修改 /etc/aliases 設定檔,加入一行:

www-data: gtwang

這樣以後所有寄給 www-data 的信,就會自動轉寄給 gtwang 這個帳號了。

接著把 www-data 的舊信件刪掉:

sudo rm /var/spool/mail/www-data

參考資料:Google

Linux

1 留言

  1. IPv6的話Google要求一定要PRT,之前嘗試在家裡架設mail server就因為這個失敗了,畢竟非商用無法設定PRT

Comments are Closed