I am using postfix as mail server for "myDomain.com". Further I have installed a forwarding service to gmail. That works fine so far. But when someone sends me an e-mail with e.g. an executable, gmail bounces the mail. This notification mail from gmail will be relayed to the original sender, but not to me.
What I want to accomplish:
"A" sends an executable to my address at "myDomain.com".
The email will be forwarded to gmail. -> gmail bounces the mail back with a notification.
I want to receive this bounced email in my mailbox at "myDomain.com".
the original sender "A" doesn't get anything from gmail.
Any ideas at how to accomplish that?
Thank You!
The email will be forwarded to gmail. -> gmail bounces the mail back with a notification.
I want to receive this bounced email in my mailbox at "myDomain.com".
the original sender "A" doesn't get anything from gmail.
Gmail is not sending a bounce to the original sender.
The communications flow is like this:
Step 1: Original sender mail server communicates with your server (lets call it mx.example.com)
HELO originalsendermx
250 mx.example.com
MAIL FROM: originalsender#spammy.example
250 2.1.0 Ok
RCPT TO: a#example.com
250 2.1.5 Ok
DATA
354 End data with <CR><LF>.<CR><LF>
Subject: this is a virus in an executable for a#example.com
<base64encodedvirusexe>
.
250 2.0.0 Ok: queued as C9F786427FA
QUIT
221 2.0.0 Bye
Step 2: your postfix server has a rule to forward all mail to a#example.com to b#example.org, so it connects to mx.example.org:
HELO mx.example.com
250 mx.example.org
MAIL FROM originalsender#spammy.example
250 2.1.0 Ok
RCPT TO: b#example.org
250 2.1.5 Ok
DATA
354 End data with <CR><LF>.<CR><LF>
Subject: this is a virus in an executable for a#example.com
<base64encodedvirusexe>
.
550 5.2.3 The content of this message is not allowed
QUIT
221 2.0.0 Bye
So your server accepted the mail from original sender, but example.org (or gmail in your case) didn't accept the mail from your server. According to RFC 2821 your server should generate a Non-Delivery notification and send it to original sender:
If an SMTP server has accepted the task of relaying the mail and later
finds that the destination is incorrect or that the mail cannot be
delivered for some other reason, then it MUST construct an
"undeliverable mail" notification message and send it to the
originator of the undeliverable mail.
And this is the default behaviour of postfix. OTOH, common sense dictates you shouldn't send a bounce in this situation, and RFC5321 agrees.
The fastest way to accomplish this would be to modify master.cf to never send bounces:
bounce unix - - n - 0 discard
But it's a little extreme and probably undoable in many environments. You could use header_checks to narrow it down a little.
The important bit is that gmail isn't bouncing anything, it's just rejecting it. Your server is the one bouncing it.
I've had more or less the same problem; I've noticed that Gmail uses the SMTP response code 421 in this case. Since it's not a 5xx code, that means that the mail is queued for a later retry and sits in the deferred queue. So I built a cronjob to clear these mails out of the queue every hour, running the following command:
mailq | egrep -i -B 1 'google.com.*421-4.7.0.*gsmtp' | egrep -v '^\(|--' | cut -d' ' -f1 | postsuper -v -d -
Exact error message format may vary, but 421-4.7.0 seems to be the common denominator.
Related
I bought a Simcom (Sim7080G) module to use it for geolocation and send data over TCP. These modules are quite new on the market (it was first launched in mid 2019) and there is some weird functionning with it. I would like to know if people that use it struggle with the same problem.
My goal is to take GNSS (latitude/longitude) informations, and to send them over TCP.
Activate and take GNSS informations
AT+CGNSPWR=1
returns OK
AT+CGNSINF returns +CGNSINF: 1,1,20200517191239.000,4x.xxxxxx,6.xxxxxx,473.769,0.00,,0,,1.9,2.1,1.0,,7,,7.9,6.0
Connect to any TCP server
AT+CNACT=0,1 returns OK\r\n\r\n+APP PDP: 0,ACTIVE
AT+CAOPEN=0,0,"TCP",151.101.1.69,80 (151.101.1.69 is stackoverflow.com ip address)
--> Some time waiting (like +40s) and then:
+CAOPEN: 0,23\r\n\r\nOK
The code 23 means: 23 Remote refuse, but in my case the connection never reached the server.
Only GNSS or TCP can be used, but not both
What is weird about all of this, is the fact that I can connect on a TCP server, but this stops to work when I activate GNSS.
I sent an email to Simcom technical support.
After insisting that my problem be addressed by a Simcom engineer, I received an answer. I encouraged them to be more clear on their documentation because this information was nowhere (this module is pretty new so I think they missed it on documentation).
Hope to help somebody in the same way or not to do the same pricey error:
Hi Dardan,
"it is not possible to use GNSS and TCP at the same time"
This is known limitation for this module, as there are limitation for
LTE and GNSS part, they can not run simultaneously because they are
sharing part of RF components(SIM7070G low cost version of SIM7000G)
so it is time MUX for LTE and GNSS which means the GNSS performance
could not be good(if customer needs to send GNSS data to server in
very short interval such as <10 seconds), for SIM7000G LTE and GNSS
can work simultaneously without problem. so SIM7070G could be a good
solution for "parcel tracking" etc, which do not need the continue
navigation. please go for SIM7000G, thanks.
xxxx Sun
I found this issue some hours before read this post. My product publishs in AWS IoT MQTT broker; it works, but I need the GPS coordinates to be sent together in message. I'm a lot frustrated, because such problem should be said in Simcom's documents. My previous version was using sim7600g, more expensive, but works fine. I live in Brazil, everytime I need to test some different module I loose more than 1 month to buy from China or somewhere and arrive a new one to me. I tried to turn ON/OFF GNSS and the TCP conection in alternate way, but is too slow the process to reconnect on gsm network.
Ran into this as well. With MQTT it is possible to power down the GPS unit to be able to send and receive MQTT messages without reconnecting/subscribing to the broker again. I've made a 30 second interval to enable/disable the GPS unit and tested it with HiveMQ public broker. Receiving of position data every 60 seconds is possible with this setup, which might be sufficient for some applications. For the price, it has this is still a good module.
I receive no response for HTTP Get request for the http://httpbin.org/get URL. Following is the output using the AT Command Tester from https://m2msupport.net
Checking registration status...
AT+CREG?
+CREG: 2,1,"912","3D73",0
OK
The device is registered in home network.
AT+CGREG?
+CGREG: 2,1,"912","3D73",0,"1"
OK
The device is registered in home network.
Device is registered..
Check the network APN...
AT+CGNAPN
+CGNAPN: 0,""
OK
Network did not send APN to the device.
Activate the network bearer...
AT+CNACT=0,1
OK
+APP PDP: 0,ACTIVE
Set up the HTTP URL...
AT+SHCONF="URL","httpbin.org"
OK
Set up the HTTP body length...
AT+SHCONF="BODYLEN",1024
OK
Set up the HTTP header length...
AT+SHCONF="HEADERLEN",350
OK
Initiating HTTP connection...
AT+SHCONN
OK
Get the HTTP connection state...
AT+SHSTATE?
+SHSTATE: 1
OK
HTTP connection is successful...
HTTP get request...
AT+SHREQ="http://httpbin.org/get",1
OK
No reponse received..
I am using Kamailio 4.4 as the proxy with my Asterisk server. I am trying to develop a scenario where an extension gets registered on asterisk via Kamailio when it receives a push notification. This push notification is sent to the sip extension when a call towards this extension reaches to the Kamailio.
For example, suppose there is two SIP extension( extension 1 and extension 2) registered on Asterisk via Kamailio. When a call from extension 1 reaches the asterisk, it forwards the INVITE request towards extension 2 via Kamailio.Kamailio will try to forward it to extension 2. suppose the extension 2 is not able to receive the INVITE request from Kamailio. When extension two receive a push notification, it will register on asterisk.
So I need to get the call on extension 2 through the new registration.
We are trying to simulate registration of extension to the asterisk when receiving the push notification.
First, we registered extension 2 and disconnected the network. Then we tried to register the same extension when a call from extension 1 reaches to Kamailio. This is a simulation of push-based registration since an extension that receives the push will attempt to register when an incoming call is received.
When asterisk sends INVITE request to Kamailio, it immediately responded with 100 trying provisional response. This 100 response by Kamailio towards asterisk prevents asterisk from re-transmitting the INVITE.
Then Kamailio tried to send and retransmit the packet to extension 2, which does not have network access. This extension 2 was on port number 24071. Even after successful registration(in port 59995) of the extension 2, Kamailio continued to transmit the packets to the old port.
After that, we have configured Kamailio in a way that it won't send an immediate provisional reply(100 trying ) for INVITE request.
Here Kamailio is not immediately sending 100 trying message to Asterisk. This forces Asterisk to re-transmit. Asterisk was found to retransmit the same packets. However, even after the successful registration of extension 2, asterisk continued to send the old invite to Kamailio not the new one to the latest port.
This is the problem for me since push relies on the INVITE reaching the phone at the correct port number.
So, is there other good approaches to solve this issue?
One thing I would like to try is modifying the pending INVITE request towards old registered port with the new port details when new registration reaches to Kamailio. Can I get the ongoing requests from Kamailio?
Please suggest a viable solution.
Almost any kamailio config availible do similar thing.
You have save into location and consult it when do call.
However if you need really scalable platform you SHOULD NOT forward register requests to asterisk at all.
If kamailio send invite to wrong port, likly that mean you have TWO records in location.
Ì have a setup where I have a chain of servers that I need to send messages between:
A -> B -> C
On A I have an application which puts a message on a local MSMQ queue (MSMQ-A) on A. This queue needs to forward the message to a MSMQ queue on B (MSMQ-B) which in turn should forward the message to a MSMQ queue on C (MSMQ-C). On C there is an application which listens to messages from MSMQ-C.
The messages do not need to be transactional.
How do I configure MSMQ-A and MSMQ-B for forwarding of messages?
UPDATE
Based on the suggested answer I have done this:
I've enabled HTTP support under the Windows Message Queuing feature.
I've added a mapping file under the System32/msmq/mappings folder looking like this:
<redirections xmlns="msmq-queue-redirections.xml">
<redirection>
<from>http://machineA/msmsq/private$/logger</from>
<to>http://machineB/msmq/private$/logger</to>
</redirection>
</redirections>
and still the messages get stuck on machineA.
I am using powershell to send the messages to the queue on A like this: Get-MsmqQueue -name logger | Send-MsmqQueue -body "asdasd"
The design you are describing is not something that MSMQ provides.
MSMQ delivers a message from sender to receiver and that's it. You can't have a chain where the receiver automatically becomes the sender to the next receiver. You would need to write an application on each machine that receives the message from the queue and creates a NEW copy of it to send to the next.
MSMQ routing is a different concept. Compare it to parcel shipping where a parcel is routed through different depots across the country until it reaches the final destination. Each depot does nothing with the parcel except to pass it on. They don't open up the parcel, use the contents, and then repackage to send to the next depot.
You may instead be wanted to redirect MSMQ messages. For example, if A is an Internet-based PC, B is an Internet-facing server and C is a PC on an internal LAN (and you want to send A->B->C). If you have that sort of scenario then you need to look at Redirections.
Delivering Messages Sent over the Internet
HTTP Message Redirection
I'm reading about how SSL works and tried to perform a handshaking with google pop3 server pop.gmail.com 995. I've found an example of the client hello message there. So, I connected to the gmail pop 3 server with
telnet pop.gmail.com 995
It's OK. Now I can send messages to the server. As far as I understand the first thing I need to do is to send is the client hello message. So I type the following line (I'll break lines after \r\n token for simplify reading):
ClientVersion 3,1\r\nClientRandom[32]\r\n
SessionID: None (new session)\r\n
Suggested Cipher Suites:\r\n
TLS_RSA_WITH_3DES_EDE_CBC_SHA\r\n
TLS_RSA_WITH_DES_CBC_SHA\r\n
Suggested Compression Algorithm: NONE
Press Enter and receive the message
Connection closed by foreign host.
What's wrong? I was supposed to receive a server hello message? What do I send to receive that?
No, this is not possible. The text you're trying to type in is a human-readable representation of a ClientHello message, not the real thing. The real ClientHello message is binary data, and cannot be entered through a Telnet session.
You can use this command. After connect put your request like using telnet.
openssl s_client -connect pop.gmail.com:995
I m trying to access a website using sim900 GSM module.
This is the list of commands
AT+CSQ
+CSQ: 16,0
OK
AT+HTTPINIT
OK
AT+HTTPPARA="CID",1
OK
AT+HTTPPARA="URL","www.google.com"
OK
AT+HTTPACTION=0
OK
+HTTPACTION:0,601,0
AT+HTTPACTION=0
OK
+HTTPACTION:0,601,0
Unable to access google. 601 code shows Network error.
How to get rid of this error?
You need to setup the connection to the bearer. Here are the minimum setup commands that have worked for me (based on trial/error and searching around on the internet).
AT+SAPBR=3,1,"APN","wap.cingular"
AT+SAPBR=1,1
The correct value for the APN may be different for you, depending on your network and service provider. I'm using AT&T prepaid SIM cards. Once that's working, then you can do the HTTP setup commands as you already have...
AT+HTTPINIT
AT+HTTPPARA="URL","http://www.google.com"
AT+HTTPACTION=0
Status codes above 600 (and some in the 500 range) are unassigned in the HTTP standard. In the AT command manual for the SIM908, status meanings are given in the notes on the HTTPACTION command:
600 Not HTTP PDU
601 Network Error
602 No memory
603 DNS Error
604 Stack Busy
You can query the bearer connection status of CID 1 with AT+SAPBR=2,1 and the related parameters with AT+SAPBR=4,1. You can also check that you're attached to the GPRS network with AT+CGATT?. If everything indicates that you are connected and you are still getting a 601 status code, then check that your service plan has data and that it hasn't run out. I have found that even when my account has a few hundred k of data showing on the balance that I start to get a 601 status until I add more data to my prepaid phone plan. If the SIM module has been on the whole time and you add more data, you'll need to close and re-open your connection (AT+SAPBR=0,1 followed by AT+SAPBR=1,1) and then your HTTP* commands will start working again without having to set the HTTPPARA settings again and without having to restart with HTTPINIT.
I have found that when an http call is made to an https only website it will throw a 601 error on the sim. Beware some sim devices have ssl and some don't. Use AT+HTTPSSL=? to interrogate. device with ssl will respond like, 'HTTPSSL 1'. If you get an error your device doesn't have ssl. This took some work with the factory for me to determine this.
You must also use to hit ssl site. I am using the wifi101 ssl client.
fona.setHTTPSRedirect(true);
dy3
I have encoutered this error as well. The cause of the problem may be that there is not enough money in the phone number account. You may check it.
601 is some custom implemented Error code.
Here is the list of standard HTTP Status codes
+HTTPACTION:0,601,0
The above AT response code (601) for HTTP session start indicates that
there is a network error. Then make sure that the PDP context is setup
properly.
source
https://m2msupport.net/m2msupport/at-command-for-http-functions-for-remote-server-data-access/
I have spent many hours with this module right now.
My experience is that when you dont get a 200 reply from remote server, you should check IP address to verify you are still on the network sendng a ping to a working server (AT+CIPPING="XX.XX.XX.XX").
If it succeeds: Try AT+SAPBR=2,1 and AT+CIFSR. You should get same address for both commands.
If you dont get same address, login again to the netword/service with AT+CIPCSGP=1, "yourapn.com", "user", "password".
If nothing works, power down the module. Wait a couple of minutes, and restart again.
Just in case someone is affected by this problem and stumbles on this post 4 years later: in my case the module had a small "sticker" type antenna and it got somehow damaged.
I could connect to the network but when I tried to use HTTP over the GPRS networks I only got return code 601 (network error) or 603 (failed to resolve DNS).
Once I replaced the antenna with a new one, everything worked perfectly.
Again, in case somebody has the same problem. In my case it was a typo in url:
AT+HTTPPARA="URL"," http://www.google.com"
Did you notice the space before http? For several hours, I didn't notice it too.
Usually after this command AT+SAPBR=3,1,"CONTYPE","GPRS" you enter your "APN", "USR" & "PWD" details also using SAPBR=3,1 etc. These details must match the SIM card / mobile phone provider.
Then it is recommended to check that your device has now received an IP address. Sometimes this is not straight away. Use AT+SAPBR=2,1 to query and this will return your IP address which you should check for confirmation.
Once you have IP address you can enter AT+HTTPINIT, AT+HTTPPARA="CID",1 etc.
Now to use GET you have to include a "?" after the URL to provide your php script with a key=value pairing.
Thus in your case it is something like, AT+HTTPPARA="URL","http://<Public_Ip_Address>:8080/folder/savedata.php?A=1001" where A is the key and 1001 is the value.
Now send the AT+HTTPACTION=0 and you should get a +HTTPACTION: 0,200,1000 response where 200 is the OK and 1000 is the payload size. AT+HTTPREAD will allow you to read the response if it is required.
Change URL. 601 is a URL has been moved. Is a redirect.