550 Response from Stunnel?

Discussion:

(too old to reply)

Invalid

2023-11-16 18:12:29 UTC

I am attempting to send an e-mail to a couple of destinations. One of
which is on another domain I use, one of which is an external
organisation.

The configuration is Turnpike 6.07M using 32 bit Stunnel 5.06.
Turnpike outgoing SMTP is 127.0.0.1 on port 25
Stunnel connects to BT Internet, my ISP, using the configuration

[btmail-smtp]
client = yes
accept = 127.0.0.1:25
connect = mail.btinternet.com:465
;protocol = ssmtp
;protocolUsername = ****Redacted****
;protocolPassword = ****Redacted****

When I send the e-mail I get a response that reads

Your message could not be delivered to the following recipients
****Redacted 3rd party address*****
Talking to [127.0.0.1] on Thu, 16 Nov 2023 17:35:48 +0000

DATA

<<< 550-We're sorry, but we can't send your email. Either the subject
matter, a link, or an attachment potentially contains

550 spam, or phishing or malware. Please check or edit your message and
try sending it again. (6-1-3-2) ID (64CAD6A50B0E5CBB)

****Redacted one of my addresses*****
Talking to [127.0.0.1] on Thu, 16 Nov 2023 17:35:48 +0000

DATA

<<< 550-We're sorry, but we can't send your email. Either the subject
matter, a link, or an attachment potentially contains

550 spam, or phishing or malware. Please check or edit your message and
try sending it again. (6-1-3-2) ID (64CAD6A50B0E5CBB)

The headers of the return message are

Message-ID: <k0Hd8EA0LlVlBw54@***My Domain***>
Date: Thu, 16 Nov 2023 17:35:48 +0000
To: ****MY main Email - not used in the sending message****
From: Turnpike_SMTP_Client@***My Domain***
Subject: Delivery Status Notification
MIME-Version: 1.0
Content-Type: multipart/report;report-type=delivery-status;
boundary="=_Turnpike_l0Xd8AA0LlVlNyjo="
User-Agent: Turnpike/6.07-M (<YDAiggsQCEaagwVxSOaFzpQT0y>)

I am trying to work out which bit of the chain didn't like the message
content.
Was it something in Turnpike, Something in Stunnel, BT Internet's SMTP
server or something at the third party.

There is very little information in the headers.

I did prune the outgoing message and hat seems to have worked, but I wam
still curious to discover which leg of the chain was objecting.

Regards

--
Invalid

John Hall

2023-11-16 18:42:30 UTC

Permalink

Post by Invalid
I am attempting to send an e-mail to a couple of destinations. One of
which is on another domain I use, one of which is an external
organisation.
The configuration is Turnpike 6.07M using 32 bit Stunnel 5.06.

5.06 is a pretty old version. I'm on 5.71, available in 32-bit form
here:

https://github.com/josealf/stunnel-win32

I don't think that's related to your issue, though.

Post by Invalid
Turnpike outgoing SMTP is 127.0.0.1 on port 25
Stunnel connects to BT Internet, my ISP, using the configuration
[btmail-smtp]
client = yes
accept = 127.0.0.1:25
connect = mail.btinternet.com:465
;protocol = ssmtp
;protocolUsername = ****Redacted****
;protocolPassword = ****Redacted****

In my own Stunnel config file, I don't have those last three lines; I
just provided my email address and password in TP's Connect > Configure,
via the button to the right of the Mail Gateway box. Again I don't think
that's the cause of your issue.

Post by Invalid
When I send the e-mail I get a response that reads
Your message could not be delivered to the following recipients
****Redacted 3rd party address*****
Talking to [127.0.0.1] on Thu, 16 Nov 2023 17:35:48 +0000

DATA

<<< 550-We're sorry, but we can't send your email. Either the
subject matter, a link, or an attachment potentially contains
550 spam, or phishing or malware. Please check or edit your message
and try sending it again. (6-1-3-2) ID (64CAD6A50B0E5CBB)
****Redacted one of my addresses*****
Talking to [127.0.0.1] on Thu, 16 Nov 2023 17:35:48 +0000

DATA

<<< 550-We're sorry, but we can't send your email. Either the
subject matter, a link, or an attachment potentially contains
550 spam, or phishing or malware. Please check or edit your message
and try sending it again. (6-1-3-2) ID (64CAD6A50B0E5CBB)
The headers of the return message are
Date: Thu, 16 Nov 2023 17:35:48 +0000
To: ****MY main Email - not used in the sending message****
Subject: Delivery Status Notification
MIME-Version: 1.0
Content-Type: multipart/report;report-type=delivery-status;
boundary="=_Turnpike_l0Xd8AA0LlVlNyjo="
User-Agent: Turnpike/6.07-M (<YDAiggsQCEaagwVxSOaFzpQT0y>)
I am trying to work out which bit of the chain didn't like the message
content.
Was it something in Turnpike, Something in Stunnel, BT Internet's SMTP
server or something at the third party.
There is very little information in the headers.
I did prune the outgoing message and hat seems to have worked, but I
wam still curious to discover which leg of the chain was objecting.

If you take the error message you got at face value, it seems that
something in the email body was objected too - no doubt wrongly - but
unfortunately you haven't shown the body. As the error message says
"We're sorry, but we can't send your email", the To in the bounce
message is "****MY main Email - not used in the sending message****" -
which presumably only TP would know - and the From is
"Turnpike_SMTP_Client@***My Domain***", then it looks like it must be TP
itself that bounced it. I've never heard of such a thing before, and I'm
very surprised.

I really would like to see the Subject line and body of your original
message, redacted if they contains anything sensitive. Hopefully TP
doesn't do the same check on news posts as it does on emails, though, or
it might not let you post it!

--
John Hall
"Acting is merely the art of keeping a large group of people
from coughing."
Sir Ralph Richardson (1902-83)

J. P. Gilliver

2023-11-16 18:48:43 UTC

Permalink

In message <***@wisty.plus.com> at Thu, 16 Nov 2023
18:12:29, Invalid <***@wisty.plus.com.invalid> writes
[]

Post by Invalid
When I send the e-mail I get a response that reads

[]

Post by Invalid
<<< 550-We're sorry, but we can't send your email. Either the
subject matter, a link, or an attachment potentially contains
550 spam, or phishing or malware. Please check or edit your message
and try sending it again. (6-1-3-2) ID (64CAD6A50B0E5CBB)

[]

Post by Invalid
I am trying to work out which bit of the chain didn't like the message
content.
Was it something in Turnpike, Something in Stunnel, BT Internet's SMTP
server or something at the third party.
There is very little information in the headers.
I did prune the outgoing message and hat seems to have worked, but I
wam still curious to discover which leg of the chain was objecting.
Regards

What did you prune from the message that then allowed it to get through?
Although I admit it's more my curiosity, knowing what was objected to
might help us work out what was objecting. I don't _think_ it's Turnpike
- I don't think there's much antispam in TP, other than the kill rules
you set yourself. You could grep the stunnel or Turnpike files for
segments of the error message, but I don't think you'll find them.

--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)***@T+H+Sh0!:`)DNAf

"The great tragedy of science, the slaying of a beautiful theory by an ugly
fact. - Thomas Henry Huxley

Invalid

2023-11-17 19:32:17 UTC

Permalink

Thanks to both of you for the input.

Unfortunately the original is a long (6000) character E-mail from a
Financial adviser setting up a telephone consultation, so I feel
uncomfortable posting it - and it would be hard to redact and still
leave the clues.

Most of it was the sort of lawyerish "cover your backside" boilerplate
that these people typically include in and at the end of such e-mails.
It was an HTML mail and a bit of the HTML code was still present when
Turnpike did the reply.

It did contain two URL's one
www.fca.org.uk/firms/financial-services-register
which should be innocuous, and one a pointer to a questionnaire on
https://www.formdesk.com

and a fair few scattered E-mail addresses.

I pruned most of the boilerplate out and only left the identifiers.

I suspect the culprit was the BT SMTP server. The response message was
generated in the sending process, it wasn't a message sent back by the
server - it didn't appear in my inbound logs.

I think what happened is that Stunnel effectively translated the address
I used to send (127.0.0.1) into the BT Internet SMTP server, and then
reversed the address translation for the 550 response when passing it
back to Turnpike.

If the sender wasn't quite so sensitive, and I had more time ( and
inclination to investigate deeper) I might be tempted to prune bits out
until it went. But I don't.

Thanks again for your input - I will see if it happens again with
something simpler to diagnose.

Post by J. P. Gilliver
[]

Post by Invalid
When I send the e-mail I get a response that reads

[]

What did you prune from the message that then allowed it to get
through? Although I admit it's more my curiosity, knowing what was
objected to might help us work out what was objecting. I don't _think_
it's Turnpike - I don't think there's much antispam in TP, other than
the kill rules you set yourself. You could grep the stunnel or Turnpike
files for segments of the error message, but I don't think you'll find them.

--
Invalid

J. P. Gilliver

2023-11-17 20:22:21 UTC

Permalink

Post by Invalid
Thanks to both of you for the input.
Unfortunately the original is a long (6000) character E-mail from a
Financial adviser setting up a telephone consultation, so I feel
uncomfortable posting it - and it would be hard to redact and still
leave the clues.

[]

Post by Invalid
It did contain two URL's one
www.fca.org.uk/firms/financial-services-register
which should be innocuous, and one a pointer to a questionnaire on
https://www.formdesk.com
and a fair few scattered E-mail addresses.

[]
I've known some servers err on the side of caution to a ridiculous
degree - the presence of almost _any_ link (or possibly email) in body
text triggers their failsafe rejection. I can't remember how I got round
it other than mangling the URLs (e. g. by adding spaces) such that they
weren't valid URLs any more, which means the recipient has to unmangle
them, so can't just click on them. Haven't had that for a while though,
so that may not be the problem.

--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)***@T+H+Sh0!:`)DNAf

To keep leaf vegetables clean and crisp, cook lightly, then plunge into iced
water (the vegetables, that is). - manual for a Russell Hobbs electric steamer

John Hall

2023-11-17 20:48:40 UTC

Permalink

Post by J. P. Gilliver

[]

[]
I've known some servers err on the side of caution to a ridiculous
degree - the presence of almost _any_ link (or possibly email) in body
text triggers their failsafe rejection.

Yes, I once ran into that, when an email I sent containing two links was
rejected, not by my own email server, but the one at the far end.
Fortunately it did send back a reasonably intelligent bounce message.

Post by J. P. Gilliver
I can't remember how I got round it other than mangling the URLs (e.
g. by adding spaces) such that they weren't valid URLs any more, which
means the recipient has to unmangle them, so can't just click on them.
Haven't had that for a while though, so that may not be the problem.

Another way round it would probably be to zip the message, but that's
probably worse than the mangling method unless there are a large number
of URLs..

--
John Hall
"Acting is merely the art of keeping a large group of people
from coughing."
Sir Ralph Richardson (1902-83)