Google 's invitation was rejected

H

hoanv9

Well-Known Member
Apr 15, 2020
53
6
48
45
Hi all,
I had an issue with the meeting invitation from Google Suite email. Many users from Gmail or Google Suite send the meeting invitation to Promox MailGW, few email were rejected

Code: 
Jan 20 14:58:24 proxmox1 postfix/smtpd[23310]: connect from mail-yb1-f201.google.com[209.85.219.201]
Jan 20 14:58:25 proxmox1 postfix/smtpd[23310]: 2BC3E441317: client=mail-yb1-f201.google.com[209.85.219.201]
Jan 20 14:58:25 proxmox1 postfix/cleanup[24715]: 2BC3E441317: message-id=<00000000000065866b05b95051be@google.com>
Jan 20 14:58:25 proxmox1 postfix/qmgr[1156]: 2BC3E441317: from=<user@gsuite.com>, size=28588, nrcpt=1 (queue active)
Jan 20 14:58:25 proxmox1 postfix/smtpd[23310]: disconnect from mail-yb1-f201.google.com[209.85.219.201] ehlo=1 mail=1 rcpt=1 bdat=1 quit=1 commands=5
Jan 20 14:58:28 proxmox1 postfix/lmtp[24803]: 2BC3E441317: to=<user@proxmoxmail.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=3.5, delays=0.39/0/0/3.1, dsn=5.7.1, status=bounced (host 127.0.0.1[127.0.0.1] said: 554 5.7.1 Rejected for policy reasons (4413246007E2A12CB89) (in reply to end of DATA command))
Jan 20 14:58:28 proxmox1 postfix/qmgr[1156]: 2BC3E441317: removed

is there anyway to track and fix it?

Note:
- Some guys from reddit said to add calendar-notification@google.com to whitelist. But I am not prefer this way.
- Another thread in this forum tell me to add the list IP of google mail to whitelist. But it manual and take time.
 
Could you please post the complete log for the message (i don't see the lines from pmg-smtp-filter, which might indicate why the mail was blocked)
 
Stoiko Ivanov said:
Could you please post the complete log for the message (i don't see the lines from pmg-smtp-filter, which might indicate why the mail was blocked)
Click to expand...
I got this log from tracking center. Can you guide how to get the complete log of the message?
 
hoanv9 said:
I got this log from tracking center. Can you guide how to get the complete log of the message?
Click to expand...
hmm - that's odd - please try:
Code: 
grep -Ei '2BC3E441317|00000000000065866b05b95051be@google.com|4413246007E2A12CB89' /var/log/mail.log /var/log/mail.log.1
 
Hi, I am too nood :)

for the log showed "Block Dangerous Content", but don't know why the invitation has that blocked content. The user also send email to another gmail but no issue.


Code: 
Jan 20 14:58:25 proxmox1 postfix/smtpd[23310]: 2BC3E441317: client=mail-yb1-f201.google.com[209.85.219.201]
Jan 20 14:58:25 proxmox1 postfix/cleanup[24715]: 2BC3E441317: message-id=<00000000000065866b05b95051be@google.com>
Jan 20 14:58:25 proxmox1 postfix/qmgr[1156]: 2BC3E441317: from=<user@gsuite.com>, size=28588, nrcpt=1 (queue active)
Jan 20 14:58:25 proxmox1 pmg-smtp-filter[25769]: 4413246007E2A12CB89: new mail message-id=<00000000000065866b05b95051be@google.com>#012
Jan 20 14:58:25 proxmox1 pmg-smtp-filter[25769]: 4413246007E2A12CB89: From: Christian <user@gsuite.com>
Jan 20 14:58:28 proxmox1 pmg-smtp-filter[25769]: 4413246007E2A12CB89: SA score=0/5 time=3.007 bayes=0.00 autolearn=ham autolearn_force=no hits=AWL(0.535),BAYES_00(-1.9),DKIMWL_WL_MED(-0.001),DKIM_SIGNED(0.1),DKIM_VALID(-0.1),DKIM_VALID_AU(-0.1),DKIM_VALID_EF(-0.1),HTML_MESSAGE(0.001),KAM_SHORT(0.001),RCVD_IN_MSPIKE_H2(-0.001),SPF_HELO_NONE(0.001),SPF_PASS(-0.001)
Jan 20 14:58:28 proxmox1 pmg-smtp-filter[25769]: 4413246007E2A12CB89: block mail to <user@proxmoxmail.com> (rule: Block Dangerous Content)
Jan 20 14:58:28 proxmox1 pmg-smtp-filter[25769]: 4413246007E2A12CB89: processing time: 3.087 seconds (3.007, 0.064, 0)
Jan 20 14:58:28 proxmox1 postfix/lmtp[24803]: 2BC3E441317: to=<user@proxmoxmail.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=3.5, delays=0.39/0/0/3.1, dsn=5.7.1, status=bounced (host 127.0.0.1[127.0.0.1] said: 554 5.7.1 Rejected for policy reasons (4413246007E2A12CB89) (in reply to end of DATA command))
Jan 20 14:58:28 proxmox1 postfix/bounce[25820]: 2BC3E441317: sender non-delivery notification: 4383E441357
Jan 20 14:58:28 proxmox1 postfix/qmgr[1156]: 2BC3E441317: removed
 
hm - 'Block Dangerous Content' is a rule name - so it depends on how you configured your rule system.

The default rule 'Block Dangerous Content' blocks mails which contain one of the following:
Code: 
content-type=application/javascript
content-type=application/x-executable
content-type=application/x-java
content-type=application/x-ms-dos-executable
content-type=application/x-ms-dos-executable
content-type=message/partial
filename=.*\.(vbs|pif|lnk|shs|shb)
filename=.*\.\{.+\}

You can change the action of the rule to Quarantine - then you can check what matched

I hope this helps!
 
  • Like
Reactions: hoanv9
Thx Stoiko,
I will follow your suggestion. But it's so strange because I don't change anything in that rule. Let's me change then update.
 
You must log in or register to reply here.
Top Bottom