0

My simply PHP script to send mail is

<?php
    ini_set( 'display_errors', 1 );
    error_reporting( E_ALL );
    $from = "fromaddress@gmail.com";
    $to = "toaddress@gmail.com";
    $subject = "PHP Mail Test script";
    $message = "This is a test to check the PHP Mail functionality";
    $headers = "From:" . $from;
    mail($to,$subject,$message, $headers);
    echo "Test email sent";
?>

When I run this script on any other server it is working fine, but when doing it on my new CentOS 7 machine I always get error in /var/log/maillog

Mar 15 19:08:38 host sendmail[1521]: u2FN8cfK001521: from=root, size=23, class=0, nrcpts=1, msgid=<201603152308.u2FN8cfK001521@host.example.com>, relay=root@localhost
Mar 15 19:08:38 host sendmail[1522]: u2FN8cTc001522: from=<root@host.example.com>, size=328, class=0, nrcpts=1, msgid=<201603152308.u2FN8cfK001521@host.example.com>, proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1]
Mar 15 19:08:38 host sendmail[1521]: u2FN8cfK001521: to=myemail@gmail.com, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30023, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (u2FN8cTc001522 Message accepted for delivery)
Mar 15 19:08:38 host sendmail[1524]: STARTTLS=client, relay=gmail-smtp-in.l.google.com., version=TLSv1/SSLv3, verify=FAIL, cipher=ECDHE-RSA-AES128-GCM-SHA256, bits=128/128
Mar 15 19:08:39 host sendmail[1524]: u2FN8cTc001522: to=<myemail@gmail.com>, ctladdr=<root@host.example.com> (0/0), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=120328, relay=gmail-smtp-in.l.google.com. [IPv6:2607:f8b0:400d:c06::1a], dsn=5.0.0, stat=Service unavailable
Mar 15 19:08:39 host sendmail[1524]: u2FN8cTc001522: u2FN8dTc001524: DSN: Service unavailable
Mar 15 19:08:39 host sendmail[1524]: u2FN8dTc001524: to=<root@host.example.com>, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=31588, dsn=2.0.0, stat=Sent
Farmi
  • 379
  • 1
  • 4
  • 17
  • The `dsn=5.0.0, stat=Service unavailable` part indicates that gmail rejected the message with a "permanent" 500-class error. That resulted in a non-delivery receipt going back to the sender address (root@host.example.com). Do you have this NDR? It should include details about what SendMail specifically didn't like. – Mike B Mar 16 '16 at 16:34
  • @MikeB Yes, correct this is what I get from under /var/spool/mail/root with NDR `while talking to gmail-smtp-in.l.google.com.:> DATA < 550-5.7.1 [2607:5300:60:9f2a::1] Our system has detected an unusual rate < 550-5.7.1 of unsolicited mail originating from your IP address. To protect our < 550-5.7.1 users from spam, mail sent from your IP address has been blocked.< 550-5.7.1 Please visit < 550-5.7.1 https://support.google.com/mail/answer/81126 to review our Bulk Email < 550 5.7.1 Senders Guidelines. - gsmtp 554 5.0.0 Service unavailable` if you look at the IP through which it is trying v6? – Farmi Mar 16 '16 at 21:14
  • Yup. Looks like IPv6. If you don't want to use IPV6, please see: http://serverfault.com/questions/512615/how-to-stop-sendmail-sending-mail-from-ipv6-instead-of-ipv4 – Mike B Mar 16 '16 at 23:02
  • @MikeB so, how would it look like for me with IP v4 address as 51.80.19.24 and IPv6 as [2407:5310:62:9f2a:: 1]? will it be `CLIENT_OPTIONS(`Family=inet6,Addr=::2407:5310:62:9f2a:: 1:51.80.19.24')dnl` – Farmi Mar 19 '16 at 23:07

1 Answers1

1

It appears that unlike other public mail servers(Yahoo!, Hotmail) Gmail must verifies corresponding IP address under SPF record. And since sendmail was keep sending emails via IPv6, it was not there in SPF record. So all I did was to simply add IPv6 into SPF record and all went fine.

So, now my SPF record looks something like this

v=spf1 mx a ip6:2547:2200:60:9a2a::/64 ip4:44.33.33.104/32 a:mail.example.org include:example.org ~all

Farmi
  • 379
  • 1
  • 4
  • 17