Keywords: SMTP error 554 | reverse DNS | DNS blacklist
Abstract: This article explores the common causes of SMTP error 554 "Message does not conform to standards", focusing on reverse DNS lookup failures and DNS blacklist issues. By analyzing a case study from MDaemon mail server logs, it explains how to diagnose and fix such errors, including configuring PTR records, checking email header formats, and handling DNS-BL failures. Combining technical principles with practical examples, it provides a systematic troubleshooting guide to help administrators resolve email delivery problems effectively.
Introduction
In email transmission, SMTP (Simple Mail Transfer Protocol) error code 554 typically indicates "Message does not conform to standards", a vague but common issue. This article analyzes the causes and solutions based on a real-world case. In this case, a user using MDaemon as a mail server encountered error 554 when sending emails from a specific machine, while other machines worked fine. By examining server logs, we can identify key problem points.
Error Cause Analysis
SMTP error 554 is often triggered when the receiving server detects that email headers or content do not comply with RFC standards. In the provided logs, the error occurs during the data transfer phase (after 354 Enter mail, end with .), indicating the server found an issue while checking email content. Primary causes include:
- Reverse DNS (PTR) Lookup Failure: The log shows "No PTR records found", meaning the sending machine's IP address (80.78.72.135) lacks a valid reverse DNS record. Many mail servers use PTR lookups to verify sender identity and prevent spam. If PTR records are missing or mismatched, the server may reject the email.
- DNS Blacklist (DNS-BL) Failure: The log entry "relays.ordb.org - failed" indicates the sending IP is listed in a blacklist. DNS-BL is an anti-spam tool; if an IP address is flagged as a spam source, servers may return error 554.
- Email Header Format Issues: From or To headers may contain invalid characters, incorrect formatting, or mismatched domains. For example, if the domain in the email header does not match the PTR record, the server might deem the email non-compliant.
Other potential causes include SPF (Sender Policy Framework) misconfiguration or email content violating server policies, but in this case, SPF check passed ("Result: pass"), so focus should be on PTR and DNS-BL.
Solutions
To address these causes, follow these steps:
- Configure Reverse DNS (PTR) Records: Contact the Internet Service Provider (ISP) or system administrator to set up correct PTR records for the sending machine's IP address (80.78.72.135). The PTR record should resolve the IP reversely to a domain name, e.g.,
135.72.78.80.IN-ADDR.ARPApointing to a valid hostname. This helps establish sender reputation. - Handle DNS Blacklist Issues: Check if the sending IP is mistakenly listed in blacklists. Visit sites like
relays.ordb.orgto query IP status and request removal if applicable. Ensure the machine is not infected with malware or acting as an open relay. - Verify Email Header Format: Inspect email client or application configurations to ensure From and To headers comply with RFC standards. For example, use code to validate headers:
import re headers = "From: sender@example.com\nTo: recipient@example.com" if re.match(r"^From: .*@.*\..*$", headers, re.MULTILINE): print("Header format valid") else: print("Invalid header")This Python code checks if the From header contains a valid email format. - Adjust Server Configuration: In MDaemon, SMTP settings can be adjusted to relax certain checks, but this may increase spam risk. It is recommended to fix root causes first.
Case Study Deep Dive
From the logs, the error occurs after the message size report ("Message size: 389 bytes"), immediately followed by the 554 error. This suggests the server performed a final validation after receiving the complete email content. Key points include:
- The PTR lookup failure is an early warning, but the server continued processing (SPF passed) until email content check triggered the error.
- DNS-BL failure (relays.ordb.org) might directly cause error 554, as many servers use blacklist results as rejection criteria.
- Since other machines work normally, the issue is specific to this machine's network or configuration, not global server settings.
In practice, a step-by-step approach is advised: first fix PTR records, then address blacklists, and finally check email content. For example, use command-line tools to test PTR: nslookup -type=PTR 135.72.78.80.in-addr.arpaIf it returns "domain name unknown", configuration is needed.
Conclusion
SMTP error 554 often stems from sender verification issues, such as missing reverse DNS or IP blacklisting. Through systematic diagnosis and repair, email delivery failures can be effectively resolved. Key steps include configuring PTR records, clearing blacklists, and ensuring header compliance. Based on a real case, this article provides technical analysis and solutions to help administrators maintain email system reliability.