Solved 504 Email not sending error

Currently reading
Solved 504 Email not sending error

239
35
NAS
DS918+
Operating system
  1. macOS
Mobile operating system
  1. iOS
I'm assuming an entry in my logs (in Log Centre) is related to my email server failing to BCC all messages. "Failed to send email (504 Authentication method not enabled). The mail server log shows a user "SYSTEM" failing to send.

I want all mail which passes through this mail server to BCC to an archive account so that's all set up. Currently its not! How do I make it work?
 
I see. You could’ve posted the question under the mail server package :)
Soz. I shall hand myself in to the Moderators and expect a beating. :oops:
When you check the log, do you see the BCC email as sent?
No, I get errors! As I mentioned, "Failed to send email (504 Authentication method not enabled)." in Log Centre, system log, SYSTEM (sic) user. In the Mail Server log, SYSTEM is a sender sending to my external archive address and getting stsus "failed'. No sign at the mail archive mailbox so not getting out.

I'm unclear the status of user SYSTEM, whether it needs authentication to use the SMTP (which is required generally. I can send email as a normal user.
 
Soz. I shall hand myself in to the Moderators and expect a beating. :oops:
Don’t worry about it. I meant that it’ll be clear that you’re talking about Mail Server :)
I'm unclear the status of user SYSTEM, whether it needs authentication to use the SMTP (which is required generally. I can send email as a normal user.
I’m not sure what’s the difference between my settings and yours. Didn’t do anything special.
The BCC email should be handled as any other email.

What I tested is add a rule in the “To address” which is a mail recipient on the Synology mail server and then added a BCC to an outside service (proton email) and I sent from a yahoo account to the person on the Synology server. An email was sent (can see it mail log) to proton mail and was received. The sender is the same (the yahoo account).
 
Naturally, I get a different result on another Syno NAS (same model etc). The BCC mail appears to be sent. But it hasn't turned up at its destination yet...
I tested is add a rule in the “To address” which is a mail recipient on the Synology mail server and then added a BCC to an outside service (proton email)
I'm trying "all messages" and sending to an outside email account. Or not as seems to be the case.
 
I should mention that I found the email in the spam folder (on proton mail).
Just looking in the spam trap on the outside server and no sign. The mail logs there seem to say the message was accepted (as if it came from the original sender, I guess you'd expect that with BCC?). So where these messages are going is a question I'm going to have the outside mail server support....
 
So where these messages are going is a question
Maybe this is the way Mail.app shows messages. I can see the email I think was the BCC by using my webmail for the account it was sent to. In my Mail you'd think there would be two copies, the 'original' sent to one account and the BCC sent to another. But I only see one...

More confused and it doesn't go anywhere to explain why the other Synology is failing to send.
 
Yes, it shows up as if it came from the original sender. That’s why it failed the SPF/DKIM test.
You can try another service. One of your free email accounts for testing.

In my Mail you'd think there would be two copies, the 'original' sent to one account and the BCC sent to another. But I only see one...
In my case I sent from Yahoo - Synology Mail - BCC Proton Mail

in Mail log, I see two entries:
Yahoo mail received.
Yahoo mail sent above it immediately (a few seconds in between).
 
OK, I sent an email to A N Other and it appeared in my Mail.app so the BCC 'all messages' works fine on this Synology. Off to the next...

BTW I've never paid attention to the "Return-path:" in email headers. The address I see there for these messages is a mix of the sending domain and my server's domain, creating a very odd (and non-existent) email address.
 
OK, I sent an email to A N Other and it appeared in my Mail.app so the BCC 'all messages' works fine on this Synology. Off to the next...
Good. So what’s the difference between them. That’s what you’ll need to uncover.

The address I see there for these messages is a mix of the sending domain and my server's domain, creating a very odd (and non-existent) email address.
Yes. I guess that’s why the receiving servers don’t like it and fail their SPF and DKIM. They don’t know what’s going on, it doesn’t make sense to them maybe :)
 
Good. So what’s the difference between them. That’s what you’ll need to uncover.

There's this in the log

Code:
postfix/local[25413]: postfix: SLIBUserRealNameGet(user=mail-archive) failed

My BCC is set up to send to [email protected]. mydomain.tld is also the domain in use by the mail server. It should route out, all other addresses do, they go out to an external mail filter and get sent back for local delivery. But the mail server thinks mail-archive is a local address for local delivery and fails when it can't find a user.

However, I can send and receive mail for [email protected], it gets sent to the other server, checked and returned for delivery to user annother. Ann.other isn't a user and mail-archive isn't either. So what's the difference?
 
And the answer is....

The FQDN of the mail server needs to be a subdomain because of the complex way I'm routing email. Once I added subdomain.mydomain.tld I could send to [email protected] which is actually a POP email server at another location. Otherwise I could create a user on this server but I want to archive email elsewhere.

That was easy then!
 
You could’ve posted the question under the mail server package :)
Done!


In a SMTP server the FQDN of the server is the primary domain for recognising that received mail is 'for me' and not to be relayed onwards. This mail will then be processed locally and end up in a local mailbox account. You can add secondary domains that will also be recognised as 'for me' too. Any other mail that has a different @domain.tld will be relayed out to that mail server... you should enable authentication for any connection that are attempting to relay or send mail, unless you want to get blacklisted.

The SMTP server will see the @domain.tld text an see that it is the same as its FQDN: it doesn't have to get this resolved externally to an IP because there's already a text match. This is probably where you assumed that your Mail Server using FQDN 'domain.tld', which doesn't resolve to the NAS's IP, can be used for outbound mail and the BCC address would get sent to the real MX resolution for domain.tld ... because Mail Server would do a resolution on the domain ... but it doesn't because it sees the BCC address as arriving at its destination.
 
Thanks @fredbert that was a very good explanation of what happened. I think I just set the mailserver to be mydomain.tld and it just worked. Last time I set up a mailserver I remember there was messing about with subdomains to get it going and so I thought the Synology one the dog's you know what.

ou should enable authentication for any connection that are attempting to relay or send mail, unless you want to get blacklisted.

I'm assuming you mean client email apps logging into the server to send, yes, in SMTP I have "Enable SMTP Authentication" on with ports 25, 465 and 587 open. Maybe I could close one of the latter but Appel's Mail.app says "Use TLS/SSL" but the mailserver separates the two out.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

I've not done this before but I did move my Mail Server from local account to LDAP accounts. As part of...
Replies
1
Views
900
trying to configure my DS918+ as email server that will tech emails form multiple servers: Installed...
Replies
0
Views
1,724

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top