3

UPDATE: It turns out that it took several hours for my changes to take effect. So everything's fine now. But I hope this question and answer will be useful for someone.

I have a domain name which I've owned for a couple of years, but haven't previously used for anything. I'm now trying to set up an email address under this domain name: specifically, I've set up email forwarding with my domain registrar (porkbun.com) which points to my real email account on GMail.

I have tried to send several test messages to the new address (from a separate GMail account), but they are all rejected with the following error message:

The response from the remote server was:
554 5.7.1 <user@domain.info>: Relay access denied

[of course, the actual error message contains the actual email address]

Now, I have two other domains registered with Porkbun, and have previously had several other domains registered with Porkbun and other registrars, and have successfully used email forwarding with all of them. I have not done anything unique with the configuration of the problem domain.

Anyway, it seems to me that the first step in troubleshooting is to find where the error is occurring. I have opened the raw text of the bounced messages and found that there is no reference to "porkbun.com". Based on that, I am guessing that the messages are being rejected by Porkbun ... but I don't have a deep understanding of how email works.

So, what next? (other than contacting Porkbun support, which will have to wait until tomorrow)

caelia
  • 53

1 Answers1

3

Your domain's MX records are pointing to mail servers that aren't configured to accept mail for that domain. ("Relay access denied" means the server does not recognize the envelope-'To' domain as neither incoming nor outgoing, and is assuming that you're trying to bounce off it as a third party.)

  1. First, verify that the domain is delegated to the correct nameservers which store your DNS records. (You're probably using the ones provided by your registrar, Porkbun.) One tool for doing so is dnstracer:

    > dnstracer -s. yahoo.com

    Tracing to yahoo.com[a] via A.ROOT-SERVERS.NET, maximum of 3 retries
A.ROOT-SERVERS.NET [.] (2001:0503:ba3e:0000:0000:0000:0002:0030) 
|___ d.gtld-servers.net [com] (2001:0500:856e:0000:0000:0000:0000:0030) 
|     |___ ns4.yahoo.com [yahoo.com] (98.138.11.157) Got authoritative answer

    If you don't have dnstracer, try this online version. (Unfortunately, the online version of actual dnstracer seems to be down now, but this one seems to do the job well enough. You are looking for the "Received referral response" part here – the "authoritative response" part is secondary.)

    Doing this manually with an *.info domain:

    1. Find the nameservers for info:

      > nslookup -q=ns info

      info name server b2.info.afilias-nst.org.

    2. Ask those nameservers about your domain:

      > nslookup -q=ns example.info b2.info.afilias-nst.org

      example.info name server curitiba.ns.porkbun.com

    Porkbun has instructions for switching nameservers, as well as a list of the correct nameservers for use with their provided DNS control panel.

  2. Then, use host -t mx ... or nslookup -q=mx ... to look up the MX records of your domain and verify that the domain is pointing to the correct mail servers.

    > nslookup -q=mx yahoo.com

    yahoo.com mail is handled by 1 mta7.am0.yahoodns.net.

    It's worth also making a direct check against your domain's nameservers from step 2.2 (instead of going through the usual resolvers you use):

    > nslooukp -q=mx example.info curitiba.ns.porkbun.com

    Porkbun has a list of expected MX records for their "email forwarding" service.

  3. If the MX records are pointing to the correct SMTP servers, call technical support of whoever runs those mailservers.

grawity
  • 501,077