I had another run in with AOL today. I got bounced mail from a customer with the following error messages in it:
----- Transcript of session follows ----- ... while talking to mailin-01.mx.aol.com.: DATA <<< 421-: (RLY:CS4) http://postmaster.info.aol.com/errors/421rlycs4.html <<< 421 SERVICE NOT AVAILABLE ... while talking to mailin-02.mx.aol.com.: DATA <<< 554-: (RLY:CS4) http://postmaster.info.aol.com/errors/554rlycs4.html <<< 554 TRANSACTION FAILED
So I checked the error message and it said that there was a compromised script on my server. OK, yeah right. I called AOHell and they opened a trouble ticket. I then tested sending email to an AOL account I setup and it worked fine. I then tried sending mail from a PHP script. It failed with the same error message which got me looking down the right path. My script was extremely simple, so I didn’t understand why it was being rejected. I searched on the net and didn’t find anything. I looked at the headers and the only thing that struck me was the X-Envelope-From address was firstname.lastname@example.org. Hmmm. So more searching and found a reference to php.ini. I looked in there and found:
; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). sendmailpath = /usr/sbin/sendmail -t -i
so I changed it to:
; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). sendmailpath = /usr/sbin/sendmail -t -i -f email@example.com
Low and behold, I can now send email from my scripts to AOL users. So AOL’s error message is misleading and their detection is wrong. They check for apache@domainname and assume that it is from a compromised script. Lovely. This is a misguided attempt by AOL to combat spam.
Anyway, hopefully someone else that encounters this problem now has a fix.