Another run in with AOL

I had another run in with AOL today. I got bounced mail from a customer with the following error messages in it:

   ----- Transcript of session follows -----
... while talking to mailin-01.mx.aol.com.:
DATA
<<< 421-:  (RLY:CS4) http://postmaster.info.aol.com/errors/421rlycs4.html
<<< 421 SERVICE NOT AVAILABLE
... while talking to mailin-02.mx.aol.com.:
DATA
<<< 554-:  (RLY:CS4) http://postmaster.info.aol.com/errors/554rlycs4.html
<<< 554 TRANSACTION FAILED

So I checked the error message and it said that there was a compromised script on my server. OK, yeah right. I called AOHell and they opened a trouble ticket. I then tested sending email to an AOL account I setup and it worked fine. I then tried sending mail from a PHP script. It failed with the same error message which got me looking down the right path. My script was extremely simple, so I didn’t understand why it was being rejected. I searched on the net and didn’t find anything. I looked at the headers and the only thing that struck me was the X-Envelope-From address was apache@linux.gruby.com. Hmmm. So more searching and found a reference to php.ini. I looked in there and found:

; For Unix only.  You may supply arguments as well (default: "sendmail -t -i").
sendmail_path = /usr/sbin/sendmail -t -i

so I changed it to:

; For Unix only.  You may supply arguments as well (default: "sendmail -t -i").
sendmail_path = /usr/sbin/sendmail -t -i -f anotheraddress@domain.com

Low and behold, I can now send email from my scripts to AOL users. So AOL’s error message is misleading and their detection is wrong. They check for apache@domainname and assume that it is from a compromised script. Lovely. This is a misguided attempt by AOL to combat spam.

Anyway, hopefully someone else that encounters this problem now has a fix.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>