Another run in with AOL

I had another run in with AOL today. I got bounced mail from a customer with the following error messages in it:

   ----- Transcript of session follows -----
... while talking to
<<< 421-:  (RLY:CS4)
... while talking to
<<< 554-:  (RLY:CS4)

So I checked the error message and it said that there was a compromised script on my server. OK, yeah right. I called AOHell and they opened a trouble ticket. I then tested sending email to an AOL account I setup and it worked fine. I then tried sending mail from a PHP script. It failed with the same error message which got me looking down the right path. My script was extremely simple, so I didn’t understand why it was being rejected. I searched on the net and didn’t find anything. I looked at the headers and the only thing that struck me was the X-Envelope-From address was Hmmm. So more searching and found a reference to php.ini. I looked in there and found:

; For Unix only.  You may supply arguments as well (default: "sendmail -t -i").
sendmail_path = /usr/sbin/sendmail -t -i

so I changed it to:

; For Unix only.  You may supply arguments as well (default: "sendmail -t -i").
sendmail_path = /usr/sbin/sendmail -t -i -f

Low and behold, I can now send email from my scripts to AOL users. So AOL’s error message is misleading and their detection is wrong. They check for apache@domainname and assume that it is from a compromised script. Lovely. This is a misguided attempt by AOL to combat spam.

Anyway, hopefully someone else that encounters this problem now has a fix.

Leave a Reply

Your email address will not be published. Required fields are marked *