IGT IT security
Welcome to IGT and the world of gas regulators. As we care for your security in using our products, we also care about our it-security. A lot actually. So much in fact that we don’t take shortcuts and risk our own and our clients data.
Therefore we use CloudPros www.cloudpros.dk. A local Danish no-compromise approach to IT delivery and security.
At Cloudpros they evaluate the incoming email based on SPF, DKIM and DMARC result of an incoming email in order to determine if the From Address can be verified as a trusted sender. If DMARC does not pass, the From Address cannot be used to verify the trusted sender status, and the full spam weight of the email will be applied.
What is SPF?
Sender Policy Framework (SPF) is used to authenticate the sender of an email. With an SPF record in place, Internet Service Providers can verify that a mail server is authorized to send email for a specific domain. An SPF record is a DNS TXT record containing a list of the IP addresses that are allowed to send email on behalf of your domain.
SPF has become exceedingly vital to help verify which sending infrastructure can relay email on behalf of your domain. Implementing SPF for email provides major benefits.
What is DKIM?
DKIM, or DomainKeys Identified Mail, is an email authentication method that uses a digital signature to let the receiver of an email know that the message was sent and authorized by the owner of a domain. Once the receiver determines that an email is signed with a valid DKIM signature it can be confirmed that the email’s content has not been modified. In mist cases, DKIM signatures are not visible to end-users, the validation is done on a server level. If DKIM is used together with DMARC, or SPF you can protect your domain against malicious emails sent from domains impersonating your brand.
What is DMARC?
DMARC, which stands for “Domain-based Message Authentication, Reporting & Conformance”, is an email authentication, policy, and reporting protocol. It builds on the widely deployed SPF and DKIM protocols, adding linkage to the author (“From:”) domain name, published policies for recipient handling of authentication failures, and reporting from receivers to senders, to improve and monitor protection of the domain from fraudulent email.
DMARC is a key component of a brand’s email security and deliverability strategy as it enables: Visibility – Monitor emails sent using our domain to ensure they are properly authenticated using SPF and/or DKIM.
IGT Brand Protection – Block spoofed messages that might damage our brand’s reputation with customers.
This was made because DMARC is the only check available that can confirm that the From Address listed in the email is associated to the SPF record available. This check ensures that the From Address cannot be spoofed, then automatically trusted just because the From Address is listed as a trusted sender.
In the example we provided, this email had the full spam weight applied because there is no DMARC record available. To correctthis issue with the email not beingverified as a trusted sender, DMARC must beadded by the sender.
Otherwise you can end up in the spamfolder or get the email deleted altogether.
When you get an error when trying to email us at Integrated Gas Technology and it fails, to investigate we need the contents of the error email sent to us via our homepage www.igt-lpg.com where we will provide a contact formular for you to use for the error email.
Sometimes your SMTP server may return a particular error message. The problem is that it will generally be very cryptic, like “550 Requested action not taken: mailbox unavailable” or “421 Try again later”.
First of all: not any reply code is an error. Sometimes it’s just a response containing a detail about the server or an answer to a command. Secondly: any code consist of three digits, and each conveys a particular information. The first one defines whether the server has accepted the command, fulfilled an action, run into a temporary issue, encountered an error etc; the second and the third one refine the description further, stating if there’s been a syntactic problem, or a connection trouble etc.
Unfortunately, different servers sometimes use these codes in a different way, making the whole thing even more complicated… Anyhow, the most critical series of error messages is the 5xx one, and especially the ones from 550 to 559. In particular, you will probably get a lot of 550 SMTP error codes – that is, a problem that concerns the recipient’s email address.
Finally, remember that it’s much easier to deal with these error codes if you choose to rely on a professional SMTP server that will help you solve any issue. www.cloudpros.dk for instance, comes with a 24/7 customer support: you can use them and forget these issues once and for all.
HOW TO SOLVE IT / WHAT TO DO
The server is unable to connect.
Try to change the server’sname (maybe it was spelt incorrectly) or the connection port.
Connection refused or inability to open an SMTP stream.
This errornormallyrefers to a connection issue with the remote SMTP server, depending on firewalls or misspelled domains. Double-check all the configurations and in case ask yourprovider.
System status message or helpreply.
It comes with more information about the server.
A response to the HELP command.
It contains information aboutyourparticular server, normallypointing to a FAQ page.
The server is ready.
It’s just a welcome message. Just read it and be happy thateverything is working (so far)!
The server is closingits transmission channel. It cancome with side messages like “Goodbye” or “Closingconnection”.
The mailing session is going to end, whichsimplymeansthat all messages have beenprocessed.
Itstypical side message is “Requested mail action okay completed”: meaningthat the server has transmitted a message.
The oppsite of an error: everything has worked and youremail has beendelivered.
“User not localwill forward”: the recipient’s account is not on the present server, so it willberelayed to another.
It’s a normal transfer action.
The server cannotverify the user, but it willtry to deliver the message anyway.
The recipient’semail account is valid, but not verifiable. Normally the server relays the message to anotheronethatwillbeable to check it.
The side message canbeverycryptic (“Start mail input end <CRLF>.<CRLF>”). It’s the typicalresponse to the DATA command.
The server has received the “From” and “To” details of the email, and is ready to get the body message.
“Timeout connection problem”: there have been issues during the message transfer.
This error message is producedonly by GroupWise servers. Eitheryouremail has beenblocked by the recipient’s firewall, or there’s a hardware problem. Check with yourprovider.
The service is unavailable due to a connection problem: it mayrefer to an exceeded limit of simultaneousconnections, or a more general temporary problem.
The server (yours or the recipient’s) is not available at the moment, so the dispatchwillbetriedagainlater.
The recipient’smailbox has exceededitsstorage limit.
Best is to contactcontact the user via anotherchannel to alert him and ask to createsomefreeroom in his mailbox.
Not enoughspace on the disk, or an “out of memory” condition due to a file overload.
This errormaydepend on toomany messages sent to a particular domain. Youshouldtryagain sending smaller sets of emailsinstead of one big mail-out.
Typical side-message: “The recipient’s Exchange Server incoming mail queue has beenstopped”.
It’s a Microsoft Exchange Server’s SMTP errorcode. Youshouldcontact it to get more information: generally it’s due to a connection problem.
The recipient’s server is not responding.
There’s an issue with the user’sincoming server: yourswilltryagain to contact it.
The connectionwasdroppedduring the transmission.
A typicalnetworkconnection problem, probably due to your router: check it immediately.
The maximum hop countwasexceeded for the message: an internal loop has occurred.
Ask your SMTP provider to verifywhat has happened.
Youroutgoing message timed out because of issues concerning the incoming server.
This happens generally whenyouexceededyourserver’s limit of number of recipients for a message. Try to send it againsegmenting the list in different parts.
A routing error.
Like error 432, it’srelatedonly to Microsoft Exchange.
“Requested action not taken – The user’smailbox is unavailable”. The mailbox has beencorrupted or placed on an offline server, or youremailhasn’tbeenaccepted for IP problems or blacklisting.
The server willretry to mail the message again, aftersome time. Anyway, verifythat is working on a reliable IP address.
“Requested action aborted – Local error in processing”. YourISP’s server or the server thatgot a firstrelay from yours has encountered a connection problem.
It’snormally a transient error due to a message overload, but it canreferalso to a rejection due to a remote antispam filter. If it keepsrepeating, ask your SMTP provider to check the situation. (If you’re sending a large bulk email with a freeonethatcanbe a common issue).
Too manyemails sent or toomany recipients: more in general, a server storage limit exceeded.
Again, the typical cause is a message overload. Usually the nexttrywillsucceed: in case of problems on yourserver it willcome with a side-message like “Out of memory”.
An error of your mail server, often due to an issue of the local anti-spam filter.
Contact your SMTP service provider to fix the situation.
A syntaxerror: the server couldn’trecognize the command.
It maybecaused by a bad interaction of the server with your firewall or antivirus. Read carefullytheirinstructions to solve it.
Anothersyntaxerror, not in the command but in its parameters or arguments.
In the majority of the times it’s due to an invalid emailaddress, but it canalsobeassociated with connection problems (and again, an issue concerningyour antivirus settings).
The command is not implemented.
The command has not beenactivatedyet on yourown server. Contact yourprovider to know more about it.
The server has encountered a bad sequence of commands, or it requires an authentication.
In case of “bad sequence”, the server has pulled offitscommands in a wrongorder, usuallybecause of a brokenconnection. If an authentication is needed, youshould enter yourusername and password.
A command parameter is not implemented.
Like error 501, is a syntax problem; youshould ask yourprovider.
One of the addresses in your TO, CC or BBC line doesn’texist. Check againyour recipients’ accounts and correctanypossiblemisspelling.
A DNS error: the host server for the recipient’s domain namecannotbefound.
“Address type is incorrect”: another problem concerningaddressmisspelling. In few cases, however, it’srelated to an authentication issue.
Doublecheck your recipients’ addresses and correctanymistake. If everything’s ok and the errorpersists, thenit’scaused by a configuration issue (simply, the server needs an authentication).
The total size of yourmailingexceeds the recipient server’s limits.
Re-send your message splitting the list in smaller subsets.
Normally, an authentication problem. But sometimesit’sabout the recipient’s server blacklistingyours, or an invalid emailaddress.
Configureyoursettingsproviding a username+passwordauthentication. If the errorpersists, check all your recipients’ addresses and ifyou’vebeenblacklisted.
The recipient addressrejectedyour message: normally, it’s an errorcaused by an anti-spam filter.
Your message has beendetected and labeled as spam. You must ask the recipient to whitelist you.
It usuallydefines a non-existentemailaddress on the remote side.
Though it canbereturnedalso by the recipient’s firewall (or when the incoming server is down), the greatmajority of errors 550 simplytellthat the recipient emailaddressdoesn’texist. Youshouldcontact the recipient otherwise and get the right address.
“User not local or invalid address – Relay denied”. Meaning, ifbothyouraddress and the recipient’sare not locallyhosted by the server, a relaycanbeinterrupted.
It’s a (not veryclever) strategy to preventspamming. Youshouldcontactyour ISP and ask them to allowyou as a certified sender. Of course, with a professional SMTP provider like www.cloudpros.dkyou won’t ever deal with this issue.
“Requested mail actions aborted – Exceededstorageallocation”: simply put, the recipient’smailbox has exceededits limits.
Try to send a lighter message: thatusuallyhappenswhenyoudispatchemails with big attachments, so check themfirst.
“Requested action not taken – Mailboxname invalid”. That is, there’s an incorrectemailaddressinto the recipients line.
Check all the addresses in the TO, CC and BCC field. Thereshouldbe an error or a misspellingsomewhere.
This meansthat the transaction has failed. It’s a permanent error and the server will not try to send the message again.
The incoming server thinksthatyouremail is spam, or your IP has beenblacklisted. Check carefullyifyouended up in some spam lists.
Message to big for system.
You need to contact your vendor to make sure they can send or accept the size of the attachments. Consider that email is not designed for exchange of large files and they should be deleted from the inbox after the receipt.
Domain does not accept email.
Server is closed or down for maintenance.
Email Status codes
This is the codes that give more detail to the overall codes exchanged between mailservers.
For example, if you specify the recipient of the email with the RCPT TO command, the SMTP server may respond with 250 2.1.5 Recipient OK. This code means that not only is your command successful, but the address of the recipient at the server has also been accepted.
SMTP plays a critical role in the email infrastructure of the Internet. It’s easy to implement it in your technology stack, but when things go wrong it’s hard to decipher what those SMTP codes mean.
The SMTP specification defined basic status codes that were published in 1982. Because the codes were originally designed to report on the outcome of an SMTP command, their lack of detail made them unsuitable for delivery reports.
To make things more complicated, some servers would assign the same error code to different delivery failures. Others would assign a code that only explained its meaning in the text description. Inconsistent application of the codes meant it was difficult to resolve mail sending issues!
Enter the enhanced status codes. They extend the basic status codes by providing more detail about the cause of the email delivery failure. Similarly, they also consist of 3-digit numbers separated by decimals. Let’s take a look at how to read them next.
The first digit of a basic status code tells the sending server whether the response is good, bad or incomplete:
Positive Completion Reply
The requested action has been successfully completed.
Positive Intermediate Reply
The command is accepted but more information is needed before proceeding.
Transient Negative Completion Reply
The command was not accepted and no action was taken. This error is seen as temporary (soft bounce) and the sender can try again later.
Permanent Negative Completion Reply
The command was not accepted and no action was taken. This is a permanent error (hard bounce) and the sender should not repeat the command.
The second digit puts the SMTP response into a specific category:
Responses about commands or parameters.
Responses to requests for more information.
Responses about the transmission channel.
Responses about the status of the receiving mail server.
Like the basic status codes, the first digit defines the class to which the code belongs.
The requested mail action is okay and completed.
Persistent Transient Failure
Temporary conditions will cause the message to be delayed or abandoned.
The message in its current form cannot be delivered.
The second digit identifies the subject of the SMTP reply code:
Other or Undefined Status
Mail System Status
Network and Routing Status
Mail Delivery Protocol Status
Message Content or Media Status
Security or Policy Status
This was a little technical walkthrough of the “other” side of emailexchange and when everything is configured correctly, we don’t see any issues at all.
As stated before, there are 3 very important things to make sure are working correctly.
SPF (Sender Policy Framework), DKIM signature and DMARC.
When all of these are in place, you don’t end up getting deleted or in a spam folder.