Using GMail as SMTP

Hi, I've switched our emails over to Google Apps (changed the MX records) plus i followed the directions set out here; CS-Cart Documentation — CS-Cart 4.15.x documentation to make sure that Im authenticating to google and sending out my emails properly.



The problem is, whenever we update an order status in the Admin, the customer DOES get the email, but we also get a failure message in our inbox saying;



==

Delivery to the following recipient failed permanently:



user@email.com



Technical details of permanent failure:

Message rejected. See [url=“Fix bounced or rejected emails - Gmail Help”]http://support.google.com/mail/bin/answer.py?answer=69585[/url] for more information.

==



It appears that Google is seeing the email as spam for some reason. Its already locked our account once for 'abuse' and I had to fill out a captcha form to unlock it again. This error message updates every time we change an order status and nominate for the customer to be notified by email.



Interestingly, the same email account is used for our 'Contact-Us' form on our website, and sending through this form does not generate the same error.



Has anyone experienced this issue when they started using Gmail for emails in CS Cart?



Thanks,



Scott.

I've been using the Google Apps method for some time now and once I finally got it working, have had no further problems. What you describe above seems very strange. I'm assuming you put:



smtp.gmail.com:465



into the smtp host field…

this might help as well [url=“http://graphicmaniacs.com/note/setting-up-cs-cart-to-send-e-mails-via-gmail-ssl-google-apps/”]http://graphicmaniacs.com/note/setting-up-cs-cart-to-send-e-mails-via-gmail-ssl-google-apps/[/url]

My bet is that you have a DNS issue related to reverse-lookup. I.e. your IP address is not resolving to the domain name that you told Google was you. If you're on a Linux system, you can us the 'host' command “host IP” and it should return your domain name. If not, contact your host/registrar and have them fix it.

Thanks for the help guys. I ended up ditching Google for SMTP and went back to the webserver to handle the emails. The final straw was changing an order status and getting a message from Google saying; “sending quota exceeded for the day” - and I had sent about 20 emails in total.

[quote name='tbirnseth' timestamp='1330644139' post='132430']

My bet is that you have a DNS issue related to reverse-lookup. I.e. your IP address is not resolving to the domain name that you told Google was you. If you're on a Linux system, you can us the 'host' command “host IP” and it should return your domain name. If not, contact your host/registrar and have them fix it.

[/quote]



Tony, yesterday my hosting company upgraded my VPS to CentOS 6.2 (was running 4.x). This caused several issues with my CS-Cart installation, but the remaining one that I can't seem to fix is the sending of email notifications. I have been using SMTP to send out emails for a while now and it has been working flawlessly, but as of this upgrade, it's broken. I contacted my host and they don't think it's their problem. Could it be a DNS issue? If so, how do I track it down? My SMTP host is set to: smtp.gmail.com:465 This is the way it's been for months, and working fine.

Did you try the reverse-lookup I outlined above? That is the most common source of SMTP rejections from an authenticated SMTP request because it never gets to the authentication before it's rejected.



I'm sure you had a really good need to upgrade. Your host should be able to review the maillog and identify why the requests are being rejected.

[quote name='tbirnseth' timestamp='1336155303' post='135846']

Did you try the reverse-lookup I outlined above? [/quote]



How do I do that? Can you give a quick step-by-step?



The need to upgrade was prompted by PCI compliance issues. CentOS 4.xx is not being patched for certain issues and these were causing my PCI scans to fail.

The IP address for your store is returning server.kingsleyhosting.com.

If you are trying to send mail via google as kingsleypress.com then it will fail.

Have them fix the PTR entry in your DNS and it will be one step closer to working.



To get the PTR record:

login to our vps via ssh or other remote shell.

run the command

host

where is the IP address of your store.

OK I will look into that…but do you really think something like this PTR record you mention could have changed just from a server upgrade?

Doubtful, but possible.

But it's more likely that Google increaed their security by requiring an IP address to be authentic and to match the 'Helo' parameter passed in the protocol.

Well, my VPS doesn't host only my ecommerce site. I also sell hosting space to other businesses. My server name is server.kingsleyhosting.com (not kingsleypress.com) because I trade as Kingsley Hosting. It's always been that way. And as I say, Google Apps email has always just worked…until now.



It would be a huge coincidence if Google changed their policy at exactly the same time I upgraded my server, but I guess it's possible.

I can't sit here and tell you a definitive answer. All I can do is relay my experience and understanding of how things work.

If I were running an SMTP host and I was getting mail with a FROM line of domain.com but when I look up the IP address and it returned someotherdomain.com, I would consider this as possibly a relay attempt.



Whether that's the case in your case, I have no idea. Why are you using gmail as an SMTP server when you have a VPS?

[quote name='tbirnseth' timestamp='1336243818' post='135916']Why are you using gmail as an SMTP server when you have a VPS?

[/quote]



I just like Google's spam filtering, and their webmail is much better than what's available through my VPS. I also like that I can set up email on my iDevices as push (instead of fetch) with using GoogleSync.

spam filtering and what email reader you use has nothing to do with which SMTP server you use for “sending” mail from your site.

My reasoning would be that I would like the emails going to my customers to be seen to come from my store's domain. And since I've already decided to use Google's mail servers, that would be the logical choice for which SMTP server sends mail from my site.

The mail is see to come “From” the “From” address.

If a site (or smtp server) wants to try and verify that the “From” address comes from an IP that is associated with the domain in the “From” field, then the PTR record we talked about earlier comes into play.



You are simply using your gmail account as a way to tell gmail's smtp servers that it's okay to send mail from any address you've specified in the “From” field because you've authenticated with the SMTP server. But that server has nothing to do with how your mail is viewed by a customer (or their spam/virus environment) You could use gmails SMTP server to send an email “From” my domain if you wanted to. That's what makes spam so easy and why those PTR records are important. Many SMTP servers will require the authentication to match with the From address to avoid you authenticating as you (personally) and then sending as a different domain.



I'm kind of done with this discussion. You can find a lot of good information on how SMTP works and how spam is detected and what the goals of SMTP authentication (I.e. the HELO or EHELO SMTP command) are about.

OK well I thank you for your time and help. My web host techs have been looking into this today and this is what they said:



[font=Verdana, Arial, Helvetica][size=1]Everything is set up correctly on the server, all ports that need to be open are open, SMTP_Tweak in WHM is disabled, and SMTP_BLOCK is disabled in the CSF firewall. These should be the only obstacles standing between the script and google. I can even connect to Google's SMTP server from shell, which lets me know everything is open:[/size][/font]



[font=Verdana, Arial, Helvetica][size=1]-bash-4.1# hostname[/size][/font]

server.kingsleyhosting.com

[font=Verdana, Arial, Helvetica][size=1]-bash-4.1# telnet [/size][/font]smtp.gmail.com[font=Verdana, Arial, Helvetica][size=1] 587[/size][/font]

[font=Verdana, Arial, Helvetica][size=1]Trying [/size][/font]173.194.68.108[font=Verdana, Arial, Helvetica][size=1]…[/size][/font]

[font=Verdana, Arial, Helvetica][size=1]Connected to [/size][/font]smtp.gmail.com[font=Verdana, Arial, Helvetica][size=1].[/size][/font]

[font=Verdana, Arial, Helvetica][size=1]Escape character is '^]'.[/size][/font]

[font=Verdana, Arial, Helvetica][size=1]220 [/size][/font]mx.google.com[font=Verdana, Arial, Helvetica][size=1] ESMTP s20sm33841246qap.16[/size][/font]



[font=“Verdana, Arial, Helvetica”][size=“2”]They also suggested I try the tweaks here:[/size][/font]



[url=“http://graphicmaniacs.com/note/setting-up-cs-cart-to-send-e-mails-via-gmail-ssl-google-apps/”]http://graphicmaniacs.com/note/setting-up-cs-cart-to-send-e-mails-via-gmail-ssl-google-apps/[/url]



which I did, but this did not resolve anything.



I have now submitted a ticket to CS-Cart Helpdesk. My hosting techs believe it is a problem in the coding. I'll report back with their findings.