I am trying to get splunk to connect to a unauthenticated mail server. However it is not sending the messages correctly.
python.log says:
2011-11-03 10:39:21,250 ERROR (550, 'Command RCPT failed') while sending mail to: myemailaddress
Update:
However many email addresses I send it to, the server also gets that many extra blank RCPT TO commands, thus messing it up. Is this splunk error? or server side error?
I just used a different mail server to send the splunk alerts. This seems to work! Ill just use this instead.
I just used a different mail server to send the splunk alerts. This seems to work! Ill just use this instead.
SMTP Error 550 means "Requested action not taken: mailbox unavailable". Seems like your mailserver doesn't accept the specified recipient.
no leading whitespace, no trailing whitepace, there is a comma but only to separate email addresses. Work the same with one address or two. very strange....
How does the recipient in your alert look like? Are you sure there is not leading/tailing whitespace or comma?
my mail server logs say (IPs omitted):
11:03 11:01 SMTPD( MAIL FROM:splunk@ size=1000
11:03 11:01 SMTPD >>> 250 ok
11:03 11:01 SMTPD <<< rcpt TO:
11:03 11:01 SMTPD RCPT TO:
11:03 11:01 SMTPD [x] looking up gmail.com in HOSTS
11:03 11:01 SMTPD >>> 250 ok its for
Then it says
11:03 11:01 SMTPD<<< rcpt TO:<>
11:03 11:01 SMTPD RCPT TO:<>
11:03 11:01 SMTPD >>> 550 Command RCPT failed
11:03 11:01 SMTPD Unknown Command: RCPT
What kind of mailserver do you use? Have you looked into the logs of it?
I have tried multiple recipients, including ones that use that mail server. Other programs, like sendmail will send to the same recipents that are used. Any thoughts?