ISP MTA agent sends out duplicate emails?

Discussion in 'Help Desk' started by edowson, Dec 6, 2013.

  1. edowson

    edowson New Email

    Joined:
    Dec 5, 2013
    Messages:
    3
    Likes Received:
    0
    I use phpmail on Linux VPS with sendmail. I hear from recipients who get duplicates from time to time. It also happened to me in the past. I finally captured the headers from a recipient today.

    It appears that my ISP's MTA was sending the duplicates (i hope i read the headers correctly).

    Here are what I see in the two headers. Any help is greatly appreciated!

    #### 2 ### MTA sent it out at first time 2013 12:12:06 -0800 (12:12:06 Pacific)
    Received: from 127.0.0.1 (EHLO p3plsmtps2ded04.prod.phx3.secureserver.net) (208.109.80.198)
    by mta1106.mail.bf1.yahoo.com with SMTP; Thu, 05 Dec 2013 12:12:06 -0800

    ### 2 ### MTA sent it out again at 2013 20:14:20 +0000 (12:14:20 Pacific, **2 min later!)
    Received: from 127.0.0.1 (EHLO p3plsmtps2ded04.prod.phx3.secureserver.net) (208.109.80.198)
    by mta1531.mail.gq1.yahoo.com with SMTP; Thu, 05 Dec 2013 20:14:20 +0000

    The entire headers are below:
    ======= 1st duplicated email header:
    From r***@gmail.com Thu Dec 5 12:11:56 2013
    X-Apparently-To: lxxx@yahoo.com via 98.138.90.182; Thu, 05 Dec 2013 12:12:09 -0800
    Return-Path: <r***@gmail.com>
    Received-SPF: permerror (encountered permanent error during SPF processing of domain of gmail.com)
    X-Originating-IP: [208.109.80.198]
    Authentication-Results: mta1106.mail.bf1.yahoo.com from=gmail.com; domainkeys=neutral (no sig); from=gmail.com; dkim=neutral (no sig)

    #### 2 ### MTA sent it out at first time 2013 12:12:06 -0800 (12:12:06 Pacific)
    Received: from 127.0.0.1 (EHLO p3plsmtps2ded04.prod.phx3.secureserver.net) (208.109.80.198)
    by mta1106.mail.bf1.yahoo.com with SMTP; Thu, 05 Dec 2013 12:12:06 -0800
    #### 1 ### my host hand the msg to MTA
    Received: from ip-xxx-63-186-24.ip.secureserver.net ([xx.63.186.24])
    by p3plsmtps2ded04.prod.phx3.secureserver.net with : DED :
    id xwC21m01B0Y0ede01wC2jp; Thu, 05 Dec 2013 13:12:02 -0700
    x-originating-ip: xx.63.186.24
    Received: (from apache@localhost)
    by ip-xxx-63-186-24.ip.secureserver.net (8.13.8/8.13.8/Submit) id rB5KBuVZ003988;
    Thu, 5 Dec 2013 13:11:56 -0700
    Date: Thu, 5 Dec 2013 13:11:56 -0700
    Message-Id: <201312052011.rB5KBuVZ003988@ip-xxx-63-186-24.ip.secureserver.net>
    X-Authentication-Warning: ip-xxx-63-186-24.ip.secureserver.net: apache set sender to r***@gmail.com using -f
    To: r***@gmail.com
    Subject: =xxx
    MIME-Version: 1.0
    Content-Type: multipart/alternative;boundary="MIME_BOUNDRY"
    From: <r***@gmail.com>
    Reply-To: r***@gmail.com
    X-Mailer: PHP5
    X-Sender: r***@gmail.com
    X-Priority: 3
    Content-Length: 1542

    ===========2nd duplicated email header:
    From r***@gmail.com Thu Dec 5 12:11:56 2013

    X-Apparently-To: lxxx@yahoo.com via 98.138.91.217; Thu, 05 Dec 2013 20:14:26 +0000
    Return-Path: <r***@gmail.com>
    Received-SPF: softfail (transitioning domain of gmail.com does not designate 208.109.80.198 as permitted sender)
    X-Originating-IP: [208.109.80.198]
    Authentication-Results: mta1531.mail.gq1.yahoo.com from=gmail.com; domainkeys=neutral (no sig); from=gmail.com; dkim=neutral (no sig)

    ### 2 ### MTA sent it out again at 2013 20:14:20 +0000 (12:14:20 Pacific, **2 min later!)
    Received: from 127.0.0.1 (EHLO p3plsmtps2ded04.prod.phx3.secureserver.net) (208.109.80.198)
    by mta1531.mail.gq1.yahoo.com with SMTP; Thu, 05 Dec 2013 20:14:20 +0000
    ### 1 ### my host hand the msg to MTA
    Received: from ip-xxx-63-186-24.ip.secureserver.net ([xx.63.186.24])
    by p3plsmtps2ded04.prod.phx3.secureserver.net with : DED :
    id xwC21m01B0Y0ede01wC2jp; Thu, 05 Dec 2013 13:12:02 -0700
    x-originating-ip: xx.63.186.24
    Received: (from apache@localhost)
    by ip-xxx-63-186-24.ip.secureserver.net (8.13.8/8.13.8/Submit) id rB5KBuVZ003988;
    Thu, 5 Dec 2013 13:11:56 -0700
    Date: Thu, 5 Dec 2013 13:11:56 -0700
    Message-Id: <201312052011.rB5KBuVZ003988@ip-xxx-63-186-24.ip.secureserver.net>
    X-Authentication-Warning: ip-xxx-63-186-24.ip.secureserver.net: apache set sender to r***@gmail.com using -f
    To: r***@gmail.com
    Subject: =xxx
    MIME-Version: 1.0
    Content-Type: multipart/alternative;boundary="MIME_BOUNDRY"
    From: <r***@gmail.com>
    Reply-To: r***@gmail.com
    X-Mailer: PHP5
    X-Sender: r***@gmail.com
    X-Priority: 3
    Content-Length: 1542
     


  2. rfs9999

    rfs9999 IMAP Tools

    Joined:
    Oct 27, 2013
    Messages:
    114
    Likes Received:
    6
    Sending duplicates can be caused by network errors between the sending and receiving MTAs.

    If the SMTP dialog transferring the message is interrupted the sending MTA may think the message was not successfully transferred. In that case it will queue it up for re-transmission later. If the message _did_ go through then this will result in a duplicate.

    Unless you have access to the MTA logs there's really no way for you to see if there are errors corresponding to the times duplicates were received.

    -Rick
     

  3. edowson

    edowson New Email

    Joined:
    Dec 5, 2013
    Messages:
    3
    Likes Received:
    0
    Thank you very much for your response. I have opened a ticket with my hosting provider. I still have a few questions besides the potential network issue.

    1. The main thing i want to confirm is whether there is any indication in the headers show a problem between my VPS host "sendmail" and the relay MTA? I want to confirm the duplicates originated from the MTA, not from my "/usr/sbin/sendmail" command.

    2. My php.ini points to "/usr/sbin/sendmail" command. Does the "sendmail" command hand over the msg request to MTA in one shot? or does it actually loop through the recipients and hand over the msg per recipient?

    This is a mass email I sent to to all members of my site, but only yahoo users got the duplicates in this case. Occasionally other users get duplicates, but rarely.

    3. The sender address is gmail. Technically, it couldn't be considered "spam", could the anti-spam mechanism have anything to do with the issue? I assumption that's a different issue, but I'm curious.

    Thanks again for your response!
     
  4. rfs9999

    rfs9999 IMAP Tools

    Joined:
    Oct 27, 2013
    Messages:
    114
    Likes Received:
    6
    >Does the "sendmail" command hand over the msg request to MTA in one shot? or does it actually loop through the recipients and hand over the msg per recipient?

    sendmail gives the MTA the full recipient list at once. It is the MTA's job to group the recipients by domain and send one copy of the message to the MTA serving each group's domain.

    >could the anti-spam mechanism have anything to do with the issue?

    It seems unlikely. Messages judged to be spam by an MTA are generally either dropped, tagged as Spam, or put into the recipient's Spam folder depending on the user's configuration and the MTA's policy on Spam disposition.

    -Rick
     
  5. edowson

    edowson New Email

    Joined:
    Dec 5, 2013
    Messages:
    3
    Likes Received:
    0
    Thank you very much!

    I will continue to pursue the issue with the hosting provider.

    They simply push the issue back to me, stating that i have a self managed VPS, the issue is on my side.
     
  6. popowich

    popowich EQ Forum Admin Staff Member

    Joined:
    Aug 12, 2008
    Messages:
    8,983
    Likes Received:
    120
    Sometimes problems with duplicate emails are caused by the destination mail server. For example when they are overloaded with and their antivirus and content filtering engines are slow or timing out. The sending mail server might lose the connection which results in it resending the email, even though the receiving mail server eventually finished the scanning, started responding again, and finished delivering the original message. It's possible it's not your fault or your VPS host's, but something with the receiving mail server. It will help with the troubleshooting too if you can check your outgoing mail logs, and try leaving a ping running for a little while to rule out general packet loss and other network issues between your server and the receiving mail server. Have you tried having the recipient open a ticket on their end to help troubleshot the issue?
     

Want to reply or ask your own question?

It only takes a minute to sign up (and it's free!). Click the orange sign up button to choose a username and then you can ask your own questions on the forum.
Loading...