“SMTP submit rejected by 452 4.5.3 Too many recipients” 在 Exchange 上,显然不是这种情况

huangapple go评论107阅读模式
英文:

"SMTP submit rejected by 452 4.5.3 Too many recipients" on Exchange, while obviously not the case

问题

我们正在使用Exchange Online发送电子邮件,但在过去几周中,我们开始注意到发送电子邮件的应用程序中出现了一些错误:

“SMTP submit rejected by 452 4.5.3 Too many recipients” 在 Exchange 上,显然不是这种情况

在记录收件人时,只有一对,没有什么奇怪的...也许有问题,但绝对与收件人数量无关。

有什么想法是什么可能出了问题以及如何进行调查?

英文:

We are using Exchange Online to send emails, and for past couple of weeks, we have started noticing some errors in our applications that send emails :

“SMTP submit rejected by 452 4.5.3 Too many recipients” 在 Exchange 上,显然不是这种情况

When logging the recipients, there are just a couple, nothing extravagant.. Maybe there's a problem, but definitely not something related to the number of recipients.

Any idea what could be wrong and to investigate this ?

答案1

得分: 1

经过更多的日志记录和来自Microsoft支持的一些帮助,我们找到了解决方法,并在此过程中学到了一些关于JavaMail的知识。

  1. 启用低级SMTP调试日志。在大多数Java应用程序中,配置可能如下所示:
mail:
  default-encoding: UTF-8
  host: ${MAIL_HOST}
  port: ${MAIL_PORT}
  properties:
    mail:
      transport:
        protocol: smtp
      debug: true
      smtp:
        debug: true
        auth: false
        starttls: true

当运行应用程序时,您可能会看到类似以下的输出(请注意,这可能会输出到标准输出,而不是您常规的应用程序日志文件中):

DEBUG SMTP: Found extension "STARTTLS", arg ""
DEBUG SMTP: Found extension "8BITMIME", arg ""
DEBUG SMTP: Found extension "BINARYMIME", arg ""
DEBUG SMTP: Found extension "CHUNKING", arg ""
DEBUG SMTP: Found extension "SMTPUTF8", arg ""
DEBUG SMTP: use8bit false
MAIL FROM:<test.user@testabc.com>
250 2.1.0 Sender OK
RCPT TO:<test.user@my-domain.com>
250 2.1.5 Recipient OK
RCPT TO:<kyc_val@my-domain.com>
550 5.4.1 Recipient address rejected: Access denied. AS(201806281) [XXXXXXXXXXXXXXXXX.protection.outlook.com 2023-03-15T09:46:28.930Z 08DB25286CBA473D]
RCPT TO:<test.user@testabc.com>
452 4.5.3 Too many recipients ATTR49 [XXXXXXXXXXXXXXXXXXX.protection.outlook.com 2023-03-15T09:46:28.930Z 08DB25286CBA473D]
DEBUG SMTP: Valid Unsent Addresses
DEBUG SMTP:   test.user@my-domain.com
DEBUG SMTP:   test.user@testabc.com
DEBUG SMTP: Invalid Addresses
DEBUG SMTP:   kyc_val@my-domain.com
DEBUG SMTP: Sending failed because of invalid destination addresses
RSET
250 2.0.0 Resetting
DEBUG SMTP: MessagingException while sending, THROW:
javax.mail.SendFailedException: Invalid Addresses;
  nested exception is:
com.sun.mail.smtp.SMTPAddressFailedException: 550 5.4.1 Recipient address rejected: Access denied. AS(201806281) [XXXXXXXXXXXXXXXXX.prod.protection.outlook.com 2023-03-15T09:46
:28.930Z 08DB25286CBA473D]
;
  nested exception is:
com.sun.mail.smtp.SMTPAddressFailedException: 452 4.5.3 Too many recipients ATTR49 [XXXXXXXXXXXXXXXXX.protection.outlook.com 2023-03-15T09:46:28.930Z 08DB25286CBA473D]

这里存在两个问题:

  • 邮件网关仅接受来自已配置域的发件人 - 这是正常的,以避免开放继电器问题,避免垃圾邮件发送者使用您的邮件服务器。在我们的测试中,我们没有注意到这一点,而是使用了随机发件人,而不是来自my-domain.com(即我们的域)的地址。

  • 由于网关管理我们的域,它知道哪些地址在我们的域上存在或不存在。实际上,kyc_val@my-domain.com 只是一个测试值,实际上在Exchange中并不存在:

DEBUG SMTP: Invalid Addresses
DEBUG SMTP:   kyc_val@my-domain.com

该网关配置为告知SMTP客户端,我们正在发送到一些不存在的地址。这被称为"基于目录的边缘阻止",在这里有解释。

我们发现实际上有一个javamail客户端参数,可以强制发送邮件:将mail.smtp.sendpartial属性设置为true将会发送邮件给现有的收件人,并在代码中引发异常,以便我们知道无法将邮件发送给某些收件人,并且可以相应地处理这种情况。

请参考:https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary.html

如果设置为true,且消息中包含一些有效和一些无效的地址,仍然发送消息,并使用SendFailedException报告部分失败。如果设置为false(默认值),则如果存在无效的收件人地址,则不会将消息发送给任何收件人。

结论:异常中初始的消息明显具有误导性(我会称之为一个错误)。我不知道为什么它说"太多的收件人",而显然情况并非如此,但通过适当的调试日志和客户端端的配置,我们能够理解问题所在并进行修复。

英文:

With more logs and a bit of help from Miscrofot support, we figured it out and learned a few things on JavaMail in the process.

  1. enable low level SMTP debug logs. In most java applications, it will be something like
  mail:
    default-encoding: UTF-8
    host: ${MAIL_HOST}
    port: ${MAIL_PORT}
    properties:
      mail:
        transport:
          protocol: smtp
        debug: true
        smtp:
          debug: true
          auth: false
          starttls: true

when running the application, we got something like that (careful it's likely to be output on standardOut, and not in your regular applicative log file):

DEBUG SMTP: Found extension &quot;STARTTLS&quot;, arg &quot;&quot;
DEBUG SMTP: Found extension &quot;8BITMIME&quot;, arg &quot;&quot;
DEBUG SMTP: Found extension &quot;BINARYMIME&quot;, arg &quot;&quot;
DEBUG SMTP: Found extension &quot;CHUNKING&quot;, arg &quot;&quot;
DEBUG SMTP: Found extension &quot;SMTPUTF8&quot;, arg &quot;&quot;
DEBUG SMTP: use8bit false
MAIL FROM:&lt;test.user@testabc.com&gt;
250 2.1.0 Sender OK
RCPT TO:&lt;test.user@my-domain.com&gt;
250 2.1.5 Recipient OK
RCPT TO:&lt;kyc_val@my-domain.com&gt;
550 5.4.1 Recipient address rejected: Access denied. AS(201806281) [XXXXXXXXXXXXXXXXX.protection.outlook.com 2023-03-15T09:46:28.930Z 08DB25286CBA473D]
RCPT TO:&lt;test.user@testabc.com&gt;
452 4.5.3 Too many recipients ATTR49 [XXXXXXXXXXXXXXXXXXX.protection.outlook.com 2023-03-15T09:46:28.930Z 08DB25286CBA473D]
DEBUG SMTP: Valid Unsent Addresses
DEBUG SMTP:   test.user@my-domain.com
DEBUG SMTP:   test.user@testabc.com
DEBUG SMTP: Invalid Addresses
DEBUG SMTP:   kyc_val@my-domain.com
DEBUG SMTP: Sending failed because of invalid destination addresses
RSET
250 2.0.0 Resetting
DEBUG SMTP: MessagingException while sending, THROW: 
javax.mail.SendFailedException: Invalid Addresses;
  nested exception is:
com.sun.mail.smtp.SMTPAddressFailedException: 550 5.4.1 Recipient address rejected: Access denied. AS(201806281) [XXXXXXXXXXXXXXXXX.prod.protection.outlook.com 2023-03-15T09:46
:28.930Z 08DB25286CBA473D]
;
  nested exception is:
com.sun.mail.smtp.SMTPAddressFailedException: 452 4.5.3 Too many recipients ATTR49 [XXXXXXXXXXXXXXXXX.protection.outlook.com 2023-03-15T09:46:28.930Z 08DB25286CBA473D]

We have 2 issues here :

  • the mail gateway accepts only sender from the configured domain - which is normal, to avoid open-relay issues, with spammers using your email server. Here, for our tests, we didn't pay attention and used a random sender instead of an address from my-domain.com (ie our domain)

  • since the gateway manages our domain, it is aware of which addresses exist or not on our domain. and indeed kyc_val@my-domain.com is a test value that actually doesn't exist in Exchange :

    DEBUG SMTP: Invalid Addresses
    DEBUG SMTP:   kyc_val@my-domain.com

The gateway is configured to tell the SMTP client that some addresses we're sending to don't exist. that's Directory-Based Edge Blocking, explained here.

We discovered there's actually a javamail client parameter to force the emails to be sent nonetheless : setting mail.smtp.sendpartial property to true will send emails to the existing recipients and throw an exception in the code so that we're aware the email could not be sent to some recipients and we handle that case accordingly.

see in https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary.html

> If set to true, and a message has some valid and some invalid
> addresses, send the message anyway, reporting the partial failure with
> a SendFailedException. If set to false (the default), the message is
> not sent to any of the recipients if there is an invalid recipient
> address.

Conclusion : the initial message we got in the exception is clearly misleading (I would call that a bug). I have no idea why it states "Too many recipients" while it's obviously not the case, but with proper debug logs and configuration on the client side, we were able to understand what was wrong and fix it.

huangapple
  • 本文由 发表于 2023年3月31日 20:59:29
  • 转载请务必保留本文链接:https://go.coder-hub.com/75898838.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定