521 554 Upstream error (in reply to end of DATA command)

I’m attempting to forward catch all to [username1]@icloud.com. This fails (edited email account details):

This is a system-generated message to inform you that your email could not
be delivered to one or more recipients. Details of the email and the error are as follows:

<[email protected]>: host linda.mx.cloudflare.net[172.65.14.34] said: 521
   554 Upstream error (in reply to end of DATA command)
Reporting-MTA: dns; st13p97im-ztdg18301101.me.com
X-Postfix-Queue-ID: 12D45E0D27
X-Postfix-Sender: rfc822; [email protected]
Arrival-Date: Mon, 10 Jan 2022 16:49:04 +0000 (UTC)

Final-Recipient: rfc822; *********@*************
Original-Recipient: rfc822; [email protected]
Action: failed
Status: 5.0.0
Remote-MTA: dns; linda.mx.cloudflare.net
Diagnostic-Code: smtp; 521 554 Upstream error

From: User Name <[email protected]>
Subject: test
Date: January 10, 2022 at 8:49:02 AM PST
To: [email protected]

The MX and SPF records were setup per the manual.
When switching back to Google Domains email forwarding – it works. It looks the problem is somehow related to what cloud flare is doing.

How can I triage it further?

what domain are you using?

The domain is arrogantrabbit.com. It is registered with Google Domains but uses Cloudflare nameservers. (Right now I’ve returned MX records back to that of Google to restore mail functionality)

The snippet from the mailer daemon notification source:

Return-Path: <[email protected]>
Received: from smtpclient.apple (c-censored-ip..hsd1.ca.comcast.net [censored-ip])
	by st13p97im-ztdg18301101.me.com (Postfix) with ESMTPSA id 12D45E0D27
	for <[email protected]>; Mon, 10 Jan 2022 16:49:04 +0000 (UTC)

The [email protected] was supposed to be forwarded to [my iCloud email]

If, however, Cloudflare forwarder tells iCloud servers (*.me.com) that the mail is for [email protected] as opposed to [my iCloud email] – iCloud would reject it and forwarding therefore can’t work. this seems to be the case because the “final recepeint” and “original recipient” seem to be the same in the snippet in my original post. (the number of stars in Final_recepient matches the length of Original recepient). It’s also possible I completely misunderstand the problem and the root cause is elsewhere…

I’m not sure to follow with the snippet you posted, it’s not from Cloudflare’s email service.

I don’t see any activity on the domain on our side. Would you mind if I send a test email through to [email protected] via Cloudflare’s service?

I’ve configured the MX records to point back to CloudFlare; please send the test email.

I’ve received your test email successfully. So weird. I’ve then sent an email from two different third party email services (gmail and my employer’s) and it also succeeded.

However when sending from iCloud – it fails. Perhaps it’s an iCloud mail issue. I’ll try to dig in that direction.

Thank you very much for help here!

@saspus I know that when sending and forwarding emails from the same gmail account it deduplicates/hides the email, maybe iCloud does the same.

1 Like

Yes, I’m aware of that, but this is not the case here – I’m sending from a different domain and the undeliverable message is being generated (which would not be the case if it would not be the case with gmail you describe – it would deliver, but silently skip inbox)

I think I narrowed down the circumstances when it fails and succeed, and it’s a rather interesting corner case.

I have two custom domains configured with iCloud – arrogantrabbit.com and saspus.com. I can send mail from all three addresses: [email protected], [email protected], and [email protected] to all other email services and it works just fine.

Now that I configured cloudflare MX and forwarding to [email protected] sending to [email protected] works in these scenarios:

  1. from [email protected] via gmail SMTP servers
  2. from [email protected] via iCloud Web interface
  3. from [email protected] via iCloud SMTP server
  4. from [email protected] via iCloud Web interface
  5. from [email protected] via iCloud SMTP servers

What does not work:

  1. from [email protected] using iCloud SMTP servers – :“Undelivered Mail Returned to Sender” notification is sent to [email protected]:
        This is a system-generated message to inform you that your email could not
    be delivered to one or more recipients. Details of the email and the error are as follows:
    
    
    <[email protected]>: host linda.mx.cloudflare.net[172.65.14.34] said: 521
        554 Upstream error (in reply to end of DATA command)
    
    --3AEF756006D.1641922596/st13p97im-ztdg18291001.me.com
    Content-Description: Delivery report
    Content-Type: message/delivery-status
    
    Reporting-MTA: dns; st13p97im-ztdg18291001.me.com
    X-Postfix-Queue-ID: 3AEF756006D
    X-Postfix-Sender: rfc822; [email protected]
    Arrival-Date: Tue, 11 Jan 2022 17:36:33 +0000 (UTC)
    
    Final-Recipient: rfc822; ****@******************
    Original-Recipient: rfc822;[email protected]
    Action: failed
    Status: 5.0.0
    Remote-MTA: dns; linda.mx.cloudflare.net
    Diagnostic-Code: smtp; 521 554 Upstream error
    
    --3AEF756006D.1641922596/st13p97im-ztdg18291001.me.com
    Content-Description: Undelivered Message
    Content-Type: message/rfc822
    
    Return-Path: <[email protected]>
    Received: from smtpclient.apple (c-[edited].hsd1.ca.comcast.net [edited ip])
        by st13p97im-ztdg18291001.me.com (Postfix) with ESMTPSA id 3AEF756006D
        for <[email protected]>; Tue, 11 Jan 2022 17:36:33 +0000 (UTC)
    From: me <[email protected]>
    Content-Type: text/plain;
        charset=us-ascii
    Content-Transfer-Encoding: 7bit
    Mime-Version: 1.0 (Mac OS X Mail 15.0 \(3693.40.0.1.81\))
    Subject: Test From [email protected] via iCloud SMTP servers
    Message-Id: <[email protected]>
    Date: Tue, 11 Jan 2022 09:36:31 -0800
    To: [email protected]
    X-Mailer: Apple Mail (2.3693.40.0.1.81)
    X-Proofpoint-Virus-Version: =?UTF-8?Q?vendor=3Dfsecure_engine=3D1.1.170-22c6f66c430a71ce266a39bfe25bc?=
     =?UTF-8?Q?2903e8d5c8f:6.0.425,18.0.790,17.0.607.475.0000000_definitions?=
     =?UTF-8?Q?=3D2022-01-11=5F04:2022-01-10=5F02,2022-01-11=5F04,2020-04-07?=
     =?UTF-8?Q?=5F01_signatures=3D0?=
    X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 malwarescore=0 clxscore=1030 mlxscore=0
     spamscore=0 adultscore=0 bulkscore=0 mlxlogscore=370 phishscore=0
     suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1
     engine=8.12.0-2009150000 definitions=main-2201110096
    
    Test From [email protected] via iCloud SMTP servers
    
  2. from [email protected] using iCloud Web interface (same failure)

Furthermore, if I change where the email is forwarded to another email address (e.g. gmail) – then it works.

So it appears for the issue to occur the following must be true:

  1. using iCloud SMTP server or web interface to sent mail
  2. from one of the iCloud registered external domains
  3. to address on the different iCloud registered extremal domain
  4. Cloudflare forwarding configured to the same iCloud account ([email protected] address)

Seems iCloud gets confused when handling email between domains it knows when Cloudflare forward is involved, and it seems like an iCloud bug. I’ll try to figure out how to reach out to their support.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.