Mails to one domein rejected when SA is enabled

Tom-

Verified User
Joined
Nov 14, 2014
Messages
21
Mails to one domein rejected when SA is enabled

I have a VPS running CentOS and DA. If I send mail to one specific domain on my server, it is instantly rejected. "Mail delivery failed: returning message to sender".
I thought this had something to do with Spamassassin, so I tried adding the domain to the whitelist, but that didnt help. Disabling SA entirely does help though, it fixes the issue.
Too bad spam starts pouring in with SA disabled, so I need a better solution.

Also, I dont understand why SA would reject a mail if its only supposed to either move or delete spam.

The domain in question is brand new, not listed on any blacklists and the owners mail address is working fine otherwise. Apart from other people on my VPS being unable to mail him, that is.

Any clues would be appreciated!

Here's the header of the latest one:


Return-path: <[email protected]>
Received: from mail by mail.myserver.com with spam-scanned (Exim 4.76)
(envelope-from <[email protected]>)
id 1ceLMs-0003QC-WF
for [email protected]; Thu, 16 Feb 2017 13:41:05 +0100
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on mail.myserver.com
X-Spam-Level:
X-Spam-Status: No, score=-0.8 required=3.0 tests=ALL_TRUSTED,BAYES_00,
HTML_IMAGE_ONLY_12,HTML_MESSAGE,URIBL_BLOCKED autolearn=no version=3.3.2
Received: from x.direct-adsl.nl ([00.00.000.000] helo=[192.168.2.8])
by mail.myserver.com with esmtpsa (UNKNOWN:AES128-SHA:128)
(Exim 4.76)
(envelope-from <[email protected]>)
id 1ceLMs-0003Q9-R0
for [email protected]; Thu, 16 Feb 2017 13:41:02 +0100
From: Tom <[email protected]>
Subject: test
To: Receiver <[email protected]>
Message-ID: <[email protected]>
Date: Thu, 16 Feb 2017 13:41:01 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101
Thunderbird/45.7.1
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="------------0B71EFB6A2B3C884DFE325AB"

This is a multi-part message in MIME format.
--------------0B71EFB6A2B3C884DFE325AB
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
 
Hello,

Do you have Easy Spam Fighter enabled in Exim? Do you have anything in blacklist in SpamAssassin on the domain

Returned email does not have an error (it should have). Did you remove it?
 
Running find on the word 'Easy' nets no results in exim.conf, so my guess is Easy Spam Fighter isn't enabled.

My blacklist in SA is empty.

The returned email has no error, I pasted the entire header in my original post and only changed the domain names, mail adresses and IP.

Today I've removed the affected domain from DA and could promptly mail to it again, leaving me a bit confused.
I guess the problem is fixed, though I'm left wondering what was going on in the first place. Hopefully this problem wont resurface when I add a new domain!
 
Code:
ls -la /etc/exim.easy_spam_fighter/

or

Code:
cd /usr/local/directadmin/custombuild
./build options | egrep -i "exim|easy"



And no word in a returned message on why was it returned?
 
Thanks, can confirm that Easy Spam Fighter is not installed.

Nothing in those mails as to the why. I always look for an error first, but there's really nothing more than what I posted above besides the body of the mail itself.

I do have one other issue with my DA, perhaps it is related: Lately, when I add, remove or change a domain within DA, it causes httpd to stop. If I try and start httpd from SSH, I get 'Syntax error - Only first PHPINIDir directive honored per configuration tree - subsequent ones ignored'.

When this happens, I edit httpd.conf and will find the PHPINIDir declared twice in one domain name; once for http, once for https. If I delete the line for the SSL version of the domain, httpd will start again. However, if I make another change to a domain, the problem re-appears and I have to remove that line again.
 
Today I've removed the affected domain from DA and could promptly mail to it again, leaving me a bit confused.
I would be confused too. How are you able to mail to a non-existing domain? Since you write you removed it and then can mail to it again??

Oeps. I forgot to add a possible cause/solution.
I had a kindlike problem. Also nothing pointing to something which was setup wrongly. Turned out the Exim database got corrupted some how and caused emails to one specific domain to be rejected.
The solution was to clean up the database:
Code:
/usr/sbin/exim_tidydb -t 1d /var/spool/exim retry > /dev/null
/usr/sbin/exim_tidydb -t 1d /var/spool/exim wait-remote_smtp > /dev/null

After that, things were working fine again. Maybe you had the same or a kindlike issue.
 
Last edited:
I would be confused too. How are you able to mail to a non-existing domain? Since you write you removed it and then can mail to it again??

Nah, not exactly, though that would be funny. The problem first showed up when my server was still handling email for this domain. There were already plans to host mail on an exchange server and I expected the issue would go away after I changed the MX record to point to the exchange server. I did that, but the problem remained until I removed the domain itself from my DA.

If it comes back for another domain I'll give your solution a try, thanks!
 
Ah that wasn't clear to me. I thought you just removed the domain, so without moving it to somewhere else. But since it's moved to an exchange server I'm not confused anymore. :)
 
Found out what was up

I experienced the problem with another domain recently and figured out what was going on.
in DA, under MX records, I had the box 'use this server to handle my emails' checked.
Being the first domein I set up mail off-server for, I hadn't run into this before.
Easy fix!

Update: still unclear why switching off SA stopped the behaviour. I'm going to assume I forgot to notice something somewhere and SA had nothing to do with it after all.
 
Last edited:
Back
Top