DirectAdmin and WordPress sending problem

[minnicoffee]

Hello,

As a new DirectAdmin user, I've just migrated a few sites to this system via AWS (AlmaLinux 9). However, I'm having huge difficulties with everything to do with "sending e-mail". I don't receive any e-mail from the system or from the forms on the Wordpress sites, and when I want to test sending with an e-mail address from Roundcloud, I don't receive the e-mail either.

PROBLEM 1
---------------------
When I look in Direct Admin's "mail queue" for a message sent from a WordPress site, I see that :
- The sender's address has changed (it seems to be the site's Directadmin username).
- The recipient's address is that of the Directadmin admin account, but not the one entered in the WordPress form.

I'm not receiving the email. Here is the message:
"2023-08-27 15:35:16 Received from [email protected] U=apasco P=local S=5307 id=[email protected] T="Vous avez un nouveau message depuis le site"
2023-08-27 15:35:17 [email protected] R=lookuphost T=remote_smtp defer (-54): retry time not reached for any host for 'minnicoffee.nc'"


PROBLEM 2
---------------------
Administration emails: "<[email protected]>" are sent to "<[email protected]>" but this address does not exist? I don't know how to access it.


PROBLEM 3
---------------------
Then, when I send an e-mail to someone from RoundCloud, the e-mail leaves but doesn't arrive:

2023-08-27 15:42:55 Received from [email protected] H=localhost (ip-172-31-9-130.ap-southeast-2.compute.internal) [::1] P=esmtpa A=login:[email protected] S=582 id=[email protected] T="yop"
2023-08-27 15:45:07 H=outlook-com.olc.protection.outlook.com [104.47.58.33] Connection timed out
2023-08-27 15:47:18 H=outlook-com.olc.protection.outlook.com [104.47.55.33] Connection timed out
2023-08-27 15:47:18 [email protected] R=lookuphost T=remote_smtp defer (110): Connection timed out


On the other hand, if I send an e-mail to this address, the e-mail is received.

Out of all these problems seems to come a problem with the sending server. Any ideas? I have no idea what to do


Thank you very much for your help and have a good day

 

[Richard G]

Problem 2, that might be the case, you can configure this yourself.
First setup an e-mail address for admin.

How to change email address from which Directadmin sends emails

I want Directadmin to send emails from [email protected] instead of [email protected]. How can I do it?

help.poralix.com

Then if you want to get root mails, go to the /etc/aliases file and add something like:
root: [email protected]

where [email protected] is an email address of yourself.

Problem 1 and 3 might be related.
It looks like you use external mail from Microsoft 365.

Check if all your settings are correct. Go to the MX page on your account on user level, and see that the option to handle your mail on this server is -not- selected, and for external mail Microsoft 365 is selected.
Since you are using cloudflare, you probably need to copy all DA records to the cloudflare DNS.

Next to that, you don't have a ptr/RDNS record for your hostname, this is a reason a lot of mail will be refused.
Go to you OVH control panel and set a ptr/Rdns record so your server ip points to your hostname.

I see a lot of timeouts. This might point out that port 25 outgoing is closed, either on your firewall or other protection system, or by OVH.

Try logging in via SSH as root and issue this command:
telnet mail.directadmin.com 25
you should get a connection and you can type quit to get out again.

If you get a timeout, then port 25 outgoing is closed and it needs to be opened, ask OVH or wherever you have your server.

 

[minnicoffee]

Hello !


Thank you for your quick reply and for your help.


I've just updated the r/dns (AWS) to the same domain, thank you !!!


However, it still doesn't work.

Actually, what I don't understand is that "[email protected]" is the e-mail address of my administrator account (directadmin); and is not entered at all.


For example, for problem 1, the sending e-mail address (from the WordPress site) is: [email protected] and the receiving address is: [email protected].


It seems that the server is reinterpreting everything and that these are no longer the correct addresses (the sending address becomes the username of the person who has the site and the recipient my e-mail address).


Example:
when I go to www.newcalevents.nc/contacter (site linked to the user "apasco" (in DirectAdmin)) I enter the following:



E-mail header

"1qaaH4-00015z-2L-H
apasco 1003 1004
1693221554 0
-received_time_usec .726720
-received_time_complete 1693221554.728828
-active_hostname doppio.minnicoffee.ovh
-ident apasco
-received_protocol local
-aclm _uid 4
1003
-aclm _username 6
apasco
-body_linecount 158
-max_received_linelength 226
-auth_id apasco
-auth_sender [email protected]
-allow_unqualified_recipient
-allow_unqualified_sender
-local
-sender_set_untrusted
-tls_resumption A
XX
1
[email protected]
209P Received: from apasco by doppio.minnicoffee.ovh with local (Exim 4.96-58-g4e9ed49f8)
(envelope-from )
id 1qaaH4-00015z-2L
for [email protected];
Mon, 28 Aug 2023 22:19:14 +1100
026T To: [email protected]
053 Subject: Vous avez un nouveau message depuis le site
045 X-PHP-Originating-Script: 1003HPMailer.php
038 Date: Mon, 28 Aug 2023 11:19:14 +0000
047F From: Site NewCalEvents
041R Reply-To: Xavier
076I Message-ID:
067 X-Mailer: PHPMailer 6.8.0 (https://github.com/PHPMailer/PHPMailer)
018 MIME-Version: 1.0
095 Content-Type: multipart/alternative;
boundary="b1=_eeEkaCpZV797nUeT3eTYZCiSWjs3yxKfR2HpISFOk"
032 Content-Transfer-Encoding: 8bit"


E-mail Body Chunk
1qaaH4-00015z-2L-D
--b1=_eeEkaCpZV797nUeT3eTYZCiSWjs3yxKfR2HpISFOk
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Contenu du message
Nom du client : Xavier
Adresse e-mail : [email protected]
Numéro de téléphone :
Message : Hello Hello !

Log
2023-08-28 22:19:14 Received from [email protected] U=apasco P=local S=5349 id=[email protected] T="Vous avez un nouveau message depuis le site"
2023-08-28 22:19:15 [email protected] R=lookuphost T=remote_smtp defer (-54): retry time not reached for any host for 'minnicoffee.nc'


*******

Would you have any idea ?
Thank you very much and have a good day !

 

[Richard G]

Would you have any idea ?

Not sure. Did you change ip's recently?

retry time not reached for any host for 'minnicoffee.nc'

Check this:

This is on an ipv4 only server.

[root@server23: /etc]# nslookup minnicoffee.nc
Server:         1.1.1.1
Address:        1.1.1.1#53

Non-authoritative answer:
Name:   minnicoffee.nc
Address: 104.21.10.98
Name:   minnicoffee.nc
Address: 172.67.131.77
Name:   minnicoffee.nc
Address: 2606:4700:3030::6815:a62
Name:   minnicoffee.nc
Address: 2606:4700:3030::ac43:834d

None of these ip's resolve to the minnicoffee.nc domain.

Now the same check on a server with ipv4 and ipv6:

[root@server27: /etc]# nslookup minnicoffee.nc            
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
Name:   minnicoffee.nc
Address: 188.114.96.3
Name:   minnicoffee.nc
Address: 188.114.97.3
Name:   minnicoffee.nc
Address: 2a06:98c1:3120::3
Name:   minnicoffee.nc
Address: 2a06:98c1:3121::3

Now which of these servers have the correct answer? None of these ip's on either server point to the same ip as your hostname.

Do you recognize this? Maybe you did not copy all correct ip's from your server to cloudflare?

Also:

026T To: [email protected]

and

2023-08-28 22:19:15 [email protected] R=lookuphost T=remote_smtp defer (-54): retry time not reached for any host for 'minnicoffee.nc'

But it should not go there because the MX record of minnicoffee.nc is pointing to Office 365.

;; ANSWER SECTION:
minnicoffee.nc.         300     IN      MX      0 minnicoffee-nc.mail.protection.outlook.com.

so it shouldn't be sending to your server anyway.
Check the MX page as I said in my previous reply.

 

[minnicoffee]

Hello,

"minnicoffee.nc" and "minnicoffee.ovh" are different. minnicoffee.ovh is the domain to manage the servers. So "doppio.minnicoffee.ovh" is the domain name of the 1st Directadmin server I'm installing.

In fact, what I don't understand is that, for example, on the "newcalevents.nc" site, I use ContactForm 7 and the send address is "[email protected]" and the receive address is "[email protected]" (for the example); Except that when the mail arrives at the server it changes all the settings! I don't want that.


So I don't receive the e-mail.

Log for this exemple :
2023-08-30 04:16:52 Received from [email protected] U=apasco P=local S=5331 id=[email protected] T="Vous avez un nouveau message depuis le site"
2023-08-30 04:16:52 [email protected] R=lookuphost T=remote_smtp defer (-54): retry time not reached for any host for 'outlook.com'
2023-08-30 04:23:28 H=outlook-com.olc.protection.outlook.com [104.47.58.161] Connection timed out
2023-08-30 04:23:28 [email protected] R=lookuphost T=remote_smtp defer (110): Connection timed out

 

[Richard G]

"minnicoffee.nc" and "minnicoffee.ovh" are different.

Yes I know, that is what I wrote too.
But I let you see that the name minnicoffee.nc resolves different on different servers and that is not good.
It's still not good today.

So "doppio.minnicoffee.ovh" is the domain name

Domain name? I thought this was the hostname. That's a difference.

Except that when the mail arrives at the server it changes all the settings!

Probably bacause you're not using authenticated SMTP in wordpress.
If you are using auth SMTP then it's something different, hard to say. But you first have to fix that DNS is resolving the same everywhere, before worrying about mail.
Next to that, you keep having the connection timed out, so probably port 25 is closed. I haven't seen you testing this like I suggested in post #2.

 

[minnicoffee]

I'm so sorry, I think we're mixing things up a bit. I'll try to clear it up by making a new point.

"[email protected]" is my work address and I had used it for the test to show that I wasn't receiving the email. This e-mail address works very well and is connected to Microsoft 365). By the way, the minnicoffee.nc domain is managed on CloudFlare and the MX are sent to Microsoft. The minnicoffee.nc domain is not linked to DirectAdmin at all.

That's why, in the last example, I show the problem with another email address ([email protected]).


What I'd like is to be able to use the Exim mail server, like Postfix on Plesk for example, to send e-mails without necessarily requiring authentication (which changes the sending address). Indeed, some sites (like newcalevent.nc) use external SMTP (Microsoft 365 for example). Except that sometimes, I just want the site to send email patterns, without going through SMTP authentication, you know? Which means that the e-mails will certainly be junk.
On the other hand, afterwards I activate SMTP authentication from a plugin on the WordPress site: either I configure it externally via Office 365 for example, or via the DirectAdmin server.

 

[minnicoffee]

And the port 25 is open*

 

[Richard G]

without necessarily requiring authentication (which changes the sending address)

What you want could lead to issues, however....unauthenticated mail is going out via the php mail option. The only change normally happening is that the domain name is changed to the hostname, but never the username.
Normally somewhere a -f option can be used but I don't see that in Wordpress anymore.

And the port 25 is open*

Oke so you did reach the DA server via port 25, that is good news.
Then I wonder what you have in your /etc/resolv.conf because I'm still wondering why the timeout is still happening and outlook.com can't be reached.

As for any namechange happening I have no explanation.

 

[minnicoffee]

What you want could lead to issues, however....unauthenticated mail is going out via the php mail option. The only change normally happening is that the domain name is changed to the hostname, but never the username.
Normally somewhere a -f option can be used but I don't see that in Wordpress anymore.

Yes, you're right and I think I'll keep the config you said!

Then I wonder what you have in your /etc/resolv.conf because I'm still wondering why the timeout is still happening and outlook.com can't be reached

I think you've hit the nail on the head! Here's the :

[root@doppio ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search ap-southeast-2.compute.internal minnicoffee.ovh
nameserver 172.31.0.2
[root@doppio ~]#

It looks like it's based on AWS's internal IP and DNS. How can I change it? Do you think I can use CloudFlare's DNS?

 

[Ohm J]

use "nmtui" tool to change DNS resolve. Don't directly edit.

Or if you are profess linux, use "nmcli"

 

[minnicoffee]

DNS resolve change done !

[ec2-user@doppio ~]$ cat /etc/resolv.conf
# Generated by NetworkManager
search doppio.minnicoffee.ovh minnicoffee.ovh
nameserver 1.1.1.1
nameserver 1.0.0.1
[ec2-user@doppio ~]$

But it's doesn't wok...

"
2023-08-30 19:32:21 Received from [email protected] U=apasco P=local S=5315 id=[email protected] T="Vous avez un nouveau message depuis le site"
2023-08-30 19:34:31 H=outlook-com.olc.protection.outlook.com [104.47.17.97] Connection timed out
2023-08-30 19:34:31 [email protected] R=lookuphost T=remote_smtp defer (110): Connection timed out"

 

[minnicoffee]

Update :
[ec2-user@doppio ~]$ cat /etc/resolv.conf
# Generated by NetworkManager
search doppio.minnicoffee.ovh minnicoffee.ovh
nameserver 172.31.0.2
[ec2-user@doppio ~]$

 

[minnicoffee]

Actually, I don't know what information I need to enter for it to work?

 

[Richard G]

Update :

Did you change this yourself?

If no, then change things so NetworkManager doesn't fuzz with your resolv.conf anymore.
First check if /etc/resolv.conf is a file at not a symlink.

Edit the /etc/NetworkManager/NetworkManager.conf file.
Add these lines to the [main] section.

dns=none
rc-manager=unmanaged

After that edit your /etc/resolv.conf yourself and make the changes like you did.
Once done, restart bind:
service named restart

Now the resolv.conf should not be changed anymore by NetworkManager.

 

[minnicoffee]

Did you change this yourself?

I can't edit the file. I go directly to the AWS C2 and VPC console.

Here is the current configuration:

DHCP Option sets (resolve.conf)
[ec2-user@doppio ~]$ cat /etc/resolv.conf
# Generated by NetworkManager
search doppio.minnicoffee.ovh minnicoffee.ovh
nameserver 1.1.1.1
nameserver 1.0.0.1
[ec2-user@doppio ~]$

Edit the /etc/NetworkManager/NetworkManager.conf file.

I can't. But by going through the "VPC", I can disable DNS settings. Is that right?

 

[Richard G]

But by going through the "VPC", I can disable DNS settings. Is that right?

I guess not.

Exactly what do you use to run Directadmin on? A dedicated server or a VPS?
And do you have root SSH access to this?

 

[minnicoffee]

Exactly what do you use to run Directadmin on? A dedicated server or a VPS?
And do you have root SSH access to this?

I use DirectAdmin on AlmaLinux 9 in an AWS instance (C2)

And do you have root SSH access to this?

Yes I have root access... but I wasn't typing the right command sorry ><... Now it's done! I've just modified the file :


And the /etc/resolv.conf is :


But .. Log in Queue mail (with lc-creation.nc website) :
2023-08-31 03:04:52 Received from [email protected] H=doppio.minnicoffee.ovh (www.lc-creation.nc) [13.54.199.177] P=esmtpsa X=TLS1.3:TLS_AES_256_GCM_SHA384:256 CV=no A=login:[email protected] S=19537 id=[email protected] T="Easy WP SMTP: HTML Test email to [email protected]"
2023-08-31 03:07:02 H=outlook-com.olc.protection.outlook.com [104.47.66.33] Connection timed out
2023-08-31 03:07:02 [email protected] R=lookuphost T=remote_smtp defer (110): Connection timed out

Log in Queue mail (with newcalevents.nc website) :
2023-08-31 03:13:52 Received from [email protected] U=apasco P=local S=5309 id=[email protected] T="Vous avez un nouveau message depuis le site"
2023-08-31 03:13:53 [email protected] R=lookuphost T=remote_smtp defer (-54): retry time not reached for any host for 'outlook.com'

 

[Richard G]

I would use 8.8.8.8 as secondary nameserver in /etc/resolv.conf so you have 2 different autonomous systems.
Did you restart named after making the changes?

Can you try 2 things for me?
First use this command as root and see the results.
nslookup outlook.com

Then visit https://www.mail-tester.com and use the notif@lc=-creation.nc mai address to see which results you get, post the results here if it's lower than 10/10.

 

[minnicoffee]

I would use 8.8.8.8 as secondary nameserver in /etc/resolv.conf so you have 2 different autonomous systems.
Did you restart named after making the changes?

Yes, of course ! It's done

First use this command as root and see the results.
nslookup outlook.com

Then visit https://www.mail-tester.com and use the notif@lc=-creation.nc mai address to see which results you get, post the results here if it's lower than 10/10.

The mail is not received on mail tester. I receive the emails but they don't go out.