I can receive emails but cant send

[orfe]

Hi,
I can receive emails but cant send them, emails return
my server domain is like panel.myhostdomain.org
email i am trying is like [email protected],btw i check them from roundcube and opened ports 25,53,80,110,443,587,993 and 995 as i host it in a computer in my network

email tracking shows like this.

Failed
[email protected]
root
lfd on panel.myhostdomain.org: Excessive resource usage: gdm (2318 (Parent PID:1784))
705 B
21.09.2023 16:00
Failed
[email protected]
Mail delivery failed: returning message to sender
1.94 KB
21.09.2023 16:00
Failed
[email protected]
root
lfd on panel.myhostdomain.org: Excessive resource usage: gdm (1859 (Parent PID:847))
705 B
21.09.2023 16:00
Failed
[email protected]
Mail delivery failed: returning message to sender
1.92 KB
21.09.2023 16:00
Failed
[email protected]
root
lfd on panel.myhostdomain.org: Excessive resource usage: gdm (1787 (Parent PID:847))
679 B
21.09.2023 16:00
Failed
[email protected]
Mail delivery failed: returning message to sender
1.92 KB
21.09.2023 16:00
Failed
[email protected]
root
lfd on panel.myhostdomain.org: Excessive resource usage: gdm (2305 (Parent PID:1784))
695 B
21.09.2023 16:00
Failed
[email protected]
Mail delivery failed: returning message to sender
1.9 KB
21.09.2023 16:00
Failed
[email protected]
root
lfd on panel.myhostdomain.org: Excessive resource usage: gdm (2407 (Parent PID:2407))
693 B
21.09.2023 16:00
Failed
[email protected]
Mail delivery failed: returning message to sender
1.92 KB
21.09.2023 16:00
Failed
[email protected]
root
lfd on panel.myhostdomain.org: Excessive resource usage: gdm (1755 (Parent PID:847))
677 B
21.09.2023 16:00
Failed
[email protected]
Mail delivery failed: returning message to sender

 

[Richard G]

These are all mail from root. Root is on the non delivery mail. So if you want to get these mails you can do either one of two things.

1.) Edit the /etc/aliases file and on the last line you might see something like:

# Person who should get root's mail
#root: marc

or that is not there, depending on your OS.
Just add this line in there:
root: [email protected]
were [email protected] is ofcourse the email address you want to receive the servers mails at.
Restart exim after changing this file:
service exim restart

2.) In the /root directory, create a file called .forward (mind the dot) and put your email address in there.

 

[orfe]

These are all mail from root. Root is on the non delivery mail. So if you want to get these mails you can do either one of two things.

1.) Edit the /etc/aliases file and on the last line you might see something like:

or that is not there, depending on your OS.
Just add this line in there:
root: [email protected]
were [email protected] is ofcourse the email address you want to receive the servers mails at.
Restart exim after changing this file:
service exim restart

2.) In the /root directory, create a file called .forward (mind the dot) and put your email address in there.

Thanks for the quick reply but isnt there an another fix for this, whenever i add an email or another user do i have to edit that file everytime?

 

[Richard G]

do i have to edit that file everytime?

No this is only for root. You don't have to change things for any other user.

But you only showed me examples of root mails not being send, which is why I gave you this default solution for that issue.

If you encounter issues sending mail from other accounts, check your /var/log/exim/mainlog and post errors you encounter here then we can see what could be the cause.

 

[orfe]

No this is only for root. You don't have to change things for any other user.

But you only showed me examples of root mails not being send, which is why I gave you this default solution for that issue.

If you encounter issues sending mail from other accounts, check your /var/log/exim/mainlog and post errors you encounter here then we can see what could be the cause.

well the mail i am having problem with is not under root account,

Here is some of exim mainlog

maindomain = serverdomain
anotherdomain.space = another domain in different user which gives errors


2023-09-22 01:48:48 1qjSTY-0001PU-2W <= [email protected] U=root P=local S=688 T="lfd on panel.maindomain.org: Excessive resource usage: gdm (4344 (Parent PID:2067))" from <[email protected]> for root
2023-09-22 01:48:48 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1qjSTY-0001PU-2W
2023-09-22 01:48:48 1qjSTY-0001Pb-2Y <= <> R=1qjSTY-0001PK-2R U=mail P=local S=1965 T="Mail delivery failed: returning message to sender" from <> for [email protected]
2023-09-22 01:48:48 1qjSTY-0001PU-2W ** [email protected] F=<[email protected]> R=virtual_aliases:
2023-09-22 01:48:48 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1qjSTY-0001Pb-2Y
2023-09-22 01:48:48 1qjSTY-0001PK-2R Completed
2023-09-22 01:48:48 cwd=/var/spool/exim 7 args: /usr/sbin/exim -t -oem -oi -f <> -E1qjSTY-0001PU-2W
2023-09-22 01:48:48 1qjSTY-0001Pb-2Y ** [email protected] F=<> R=virtual_aliases:
2023-09-22 01:48:48 1qjSTY-0001Pb-2Y Frozen (delivery error message)
2023-09-22 01:48:48 1qjSTY-0001Ph-2c <= <> R=1qjSTY-0001PU-2W U=mail P=local S=1944 T="Mail delivery failed: returning message to sender" from <> for [email protected]
2023-09-22 01:48:48 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1qjSTY-0001Ph-2c
2023-09-22 01:48:48 1qjSTY-0001PU-2W Completed
2023-09-22 01:48:48 1qjSTY-0001Ph-2c ** [email protected] F=<> R=virtual_aliases:
2023-09-22 01:48:48 1qjSTY-0001Ph-2c Frozen (delivery error message)
2023-09-22 01:55:44 1qjSaG-0001VD-2n <= [email protected] H=localhost (panel.maindomain.org) [127.0.0.1] P=esmtpa A=login:[email protected] S=603 id=[email protected] T="uuuuuuuuuuu" from <[email protected]> for [email protected]
2023-09-22 01:55:44 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1qjSaG-0001VD-2n
2023-09-22 01:55:45 1qjSaG-0001VD-2n ** [email protected] F=<[email protected]> R=lookuphost T=remote_smtp: all hosts for 'gmail.com' have been failing for a long time (and retry time not reached)
2023-09-22 01:55:45 cwd=/var/spool/exim 7 args: /usr/sbin/exim -t -oem -oi -f <> -E1qjSaG-0001VD-2n
2023-09-22 01:55:45 1qjSaH-0001VJ-28 <= <> R=1qjSaG-0001VD-2n U=mail P=local S=1967 T="Mail delivery failed: returning message to sender" from <> for [email protected]
2023-09-22 01:55:45 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1qjSaH-0001VJ-28
2023-09-22 01:55:45 1qjSaG-0001VD-2n Completed
2023-09-22 01:55:45 1qjSaH-0001VJ-28 => anotherdomain <[email protected]> F=<> R=virtual_user T=dovecot_lmtp_udp S=2130 C="250 2.0.0 <[email protected]> 1FlOKfHJDGX1AwAAjAMgAw Saved"
2023-09-22 01:55:45 1qjSaH-0001VJ-28 Completed

Can receive mails from [email protected] to [email protected] but cant send to [email protected] from [email protected]

 

[Richard G]

The only line I can do something with is the one where anotherdomain.space (I presume that is a domain on your server) is trying to send a mail to gmail which fails. But I don't see any reason as to why.

Is port 25 outgoing also open and does your ISP not block port 25 for outgoing traffic?

Try this command:
telnet mail.directadmin.com 25
you should get an answer like this:

[root@server23: ~]# telnet mail.directadmin.com 25
Trying 167.172.23.237...
Connected to mail.directadmin.com.
Escape character is '^]'.
220 do.directadmin.com ESMTP Exim 4.96-58-g4e9ed49f8 Thu, 21 Sep 2023 17:07:05 -0600

If you get a timeout, then port 25 is blocked.

 

[Richard G]

Additionally, is port 25 is not closed, you need an rDNS/PTR record for your hostname, most likely most ISP's will not provide you with that. This is the downside of using mailserver at home, you might need a smarthost setting to be able to send mail.
Also, especially for sending mail to Gmail, you need at least a valid SPF record and if possible also DKIM.

 

[orfe]

The only line I can do something with is the one where anotherdomain.space (I presume that is a domain on your server) is trying to send a mail to gmail which fails. But I don't see any reason as to why.

Is port 25 outgoing also open and does your ISP not block port 25 for outgoing traffic?

Try this command:
telnet mail.directadmin.com 25
you should get an answer like this:

[root@server23: ~]# telnet mail.directadmin.com 25
Trying 167.172.23.237...
Connected to mail.directadmin.com.
Escape character is '^]'.
220 do.directadmin.com ESMTP Exim 4.96-58-g4e9ed49f8 Thu, 21 Sep 2023 17:07:05 -0600

If you get a timeout, then port 25 is blocked.

when i do it it says connection refused i guess it is blocked by my isp, i can talk to my isp but maybe changing port from 25 to something like 26 will take shorter because the tech guys answering phones dont know much there. I will investigate these rDNS/PTR and SPF records further for this. Thanks

 

[Richard G]

changing port from 25 to something like 26 will take shorter

No that won't work. Mailservers communicate on port 25. So if your ISP indeed closed port 25 you have the choice to either move to a cheap VPS or use the smarthost option.

Sending outbound email through remote mail server | Directadmin Docs

DirectAdmin Knowledge Base

docs.directadmin.com

 

[orfe]

Additionally, is port 25 is not closed, you need an rDNS/PTR record for your hostname, most likely most ISP's will not provide you with that. This is the downside of using mailserver at home, you might need a smarthost setting to be able to send mail.
Also, especially for sending mail to Gmail, you need at least a valid SPF record and if possible also DKIM.

I can talk to my isp to open port 25 but i am not sure they can handle rdns/ptr is there any other way to add these records other than isp?

 

[sparek]

What's the relationship between "your ISP" and "the server you have DirectAdmin installed on?"

Are you able to perform DNS lookups on "the server you have DirectAdmin installed on?"

dig gmail.com MX

or

host -t MX gmail.com

 

[orfe]

ok i will ask for my isp to create for a ptr record now, so if i want them create ptr record for my directadmin hpst will it work for all domains under my server? and if yes, what should i tell them to create my server's hostname is something like panel.mydomain.com. Should i give them this for my ip or something like mail.panel.mydomain.com ?

Btw my port 25 is open i guess but no ptr record i checked it from mxtoolbox.com and it gave me these results;

	SMTP Reverse DNS Resolution	Reverse DNS Resolution - No PTR Record found	More Info
	SMTP TLS	OK - Supports TLS.
	SMTP Connection Time	0.561 seconds - Good on Connection time
	SMTP Open Relay	OK - Not an open relay.
	SMTP Transaction Time	1.869 seconds - Good on Transaction Time

 

[sparek]

Reverse DNS is not your problem.

I mean... it may be a problem when it comes to actual deliverability. But no reverse DNS does not generate a all hosts for 'gmail.com' have been failing for a long time (and retry time not reached) error.

This is either a DNS issue - meaning you can't resolve hostnames into an IP address from your DirectAdmin server.

Or your DirectAdmin server is not allowing outbound connections on port 25.

 

[orfe]

btw after talking to my isp, when i try to telnet mydomain i started to get 220 exim message now but mails still doesnt go

 

[Richard G]

I gave you the telnet command to mail.directadmin.com and as long as that isn't working, your port 25 -outgoing- is not open.
Incoming might be open, but you need outgoing open to be able to deliver mail.

PTR/rDNS is not ure issue but would be a good thing when you were able to send mail. However, the beginning is to start sending mail, which is why I mentioned that too.
Sending mail will not be the case anyway with a closed port 25.

So try that telnet command again. Still no connection? Then you don't have to think about other causes of your mail not being send, then your port 25 outgoing is still closed, it's that simple.

 

[orfe]

I gave you the telnet command to mail.directadmin.com and as long as that isn't working, your port 25 -outgoing- is not open.
Incoming might be open, but you need outgoing open to be able to deliver mail.

PTR/rDNS is not ure issue but would be a good thing when you were able to send mail. However, the beginning is to start sending mail, which is why I mentioned that too.
Sending mail will not be the case anyway with a closed port 25.

So try that telnet command again. Still no connection? Then you don't have to think about other causes of your mail not being send, then your port 25 outgoing is still closed, it's that simple.

Thanks Richard, i will try to open it then when i telnet mail.directadmin.com it instantly says connection refused

 

[Richard G]

it instantly says connection refused

Yes I was afraid of that. And if your ISP won't open that port, then you require the use of a smarthost like I said.
So I hope your ISP will be so friendly to open port 25 outgoing for you, then we can start making things right and mails will start to go outside.

 

[orfe]

Yes I was afraid of that. And if your ISP won't open that port, then you require the use of a smarthost like I said.
So I hope your ISP will be so friendly to open port 25 outgoing for you, then we can start making things right and mails will start to go outside.

Hi Richard, i wanted to try port 587 for this mail thing, when i telnet from my computer like "telnet mail.directadmin.com 587" it connects with 220 ... but when i use the same command inside my server it gets connection refused error. My server is at the same network with my computer inside my lan and at my router 587 ports is forwarded to this server's local ip. Why might it be happenning? i checked with netstat -tuln command at server command line and it shows 0.0.0.0:587 listen

 

[Richard G]

Hi Richard, i wanted to try port 587 for this mail thing

That won't work. As I said, mailservers between them communicate over port 25, not over any other port.
Port 587 is an SMTP port which is used for clients to communicate to mailservers.

Simply explained it's like this:
Client sends an email so sends to mailserver (MTA) -> Port 25, 587, 465.
MTA sends the mail to receiving MTA -> port 25
Receiving client picks up the mail from the receiving MTA -> port 110, 143, 993, 995

So as you can see, for an MTA to work, port 25 outgoing is a basic requirement. Without that it's basically end of story.

A smarthost is working like a client, this is something you could use as I explained.
In that case, your MTA acts like a client and sends your outgoing mail for example via port 587 to an external MTA, and then the process goes on from there.
Sometimes the smtp from the ISP can be used for this too. But you have to configure your server as smarthost then.