Cant send email to some addresses- but gmail and mail-tester.com work. How?

toml

Verified User
Joined
Oct 3, 2003
Messages
1,190
Location
Scottsdale, AZ
The exim logs are located in /var/log/exim/ at least on Red Hat systems, not sure where they might be on other variants.
 

borgqueenx

Verified User
Joined
Sep 2, 2019
Messages
19
The exim logs are located in /var/log/exim/ at least on Red Hat systems, not sure where they might be on other variants.
Mail to outlook is okay, but to my other domain where mx records are pointing to zoho mail, are immediately denied/returned/not send.

Code:
2019-09-03 10:28:02 H=(104.244.72.16) [185.234.219.66] rejected EHLO or HELO 104.244.72.16: HELO is an IP address (See RFC2821 4.1.3)
2019-09-03 10:29:42 H=(104.244.72.16) [185.234.219.171] rejected EHLO or HELO 104.244.72.16: HELO is an IP address (See RFC2821 4.1.3)
2019-09-03 10:30:33 1i5CdV-000155-J6 <= mpg@mavicpowergrip.com H=(my.frantech.ca) [127.0.0.1] P=esmtpa A=login:mpg S=627 id=3d49216c3f2e06df9fc5777f9cefa805@mavicpowergrip.com T="testing arriving of mail" from <mpg@mavicpowergrip.com> for borgqueenx@outlook.com
2019-09-03 10:30:33 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1i5CdV-000155-J6
2019-09-03 10:30:36 1i5CdV-000155-J6 => borgqueenx@outlook.com F=<mpg@mavicpowergrip.com> R=lookuphost T=remote_smtp S=1515 H=outlook-com.olc.protection.outlook.com [104.47.2.33] X=TLSv1.2:ECDHE-RSA-AES256-SHA384:256 CV=yes C="250 2.6.0 <3d49216c3f2e06df9fc5777f9cefa805@mavicpowergrip.com> [InternalId=57007100978125, Hostname=DB5EUR01HT133.eop-EUR01.prod.protection.outlook.com] 8894 bytes in 0.263, 32.937 KB/sec Queued mail for delivery -> 250 2.1.5"
2019-09-03 10:30:36 1i5CdV-000155-J6 Completed
2019-09-03 10:34:49 1i5Chd-0001AS-CI <= mpg@mavicpowergrip.com H=(my.frantech.ca) [127.0.0.1] P=esmtpa A=login:mpg S=626 id=3d425b006b7a2c7d9c094fb14f9733e6@mavicpowergrip.com T="testing 1234" from <mpg@mavicpowergrip.com> for konijntje@cupcakethunder.eu
2019-09-03 10:34:49 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1i5Chd-0001AS-CI
2019-09-03 10:34:49 1i5Chd-0001AS-CI ** konijntje@cupcakethunder.eu F=<mpg@mavicpowergrip.com> R=virtual_aliases: 
2019-09-03 10:34:49 cwd=/var/spool/exim 7 args: /usr/sbin/exim -t -oem -oi -f <> -E1i5Chd-0001AS-CI
2019-09-03 10:34:49 1i5Chd-0001AY-GT <= <> R=1i5Chd-0001AS-CI U=mail P=local S=1843 T="Mail delivery failed: returning message to sender" from <> for mpg@mavicpowergrip.com
2019-09-03 10:34:49 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1i5Chd-0001AY-GT
2019-09-03 10:34:49 1i5Chd-0001AS-CI Completed
2019-09-03 10:34:49 1i5Chd-0001AY-GT => mpg <mpg@mavicpowergrip.com> F=<> R=localuser T=local_delivery S=1942
2019-09-03 10:34:49 1i5Chd-0001AY-GT Completed
2019-09-03 10:35:19 H=(104.244.72.16) [185.234.219.66] rejected EHLO or HELO 104.244.72.16: HELO is an IP address (See RFC2821 4.1.3)
 

borgqueenx

Verified User
Joined
Sep 2, 2019
Messages
19
some more information, as this forum has post editting disabled....

Code:
2019-09-03 10:35:19 H=(104.244.72.16) [185.234.219.66] rejected EHLO or HELO 104.244.72.16: HELO is an IP address (See RFC2821 4.1.3)
2019-09-03 10:37:21 cwd=/etc/csf 4 args: /usr/sbin/sendmail -f root -t
2019-09-03 10:37:21 1i5Ck5-0001E5-L7 <= root@my.frantech.ca U=root P=local S=603 T="lfd on my.frantech.ca: SSH login alert for user root from 134.19.179.179 (NL/Netherlands/179.179.19." from <root@my.frantech.ca> for root
2019-09-03 10:37:21 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1i5Ck5-0001E5-L7
2019-09-03 10:37:21 1i5Ck5-0001E5-L7 User 0 set for local_delivery transport is on the never_users list
2019-09-03 10:37:21 1i5Ck5-0001E5-L7 == root@my.frantech.ca R=localuser T=local_delivery defer (-29): User 0 set for local_delivery transport is on the never_users list
2019-09-03 10:37:40 H=(104.244.72.16) [185.234.219.171] rejected EHLO or HELO 104.244.72.16: HELO is an IP address (See RFC2821 4.1.3)
2019-09-03 10:38:06 cwd=/etc/csf 4 args: /usr/sbin/sendmail -f root -t
2019-09-03 10:38:06 1i5Cko-0001FW-M8 <= root@my.frantech.ca U=root P=local S=603 T="lfd on my.frantech.ca: SSH login alert for user root from 134.19.179.179 (NL/Netherlands/179.179.19." from <root@my.frantech.ca> for root
2019-09-03 10:38:06 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1i5Cko-0001FW-M8
2019-09-03 10:38:06 1i5Cko-0001FW-M8 User 0 set for local_delivery transport is on the never_users list
2019-09-03 10:38:06 1i5Cko-0001FW-M8 == root@my.frantech.ca R=localuser T=local_delivery defer (-29): User 0 set for local_delivery transport is on the never_users list
thats the end of the file/log.
 

Remitur

Verified User
Joined
May 11, 2018
Messages
43
It seems that your server is badly configured (HELO with IP number instead than a hostname...)
 

toml

Verified User
Joined
Oct 3, 2003
Messages
1,190
Location
Scottsdale, AZ
I see two issues. The first one appears to be a configureation issue, it can't find konijntje@cupcakethunder.eu . What do you see when you issue the command:
grep konijntje /etc/virtual/cupcakethunder.eu/passwd /etc/virtual/cupcakethunder.eu/aliases
If nothing is returned with that command, then the user konijntje doesn't exist for the domain cupcakethunder.eu which would explain the bounce. If it is located in /etc/virtual/cupcakethunder.eu/aliases, then the alias needs to be investigated to make sure it exists.


The other issue I see is that that you have some processes that are attempting to send an email to root. Since root is in the never_users, you may want to add something to your /etc/aliases file
to have root email re-directed to another non-root address. For example it could add a line similar to:
root: someuser@somedonain
where someuser@somedonain is replaced with a valid email address.
 

borgqueenx

Verified User
Joined
Sep 2, 2019
Messages
19
I see two issues. The first one appears to be a configureation issue, it can't find konijntje@cupcakethunder.eu . What do you see when you issue the command:
grep konijntje /etc/virtual/cupcakethunder.eu/passwd /etc/virtual/cupcakethunder.eu/aliases
If nothing is returned with that command, then the user konijntje doesn't exist for the domain cupcakethunder.eu which would explain the bounce. If it is located in /etc/virtual/cupcakethunder.eu/aliases, then the alias needs to be investigated to make sure it exists.


The other issue I see is that that you have some processes that are attempting to send an email to root. Since root is in the never_users, you may want to add something to your /etc/aliases file
to have root email re-directed to another non-root address. For example it could add a line similar to:
root: someuser@somedonain
where someuser@somedonain is replaced with a valid email address.
Konijntje is not a user. it is a email address at zoho.com.
Although the domain and main user of the website cupcakethunder.eu is hosted on the same server as im sending the mail from. (but sending the mail from a other user and domain) (maybe that is the issue?)

I use MX records at cloudflare, which allows me to have any email address that i can make at zoho. (try sending it a email yourself, you'l notice it will send normally)

Thanks for the tip about the secondary issue. I think i will leave it like this, since i remember from my last host, the root emails keep being send by the hunderds per few minutes. Rather not have them.
 

ikkeben

Verified User
Joined
May 22, 2014
Messages
701
Location
Netherlands Germany
This mailaccount /domain on that box?
https://en.internet.nl/mail/mavicpowergrip.com/256228/

or https://en.internet.nl/mail/cupcakethunder.eu/

try some testing with testers you can find online as above.

OYEA better use zoho.eu better results for now this moment zoho.com uhum i don't understand maybe working...


https://en.internet.nl/mail/zoho.eu/256238/



https://en.internet.nl/mail/zoho.com/256231/ has
STARTTLS available close
Verdict:

Test error. Please try again later.

We use if external mailprovider https://en.internet.nl/mail/protonmail.com/256237/
and https://en.internet.nl/mail/protonmail.ch/256240/ more serious then most of the others. mailbox.org is also ok.

go.gle. , micros..ft pfffffff yea if you don't like to have privacy, and much more ... with those emailproviders
 
Last edited:

borgqueenx

Verified User
Joined
Sep 2, 2019
Messages
19
This mailaccount /domain on that box?
https://en.internet.nl/mail/mavicpowergrip.com/256228/

or https://en.internet.nl/mail/cupcakethunder.eu/

try some testing with testers you can find online as above.
Weird that the site reports bad dkim etc, since i get good dkim results now, at least for mavicpowergrip.com mails as origin.

The mavicpowergrip mail box is indeed on the vps box, while the cupcakethunder mail is located on zoho. But the domain is hosted on the same box.
 

ikkeben

Verified User
Joined
May 22, 2014
Messages
701
Location
Netherlands Germany
See above my edited. while zoho.com has problems now , zoho.eu also not so good as it has to be.

DKIM is in DNS and takes some time TTL for being everywhere after changes! ;) could be cause..

BUT for live tests you can do also https://mecsa.jrc.ec.europa.eu/



95% is ok https://en.internet.nl/mail/websiteindeling.nl/256241/ while for the moment no dane at our dns service provider, is only testboxje


100% for web https://en.internet.nl/site/aivd.nl/591151/ i guess no testbox :p

Please klick also at the internet.nl site on results and why what is wrong while no mx 10 record for the mavicpowergrip ipv4 and ipv6, is the hostname also main mailserver and is this my.frantech.ca while h=my.frantech.ca

so look also for hostname , helo name and so on if using hostname as mailserver then that in mx 10 record.

Can't help with cloudflare sorry , don't like them , even if they do maybe a good job for some.

Aks their support while with DA i think they know where to look.
 
Last edited:

toml

Verified User
Joined
Oct 3, 2003
Messages
1,190
Location
Scottsdale, AZ
Konijntje is not a user. it is a email address at zoho.com.
Although the domain and main user of the website cupcakethunder.eu is hosted on the same server as im sending the mail from. (but sending the mail from a other user and domain) (maybe that is the issue?)
.
I was only commenting on what your email system thinks. I think you may have a misconfigured system if konijntje@cupcakethunder.eu isn't supposed to deliver locally but the domain exists there. Directadmin has a setting when configuring domains to tell it NOT to use the server for the domain's email. It will then use the MX record to deliver email instead of searching for it locally. Look for the link that says "MX Records" for that domain, then uncheck the box next to where it says "Use this server to handle my emails. If not, change the MX record and uncheck this option".
 
Top