Emails received but not sending

[indieben]

I have an issue whereby mail that I am attempting to send gets stuck in the mail queue but does not go anywhere.

I run DirectAdmin on a VPS and have an SMTP relay from my VPS provider (I presume like a lot of other people). Is there somewhere where the relay details need to be provided?

Many thanks.

 

[Richard G]

Yes if you don't use your own server/vps for mail, then you need to configure a smarthost.
So if your VPS provider gave you one, that can be used.

Sending outbound email through remote mail server | Directadmin Docs

DirectAdmin Knowledge Base

docs.directadmin.com

 

[indieben]

Yes if you don't use your own server/vps for mail, then you need to configure a smarthost.
So if your VPS provider gave you one, that can be used.

Sending outbound email through remote mail server | Directadmin Docs

DirectAdmin Knowledge Base

docs.directadmin.com

Thanks Richard for your response.

I definitely think i'm misunderstanding though. I do intend to use my VPS service's SMTP relay. Does this mean any further configuration is required in Direct Admin to achieve this, if not, i'm not sure why no Emails are sending and why they are simply sitting in the mail queue.

Thanks

 

[Richard G]

SMTP relay

There is a difference between relay and using your own vps for smtp traffic directly to any external mailserver.
Using your own VPS means your vps is sending mail out directly via port 25.

Using an SMTP relay, means sending out mail via another mail server, for example like an SMTP relay from your VPS provider or another mail service, to any other external mailserver. So that is indirect outgoing mail traffic.
This is often done when port 25 outgoing is closed. And then most likely port 587 or 465 is used for outgoing mail traffic, depending on the settings required for the smtp relay.

So in that case, you do need to configure that SMTP relay of your VPS provider via the smarthost configuration.

The reason your mail is now sitting in the queue, is that at this moment your vps thinks it can act as a mailserver itself. But most likely port 25 outgoing is closed. Because you talk about a mail relay.

 

[indieben]

Thanks Richard - sorry - I replied on the wrong thread!

The reason that i'm using the term "SMTP Relay" is because this is what my VPS provider uses per the following screenshots:

Upload and share screenshots and images - print screen online | Snipboard.io

Easy and free screenshot and image sharing - upload images online with print screen and paste, or drag and drop.

snipboard.io

Upload and share screenshots and images - print screen online | Snipboard.io

Easy and free screenshot and image sharing - upload images online with print screen and paste, or drag and drop.

snipboard.io

When I asked them if there was anything that I needed to do in order to make use of it, they told me that there wasn't. Of course, that doesn't mean that something in DirectAdmin might not need configuring - if so - I'm not sure what?

I read one of your replies from the year 2008 or so where you asked what the following logs churned up:

tail -10 /var/log/exim/mainlog

quite a few of these.....

2024-04-04 00:33:59 TLS error on connection from [45.9.250.10] (SSL_accept): error:0A000126:SSL routines::unexpected eof while reading


tail -10 /var/log/exim/rejectlog

same IP repeatedly...

root@myservername:/home/pawhost# 2024-04-03 23:24:03 H=(WIN-4TTI4DH7SGH) [193.222.96.191] F=<[email protected]> rejected RCPT <[email protected]>: R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1)2024-04-03 23:24:03 H=(WIN-4TTI4DH7SGH) [193.222.96.191] F=<[email protected]> rejected RCPT <[email protected]>: R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1)2024-04-03 23:24:03 H=(WIN-4TTI4DH7SGH) [193.222.96.191] F=<[email protected]> rejected RCPT <[email protected]>: R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1)^C

Thanks

 

[Richard G]

Of course, that doesn't mean that something in DirectAdmin might not need configuring - if so - I'm not sure what?

I will ask again. Do you have gotten a directadmin license or not? If not, you have to be with your server provider for support.

As for the screenshots, it clearly shows what I'm telling about mail relay is correct.
It also says you need to use: ns1.smtpout...... etc... you blanked that one out. So you have to set that one as your smarthost.
Unless they already configured Directadmin for you, and in that case, they should still help you fixing the problem that your mail isn't going out.

Also I read in the screenshot:
"Unblock ports required for My Generation 4 Server"

So if they say you can also use your own mailserver as smtp, then for sure port 25 must be unblocked.

Can't help you further with that, sorry.
As for my log from 2008, I don't understand what you want to ask me about that.

 

[indieben]

Hi Richard,

Thank you again for your time...

I will ask again. Do you have gotten a directadmin license or not? If not, you have to be with your server provider for support.

Yes, I do have a DirectAdmin license I am on the standard plan. I'm very sorry to have missed this out from my reply to you.

Unless they already configured Directadmin for you

Unfortunately, the VPS provider is not particularly helpful - it is however an unmanaged plan so their support remit is understandably limited anyway but even when i'm asking infrastructure related questions (and in the case of a billing issue with them having incorrectly charged me) (questions that are clearly within remit) they can take a week to two weeks to respond.

I have previously asked them for more information on their SMTP relay but they have told me that it just works and that there is nothing unusual at their end or any particular configuration (not taking into account DirectAdmin) that I need to undertake. The first line support on the rare occasion that chat support was working don't seem to be particularly technically knowledgable and rely heavily on their second line back office techs who are the ones that take a week to two weeks responding. I'm not in a position to change providers currently though. My bank balance says no!

So if they say you can also use your own mailserver as smtp, then for sure port 25 must be unblocked.

I'd presume that's the idea because they make the SMTP relay available. I presume it's secured by originating IP i.e. mail originating from the VPS IP address is accepted and anything else isn't. I presume that this is the extent of limitation there from their end, particularly given their vague response that it just works without any configuration required on my end. I took that to mean that there'd likely be some sort of configuration required on DirectAdmin though.

I've read on here that port 25 access being unblocked is not recommended - logic tells me that the ideal situation (whether technically possible or not is a different question) but that all requests to send Email need to be authenticated over Ports 465/587 but that the VPS passes on the mail over port 25 to the VPS provider for onward delivery. I'm not sure how to achieve that or if that's the default way of operating anyway?

As for my log from 2008, I don't understand what you want to ask me about that.

My intention there was to provide anything that might be useful in working out what the issue might be with mail originating on the VPS not being received by the intended recipient. It seems to me though that you are steadfastly of the position that this is because a smarthost hasn't been set up. I suspect you would have made a point in relation to those logs if you thought that there was anything out of the ordinary so i'll presume that those lines from the log are pretty normal?

I should point out I am getting some other errors every 5 minutes about resources being exceeded for me admin account (in the name of the default user that I set up when the VPS was created). I've talked about these more in a separate post, perhaps incorrectly assuming them to be separate issues - I'm a bit damned that I did and damned if I didn't there as I can't tell either way if the issues are connected but I didn't want to overly confuse the issue (although I might have inadvertently and I am truly sorry if I have). Here's the other post - https://forum.directadmin.com/threads/excessive-resource-usage.70435/

Yes if you don't use your own server/vps for mail, then you need to configure a smarthost.
So if your VPS provider gave you one, that can be used.

I don't understand what the difference is between using my own server/VPS for mail and using the SMTP Relay - From what I am starting to read, there is clearly a difference but I would have thought that, without the VPS provider providing the SMTP relay that they have, that there'd be no other way of Email leaving the VPS and arriving at it's destination.

In any event, If I am to configure a smarthost, it seems that some people argue against using terminal and argue that I should use the DirectAdmin interface, this article suggests terminal work (which I have no issue with) - is this an OK route to follow here: https://docs.directadmin.com/other-hosting-services/exim/smarthost.html

Many thanks

 

[Richard G]

I'd presume that's the idea because they make the SMTP relay available.

No that is what I was trying to explain to you. The difference between having your own smtp and an smtp relay.
So for using your own server als full mailserver, port 25 outgoing must be open. Since they only seem to allow an smtp relay, most likely port 25 is closed so you have to setup the smarthost.

I've read on here that port 25 access being unblocked is not recommended

I can't imagine that you have read that anywhere here on the forums. But the one writing this, is most certainly not using a mailserver then, because in that case port 25 access is even required.
Are you sure you're not mixing up the telnet port which is 23?
Unless they mean port 25 access for customers. They should indeed use 465 or 587, but the server itself requires port 25 to be open to be able to be fully used as mailserver. Because all traffic between mailservers is via port 25.

you are steadfastly of the position that this is because a smarthost hasn't been set up.

Exactly, because you require to use the smtp relay. So you have to tell Exim in Directadmin to make use of that mailrelay.
You can test it yourself, but then you have to login via SSH as root.
Then issue this command:
telnet mail.directadmin.com 25

And if you get a timeout on that, then port 25 is closed and so the mailrelay is required to be setup via the smarthost.

Be aware that 2008 is 16 years ago. I just started my company in 2008 so didn't have as much experience with DA and Exim as I have now.
While I'm no way a Linux or DA guru at this moment either, I'm way further with understanding mail systems and usage and some other things.

I don't understand what the difference is between using my own server/VPS for mail and using the SMTP Relay

I'm sorry about that then, but I made a very clear explanation about that difference in port #4.
It also says there are 2 ways for mail leaving the server/vps. Either by mailserver itself via port 25, or via smarthost via port 587 or 465. That's just how things work.

it seems that some people argue against using terminal and argue that I should use the DirectAdmin interface,

If possible. But there are loads of things which can not be configured via the Directadmin interface which makes the use of console necessary.
You do have to take very great care however what you're doing in that case.
Because the root users is the user with most permissions. If something goes wrong, it's wrong. There is no room for error. If you delete something then it's gone, there is no undelete or trashcan.
So often it's best to backup config files you're going to work on first.

is this an OK route to follow here

Yes otherwise I wouldn't have pointed to it in post #2. You best fill in your own smtp relay there so the changes are automatically adjusted for you.

However, if you rather want to use Directadmin and the mailserver "as is" (which most hosters do) then you can try the telnet command to see if port 25 is open and if not, ask your server provider if port 25 outgoing can be opened.
Or ofcourse another option is to ask a refund and use a server/vps provider who does have port 25 open for you.