EXIM - hostname required now for sending to gmail

SupermanInNY

Verified User
Joined
Sep 28, 2004
Messages
419
Hello all,

Something in gmail changed.

Until few days ago,. all my clients used

mail.theirdomain.com

for their SMTP and POP3 servernames which would resolve to the same IP (same A Record values).
Now,. looks like gmail tightened the restrictions, and seems like if you don't put the hostname (whatever replies in your telnet yourservername.com 25)
in your SMTP hostname of gmail, then you can't authenticate the email account.

Has anyone encoutered this issue?

It forced me to have an SSL (letsEncrypt) for the hostname:


While this by itself was a small hassle and not an issue, the big problem my clients are having is that they all must now change their
login info their gmail/outlook setups from : mail.theirdomain.com to server.myhostingservername.com (I like appending the word server as the hostname).


Is there any other option on how to resolve this issue that you know that would not require all clients to start changing their values?
 
Your cliens to not need to have a hostname, they can just keep using mail.theirdomain.com to send mail they don't need to change things.

LoL, that would make a big issue for big ISP's where all clients use like smtp.ziggo.nl instead of as13.hst.1.mail.ziggo.com that would be a ball. ;)
So no, something else is wrong.

Your server ip resolves to your hostname. The hostname in Exim has nothting to do with using SSL on your hostname.

Do you have an A record for your hostname? If not, you need it.
Do you have correct rDNS/PTR setup for your ip? It's required or you will encounter issues.
Are you using ipv6? If yes, you also have to setup a correct rDNS/PTR record for your hostname ipv6 ip.

Send mail to mail-tester.com if you don't get a 10/10 then you still have issues to solve.
 
Do you have an A record for your hostname? If not, you need it. Have !
Do you have correct rDNS/PTR setup for your ip? It's required or you will encounter issues. Have !
Are you using ipv6? If yes, you also have to setup a correct rDNS/PTR record for your hostname ipv6 ip. Not using !
My client sent me this image:

badEmail.jpg.jpg


See the response on the bottom.
 
TLS negotiation failed and "send mail as" might be causing some issues.

Looks like your customer is using a TLS connection to your server. Did you also have Letsencrypt installed for mail?
Have a look at this too:

Also does your customer have installed ssl for pop/mail (or is he using a wildcard certificate)?

You didn't answer the last question about mail-tester.com which you can test yourself by sending a mail from your own domain of the server.
 
Aparently, I was not aware of the mail_sni feature. Thank you very much for enlightening with this.
After I've ran the entire walkthrough of the mail_sni, do I need to trigger or manually or otherwise do anything with the existing domains that already have certificates? do I need to re-run the letsEncrypt request per each domain? (can it be automated for existing domains?)

Thanks,

-Sup
 
TASK QUEUE
If you want to tell all live SSL domains to have their dovecot configs written, type;
echo "action=rewrite&value=mail_sni" >> /usr/local/directadmin/data/task.queue
or
echo "action=rewrite&value=mail_sni&domain=domain.com" >> /usr/local/directadmin/data/task.queue
this will recreate the sni/domain.com.conf for each SSL domain, plus one for the system hostname.
 
Last edited:
Do you have an A record for your hostname? If not, you need it. Have !
Do you have correct rDNS/PTR setup for your ip? It's required or you will encounter issues. Have !
Are you using ipv6? If yes, you also have to setup a correct rDNS/PTR record for your hostname ipv6 ip. Not using !
My client sent me this image:

View attachment 3183


See the response on the bottom.


Hi all. I get this very same problem. However, I'm not really a mail/computer specialist, and reading this forum topic is mostly Chinese for me.
I use gmail webmail, and have e-mail addresses added which I use from gmail for both receiving and sending. Since a week I often get that same "Message not delivered" mail delivery subsystem, and the mail is not sent. Something it does work though, but just not all the time. I didn't change anything myself, it happened out of nothing.
So, how to solve this? Please while explaine, keep in mind to use simple language which somebody with no knowledge about this kind of stuff ;). I do have some brains though ;)

My webmail is via directadmin, that's the host, right?

Thanks a lot for helping :)
 
and reading this forum topic is mostly Chinese for me.
It's basic admin knowledge, so unless your using DA for hobby purposes, you should start learning about these things.
If you're not an admin, then I don't wonder why you don't understand, and you have to ask your host for support as this is a forum for DA admins, not for customers in fact. ;)

Directadmin is not the host.
Webmail -> The software used to login to your mailboxes online
Directadmin -> The control panel used (a GUI) for configuring your hosting package (like setting up mail and ftp accounts, create database etc.).
Host: The company selling webspace to you and providing access for you to the Dierctadmin panel.

You have to follow the steps mentioned above. If you're not an admin, please ask your host (where you got your webspace), I can't make a more simple explanation about how to do this.
 
ok, clear, I guess contact my provider. Not for hobby at all... for my company website... got thise DA inlog codes, no idea why, thought this was the hosting flatform or something. I think it's for webmail, whatever, will figure it out via host I guess.
Thanks for replying anyway :)
 
If you got login codes it's probably indeed for the hosting platform, we call this the Directadmin control panel.
You login something like: http://yourdomain.com:2222 if all is well. You could maybe fix your issue there, provided you also have DNS access via the platform or access to the MX page.
So if you have the DA login codes, you can login there and then check if you have a page for MX settings. However, still... I want to help you with this if you can access the MX page, but giving support to customers is in fact your webhosts task. ;)
 
A customer of ours recently reported the same thing, and we do use SNI for dovecot using LE certs just fine. This lends weight to the notion that Gmail may be having trouble interacting with hostnames using SNI for POP3 retrieval or outgoing smtp with the "send as" feature.
 
It slightly remember something with "send as", I don't remember anymore. Never have that difficulty anymore, I presume you're using the latest exim.conf and exim.pl available and also score a 10/10 with mail-tester.com?
Anyway, it's hard to say what it causing this. You really have to dig in to logfiles to see what's going on.

Oh wait... I remember, you can disable that on your mailserver:
but as said, this is not needed anymore if you're running the latest exim.conf and exim.pl which has this build in automatically.
 
Back
Top