mail is going from server ns2 ip. NS1 does not go from main ip.

A

agasar

Verified User
Joined
May 16, 2021
Messages
71
This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its

recipients. This is a permanent error. The following address(es) failed:

[email protected]

host marpol-com-tr.mail.protection.outlook.com [104.47.18.74]

SMTP error from remote mail server after RCPT TO:<[email protected]>:

550 5.7.606 Access denied, banned sending IP [116.202.xxxxx]. To request removal from this list please visit https://sender.office.com/ and follow the directions. For more information please go to http://go.microsoft.com/fwlink/?LinkID=526655 AS(1430)

Reporting-MTA: dns; server.xxxx.org



Action: failed

Final-Recipient: rfc822;[email protected]

Status: 5.0.0

Remote-MTA: dns; marpol-com-tr.mail.protection.outlook.com

Diagnostic-Code: smtp; 550 5.7.606 Access denied, banned sending IP [116.202.1xxxxx]. To request removal from this list please visit https://sender.office.com/ and follow the directions. For more information please go to http://go.microsoft.com/fwlink/?LinkID=526655 AS(1430)

Gönderen [email protected]

Alıcı 'Marpol Muhasebe'



s1 server main ip 1111111

ns2 server ip 12212121



Outgoing mails go with additional ip 111111 on ns2 server. Why does the mailer server use the additional ip? Why is the main ip address not using the ns1 ip? Why is it switching to additional ns2 ip.


The license ip address I bought for softaculous is ns1 main server ip. It is not using the main server ip. It goes and reads the license over the ns2 server ip and gives an error.


The server sends mail via ns2 additional ip, but the ns1 ip is set on the server for mail output and all transactions. Where can I cancel the ip outputs sent from ns2?


Let the server use the ns1 ip for all transactions, mail output and all transactions
 

mxroute,​

I tried what you said, but the server when sending the mail output.
Server Main ip si ns1:xxxxxxx must be mail outputs over this ip.
But I am getting mails from the server over the ns2.xxxxxx ip. This is the wrong reason why mails are outputting over the ns2.xxxx ip.

My server's main ip should be ns1.xxxxxxx.
ns2.xxxxx outputs all mails over this ip. This is wrong, I didn't make any settings for mail output via backup ip.

why the server exit mails are exiting over the ns2.xxxxx ip.
What should I do to get it to go over the ns1.xxxx ip.

Does anyone have an idea?



 
If you specifically put Exim via the config a specific interface like in the first link of mxroute then normally DA can not send anymore via your second ip.
Just to be sure, your second ip is 116.202.xxx.xxx is that correct?

Check your /etc/hosts file if the ip's are there in the correct order and indeed your ns1 ip is your main Directadmin ip.

Also, I don't know if this is a fresh setup, but maybe there is a hack with a hidden mailserver?
Try with this command as root:
lsof -i:25
If you see Exim it should be fine, if you see something else, post here so we can see if that is legit.
 
Just to be sure, your second ip is 116.202.xxx.xxx is that correct?

Yeah. This thread you are talking about is the second thread.
ns2.116.202.xxx.xxx

/etc/hosts

The file is as below. server main ip ns1 ip is seen. ns1.78.47.xxx.xxx this ip is seen server main ip si.

This ip with ns2.116.202.xxx.xxx is not attached here.

# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
127.0.0.1 localhost4.localdomain4 localhost4

::1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6

78.47.xxx.xxx server.xxxxxx.org server
Click to expand...

lsof -i:25
Click to expand...
I ran the command as follows.

[root@server ~]# lsof -i:25
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
exim 2612296 mail 7u IPv6 57471753 0t0 TCP *:smtp (LISTEN)
exim 2612296 mail 8u IPv4 57471754 0t0 TCP *:smtp (LISTEN)
[root@server ~]#
Click to expand...
 
So now I'm confused. What did you change? Because you say that your mail is not send from the primary ip.
I asked if 116.202 is your primare ip, then you say yeah, but the answer should have been no, as the 78.47.xx.xx is your primary ip if I'm seeing that correctly.

The lsof command is looking fine, at least no suspicious mta on port 25.

Still I wonder why it's sending from the 116 ip then, because @mxroute knows what he's talking about concerning email and MTA. It shouldn't be possible to send mail via the 2nd ip if you followed his advise.

However I don't think we will get any further without a host and domainname and complete ip's.

Maybe it's best for you to send in a ticket.
 
mxroute said:
You may want to check for /etc/virtual/domainips and /etc/virtual/helo_data as described here: https://www.directadmin.com/features.php?id=1692
Click to expand...
They did not exist, and do not have to be present when only 1 ip is used.
However, probably by accident the second ip starting with 116 was assigned to the user with the domains from the nameserver.

I got login credentials from @agasar and changed that user to the main ip and freed the second ip, but Exim still kept sending mail with the 2nd ip.

So after that I used this solution to create the domainips. For some reason the helo_data stays empty, but server is not at least sending the mail from the correct ip as it shows from test. So it's fixed now.

Still odd, because apache and all other things know that the 78 is the main server ip. So I don't know why Exim did not change back to the main server ip after freeing the 2nd ip. Maybe you have a clue about that @mxroute ?
 
Richard G, thank you very much. You solved the problem that we couldn't solve for days.

Thank you very much.
 
You must log in or register to reply here.
Back
Top