Problem with mail and MX records

S

simisimis

Verified User
Joined
Mar 26, 2012
Messages
31
Location
Amsterdam
Hello I have been trying to find out an answer for almost a week now. There is something I am missing in understanding this directadmin and I thought that maybe you people can help me.

The problem is that I recently noticed that my DA server is only capable of sending emails, but not receiving. I started to dive into this and this is problems so far I am facing:

1. when I try to change user domain mx record it does not get updated.
2. while sending email and checking /var/log/exim/mainlog I see an error:
2012-10-02 14:09:02 H=sending.mail.srv [10.0.0.1] F=<[email protected]> rejected RCPT <[email protected]>: authentication required
2012-10-02 14:09:02 H=sending.mail.srv [10.0.0.1] incomplete transaction (QUIT) from <[email protected]>


now some details.
I have a server with four subdomains.
sub1.university.edu
sub2.university.edu
sub3.
sub4.

I created a reseller per subdomain and assigned separate IP to it.
whenever I create a user for sub1, it gets a domain user.sub1.university.edu domain.
on the IP reseller owns.
all the custom scripts were written before me, I just replaced the guy who created this server so I am still in process of understanding DA mechanics, bind and exim with dovecot.

now zone file of user.sub1.university.edu.db gets created under /var/named dir and it sets SOA to ns1.university.edu
but when I try to:
Code: 
# dig user.sub1.university.edu mx

I get

Code: 
;; QUESTION SECTION:
empty MX record

;; AUTHORITY SECTION:
sub1.university.edu 14400	IN	SOA ns1.university.edu ....
so university NS servers are telling me that SOA of a site I am requesting is sub1.university.edu
and user.sub2.university.edu SOA is sub2.university.edu etc.

so since sub1.university.edu just like sub2 sub3 and sub4 are domains which my DA server has authority to control, change or create user domains, mx, cnames.
I guess I should create name servers of my own for this. Is it right?

do I need to create ns on my DA and edit my users zone files to use it?
currently my DA server has no ns servers created. it is just using ns1&ns2.university.edu
and its users zone files as well gets created with ns1&ns2.university.edu
but if I create a record for a user: www21.user.sub1.university.edu it appears in
/var/named/user.sub1.university.edu.db
the record displays correctly if I dig it like this:

Code: 
dig www21.user.sub1.university.edu @sub1.university.edu

but if I request info from any other NS I get:
empty record and Authority section:
Code: 
;; AUTHORITY SECTION:
sub1.university.edu.		14400	IN	SOA	ns1.university.edu hostmaster.sub1.university.edu 2012082803 14400 3600 1209600 86400


would I need to create for every sub[1-4] two separate NS? or I could use two NS for all four domains and its subdomains?
cause in that case I would need to assign 8 new ip's which is not very comfortable and efficient.

I believe because my user domains does not have mx records this is why I get that server relay errors? pasted in the top of a post?

so to sum up everything my main problem is that my users cannot receive emails, they get 550 error which is from what I googled is related with relay. And additional problems is that if a user creates subdomain it does not appear anywhere although it is correctly written in users zone file.

any ideas anyone? thank you.
Simonas
 
Subdomains dont need full zones only TLD's do. You then create mx records under that TLD for the subdomain.

Code: 
sub1 IN MX 10 host.domain.com.

So if you own university.edu you only have one zone which is university.edu and everything goes in that zone.
 
By default DirectAdmin does add an entire zone when you add a subdomain, and it'll work as long as the zone for the main domain and the zone for the subdomain are on the same nameservers.

So you can create the mx records for the mx record either way.

To get further help from me (and perhaps from others) you'll need to post real IP#s and domain names and subdomains, so we can test instead of guess.

Jeff
 
Hello again, thank you for your reply.
I suppose that with those example.com thing you can't say a lot :)
but I do not think that posting details would help now. I noticed that when I add a record in users DA panel it is added both in /var/named/sub1.university.edu.db and /var/named/user.sub1.university.edu.db
but bind only looks for records in /var/named/sub1.university.edu.db
I tried to add mx record in there and it went through. So no more dns problems.

The only problem now is mail. I am new to mail services and maybe any of you have a link of detail explanation about exim and how it works, visual scheme, a book or a link. And maybe can somebody tell me relation ship between dovecot exim what part in mail server are they taking, e.g. basic steps which occur when I send an email to mail server and when I send the email from mail server. like when exim does its job, when dovecot takes it over, spamassasin etc. Cause google so far giving me information which I cannot read...

Thank you,
Simonas
 
Exim book:

http://www.amazon.com/The-Exim-SMTP-Mail-Server/dp/0954452976/ref=pd_sim_sbs_b_1

Note this is the recommended book; the O'Reilly book documents a previous verson of exim and probably would not be helpful.

Note also the above link will not set any cookies on your system.

Exim and it's interaction with Dovecot, the Exim filters, SpamAssassan and ClamAV are all set in the /etc/exim.conf file. The default exim.conf file (installed when you install DirectAdmin) can be found here:

http://files.directadmin.com/services/exim.conf

but this may not be the the file exactly as installed on your system.

A much better file (I wrote it) can be found here:

http://www.nobaloney.net/spamblocker.html

And documentation for my file (and required configuration) can be found here:

http://www.nobaloney.net/downloads/...1/ReadMe-SpamBlockerVersion-4.1.exim.conf.txt

Of course if you did give us your domain information we could do a lot of tests for you and help you narrow down your problem.

Jeff
 
Thank you very much for the information. It looks very helpful for filling(most if not all) of my gaps in understanding mail services.
The problem with email sending and receiving was related to additional route in exim.conf
under "begin routers" section there was
Code: 
relay2ic:
  driver = manualroute
  domains = !+local_domains
  transport = remote_smtp
  ignore_target_hosts = 10.0.0.0/8 : 127.0.0.0/8 
  route_list = * servermail.university.edu byname
  host_find_failed = freeze
  verify
  no_more

still can't understand why it was created, but probably for a reason which is not existing anymore. I see that user domains does not even need to have separate mx records.
There is a mx record for sub1.university.edu and if any email are being sent to [email protected] it reaches exim and it is being processed and placed in a proper place. (probably I need to read dns theory to fully understand this)

I will go through your example config files and adjust them for my needs so emails would go through the proper procedure scanned with updated clamav and adjusted SpamAssassin etc.
But for now thank you for your quick replies and great informational links.

Cheers!
Simonas
 
Is this a DirectAdmin server? That section isn't standard in any exim.conf file used by DirectAdmin. DirectAdmin exim.conf files don't hard code domain names anywhere; that appears to be a local customization so you're on your own with it.

Jeff
 
You must log in or register to reply here.
Back
Top