Sending emails fails on extrenal email address

[nishtman]

Hi every body

I have recently install DA on my CentOs 7 and every service works fine but mail.
Emails successfully received and even sending to email addresses that hosted on this server is OK but when I try to send emails to addresses like Gmail or Yahoo Mail it fails with "retry timeout exceeded",

I have try many ways but did not get the answer.

 

[Richard G]

Did you install the latest exim and exim.conf files?
What does your /var/log/exim/mainlog say about the mails to Gmail?

Is port 25 TCP open incoming and outgoing in your firewall?

 

[nishtman]

Thanks for your reply Richard,

I have installed the latest version of directadmin. Do I have to update exim seperatly?
This is the cotents of mainlog:

2020-11-22 07:06:39 1kgP0s-0004kR-Qz ** [email protected] F= R=lookuphost T=remote_smtp: all hosts for 'gmail.com' have been failing for a long time (and retry time not reached)

Port 25 is open on firewall-cmd
this is the output of firewall-cmd --list-port:

3031/tcp 2222/tcp 53/tcp 53/udp 25/tcp 25/udp 587/tcp 465/tcp 465/udp

Do you have any suggestion?

 

[LawsHosting]

Are your resolvers (/etc/resolv.conf) working correctly?

Or it could be because your server IP is blocked.

 

[nishtman]

Actually I think the problem is about nameservers or dns or something like that.
Could you tell me how to check host resolve and dns?

 

[LawsHosting]

What do you have in the file /etc/resolv.conf ?

 

[nishtman]

.thanks for your reply Peter

This is the content of my resolve.conf file:

cat /etc/resolv.conf
# Generated by NetworkManager
search vm
# Automatically generated by OnApp
# Automatically generated by OnApp
# Automatically generated by OnApp
# Automatically generated by OnApp
# Automatically generated by OnApp
# Automatically generated by OnApp (6.0.0-238)
domain secd.ir
nameserver 212.33.203.139
nameserver 185.98.113.113
nameserver 185.98.114.114
nameserver 8.8.8.8
nameserver 8.8.4.4

 

[LawsHosting]

That file is auto-generated so it should work.

Can you ping an external domain? eg. google . com

 

[nishtman]

Ping works!
This is the outputnof ping google.com:

ping google.com
PING google.com (216.58.209.142) 56(84) bytes of data.
64 bytes from arn09s05-in-f14.1e100.net (216.58.209.142): icmp_seq=1 ttl=111 time=38.4 ms
64 bytes from arn09s05-in-f14.1e100.net (216.58.209.142): icmp_seq=2 ttl=111 time=32.4 ms
64 bytes from arn09s05-in-f14.1e100.net (216.58.209.142): icmp_seq=3 ttl=111 time=33.0 ms
64 bytes from arn09s05-in-f14.1e100.net (216.58.209.142): icmp_seq=4 ttl=111 time=32.8 ms
64 bytes from arn09s05-in-f14.1e100.net (216.58.209.142): icmp_seq=5 ttl=111 time=38.3 ms
64 bytes from arn09s05-in-f14.1e100.net (216.58.209.142): icmp_seq=6 ttl=111 time=35.5 ms
64 bytes from arn09s05-in-f14.1e100.net (216.58.209.142): icmp_seq=7 ttl=111 time=33.0 ms
64 bytes from arn09s05-in-f14.1e100.net (216.58.209.142): icmp_seq=8 ttl=111 time=33.4 ms
^C
--- google.com ping statistics ---
8 packets transmitted, 8 received, 0% packet loss, time 7011ms
rtt min/avg/max/mdev = 32.433/34.640/38.491/2.337 ms

 

[LawsHosting]

Can you telnet to gmail from the server?

telnet smtp-relay.gmail.com 25

 

[Richard G]

I have installed the latest version of directadmin. Do I have to update exim seperatly?

Depending on how it's installed, yes.
You can always do it just to be sure. I hope this is fully correct.

cd /usr/local/directadmin/custombuild
./build set exim yes
./build set eximconf yes
./build set eximconf_release 4.5
./build update
./build exim
./build eximconf
./build dovecot
./build dovecot_conf

Or just check.
Exim --version should read on one of the lines:
Exim version 4.94 #2
/etc/exim.pl should be version 31 (top of file)
/etc/exim.conf should be 4.5.33

 

[nishtman]

Can you telnet to gmail from the server?

telnet smtp-relay.gmail.com 25

No, Telnet freezes on trying...

 

[nishtman]

Depending on how it's installed, yes.
You can always do it just to be sure. I hope this is fully correct.

cd /usr/local/directadmin/custombuild
./build set exim yes
./build set eximconf yes
./build set eximconf_release 4.5
./build update
./build exim
./build eximconf
./build dovecot
./build dovecot_conf

Or just check.
Exim --version should read on one of the lines:
Exim version 4.94 #2
/etc/exim.pl should be version 31 (top of file)
/etc/exim.conf should be 4.5.33

Versions are same as what you wrote

 

[jamgames2]

First checking if your internet provider not blocked outgoing port 25

disable all firewall
telnet smtp-relay.gmail.com 25
telnet smtp-relay.gmail.com 587
telnet smtp-relay.gmail.com 465

or try telnet to other smtp
telnet smtp-mail.outlook.com 587

result ?

If only fail on port 25 and other port can work, then your provider are blocking smtp PORT ( 25 )

 

[nishtman]

I dept that if provider block port 25.
And about firewalls, I have disable firewall-cmd with:

systemctl stop firewalld

But this did not work.Is there any other firewall?

 

[jamgames2]

I dept that if provider block port 25.
And about firewalls, I have disable firewall-cmd with:

systemctl stop firewalld

But this did not work.Is there any other firewall?

csf firewall ?

 

[LawsHosting]

Or, actually contact OnApp and ask if they block port 25 by default......

 

[Richard G]

No, Telnet freezes on trying...

Yep, then somewhere port 25 outgoing is blocked. If it's not your firewall it's your hoster/datacenter.

 

[nishtman]

Thanks for your reply Richard and Peter, Both of you help me a lot.
how do you think about changing the default exim port from 25 to anything else?

 

[Zhenyapan]

Your local directadmin's exim already works at both 587 and 25 (smtp).
smtp with ssl/tls usually use 465