SMTP IP problem

[AudiAddict]

Some users are complaining that they are unable to e-mail certain people and they forwarded me the error that they receive from some external mailservers:

[email protected] rejected a message from a mail server claiming to be webserver.mydirectadminserver.com

[email protected] received a message from otheripfrommydirectadminserver.com (1x.1x.1x.2x) from a mail server claiming to be webserver.mydirectadminserver.com

The domain webserver.mydirectadminserver.com has declared using SPF that it does not send mail through otheripfrommydirectadminserver.com (1x.1x.1x.2x). However, the domain is still testing its SPF policy, so the message should not have been rejected.

If understand the error correctly, exim is using a different ip, which is not the primary mailserver ip (so the reverse dns doesn't match)

What I don't understand how this is possible, because the ip which is used is not the primary IP (it's listed as eth0:2 in ifconfig)? I've been using this server for more than a year and the only thing I can think of is a recent update or new ip's which I added. It's using one of the new ip's.. so i guess that would be it, but I still don't understand why it's using this new ip and not the main server ip. Where can I verify the main server ip anyway?

I found another topic on the forum where I can bind the ip by adding the line --- interface = 22.22.22.22 --- in my exim conf. But I rather not do this because I want users to be able to user their own smtp servers (smtp.theirdomain.com).

Questions:

1) why is it using a new ip and not the server ip?
2) How can I double check the server ip (where can I find this?) which is set to be the primary ip
3) If it's caused by the new ip's which have been added, why is it using this particular ip for all domains using webmail or smtp/exim?
4) How to resolve this issue without having to manualy bind the ip? This was never necessary before?
5) If I do manualy add the line interface to exim.conf will other domains on the SERVER IP (so shared ip) still be able to send without SPF errors? My spf is = v=spf1 a mx ip4:mydirectadminserverip ~all

 

[nobaloney]

Based on your error message, it may very simply be a matter of your DNS and yuour rDNS don't match exactly; they must. Since you hide the real inf0rmation it's impossible to tell.

So if your mailserver is announcing itself (the 'helo/ehlo') as webserver.mydirectadminserver.com and has an IP# of 1.2.3.4, then the DNS for webserver.mydirectadminserver.com must be 1.2.3.4, and the rDNS for 1.2.3.4 must be webserver.mydirectadminserver.com. If this isn't so then fix it and your problem should go away.

]If that doesn't fix your problem ten kee reading.

1) why is it using a new ip and not the server ip?

You can specify which interface to use for outgoing traffic


Check your exim.conf file for remote_smtp and set it to the IP# you wish to use. Exim's documentation available here (exim.org):

This option specifies which interface to bind to when making an outgoing SMTP call. The value is an IP address, not an interface name such as eth0. Do not confuse this with the interface address that was used when a message was received, which is in $received_ip_address, formerly known as $interface_address. The name was changed to minimize confusion with the outgoing interface address. There is no variable that contains an outgoing interface address because, unless it is set by this option, its value is unknown.

During the expansion of the interface option the variables $host and $host_address refer to the host to which a connection is about to be made during the expansion of the string. Forced expansion failure, or an empty string result causes the option to be ignored. Otherwise, after expansion, the string must be a list of IP addresses, colon-separated by default, but the separator can be changed in the usual way.

Probably as confusing to you as to me. I've always left it blank and it works.

To test to see what the outside world is seeing, follow the instructions published here by the AOL Postmaster. A great and easy-to-do test, found here(aol.com).

Now back to your questions:

2) How can I double check the server ip (where can I find this?) which is set to be the primary ip[/quopte]
DirectAdmin's admin level IP Management link will show you the Server IP.

3) If it's caused by the new ip's which have been added, why is it using this particular ip for all domains using webmail or smtp/exim?

Exim should always be binding to the server IP# to end email if the option is left blank. If it's not, then perhaps you should try filling in your chosen IP# here, and testing with that AOL link to see if it fixes anything.

4) How to resolve this issue without having to manualy bind the ip? This was never necessary before?

And it shouldn't be necessary now as far as I know. By testing with that AOL link you may find that your upstream provider is redirecting all port 25 traffic outbound through their own server, to check up on you (many providers used to do this, to see if anyone was spamming). That could be causing the problem depending on your SPF setting.

5) If I do manualy add the line interface to exim.conf will other domains on the SERVER IP (so shared ip) still be able to send without SPF errors? My spf is = v=spf1 a mx ip4:mydirectadminserverip ~all

This is most troubling since ~all means that every mailserver should accept email from any IP# as long as the DNS and rDNS match.

If theuy're ignoring the ~all part of your SPF records and everything else is good, then you may need to contact the postmaster of the server rejecting you.

If you're going to write again you should give us real information so we can test. Otherwise it's unlikely I'll reply, and others may not reply either, since without testable information it's all just guesswork.

EDIT: See this thread, post #58 and following. This particular variable isn't included in my exim.conf file, but it may be helpful.

Jeff