[solved] smtp error, but sendmail ok.

Wanabo

Verified User
Joined
Jan 19, 2013
Messages
210
I moved to a new server running on Centos 8 two weeks a go.
With the websites I created an email address for I use the smtp function. But yesterday a user warned me he received no more mails.

I had no clue before because mails using the sendmail php script were send out fine.
So after disabling mail.domain.com and using the sendmail php script I've got the outgoing mails running again.
But I really do want to use smtp.

I tried recreating the email account (something could have not been set correct after the restore of accounts)
I tested different websites with different CMS's to rule out a software malfunctioning of a particular script.
I tried different ports, 25, 465, 587.
I've tried CSF/LFD in test mode.
I've tried Modsecurity in detection mode only.
I've tried setting the port exclusively to 587 according to this solution: https://forum.directadmin.com/threads/wordpress-e-mails-are-not-sent.60752/post-310714

Investigating this, I can not find anything related in the logs.

Your help is much appreciated!
 
Last edited:

iworx

Verified User
Joined
Nov 21, 2006
Messages
65
Location
Belgium
Did you look at /var/log/exim/mainlog or paniclog? It should at least report the connection attempt.
How are you connecting from your scripts to the SMTP server? On address or 'localhost'?
 

Wanabo

Verified User
Joined
Jan 19, 2013
Messages
210
Hi iworx,

Paniclog is empty at the moment. Mainlog are no related items found. It looks like the connection attempts with smtp are not being logged. With /usr/sbin/sendmail -t -i -f user@removed.nl it is logged.



Checked with phpinfo, apparantely I use localhost:
SMTPlocalhost
 

iworx

Verified User
Joined
Nov 21, 2006
Messages
65
Location
Belgium
If there is nothing in the mainlog >> no connection was made.
Try setting SMTP to the domainname you use to send mails + username / password authentication.
If you did mail SNI with LetsEncrypt you can TLS on port 587
 

Wanabo

Verified User
Joined
Jan 19, 2013
Messages
210
Not sure I understand what you mean by: "Try setting SMTP to the domainname you use to send mails + username / password authentication. ".
But I guess you wanted me to try:
mail.host.servername.com
tried admin and admin@localhost
tried password same as host.servername.com/roundcube.

Port is set to 587.
I have in directadmin.conf mail_sni=1

In mainlog I see:
Code:
2020-03-05 10:59:51 H=(mail.removed.com) [x.x.x.x] sender verify fail for <pmxqqacfp@removed.com>:
2020-03-05 10:59:51 H=(mail.removed.com) [x.x.x.x] F=<pmxqqacfp@removed.com> rejected RCPT <validxxxg2@terra.com.br>: Sender verify failed
2020-03-05 10:59:51 H=(mail.removed.com) [x.x.x.x] incomplete transaction (connection lost) from <pmxqqacfp@removed.com>
2020-03-05 10:59:51 unexpected disconnection while reading SMTP command from (mail.removed.com) [x.x.x.x] D=0s
But these are not my testing attempts, looks like a brute force hack to me.

Edit: domainname.com/roundcube, than everything works ok. Must be some permission issue.

Edit2: Found out that after disabling TLS in the options of QandA software I can send out mail through smtp on port 25 and 587. But the other software I cannot disable TLS and is probably automatically set. So there might be a TLS problem with exim.
 
Last edited:

iworx

Verified User
Joined
Nov 21, 2006
Messages
65
Location
Belgium
Those attempts come by the thousands -- that's absolutely no problem.
The fact that you don't see any of your attempts pop up in the exim logs means your not using exim/smtp for sending mails or something is actively blocking it. In CSF, did you turn on smtp_block by any chance or smtp_allow_local turned off?

Screenshot 2020-03-07 at 13.22.15.png
 

Wanabo

Verified User
Joined
Jan 19, 2013
Messages
210
SMTP_BLOCK was ON, turned it off. SMTP_ALLOWLOCAL was already ON. But same problems.
Tried SMTP_REDIRECT = ON (was off), no solution
Added apache,nginx, directadmin to SMTP_ALLOWGROUP = no solution.

An other server (with centos 7) has almost identical settings in csf with no problems.

I don't think its csf, because I tested before with csf in testing mode and had the same problem.

Could it be related to: https://forum.directadmin.com/threads/problem-pop3-not-works.60750/#post-310673
 

Wanabo

Verified User
Joined
Jan 19, 2013
Messages
210
The software is php-fusion, a cms from php-fusion.co.uk. I'm running version 8.00.22. On the previous server, no problems.
When I leave smtp host empty, all is working with sendmail. But I need smtp to work for dkim, dmarc.
Changing ports does not solve it.
I can not find any relating error in domain.error.log

1583585949408.png

The username pass combo works in roundcube and with roundcube I can send mails.
 
Top