Timeout SMTP outgoing e-mail

graffx

Verified User
Joined
Dec 7, 2020
Messages
48
Somehow I can't send mail. On my mobile no issues and receiving on both is also no issue.
On my desktop (Mail mac) I see a ! triangle.

Time-out of the connections to the server 'mail.xxx.nl' via the default ports.

When I use the help/connection assistant I see the message:
Failed to make connection with the SMTP server.

The mail is stuck on Outgoing mail. All 3 accounts I have are IMAP with default settings which used to work.

The server is on CentOS 8. Did some updates to Exim and Dovecot, restarted them, but that didn't help.
Also reinstalled an emailaddress but no luck.
Tried to restart the server. (DA had to be restarted with Console after that because couldn't reach it)

Anyway, I'm stuck at this issue I can't send any mail. I have no idea what to try.
 
Last edited:
to me it sound like its not getting the SSL Certificate that belong to the mail domain itself. (And DirectAdmin is not confgured by default to do this. It just gives you the SSL Certificate of it self.)
Could you verify that you get the correct SSL that belongs to mail.xxx.nl? (Since i know that mobile apps are way stricter in the SSL and will not use it if it does not belong to the domain you use.)
 
Thanks, that looks like that is the issue.
It seems to work when I look at the mailaccounts "advanced IMAP" server settings and don't use TCP/SSL.
Don't know why yet but an other account can't be changed but need to look into that a bit more.

Any idea how to get SSL working (again) for the mailserver?
 
I use this guide on new installs to make sure it get configured properly.
Maybe its something that will help you too.
 
I use this guide on new installs to make sure it get configured properly.
Maybe its something that will help you too.
Do note you need a wildcard SSL or a SSL that includes the mail.xxx.nl in your domain SSL. (The one that gets used by the SSL Certificates tab.)
 
I use (free) LetsEncrypt SSL for the domains and mail/pop/smtp doesn't seem to be checked.
Going to look into that first. Able to use wildcard but cannot get it working yet somehow (if thats needed).
Domain is already processing an SSL request. Please allow it to finish before making other changes.

And after only testing smtp. I get the message:
[smtp.domainname.nl] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for smtp.domainname.nl - check that a DNS record exists for this domain, url:
Certificate generation failed.
 
Last edited:
Message I get:

error: one or more domains had a problem:
[*.domainname.nl] time limit exceeded: last error: NS ns1.argewebhosting.eu. returned NXDOMAIN for _acme-challenge.domainname.nl.
Certificate generation failed.
 
I might be a step further now.
mail.domainname.nl works but when adding checkbox smtp.domainname.nl and pop.domainname.nl I think there is a DNS issue.

The domain has a DNS directed to the IP of the VPS.
"mail A 145.123.12.12"
but there is no "smtp A 145.123.12.12" record.
on the VPS I do have these records.

Could that be the issue?
Sorry I have not much experience in this kind of things.

[pop.domainname.nl] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for pop.domainname.nl - check that a DNS record exists for this domain, url:
[smtp.domainname.nl] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for smtp.domainname.nl - check that a DNS record exists for this domain, url:
Certificate generation failed.
 
I might be a step further now.
mail.domainname.nl works but when adding checkbox smtp.domainname.nl and pop.domainname.nl I think there is a DNS issue.

The domain has a DNS directed to the IP of the VPS.
"mail A 145.123.12.12"
but there is no "smtp A 145.123.12.12" record.
on the VPS I do have these records.

Could that be the issue?
Sorry I have not much experience in this kind of things.
This sounds like you did not give it enough time. New records/Updating records can take between 1 min and 48 hour to be completely resolved since empty records gets cached too.
 
I haven't done any DNS changes.
I can try to add the smtp/pop A records in the DNS and see if it works, but I don't know if thats needed when I have a "mail A record".
 
I haven't done any DNS changes.
I can try to add the smtp/pop A records in the DNS and see if it works, but I don't know if thats needed when I have a "mail A record".
No, not needed since at the end of the day they all point to the same IP and you still need to specify the port.
 
I do think all I need to do is getting the SSL working for the smpt. and pop. A records.
Its weird I can't enable these 2 and the others do.

Maybe its because I have to enable SNI.

But it worked before so that's a bit weird..
 
When you're getting the SSL cert signed by LetsEncrypt in DirectAdmin, take a look at every record you have a check mark on and go here:


Plug in the hostname for each there and make sure it picks up the A record. Don't rely on anything you think is true, double check that someone else sees it there. Check mail, webmail, pop, smtp, whatever you need, whatever you have checked. If whatsmydns has seen the record, and that record points to your server, for at least 2 hours and it's still not working then let's see if your current error message gives any new insight.
 
I have added pop and smtp to the external DNS and now I don't get DNS error messages anymore when using Lets Encrypt.
But my mail program still doesn't allow me to use SSL.

My guesses are CAA, but I really have no skills with this kind of stuff.

CAA record prevents issuing the certificate: SERVFAIL

Here: https://www.transip.nl/knowledgebase/artikel/479-een-caa-record-instellen/
It does say its possible to add a CAA record but it seems to be only possible on the external DNS.
Testing right now..
 
Back
Top