User account emails not sending out

[jafranklin77]

most if not all of the user account there emails are not sending (or seems like its not) and not being received. They can get inbound messages no problem from the same email address and even if they reply they person does not receive it. I am new to hosting our own DA so not sure where to start. I did check two resources and could not find any issues.

Test 1: used https://www.mail-tester.com/ and does not find any issues. (see report here:https://www.mail-tester.com/test-kit0ad5gf)


Test 2: https://mxtoolbox.com/SuperTool.aspx?action=mx:thecynfulthoughts.com&run=toolpage
does not find any issues either.

We are hosting the DA on a VPS

Thanks guys for any help

 

[Richard G]

I also did some test for you and checked DNS records. There should be no issue at all sending and receiving mail, as far as I can see, you did a perfect job.
I don't know if you also use ipv6. If yes, you need a PTR/rDNS record for that one too.

However, everything seems fine.
Also, if you can send mail to mail-tester.com it seems to me that you are able to send outgoing mail.
However, it only helps partly to do a mail check with a mail account which -does- work. I presume this one is from the same server as the accounts with the issues?

You have to figure out as to why the mail is not being send (or not being accepted) when mail is send out.
There are couple of things you can do.

1.) Check your /var/log/exim/mainlog and /var/log/exim/rejectlog to see if you can find entry's of the domains having issues sending mail.
2.) Check if all ports needed on your server are open, like 25, 110, 465, 587, 993, 995 both incoming and outgoing. If sending is an issue, most important are the outgoing ports to doublecheck.
3.) Maybe give us one of the domain names which surely has problems, so we can see if there might be some issue some way with it.

I might be forgetting something at the moment, but if that is the case I'm sure somebody will write an addition.

 

[jafranklin77]

Richard,

Thank you for the tips. Not sure where or how to "check your /var/log/exim/mainlog" I am very new to hosting it. We have a reseller DA with another company. I do know how to use putty and access root.

Also now as i test more domains seem like all are not sending out. I have tried sending to different email address and they are not received. but if i use any of them to send to those domains they all receive the email.

as for a domain for you to see beastfitfitness.com or julicioustreats.com

I can also post screenshot of anything you think would be helpful. I will triple check the ports but i believe thats not the issue since they were sending like 48hrs ago.

 

[jafranklin77]

Okay as i test and troubleshoot i found that if i email between domains on my DA server i.e. beastfitfitness.com & julicioustreats.com they can send and receive from each other. but if i send out to say [email protected] from either of those accounts its not received on the outlook.com but i can send from [email protected] to either [email protected] or [email protected] they get them

 

[Richard G]

We have a reseller DA with another company. I do know how to use putty and access root.

But to access root you normally have to be a server admin.
To be able to check the Exim logfiles, which is really required at this point, you need real root access to get to these logs. So not only SSH access for your reseller account, that is not enough.

So in this case, you haev to ask support with the person who is the admin of the server, to check the logfiles for what is going on.
Because from what I can see and find, both these domains are setup correctly concerning DNS records. There is no reason as to why they should not be able to send mail to outside addresses.

they can send and receive from each other.

Yes that is normal because both domains are local so the mail does not leave the server.

In case you do have full root access:

cd /var/log/exim
tail -f mainlog

which will keep the logfile in sight. Then let them try to send a mail outside and see what happens, evt. post results here.

You can quit the tail by pressing ctrl-c which will stop it.

 

[jafranklin77]

yes I am the server admin not reseller. so if you have the setup i can check that please.

Thank you so much!

 

[Richard G]

so if you have the setup i can check that please.

I just editted my post, probably when you were replying. Check the last lines with the code to execute as root from SSH.

 

[jafranklin77]

 

[Richard G]

Part 1.
I don't see that any mail is trying to be send from a normal email address from this log. You have to keep this window open and then try to send an email from one of the affected accounts which can not send anymore.

Part 2.
Also, you should take care that you can receive root mail as often this can contain mails which show errors.

If you are running a RH alike system (like Centos or Almalinux) first try this.
Go to the /etc directory
then edit the aliases file.
At the bottom you will find something like
#root : marc
change to:
root : [email protected]
so remove the bracket and use an e-mail address of yours, maybe at that server since you can not get external mail yet. You can always change this later on.

Then restart exim:
service exim restart

Part 3.

Check if mail is hanging in the mail queue of Exim, this can be done by this command:
exim -bp
if you get a list there, then mails are hanging in the queue.

 

[Richard G]

Part 4, try and see if you can telnet outside via port 25.

Via this command for example:
telnet gmail-smtp-in.l.google.com 25
you should get this response:

Trying 108.177.14.27...
Connected to gmail-smtp-in.l.google.com.
Escape character is '^]'.
220 mx.google.com ESMTP l14-20020ac2554e000000b00498fbf821fasi2260148lfk.464 - gsmtp

You can type quit to leave there again.

 

[jafranklin77]

Okay I will try what you posted thank you. also dont know it this helps but reach out to my vps provider that installed the directadmin and they said this....

"It appears that you are using PHP mail function. php mail() is enabled on the server, however, there is limited ways to track the messages sent through that method. PHP SMTP authentication uses the SMTP server so there is detailed logging on the mail server as well as proper mail headers are used while sending mails.

So, it is recommended to use SMTP authentication for each site for trouble free mailing from the website."

Now they did the install so not sure how php mail fun. was setup not smtp but does this sound like the issue? and if so where can i changed them to smpt?

 

[Richard G]

Oh yes that could certainly be a cause. It could even be that the CSF firewall is blocking php mail.
Check these settings in /etc/csf/csf.conf
SMTP_BLOCK = "1"

then this is very important:
SMTP_ALLOWLOCAL = "1"

SMTP_REDIRECT = "0"
SMTP_PORTS = "25,465,587"
SMTP_ALLOWUSER = ""
SMTP_ALLOWGROUP = "mail,mailman"
SMTPAUTH_RESTRICT = "0"

Normally you don't need to set SMTP_BLOCK = "1" with these settings. But try with these settings, if it still not works, disable the firewall and try again.
If it works, you might want to consider using SMTP_BLOCK = "0" (and restart csf and lfd), however it's indeed better if webscripts also use smtp for mail.

Restart csf and lfd after any changes made in csf.conf.

 

[jafranklin77]

Answer to Part 3: yes there is mail in there. These are the same ones i can see in the "Mail Queue Administration" screen as well.

now sorry for sounding dumb still learning... but when you say "Check these settings in /etc/csf/csf.conf" is this when i root into it or from with DA panel itself?

 

[Richard G]

is this when i root into it or from with DA panel itself?

It's not dumb at all. It was my fault, in spite of the fact what you told me about you learning, I was thinking maybe a bit too professional out of habit, so I didn't think of the DA option, and I was confusing you in fact.
I'm always working via SSH as root when doing these things.

Not everything can be configured using the CSF GUI in Directadmin. It might be in this case, you have to check. I never use the CSF GUI myself, but everyone must see what he/she can work best with. However, console experience is in fact a must after a certain time imho.

I always make these changes via SSH and then use csf -ra to restart both.
But to be safe you can check, if you can change them from the DA panel it's fine too, makes live a bit easier for you.

 

[jafranklin77]

thats what i get?

 

[Richard G]

Yes you have to edit the file. You can use either vi or nano, but in this case nano is easier.

Use:

cd /etc/csf
nano -w csf.conf

Afterwards it shows on the bottom the commands, you can use ctrl-x to save and then y to confirm.

If you don't trust yourself, just check the CSF plugin GUI in DA if it's possible to do it in there.

Oh yes and since all mails are in the queue, as soon as this is fixed they will all go out soon too afterwards.
Or you can use the mail queue administration for it to resend.

 

[jafranklin77]

 

[Richard G]

Yes that is the one.
Just check the lines. Scroll down until you reach SMTP_BLOCK = "1" and check if all is set correctly.
Or you can also use ctrl-w and then type smtp_block to search. Search next (you will need to) is ctrl-w enter. This way you will find it more quickly.

They migh already be set correctly.

 

[Richard G]

I just checked for you, if you want you can also check these settings via the Configserver Firewall plugin GUI which is present in Directadmin.
You have to click the configuration button.

If you made mistake with the nano editor, just use ctrl-x to get out and type N to cancel any changes.

 

[jafranklin77]

@Richard G YOU ARE THE MAN! Thank you that fixed it! This has been killing me for the last 4 days. Thank you!