Can receive but cannot send server-wide

Apr 17, 2018
6
0
1
Sydney
cPanel Access Level
Root Administrator
I am starting a local web-services business benefiting non-profit and small business and the only thing holding me back from taking on more clients is my server, I have a temporary fix at this current time using a dedicated mail server. However, ever since I installed cPanel on my Google Cloud Platform VPC, I have been receiving the error below for all sent emails, on all domains for all accounts.
Code:
This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

  ***hidden***@outlook.com
    retry timeout exceeded
Code:
Return-path: <[email protected]>
Received: from [::1] (port=44812 helo=whm1)
    by whm1.c.ausnet-199911.internal with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128)
    (Exim 4.89_1)
    (envelope-from <[email protected]>)
    id 1f8LPe-0000R1-JV
    for [email protected]; Tue, 17 Apr 2018 17:52:26 +1000
Received: from hidden.nb06.nsw.asp.telstra.net
 (hidden.nb06.nsw.asp.telstra.net [11.111.111.111]) by
 webmail.example.com.au (Horde Framework) with HTTPS; Tue, 17 Apr
 2018 17:52:26 +1000
Date: Tue, 17 Apr 2018 17:52:26 +1000
Message-ID: <[email protected].au>
From: [email protected]
To: [email protected]
Subject: Test
User-Agent: Horde Application Framework 5
Content-Type: text/plain; charset=utf-8; format=flowed; DelSp=Yes
MIME-Version: 1.0
Content-Disposition: inline

Test
Okay, did some googling and it suggested that account quota was reached. Nope only using 1kb of 1GB.
Another website suggested I modify my DKIM record for my domain, however everything looked in order and matched the tutorials and guides. I didn't want to modify the record and as I am afraid that incoming mail might stop coming.

I thought it might be my network firewall so I opened all ports in and out, and tried sending test emails to different addresses i.e. Gmail, Outlook, Yahoo etc. Nope, no luck. Alright, test internal mail exchanger between 2 different domains, yep that's all good, both sending and receiving.

I have searched forums and googled for 3 weeks now and cannot resolve my problem. Is there something I've missed, any troubleshooting tools i should be using? Hopefully you guys can help me resolve this.
Thanks
 
Last edited by a moderator:
Apr 17, 2018
6
0
1
Sydney
cPanel Access Level
Root Administrator
Output of /var/log/exim_mainlog
Code:
2018-04-17 20:04:33 1f8NTV-00019M-VF <= [email protected] H=(whm1) [::1]:38062 P=esmtpsa X=TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=no A=dovecot_plain:[email protected] S=872 [email protected]com.au T="AAAA" for [email protected]
2018-04-17 20:04:34 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1f8NTV-00019M-VF
2018-04-17 20:04:34 1f8NTV-00019M-VF Sender identification U=example D=example.com.au [email protected]
2018-04-17 20:04:34 1f8NTV-00019M-VF SMTP connection outbound 1523959474 1f8NTV-00019M-VF example.com.au [email protected]
2018-04-17 20:04:34 SMTP connection from (whm1) [::1]:38062 closed by QUIT
2018-04-17 20:05:05 cwd=/ 2 args: /usr/sbin/exim -bpu
2018-04-17 20:05:37 1f8NTV-00019M-VF H=outlook-com.olc.protection.outlook.com [104.47.45.33] Connection timed out
2018-04-17 20:06:40 1f8NTV-00019M-VF H=outlook-com.olc.protection.outlook.com [104.47.46.33] Connection timed out
2018-04-17 20:06:40 1f8NTV-00019M-VF == [email protected] R=dkim_lookuphost T=dkim_remote_smtp defer (110): Connection timed out
2018-04-17 20:06:40 1f8NTV-00019M-VF ** [email protected]: retry timeout exceeded
2018-04-17 20:06:40 cwd=/var/spool/exim 7 args: /usr/sbin/exim -t -oem -oi -f <> -E1f8NTV-00019M-VF
2018-04-17 20:06:40 1f8NVY-0001HS-2s <= <> R=1f8NTV-00019M-VF U=mailnull P=local S=2168 T="Mail delivery failed: returning message to sender" for [email protected]
2018-04-17 20:06:40 1f8NTV-00019M-VF Completed
2018-04-17 20:06:40 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1f8NVY-0001HS-2s
2018-04-17 20:06:40 1f8NVY-0001HS-2s => a <[email protected]> R=virtual_user T=dovecot_virtual_delivery C="250 2.0.0 <[email protected]> 4JPCCjDH1VpEEwAA0sVuQg Saved"
2018-04-17 20:06:40 1f8NVY-0001HS-2s Completed
2018-04-17 20:07:43 SMTP connection from [127.0.0.1]:40508 (TCP/IP connection count = 1)
2018-04-17 20:07:45 SMTP connection from [127.0.0.1]:40508 closed by QUIT
2018-04-17 20:07:45 SMTP connection from [127.0.0.1]:56080 (TCP/IP connection count = 1)
2018-04-17 20:07:45 SMTP connection from (localhost) [127.0.0.1]:56080 closed by QUIT
 
Last edited by a moderator:

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,272
313
Houston
Hello,

Based on the exim mail log output you provided it looks like your server is not able to connect to outlook.com:

Code:
2018-04-17 20:05:37 1f8NTV-00019M-VF H=outlook-com.olc.protection.outlook.com [104.47.45.33] Connection timed out
2018-04-17 20:06:40 1f8NTV-00019M-VF H=outlook-com.olc.protection.outlook.com [104.47.46.33] Connection timed out
On the server's CLI what do you get when running the host command for the outlook server? The output should be something like the following:

Code:
# host outlook-com.olc.protection.outlook.com
outlook-com.olc.protection.outlook.com has address 104.47.41.33
outlook-com.olc.protection.outlook.com has address 104.47.40.33
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,272
313
Houston
Hello, @Niall - Austral Connect

That means you can connect to it, which is good. Does your domain have a valid PTR and SPF? I know you mentioned that you modified your DKIM already.

To check the SPF and PTR:

SPF:
Code:
dig txt domain.tld +short
Ultimately you'd want to see something like this:

Code:
# dig txt domain.tld +short
"v=spf1 +a +mx +ip4:<YourServerIPHere> ~all"
PTR:
Code:
host <YourServerIPHere>
What you'd want to see here is that the server's IP address resolves to an IP. For example we can look at google's mx records:

Get the IP address:
Code:
# dig a alt2.gmail-smtp-in.l.google.com +short
74.125.141.27
look for the rDNS:

Code:
# host 74.125.141.26
26.141.125.74.in-addr.arpa domain name pointer vl-in-f26.1e100.net.

Thank you,
 
Apr 17, 2018
6
0
1
Sydney
cPanel Access Level
Root Administrator
Hey @cPanelLauren,
I have a feeling it might be the PTR record, going through my DNS zone, I found that record missing. However for the sake of troubleshooting, here are my outputs.

dig txt mydomain.com +short
Code:
"v=spf1 +a +mx +ip4:11.111.111.11 +include:mydomain.com ~all"
host 11.111.111.11 (My External IP)
Code:
22.222.222.22.in-addr.arpa domain name pointer 22.222.222.22.bc.googleusercontent.com.
dig a 22.222.222.22.bc.googleusercontent.com +short
Code:
11.111.111.11 (My External IP)
dig a mail.mydomain.com +short
Code:
mydomain.com.
11.111.111.11
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,272
313
Houston
Thank you for that output - may I ask are you using google for something that requires your ptr to resolve to:

Code:
22.222.222.22.in-addr.arpa domain name pointer 22.222.222.22.bc.googleusercontent.com.
Thank you,
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,272
313
Houston
Hi @Niall - Austral Connect

We do not charge for support tickets please feel free to open a ticket using the link in my signature, though I do believe the issue may be related to the PTR one of our analysts should be able to tell you the definite cause after being able to access the server.

Thank you,
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,272
313
Houston