Can send mail but can't receive mail.

OooLong

Well-Known Member
Mar 16, 2011
105
1
68
cPanel Access Level
Website Owner
I'm able to send a test mail to gmail and work no problem. But when try to send from gmail back it's not receiving. I'm checking it with horde webmail. How can I find out what's the problem is? Thanks.
 

Jcats

Well-Known Member
PartnerNOC
May 25, 2011
806
156
168
New Jersey
cPanel Access Level
DataCenter Provider
Check the MX record on your domain, does the hostname defined in the MX record actually resolve to an IP on your server?

Global DNS Propagation Checker - What's My DNS?

Go there, punch in your domain and select MX from the dropdown.

Once it replies with the hostname of the MX record, take that hostname, punch it back in, set the dropdown to A.

Is it showing the correct IP address?

Any bounce backs to gmail?
 

OooLong

Well-Known Member
Mar 16, 2011
105
1
68
cPanel Access Level
Website Owner
I did everything you described and it does show the correct IP of my server and no other ip.

My domain, it's just an empty wordpress site: example.com

What's weird is when selecting MX it show:
0:mail.example.com
10:mail.domain.com

10:mail.example.com is not showing on my namecheap mx record. I don't remember inputing this in, even if I did it's no longer there.

The mx record: imgur.com/a/14ejCzv

Also when test send from gmail back to example, gmail didn't get any bounce error either.
 
Last edited by a moderator:

Jcats

Well-Known Member
PartnerNOC
May 25, 2011
806
156
168
New Jersey
cPanel Access Level
DataCenter Provider
Since you don't have root access, I would ask your web host to grep the exim_mainlog for your gmail email, they will be able to see what's happening to the email from there.
 

OooLong

Well-Known Member
Mar 16, 2011
105
1
68
cPanel Access Level
Website Owner
I have root access and I tried it, it show nothing:

tail -500 /var/log/exim_mainlog | grep cryptos

cryptos is the beginning of my email from gmail.
 

Jcats

Well-Known Member
PartnerNOC
May 25, 2011
806
156
168
New Jersey
cPanel Access Level
DataCenter Provider
Something seems a miss at namecheap then, maybe create your own private nameservers so you can manage the DNS from cPanel:

- Removed -

Use that article to create

ns1.example.com
ns2.example.com

assign them both to 198.7.xx.xx

then in WHM > Edit a DNS Zone

Make sure you create 2 A Records

ns1
ns2

again point them to 198.7.xx.xx

Make sure both NS records in that DNS zone are set to

ns1.example.com
ns2.example.com

Make sure you only have the one MX record, to be safe point it to mail.example.com

and then if there is a CNAME record for mail.example.com, change it to an A Record and point it to 198.7.xx.xx

Once done, change the nameservers at namecheap to

ns1.example.com
ns2.example.com

- Removed -

You should be good to go, but this all may require a few minutes to a couple hours to update.
 
Last edited by a moderator:

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,262
313
Houston
Hi @OooLong

While I do agree with @Jcats that it's much easier to manage your DNS on your server, I'm also wondering if there's not something else going on.

What's weird is when selecting MX it show:
0:mail.example.com
10:mail.domain.com
This is probably inconsequential since they both point back to the same place.

Can you check /etc/localdomains and ensure your domain + the mail.subdomain is present? If it isn't, add it and try and send mail to yourself again.


Thanks!
 

OooLong

Well-Known Member
Mar 16, 2011
105
1
68
cPanel Access Level
Website Owner
Nope, added mail.subdomain to /etc/localdomains still didn't work. Is there anyway to check the MX to see that it actually working and its the server problem?
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,262
313
Houston
The MX record resolves to the server and I can see that it is recognized as the MX for your domain (i can see that in the link you provided) I think that it might be best to troubleshoot this sort of issue when we have access to the server and we can see first hand the configuration. If you can please open a ticket using the link in my signature, once opened please let us know the ticket ID here so we can update this thread with the outcome.

Thanks!
 

OooLong

Well-Known Member
Mar 16, 2011
105
1
68
cPanel Access Level
Website Owner
I finally get the bounce back.

The response was:
The recipient server did not accept our requests to connect. Learn more at Fix bounced or rejected emails - Gmail Help [mail.EXAMPLE.com. <IPREMOVED>: unable to read banner]


Final-Recipient: rfc822; [email protected]
Action: delayed
Status: 4.4.1
Diagnostic-Code: smtp; The recipient server did not accept our requests to connect. Learn more at Fix bounced or rejected emails - Gmail Help
[mail.EXAMPLE.com. <IPREMOVED>: unable to read banner]
Last-Attempt-Date: Wed, 23 May 2018 16:12:51 -0700 (PDT)
Will-Retry-Until: Fri, 25 May 2018 13:26:17 -0700 (PDT)


---------- Forwarded message ----------
From: Cryptos *** <cryptos***@gmail.com>
To: [email protected]
Cc:
Bcc:
Date: Tue, 22 May 2018 16:26:17 -0400
Subject: aaaa
aaaa
 
Last edited by a moderator:

OooLong

Well-Known Member
Mar 16, 2011
105
1
68
cPanel Access Level
Website Owner
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 16777/exim
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 5202/dovecot/pop3-l
tcp 0 0 127.0.0.1:783 0.0.0.0:* LISTEN 17460/spamd-dormant
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 5203/dovecot/imap-l
tcp 0 0 0.0.0.0:2095 0.0.0.0:* LISTEN 17307/cpsrvd (SSL)
tcp 0 0 127.0.0.1:7984 0.0.0.0:* LISTEN 9091/java
tcp 0 0 0.0.0.0:2096 0.0.0.0:* LISTEN 17307/cpsrvd (SSL)
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 2484/httpd
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 16777/exim
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 2636/pure-ftpd (SER
tcp 0 0 127.0.0.1:8984 0.0.0.0:* LISTEN 9091/java
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 16777/exim
tcp 0 0 0.0.0.0:26 0.0.0.0:* LISTEN 16777/exim
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 2484/httpd
tcp 0 0 0.0.0.0:2077 0.0.0.0:* LISTEN 17342/cpdavd - acce
tcp 0 0 0.0.0.0:2078 0.0.0.0:* LISTEN 17342/cpdavd - acce
tcp 0 0 0.0.0.0:2079 0.0.0.0:* LISTEN 17342/cpdavd - acce
tcp 0 0 0.0.0.0:2080 0.0.0.0:* LISTEN 17342/cpdavd - acce
tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 5203/dovecot/imap-l
tcp 0 0 0.0.0.0:2082 0.0.0.0:* LISTEN 17307/cpsrvd (SSL)
tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 5202/dovecot/pop3-l
tcp 0 0 127.0.0.1:579 0.0.0.0:* LISTEN 17335/cPhulkd - pro
tcp 0 0 0.0.0.0:2083 0.0.0.0:* LISTEN 17307/cpsrvd (SSL)
tcp 0 0 0.0.0.0:40332 0.0.0.0:* LISTEN 2084/sshd
tcp 0 0 0.0.0.0:2086 0.0.0.0:* LISTEN 17307/cpsrvd (SSL)
tcp 0 0 0.0.0.0:2087 0.0.0.0:* LISTEN 17307/cpsrvd (SSL)
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 8767/mysqld


[email protected]**** [~]# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
cphulk all -- 0.0.0.0/0 0.0.0.0/0
cP-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
acctboth all -- 0.0.0.0/0 0.0.0.0/0
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25

Chain FORWARD (policy ACCEPT)
target prot opt source destination
cP-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
cpanel-dovecot-solr all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,26,465,587 owner GID match 506
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,26,465,587 owner GID match 12
ACCEPT tcp -- 0.0.0.0/0 127.0.0.1 multiport dports 25,26,465,587 owner UID match 32001
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,26,465,587 owner UID match 0
acctboth all -- 0.0.0.0/0 0.0.0.0/0
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25

Chain acctboth (2 references)
target prot opt source destination

Chain cP-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:993
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2078
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2082
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2077
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:26
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8080
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:143
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:995
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2086
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2087
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2095
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:465
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2096
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:3306
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2083
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53

Chain cpanel-dovecot-solr (1 references)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport sports 8984,7984 owner UID match 494
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport sports 8984,7984 owner UID match 0
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport sports 8984,7984 reject-with icmp-port-unreachable

Chain cphulk (1 references)
target prot opt source destination
DROP all -- *** 0.0.0.0/0 state NEW TIME until date 2018-05-25 09:46:38 UTC
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,262
313
Houston
Hi @OooLong

Can you please do the following:

Go to WHM>>Security Center>>cPhulk Brute Force Detection -> History Reports -> Remove Blocks and Clear reports

Then post the output of iptables -L -n once more and let me know if you can send mail to yourself once more
 

OooLong

Well-Known Member
Mar 16, 2011
105
1
68
cPanel Access Level
Website Owner
[email protected] [~]# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
cP-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
acctboth all -- 0.0.0.0/0 0.0.0.0/0
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25

Chain FORWARD (policy ACCEPT)
target prot opt source destination
cP-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
cpanel-dovecot-solr all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,26,465,587 owner GID match 506
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,26,465,587 owner GID match 12
ACCEPT tcp -- 0.0.0.0/0 127.0.0.1 multiport dports 25,26,465,587 owner UID match 32001
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,26,465,587 owner UID match 0
acctboth all -- 0.0.0.0/0 0.0.0.0/0
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25

Chain acctboth (2 references)
target prot opt source destination

Chain cP-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:993
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2078
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2082
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2077
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:26
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8080
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:143
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:995
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2086
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2087
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2095
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:465
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2096
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:3306
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2083
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53

Chain cpanel-dovecot-solr (1 references)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport sports 8984,7984 owner UID match 494
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport sports 8984,7984 owner UID match 0
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport sports 8984,7984 reject-with icmp-port-unreachable
 

OooLong

Well-Known Member
Mar 16, 2011
105
1
68
cPanel Access Level
Website Owner
Yea I'm testing, was trying to test from several source yahoo, gmail etc.. Still nothing. Still able to send mail to gmail, yahoo but can't receive back from them.
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,262
313
Houston
At this point, I'm going to go back to my original suggestion that you open a ticket with us so that we can look into this further. Please let us know the ticket ID here once it's open.

Thanks!
 

OooLong

Well-Known Member
Mar 16, 2011
105
1
68
cPanel Access Level
Website Owner
This issue is solved.

iptables -D INPUT -p tcp --dport 25 -j DROP
iptables -D OUTPUT -p tcp --dport 25 -j DROP
service iptables save
service iptables restart