Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Can send mail but can't receive mail.

Discussion in 'E-mail Discussion' started by OooLong, May 22, 2018.

  1. OooLong

    OooLong Well-Known Member

    Joined:
    Mar 16, 2011
    Messages:
    104
    Likes Received:
    1
    Trophy Points:
    66
    cPanel Access Level:
    Website Owner
    I'm able to send a test mail to gmail and work no problem. But when try to send from gmail back it's not receiving. I'm checking it with horde webmail. How can I find out what's the problem is? Thanks.
     
  2. Jcats

    Jcats Well-Known Member

    Joined:
    May 25, 2011
    Messages:
    720
    Likes Received:
    123
    Trophy Points:
    168
    Location:
    New Jersey
    cPanel Access Level:
    DataCenter Provider
    Check the MX record on your domain, does the hostname defined in the MX record actually resolve to an IP on your server?

    Global DNS Propagation Checker - What's My DNS?

    Go there, punch in your domain and select MX from the dropdown.

    Once it replies with the hostname of the MX record, take that hostname, punch it back in, set the dropdown to A.

    Is it showing the correct IP address?

    Any bounce backs to gmail?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. OooLong

    OooLong Well-Known Member

    Joined:
    Mar 16, 2011
    Messages:
    104
    Likes Received:
    1
    Trophy Points:
    66
    cPanel Access Level:
    Website Owner
    I did everything you described and it does show the correct IP of my server and no other ip.

    My domain, it's just an empty wordpress site: example.com

    What's weird is when selecting MX it show:
    0:mail.example.com
    10:mail.domain.com

    10:mail.example.com is not showing on my namecheap mx record. I don't remember inputing this in, even if I did it's no longer there.

    The mx record: imgur.com/a/14ejCzv

    Also when test send from gmail back to example, gmail didn't get any bounce error either.
     
    #3 OooLong, May 22, 2018
    Last edited by a moderator: May 23, 2018
  4. Jcats

    Jcats Well-Known Member

    Joined:
    May 25, 2011
    Messages:
    720
    Likes Received:
    123
    Trophy Points:
    168
    Location:
    New Jersey
    cPanel Access Level:
    DataCenter Provider
    Since you don't have root access, I would ask your web host to grep the exim_mainlog for your gmail email, they will be able to see what's happening to the email from there.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. OooLong

    OooLong Well-Known Member

    Joined:
    Mar 16, 2011
    Messages:
    104
    Likes Received:
    1
    Trophy Points:
    66
    cPanel Access Level:
    Website Owner
    I have root access and I tried it, it show nothing:

    tail -500 /var/log/exim_mainlog | grep cryptos

    cryptos is the beginning of my email from gmail.
     
  6. Jcats

    Jcats Well-Known Member

    Joined:
    May 25, 2011
    Messages:
    720
    Likes Received:
    123
    Trophy Points:
    168
    Location:
    New Jersey
    cPanel Access Level:
    DataCenter Provider
    Something seems a miss at namecheap then, maybe create your own private nameservers so you can manage the DNS from cPanel:

    - Removed -

    Use that article to create

    ns1.example.com
    ns2.example.com

    assign them both to 198.7.xx.xx

    then in WHM > Edit a DNS Zone

    Make sure you create 2 A Records

    ns1
    ns2

    again point them to 198.7.xx.xx

    Make sure both NS records in that DNS zone are set to

    ns1.example.com
    ns2.example.com

    Make sure you only have the one MX record, to be safe point it to mail.example.com

    and then if there is a CNAME record for mail.example.com, change it to an A Record and point it to 198.7.xx.xx

    Once done, change the nameservers at namecheap to

    ns1.example.com
    ns2.example.com

    - Removed -

    You should be good to go, but this all may require a few minutes to a couple hours to update.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #6 Jcats, May 22, 2018
    Last edited by a moderator: May 23, 2018
  7. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,838
    Likes Received:
    276
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @OooLong

    While I do agree with @Jcats that it's much easier to manage your DNS on your server, I'm also wondering if there's not something else going on.

    This is probably inconsequential since they both point back to the same place.

    Can you check /etc/localdomains and ensure your domain + the mail.subdomain is present? If it isn't, add it and try and send mail to yourself again.


    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. OooLong

    OooLong Well-Known Member

    Joined:
    Mar 16, 2011
    Messages:
    104
    Likes Received:
    1
    Trophy Points:
    66
    cPanel Access Level:
    Website Owner
    Nope, added mail.subdomain to /etc/localdomains still didn't work. Is there anyway to check the MX to see that it actually working and its the server problem?
     
  9. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,838
    Likes Received:
    276
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    The MX record resolves to the server and I can see that it is recognized as the MX for your domain (i can see that in the link you provided) I think that it might be best to troubleshoot this sort of issue when we have access to the server and we can see first hand the configuration. If you can please open a ticket using the link in my signature, once opened please let us know the ticket ID here so we can update this thread with the outcome.

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. OooLong

    OooLong Well-Known Member

    Joined:
    Mar 16, 2011
    Messages:
    104
    Likes Received:
    1
    Trophy Points:
    66
    cPanel Access Level:
    Website Owner
    I finally get the bounce back.

    The response was:
    The recipient server did not accept our requests to connect. Learn more at Fix bounced or rejected emails - Gmail Help [mail.EXAMPLE.com. <IPREMOVED>: unable to read banner]


    Final-Recipient: rfc822; admin@EXAMPLE.com
    Action: delayed
    Status: 4.4.1
    Diagnostic-Code: smtp; The recipient server did not accept our requests to connect. Learn more at Fix bounced or rejected emails - Gmail Help
    [mail.EXAMPLE.com. <IPREMOVED>: unable to read banner]
    Last-Attempt-Date: Wed, 23 May 2018 16:12:51 -0700 (PDT)
    Will-Retry-Until: Fri, 25 May 2018 13:26:17 -0700 (PDT)


    ---------- Forwarded message ----------
    From: Cryptos *** <cryptos***@gmail.com>
    To: admin@EXAMPLE.com
    Cc:
    Bcc:
    Date: Tue, 22 May 2018 16:26:17 -0400
    Subject: aaaa
    aaaa
     
    #10 OooLong, May 23, 2018
    Last edited by a moderator: May 24, 2018
  11. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,838
    Likes Received:
    276
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi OooLong

    Do you have a firewall installed on the server? Can you also confirm whether or not the standard mail ports are open?


    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. OooLong

    OooLong Well-Known Member

    Joined:
    Mar 16, 2011
    Messages:
    104
    Likes Received:
    1
    Trophy Points:
    66
    cPanel Access Level:
    Website Owner
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
    tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 16777/exim
    tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 5202/dovecot/pop3-l
    tcp 0 0 127.0.0.1:783 0.0.0.0:* LISTEN 17460/spamd-dormant
    tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 5203/dovecot/imap-l
    tcp 0 0 0.0.0.0:2095 0.0.0.0:* LISTEN 17307/cpsrvd (SSL)
    tcp 0 0 127.0.0.1:7984 0.0.0.0:* LISTEN 9091/java
    tcp 0 0 0.0.0.0:2096 0.0.0.0:* LISTEN 17307/cpsrvd (SSL)
    tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 2484/httpd
    tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 16777/exim
    tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 2636/pure-ftpd (SER
    tcp 0 0 127.0.0.1:8984 0.0.0.0:* LISTEN 9091/java
    tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 16777/exim
    tcp 0 0 0.0.0.0:26 0.0.0.0:* LISTEN 16777/exim
    tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 2484/httpd
    tcp 0 0 0.0.0.0:2077 0.0.0.0:* LISTEN 17342/cpdavd - acce
    tcp 0 0 0.0.0.0:2078 0.0.0.0:* LISTEN 17342/cpdavd - acce
    tcp 0 0 0.0.0.0:2079 0.0.0.0:* LISTEN 17342/cpdavd - acce
    tcp 0 0 0.0.0.0:2080 0.0.0.0:* LISTEN 17342/cpdavd - acce
    tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 5203/dovecot/imap-l
    tcp 0 0 0.0.0.0:2082 0.0.0.0:* LISTEN 17307/cpsrvd (SSL)
    tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 5202/dovecot/pop3-l
    tcp 0 0 127.0.0.1:579 0.0.0.0:* LISTEN 17335/cPhulkd - pro
    tcp 0 0 0.0.0.0:2083 0.0.0.0:* LISTEN 17307/cpsrvd (SSL)
    tcp 0 0 0.0.0.0:40332 0.0.0.0:* LISTEN 2084/sshd
    tcp 0 0 0.0.0.0:2086 0.0.0.0:* LISTEN 17307/cpsrvd (SSL)
    tcp 0 0 0.0.0.0:2087 0.0.0.0:* LISTEN 17307/cpsrvd (SSL)
    tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 8767/mysqld


    root@**** [~]# iptables -L -n
    Chain INPUT (policy ACCEPT)
    target prot opt source destination
    cphulk all -- 0.0.0.0/0 0.0.0.0/0
    cP-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
    acctboth all -- 0.0.0.0/0 0.0.0.0/0
    DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25

    Chain FORWARD (policy ACCEPT)
    target prot opt source destination
    cP-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination
    cpanel-dovecot-solr all -- 0.0.0.0/0 0.0.0.0/0
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,26,465,587 owner GID match 506
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,26,465,587 owner GID match 12
    ACCEPT tcp -- 0.0.0.0/0 127.0.0.1 multiport dports 25,26,465,587 owner UID match 32001
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,26,465,587 owner UID match 0
    acctboth all -- 0.0.0.0/0 0.0.0.0/0
    DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25

    Chain acctboth (2 references)
    target prot opt source destination

    Chain cP-Firewall-1-INPUT (2 references)
    target prot opt source destination
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:993
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2078
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:53
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2082
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2077
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:26
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8080
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:143
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:995
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2086
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2087
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2095
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:465
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2096
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:3306
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2083
    ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53

    Chain cpanel-dovecot-solr (1 references)
    target prot opt source destination
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport sports 8984,7984 owner UID match 494
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport sports 8984,7984 owner UID match 0
    REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport sports 8984,7984 reject-with icmp-port-unreachable

    Chain cphulk (1 references)
    target prot opt source destination
    DROP all -- *** 0.0.0.0/0 state NEW TIME until date 2018-05-25 09:46:38 UTC
     
  13. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,838
    Likes Received:
    276
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @OooLong

    Can you please do the following:

    Go to WHM>>Security Center>>cPhulk Brute Force Detection -> History Reports -> Remove Blocks and Clear reports

    Then post the output of iptables -L -n once more and let me know if you can send mail to yourself once more
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  14. OooLong

    OooLong Well-Known Member

    Joined:
    Mar 16, 2011
    Messages:
    104
    Likes Received:
    1
    Trophy Points:
    66
    cPanel Access Level:
    Website Owner
    root@snvf [~]# iptables -L -n
    Chain INPUT (policy ACCEPT)
    target prot opt source destination
    cP-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
    acctboth all -- 0.0.0.0/0 0.0.0.0/0
    DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25

    Chain FORWARD (policy ACCEPT)
    target prot opt source destination
    cP-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination
    cpanel-dovecot-solr all -- 0.0.0.0/0 0.0.0.0/0
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,26,465,587 owner GID match 506
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,26,465,587 owner GID match 12
    ACCEPT tcp -- 0.0.0.0/0 127.0.0.1 multiport dports 25,26,465,587 owner UID match 32001
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,26,465,587 owner UID match 0
    acctboth all -- 0.0.0.0/0 0.0.0.0/0
    DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25

    Chain acctboth (2 references)
    target prot opt source destination

    Chain cP-Firewall-1-INPUT (2 references)
    target prot opt source destination
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:993
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2078
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:53
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2082
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2077
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:26
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8080
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:143
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:995
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2086
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2087
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2095
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:465
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2096
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:3306
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2083
    ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53

    Chain cpanel-dovecot-solr (1 references)
    target prot opt source destination
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport sports 8984,7984 owner UID match 494
    ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport sports 8984,7984 owner UID match 0
    REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport sports 8984,7984 reject-with icmp-port-unreachable
     
  15. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,838
    Likes Received:
    276
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Thank you for that, can you confirm whether or not you're able to send/receive mail now?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  16. OooLong

    OooLong Well-Known Member

    Joined:
    Mar 16, 2011
    Messages:
    104
    Likes Received:
    1
    Trophy Points:
    66
    cPanel Access Level:
    Website Owner
    Yea I'm testing, was trying to test from several source yahoo, gmail etc.. Still nothing. Still able to send mail to gmail, yahoo but can't receive back from them.
     
  17. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,838
    Likes Received:
    276
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    At this point, I'm going to go back to my original suggestion that you open a ticket with us so that we can look into this further. Please let us know the ticket ID here once it's open.

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  18. OooLong

    OooLong Well-Known Member

    Joined:
    Mar 16, 2011
    Messages:
    104
    Likes Received:
    1
    Trophy Points:
    66
    cPanel Access Level:
    Website Owner
    Ticket ID: 9624463
     
  19. OooLong

    OooLong Well-Known Member

    Joined:
    Mar 16, 2011
    Messages:
    104
    Likes Received:
    1
    Trophy Points:
    66
    cPanel Access Level:
    Website Owner
    This issue is solved.

    iptables -D INPUT -p tcp --dport 25 -j DROP
    iptables -D OUTPUT -p tcp --dport 25 -j DROP
    service iptables save
    service iptables restart
     
  20. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,838
    Likes Received:
    276
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @OooLong

    I'm glad to see it's now resolved. Thank you for updating here the resolution.


    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice