How many tries before exim stops sending emails

[Spirogg]

Hi I have xenforo forum script and was setting up bounced emails. I created some dummy accounts to send conversations to those dummy users. And checked to see if they bounced.
after testing. I saw 2 emails were not bounced but rejected.
example [email protected]
This was 2 email accounts I setup as the dummy emails in the 2 dummy accounts. So I deleted the 2 accounts. Then later went to WHM home email email queue manager and saw they were frozen so I deleted the mail from there.
today I see it retried to send the mail again even though I deleted those accounts. Is there a way to stop those from trying to emailing again? How many tries it willthe mail try to get delevered. Even though I deleted the users. I get errors in ACP in xenforo backend. Showing the emails retried to send with failure.

 

[Spirogg]

Just wondering if this is exim that keeps re-trying to send the email?
1) if so how can I stop them?
2) is there a way to set the time of retries?
and where would that be?
thank you. I’m using version 94.02 cPanel on CentOS 7 on a proxmox vm
Thanks again for your help in advance.
kind regards
Spiro

 

[cPRex]

Hello there! It's almost certainly Exim's retry settings, which you can read more about here:

32. Retry configuration

Exim is a message transfer agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the Internet.

www.exim.org

You'll see the cPanel defaults at the very bottom of the /etc/exim.conf file on the machine, and this can be adjusted through WHM >> Exim Configuration Editor under the "Advanced" tab in the RETRY CONFIGURATION section if you did want to modify that.

 

[Spirogg]

Hello there! It's almost certainly Exim's retry settings, which you can read more about here:

32. Retry configuration

Exim is a message transfer agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the Internet.

www.exim.org

You'll see the cPanel defaults at the very bottom of the /etc/exim.conf file on the machine, and this can be adjusted through WHM >> Exim Configuration Editor under the "Advanced" tab in the RETRY CONFIGURATION section if you did want to modify that.

ok thanks for the link - is there a way to see where these bogss emails are that keep running in Exim? and just shut them down /delete them from emailing again?

@cPRex I read this thank you:

1. Changing retry rules

If you change the retry rules in your configuration, you should consider whether or not to delete the retry data that is stored in Exim’s spool area in files with names like db/retry. Deleting any of Exim’s hints files is always safe; that is why they are called “hints”.
The hints retry data contains suggested retry times based on the previous rules. In the case of a long-running problem with a remote host, it might record the fact that the host has timed out. If your new rules increase the timeout time for such a host, you should definitely remove the old retry data and let Exim recreate it, based on the new rules. Otherwise Exim might bounce messages that it should now be retaining.

1) but not sure if deleting these hints files (db/retry) if I delete the db/retry and do not manually trigger another email to send from the bogus address, will Exim stop trying to email?

2) not sure what directory I would find these db/retry files to try and delete them since it says its safe to do so in the quote above from Exim.
anyone know where these are located and would just -rm /db/retryfile do it via command line ?

thanks so much for any further assistance

 

[cPRex]

You can run the following commands to clear the retry database:

/usr/sbin/exim_tidydb -t 0d /var/spool/exim retry > /dev/null
/usr/sbin/exim_tidydb -t 0d /var/spool/exim reject > /dev/null
/usr/sbin/exim_tidydb -t 0d /var/spool/exim wait-remote_smtp > /dev/null

Can you try that and see if that keeps this from resending?

 

[Spirogg]

You can run the following commands to clear the retry database:

/usr/sbin/exim_tidydb -t 0d /var/spool/exim retry > /dev/null
/usr/sbin/exim_tidydb -t 0d /var/spool/exim reject > /dev/null
/usr/sbin/exim_tidydb -t 0d /var/spool/exim wait-remote_smtp > /dev/null

Can you try that and see if that keeps this from resending?

will try now and then reply back if it works for others as well if they ever need a fix.. thanks

 

[Spirogg]

You can run the following commands to clear the retry database:

/usr/sbin/exim_tidydb -t 0d /var/spool/exim retry > /dev/null
/usr/sbin/exim_tidydb -t 0d /var/spool/exim reject > /dev/null
/usr/sbin/exim_tidydb -t 0d /var/spool/exim wait-remote_smtp > /dev/null

Can you try that and see if that keeps this from resending?

hello nope didn't work I see 1 email the just came in 8:37pm the other 2 did not show up yet?? but not sure where it could be hidden that it keeps wanted to send, it was not in the Queue Manager ? ir in Greylist so not sure ?

 

[cPRex]

I'd recommend getting the full details directly from /var/log/exim_mainlog to see if you can see the status.

 

[Spirogg]

Hello @cPRex I found out. Xenforo uses swiftmailer and it has its own queue so I had to go to database and clear that from there.
What does strike me weird
Is the 503 error when the domain does not exist. It does not bounce in the xenforo system for me.
- but I have not changed anything in cPanel 94.02 for mail. Just installed CSF
Allowed my domain user to bypass SMTP_BLOCK thanks to your suggestion
And that is it.
They showed me a screenshot of a bogus email [email protected] and did a test email to send to that. It did not throw the 503 error for them.
they insist it’s configuration issue. but I changed nothing ??

so does cPanel - exim not allow to send emails to non existent domains?
I’m using
mail.mydomain.com port 587
Tls
I’ve tried port 465 and ssl
I get the same error message

is this because of cPanel setup of exim or something I’m missing.

 

[Spirogg]

hi again,

I guess its not really a big issue because its a bogus domain just bothers me that XenForo says its my server fault.

There is nothing that prevents a local MTA from delivering bounces as per the standard method. Certainly Postfix has no issues and I'd have to assume that Exim is the same. (This is essentially always done through a sendmail wrapper.) This will generally be more efficient on the whole than connecting to a local SMTP server as well, as you're avoiding the TCP connection and overhead (replacing it with calling a local process).

As mentioned, the SMTP server rejecting the message for a domain that doesn't exist certainly isn't a standard or common behavior. The most common approach would be for the SMTP server to accept it (like an invalid user at a valid domain) and attempt delivery until it believes the error won't be resolved and then return a bounce message.

-



This is what's happening in the above screenshot.

- and just wanting to understand why the error and not being bounced and logged into XenForo log?

- if I use php mailer it shows no errors and gets logged in bounced emails in XenForo ACP




- here is the log I get as an error using a test email to send with mail.mydomain.com tried all ports 25 465 587 with TLS & SSL?

++ Starting Swift_SmtpTransport
<< 220-server1.mydomain.com ESMTP Exim 4.94 #2 Fri, 12 Mar 2021 11:45:08 -0600
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.

>> EHLO www.mydomain.com

<< 250-server1.mydomain.com Hello www.mydomain.com [nn.nn.nn.nn]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-X_PIPE_CONNECT
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP

>> STARTTLS

<< 220 TLS go ahead

>> EHLO www.mydomain.com

<< 250-server1.mydomain.com Hello www.mydomain.com [nn.nn.nn.nn]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-X_PIPE_CONNECT
250-AUTH PLAIN LOGIN
250 HELP

>> AUTH LOGIN

<< 334 VXNlcm5hbWU6

>> bm9yZXBseUB0YWxrd2FnLmNvbQ==

<< 334 UGFzc3dvcmQ6

>> U2NhdGFNYWxha2FAMTJAMTI=

<< 235 Authentication succeeded

++ Swift_SmtpTransport started
>> MAIL FROM:<bounced2+425c55d6+aksdjhakdjhaskdjakdsjh=aksjdhaksjdhkajsdh.com@mydomain.com>

>> RCPT TO:<[email protected]>

>> DATA

<< 250 OK

<< 550-The mail server could not deliver mail to
[email protected].  The account or domain may
550 not exist, they may be blacklisted, or missing the proper dns entries.

!! Expected response code 250/251/252 but got code "550", with message "550-The mail server could not deliver mail to
[email protected].  The account or domain may
550 not exist, they may be blacklisted, or missing the proper dns entries.
" (code: 550)
<< 503-All RCPT commands were rejected with this error:
503-The mail server could not deliver mail to
[email protected].  The account or domain may
503-not exist, they may be blacklisted, or missing the proper dns entries.
503 Valid RCPT command must precede DATA

!! Expected response code 354 but got code "503", with message "503-All RCPT commands were rejected with this error:
503-The mail server could not deliver mail to
[email protected].  The account or domain may
503-not exist, they may be blacklisted, or missing the proper dns entries.
503 Valid RCPT command must precede DATA
" (code: 503)
!! Expected response code 354 but got code "503", with message "503-All RCPT commands were rejected with this error:
503-The mail server could not deliver mail to
[email protected].  The account or domain may
503-not exist, they may be blacklisted, or missing the proper dns entries.
503 Valid RCPT command must precede DATA
"

does cPanel or EXIM used with cPanel create the 503

seems the line that says :

<< 235 Authentication succeeded

++ Swift_SmtpTransport started
>> MAIL FROM:<bounced2+425c55d6+aksdjhakdjhaskdjakdsjh=[email protected]>

>> RCPT TO:<[email protected]>

>> DATA

<< 250 OK.

does the last line 250 ok means it was actually sent? and then it receives its not an actual domain that exists and then throws the550 & 503 error and that is from cPanel exim setup?

im so sorry for asking all these questions - just bothers me so much that using mail.mydomain.com to send emails gets this error only on bogus domains.
and PHPmailer does not get the 550 & 503 error and logs it as bounced.

- and the reason for all this headache is,

if there are bogus domains it will not invalidate the users accounts in XenForo forums..
so if there ever are users with non existing domains (emails) and there using conversation or replying to forum posts, I will have a lot of errors and have to handle them one by one.. I can assume if it becomes a large forum what a headache that would be..

so that is my obsession to figure this out..

Sorry and thanks for any more help

Spiro

 

[cPRex]

Sure - Exim doesn't necessarily check to see if a domain is real or not, it will just try and send the message, but there would likely be a DNS failure of some sort, and then it would start the retry process.

For additional details, it might be best to get a ticket opened with our team so we can check that directly.

 

[Spirogg]

Sure - Exim doesn't necessarily check to see if a domain is real or not, it will just try and send the message, but there would likely be a DNS failure of some sort, and then it would start the retry process.

For additional details, it might be best to get a ticket opened with our team so we can check that directly.

ticket #94305269
thank you @cPRex I've also explained in the ticket and referenced this link to the forums

 

[cPRex]

Great - I'm following along with that ticket on my end so we can all stay updated.

 

[Spirogg]

Just for more information. before reading the support request response,

- One thing I noticed earlier as well, is when changing default address for mail in cPanel

From: Discard the email while your server processes it by SMTP time with an error message.

To: Discard (which is not recommended)

- The Xenforo test email will not throw an error, but still does not bounce and get logged.

- It just ends up in mail delivery in whm and stays queued, if trying to deliver it from there manually - it keeps failing with no bounce.
just weird that it showed no 503 505 error.

------------
- Here is what Support said:

Thank you for your patience while I reviewed your support request. Upon review of your reported issue, this problem does not appear to be related to or caused by cPanel or by the basic configuration of the cPanel-bundled software.

The default behavior of Exim is to perform a DNS lookup on the domain that you are attempting to send as defined in the Exim transport for remote domains:

lookuphost:
    driver = dnslookup
    domains = ! +local_domains
    #ignore verisign to prevent waste of bandwidth
    ignore_target_hosts = +loopback : 64.94.110.0/24
    headers_add = "${perl{mailtrapheaders}}"
    transport = remote_smtp

The line driver = dnslookup performs this action when attempting to send to a remote destination. When this fails, the following Exim block is then run:

#
# Trap Failures to Remote Domain
#
fail_remote_domains:
  driver = redirect
  domains = ! +local_domains : ! localhost : ! localhost.localdomain
  allow_fail
  data = ${if eq {$verify_mode}{S} \
        {:fail: The mail server does not recognize $local_part@$domain as a valid sender.} \
        {:fail: The mail server could not deliver mail to $local_part@$domain.  The account or domai
n may not exist, they may be blacklisted, or missing the proper dns entries.} \

As you can see, the default configuration of Exim is to:
1. Determine if the domain has a valid MX or A record that email can be delivered to, if so, send the email. Else:
2. Report failure of domain DNS entries and stop processing.

With that being said, I took some time to compile some information and resources for you regarding this and found the following documentation that may help you configure this desired behavior:
https://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_dnslookup_router.html
https://www.exim.org/exim-html-curr...-customizing_bounce_and_warning_messages.html


--------

- So exim is not like postfix default to send it anyway and get a bounce.

- only issue now is try to figure out how to send and get a bounce back in Xenforo logs..

I've read the above links but, it's also 2:25am CST - so I might be seeing double and reading this incorrectly..

or maybe I should stop being stubborn and get someone else that knows more than me to help me get this configured correctly

 

[cPRex]

So we checked things on our end and didn't find any odd behavior with the Exim side. If you're expecting something different to happen in Xenforo that would be up to that software. Eventually, I would still expect them to bounce as it follows Exim's timeout, but it would need to work through the timeouts I mentioned earlier.

 

[Spirogg]

Hello thanks for your reply.
It doesn’t do a bounce because it never send the email.

you can see, the default configuration of Exim is to:
1. Determine if the domain has a valid MX or A record that email can be delivered to, if so, send the email. Else:
2. Report failure of domain DNS entries and stop processing.

so there is no bounce like a valid domain it never sends it to bounce back

 

[Spirogg]

But thank you for all your help !! I did solve the other issue I was having with your help.
Thanks very much your truly amazing !
Spiro

 

[cPRex]

Oh I see what you mean now - yes, if there is no DNS or if it can't fine the records, there is no point in it trying to send.