The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Sender Verification for root@domain messages

Discussion in 'E-mail Discussions' started by Hexo, Jul 23, 2009.

  1. Hexo

    Hexo Member

    Joined:
    Dec 30, 2008
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    I have 2 cPanel vps's, both set up under the same domain, with sender verification checked.

    server1.domain.com - Running cPanel 11.24.5-C37419 - WHM 11.24.2 - X 3.9
    server2.domain.com - Running cPanel 11.24.5-C37419 - WHM 11.24.2 - X 3.9

    server1 hosts domain.com, with DNS clustering enabled on server1 and server2. In both cPanels, roots mail is forwarded to user@domain.com.

    Mail for root@server1.domain.com gets delivered to user@domain.com, as it uses virtual_user_transport, though mail for root@server2.domain.com gets rejected by server1.domain.com due to sender verification, ie it can't verify the existance of the mailbox root@server2.domain.com, and therefore fails.

    I've spent the last few days crawling google, with not much luck as everything seems to point me in the right direction. There's lots of information with regards to work arounds, such as disabling sender verification, or using whitelists to exempt addresses, but i'd prefer to find a way to resolve the issue, rather than side stepping it.

    Can anyone advise ?
     
    #1 Hexo, Jul 23, 2009
    Last edited: Jul 23, 2009
  2. Hexo

    Hexo Member

    Joined:
    Dec 30, 2008
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Temp fix

    I've edited the /etc/aliases file to denote

    #user that will recieve roots mail
    root : user@domain.com

    Will see how it goes and report back

    ============================

    Edit:

    This didn't help, have replied to sparek-3, just awaiting moderator approval
     
    #2 Hexo, Jul 23, 2009
    Last edited: Jul 23, 2009
  3. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,382
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Is it failing at the domain verification process or is it failing at the callback?

    on server1.domain.com check to see if server2.domain.com resolves. See if server2.domain.com reports an MX record or an A record back.

    Code:
    dig server2.domain.com MX
    Code:
    dig server2.domain.com A
    It probably won't have an MX record, but an A record should suffice.

    If no MX record and no A records are returned, then this is likely your problem. You need to investigate why this is happening.

    Take the IP address that is returned as the A record and on server1 try connecting to port 25 on this IP address

    Code:
    telnet <IP Address> 25
    This should connect and show you an SMTP banner.

    Now in the telnet session, type the following:

    EHLO server1.domain.com
    mail from: <>
    rcpt to: <root@server2.domain.com>


    This should return with 250 Accepted

    If you receive something other than a 250 response code, then this means that the mail server on server2.domain.com is not accepting mail for root@server2.domain.com. You will need to find out why this is the case.
     
  4. Hexo

    Hexo Member

    Joined:
    Dec 30, 2008
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    only sender verification is ticked and not call back.

    both respond as there is a dns domain for server2.domain.com, with both A records in the main domain, and an mx record for server2.domain.com, PTR records are also pointing to the correct address.

    Server reply

    Code:
    220-server2.domain.com ESMTP Exim 4.69 #1 Fri, 24 Jul 2009 01:06:06 +0100
    Server reply

    Code:
    550-You do not have sufficient privileges to send mail to this address.  Please
    550 authenticate and try again.
     
  5. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,382
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Sender verification should only check to make sure that the domain name part of the e-mail address is valid. Someone else might verify this.

    If that is the case, then this should be working.

    If callouts are being used, then this is failing because server1 is not able to verify that root@server2.domain.com is valid.

    You may want to make sure that server2.domain.com is in /etc/localdomains on server2.

    Run /scripts/mailperm on server2.
     
  6. Hexo

    Hexo Member

    Joined:
    Dec 30, 2008
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Well that's what I thought, the callout isn't checked, mainly due to many newsletters being sent from non-existant mailboxes, but that's what it seems to be doing :confused:

    I've run the command from both servers and it gives the same reply whichever way I do it (no permission, as above).

    The domain is listed in /etc/localdomains. Have run the /scripts/mailperm, and it just returned to the command prompt, then retested with the above ehlo mail from etc, and it's still replying the same.
     
    #6 Hexo, Jul 24, 2009
    Last edited: Jul 24, 2009
  7. Hexo

    Hexo Member

    Joined:
    Dec 30, 2008
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    The only way i've managed to get this to work is by turning sender verification off, which is odd because it's only supposed to be checking the domain exists, which it does, it's not been enabled to do callouts, but it appears that's what it's doing.
     
Loading...

Share This Page