The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Sender Verify Failed with PHP Mail Function Via Cron or SSH

Discussion in 'E-mail Discussions' started by linux4me2, Jan 8, 2016.

  1. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    79
    Likes Received:
    13
    Trophy Points:
    8
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    My Exim configuration was working just fine until I recently reviewed it and noticed that there were a number of settings with the yellow warning icons by them indicating that they had not been previously set. I figured they were settings corresponding to a newer version of Exim and that setting them to the defaults and saving the configuration wouldn't do any harm. I know; I should have backed up my configuration before doing so, but I didn't.

    After saving the configuration, I noticed that the PHP scripts I run via cron that used the PHP mail() function were no longer emailing me as they did before I updated the Exim configuration, but the scripts that used the mail() function in my public_html folder were working.

    To see if I could determine what was wrong, I wrote a very simple PHP script whose sole function was to send me an email.

    I ran it from a browser by browsing to the script, /test/test_PHP_mail.php, and received the email with the following output in /var/log/exim_mainlog:

    Code:
    2016-01-08 13:05:57 cwd=/home/username/public_html/test 3 args: /usr/sbin/sendmail -t -i
    2016-01-08 13:05:57 1aHcMH-0005UP-S5 <= username@host.hostingdomainname.com U=username P=local S=630 T="PHP Mail Test" for recipient@mydomain.com
    2016-01-08 13:05:57 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1aHcMH-0005UP-S5
    2016-01-08 13:05:57 1aHcMH-0005UP-S5 => recipient <recipient@mydomain.com> R=virtual_user T=virtual_userdelivery
    2016-01-08 13:05:57 1aHcMH-0005UP-S5 Completed
    
    Next, I opened a terminal and using SSH as the user for the domain, cd'd to the folder containing the test script, and ran the script using the following command:

    Code:
    /usr/local/bin/php test_PHP_mail.php
    
    That email failed to come through, and I got the following output in exim_mainlog:

    Code:
    2016-01-08 13:07:31 cwd=/home/username/public_html/test 3 args: /usr/sbin/sendmail -t -i
    2016-01-08 13:07:31 1aHcNn-00000g-Ve <= username@host.hostingdomainname.com U=username P=local S=559 T="PHP Mail Test" for recipient@mydomain.com
    2016-01-08 13:07:32 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1aHcNn-00000g-Ve
    2016-01-08 13:07:32 SMTP connection from [127.0.0.1]:34669 (TCP/IP connection count = 3)
    2016-01-08 13:07:32 1aHcNn-00000g-Ve [127.0.0.1] SSL verify error: certificate name mismatch: "/OU=Domain Control Validated/OU=EssentialSSL/CN=host.hostingdomainname.com"
    2016-01-08 13:07:32 SMTP connection identification H=localhost A=127.0.0.1 P=34669 U=mailnull ID=47 S=mailnull B=identify_local_connection
    2016-01-08 13:07:32 H=(host.hostingdomainname.com) [127.0.0.1]:34669 sender verify fail for <username@host.hostingdomainname.com>: The mail server could not deliver mail to username@host.hostingdomainname.com.  The account or domain may not exist, they may be blacklisted, or missing the proper dns entries.
    2016-01-08 13:07:32 H=(host.hostingdomainname.com) [127.0.0.1]:34669 X=TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256 CV=no F=<username@host.hostingdomainname.com> rejected RCPT <recipient@mydomain.com>: Sender verify failed
    2016-01-08 13:07:32 H=(host.hostingdomainname.com) [127.0.0.1]:34669 Warning: "Detected session with all messages failed"
    2016-01-08 13:07:32 H=(host.hostingdomainname.com) [127.0.0.1]:34669 Warning: "Increment slow_fail_block Ratelimit - (host.hostingdomainname.com) [127.0.0.1]:34669 because of all messages failed"
    2016-01-08 13:07:32 SMTP connection from (host.hostingdomainname.com) [127.0.0.1]:34669 closed by QUIT
    2016-01-08 13:07:32 1aHcNn-00000g-Ve ** recipient@mydomain.com R=deliver_local_outside_jail T=remote_smtp H=127.0.0.1 [127.0.0.1] X=TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256 CV=no: SMTP error from remote mail server after RCPT TO:<recipient@mydomain.com>: 550-Verification failed for <username@host.hostingdomainname.com>\n550-The mail server could not deliver mail to username@host.hostingdomainname.com.  The account or domain may not exist, they may be blacklisted, or missing the proper dns entries.\n550 Sender verify failed
    
    I noticed that the sender verification failed because there is no user called "username" at host.hostingdomainname.com. And there aren't, because "host" is the subdomain of the main domain for my VPS where the service SSL certificate is installed, and there are no email accounts there.

    Next, I tried altering the PHP script to use the "-f" parameter to set the sender to an actual email account on the domain "mydomain.com."

    After altering the script, I ran it again via SSH using the same command as above, and the mail went through just fine, with the following output in exim_mainlog:

    Code:
    2016-01-08 13:12:57 cwd=/home/username/public_html/test 4 args: /usr/sbin/sendmail -t -i -fsystem@mydomain.com
    2016-01-08 13:12:57 1aHcT3-00000f-7s <= system@mydomain.com U=username P=local S=549 T="PHP Mail Test" for recipient@mydomain.com
    2016-01-08 13:12:57 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1aHcT3-00000f-7s
    2016-01-08 13:12:57 SMTP connection from [127.0.0.1]:38366 (TCP/IP connection count = 1)
    2016-01-08 13:12:57 1aHcT3-00000f-7s [127.0.0.1] SSL verify error: certificate name mismatch: "/OU=Domain Control Validated/OU=EssentialSSL/CN=host.hostingdomainname.com"
    2016-01-08 13:12:57 SMTP connection identification H=localhost A=127.0.0.1 P=38366 U=mailnull ID=47 S=mailnull B=identify_local_connection
    2016-01-08 13:12:57 1aHcT3-0005hH-KT <= system@mydomain.com H=(host.hostingdomainname.com) [127.0.0.1]:38366 P=esmtps X=TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256 CV=no S=829 id=E1aHcT3-00000f-7s@host.hostingdomainname.com T="PHP Mail Test" for recipient@mydomain.com
    2016-01-08 13:12:57 1aHcT3-00000f-7s => recipient@mydomain.com R=deliver_local_outside_jail T=remote_smtp H=127.0.0.1 [127.0.0.1] X=TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256 CV=no C="250 OK id=1aHcT3-0005hH-KT"
    2016-01-08 13:12:57 1aHcT3-00000f-7s Completed
    
    The only problem I see there is the "SSL verify error: certificate name mismatch," but the email did come through just fine.

    I have a workaround, since adding the "-f" parameter to all my scripts got my emails going through once more, and I all the web software that can to use email via SMTP, which also works, but I'm still curious what I did that caused this.

    So, I have two questions. First of all, what setting in my Exim configuration would account for the failure of mail to go through when a script is run via SSH or cron, but to succeed when it's run via a browser going to the same script? Second, why the "SSL verify error: certificate name mismatch," when my service SSL certificate appears to be working fine otherwise?
     
  2. bloatedstoat

    bloatedstoat Well-Known Member

    Joined:
    Jun 14, 2012
    Messages:
    78
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Victoria, Australia
    cPanel Access Level:
    Root Administrator
    Are using PHP v5.6?

    Could be the mismatch is down to the SMTP sender verify mechanism in 5.6.

    Came across this myself when using 5.6 with WHMCS and all my support tickets and invoices failed to deliver when using the SMTP option with a purchased certificate installed across all services.
     
  3. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    79
    Likes Received:
    13
    Trophy Points:
    8
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    No, I'm still using PHP 5.5.30.

    I have WHMCS running too, and the emails from it stopped going through too until I switched it to SMTP. It's working fine now.
     
  4. max_payne

    max_payne Active Member

    Joined:
    Feb 1, 2013
    Messages:
    33
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Does host.hostingdomainname.com resolve to an IP?
     
  5. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    79
    Likes Received:
    13
    Trophy Points:
    8
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    If I put it in WhoIs, it returns an IP, but if I put it in LeafDNS, I get an error that says "The parent nameservers do not have your nameservers listed."

    Is there some other way I should check it?
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    652
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    You can run the following command from your server:

    Code:
    host server.domain.com
    However, it's generally a better idea to implement SMTP authentication for any scripts that send out email to prevent email abuse and ensure your server is not marked as a known SPAM source.

    Thank you.
     
  7. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    79
    Likes Received:
    13
    Trophy Points:
    8
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    Thanks, Michael. When I run the command:

    Code:
    host server.domain.com
    
    It does return a valid IP address, so I think I'm okay in that regard.

    I have done as you said and implemented SMTP authentication for the apps I'm running that offer that option, but there are a number of scripts that are still just using the PHP mail() function.
     
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    652
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    You should also ensure the email address users are sending to is a valid email account created through cPanel.

    Thank you.
     
  9. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    79
    Likes Received:
    13
    Trophy Points:
    8
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    Thanks Michael. I installed phpMailer on the server and am using that for all the scripts that were using PHP mail(), so I'm completely set up for SMTP now. All the emails the users send to are either valid accounts or forwarders set up in cPanel. So far, it's working just great. Thanks for your help.
     
  10. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    652
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page