The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SMTP mail goes to spam gmail/yahoo

Discussion in 'E-mail Discussions' started by sreeninair, Mar 11, 2014.

  1. sreeninair

    sreeninair Well-Known Member

    Joined:
    Dec 23, 2013
    Messages:
    100
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Hello Guys,

    I have issue with my email. I have configured a server recently. The mail ip was blacklisted . So I changed main shared Ip as both were same. Still the mails are routed through old ip. Gmail is marking the emails as spam. mails from outlook seems fine with gmail. On checking I could see the old ip was specified in '/var/cpanel/mainip' . I have changed it to new one.


    x.x.x.x = old ip

    y.y.y.y = new ip

    -------------------
    Code:
        webmail test mail log:
    
        2014-03-11 21:04:56 1WNR2u-0001bY-NE <= username@domain.com H=localhost ([x.x.x.x]) [127.0.0.1]:50900 P=esmtpa A=courier_login:username@domain.com S=830 id=094ea5a9d6c53d11f33e41d55d94da7b.squirrel@x.x.x.x T="Update to latest : 5.2.16" for username@domain.com
        2014-03-11 21:04:56 SMTP connection from localhost ([x.x.x.x]) [127.0.0.1]:50900 closed by QUIT
        2014-03-11 21:04:56 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1WNR2u-0001bY-NE
        2014-03-11 21:04:56 1WNR2u-0001bY-NE SMTP connection outbound 1394561096 1WNR2u-0001bY-NE domain.com username@domain.com
        2014-03-11 21:04:57 1WNR2u-0001bY-NE => username@domain.com R=dkim_lookuphost T=dkim_remote_smtp H=gmail-smtp-in.l.google.com [173.194.64.26] X=UNKNOWN:ECDHE-RSA-AES128-GCM-SHA256:128 C="250 2.0.0 OK 1394561097 o4si22111903oei.46 - gsmtp"
        2014-03-11 21:04:57 1WNR2u-0001bY-NE Completed


    ------------------------------
    Outlook email log : this is not going to spam in gmail



    Code:
        2014-03-11 21:13:24 SMTP connection from [123.236.xx.xx]:22039 (TCP/IP connection count = 1)
        2014-03-11 21:13:24 no host name found for IP address 123.236.xx.xx
        2014-03-11 21:13:27 1WNRB8-000383-Pn <= username@domaain.com H=(SreenivasPC) [123.236.xx.xx]:22039 P=esmtpa A=courier_login:sreeni@domain.com S=2772 id=0bb001cf3d55$99b193e0$cd14bba0$@domain.com T="Email issue" for username@domain.com
        2014-03-11 21:13:27 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1WNRB8-000383-Pn
        2014-03-11 21:13:27 1WNRB8-000383-Pn SMTP connection outbound 1394561607 1WNRB8-000383-Pn domain.com username@domain.com
        2014-03-11 21:13:28 1WNRB8-000383-Pn => username@domain.com R=dkim_lookuphost T=dkim_remote_smtp H=gmail-smtp-in.l.google.com [173.194.64.26] X=UNKNOWN:ECDHE-RSA-AES128-GCM-SHA256:128 C="250 2.0.0 OK 1394561608 pp9si25079711obc.128 - gsmtp"
        2014-03-11 21:13:28 1WNRB8-000383-Pn Completed
        2014-03-11 21:13:30 SMTP connection from (SreenivasPC) [123.236.xx.xx]:22039 closed by QUIT
    --------------
    Code:
        # cat /etc/mailips >> new ip
        *:y.y.y.y
        #cat /etc/mailhelo
        root@server [/usr/local/nagios]# >> nill

    I have tried after changing email from dedicated ip from exim configuration. Please help

    Thanks
    Sreeni
     
    #1 sreeninair, Mar 11, 2014
    Last edited by a moderator: Mar 11, 2014
  2. cPanelPeter

    cPanelPeter Technical Analyst III
    Staff Member

    Joined:
    Sep 23, 2013
    Messages:
    569
    Likes Received:
    15
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    You should not change the IP address in /var/cpanel/mainip, as that may effect your license. Instead, you should follow this
    documentation.
     
  3. sreeninair

    sreeninair Well-Known Member

    Joined:
    Dec 23, 2013
    Messages:
    100
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Hello Peter,

    I have followed this doc for changing the IP. I am not bothered about cPanel license. I can change the licensing Ip. The mail issue is important.

    See this

    2014-03-11 21:04:56 1WNR2u-0001bY-NE <= username@domain.com H=localhost ([x.x.x.x]) [127.0.0.1]:50900 P=esmtpa A=courier_login:username@domain.com S=830 id=094ea5a9d6c53d11f33e41d55d94da7b.squirrel@x.x.x.x T="Update to latest : 5.2.16" for username@domain.com
    2014-03-11 21:04:56 SMTP connection from localhost ([x.x.x.x]) [127.0.0.1]:50900 closed

    Here x.x.x.x is the old IP. How the mails are sending from this Ip as I have followed cPanel doc. The mails are going to gmail/Yahoo spam from webmail. Bot from outlook its fine. Please help

    Thanks
    Sreeni
     
  4. vanessa

    vanessa Well-Known Member
    PartnerNOC

    Joined:
    Sep 26, 2006
    Messages:
    817
    Likes Received:
    22
    Trophy Points:
    18
    Location:
    Virginia Beach, VA
    cPanel Access Level:
    DataCenter Provider
    Check your SPF record to make sure the IP is correct. Gmail is a pretty strict enforcer of proper SPF. When you make the change, allow up to 24 hours for propagation.

    If that doesn't work, please paste a copy of the headers from the gmail side of things. You can mask out the sensitive bits.
     
  5. sreeninair

    sreeninair Well-Known Member

    Joined:
    Dec 23, 2013
    Messages:
    100
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Hello Vaessa,


    This is this the full email header.

    Code:
    -----------
    2014-03-12 07:37:30 SMTP connection from [127.0.0.1]:50293 (TCP/IP connection count = 1)
    2014-03-12 07:37:31 1WNav4-0007NG-V3 <= username@domain.net H=localhost ([x.x.x.x]) [127.0.0.1]:50293 P=esmtpa A=courier_login:username@domain.net S=878 id=1f0cbc7a39c23ab8639d817a2bd23a5c.squirrel@ x.x.x.x T="Planting a seed" for username@domain.com
    2014-03-12 07:37:31 SMTP connection from localhost ([x.x.x.x]) [127.0.0.1]:50293 closed by QUIT
    2014-03-12 07:37:31 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1WNav4-0007NG-V3
    2014-03-12 07:37:31 1WNav4-0007NG-V3 SMTP connection outbound 1394599051 1WNav4-0007NG-V3 domain.net username@domain.com
    2014-03-12 07:37:33 1WNav4-0007NG-V3 => username@domain.com R=dkim_lookuphost T=dkim_remote_smtp H=gmail-smtp-in.l.google.com [173.194.64.27] X=UNKNOWN:ECDHE-RSA-AES128-GCM-SHA256:128 C="250 2.0.0 OK 1394599053 sm4si699847obb.4 - gsmtp"
    2014-03-12 07:37:33 1WNav4-0007NG-V3 Completed
    -----------
    
    Here is the spf record details:

    SPF record lookup and validation for: domain.net

    SPF records are published in DNS as TXT records.

    The TXT records found for your domain are:
    v=spf1 +a +mx +ip4: x.x.x.x ~all

    Checking to see if there is a valid SPF record.

    Found v=spf1 record for domain.net:
    v=spf1 +a +mx +ip4: x.x.x.x ~all

    I have noticed that the email is sending from ''SMTP connection from localhost ([ x.x.x.x])'' this ip , it is our old shared ip. But spf is set for new shared ip. The mail ip should be the new ip ' x.x.x.x' as i have not set any options to check etc/mailips in whm. Please let me know how to overcome this. The outlook is directing mails correctly.

    Thanks
    Sreeni
     
    #5 sreeninair, Mar 11, 2014
    Last edited: Mar 12, 2014
  6. vanessa

    vanessa Well-Known Member
    PartnerNOC

    Joined:
    Sep 26, 2006
    Messages:
    817
    Likes Received:
    22
    Trophy Points:
    18
    Location:
    Virginia Beach, VA
    cPanel Access Level:
    DataCenter Provider
    The headers you sent appear to actually be output from the Exim log, not the headers of the email itself.

    For the SPF record, this is likely what's causing the problem. You can edit the IP in the DNS zone directly, or go back to cPanel -> Email Authentication and handle it there. Remember, as with any DNS change, you need to let it propagate. It's not going to be fixed instantly.
     
  7. sreeninair

    sreeninair Well-Known Member

    Joined:
    Dec 23, 2013
    Messages:
    100
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Hello Vaessa,

    Thank you for the update.

    But how the emails are send from old ip. I will update spf.

    Thanks
    Sreeni
     
  8. vanessa

    vanessa Well-Known Member
    PartnerNOC

    Joined:
    Sep 26, 2006
    Messages:
    817
    Likes Received:
    22
    Trophy Points:
    18
    Location:
    Virginia Beach, VA
    cPanel Access Level:
    DataCenter Provider
    You sure /etc/mailips is correct? I know you said in your original post that you corrected this, but it wouldn't hurt to check again.
     
  9. sreeninair

    sreeninair Well-Known Member

    Joined:
    Dec 23, 2013
    Messages:
    100
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Hello Vaessa,

    Here is the output of mailips. The main shared ip is 'x.x.x.x'. So the mail should go through this right ?

    root@server [/]# cat /etc/mailips
    *:x.x.x.x
    root@server [/]#
    -----

    Reference /etc/mailips for outgoing SMTP connections [?] is set to off

    -----

    The main ip is
    root@server [/]# hostname -i
    x.x.x.x
    root@server [/]#
    ------------------

    root@server [/]# cat /etc/domainips
    #domainips v1

    root@server [/]#


    -----------------------

    The new shared ip is added in the spf

    Code:
    domain.net .com. 14400 IN MX 0 domain.net .com.
    
    mail 14400 IN CNAME domain.net .com.
    www 14400 IN CNAME domain.net .com.
    ftp 14400 IN CNAME domain.net .com.
    blog 14400 IN A x.x.x.x
    clients 14400 IN A x.x.x.x
    default._domainkey 14400 IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDV/my6tz4FIUUg675lcg/Ro2nSzKmMSM8JdEnQ3YCGhD0bJWbO9pCr3DVRJm4dr2YyVMYoSYHrifVk80+0CTeqsQrT72Rc52QOF9XaQSGxTzejgqaIFE0Bbwn/wYFUk8VuWmkIDRGXvS5mTog22n15qd8S8Gz0U3iCK7Y6DYDneQIDAQAB;"
    default._domainkey.blog 14400 IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCXfx8rkg0gxHrCx8jFawSmbEyYvDCwuAJ018prVcXZrokAu3XX9NhPbLW8klD+NhyoFfGwjZTP1EDQGLluChm6X7fXTj8U0RCGXICzJzNgOIu24lSBy7j82GMbtUCxieiPDNNgNa+gbZJlhGSAHN0ZBjQ1EubV7bgcEoy7u7k+CwIDAQAB;"
    default._domainkey.clients 14400 IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCHzVO4rqgpPf5zvEEiMe/Kkx1e6v7DUlyfjnZ+OPLOHBum9vnKmxyS/JCJCsSL7GamQYQwhOgJAK5QDx4omDqRScjOg/ek1uAUnKlx5oZvoKseTrdKpB3tfqdDORu3/qmKbxH+YCfbIofE4OZJhrp6z56swj8uEi+G4WrXLQwqwIDAQAB;"
    
    cpanel 14400 IN A x.x.x.x
    webdisk 14400 IN A x.x.x.x
    whm 14400 IN A x.x.x.x
    webmail 14400 IN A x.x.x.x
    forcehost.net .com. 14400 IN TXT "v=spf1 +a +mx +ip4: x.x.x.x ~all"
    blog 14400 IN TXT "v=spf1 +a +mx +ip4: x.x.x.x ~all"
    clients 14400 IN TXT "v=spf1 +a +mx +ip4: x.x.x.x ~all"
    
    Thanks
    Sreeni
     
    #9 sreeninair, Mar 12, 2014
    Last edited: Mar 12, 2014
  10. vanessa

    vanessa Well-Known Member
    PartnerNOC

    Joined:
    Sep 26, 2006
    Messages:
    817
    Likes Received:
    22
    Trophy Points:
    18
    Location:
    Virginia Beach, VA
    cPanel Access Level:
    DataCenter Provider
    Is 23.88.113.189 still present on your server? One thing I should point out is that Exim will by default send out on whatever the primary interface of your server is, regardless of whether it's your shared IP. So, you should configure Exim (you were looking at the correct setting) to look at /etc/mailips, then keep the shared IP in that file.
     
  11. sreeninair

    sreeninair Well-Known Member

    Joined:
    Dec 23, 2013
    Messages:
    100
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Hello Vaessa,

    Thanks for the update.

    The Ip 'x.x.x.x' is still present in the server. Do I need to remove it?. It is the shared ip in mailips file. How to change Exim primary interface ?.

    Thanks
    Sreeni
     
    #11 sreeninair, Mar 12, 2014
    Last edited: Mar 12, 2014
  12. vanessa

    vanessa Well-Known Member
    PartnerNOC

    Joined:
    Sep 26, 2006
    Messages:
    817
    Likes Received:
    22
    Trophy Points:
    18
    Location:
    Virginia Beach, VA
    cPanel Access Level:
    DataCenter Provider
    You don't have to remove it. Again, your /etc/mailips file should route all mail over the alternate IP. You indicated previously that 23.88.112.2 was the main IP in /etc/mailips. Now you've said that 23.88.113.189 is the main IP in that file. Note sure which one it actually is, but /etc/mailips should look like this:

    Code:
    *: 23.88.112.2
    
     
  13. sreeninair

    sreeninair Well-Known Member

    Joined:
    Dec 23, 2013
    Messages:
    100
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Hello Vaessa,

    My bad,

    It is the shared ip in mailips file. >> I actually mean the shared ip (y.y.y.y) is in /etc/mailips.

    I have already tried add "*: y.y.y.y" and enabled "Reference /etc/mailips for outgoing SMTP connections [?]" ON . Still mails are sending via old ip. I will recheck an let you know.

    Thanks
    Sreeni
     
    #13 sreeninair, Mar 12, 2014
    Last edited: Mar 12, 2014
  14. sreeninair

    sreeninair Well-Known Member

    Joined:
    Dec 23, 2013
    Messages:
    100
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Hello Vanessa ,

    The mails are still routed through old ip though new ip are configured in /etc/mailips

    Thanks
    Sreeni
     
  15. vanessa

    vanessa Well-Known Member
    PartnerNOC

    Joined:
    Sep 26, 2006
    Messages:
    817
    Likes Received:
    22
    Trophy Points:
    18
    Location:
    Virginia Beach, VA
    cPanel Access Level:
    DataCenter Provider
    Exim should be routing email over whatever the "*" definition is in /etc/mailips. Try rebuilding the exim conf and restarting:

    /scripts/buildeximconf
    service exim restart

    If that doesn't work, you'll probably need to have someone look at your server.
     
  16. sreeninair

    sreeninair Well-Known Member

    Joined:
    Dec 23, 2013
    Messages:
    100
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Hello Vanessa ,

    This fixed the issue. Thank you.

    Thanks
    Sreenivas
     
Loading...

Share This Page