SMTP problem Between cPanel and gSuite using Cloudflare.

[lubie]

Hi there,
I have been struggling with this issue for several weeks now and I still can't figure out why I can't make this work. I will try to be as precise as possible.

Here are my server settings :

I have a new server, HOST.MYCOMPANY.COM
On this server is installed cPanel, Cloudlinux over centOS 7.

This server has two cPanel Accounts : one for my own organisation and one for my customer:

• MYCOMPANY.COM
• MYCLIENT.COM

The DNS of Both domain are managed on my Cloudflare account.

Here is my problem, some things work but some dont:

• I can receive and send any emails within google gmail without problems with MYCOMPANY domains.
• MYCLIENT cPanel mail account can recieve any mail from any sources.
• MYCLIENT cPanel mail account cannot send mail to MYCOMPANY domain's email addresses but:
• MYCLIENT cPanel mail account can send mail to any other destinations (except @MYCOMPANY.COM).
• Any mail sent directly from my website MYCOMPANY.COM (there is no mailboxes but we have web forms, for example) with a destination @MYCOMPANY.COM are not received.

When I look to my WHM Queue Manager, all those messages are marked as "Frozen".
I tried several combinaisons of settings both in Cloudflare and on the server. I tried to change nameservers in cPanel DNS zone editor to put my cloudflare nameservers without any success.
As for Exim's mailhelo and mailips both files appears to be empty.
I do not no what to try anymore.

This is my Cloudflare settings :

MYCOMPANY.COM :
A @ -> MYSERVERIP1
A HOST -> MYSERVERIP1
A MAIL -> MYSERVERIP1
A NS1 -> MYSERVERIP1
A NS2 -> MYSERVERIP2

CNAME WWW -> MYCOMPANY.COM
CNAME k1._domainkey -> dkim.mcsv.net (Mailchimp)
MX MYCOMPANY -> aspmx.l.google.com (1)
MX MYCOMPANY -> alt1.aspmx.l.google.com (5)
MX MYCOMPANY -> alt2.aspmx.l.google.com (5)
MX MYCOMPANY -> alt3.aspmx.l.google.com (10)
MX MYCOMPANY -> alt4.aspmx.l.google.com (10)
TXT default._domainkey -> v=spf1 +ip4:
MYSERVERIP1 include:_spf.google.com include:servers.mcsv.net ~all
TXT google._domainkey -> v=DKIM1; k=rsa; p=(I PUT MY CERTIFICATE HERE)

TXT _dmarc -> v=DMARC1; p=quarantine; rua=mailto:[email protected];

MYCLIENT.COM
A @ -> MYSERVERIP1
A MAIL -> MYSERVERIP1
CNAME WWW -> MYCLIENT.COM
MX MYCLIENT -> MAIL.MYCLIENT.COM (0)
TXT default._domainkey -> "v=DKIM1; k=rsa; p=(I PUT MY CERTIFICATE HERE)
TXT @ -> "v=spf1 +ip4:MYSERVERIP1 ~all"
TXT _dmarc -> v=DMARC1; p=quarantine; rua=mailto:[email protected];


Note: nothing is using the Cloudflare proxy in those records.


I also did a MXTOOLBOX Mail check and I get these warnings :

MYCOMPANY's MXTOOBOX WARNINGS :
dns - MYCOMPANY.COM - SOA Serial Number Format is Invalid
dns - MYCOMPANY.COM - SOA Expire Value out of recommended range
smtp - alt1.aspmx.l.google.com - Reverse DNS Resolution FAILED! This is a problem
smtp - alt1.aspmx.l.google.com - Reverse DNS does not match SMTP Banner
smtp - alt2.aspmx.l.google.com - Reverse DNS does not match SMTP Banner
smtp - alt3.aspmx.l.google.com - Reverse DNS does not match SMTP Banner
smtp - alt4.aspmx.l.google.com - Reverse DNS Resolution FAILED! This is a problem

MYCLIENT's MXTOOBOX WARNINGS :

dns - MYCOMPANY.COM - SOA Serial Number Format is Invalid
dns - MYCOMPANY.COM - SOA Expire Value out of recommended range
smtp - Reverse DNS does not match SMTP Banner
smtp - Warning - Does not support TLS.
smtp - 15.531 seconds - Not good! on Transaction Time


Finally, here's a DIG MX from my server for both domains :

MYCOMPANY's DIG:
MYCOMPANY.COM. 300 IN MX 1 aspmx.l.google.com.
MYCOMPANY.COM. 300 IN MX 5 alt1.aspmx.l.google.com.
MYCOMPANY.COM. 300 IN MX 5 alt2.aspmx.l.google.com.
MYCOMPANY.COM. 300 IN MX 10 alt3.aspmx.l.google.com.
MYCOMPANY.COM. 300 IN MX 10 alt4.aspmx.l.google.com.

MYCLIENT's DIG :
MYCLIENT.COM. 114 IN MX 0 mail.MYCLIENT.com.

I am pretty sure there is a very simple solution to this problem but I can't figure it out.
If that kind of puzzely thing stimulates your little grey cells, I would appreciate any help you could offer.
Thank you.
Jim

 

[cPanelLauren]

MYCLIENT cPanel mail account cannot send mail to MYCOMPANY

If you log in to SSH and run the following:

cat /etc/remotedomains

cat /etc/localdomains

Is your domain in the output for either file? If so which?

Any mail sent directly from my website MYCOMPANY.COM (there is no mailboxes but we have web forms, for example) with a destination @MYCOMPANY.COM are not received.

What is the output for these in the exim logs or the php error logs if enabled?

The exim logs can be found at:

/var/log/exim_mainlog

PHP error logs are typically located in the documentroot for the domain, which is by default: /home/$user/public_html/error_log

 

[lubie]

Thank you very much for answering!

If you log in to SSH and run the following:

cat /etc/remotedomains

cat /etc/localdomains

Is your domain in the output for either file? If so which?

It appears like both my domains exists only in the localdomains file. The remotedomains file is however empty.

What is the output for these in the exim logs or the php error logs if enabled?

The exim logs can be found at:

/var/log/exim_mainlog

PHP error logs are typically located in the documentroot for the domain, which is by default: /home/$user/public_html/error_log

I tried sending an email from MYCLIENT's test mailbox using Roundcube to my admin@MYCOMPANY's email, here's what appears in the exim_mainlog:

SMTP connection from [::1]:55714 (TCP/IP connection count = 1)
1is4jg-005Nf5-99 <= [email protected] H=(host.MYCOMPANY.com) [::1]:55714 P=esmtpa A=dovecot_login:[email protected] S=576 [email protected] T="test" for [email protected]
SMTP connection from (admin.MYCOMPANY.com) [::1]:55714 closed by QUIT
cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1is4jg-005Nf5-99
1is4jg-005Nf5-99 => MYCOMPANY <[email protected]> R=localuser T=dovecot_delivery C="250 2.0.0 <[email protected]> poZ0FxBeIF4tkhMAjQdSkw Saved"
1is4jg-005Nf5-99 Completed
cwd=/usr/local/cpanel/whostmgr/docroot 2 args: /usr/sbin/exim -bpra

For the record, I never received this email.

As for PHP Error logs they are only available for my client's account but There is only website warnings and error from when we added the website in December. Nothing fresh there as websites works perfectly.

Does it rings any bell ?
Thank you!

 

[cPanelLauren]

It appears like both my domains exists only in the localdomains file. The remotedomains file is however empty.

Your domain doesn't get it's mail on the server though, it gets it at Google so your domain should be remote.

Can you add it in /etc/remotedomains
or
Go to WHM>>DNS Functions>>Edit DNS Zone and modify your domain to be "remote mail exchange" at the bottom.

For the email can you get me the output of the following:

exigrep 1is4jg-005Nf5-99 /var/log/exim_mainlog

 

[lubie]

For the email can you get me the output of the following:

exigrep 1is4jg-005Nf5-99 /var/log/exim_mainlog

Sure, it looks like what was in the log :

cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1is4jg-005Nf5-99
1is4jg-005Nf5-99 <= [email protected] H=(host.beauvoir.ca) [::1]:55714 P=esmtpa A=dovecot_login:[email protected] S=576 id=[email protected] T="test" for [email protected]
1is4jg-005Nf5-99 => beauvoir <[email protected]> R=localuser T=dovecot_delivery C="250 2.0.0 <[email protected]> poZ0FxBeIF4tkhMAjQdSkw Saved"
1is4jg-005Nf5-99 Completed

Your domain doesn't get it's mail on the server though, it gets it at Google so your domain should be remote.
Can you add it in /etc/remotedomains

I did just that and it gave me this warning :

zone mycompany.com/IN: NS 'ns1.mycompany.com' has no address records (A or AAAA) zone mycompany.com/IN: NS 'ns2.mycompany.com' has no address records (A or AAAA) zone mycompany.com/IN: not loaded due to errors.

But the change appears to have worked as the domain MYCOMPANY.com is now in /etc/remotedomains file and not in localdomains.

Does it means I should change nameservers on mycompany's account DNS zone to my cloudflare's DNS? or should I keep ns1.MYCOMPANY.com and NS2.MYCOMPANY.com ?

Now I just tested some email test to my domain from the server and it worked just fine! It looks like it also work for my client's account even without any changes there. I will do some more tests to be sure everything works softly but I believe the problem was as simple as that. Still I dont quite understand why it's like that.

I always select "auto select mode" for mail exanger when I create a new cPanel account.
Should I consider it good practice to always force external mail exchangers when a domain's mail is managed from outside the server?
Also, Is it good practice to use external nameservers (like cloudflare) if the account's DNS are managed in cloudflare ?

I thank you very much for your help, I really appreciate your time.

 

[cPanelLauren]

I did just that and it gave me this warning :

That warning is a result of the local zone file not being configured properly. ns1.mycompany.com and ns2.mycompany.com don't have A records attributed to them in the local zone file. This is unrelated to the domain being present in /etc/remotedomains, this just occurred because the zones were reloaded.

Does it means I should change nameservers on mycompany's account DNS zone to my cloudflare's DNS? or should I keep ns1.MYCOMPANY.com and NS2.MYCOMPANY.com ?

This is up to you? I'm not sure how that's relevant.

I always select "auto select mode" for mail exanger when I create a new cPanel account.

I do as well in most cases, but in this instance, the domain's zone file seems to have had some inconsistencies and should have been updated when the MX records were set to retrieve mail elsewhere.

Should I consider it good practice to always force external mail exchangers when a domain's mail is managed from outside the server?

This would be a good practice, if you know that mail won't be managed on the server.

Also, Is it good practice to use external nameservers (like cloudflare) if the account's DNS are managed in cloudflare ?

There's nothing wrong with using CloudFlare and it can improve security as well as response times.