Testing Exim mail server, timeout with Wormly.com and mxtoolbox.com

[avibodha]

Our server seems to be working fine receiving and sending email, but when I've tested with some online SMTP server testers, it always times out.

Test your SMTP Mail Server (MX) - Wormly

This free online tool allows you to test an SMTP mail server directly, sending a test email so you can be sure that it is functioning correctly. Perfect for setting up new mail exchangers (MX's) for your domain.

www.wormly.com

MX Lookup Tool - Check your DNS MX Records online - MxToolbox (diagnostics, smtp test)

On the WHM, Email Deliverability, we have green marks on all.

Both wormly.com and mxtoolbox.com show timeout errors.
Does a normal Exim cpanel server also do this?

I have another mail server running Webmin/Virtualmin and Postfix and it passes both server tests with no problems.

thanks for any guidance.

Here are wormly results:

Connection: opening to MAIL.MYDOMAIN.COM:25, timeout=300, options=array (
)
Connection: opened
SERVER -> CLIENT: 220-MAIL.MYDOMAIN.COM ESMTP Exim 4.92 #2 Wed, 12 Feb 2020 11:06:05 -0700
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
CLIENT -> SERVER: EHLO tools.wormly.com
SERVER -> CLIENT: 250-MAIL.MYDOMAIN.COM Hello tools.wormly.com [96.126.113.160]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP
CLIENT -> SERVER: STARTTLS
SERVER -> CLIENT: 220 TLS go ahead
2020-02-12 18:06:05 SMTP Error: Could not connect to SMTP host.
CLIENT -> SERVER: QUIT
SERVER -> CLIENT: ecurity failure
554 Security failure
SMTP ERROR: QUIT command failed: ecurity failure
554 Security failure
Connection: closed
2020-02-12 18:06:06 SMTP connect() failed. PHPMailer/PHPMailer

MxToolbox shows similar timeout.

 

[kernow]

Check in WHM>>Exim Configuration Manager>> Options for OpenSSL, you should at least have the default +no_sslv2 set.

 

[cPanelLauren]

This is because the site you're using is attempting to connect using SSL with your server that requires TLS connections only. My assumption is that you're receiving this error in the logs:

2020-02-14 13:44:54.883 [2220] TLS error on connection from (tools.wormly.com) [96.126.113.160]:44190 I=[<MYIPADDCRESS>]:25 (SSL_accept): error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol

For MXToolbox what is the error you're receiving? Is it something like the following?

Timeout waiting for response after 15 seconds. : Completed Connect

	Test	Result
	SMTP Banner Check	Reverse DNS does not match SMTP Banner	More Info
	SMTP TLS	Warning - Does not support TLS.	More Info
	SMTP Transaction Time	15.188 seconds - Not good! on Transaction Time	More Info

If this is what you're seeing this relates directly to the following in the Exim Configuration which is enabled by default and causes a false positive with MX Toolbox:

Introduce a delay into the SMTP transaction for unknown hosts and messages detected as spam. The SMTP receiver will wait a few additional seconds for a connection when it detects spam messages in order to reduce inbound spam. The system excludes the following remote hosts from the delay: Neighbor IP addresses in the same netblock, Loopback addresses, Trusted Mail Hosts, Relay Hosts, Backup MX Hosts, Skip SMTP Checks Host, Sender Verify Bypass Hosts.