The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Trouble with Remote Mail Exchanger and Mail Delivery

Discussion in 'E-mail Discussions' started by dreohio99, Mar 21, 2016.

  1. dreohio99

    dreohio99 Registered

    Joined:
    Jun 6, 2007
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Hello,

    I have added a new domain account to our server, but the A record is still pointing to the old/existing server because I am not ready to do the live transfer yet. I created a subdomain for testing and pointed it's A record to our server. In the MX entry settings for the new domain (not sub-domain) I have it set to use Remote Mail Exchanger and have entered the remote MX records.

    My problem is that when I try to send an email from another local domain on our server to the new domain, it is failing immediately with the following message:

    SMTP error from remote mail server after end of data: 550 permanent failure for one or more recipients

    If I change the new domain to something else, then the emails to that domain go through successfully to the remote mail server... Do you know why this would happen or what in the world could possibly be going on?

    I don't know if it affects anything or helps answer the question, but we are not running a DNS Server locally. I also checked the ect/localdomains and ect/remotedomains and the new domain is listed in the ect/remotedomains.

    We also have other clients websites on the server with remote mail exchanger set, but have not experienced any issues with sending mail to them through a local account. They have been set up on the server for quite awhile though so I don't know if that makes a difference as to why emails to them work, but to the new domain don't....

    Please help!
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    651
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Could you let us know the specific entry in /var/log/exim_mainlog when this happens? EX:

    Code:
    exigrep user@domain /var/log/exim_mainlog
    Thank you.
     
  3. dreohio99

    dreohio99 Registered

    Joined:
    Jun 6, 2007
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Is there something specific I should be looking for?

    Is there somewhere private I can send the log entry or should I just modify all references to IPs, e-mails, and domains?
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    651
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    You are looking for the specific error message when the delivery attempt fails. You can post it here in CODE tags as long as you remove any identifying information about the domain name or server.

    Thank you.
     
  5. alphawolf50

    alphawolf50 Well-Known Member

    Joined:
    Apr 28, 2011
    Messages:
    186
    Likes Received:
    2
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    I have more information regarding this issue (OP and I know each other). The issue is that Exim is sending mail from the wrong IP address under certain conditions, and an SPF record for the sending domain ending in "-all" will cause some hosts to reject the email. I've not systematically tested each condition to see which triggers this behavior, but these are the conditions that seem to be the logical causes:
    1. Exim configured to "Send mail from account’s dedicated IP address"
    2. Sending account has dedicated IP address on server. (x.x.x.100)
    3. Sending account uses local mail exchanger.
    4. Receiving account is a reseller account with a "reseller's shared IP" (x.x.x.200)
    5. Receiving account uses a remote mail exchanger.
    In this case, the sending email exits the server from x.x.x.200, instead of x.x.x100. The receiving MTA checks sender's SPF and sees that x.x.x.200 is not an authorized sender, and rejects the mail. I was able to confirm this behavior by viewing the headers on an email sent to another account with the exact same setup, but where the receiving MTA was not strict about SPF.

    Relevant (redacted) Exim logs for the failed email is below:

    Code:
    2016-03-23 22:09:23 1aiuiA-0007x0-Kz SMTP connection outbound 1458785363 1aiuiA-0007x0-Kz <local-redacted>.com user@<remote-redacted>.com
    2016-03-23 22:09:26 1aiuiA-0007x0-Kz ** user@<remote-redacted>.com R=dkim_lookuphost T=dkim_remote_smtp H=xxxxxxx.xxx.barracudanetworks.com [x.x.x.x] X=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=yes: SMTP error from remote mail server after end of data: 550 permanent failure for one or more recipients (user@<remote-redacted>.com:blocked)
    2016-03-23 22:09:26 cwd=/var/spool/exim 7 args: /usr/sbin/exim -t -oem -oi -f <> -E1aiuiA-0007x0-Kz
    2016-03-23 22:09:27 1aiuiE-0007xZ-SC <= <> R=1aiuiA-0007x0-Kz U=mailnull P=local S=2405 T="Mail delivery failed: returning message to sender" for user@<local-redacted>.com
    2016-03-23 22:09:27 1aiuiA-0007x0-Kz Completed
    
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    651
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Could you verify the version of cPanel installed on this server? We've had a few cases that address the /etc/mailhelo and /etc/mailips files published in the past few weeks.

    Thank you.
     
  7. dreohio99

    dreohio99 Registered

    Joined:
    Jun 6, 2007
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    We are on 54.0 (build 21)
     
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    651
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Could you open a support ticket using the link in my signature so we can take a closer look? You can post the ticket number here so we can update this thread with the outcome.

    Thank you.
     
  9. alphawolf50

    alphawolf50 Well-Known Member

    Joined:
    Apr 28, 2011
    Messages:
    186
    Likes Received:
    2
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Sorry about the delay. Ticket #7512403
     
Loading...

Share This Page