The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Unreliable email...

Discussion in 'E-mail Discussions' started by Forcerdj, Apr 9, 2013.

  1. Forcerdj

    Forcerdj Well-Known Member

    Joined:
    Nov 30, 2009
    Messages:
    60
    Likes Received:
    1
    Trophy Points:
    8
    Email is unreliable on my server, it's been going on for a while clients would randomly complain they've sent emails and they haven't arrived at their destination, or they are being sent emails they are not receiving.. they are not getting errors the email is simply being lost.

    For regular complaints i've been forced to route email through google apps or windows live domains because email is important to their business.

    I've never been able to find a solution and more and more clients are starting to complain.

    I don't even know where to start getting to the bottom of this? My server guy has ran tests and in the past and seems to think it's working ok, it may work in that instance but it's totally random.

    How can i diagnose this and hopefully get to the root cause? what should i check? recommended settings? at this stage i'm willing to try anything :) thanks
     
  2. ThinIce

    ThinIce Well-Known Member

    Joined:
    Apr 27, 2006
    Messages:
    346
    Likes Received:
    7
    Trophy Points:
    18
    Location:
    Disillusioned in England
    cPanel Access Level:
    Root Administrator
    I'd suggest the following as a start (presuming the basics like a reverse record for your server hostname are in place) and you're using a more or less standard exim config

    1. Check the exim log / mail log in the control panel for the incoming / outgoing messages in question - are they being rejected / passed to remote systems?

    2. Check your main server IP (the one mail is sent with) against RBL blocklists - at mxtoolbox or similar.
     
  3. Forcerdj

    Forcerdj Well-Known Member

    Joined:
    Nov 30, 2009
    Messages:
    60
    Likes Received:
    1
    Trophy Points:
    8
    Hi,

    We are not on any blacklists, rDNS is setup correctly and exim config is standard.

    We have checked some logs and found the following:

    Code:
    host mx-c1.talktalk.net [62.24.202.3]: 452 #4.5.3 Too many recipients.
    
    host mx.avasin.plus.net [212.159.8.200]: 421 avasin13.plus.net Plusnet Cloudmark Gateway Too many connections from same IP
    
    host mx-bt.mail.am0.yahoodns.net [188.125.69.78]: 452 Too many recipients
    
    2013-04-08 16:27:52 1UPDxv-000554-1Y == xxx@yahoo.co.uk R=dkim_lookuphost T=dkim_remote_smtp defer (-44): SMTP error from remote mail server after RCPT TO:<xxx@yahoo.co.uk>: host mx-eu.mail.am0.yahoodns.net [188.125.69.79]: 452 Too many recipients
    So what is the best setup to overcome this? I'm sure lots of bulk emails are sent daily within these networks so how would we not get blocked? this email is coming from my main server IP.. is that a bad idea, if some clients are using it to send bulk emails then regular usage clients are going to be hurt as well?
     
  4. ThinIce

    ThinIce Well-Known Member

    Joined:
    Apr 27, 2006
    Messages:
    346
    Likes Received:
    7
    Trophy Points:
    18
    Location:
    Disillusioned in England
    cPanel Access Level:
    Root Administrator
    With regards 1UPDxv-000554-1Y I'm presuming this is a legitimate outgoing message? It would be a good idea to check the logs for outgoing sends to yahoo and other bulk providers that may be spam / malicious. If you have a lot of mail to yahoo currently held on queue, is a lot of it from the same account / is it junk?

    While problems sending to yahoo can occur spontaneously (i.e. yahoo's fault) they are often the result of a compromised account / mailbox on the server.

    If you have legitimate users who are not using sensible (i.e. batch) sending for their mailing lists, you can restrict them somewhat using tweak settings. This will generally lead to them getting in touch for some education.

    Tweak Settings

    I'd perhaps stay away from "Maximum percentage of failed or deferred messages a domain may send per hour" until you've resolved the current problem.

    The relay checks in csf can also come in handy.
     
  5. Forcerdj

    Forcerdj Well-Known Member

    Joined:
    Nov 30, 2009
    Messages:
    60
    Likes Received:
    1
    Trophy Points:
    8
    Sorry it has taken me long time to reply to this, unfortunately problems are on-going.

    I've pulled 2 errors a client has received today:

    553 sorry, unknown email address; no valid cert for gatewaying (#5.7.1)

    SMTP error from remote mail server after end of data: host mx.avasin.plus.net [212.159.8.200]: 552 Spam Message Rejected

    The same client is also talking about emails going missing, sending emails that are not ending up anywhere, no errors no nothing, and the same when receiving.

    I also have another client who claims the same thing.

    I've reached out to my server manager who once again thinks everything is OK and is blaming the other end, i must stress that the issues are within my server, it doesn't take a rocket science to work it out, it's been going on for so long.

    Unfortunately it's not my fortè so i'm at a loss.. Is this something cPanel would help with if i opened a ticket? or should i reach out to managed services, can anyone recommend a server expert?
     
  6. ThinIce

    ThinIce Well-Known Member

    Joined:
    Apr 27, 2006
    Messages:
    346
    Likes Received:
    7
    Trophy Points:
    18
    Location:
    Disillusioned in England
    cPanel Access Level:
    Root Administrator
    Really at this point you want to pull the full log for the message from the exim logs whether through whm or on the command line with exigrep so you can be sure for yourself. Your server manager probably means that in general the mail system is working and in general your server doesn't have a major spam / blocklist problem, working out issues with individual recipients is much more fiddly.

    If both of these are for outgoing messages from your server, the first would suggest that the recipient address is incorrect / or misconfiguation at the recipient end.

    The second (if for an outgoing message) suggests that for whatever reason the message was rejected as spam, a good course of action (presuming you stil aren't on any block lists) would be to grep your mail logs for other messages going to plus.net, if they get through it's likely an issue with that message specifically, especially if it was part of a bulk send.

    If your users send bulk mail (and tbh even if not) it's well worth working through How to: Prevent Email Abuse if you haven't already, the reason being that there are always some clients who in the runup to christmas decide it would be a great idea to email promotional material to every email address they ever collected, repeatedly and this causes a large number of failures (defunct addresses) and can trigger blocking by some recipient systems due to volume / content.

    The cPanel guys will be able to confirm for you that there is no fault with the mail system itself and any qualified system administrator will be able to work through each individual error with you, unfortunately sometimes the answer really is "it's the recipient system's fault" ;) although it's normally possible to qualify that with a bit more information.
     
  7. cPanelPeter

    cPanelPeter Technical Analyst III
    Staff Member

    Joined:
    Sep 23, 2013
    Messages:
    569
    Likes Received:
    15
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    Feel free to open up a ticket using the link in my signature. That way one of our analysts can examine the log file for you and provide advice accordingly.
     
  8. Forcerdj

    Forcerdj Well-Known Member

    Joined:
    Nov 30, 2009
    Messages:
    60
    Likes Received:
    1
    Trophy Points:
    8
    I have done just that, thanks i will post my results.
     
    #8 Forcerdj, Dec 12, 2013
    Last edited: Dec 12, 2013
  9. cPanelPeter

    cPanelPeter Technical Analyst III
    Staff Member

    Joined:
    Sep 23, 2013
    Messages:
    569
    Likes Received:
    15
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Twitter:
    Greetings,

    So just to update this information. Most of the issues in the ticket were simple user errors (not the hosting providers problems). There was only one issue that can be fixed on any cPanel server where sending to a Gmail account may cause it to be marked as SPAM. There is an authentication method called dmarc ("Domain-based Message Authentication, Reporting and Conformance") which Gmail started using.

    Messages sent that are using SPF and DKIM but NOT dmarc are most likely getting marked as spam.
    cPanel already has a feature request available for this here: DMARC config in email authentication section | cPanel Feature Requests

    If you think this is important, then you should vote for it.

    In the mean time you can create a dmarc record very similar to an SPF record.

    DMARC.org - Domain-based Message Authentication, Reporting and Conformance
    https://support.google.com/a/answer/2466563?hl=en
     
Loading...

Share This Page