The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

why did my esmtpsa change to unknown

Discussion in 'E-mail Discussions' started by durangod, Sep 1, 2014.

  1. durangod

    durangod Well-Known Member

    Joined:
    May 12, 2012
    Messages:
    251
    Likes Received:
    10
    Trophy Points:
    18
    cPanel Access Level:
    Website Owner
    Hi,

    I ran into this trying to help someone with a different matter and i was like huhhhh ... what happened here. As you can see one email is from 19 and the other one is from last night. From the same domain. I compared the headers and the headers are very close to identical other than the esmtpsa. I did a SPF record and it did not change it.

    I am concerned because i dont want to get myself or my domain blocked and if i understand this corrrectly (which i prob dont lol) UNKNOWN could get me blocked or blacklisted.


    What is the cause of my esmtpsa (which i guess is extended smpt) to now show UNKNOWN?



    Code:
    esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256)         19 Jun 2014 
    esmtpsa (UNKNOWN:DHE-RSA-AES256-GCM-SHA384:256)    31 Aug 2014 
    
     
    #1 durangod, Sep 1, 2014
    Last edited: Sep 1, 2014
  2. durangod

    durangod Well-Known Member

    Joined:
    May 12, 2012
    Messages:
    251
    Likes Received:
    10
    Trophy Points:
    18
    cPanel Access Level:
    Website Owner
  3. durangod

    durangod Well-Known Member

    Joined:
    May 12, 2012
    Messages:
    251
    Likes Received:
    10
    Trophy Points:
    18
    cPanel Access Level:
    Website Owner
    well thats not really want i wanted, PCI is bunch of hoopla anyway.. I just want my cipher to show and fix the UNKOWN issue..

    any ideas ?
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  5. durangod

    durangod Well-Known Member

    Joined:
    May 12, 2012
    Messages:
    251
    Likes Received:
    10
    Trophy Points:
    18
    cPanel Access Level:
    Website Owner
    Yes sir, that was the 31 aug header above. I logged into my website admin area and sent myself an email and it came back UNKNOWN.

    I will try it again now since my Exim was reset last night i will see if it is still the same. I will post the results here shortly.
     
  6. durangod

    durangod Well-Known Member

    Joined:
    May 12, 2012
    Messages:
    251
    Likes Received:
    10
    Trophy Points:
    18
    cPanel Access Level:
    Website Owner
    here are the results from just now..

    this was via a php script

    Code:
    
    Delivery-date: Tue, 02 Sep 2014 10:23:02 -0600
    Received: from xxxxxx.xxxxxx.com ([xxx.xxx.3.19]:60773 helo=xxx.xxxxxxxxxxxxxxxxx.com)
    	by xxxxxx.xxxxxxxxxxxxxx.com with esmtpsa (UNKNOWN:DHE-RSA-AES256-GCM-SHA384:256)
    
    
    
    ok so from the mail client using hotmail account to the site mail here are the results


     
    #6 durangod, Sep 2, 2014
    Last edited: Sep 2, 2014
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Please browse to "WHM Home » Service Configuration » Exim Configuration Manager" and let us know which of the following options are enabled:

    Require HELO before MAIL
    Require incoming SMTP connections to send HELO before MAIL
    Require remote (hostname/IP address) HELO
    Require remote (domain) HELO
    Require RFC-compliant HELO
    Query Apache server status to determine the sender of email sent from processes running as nobody
    EXPERIMENTAL: Rewrite From: header to match actual sender


    Thank you.
     
  8. durangod

    durangod Well-Known Member

    Joined:
    May 12, 2012
    Messages:
    251
    Likes Received:
    10
    Trophy Points:
    18
    cPanel Access Level:
    Website Owner
    Require HELO before MAIL Enabled

    Require incoming SMTP connections to send HELO before MAIL (actually named Require HELO before MAIL) Enabled

    Require remote (hostname/IP address) HELO Enabled

    Require remote (domain) HELO Disabled

    Require RFC-compliant HELO Enabled

    Query Apache server status to determine the sender of email sent from processes running as nobody Enabled

    EXPERIMENTAL: Rewrite From: header to match actual sender Disabled
     
  9. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    You could try enabling "EXPERIMENTAL: Rewrite From: header to match actual sender", but I believe the outcome is simply the result of how you are sending the emails. Do you experience the same issue if you send through a standard email client directly from a desktop, or through Webmail?

    Thank you.
     
  10. durangod

    durangod Well-Known Member

    Joined:
    May 12, 2012
    Messages:
    251
    Likes Received:
    10
    Trophy Points:
    18
    cPanel Access Level:
    Website Owner
    OK well this narrows it down a bit... If i send from server mail, like actually inside horde and send a mail it works..


    From horde to msn..

    Code:
     by xxxx.xxxxxxxx.com with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256)
    
    
    then if i send from phpBB forum board via smtp to my server email

    Code:
    
    XXXXXX.XXXXXXXXXXXXX.com with esmtpa (Exim 4.82)
    
    

    So it looks like it is script related and NOT server (cpanel/whm) related, would you agree?
     
  11. durangod

    durangod Well-Known Member

    Joined:
    May 12, 2012
    Messages:
    251
    Likes Received:
    10
    Trophy Points:
    18
    cPanel Access Level:
    Website Owner
    I also noticed that this script defaults to LOGIN type authentication.. Where as the phpBB forum lets you choose and i chose PLAIN. But PLAIN on this script will not send mail at all..

    Would LOGIN type have anything to do with the cipher recognition..


    i was reading this

    http://en.wikipedia.org/wiki/Transport_Layer_Security


    So does the UNKNOWN mean that they are not shaking hands, or does it mean they are shaking hands but it does not recognize the cypher?
     
    #11 durangod, Sep 5, 2014
    Last edited: Sep 5, 2014
Loading...

Share This Page