Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Why different HELOs? - Horde vs Roundcube

Discussion in 'E-mail Discussions' started by EneTar, Nov 14, 2017.

  1. EneTar

    EneTar Well-Known Member

    Joined:
    Dec 19, 2015
    Messages:
    121
    Likes Received:
    6
    Trophy Points:
    18
    Location:
    Greece
    cPanel Access Level:
    Root Administrator
    Environment
    Code:
    [~]# grep '' /etc/redhat-release /usr/local/cpanel/version /                      var/cpanel/envtype ; grep CPANEL= /etc/cpupdate.conf ; httpd -v ; php -v ; mysql                       -V
    /etc/redhat-release:CentOS release 6.9 (Final)
    /usr/local/cpanel/version:11.68.0.12
    /var/cpanel/envtype:kvm
    CPANEL=release
    Server version: Apache/2.4.29 (cPanel)
    Server built:   Nov  7 2017 03:54:43
    ea-php-cli Copyright 2017 cPanel, Inc.
    PHP 7.0.25 (cli) (built: Nov  7 2017 04:14:18) ( NTS )
    Copyright (c) 1997-2017 The PHP Group
    Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies
        with Zend OPcache v7.0.25, Copyright (c) 1999-2017, by Zend Technologies
    mysql  Ver 15.1 Distrib 10.1.28-MariaDB, for Linux (x86_64) using readline 5.1
    
    my.hostname.eu is my server hostname
    domain1.com and domain2.com are domains on the same ip

    When sending from Horde I get
    Code:
    Return-Path: <john@domain1.com>
    Delivered-To: george@domain2.com
    Received: from my.hostname.eu
        by my.hostname.eu with LMTP id 6GnpAD01C1puJwAAnaC/hg
        for <george@domain2.com>; Tue, 14 Nov 2017 20:26:05 +0200
    Return-path: <john@domain1.com>
    Envelope-to: george@domain2.com
    Delivery-date: Tue, 14 Nov 2017 20:26:05 +0200
    Received: from [127.0.0.1] (port=52998 helo=my.hostname.eu)
        by my.hostname.eu with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128)
        (Exim 4.89)
        (envelope-from <john@domain1.com>)
        id 1eEfuO-0002cd-Ou
        for george@domain2.com; Tue, 14 Nov 2017 20:26:04 +0200
    Received: from 85.72.177.50 ([85.72.177.50]) by domain1.com (Horde Framework)
     with HTTPS; Tue, 14 Nov 2017 20:26:04 +0200
    Date: Tue, 14 Nov 2017 20:26:04 +0200
    Message-ID: <20171114202604.Horde.0N-GPPL7psHz8LUL2fr5vvm@domain1.com>
    From: John <john@domain1.com>
    To: george@domain2.com
    Subject: Horde test
    User-Agent: Horde Application Framework 5
    Content-Type: text/plain; charset=utf-8; format=flowed; DelSp=Yes
    MIME-Version: 1.0
    Content-Disposition: inline

    When sending from Roundcube I get
    Code:
    Return-Path: <john@domain1.com>
    Delivered-To: george@domain2.com
    Received: from my.hostname.eu
        by my.hostname.eu with LMTP id IOB6NMQ2C1rbKAAAnaC/hg
        for <george@domain2.com>; Tue, 14 Nov 2017 20:32:36 +0200
    Return-path: <john@domain1.com>
    Envelope-to: george@domain2.com
    Delivery-date: Tue, 14 Nov 2017 20:32:36 +0200
    Received: from [127.0.0.1] (port=41690 helo=domain1.com)
        by my.hostname.eu with esmtpa (Exim 4.89)
        (envelope-from <john@domain1.com>)
        id 1eEg0i-0002kR-Cx
        for george@domain2.com; Tue, 14 Nov 2017 20:32:36 +0200
    MIME-Version: 1.0
    Date: Tue, 14 Nov 2017 20:32:36 +0200
    From: John <john@domain1.com>
    To: george@domain2.com
    Subject: Sending Plain from Roundcube
    Message-ID: <caf03e427a02c27b5160a5f3973142f9@domain1.com>
    X-Sender: john@domain1.com
    User-Agent: Roundcube Webmail/1.2.4

    The issue is that when sending from Horde AND george@domain2.com has configured GMAIL to fetch his messages. all messages from john@domain1.com go to spam. One difference I can see is that the HELO is different. Where should I start seeking for this problem?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    41,437
    Likes Received:
    1,608
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
  3. EneTar

    EneTar Well-Known Member

    Joined:
    Dec 19, 2015
    Messages:
    121
    Likes Received:
    6
    Trophy Points:
    18
    Location:
    Greece
    cPanel Access Level:
    Root Administrator
    Hi Michael thank you for your answer.
    So how to set the proper HELO in Horde or Roundcube
    It has to be the active domain instead of server hostname

    Form the thread you mentioned how is this done:
    Currently all emails sent from Horde are going to spam for situations I described in the first post
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    41,437
    Likes Received:
    1,608
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Are you sure it's from the HELO name and not because the client's IP address is added to a spam blacklist?

    Thank you.
     
  5. EneTar

    EneTar Well-Known Member

    Joined:
    Dec 19, 2015
    Messages:
    121
    Likes Received:
    6
    Trophy Points:
    18
    Location:
    Greece
    cPanel Access Level:
    Root Administrator
    Totally sure the client ip is not in a spam list because the client ip is dynamic and we have tried several IPs so far from different networks. Furthermore Gmail states this in the headers

    1st case from my first post (Horde)
    Code:
    Authentication-Results: mx.google.com;
           spf=softfail (google.com: domain of transitioning John@domain1.com does not designate 85.75.xxx.xxx as permitted sender) smtp.mailfrom=John@domain1.com
    Received-SPF: softfail (google.com: domain of transitioning John@domain1.com does not designate 85.75.xxx.xxx as permitted sender) client-ip=85.75.xxx.xxx;
    second case from my first post (Roundcube)
    Code:
    Authentication-Results: mx.google.com;
           spf=pass (google.com: found no external ips, assuming domain of John@domain1.com as permitted sender) smtp.mailfrom=John@domain1.com
    Received-SPF: pass (google.com: found no external ips, assuming domain of John@domain1.com as permitted sender)
    In the second case (Roundcube) Gmail assumes the original message is sent from the same domain. Neither this should happen. Gmail should know that it is indeed from the specific domain.

    One more thing I noticed is that when sending from @domain1.com to @domain2.com there are no SPF and DKIM headers. However when sending from @domain1.com to @gmail.com or any other external domain then DKIM and SPF and DMARC are setup correctly. If I could solve this then I think there would be no issues.
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    41,437
    Likes Received:
    1,608
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Could you open a support ticket using the link in my signature so we can take a closer look?

    Thank you.
     
  7. EneTar

    EneTar Well-Known Member

    Joined:
    Dec 19, 2015
    Messages:
    121
    Likes Received:
    6
    Trophy Points:
    18
    Location:
    Greece
    cPanel Access Level:
    Root Administrator
    Sorry can't see the link or any signature at all. I don't know why. Can you post the link in a reply?
     
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    41,437
    Likes Received:
    1,608
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
  9. EneTar

    EneTar Well-Known Member

    Joined:
    Dec 19, 2015
    Messages:
    121
    Likes Received:
    6
    Trophy Points:
    18
    Location:
    Greece
    cPanel Access Level:
    Root Administrator
    Michael I'm trying to understand a few things first so before opening a ticket could you please tell me

    1)By default when sending from John@domain1.com to george@domain2.com using Horde or Roundcube is DKIM and SPF included in the headers? Please note that domain1.com and domain2.com belong to accounts on the same server and ip.

    2)Is there any walkthrough to set the HELO when using Horde or Roundcube?I would like it to have the active domain on HELO rather than the server hostname

    3)Is this above related to the values of
    • $smtp_banner
    • $smtp_active_hostname
    • $message_id_header_domain
    If it is related, how should those 3 values be?

    4)on my Exim Configuration I have set "Send mail from account’s dedicated IP address" to On. In this case does the content of /etc/mailhelo and /etc/mailips affect the configuration?

    Thank you.
     
  10. EneTar

    EneTar Well-Known Member

    Joined:
    Dec 19, 2015
    Messages:
    121
    Likes Received:
    6
    Trophy Points:
    18
    Location:
    Greece
    cPanel Access Level:
    Root Administrator
    To answer some of my questions after some research,

    1)In this case LMTP is used and DKIM and SPF do not exist. That's a default behavior. I'm not sure if this can be changed somehow but I would like to know.

    3)I couldn't alter the HELO with those options. This needs further research though

    4) If "Send mail from account’s dedicated IP address" is set then the content of /etc/mailhelo and /etc/mailips are ignored.

    No need to open a ticket, as that's how things work by default. So if anyone uses POP3 through Gmail to fetch emails from a server powered by cPanel then those messages which are delivered originally with the LMTP protocol and fetched later from Gmail POP3 would probably end in the spam folder. So a custom filter in Gmail to not mark as spam all domains of the server is the way to go, at least for now... Even if they not end into the spam folder the question mark icon will be there for sure which links to Check if your Gmail message is authenticated - Android - Gmail Help

    I think cPanel should investigate this. More headers should be added through Exim in case of LMTP so that Gmail knows that emails are already authenticated.
     
  11. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    41,437
    Likes Received:
    1,608
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Would you mind opening a support ticket so we can review an affected system and rule out any bugs with the cPanel & WHM software itself? It's much easier to investigate this type of issue when reviewing the issue on a system affected by the issue. Note that you may find this post helpful for modifying the Roundcube HELO setting:

    HELO name problem on roundcube

    Thank you.
     
  12. EneTar

    EneTar Well-Known Member

    Joined:
    Dec 19, 2015
    Messages:
    121
    Likes Received:
    6
    Trophy Points:
    18
    Location:
    Greece
    cPanel Access Level:
    Root Administrator
    @cPanelMichael there is not any affected system. What I described above is standard functionality in cPanel/WHM when using LMTP. What you need to test is

    1) Two domains domain1.com and domain2.com on the same WHM/cPanel server. It can be only one domain if you wish. I just want to show that it affects all email messages transferred through LMTP meaning all email accounts of all domains in the same server.

    2) Two email accounts someuser@domain1.com and anotheruser@domain2.com. It can be anotheruser@domain1.com as well. It is the same.

    3) Send from the first account to the second one message. In case of Horde the external user IP is included. In case of roundcube it is hidden (<- This is what the title of the current thread describes. It is standard functionality and it is how Roundcube and Horde work. no worries so far. but the real problem lies elsewhere)

    4) Add the second account (anotheruser@domain2.com) to Gmail by going to Gmail -> Settings -> Accounts and Import -> Check mail from other accounts

    5)Wait for Gmail to fetch messages from anotheruser@domain2.com and notice that our message goes to spam because there is no DKIM neither SPF validation from step 3. Furthermore if in step 3 Roundcube has been used then Gmail finds no external ips and assumes the domain1.com as permitted sender and passes SPF. Please check the headers. My opinion is that Gmail shouldn't do that and should fail SPF too but that's another story. In case of Horde it finds an external IP which is not valid, it doesn't find any DKIM or SPF records and the message goes to spam.

    I know that Gmail is a third party software but I'm sure that other similar services will run into the same issue sooner or later. They won't find any DKIM/SPF when LMTP is used in step 3 and they will forward the message to spam.

    This can be avoided only if DKIM and SPF headers are added even at LMTP through Exim. So do you see it now?
     
  13. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    41,437
    Likes Received:
    1,608
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Thank you for the additional clarification. Would you mind opening a bug report for this issue so we can investigate this further? It won't require access to your server, but will allow us to complete additional testing:

    Submit A Bug Report

    Thank you.
     
  14. EneTar

    EneTar Well-Known Member

    Joined:
    Dec 19, 2015
    Messages:
    121
    Likes Received:
    6
    Trophy Points:
    18
    Location:
    Greece
    cPanel Access Level:
    Root Administrator
    Thank you Michael I just did
    Request ID is: 9073349
     
Loading...

Share This Page