WHM Exim Does Not Refuse Emails During SMTP With :fail:
Feb 7, 2008
running WHM at Fedora 6... WHM 11.11.0 cPanel 11.16.0-R18546
I have a problem with spoofing spammers.. my queue is plenty of non-delivered emails from externals SMTP, sended to NON-existents address on my server...
The question is the destination domain (mydomain.com b.example) has already its ":fail: No Such User Here" alias.
SMF records applied, but not the most external SMTP servers checks them nowadays...
Using :fail: the email is never accepted into the server. During the initial SMTP negotiation when the senders SMTP server connects to your SMTP server, the sending SMTP server issues a RCPT command notifying your server which email address the email to follow is intended for. Your server then checks whether the recipient email actually exists on your server (a POP3 account, an alias or a catchall alias) and if it does not, it issues an SMTP DENY which terminates the attempt to deliver the email.
Well, in my case it justs receives message and then frozen it!
Some more data:
IN MY QUEUE:
1JMoh4-0004UG-Pz-H
mailnull 47 12
<>
1202321302 0
-helo_name luatvietnam.vn
-host_address 203.162.168.16.1839
-interface_address 85.x.x.x.25
-received_protocol smtp
-body_linecount 50
-max_received_linelength 93
-frozen 1202407547
-host_lookup_failed
-manual_thaw
XX
1
dlsex-ireddols@abrasivoshermes.com
210P Received: from [203.162.168.16] (port=1839 helo=luatvietnam.vn)
by myserver.mine.com with smtp (Exim 4.68)
id 1JMoh4-0004UG-Pz
for dlsex-ireddols@mydomain.com; Wed, 06 Feb 2008 19:08:23 +0100
069P Received: (qmail 6913 invoked for bounce); 5 Feb 2008 09:04:11 -0500
032 Date: 5 Feb 2008 09:04:11 -0500
032F From: postmaster@luatvietnam.vn
039T To: dlsex-ireddols@mydomain.com
024 Subject: failure notice
WHEN TRYING TO DELIVER FROM QUEUE:
Message 1JMoh4-0004UG-Pz is no longer frozen
LOG: MAIN
cwd=/usr/local/cpanel/whostmgr/docroot 4 args: /usr/sbin/exim -v -M 1JMoh4-0004UG-Pz
delivering 1JMoh4-0004UG-Pz
LOG: MAIN
** dlsex-ireddols@mydomain.com F=<> R=virtual_aliases: No Such User Here
LOG: MAIN
Frozen (delivery error message)
AT LOGS (first time):
2008-02-06 19:08:17 SMTP connection from [203.162.168.16]:1839 I=[85.112.9.44]:25 (TCP/IP connection count = 9)
2008-02-06 19:08:20 no host name found for IP address 203.162.168.16
2008-02-06 19:08:22 H=(luatvietnam.vn) [203.162.168.16]:1839 I=[85.x.x.x]:25 Warning: Sender rate 0.0 / 1h
2008-02-06 19:08:23 1JMoh4-0004UG-Pz <= <> H=(luatvietnam.vn) [203.162.168.16]:1839 I=[85.x.x.x]:25 P=smtp S=2405 T="failure notice" from <> for dlsex-ireddols@mydomain.com
2008-02-06 19:08:23 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1JMoh4-0004UG-Pz
2008-02-06 19:08:23 1JMoh4-0004UG-Pz ** dlsex-ireddols@mydomain.com F=<> R=virtual_aliases: No Such User Here
2008-02-06 19:08:23 1JMoh4-0004UG-Pz Frozen (delivery error message)
2008-02-06 19:08:24 SMTP connection from (luatvietnam.vn) [203.162.168.16]:1839 I=[85.x.x.x]:25 closed by QUIT
View 1 Replies
ADVERTISEMENT
Nov 26, 2008
cPanel update email bug (loopback test fail even) - SMTP+Imap responsive
Something happened overnight on one of my cpanel servers, which I am still waiting on cpanel to get back to me for.
Here's the deal:
cPanel server was functioning well for the past 4 months, then yesterday all of a sudden no emails get received by users.....
View 2 Replies
View Related
Oct 23, 2009
I am programming a bulk email sending for a client. I need a hosting company who can allow me to use Require 'Mail.php' to send about 5000 emails continuosly without fail.
View 7 Replies
View Related
Apr 26, 2008
I've recently purchased a cPanel VPS from a company i found on this forum. However, i am not experiencing some problems with the sending of e-mails from the server via Outlook Express. Unfortunately, i'm have no real knowledge of EXIM and i was hoping someone would help me with this. Basically, when i setup the domain and then setup a email account, i could only receive emails and not send (as i was getting an error within Outlook) this was due to the fact that the domain name was not listed in /etc/localdomains, so when i added it to that file it seemed to have done the job. Now, when i send emails locally EG: example1@domain to example2@domain i t will indeed send correctly, however if i want to send it to an external domain it stays in the queue (which i can view in WHM). When i force send it, it gives me the message "Connection refused", can anyone shed some light on this situation?
View 4 Replies
View Related
Apr 18, 2007
One of my users is receiving way too many Mailer Daemon messages and his mailbox is full. I've had this problem from time to time and I am trying to figure out how to block mailer daemon messages for a specific domain so that they do not even get on the mailing queue...much like when you set a default address to ":fail:". So I came up with this:
refuse_md1:
deny message = The original message did not come from this site.
condition = ${if eq{$sender_address}{}{yes}{no}}
condition = ${if eq{$local_part}{userdomain.com}{yes}{no}}
log_message = Refused a bounce message for userdomain.com
However, this doesn't help. The emails are still going to the mailing queue and when I look at the Exim log I see the usual error message saying that the email was blocked because the account has run out of space.
View 0 Replies
View Related
Jun 8, 2007
I use Exim + Dovecot for my mail server. We can get mails through pop3 protocol without a problem, but when we try to send mails, exim does not permit relay. My passwords are stored in a mysql database for dovecot. Is it possible for exim to do authentication based on that? If it will be easier, i can create a text file with md5 passwords on it for my users.
View 0 Replies
View Related
Mar 2, 2007
Where I have to configured Cpanel Exim Smtp Authentication for ASSP-Deluxe.
View 2 Replies
View Related
Jan 30, 2008
I really hope I'm just going batty with sleep deprivation, because this is making no sense to me. Before I clobber my poor provider with management requests, I want to see if this is typical behavior or not. I am able to send messages through my SMTP server from my laptop without using any authentication at all. It doesn't matter whether I'm using a client (tested Mail.app and Mozilla Thunderbird) or whether I'm going in via telnet. A typical session might look like this (addresses obfuscated):
asdfasdfasdf:~ ###$ telnet mail.fakedomainname.com 25
Trying ##.##.##.## ...
Connected to mail.fakedomainname.com.
Escape character is '^]'.
220 fakedomainname.com ESMTP Exim 4.67 Wed, 30 Jan 2008 00:56:03 -0800
HELO [192.168.2.1]
250 fakedomainname.com Hello reverse.verizon.net [##.##.##.##]
MAIL FROM:<nonexistentuser@fakedomainname.com>
250 OK
RCPT TO:<myvalidaddress@gmail.com>
250 Accepted
DATA
354 Enter message, ending with "." on a line by itself
This should not work
.
250 OK id=1JK8kZ-0004Xx-7O
quit
221 fakedomainname.com closing connection
Connection closed by foreign host.
asdfasdfasdf:~ username$
I was expecting to see a "550 authentication required" message after it saw that "RCPT TO" wasn't a locally-hosted domain. I did confirm that the message was properly delivered to the intended Gmail address. So far, it looks like an open relay. But when
I use a third-party environment, such as the open relay checker at abuse.net, I am correctly seeing "550" messages at the appropriate places.
In other words, when anyone else does it, they get "550". When it do it from my laptop (from any client or telnet session), I'm clear to send. Just to add a little zest to the situation, when I did this same test 36 hours ago, I *was* getting "550" errors.
This doesn't seem right to me. However, my mail admin skill level is approximately zero, so I'm willing to accept that this is normal behavior and that I am overlooking the obvious.
View 2 Replies
View Related
Jan 14, 2007
to change ip for smtp relay. I need to use a separate ip to send all the emails from my server.
View 6 Replies
View Related
Jan 28, 2007
I recieve the error when ClientExec is trying to send email in my rejectlog...
2007-01-28 20:53:17 SMTP protocol synchronization error (input sent without waiting for greeting): rejected connection from H=[255.255.255.255] input="EHLO host.domain.net
HELO host.domain.net
"
I added host.domain.net and 255.255.255.255 to the whitelist files and added this ACL to exim.conf after begin acl:
acl_check_connect:
accept hosts=255.255.255.255
control=no_enforce_sync
accept hosts=host.domain.net
control=no_enforce_sync
accept
If it matters, I am running CentOS4 64-bit, DirectAdmin, Kernel 2.6.18
View 2 Replies
View Related
May 26, 2007
should i need to edit /etc/services and /etc/exim.conf?
View 3 Replies
View Related
Oct 17, 2007
I have a customer that wants to send emails using Exim and SMTP (using outlook), withouth authentication. Now.. the big question is ... how can I configure the Exim server to work withouth any authentication?
I know the risks of this withouth any authentication, but is my customer's server and he want to work in this way.
He is also asking if he is able to send emails withouth authentication using SMTP for certain IP addresses.. is that possible? Can be done for only 1 domain, or for the entire server?
Im using Exim 4.6.8 and RHE 4 + cPanel.
View 10 Replies
View Related
Apr 21, 2008
Can i use Qmail or Sendmail or Postfix with WHM other than exim mail SMTP.
View 1 Replies
View Related
Oct 31, 2008
any 'easy' smtp / pop / imap package or installer w/o having to read up on exim etc.?
I want an email server quickly, w/o having to become an expert...
I'd go w/ a hosted service, but I open allot of pop3 connections... (program I use downloads one email, closes connection, reopens... repeat)...
There's lots of cookbooks out there, but they require quite a bit more time commitment (and configurability) than I want / need.
Is there any dumbified installs available? I tried with webmin, but even that wants me to manually configure a postfix / imap server bridge.=
View 1 Replies
View Related
Apr 6, 2009
I have Cpanel, with the "Prevent Nobody from sending emails" in the WHM>Tweak Settings enabled.
I want to force sendmail to use SMPT auth.. so that all mails sent are sent via SMPT and an authenticated POP user.
I guess this will help in limiting the "The maximum each domain can send out per hour" setting.
View 4 Replies
View Related
May 1, 2007
am running CentOS 4.4 i686 and WHM 10.8.0 and we are having trouble receiving email from certain domains.
Undere whm tweak settings we do not have the "SpamAssassin Spam Filter" enabled.
Mails sent from two domains (that we know of) do not reach us at all and no error message is deliver to the sending address.
Emails sent from us to them DO reach they destination so we are thinking some spam filfer or configuration in exim must be the culprit.
View 6 Replies
View Related
May 16, 2009
I've looked through my exim logs a number of times and I see emails being sent out with "from:" fields with email addresses of other domains. Usually they are spam related and fraudulent.
How can exim be setup to only send out emails that have localdomains in their from fields?
E.g. if I have account bob.com on my server then the owner of bob.com can only send out emails "xxxx@bob.com" no matter what else he tries to do that's all exim will send out.
How can you get exim to do this? I have been using filtering to block commonly spammed domains like aol.com hotmail.com etc - any emails sent out with these in their from fields are filtered and blocked - but rather building up a larger and larger filter of commonly abused domains - why not just block everything except domains on your server.
View 11 Replies
View Related
Jan 17, 2008
1) What would you guys say is average in terms of the # of emails in the Mail Queue?
2) What steps can be taken to tighten it up? If I start with a clean slate, it only takes about a week or less for my mail queue to reach 1000 or more. Most of it seems like junk mail.
View 0 Replies
View Related
Mar 26, 2008
im trying to delete emails sent to dbmaster@example.com. there are about 2000 emails like that in exim email queue
here's what i did:
SSH to my server
type: exiqgrep -ir dbmaster@example.com | xargs exim -Mrm
but it says: bash: exiqgrep: command not found
View 4 Replies
View Related
Jun 13, 2008
I have noticed on my two dedicated servers logs that some emails just dissapear after being frozen for days in queue and there is no notice or warning sent to the sender.
Please check your logs and tell me if I am wrong, just check for non-zero on your exim_mainlog
grep non-zero /var/log/exim_mainlog
and then grep your messageId
grep 1K17WW-0002so-Sn /var/log/exim_mainlog
2008-05-24 17:34:23 1K17WW-0002so-Sn == vicoello@xxxxx.com R=lookuphost T=remote_smtp defer (-1): smtp transport process returned non-zero status 0x000e: terminated by signal 14
2008-05-24 17:34:23 1K17WW-0002so-Sn Frozen
2008-05-25 18:02:27 1K17WW-0002so-Sn Message is frozen
...
2008-05-26 22:08:47 1K17WW-0002so-Sn Message is frozen
....
2008-05-27 15:00:31 1K17WW-0002so-Sn Message is frozen
? Dissapeared
View 6 Replies
View Related
Apr 17, 2007
Whenever I send mail, it never gets sent and I get the following error under "View Mail Statistics" in WHM:
1 xxx@aol.com R=fail_remote_domains: unrouteable
mail domain "aol.com"
I have only recently noticed these errors, as my mail was working before.
View 2 Replies
View Related
May 12, 2014
Plesk Panel, 11.0.9, #61, Windows 2008 R2 SP1, x64
PROBLEM:
With reports configured to send out to an email address local on the Windows server configured through PLESK, if local relay isn't enabled at 127.0.0.1 on the SmarterMail server, the reports are never delivered.
- server is [domainx].com
- email to receive reports from PLESK is plesk444@[domainx].com
-this email address is able to send and receive internally or externally to and from any client w/ SMTP auth enabled.
If SmarterMail is configured with SMTP Authentication Bypass for 127.0.0.1, we get the scheduled report emails as we should. Without the SMTP Authentication Bypass enabled, none of the clients or administrators get any reports or notifications at all.
QUESTION: How can I configure PLESK Panel 11 itself to use that SMTP Authentication to send those reports out?
--is there a configuration file or registry value I can add or modify?
View 2 Replies
View Related
Jul 16, 2007
I'm trying to figure out a method to stop some of the email spam that we get, and I have something figured out, but I need help on implementing it.
Basically, we get a lot of spam emails from addresses claiming to be from our domain (EX: From: someguy@mysite.com). The email is actually not from our domain, nor does the address actually exist, but the From address is being forged to look like it is our domain.
Basically to fix this, i want to block all email where the From address is claiming to be from our domain, with a nonexistent email address. I'm pretty sure that this is configurable in Exim, but I haven't found any tutorial on it, and I'm not familiar enough with Exim to do it very easily. Anyway if anyone knows of a tutorial or how this could be accomplished, please let me know.
Just to Add:
The reason that these emails are a problem is that the spam software we are running recognizes these emails as being from our domain which it trusts, so they pass most spam filters.
View 0 Replies
View Related
Nov 19, 2007
my Exim mail outgoing queue is getting stuck and i cannot receive emails. Under WHM i have 50 odd emails, some 7 days old.
A small dump from /var/log/exim-mainlog is below:
2007-11-19 04:40:45 H=(H®) [202.57.142.156] sender verify defer for <jqyuehutmqluz@epilot.com>: could not connect to mail02.interchangeusa.com [63.251.210.81]: Connection timed out
2007-11-19 04:40:45 H=(H®) [202.57.142.156] F=<jqyuehutmqluz@epilot.com> temporarily rejected RCPT <morleyc@myemail.net>: Could not complete sender verify callout
2007-11-19 04:40:45 unexpected disconnection while reading SMTP command from (H®) [202.57.142.156]
2007-11-19 04:40:51 no IP address found for host 202.57.142.156.sta.isp-thailand.com (during SMTP connection from [202.57.142.156])
2007-11-19 04:40:57 no IP address found for host 202.57.142.156.sta.isp-thailand.com (during SMTP connection from [202.57.142.156])
2007-11-19 04:41:01 no IP address found for host 202.57.142.156.sta.isp-thailand.com (during SMTP connection from [202.57.142.156])
2007-11-19 04:41:04 no IP address found for host 202.57.142.156.sta.isp-thailand.com (during SMTP connection from [202.57.142.156])
2007-11-19 04:41:43 no host name found for IP address 77.94.106.13
2007-11-19 04:41:49 1ItxNu-0007E6-4s mail.global.frontbridge.com [207.46.51.86] Connection timed out
2007-11-19 04:41:49 1ItxNu-0007E6-4s == hmt@someaddress.com <HMT@someaddress.com> R=lookuphost T=remote_smtp defer (110): Connection timed out
2007-11-19 04:41:49 1ItxNu-0007E6-4s == jog@someaddress.com <JOG@someaddress.com> R=lookuphost T=remote_smtp defer (110): Connection timed out
2007-11-19 04:41:49 1ItxNu-0007E6-4s == mrl@someaddress.com <MRL@someaddress.com> R=lookuphost T=remote_smtp defer (110): Connection timed out
2007-11-19 04:42:29 H=(client-200.121.46.74.speedy.net.pe) [200.121.46.74] sender verify defer for <tecat@yahoo.de>: Could not complete sender verify callout
2007-11-19 04:42:29 H=(client-200.121.46.74.speedy.net.pe) [200.121.46.74] F=<tecat@yahoo.de> temporarily rejected RCPT <morleyc@myemail.net>: Could not complete sender verify callout
2007-11-19 04:42:29 unexpected disconnection while reading SMTP command from (client-200.121.46.74.speedy.net.pe) [200.121.46.74]
Everything was fine until about 7 days ago, i dont know why the config didnt change but since then its been dropping received emails and queueing on sends.
View 10 Replies
View Related
Apr 2, 2007
I have Exim install on my server, I have a few filters setup.
I have several domains on the same server.
What I want to be able to do is blind copy all emails SENT and RECEIVED from *@domain1.com delivered to backup@backup.com
Here is my filter that copies all incoming mail, (THIS WORKS 100%)
PHP Code:
if error_message then finish endif
if $header_to: contains "@domain1.com"
then unseen deliver "backup@backup.com" endif
Now this filter does NOT work, I want it to blind copy all emails sent from *@domain1.com
PHP Code:
if $sender_address contains "@domain1.com"
then unseen deliver "backup@backup.com" endif
I have 1 outgoing mail filer working, however it is for a specific email address, here it is....
PHP Code:
if $sender_address is "user1@domain1.com"
then unseen deliver "backup@backup.com" endif
View 2 Replies
View Related
