Issues sending some emails

Hello everyone. I am running a perfect server Ubuntu 12.4 LTS nginx configured server. Recently, I had to change the IP of my server. I configured the IP in /etc/network/interfaces, but I was afraid of changing anything in /etc/hosts. Will I kill my ISPconfig server if I update the IP information there? I want to leave the hostname alone, just update the IP address.
I am not sure if this is related, but recently I have been having issues sending email. The error message I get is:

This is the mail system at host server2.example.com.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

The mail system

<[email protected]>: connect to
XXXXXX.com.inbound10.mxlogic.net[2XX.65.145.3]:25: Connection
refused

<[email protected]>: connect to
XXXXXXX.com.inbound10.mxlogic.net[2XX.65.145.3]:25: Connection
refused


Again, I am not sure these 2 things are related, but any help anyone could provide, I would appreciate. I know I am not on blacklists anywhere, so I checked that far, but as far as where else to go, I am at a loss.

Thanks in advance!

sERGE

 

Hi

After IP change you can tell ISPConfig to use new IP, I will suggest to update the ISPconfig

then update as follows:

Br//
Srijan

 

PTR records

OK, so I got Time Warner Cable on the phone and they will hopefully get me fixed. I asked them to point all my PTR records to server2.example.com, which is the output of "hostname -f".

Of course, I just noticed that they totally hosed my "regular" lookups because they made a typo in the FQDN, but I'm hoping they can fix that tomorrow.

Thanks a lot everyone for the help, and I will update this once I get things working.

sERGE

 

PTR record?

Hey Till. Do you mean the PTR record has to point to my hostname?

sERGE

 

Please clarify something for me?

This is a clipping from mxtoolbox.com for a SMTP query of my domain. The issue I'm trying to solve is email getting bounced back, and the error is in bold. Unfortunately it takes Time Warner Cable almost 3 days to get my records corrected, so before I ask them to change anything, I want to make sure I am asking them to change the correct thing.
Till, you stated I need to have them change the reverse DNS lookup so it matches my "hostname", but they are mentioning a PTR record. So do I tell them to change the PTR record? It is the same thing as a reverse DNS lookup?

Thanks in advance and as you can tell, I am still learning here, so please no flames!

SMTP Reverse DNS Mismatch Warning - Reverse DNS does not match SMTP Banner More Info
SMTP Reverse Banner Check OK - 184.75.100.150 resolves to beststylesusa.com
SMTP TLS OK - Supports TLS.
SMTP Connection Time 0.812 seconds - Good on Connection time
SMTP Open Relay OK - Not an open relay.
SMTP Transaction Time 2.829 seconds - Good on Transaction Time

 

Light at the end of the tunnel

So after ALL this time, I was finally able to get someone with half a brain at Time Warner to help me. My PTR records are finally updated, and although they are still propagating, I think they will be fixed in another day or so.
My NEXT question is, when will the emails in the mail queue get processed, IF EVER? Is there any command I can run to get them to be processed immediately?

Thanks!

 

Still seeing timeouts . . .

Well, I ran the command postqueue -f -v as root, and I am still seeing a bunch of timeouts like the ones below. Is there anything else I need to fix to get the mail delivered? I still have 14 messages in the queue and they are all timing out?

Again, thanks all the the help and input.

sERGE

Mar 25 20:55:51 server2 postfix/smtp[11040]: connect to landjaccessories.com.inbound10.mxlogic.net[208.65.145.3]:25: Connection refused
Mar 25 20:55:51 server2 postfix/smtp[11041]: connect to landjaccessories.com.inbound10.mxlogicmx.net[208.65.145.2]:25: Connection refused
Mar 25 20:55:51 server2 postfix/smtp[10682]: connect to landjaccessories.com.inbound10.mxlogicmx.net[208.65.145.2]:25: Connection refused
Mar 25 20:55:51 server2 postfix/smtp[11040]: connect to landjaccessories.com.inbound10.mxlogic.net[208.65.144.2]:25: Connection refused
Mar 25 20:55:51 server2 postfix/smtp[11044]: connect to landjaccessories.com.inbound10.mxlogic.net[208.65.145.3]:25: Connection refused
Mar 25 20:55:51 server2 postfix/smtp[11048]: connect to landjaccessories.com.inbound10.mxlogicmx.net[208.65.145.2]:25: Connection refused
Mar 25 20:55:51 server2 postfix/smtp[11041]: connect to landjaccessories.com.inbound10.mxlogic.net[208.65.144.3]:25: Connection refused
Mar 25 20:55:51 server2 postfix/smtp[10689]: connect to howardsjewelry.com.inbound30.mxlogic.net[208.65.145.1]:25: Connection refused
Mar 25 20:55:51 server2 postfix/smtp[11040]: connect to landjaccessories.com.inbound10.mxlogicmx.net[208.65.145.2]:25: Connection refused
Mar 25 20:55:51 server2 postfix/smtp[10682]: connect to landjaccessories.com.inbound10.mxlogic.net[208.65.144.3]:25: Connection refused
Mar 25 20:55:51 server2 postfix/smtp[11044]: connect to landjaccessories.com.inbound10.mxlogic.net[208.65.144.3]:25: Connection refused
Mar 25 20:55:51 server2 postfix/smtp[11047]: connect to thepaperstore.com.inbound10.mxlogicmx.net[208.65.145.2]:25: Connection refused
Mar 25 20:55:51 server2 postfix/smtp[11048]: connect to landjaccessories.com.inbound10.mxlogic.net[208.65.144.2]:25: Connection refused

 

I may have found my issue

I just realized that I apparently had no SPF or TXT records defined in my domain information in Network Solutions. I created one using some online tools, but I think it may be busted. Can anyone point me at a reputable TXT/SPF testing and generating tool?

sERGE

 

Just add

Code:

v=spf1 mx ~all

as SPF record and TXT record. It will mean that You accept sending mail from any address that domain use for MX record.

 

thanks but its still there!

Thanks a lot Nicram for the response. I added the entry to both the SPF record entries but I am still seeing the error in MXTOOLBOX saying I don't have a valid SPF record specified.

I'm not sure what else I can do to fix this, and I am getting VERY desperate as only some of my email is being accepted! PLEASE, any one who might have an idea, please help.

sERGE
* (All Others) 3600 v=spf1 mx ~all
@ (None) 3600 v=spf1 mx ~all

In MXTOOLBOX, this is what I see:

Type Domain Name TTL Record Prefix Value PrefixDesc Description
TXT beststylesusa.com 60 min v=spf1 mx ~all
+ mx Pass Match if IP is one of the MX hosts for given domain name
~ all SoftFail Always matches. It goes at the end of your record.
Test Result
SPF Record A Valid SPF Record was not found More Info
TXT Record ***It sees the record I added in, but ONLY as a TXT entry?***

 

It looks from mxtool that You did't have SPF record, just txt one.
Also what i find out is

Code:

$ host -a beststylesusa.com
Trying "beststylesusa.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60000
;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 2, ADDITIONAL: 3

;; QUESTION SECTION:
;beststylesusa.com.             IN      ANY

;; ANSWER SECTION:
beststylesusa.com.      3600    IN      TXT     "v=spf1 mx ~all"
beststylesusa.com.      7200    IN      SOA     NS33.WORLDNIC.com. namehost.WORLDNIC.com. 114033006 10800 3600 604800 3600
beststylesusa.com.      7200    IN      MX      0 beststylesusa.com.
beststylesusa.com.      7200    IN      MX      10 imap.beststylesusa.com.
beststylesusa.com.      7200    IN      MX      20 smtp.beststylesusa.com.
beststylesusa.com.      7200    IN      MX      30 incoming.beststylesusa.com.
beststylesusa.com.      7200    IN      MX      40 outgoing.beststylesusa.com.
beststylesusa.com.      7200    IN      MX      50 mail.beststylesusa.com.
beststylesusa.com.      7045    IN      A       184.75.100.150
beststylesusa.com.      7200    IN      NS      NS33.WORLDNIC.com.
beststylesusa.com.      7200    IN      NS      ns34.WORLDNIC.com.

Why do You use so many MX records?
Leave only "0 beststylesusa.com" because AFAIK You use only 1 server (You may use more MX records, when You use different machines on different locations for backup).

There is no SPF record. Maybe You must just wait till DNS will spread in the world.

 

My hostname and server are different

Hey Nicram. My hostname is server2.example.com, but my ISPconfig host is beststylesusa.com. This is supposed to be OK. I don't know how I would add another record somewhere to accommodate for that difference in hostname and ISPCONFIG host?

sERGE

 

First thing: hostname and domain name from which mail is sent MUST be the same. The reason is that when postfix connect to another server and try to send message, he say "hello HOSTNAME". Most of the server then check if the HOSTNAME is the same like domain name. If it is different, then message may be treated like spam.
To change Your Linux hostname try to carefully edit /etc/hosts (in CentOS). I do not know what file it will be in Debian/Ubuntu because id o not use them often.
Ispconfig host is different thing, it is used for ISPConfig settings itself.

Second, You must add SPF record for Your domain (same way You have added TXT record).

 

PTR records and the like

Nicram
Thanks so much for the help. I really do appreciate it greatly. If you look at the previous entries in this post, you will see that Till asked me to set the PTR record to my hostname, which is server2.example.com. I have 3 domains running on this one system, so I don't see how you would be able to have multiple domain sending email from one large ISPConfig system if the hostname and domain name had to be the same? Am I not thinking about this correctly?

Also, I was looking at my A record entries in network solutions. I think I have too much junk in it. Does anyone know what the minimum entries have to be in the DNS records file? This is what mine has in it, and mind you, I think I really only need the top 3 entries. Please have a look at the pic and let me know what you think?

Thanks!

sERGE

 

About DNS entries: It all depends on Your needs really. If You plan to expand servers in future, and for example make email/website server different machines, then it have sense to use many A entries. If You don't, then You may left only first 3.

About setting up hostnames/ptr/dns.
I will give You example how it works for multiple domains.
1st domain for server, hostname and ispconfig setting.
Must have DNS A record for IP. RevDNS for IP that will show that domain.
Must have MX record to show itself, also SPF and TXT (which have same like SPF settings).
2nd domain have DNS A record set for the same IP that 1st domain.
It has MX record set to 1st DOMAIN.
It has SPF/TXT record setup as i told You.
3rd, 4th and so on domain are setup same way like 2nd.
The MX record says to mail server in the internet which server is used as main send/receive emails. So the MX is very important, and must be setup correctly.

 

Let me make a few points

First, I entered the SPF records as per how the tutorial on a link here stated. I have two entries:
* (All Others) 3600 v=spf1 mx ~all
@ (None) 3600 v=spf1 mx ~all

Second, I followed the how-to that I got here for building my Ubuntu 12.04 LTS nginx ISOConfig server that I also found on howtoforge.net, and it stated it used server1.example.com as the hostname, and made no real mention of the fact that the hostname and domain name HAVE to match.

I have even had Till speak up in earlier parts of this ticket because I specifically asked about the PTR records not being correct and he helped me to fix that. I am not sure now what to do. I have the SPF records as stated below, and I was under the impression that the TXT and SPF records were basically identical, with a very small difference. I don't know why I am still getting the error:
SPF Record A Valid SPF Record was not found More Info

What do I need to do to get this SPF thing resolved? How can I get more detail on exactly what is failing and where?

sERGE

 

I hope you are joking
First. MX must be set for domain, not for it's subdomains.
* (All other) means wildcard, for example: *.somedomainname.com means that anything.somedomainname.com will point to the address. But You want to send email from specific domain, so MX must be set for this specific domain.

Technically they do not have to - but only when You know what You do. And the true is, You don"t, so in Your case it must be similar (It can be different, if you know how to configure every service to use settings instead of hostname. So question is - do You know how to do it without searching on internet?).
For now You got wrong PTR, and NO SPF at all. There are no chances it will work for You. You must understand what You do.
Your PTR record is:

Code:

;; ANSWER SECTION:
150.100.75.184.in-addr.arpa. 86400 IN   PTR     server2.example.com.

Didn't You noticed "example" word inside? didn't You realize even for a second, that this is only EXAMPLE and You should put Your real domain in there???
Setup Your PTR record to beststylesusa.com
Then add new SPF with beststylesusa.com domain and "v=spf1 mx ~all".
Set Your hostname in Linux to beststylesusa.com for external IP and it must work then.