Email problems to connect or login

Discussion in 'ISPConfig 3 Priority Support' started by Gaston Girardi, Oct 18, 2022.

  1. Gaston Girardi

    Gaston Girardi Member HowtoForge Supporter

    Hi, i've been having a strange issue for some months, but is very rare to me because it is not always.

    The problems is when a client try to connect to the email account, sometimes it is not possible because a login error, but 5 seconds later with the same credential can do it, and this happened with Outlook, Mail Mac, Mailbird, even from Roundcube.

    In the Roundcube we got the following message "Invalid request! Data was not saved.", but after that message you click again the login button and can access without problems

    checking the mail log i've found this:
    Code:
    Oct  16 18:59:19 server1 dovecot: imap-login: Login: user=<[email protected]>, method=PLAIN, rip=::1, lip=::1, mpid=14194, secured, session=<vI5Ee2bqQrIAAAAAAAAAAAAAAAAAAAAB>
    Oct  16 18:59:21 server1 dovecot: imap([email protected])<14197><Vgple2bqqM8AAAAAAAAAAAAAAAAAAAAB>: Logged out in=413 out=2557 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0
    Oct  16 19:00:21 server1 dovecot: auth-worker(17450): sql(myemail@mydomain,XXX.XXX.XX.XXX,<jxJofmbqvuzJiV6T>): Password mismatch
    Oct  16 19:00:21 server1 dovecot: auth-worker(15034): sql(myemail@mydomain,XXX.XXX.XX.XXX,<1BRofmbqv+zJiV6T>): Password mismatch
    Oct  16 19:00:23 server1 dovecot: imap-login: Aborted login (auth failed, 2 attempts in 12 secs): user=<[email protected]>, method=PLAIN, rip=XXX.XXX.XX.XXX, lip=YYY.YYY.Y.YYY, TLS, session=<jxJofmbqvuzJiV6T>
    Oct  16 19:00:23 server1 dovecot: imap-login: Aborted login (auth failed, 2 attempts in 12 secs): user=<[email protected]>, method=PLAIN, rip=XXX.XXX.XX.XXX, lip=YYY.YYY.Y.YYY, TLS, session=<1BRofmbqv+zJiV6T>
    As you can see in the first 2 lines i was able to connect and checks emails (i did that from an email administrator), and a minute later i couldn't checks emails, it says password mismatch, but thats not true because five minutes lattes with the same password i eas able to check it again.

    The thing is i don't know what can i do, to correct this

    I've got IPSConfig running on a Debian 10 server with a Xeon E3-1230 v6, and 32Gb Ram, and 2 HDD 1TB in RAID1
     
  2. Gaston Girardi

    Gaston Girardi Member HowtoForge Supporter

    The following is the result from the test script:

    Code:
    ##### SERVER #####
    IP-address (as per hostname): ***.***.***.***
    [WARN] could not determine server's ip address by ifconfig
    [INFO] OS version is Debian GNU/Linux 10 (buster)
     
    [INFO] uptime:  15:10:50 up 27 days, 21:34,  1 user,  load average: 0.25, 0.25, 0.27
     
    [INFO] memory:
                  total        used        free      shared  buff/cache   available
    Mem:           31Gi       3.9Gi       9.5Gi       439Mi        18Gi        26Gi
    Swap:          18Gi          0B        18Gi
     
    [INFO] ISPConfig is installed.
    
    ##### ISPCONFIG #####
    ISPConfig version is 3.2.8p2
    
    
    ##### VERSION CHECK #####
    
    [INFO] php (cli) version is 7.3.33-7+0~20220929.100+debian10~1.gbpdb2e49
    [INFO] php-cgi (used for cgi php in default vhost!) is version 7.3.33
    
    ##### PORT CHECK #####
    
    [WARN] Port 8080 (ISPConfig) seems NOT to be listening
    
    ##### MAIL SERVER CHECK #####
    
    
    ##### RUNNING SERVER PROCESSES #####
    
    [INFO] I found the following web server(s):
        Apache 2 (PID 421)
    [INFO] I found the following mail server(s):
        Unknown process (smtpd) (PID 471)
    [INFO] I found the following pop3 server(s):
        Dovecot (PID 9499)
    [INFO] I found the following imap server(s):
        Dovecot (PID 9499)
    [INFO] I found the following ftp server(s):
        PureFTP (PID 30441)
    
    ##### LISTENING PORTS #####
    (only        ()
    Local        (Address)
    [anywhere]:110        (9499/dovecot)
    [anywhere]:143        (9499/dovecot)
    [anywhere]:465        (9126/master)
    [anywhere]:21        (30441/pure-ftpd)
    ***.***.***.***:53        (16738/named)
    ***.***.***.***:53        (16738/named)
    [localhost]:53        (16738/named)
    [anywhere]:22        (818/sshd)
    [localhost]:953        (16738/named)
    [anywhere]:25        (471/smtpd)
    [anywhere]:993        (9499/dovecot)
    [anywhere]:995        (9499/dovecot)
    [localhost]:11332        (17425/rspamd:)
    [localhost]:11333        (17425/rspamd:)
    [localhost]:11334        (17425/rspamd:)
    [localhost]:10023        (1006/postgrey)
    [localhost]:10024        (9332/amavisd-new)
    [localhost]:10025        (9126/master)
    [localhost]:10026        (9332/amavisd-new)
    [localhost]:10027        (9126/master)
    [anywhere]:587        (9126/master)
    [localhost]:6379        (887/redis-server)
    [localhost]:11211        (781/memcached)
    [localhost]10        (9499/dovecot)
    [localhost]43        (9499/dovecot)
    *:*:*:*::*:80        (421/apache2)
    *:*:*:*::*:8081        (421/apache2)
    *:*:*:*::*:465        (9126/master)
    *:*:*:*::*:21        (30441/pure-ftpd)
    *:*:*:*::*:53        (16738/named)
    *:*:*:*::*:22        (818/sshd)
    *:*:*:*::*:953        (16738/named)
    *:*:*:*::*:25        (471/smtpd)
    *:*:*:*::*:443        (421/apache2)
    *:*:*:*::*:993        (9499/dovecot)
    *:*:*:*::*:995        (9499/dovecot)
    *:*:*:*::*:11332        (17425/rspamd:)
    *:*:*:*::*:11333        (17425/rspamd:)
    *:*:*:*::*:11334        (17425/rspamd:)
    *:*:*:*::*:10023        (1006/postgrey)
    *:*:*:*::*:10024        (9332/amavisd-new)
    *:*:*:*::*:10026        (9332/amavisd-new)
    *:*:*:*::*:3306        (8820/mysqld)
    *:*:*:*::*:2763        (421/apache2)
    *:*:*:*::*:587        (9126/master)
    *:*:*:*::*:6379        (887/redis-server)
    
    
    
    
    ##### IPTABLES #####
    Chain INPUT (policy DROP)
    target     prot opt source               destination        
    f2b-pure-ftpd  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 21
    f2b-postfix-sasl  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 25
    f2b-dovecot  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 110,995,143,993,587,465,4190
    f2b-sshd   tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 22
    ufw-before-logging-input  all  --  [anywhere]/0            [anywhere]/0          
    ufw-before-input  all  --  [anywhere]/0            [anywhere]/0          
    ufw-after-input  all  --  [anywhere]/0            [anywhere]/0          
    ufw-after-logging-input  all  --  [anywhere]/0            [anywhere]/0          
    ufw-reject-input  all  --  [anywhere]/0            [anywhere]/0          
    ufw-track-input  all  --  [anywhere]/0            [anywhere]/0          
    
    Chain FORWARD (policy DROP)
    target     prot opt source               destination        
    ufw-before-logging-forward  all  --  [anywhere]/0            [anywhere]/0          
    ufw-before-forward  all  --  [anywhere]/0            [anywhere]/0          
    ufw-after-forward  all  --  [anywhere]/0            [anywhere]/0          
    ufw-after-logging-forward  all  --  [anywhere]/0            [anywhere]/0          
    ufw-reject-forward  all  --  [anywhere]/0            [anywhere]/0          
    ufw-track-forward  all  --  [anywhere]/0            [anywhere]/0          
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination        
    ufw-before-logging-output  all  --  [anywhere]/0            [anywhere]/0          
    ufw-before-output  all  --  [anywhere]/0            [anywhere]/0          
    ufw-after-output  all  --  [anywhere]/0            [anywhere]/0          
    ufw-after-logging-output  all  --  [anywhere]/0            [anywhere]/0          
    ufw-reject-output  all  --  [anywhere]/0            [anywhere]/0          
    ufw-track-output  all  --  [anywhere]/0            [anywhere]/0          
    
    Chain ufw-before-logging-input (1 references)
    target     prot opt source               destination        
    
    Chain ufw-before-logging-output (1 references)
    target     prot opt source               destination        
    
    Chain ufw-before-logging-forward (1 references)
    target     prot opt source               destination        
    
    Chain ufw-before-input (1 references)
    target     prot opt source               destination        
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0          
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0            ctstate RELATED,ESTABLISHED
    ufw-logging-deny  all  --  [anywhere]/0            [anywhere]/0            ctstate INVALID
    DROP       all  --  [anywhere]/0            [anywhere]/0            ctstate INVALID
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 3
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 11
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 12
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 8
    ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            udp spt:67 dpt:68
    ufw-not-local  all  --  [anywhere]/0            [anywhere]/0          
    ACCEPT     udp  --  [anywhere]/0            ***.***.***.***          udp dpt:5353
    ACCEPT     udp  --  [anywhere]/0            ***.***.***.***      udp dpt:1900
    ufw-user-input  all  --  [anywhere]/0            [anywhere]/0          
    
    Chain ufw-before-output (1 references)
    target     prot opt source               destination        
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0          
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0            ctstate RELATED,ESTABLISHED
    ufw-user-output  all  --  [anywhere]/0            [anywhere]/0          
    
    Chain ufw-before-forward (1 references)
    target     prot opt source               destination        
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0            ctstate RELATED,ESTABLISHED
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 3
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 11
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 12
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 8
    ufw-user-forward  all  --  [anywhere]/0            [anywhere]/0          
    
    Chain ufw-after-input (1 references)
    target     prot opt source               destination        
    ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:137
    ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:138
    ufw-skip-to-policy-input  tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:139
    ufw-skip-to-policy-input  tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:445
    ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:67
    ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:68
    ufw-skip-to-policy-input  all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type BROADCAST
    
    Chain ufw-after-output (1 references)
    target     prot opt source               destination        
    
    Chain ufw-after-forward (1 references)
    target     prot opt source               destination        
    
    Chain ufw-after-logging-input (1 references)
    target     prot opt source               destination        
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
    
    Chain ufw-after-logging-output (1 references)
    target     prot opt source               destination        
    
    Chain ufw-after-logging-forward (1 references)
    target     prot opt source               destination        
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
    
    Chain ufw-reject-input (1 references)
    target     prot opt source               destination        
    
    Chain ufw-reject-output (1 references)
    target     prot opt source               destination        
    
    Chain ufw-reject-forward (1 references)
    target     prot opt source               destination        
    
    Chain ufw-track-input (1 references)
    target     prot opt source               destination        
    
    Chain ufw-track-output (1 references)
    target     prot opt source               destination        
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            ctstate NEW
    ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            ctstate NEW
    
    Chain ufw-track-forward (1 references)
    target     prot opt source               destination        
    
    Chain ufw-logging-deny (2 references)
    target     prot opt source               destination        
    RETURN     all  --  [anywhere]/0            [anywhere]/0            ctstate INVALID limit: avg 3/min burst 10
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
    
    Chain ufw-logging-allow (0 references)
    target     prot opt source               destination        
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] "
    
    Chain ufw-skip-to-policy-input (7 references)
    target     prot opt source               destination        
    DROP       all  --  [anywhere]/0            [anywhere]/0          
    
    Chain ufw-skip-to-policy-output (0 references)
    target     prot opt source               destination        
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0          
    
    Chain ufw-skip-to-policy-forward (0 references)
    target     prot opt source               destination        
    DROP       all  --  [anywhere]/0            [anywhere]/0          
    
    Chain ufw-not-local (1 references)
    target     prot opt source               destination        
    RETURN     all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type LOCAL
    RETURN     all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type MULTICAST
    RETURN     all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type BROADCAST
    ufw-logging-deny  all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10
    DROP       all  --  [anywhere]/0            [anywhere]/0          
    
    Chain ufw-user-input (1 references)
    target     prot opt source               destination        
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:20
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:21
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:22
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:25
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:53
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:80
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:110
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:143
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:443
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:465
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:587
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:993
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:995
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:2763
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:3306
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:8080
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:8081
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:10000
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:11334
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 40110:40210
    ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            udp dpt:53
    ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            udp dpt:3306
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:10040
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:5432
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:21
    ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            udp dpt:21
    
    Chain ufw-user-output (1 references)
    target     prot opt source               destination        
    
    Chain ufw-user-forward (1 references)
    target     prot opt source               destination        
    
    Chain ufw-user-logging-input (0 references)
    target     prot opt source               destination        
    
    Chain ufw-user-logging-output (0 references)
    target     prot opt source               destination        
    
    Chain ufw-user-logging-forward (0 references)
    target     prot opt source               destination        
    
    Chain ufw-user-limit (0 references)
    target     prot opt source               destination        
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] "
    REJECT     all  --  [anywhere]/0            [anywhere]/0            reject-with icmp-port-unreachable
    
    Chain ufw-user-limit-accept (0 references)
    target     prot opt source               destination        
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0          
    
    Chain f2b-sshd (1 references)
    target     prot opt source               destination        
    REJECT     all  --  ***.***.***.***         [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***      [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***        [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***        [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***        [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***        [anywhere]/0            reject-with icmp-port-unreachable
    RETURN     all  --  [anywhere]/0            [anywhere]/0          
    
    Chain f2b-dovecot (1 references)
    target     prot opt source               destination        
    REJECT     all  --  ***.***.***.***      [anywhere]/0            reject-with icmp-port-unreachable
    RETURN     all  --  [anywhere]/0            [anywhere]/0          
    
    Chain f2b-postfix-sasl (1 references)
    target     prot opt source               destination        
    REJECT     all  --  ***.***.***.***        [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***          [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***      [anywhere]/0            reject-with icmp-port-unreachable
    RETURN     all  --  [anywhere]/0            [anywhere]/0          
    
    Chain f2b-pure-ftpd (1 references)
    target     prot opt source               destination        
    RETURN     all  --  [anywhere]/0            [anywhere]/0          
    
    
    
    
    ##### LET'S ENCRYPT #####
    Certbot is installed in /opt/eff.org/certbot/venv/bin/certbot
    Also i'm using RSPAMD, but i don't think that is causing problems, because as far as i know, RSPAMD is for the incoming an outgoiung email, not for the connections to the email accounts.
     
  3. till

    till Super Moderator Staff Member ISPConfig Developer

    Check the mysql log for errors, maybe mysql/mariadb is sometimes unreachable or has capacity problems.
     
  4. Gaston Girardi

    Gaston Girardi Member HowtoForge Supporter

    Hi @till, i've check the Mysql log but doesn't appear anything there or at least is what i think because it doesn't say anything raveling:
    Code:
    2022-10-21 13:02:02 2467172 [Warning] Access denied for user 'root'@'198.98.52.86' (using password: YES)
    2022-10-21 13:20:33 2470001 [Warning] Access denied for user 'root'@'107.189.1.81' (using password: YES)
    2022-10-21 13:22:34 2470281 [Warning] Access denied for user 'root'@'198.98.52.86' (using password: YES)
    Between those last 3 entries to the log yve try to send an email not less than 20 times and got the connection error. and i mean that those attempts are one hour after the last entry in the log.

    The log i took it from "/var/log/mysql", or the one i need to check is in another folder? o_O
     
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    Yes, "/var/log/mysql is the right folder. These failed logins are not logins from the mail system, so they are not related to the issue.
     
  6. Gaston Girardi

    Gaston Girardi Member HowtoForge Supporter

    Is the only thing there, so what else could i check? :confused:
     
  7. Gaston Girardi

    Gaston Girardi Member HowtoForge Supporter

    I was trying to send an email and from the Mail-warn log i've got this message maybe this can bring some light to point me to the right direction

    Code:
    Oct 22 10:18:05 server1 postfix/smtps/smtpd[1400]: warning: unknown[87.246.7.77]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
    Oct 22 10:18:08 server1 postfix/smtps/smtpd[2226]: warning: unknown[87.246.7.77]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
    Oct 22 10:18:26 server1 postfix/smtpd[2366]: warning: unknown[212.70.149.22]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
    Oct 22 10:18:32 server1 postfix/smtpd[2674]: warning: unknown[212.70.149.22]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
    Oct 22 10:18:41 server1 postfix/smtpd[2366]: warning: unknown[212.70.149.22]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
    Oct 22 10:18:42 server1 postfix/smtpd[2674]: warning: unknown[212.70.149.22]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
    Oct 22 10:18:49 server1 postfix/smtps/smtpd[2206]: warning: hostname net6-ip77.linkbg.com does not resolve to address 87.246.7.77: Name or service not known
    Oct 22 10:18:53 server1 postfix/smtps/smtpd[1400]: warning: hostname net6-ip77.linkbg.com does not resolve to address 87.246.7.77: Name or service not known
    Oct 22 10:19:50 server1 postfix/smtps/smtpd[2206]: warning: unknown[87.246.7.77]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
    Oct 22 10:19:54 server1 postfix/smtps/smtpd[1400]: warning: unknown[87.246.7.77]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
    Those IP address are not my server, or the one i have in place I'm right now, but the times match just when i try to send this email and i've got the error.
     
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    The "SASL LOGIN authentication failed: UGFzc3dvcmQ6" message is most likely just a bot that tries out passwords to break into an SMTP account.
     
  9. Gaston Girardi

    Gaston Girardi Member HowtoForge Supporter

    mmm ok, and what else could i check? :confused:
     
  10. till

    till Super Moderator Staff Member ISPConfig Developer

    I never had that issue and as it does not seem to cause any relevant log lines, it is not easy to debug. Did you check your DNS records at e.g. intodns.com? Maybe there is an issue that one of the DNS servers of the zones still points to a different server or something similar. I can also move your post to the public forum, maybe one of the other users has an idea.
     
  11. Gaston Girardi

    Gaston Girardi Member HowtoForge Supporter

    Hi Till, sorry for not answer you earlier but i had some health issues that got me out of the way for some months, and the work get accumulated, but i'm retaking this issue.
    As you advice me, i went to intodns.com and i get a warning and an error:

    Warning
    Code:
    Name of nameservers are valid     
    WARNING: At least one of your NS name does not seem a valid host name
    
    The ones that do not seem valid:
    ns2.mydomain.com ns1.mydomain.com
    Error
    Code:
    MX name validity     
    
    The MX records that do not seem valid hostname:
    mail2.mydomain.com
    mail.mydomain.com
    This can cause problems 
    But if I run a similar test in mxtoolbox.com, i've got everything ok :confused:
     
  12. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Does it say in what way those names are not valid?
    Have you verified all the domain names return the correct answer from all the name servers? Test them one by one.
    Since you do not say what the real domain names are, it is not possible for me to find out more.
     
  13. Gaston Girardi

    Gaston Girardi Member HowtoForge Supporter

    No it does not said anything else.

    About the domains I get the same answer for all the domains.

    I'm going to put the domain of my panel so you can se the the full report of intodns, but as a security reason i will erase it in a couple of days.

    hospedaje dot website just erase the spaces and change the word for the symbol :)
     
  14. pyte

    pyte Well-Known Member HowtoForge Supporter

    This seems fine. I guess the tool that checks these at intoDNS ist not capable of handling ".website" and assumes the hostnames are not "valid" because of this, even tho they are.
    I don't see an issue with your configuration here.
     
  15. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Only thing out of ordinary I can find is the name server A records have TTL less than 3600. Maybe intodns considers this invalid? Did you lower the TTL on purpose?
     
  16. pyte

    pyte Well-Known Member HowtoForge Supporter

    Code:
    ;; ANSWER SECTION:
    hospedaje.website.      3600    IN      MX      20 mail2.hospedaje.website.
    hospedaje.website.      3600    IN      MX      10 mail.hospedaje.website.
    I this is a multiserver setup right?

    Why do both of your servers have the same PTR?
    Code:
    ;; ANSWER SECTION:
    226.60.71.198.in-addr.arpa. 21494 IN    PTR     server1.hospedaje.website
    ;; ANSWER SECTION:
    228.5.175.108.in-addr.arpa. 21471 IN    PTR     server1.hospedaje.website.
     
  17. Gaston Girardi

    Gaston Girardi Member HowtoForge Supporter

    No, the default TTL is 3600, for everything. In which part did you see that?
     
  18. Gaston Girardi

    Gaston Girardi Member HowtoForge Supporter

    Yes and no. Originally it started as a standalone server, but after some time i had to add some additional servers, but these ones are only web servers, this is because the are some systems that need a biger mahcine with Postgres, etc.
    But the DNS server, email server, and for some small webs, is the original one "Server1".

    This is because at the very beginning i has only one public ip address in the server but i had some issues with the NS, and MX, servers and the recommendation was to have at least 2 different IPs address.

    This is because at the very beginning i has only one public ip address in the server, but i had some issues with the NS and MX services, and as far as i remember the recommendation to solve that issue was to have at least 2 different IPs address. But this was 4 or 5 years ago, so don't trust me much, my memory is not what used to be. :confused::D

    Do you think that would be the problem?
     
  19. Gaston Girardi

    Gaston Girardi Member HowtoForge Supporter

    As a comment i've got rspamd, but as far as i know rspamd doen not have anything to do with that.
     
  20. pyte

    pyte Well-Known Member HowtoForge Supporter

    The reverse DNS entry should always return the correct hostname and not just anything.

    But i don't belive this has anything to do with your issue at all, you should fix it anyways.

    What settings/hostname do you use to connect a local mailclient? Is there some kind of load balancing like haproxy for example in place?
     

Share This Page