Incoming Mail problems

M

mathias1

Member
Nov 8, 2018
12
0
21
45
Hi,

we have a problem that from some mailserver we do not receive mails.
the other mailserver returns the mail with the following error message:

Remote Server returned '554 5.4.0 < #4.0.0 smtp; 4.4.0 - Other network problem '[Errno 61] Connection refused' (delivery attempts: 0)>'

any idea what the problem is?
Port 25 is reachable from the internet and e.g. we receive mails from gmail.com

thanks
 
please post the complete logs of such a transaction - and check the logs on both sides ...)

else the error sounds like there is either nobody listening on port 25 - or a firewall on the path rejects connection attempts
 
port 25 is listeing an external access possible

this is the error:

Remote Server returned '554 5.4.0 < #4.0.0 smtp; 4.4.0 - Other network problem '[Errno 61] Connection refused' (delivery attempts: 0)>'

Ursprüngliche Nachrichtenköpfe:

X-IronPort-DK-Sig: DKIM_domain_de
Received: from ex2016-4.domainlocal ([10.40.15.15])
by mail1.domain.de with ESMTP/TLS/ECDHE-RSA-AES128-GCM-SHA256;
25 Nov 2022
07:54:23 +0100
 
mathias1 said:
his is the error:

Remote Server returned '554 5.4.0 < #4.0.0 smtp; 4.4.0 - Other network problem '[Errno 61] Connection refused' (delivery attempts: 0)>'
Click to expand...
where do you get this error - it does not look like a complete logline from PMG?!
 
in pmg I do not see anything, no logs nothing. this error is from the remote mailserver.
could it be a TLS problem?
 
mathias1 said:
in pmg I do not see anything, no logs nothing. this error is from the remote mailserver.
could it be a TLS problem?
Click to expand...
connection refused usually refers to a closed port - so I'd say the issue is between the remote server and your PMG - maybe a firewall - maybe something with DNS not working out ...

in any case - you need to check the remote server's configuration and logs
 
mathias1 said:
Port 25 is open, do I need other ports?
Click to expand...
no - smtp over the internet uses port 25...

check that:
* your DNS Setup is correct - MX-record pointing to your PMG's hostname, PMG's hostname pointing to the public IP of your PMG
* check the logs of your PMG when subscribing to the newsletter - if there is a connection attempt it will show up in the logs
 
MX is correct, we receive mails from other servers, only from two domains we do not receive the mails.
With my gmail.com account I receive mails from these domains. Could it be a TLS problem?
 
mathias1 said:
Could it be a TLS problem?
Click to expand...
as said - in my experience 'connection refused' usually points to a closed port (which might of course be due to a firewall in the path) - but I cannot tell since I neither have the complete logs from the sending side nor the mail-setup of the sending site...

You can of course disable TLS in the GUI, restart and try without....
 
hello,

it seems that I have found the problem

my domain is abc.com
the mx for abc.com points to mx.xyz.com
mx.xyz.com points to PMG IP
--> does not work

if I change
mx abc.com to PMG IP
--> everything works.

do you have any idea why this happens?

thanks
 
mathias1 said:
do you have any idea why this happens?
Click to expand...
not really - and without knowing the domain it's not really possible to take a look where the issue might be..
you can always use `dig` and `dnstracer` to get a better picture
or contact your DNS provider - they might be able to spot problems.

anyways I think mx records should not point to IPs but rather to hostnames (as you had configured it, where it did not work) - see e.g.:
https://serverfault.com/questions/663112/why-cant-mx-records-point-to-an-ip-address
 
Hi,

this works:

dig extraabi.de MX

; <<>> DiG 9.11.3-1ubuntu1.18-Ubuntu <<>> extraabi.de MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10439
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;extraabi.de. IN MX

;; ANSWER SECTION:
extraabi.de. 11 IN MX 10 mail.extraabi.de.

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Dec 09 12:21:29 CET 2022
;; MSG SIZE rcvd: 61


this not - any idea?

dig extraabi.de MX

; <<>> DiG 9.11.3-1ubuntu1.18-Ubuntu <<>> extraabi.de MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62013
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;extraabi.de. IN MX

;; ANSWER SECTION:
extraabi.de. 59 IN MX 10 gw-test.mailkultur.de.

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Dec 09 12:21:51 CET 2022
;; MSG SIZE rcvd: 75

any idea?

thanks
 
mathias1 said:
this works:

dig extraabi.de MX
Click to expand...
mathias1 said:
this not - any idea?

dig extraabi.de MX
Click to expand...

those are the same commands - might be an issue with caching?

anyways - testing with extraabi.de from here I got quite changing results - did you change the entries recently?
(asked all 3 nameservers and got gw-test.mailkultur.de a few times and now getting mail.extraabi.de only...)
Code: 
$ dig ns +short extraabi.de
robotns3.second-ns.com.
ns1.first-ns.de.
robotns2.second-ns.de.
$ dig +short +norec mx extraabi.de @robotns3.second-ns.com.
10 mail.extraabi.de.
$ dig +short +norec mx extraabi.de @robotns2.second-ns.de.
10 mail.extraabi.de.
$ dig +short +norec mx extraabi.de @ns1.first-ns.de.
10 mail.extraabi.de.
$ dig +short +norec mx extraabi.de @ns1.first-ns.de.
10 mail.extraabi.de.
$ dig +short +norec mx extraabi.de @robotns2.second-ns.de.
10 mail.extraabi.de.
$ dig +short +norec mx extraabi.de @robotns3.second-ns.com.
10 mail.extraabi.de.

In any case - both point to 5.78.43.104 - and this should work - the only thing I could imagine is that the sending servers refuse to send mail since the host uses gw-test.mailkultur.de in its smtp banner which does not match the hostname for connecting (mail.extraabi.de) - it's not the most common of configurations to refuse connecting to such hosts - but I can imagine some email-admins to have such an configuration

-> make sure that:
* your DNS entries are stable
* use the hostname of your MX as hostname of your PMG (this should make sure that the smtp-banner is correct
* ask the admins of the domains from which you do not receive e-mail what their logs say
 
thanks. DNS entries are correct, I changed it to test PMG.
But it really seems that the mail admin of the sender domain has done some configrations that the mx must match to the receiver domain
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom