# Please help me: VestaCP - Cannot get outgoing mail to work with an external client



## Amitz (Apr 18, 2014)

Dear all,


I was seeking a free Control Panel for some friends that I host on a VPS and came across VestaCP. I must say that I generally like it *very* much. Especially that it comes with with nginx included and that it is so reduced and simple.


BUT: I am getting crazy trying to get eMail to work. It seems impossible to send eMails with an external mail client like Thunderbird or Apple Mail. The webmailer works just fine for an account that I have created, but VestaCP refuses to work with the external clients.


I thought that it may be a Debian issue (tried it first with Debian 7, 64bit), but another test with CentOS 6 (64bit) brings up the same problem. So I simply assume that this must be a general problem and easy to solve if one just knows how to do it. Is there anyone among you who may help me out? @jarland perhaps? I saw that he knows a lot about VestaCP...


Thank you all very much in advance for any hint that may help!


Kind regards


Amitz


----------



## notFound (Apr 18, 2014)

When you say external clients don't work, do you mean that they won't connect through or they connect but don't return anything or return an error or what?


----------



## WebSearchingPro (Apr 18, 2014)

Related:



https://community.rackspace.com/general/f/34/t/3470


----------



## mikho (Apr 18, 2014)

Think I read something line this before. If this is the same problem then its about thunderbird is not sending a domain name or IP that exim allows.


There is a check that is made when a clients connect, check the logs and if it is the same problem there will errors directly after the HELO command.


If I remember correct the solution is line 2 rows (where the check happens) should be commented out in vestacp and everything should work ok.


I'm sorry that I'm vague about this but my memory is playing tricks on me right now.


----------



## Amitz (Apr 18, 2014)

Sorry, yes - I was quite unspecific. My native language is german and the error messages of Apple Mail are in german (and quite verbose.

Thunderbird says:



> An error occurred sending mail: The mail server sent an incorrect greeting:  rejected because XXX.XXX.XXX.XXX is in a black list at zen.spamhaus.org\nhttp://www.spamhaus.org/query/bl?ip=XXX.XXX.XXX.XXX.


While XXX.XXX.XXX.XXX is my dynamic IP. Would it help if I comment out that part?

/etc/exim/exim.conf



> acl_check_spammers:
> accept hosts = +whitelist
> drop    message     = Your host in blacklist on this server.
> log_message   = Host in blacklist
> ...


----------



## nunim (Apr 18, 2014)

Are you using authentication for SMTP in your email client ?


----------



## Amitz (Apr 18, 2014)

Yes, I do... Really strange.

However, I will have to unexpectedly stop the VestaCP experiment for some days and will try again later!


----------



## TheLinuxBug (Apr 18, 2014)

I believe this issue is caused by Exim expecting a FQDN in the HELO.  cPanel actually more recently added this as an option and at one point had it turned on by default.  As a lot of windows users do not name their machine with an FQDN but instead use something line "JoesPC", "HP-DESKTOP134123", etc. if using a windows machine to connect to an Exim server which is expecting FQDN and the above is true, it will fail as "JoesPC" is not a FQDN.  I believe it is RFC2821 4.1.1.1.

Reference about this for cPanel: http://billing.webeasy.my/knowledgebase.php?action=displayarticle&id=294

I believe the setting you are looking for in exim is helo_accept_junk_hosts

As @mikho said, this should be able to be changed in the configurations without much effort.  

The other possibility is you have not enabled SMTP authentication when trying to send e-mails, it can cause a similar issue. However, I am assuming you already have this setup on your client. 

Edit:

If you are seeing the following in your logs like you said above:

An error occurred sending mail: The mail server sent an incorrect greeting:  rejected because XXX.XXX.XXX.XXX is in a black list at zen.spamhaus.org\nhttp://www.spamhaus....XXX.XXX.XXX.XXX.

Then you have a Dynamic ip blacklist enabled on the server which is not allowing you to connect because  the ip you are connecting from it located on that blacklist.  My suggestion is you remove the dynamic ip blacklist server from your RBL list.  This would allow that client to log in without issues. In this case it looks like Spamhaus which if they are listed in it they likely have bigger problems than just connecting to your e-mail and I would contact the local ISP to get the ip removed from the list.

Hopefully this help.

Cheers!


----------



## mikho (Apr 18, 2014)

WebSearchingPro said:


> Related:


That's the link I was thinking about. 


Same symptom, slightly different problem, similar solution.


----------



## HalfEatenPie (Apr 18, 2014)

Took care of it?


----------



## jarland (Apr 18, 2014)

Sorry, just logged in for today. Spamhaus doesn't like dynamic IP addresses and they like to list dynamic ranges. Go ahead and just cut them out of /etc/exim/dnsbl.conf (at least on centos, may vary on Debian based OS) and restart exim. I actually just have that file empty for mxroute now, I'd rather focus on bayesian filtering and fail2ban than subscribing to blacklists, it ends up better for everyone.

I also commented out some parts of exim.conf to cut out some more issues. I'm all about sharing, so feel free to take a look at the current live mxroute exim.conf linked below. There's no trade secrets here, I'd love to share with you anything I've done.

http://sprunge.us/BHZK


----------



## Amitz (Apr 19, 2014)

Thank you all! I will not be able to go on trying before Monday and will let you know how it works out!


----------



## Amitz (Apr 21, 2014)

Well, well, well... Something is strange. I have used jarlands exim.conf, but still, I am unable to send eMails. Now it says, that the server cannot be reached via standard ports. I give up and look for another free panel with nginx and working eMail out of the box. However, thank you all for your help. Maybe I am the only person in the world having those problems with VestaCP.


----------



## jarland (Apr 21, 2014)

Amitz said:


> Well, well, well... Something is strange. I have used jarlands exim.conf, but still, I am unable to send eMails. Now it says, that the server cannot be reached via standard ports. I give up and look for another free panel with nginx and working eMail out of the box. However, thank you all for your help. Maybe I am the only person in the world having those problems with VestaCP.


If you dropped in the exim.conf it has the IP set that mail is sent out from, currently set to the IP active for outgoing mail on mxroute.


----------



## Amitz (Apr 21, 2014)

jarland said:


> If you dropped in the exim.conf it has the IP set that mail is sent out from, currently set to the IP active for outgoing mail on mxroute.


Stupid me! Is it the 162.150.xxx.xx IP?


What would be the right setting to send eMails via SMTP from the same server that VestaCP is installed on?


Thank you in advance!


Kind regards


-A


----------



## jarland (Apr 21, 2014)

Amitz said:


> Stupid me! Is it the 162.150.xxx.xx IP?
> 
> 
> What would be the right setting to send eMails via SMTP from the same server that VestaCP is installed on?
> ...


Yeah that's the one. Sorry I forgot to warn you of that. Any IP on the system works as long as you haven't forced exim to bind to a single address.


----------



## Amitz (Apr 21, 2014)

Thank you, jarland!


Please accept my apologies for being a bit slow, but simply exchanging that IP with the server IP should do the trick for me? Is that right?


----------



## jarland (Apr 21, 2014)

Amitz said:


> Thank you, jarland!
> 
> 
> Please accept my apologies for being a bit slow, but simply exchanging that IP with the server IP should do the trick for me? Is that right?


Well, it should solve one problem at least. Make sure you're on centos, I think the configuration has some small differences in the Debian packages.


----------



## Amitz (Apr 21, 2014)

I will try it again (with CentOS) and report back! 


I, however, still wonder why something important like this is not working out of the box as it seems...


----------



## jarland (Apr 21, 2014)

Amitz said:


> I will try it again (with CentOS) and report back!
> 
> 
> I, however, still wonder why something important like this is not working out of the box as it seems...


It does for most of us, but some users have a problem with the default ACL in place. In your case it's mostly that your ISP was listed in the RBL that was set by default.


----------



## Amitz (Apr 21, 2014)

Tried it again. No Luck.

I have no idea how the most of you manage to get this to work, but most of me is very frustrated in the meantime. Really a pity. I liked the general concept of VestaCP but I cannot spend days to get eMail for my users to work. Maybe the 13 USD for cPanel are worth it. At least everything works from the start there. Damn.

Again, thank you very much. But it seems as if VestaCP hates me somehow...


----------



## jarland (Apr 21, 2014)

Amitz said:


> Tried it again. No Luck.
> 
> I have no idea how the most of you manage to get this to work, but most of me is very frustrated in the meantime. Really a pity. I liked the general concept of VestaCP but I cannot spend days to get eMail for my users to work. Maybe the 13 USD for cPanel are worth it. At least everything works from the start there. Damn.
> 
> Again, thank you very much. But it seems as if VestaCP hates me somehow...


Definitely a lot to be said for the reliability of cPanel. Memory is cheap, and this makes it fly:

https://github.com/Prajithp/ApacheBooster


----------



## perennate (Apr 21, 2014)

Well, you could set up a tunnel to your exim so it sees the address as local, but if you don't do it correctly it'd be security issue, and either way it'd be a strange configuration.


----------

