The Old Man Posted September 19, 2023 Posted September 19, 2023 Hello, My server currently has a problem with emails not being sent via SMTP using Sparkpost. Port 587 is open. No errors were reported at Sparkpost. I've made no changes, but Dovecot is being spammed and rejected to death from Russia more so than usual, aside from that I went looking for clues. When I do an Email Test from the AdminCP, but only this shows: There is no actual text message, just the icon; when I look at the Email Error logs, they are empty.
Marc Posted September 19, 2023 Posted September 19, 2023 I have added a bug report for this. The issue is simply "could not be sent". Your email host is rejecting this. It looks to be this " 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail." The Old Man 1
The Old Man Posted September 19, 2023 Author Posted September 19, 2023 Thanks, I wasn't sure why it was not showing any message. I did find something in my EXIM server logs Exim mainlog 2023-09-19 13:48:07.274 [2706523] SMTP connection from [199.xxx.xxx.xxx]:57344 I=[127.0.0.1]:587 (TCP/IP connection count = 1) 2023-09-19 13:48:07.417 [1188149] SMTP connection from vps.hosting.com (smtp.eu.sparkpostmail.com) [199.xxx.xxx.xxx]:57344 I=[127.0.0.1]:587 closed by QUIT 2023-09-19 13:48:07.618 [1188149] no MAIL in SMTP connection from vps.hosting.com (smtp.eu.sparkpostmail.com) [199.xxx.xxx.xxx]:57344 I=[127.0.0.1]:587 D=0.342s X=TLS1.2:ECDHE-ECDSA-AES128-GCM-SHA256:128 CV=no C=EHLO,STARTTLS,EHLO,QUIT So I used SWAKS (the Swiss Army Knife of SMTP) tool to test from the CLI and it reported (sanitised): swaks -server smtp.sparkpostmail.com:587 -tls --auth-user SMTP_Injection --auth-password <**API_KEY>** --to <**TO_EMAIL>** --from <**FROM_EMAIL>** === Trying smtp.sparkpostmail.com:587... === Connected to smtp.sparkpostmail.com. <- 220 2.0.0 smtp.sparkpostmail.com ESMTP ecelerity 4.4.1.18017 r(msys-ecelerity:tags/4.4.1.10) Tue, 19 Sep 2023 12:59:47 +0000 -> EHLO vps.hosting.com <- 250-gb.mta1vsmtp.cc.aws-usw2b.prd.sparkpost says EHLO to 199.xxx.xxx.xxx:46736 <- 250-AUTH=LOGIN PLAIN <- 250-AUTH LOGIN PLAIN <- 250-SMTPUTF8 <- 250-STARTTLS <- 250-8BITMIME <- 250-PIPELINING <- 250 ENHANCEDSTATUSCODES -> STARTTLS <- 220 2.0.0 continue === TLS started with cipher TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256 === TLS no local certificate set === TLS peer DN="/CN=*.sparkpostmail.com" ~> EHLO vps.hosting.com <~ 250-gb.mta1vsmtp.cc.aws-usw2b.prd.sparkpost says EHLO to 199.xxx.xxx.xxx:46736 <~ 250-SMTPUTF8 <~ 250-ENHANCEDSTATUSCODES <~ 250-PIPELINING <~ 250-AUTH=LOGIN PLAIN <~ 250-AUTH LOGIN PLAIN <~ 250 8BITMIME ~> AUTH LOGIN <~ 334 VXNlcm5hbWU6 ~> U01UUF9JbmplY3Rpb24= <~ 334 UGFzc3dvcmQ6 ~> ODU0M2Q4NWdkODUxODM0MDM4YTAzOGZiNmY5ZThkOA== <~* 535 5.7.8 Authentication credentials invalid. ~> AUTH PLAIN AFNNVFBfDIxMmU3Mjc3ZDg1MTgzNDAzOGEwMzhmYjZmOWU4ZDg= <~* 535 5.7.8 Authentication credentials invalid. *** No authentication type succeeded ~> QUIT <~ 221 2.3.0 gb.mta1vsmtp.cc.aws-usw2b.prd.sparkpost closing connection === Connection closed with remote host. I know my API keys are correct.
Marc Posted September 19, 2023 Posted September 19, 2023 This is then something you would need to take up with sparkpost
The Old Man Posted September 19, 2023 Author Posted September 19, 2023 I fixed it simply by disabling this option in WHM > Service Configuration > Exim > Basic > Security settings: Require clients to connect with SSL or issue the STARTTLS command before they are allowed to authenticate with the server. It is enabled by default.
Marc Posted September 19, 2023 Posted September 19, 2023 Glad to hear you managed to get the issue resolved
The Old Man Posted September 19, 2023 Author Posted September 19, 2023 Thanks, I'm not sure about it as a solution, more a workaround.
Marc Posted September 19, 2023 Posted September 19, 2023 While I understand, thats something you would need to resolve with your email host
Solution The Old Man Posted October 5, 2023 Author Solution Posted October 5, 2023 Well, for anyone in the future who is struggling with sending email via IPS with SMTP whether with your own server or external third-party SMTP, I finally got it working after finding an old note to myself after a previous server move! It was my CSF Firewall that was the root cause. Firewall CSF was blocking outgoing email despite all outgoing ports being open. So first step, unlike my temporary fix above to disable this... Go to WHM > Service Configuration > Exim > Basic > Security Quote Require clients to connect with SSL or issue the STARTTLS command before they are allowed to authenticate with the server. Leave this at default (ENABLED) for better security. Then in CSF Configuration Settings... Quote Ensure SMTP_REDIRECT is disabled. No more empty messages in IPS log, and mail sent immediately.
Marc Posted October 6, 2023 Posted October 6, 2023 Glad to hear you managed to get this resolved The Old Man 1
Marc Posted November 3, 2023 Posted November 3, 2023 This issue has been resolved in our recent 4.7.14 release of the platform. Please upgrade to resolve the issue, and if you see any further problems at that point, please let us know. The Old Man 1
Recommended Posts