Any ideas? I believe it’s all set correctly:
Still, when I create a new virtual server it wants to use 178.251.27.1. When I force it to use 178.251.27.24 it works. But, when I send mail the receiving mailservers still want an answer from the routers IP address 178.251.27.1
How the heck do I get it to leave that router IP alone?
Do I need to set something here? When I tried that last tie the server wouldn’t boot anymore.
Well the differences are clear. Thank you for sharing. Do you remember how you did it? Last time i selected one line and hit the ‘Delete Selected’ it deleted all. I decided to not save it, but it was gone, and it wouldn’t boot anymore. So I’m a bit reluctant.
Seems this is an example without a public IP. This VM I’m using resised in a datacenter with actual assigned IP
So are both of those vps are in a data centre and have an ip allocated
I can show a thrid example which has a virtual nic with a dedicated ip if you like. To be fair virtualmin has always handled this fine with no intervention, today is the first time i have looked at the above screen, never needed to.
Thanks all. We’re getting a little closer again. I suddenly remembered that the VM IP’s had changed to .24 in stead of the previous .27 (it’s a pain that is more or less random when creating a VM in this network)
So I had to change this IP to allow call backs at ISP level. Now that I did, my mail to gmail or hotmail arirve in spam, other mailservers still bounce it, but it’s a step forward.
The header of the hotmail mails says:
Authentication-Results: spf=neutral (sender IP is 178.251.27.1)
smtp.mailfrom=decentraalinternet.nl; dkim=none (message not signed)
header.d=none;dmarc=temperror action=none header.from=decentraalinternet.nl;
Received-SPF: Neutral (protection.outlook.com: 178.251.27.1 is neither
permitted nor denied by domain of decentraalinternet.nl)
Received: from host1.hostservice.nl (178.251.27.1) by
BN7NAM10FT006.mail.protection.outlook.com (10.13.157.154) with Microsoft SMTP
Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.7362.18 via
Frontend Transport; Sat, 2 Mar 2024 10:38:12 +0000
@stefan1959 That seems to make sense when readint the above. but would I add that IP to the line with host1.hostservice.nl in stead of hostservice.nl? That last one runs a website on a different server.
Also I may have to look into that dkim (again) now with this new instance.
You can add extra IP’s to the SPF, I see host1 doesn’t have that IP.
Thanks Stefan, that made a difference too. Meanwhile I made quite some progress by reading and learning a lot.
I’m actually able to send mail now, for instance from decentraalinternet@decentraalinternet.nl to hotmail and google without ending up in spam.
However, sending mail back to that adress results in errors. The log shows:
Mar 7 18:10:43 host1 postfix/smtpd[124505]: disconnect from unknown[178.251.27.1] ehlo=1 auth=0/1 rset=1 commands=2/3
Mar 7 18:10:43 host1 postfix/smtpd[124505]: lost connection after AUTH from unknown[178.251.27.1]
Mar 7 18:10:42 host1 postfix/smtpd[124505]: warning: unknown[178.251.27.1]: SASL LOGIN authentication failed: authentication failure
Mar 7 18:10:39 host1 postfix/smtpd[124505]: warning: connect to Milter service local:/var/run/milter-greylist/milter-greylist.sock: No such file or directory
Mar 7 18:10:39 host1 postfix/smtpd[124505]: connect from unknown[178.251.27.1]
Mar 7 18:10:39 host1 postfix/smtpd[124505]: warning: hostname gateway.interracks.com does not resolve to address 178.251.27.1: Name or service not known
I suspect that name gateway.interrracks.com is from my ISP’s datacenter. I have no clue as to why any mailserver out there would want to send it to that url. It continues to use that router IP ending at .1 which I still think is where some of my issues come from.
When I try to send mail from outside back to any of the decentraalinternet.nl mailboxes, it bounces saying:
This is the mail system at host host1.hostservice.nl.
I’m sorry to have to inform you that your message could not be delivered to one or more recipients. It’s attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can delete your own text from the attached returned message.
The mail system
<decentraalinternet@hostservice.nl> (expanded from
<decentraalinternet@decentraalinternet.nl>): host
mail.hostservice.nl[85.10.137.174] said: 550 No such recipient here (in
reply to RCPT TO command)
I’ll continue to look, but if anyone has tips, feel free.
PS. is this correct:
mydestination = $myhostname, host1.hostservice.nl, localhost.hostservice.nl, localhost, $mydomain, hostservice.nl
Update; some more testing to do, but I think it’s finally getting there. Seem to be able to send mail up and down.
The error message “550 Verification failed for 550 Sender” typically indicates an issue with the sender’s email address or domain verification during the email sending process. This error is often encountered in email systems that utilize Sender Policy Framework (SPF) or DomainKeys Identified Mail (DKIM) authentication mechanisms to verify the authenticity of email senders.
having fun with this site latley, especially if you run the spoof test
The mail problems are sorted for 95%. But I still have little issues like this strange routing;
That gateway.interracks url is from my ISP, the IP address …27.1 of my router. Indeed, that won’t resolve there and isn’t supposed to. Although everyone is telling me that virtualmin using the .27.1 address as a router, I feel this is where it goes wrong. I´d prefer if virtualmin would completely ignore this .27.1 IP.
Have you been able to solve it? I’ve had a similar problem and I can’t find the answer. I have read the entire thread.
I had lost of problems, solved many. What are you running into? Meanwhile, not to disturb the thread, the last issue hasn’t been resolved. Yet.
Hi all, finally had some time to look into this again. Interestingly enough, apparently some of the changes I made last, a few weeks ago, needed time to propagate, since the results are getting better. But I still have the issue that somehow the sending domains IP address (the IP address from the virtual server) gets rewritten to the IP address of the router. So when the receiving end does a check, it ends up at the routers IP in stead of the virtual servers IP. I tried looking this up in the Postfix settings, but this is unknown territory. Can anyone make a suggestion where to find and prevent this rewrite?
Has virtualmin got a public or local ip address ? If it has a local ip address and is behind a domestic router by default the router will translate the local ip address to the public ip address
I think you just may have stumbled onto something I could have never imagined. To answer your question; the virtual server is running on a rackserver with a real public IP address. However, the ‘temporary’ router is an openwrt Linksys router. I guess you could call that a domestic router which spoils the party? Coming wednesday we’re swapping this with a MikroTik CCR1016-12G Cloud Core Router 16 core 2GB. Could that already fix the issue?
I noticed that even when I force the outgoing mailserver IP’s to the virtual server IP inside the mail settings of the domain. it doesn’t change the header IP.
Sounds like masquerading/NAT? If your server is connecting to the world through a NAT router, you need the public IP to be the one that has all the necessary IP-related stuff for sending mail (PTR, SPF). You also probably need DKIM (and maybe DMARC) for strict receivers, but that’s not IP-tied, that’s a public key stored in DNS (and DMARC is a record that explains what verification methods are available from among those others and tells receivers they should reject any mail that claims to be from your domain that doesn’t meet those requirements).
