Mail system blues due to blacklisted IP addresses

ilouie · August 25, 2020, 11:13pm

Webmin version	1.955	Usermin version	1.803
Virtualmin version	6.12	Authentic theme version	19.54
Time on system	Tuesday, August 25, 2020 11:13 PM	Kernel and CPU	Linux 3.10.0-1127.19.1.el7.x86_64 on x86_64
Processor information	Intel® Xeon® Gold 6140 CPU @ 2.30GHz, 2 cores

briand · August 26, 2020, 7:57am

I’m not a guru
so trying to give some help from my experience.

the only problems I’ve had with email is bouncing and being rejected. so I think your problem is more fundamental.
you said you have had to reinstall virtualmin a few times, can you give an idea why you had to do this ? is it because of your mail problems ?
maybe this may give us a clue to what is happening.
without the actual domain name or error logs it’s difficult to second guess what is going wrong. getting access to the server I could look around to see if I could find anything.

ilouie · August 26, 2020, 11:56am

I got VTiger to accept the configuration, however, it’s still not sending or receiving. I tried sending and receiving using Round Cube and nothing… I checked the Dovecot conf file and nothing wrong with it…

ilouie · August 26, 2020, 12:10pm

SASL LOGIN authentication failed: authentication failure
Aug 26 11:51:15 ns1 postfix/smtpd[4901]: disconnect from unknown[45.142.120.93]
Aug 26 11:51:16 ns1 postfix/smtpd[5648]: warning: unknown[45.142.120.74]: SASL LOGIN authentication failed: authentication failure
Aug 26 11:51:17 ns1 postfix/smtpd[5648]: disconnect from unknown[45.142.120.74]
Aug 26 11:51:50 ns1 postfix/smtpd[4901]: connect from unknown[45.142.120.93]
Aug 26 11:51:53 ns1 postfix/smtpd[4901]: warning: unknown[45.142.120.93]: SASL LOGIN authentication failed: authentication failure
Aug 26 11:51:53 ns1 postfix/smtpd[4901]: disconnect from unknown[45.142.120.93]
Aug 26 11:52:00 ns1 postfix/smtpd[5648]: connect from unknown[45.142.120.74]
Aug 26 11:52:03 ns1 postfix/smtpd[5648]: warning: unknown[45.142.120.74]: SASL LOGIN authentication failed: authentication failure
Aug 26 11:52:04 ns1 postfix/smtpd[5648]: disconnect from unknown[45.142.120.74]
Aug 26 11:52:51 ns1 postfix/smtpd[4901]: connect from unknown[45.142.120.74]
Aug 26 11:52:58 ns1 postfix/smtpd[4901]: warning: unknown[45.142.120.74]: SASL LOGIN authentication failed: authentication failure
Aug 26 11:52:59 ns1 postfix/smtpd[4901]: disconnect from unknown[45.142.120.74]
Aug 26 11:54:21 ns1 postfix/smtpd[4901]: connect from unknown[45.142.120.166]
Aug 26 11:54:26 ns1 postfix/smtpd[4901]: warning: unknown[45.142.120.166]: SASL LOGIN authentication failed: authentication failure
Aug 26 11:54:27 ns1 postfix/smtpd[4901]: disconnect from unknown[45.142.120.166]

RJM_Web_Design · August 26, 2020, 1:06pm

Could this be part of your problem?

https://www.abuseipdb.com/check/45.142.120.93

https://www.abuseipdb.com/check/45.142.120.74

https://www.abuseipdb.com/check/45.142.120.166

It doesn’t appear to be because postfix is accepting the initial connection request, but I don’t know what other security software you / your hosting company may have running.

Richard

briand · August 26, 2020, 2:17pm

another thought I had is to try a different username,

try :

I recall that SASL errors in one case were due to a server upgrade and username settings were different.

briand · August 26, 2020, 2:19pm

RJM is right with the blacklist, can be seen by checking with mxtoolbox.com

calport · August 26, 2020, 2:57pm

In Virtualmin version 6.12 and beyond, the exact username is listed at Virtualmin -> Edit Users and click the button “Email Client Settings”.

ilouie · August 26, 2020, 3:05pm

I thank you all for your support, but I think I’m going to cut my losses with this Panel. Sad because I started to like it. I installed another copy in another server, and I’m able to install SSL on the Hostname but, all browsers keep saying otherwise. Now SSL won’t install on any VS. Round Cube is still not working. some say this panel is easy and some say otherwise. I’ve used many others and never faced all these problematic issues. TY

briand · August 26, 2020, 3:14pm

sorry we can’t help you, I’m sure some more experienced users may provide an idea where the problem is. however, I’d say that it is something unusual going on. email on Virtualmin works out of the box anytime I have setup.

soembody else logging in and having a look might help you. I could do that if you wanted.

one other thing to try is to check the Usermin email,
edit the user and select the login to Usermin and send email that way

briand · August 26, 2020, 3:17pm

one other question, are you sure the DNS is fully correct
(sorry if it’s a stupid question ;o))

another follow up,

what do you have in Networking, Hostname and DNS Client

ilouie · August 26, 2020, 3:20pm

I can’t find a way around this. I’m giving it one last shot. I’m going on my fifth delete and re-installation. One thing I’ve noticed is, that the new 1.955 upgrade has an option to create a VS with the Host and install Let’s automatically. I’ve said yes to all installs and none have been able to work. I’m trying it this time without the option and see what happens. I’ll get back to you in a minute. TY

calport · August 26, 2020, 3:24pm

Please also let us know that exact username, hostname and related settings which you are applying to Vtiger to get it to access email form a Virtualmin virtual server.

Hint: hostname should be hostname of your Virtualmin system, not smtp.domain.tld or imap.domain.tld or pop.domain.tld.

ilouie · August 26, 2020, 3:30pm

I actually tried hostname for for outgoing mail and it worked. it would send mail but the mail wouldn’t reach its destination. I tried it in Round Cube and same issue.

calport · August 26, 2020, 3:34pm

I would point out that the issue of mail not reaching destination could be related to

port 25 block
RDNS
Blacklisted IP
DNS records incorrectly configured, in case you are using a DNS service external to Virtualmin

All these are causes unrelated to Virtualmin. If you install any other panel, you will likely get the same result with mail. Please review this response and answer my question. We are keen to help you solve the problem.

ilouie · August 26, 2020, 3:43pm

Cal, I’ve never had these issue…I got tired of CWP and Modsec…

calport · August 26, 2020, 3:53pm

We are attempting to help you, if you will let us. You have received some inputs and suggestions from @briand, @RJM_Web_Design and @adamjedgar, who are all experienced Virtualmin users.

We need specific info from you to take this further. I had asked what hostname and login name you are specifying in Vtiger but that question goes unanswered. You say you have never had issues with port 25 block, RDNS and blacklisted IP address but @RJM_Web_Design provided links that indicate that the IP addresses that you have mentioned in your logs are not only blacklisted multiple times but also tainted. No panel (CWP, Modsec et al) could send out email from those IP addresses which will be delivered, I am quite sure.

In spite of this, we could help you find a way forward if you provide answers to specific questions which have been put to you.

ilouie · August 26, 2020, 3:53pm

At this point the only thing I can do is laugh… Now it keeps saying Connection to Server Lost…

ilouie · August 26, 2020, 3:56pm

I have not been able to provide that because I’ve since deleted the VTiger instance. As soon as I get another one installed, and providing it’s working, I’ll send you that. TY

ilouie · August 26, 2020, 3:59pm

Right now the issue I’m having is with the SSL on the Host. Even though Let’s installed it, I can’t get browsers to show as secured…