| SYSTEM INFORMATION | |
|---|---|
| OS type and version | Ubuntu Linux 24.04.3 |
| Webmin version | 2.621 |
| Virtualmin version | 8.0.0 Professional |
| Webserver version | Apache 2.4.58 |
| Related packages | Postfix 3.8.6 |
Summary
After migrating cPanel virtual servers to Virtualmin and creating new virtual servers with dedicated IPs, MXToolbox reports SMTP Banner Check: Status Warning for newly created domains, while migrated domains pass. This post documents the root cause and fix.
Problem Description
Symptom: MXToolbox SMTP Banner Check fails with warning:
SMTP Reverse DNS Mismatch: PTR resolves to mail.example.com
SMTP Banner Check: FAILED - Banner shows example.com
Observation:
-
cPanel migrated domains with dedicated IPs: SMTP banner check PASSES
-
Newly created Virtualmin domains with dedicated IPs: SMTP banner check FAILS
Root Cause Analysis
PTR Record Configuration
Both migrated and new domains have PTR records configured correctly:
dig -x 203.0.113.100 +short
mail.example.com.
SMTP Banner Difference
Migrated domain (PASSES):
echo "QUIT" | nc -w5 10.10.50.100 25
220 mail.example.com ESMTP Postfix
New Virtualmin domain (FAILS):
echo "QUIT" | nc -w5 10.10.50.101 25
220 example.com ESMTP Postfix
Postfix master.cf Analysis
For virtual servers with dedicated IPs, Virtualmin creates per-IP listeners in /etc/postfix/master.cf:
Migrated from cPanel:
10.10.50.100:smtp inet n - y - - smtpd ... -o myhostname=mail.example.com
Created in Virtualmin:
10.10.50.101:smtp inet n - y - - smtpd ... -o myhostname=example.com
The difference: cPanel migrations preserve mail.domain.com in myhostname, while Virtualmin sets it to the bare domain domain.com.
Source Code Location
The behavior originates in /usr/share/webmin/virtual-server/feature-ssl.pl at line 2739:
push(@flags, [ "myhostname", $d->{'dom'} ]);
This sets myhostname to the bare domain name ($d->{'dom'}) rather than the mail subdomain.
Solution
Fix for Existing Domains
Add mail. prefix to all myhostname entries in master.cf:
# For each domain, run:
sed -i 's/myhostname=example\.com/myhostname=mail.example.com/g' /etc/postfix/master.cf
# Reload Postfix
postfix reload
# Verify
echo "QUIT" | nc -w5 <internal-ip> 25
Fix for Future Domains (Permanent Fix)
Modify the Virtualmin source to prepend mail. to the hostname:
# Backup original
cp /usr/share/webmin/virtual-server/feature-ssl.pl /usr/share/webmin/virtual-server/feature-ssl.pl.bak
# Apply fix
sed -i 's/push(@flags, \[ "myhostname", \$d->{'"'"'dom'"'"'} \]);/push(@flags, [ "myhostname", "mail.".$d->{'"'"'dom'"'"'} ]);/' /usr/share/webmin/virtual-server/feature-ssl.pl
Before:
push(@flags, [ "myhostname", $d->{'dom'} ]);
After:
push(@flags, [ "myhostname", "mail.".$d->{'dom'} ]);
Verification
After applying fixes:
# Test SMTP banner
echo "QUIT" | nc -w5 <ip-address> 25
220 mail.example.com ESMTP Postfix
# MXToolbox should now show:
# SMTP Reverse DNS Mismatch: OK - resolves to mail.example.com
# SMTP Banner Check: OK - Reverse DNS matches SMTP Banner
Important Notes
-
PTR Records: Ensure all dedicated IP PTR records are set to
mail.domain.comformat -
Webmin Updates: This fix modifies Virtualmin source code and may be overwritten by updates. Re-apply after upgrading Virtualmin.
-
Scope: This only affects the SMTP banner (Postfix greeting). It does NOT affect:
-
Web hosting (www.domain.com)
-
SSL certificates
-
DNS records
-
Any other services
Feature Request
It would be beneficial if Virtualmin provided a configuration option for the SMTP banner hostname format, allowing administrators to choose between:
-
domain.com(current default) -
mail.domain.com(common for PTR matching) -
Custom template (e.g.,
${MAIL_SUBDOMAIN}.${DOMAIN})
This would eliminate the need to modify source files and survive updates.