Jump to content
  • 0

Smtp Problem When Using Mandrill & Mailgun


bigcat

Question

Hi everyone,
I'm having a problem with Blesta SMTP setting whereby it failed and unable to send the email. But to add to the confusion, Blesta email works if I use Gmail SMTP.

 

kjtTViv.png

 

'Sent' = Gmail SMTP

Green box = Mandrill

Orange box = Mailgun

Red box = error message (similar message for Mandrill too)

 

All tested using port 465. Based on error message I'm inclined to say that its due to port blocking or SMTP authentication problem. However I've tested the exact same SMTP credential using cURL in the same server and its working. Meaning port blocking or firewall is not the problem. Telnet to all on port 465 works too.

 

If its any help, here's the header of the email that I send from my Blesta server using cURL (Mailgun)


Delivered-To: mnt@waulabs.com
Received-SPF: Pass (zoho.com: domain of bounce@waulabs.com designates 184.173.153.222 as permitted sender ) client-ip: 184.173.153.222
Return-Path: <bounce+8c20ba.0f6aca-mnt=waulabs.com@waulabs.com>
Received: from mail-s94.mailgun.info (mail-s94.mailgun.info [184.173.153.222]) by mx.zohomail.com
    with SMTP id 1427516233730315.8639965471958; Fri, 27 Mar 2015 21:17:13 -0700 (PDT)
Received: by luna.mailgun.net with HTTP; Sat, 28 Mar 2015 04:17:12 +0000
DKIM-Signature: a=rsa-sha256; v=1; c=relaxed/relaxed; d=waulabs.com; q=dns/txt;
s=smtp; t=1427516232; h=Sender: Date: Content-Transfer-Encoding:
Message-Id: To: From: Subject: Content-Type: Mime-Version;
bh=Sf9HpqFHc9DdbAjbpJi2xCYR0vhjeXD3NpqhT4c+mBk=; b=BUI/TbzBaKXLpBZx0k7+dEMlfsusnXMLDS9C3oeUa7SilX8oD/LF4ZnnR6GNqRODmlu4/36Y
mSa5GlmKpvK1oomXfjApSLyd3VA5V1lX5+HplAXhDDIxrr3YxJ0Z6Mlfu9rXco+9VqCoDZ2K
1SHASbyUmTa8CSQ7jvbp1G7vYuY=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=waulabs.com; s=smtp; q=dns;
h=Mime-Version: Content-Type: Subject: From: To: Message-Id:
Content-Transfer-Encoding: Date: Sender;
b=oS5FkxVPte+SOi+zSvGF/L/KGr8ddOBIK69dqiO6Felx/zw7j5phdStlF+Ws9k37Aw2JO9
rA4VekyoIhxNyjRstC27pIBLQBfodkne+xrkMiMWYmAmal/7Sjw/V2VkSG/5IKzuuEhCHsCW
pMfqjE7VQpq1oASEKV/RhHvLRkNrU=
Mime-Version: 1.0
Content-Type: text/plain; charset="ascii"
Subject: Hello Mohamad
From: Mailgun Sandbox <postmaster@waulabs.com>
To: Mohamad <mnt@waulabs.com>
Message-Id: <20150328041712.7119.70427@waulabs.com>
Content-Transfer-Encoding: 7bit
X-Mailgun-Sid: WyI2YTcwYyIsICJtbnRAd2F1bGFicy5jb20iLCAiMGY2YWNhIl0=
Date: Sat, 28 Mar 2015 04:17:12 +0000
Sender: postmaster@waulabs.com
X-ZohoMail: SS_1 SFPD SFPP UW2468 UB2468 PIS_SCB SF_SIP_5 COSF ODL SGR3_1_19035_45
X-ZohoMail-Owner: <20150328041712.7119.70427@waulabs.com>+zmo_0_<bounce+8c20ba.0f6aca-mnt=waulabs.com@waulabs.com>
X-ZohoMail-Sender: 184.173.153.222
X-Zoho-Virus-Status: 2

I've also contacted Mandrill & Mailgun for help, and still waiting for their reply. In the meantime please advise and share your though on this :)

By the way this is fresh Blesta installation from scratch(not migration). I also have root access to the server.

 

Link to comment
Share on other sites

16 answers to this question

Recommended Posts

  • 0

using port 465 for SMTP was revoked technically By the end of 1998!

 

http://en.wikipedia.org/wiki/SMTPS

 

So yes since it was revoked 17 years ago, it's VERY OLD FASHIONED ;-)

 

Noted. I was under the impression that you mean SSL on port 465 wouldn't work with Blesta :)

 

I'm using Mandrillapp for blesta and I don't have this problem, so sounds like a server configuration issue.

 

Indeed it is.

 

 

 

I spend some time yesterday to trace back my steps. I'm using WHM/cPanel by the way. I'm happy to say that I've managed to solve my issue.

 

Solution

During WHM/cPanel installation. I enabled SMTP restriction as security measure. What this setting does is, it will redirect all connection attempt from PHP to remote SMTP, to internal SMTP. Disabling this fixed it for me.

 

7PvB2zg.png

 

Thank you everyone for the tips and pointer!

Link to comment
Share on other sites

  • 0

at Blesta admin interface : settings/company/emails/mail setting

 

 

have you selected TLS at SMTP Security

 

and by the way only port 587 should be used

 

 

And also double check you done DNS records requested by smtp provider like TXT records for 1/ DKIM & 2/ TXT for allowed sender

Link to comment
Share on other sites

  • 0

at Blesta admin interface : settings/company/emails/mail setting

 

 

have you selected TLS at SMTP Security

 

and by the way only port 587 should be used

 

 

And also double check you done DNS records requested by smtp provider like TXT records for 1/ DKIM & 2/ TXT for allowed sender

 

 

All domain and DNS already verified, and tested to be working properly using cURL from same server.

 

My provider block port 587 & 25. So I have no option but to use SSL on port 465.

And it works when I tested using Gmail SMTP. It doesn't when I try using different SMTP provider. I've checked my SMTP provider log but didn't see any auth fail, so I think Blesta email doesn't even leave the server.

 

I suspect its PHP or problematic Blesta installation, but that doesn't explain why Gmail SMTP is working.

 

Any other idea?  :blesta: 

Link to comment
Share on other sites

  • 0

your issue is just port blocking at your host,  because most smtp provider only work with TLS & port 587  VS 465

 

using port 465 & SSL is mostly for not compliant email client like old fashioned microsoft software, and not all smtp gateway will allow you to use port 465 & SSL

Link to comment
Share on other sites

  • 0

your issue is just port blocking at your host,  because most smtp provider only work with TLS & port 587  VS 465

 

using port 465 & SSL is mostly for not compliant email client like old fashioned microsoft software, and not all smtp gateway will allow you to use port 465 & SSL

 

No. As I already said. Gmail SMTP on port 465 works, and Mailgun/Mandrill suppose to work over port 465.

SSL over port 465 is definitely not old fashioned, so I don't know where you're going with this.

Link to comment
Share on other sites

  • 0

SSL over port 465 is definitely not old fashioned, so I don't know where you're going with this.

It actually is, since 1998, it's only used for legacy applications and should be avoided otherwise. SSL should be avoided when possible and TLS should be used. Gmail runs TLS over the standard port 587.

 

Anyway,

 

My provider block port 587 & 25. So I have no option but to use SSL on port 465.

Which provider is this, your datacenter the server is located? That seems odd. What do your PHP and mail logs say? We can only speculate as to what the problem may be, but a quick look at the logs should shed some light on the issue.

 

I'm using Mandrillapp for blesta and I don't have this problem, so sounds like a server configuration issue.

Link to comment
Share on other sites

  • 0

I had this whitelisted IP on my csf and it is working again.

 

54.204.65.134 # mandrill 1 - Tue Mar 31 20:35:34 2015
54.159.27.16 # mandrill 2 - Tue Mar 31 20:36:08 2015
54.197.50.101 # mandrill 3 - Tue Mar 31 20:36:34 2015
54.237.217.91 # mandrill 4 - Tue Mar 31 20:37:06 2015
54.158.189.65 # mandrill 5 - Tue Mar 31 20:37:39 2015
54.204.208.115 # mandrill 6 - Tue Mar 31 20:38:11 2015
54.251.103.127 # mandrill static api below
54.251.103.116
54.252.94.186
54.252.87.172
54.232.85.89
54.232.85.79
54.249.244.48
54.249.244.47
54.245.105.162
54.245.105.146
54.235.146.179
54.235.146.152
54.228.241.151
54.228.236.44

Link to comment
Share on other sites

  • 0

Well,

 

Mandrill is not working again. Not sure why, all ports  open on smtp. no blacklisted IPs. using SMTP on my mail client on mac and mobile works using the same API and username. If anyone know whats the best solutions for this. Please advise :)

 

-

 

Ive added whitelist IP to csf and its working again. I think this is CSF issue. but the problem is smtp.mandrillapp.com changes IP everytime.

54.158.189.65
54.204.208.115
54.197.50.101
54.159.27.16
54.237.217.91
54.204.65.134
Edited by kenng
Link to comment
Share on other sites

  • 0

1/ flush all blocks

 

2/ At csf allow all ip block starting by 54 by using this line:

    54.0.0.0/8

 

3/ Add this in:

 

- Firewall allow Ips (csf.allow file)

- In section "lfd - Login Failure Daemon" edit : csf.ignore file

 

4/ restart csf

 

Thank you. I will try this and update

Link to comment
Share on other sites

  • 0

thanks every one for details given that will help other later,

 

Like on cpanel there general option to prevent any email to be send (or send without using local MTA), above given "smtp restriction" in cpanel, same kind of option exist in most other control panel, and it's in adition to allowed ports at firewall level.

 

For people using CSF firewall, please note, in addition to needed opened port, there is also an option to disable email sending, but this option is disabled on a default install. In firewall configuration, it's at "SMTP Settings" section: SMTP_BLOCK =    / Default: 0 [0-1].  It's should be set to "0" for disable it (allowing email sending), and see also following parameters like SMTP_ALLOWLOCAL and SMTP_PORTS

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...