Skip to main content

SMTP problem Between cPanel and gSuite using Cloudflare.

lubie
Hi there, I have been struggling with this issue for several weeks now and I still can't figure out why I can't make this work. I will try to be as precise as possible. Here are my server settings : I have a new server, HOST.MYCOMPANY.COM On this server is installed cPanel, Cloudlinux over centOS 7. This server has two cPanel Accounts : one for my own organisation and one for my customer:
  • MYCOMPANY.COM
  • MYCLIENT.COM
The DNS of Both domain are managed on my Cloudflare account. Here is my problem, some things work but some dont:
  • I can receive and send any emails within google gmail without problems with MYCOMPANY domains.
  • MYCLIENT cPanel mail account can recieve any mail from any sources.
  • MYCLIENT cPanel mail account cannot send mail to MYCOMPANY domain's email addresses but:
  • MYCLIENT cPanel mail account can send mail to any other destinations (except @MYCOMPANY.COM).
  • Any mail sent directly from my website MYCOMPANY.COM (there is no mailboxes but we have web forms, for example) with a destination @MYCOMPANY.COM are not received.
When I look to my WHM Queue Manager, all those messages are marked as "Frozen". I tried several combinaisons of settings both in Cloudflare and on the server. I tried to change nameservers in cPanel DNS zone editor to put my cloudflare nameservers without any success. As for Exim's mailhelo and mailips both files appears to be empty. I do not no what to try anymore. This is my Cloudflare settings : MYCOMPANY.COM CNAME k1._domainkey -> spf.google.com include:myemail@MYCOMPANY.COM; MYCLIENT.COM MX MYCLIENT -> "v=spf1 +ip4:MYSERVERIP1 ~all" TXT _dmarc -> v=DMARC1; p=quarantine; rua=mailto:='myemail@MYCOMPANY.COM'>myemail@MYCLIENT.COM; Note: nothing is using the Cloudflare proxy in those records. I also did a MXTOOLBOX Mail check and I get these warnings : MYCOMPANY's MXTOOBOX WARNINGS : dns - MYCOMPANY.COM - SOA Serial Number Format is Invalid dns - MYCOMPANY.COM - SOA Expire Value out of recommended range smtp - alt1.aspmx.l.google.com - Reverse DNS Resolution FAILED! This is a problem smtp - alt1.aspmx.l.google.com - Reverse DNS does not match SMTP Banner smtp - alt2.aspmx.l.google.com - Reverse DNS does not match SMTP Banner smtp - alt3.aspmx.l.google.com - Reverse DNS does not match SMTP Banner smtp - alt4.aspmx.l.google.com - Reverse DNS Resolution FAILED! This is a problem MYCLIENT's MXTOOBOX WARNINGS : dns - MYCOMPANY.COM - SOA Serial Number Format is Invalid dns - MYCOMPANY.COM - SOA Expire Value out of recommended range smtp - Reverse DNS does not match SMTP Banner smtp - Warning - Does not support TLS. smtp - 15.531 seconds - Not good! on Transaction Time Finally, here's a DIG MX from my server for both domains : MYCOMPANY's DIG: MYCOMPANY.COM. 300 IN MX 1 aspmx.l.google.com. MYCOMPANY.COM. 300 IN MX 5 alt1.aspmx.l.google.com. MYCOMPANY.COM. 300 IN MX 5 alt2.aspmx.l.google.com. MYCOMPANY.COM. 300 IN MX 10 alt3.aspmx.l.google.com. MYCOMPANY.COM. 300 IN MX 10 alt4.aspmx.l.google.com. MYCLIENT's DIG : MYCLIENT.COM. 114 IN MX 0 mail.MYCLIENT.com. I am pretty sure there is a very simple solution to this problem but I can't figure it out. If that kind of puzzely thing stimulates your little grey cells, I would appreciate any help you could offer. Thank you. Jim

Comments

5 comments

Date Votes
  • cPanelLauren
    MYCLIENT cPanel mail account cannot send mail to MYCOMPANY

    If you log in to SSH and run the following: cat /etc/remotedomains
    cat /etc/localdomains
    Is your domain in the output for either file? If so which?
    Any mail sent directly from my website MYCOMPANY.COM (there is no mailboxes but we have web forms, for example) with a destination @MYCOMPANY.COM are not received.

    What is the output for these in the exim logs or the php error logs if enabled? The exim logs can be found at: /var/log/exim_mainlog
    PHP error logs are typically located in the documentroot for the domain, which is by default: /home/$user/public_html/error_log
    0
  • lubie
    Thank you very much for answering!
    If you log in to SSH and run the following: cat /etc/remotedomains
    cat /etc/localdomains
    Is your domain in the output for either file? If so which?

    It appears like both my domains exists only in the localdomains file. The remotedomains file is however empty.
    What is the output for these in the exim logs or the php error logs if enabled? The exim logs can be found at: /var/log/exim_mainlog
    PHP error logs are typically located in the documentroot for the domain, which is by default: /home/$user/public_html/error_log

    I tried sending an email from MYCLIENT's test mailbox using Roundcube to my admin@MYCOMPANY's email, here's what appears in the exim_mainlog: SMTP connection from [::1]:55714 (TCP/IP connection count = 1) 1is4jg-005Nf5-99 <= test@MYCLIENT.com H=(host.MYCOMPANY.com) [::1]:55714 P=esmtpa A=dovecot_login:test@MYCLIENT.com S=576 id=48ae2337f957aac0fb2331a9a1270117@MYCLIENT.com T="test" for admin@MYCOMPANY.com SMTP connection from (admin.MYCOMPANY.com) [::1]:55714 closed by QUIT cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1is4jg-005Nf5-99 1is4jg-005Nf5-99 => MYCOMPANY R=localuser T=dovecot_delivery C="250 2.0.0 poZ0FxBeIF4tkhMAjQdSkw Saved" 1is4jg-005Nf5-99 Completed cwd=/usr/local/cpanel/whostmgr/docroot 2 args: /usr/sbin/exim -bpra
    For the record, I never received this email. As for PHP Error logs they are only available for my client's account but There is only website warnings and error from when we added the website in December. Nothing fresh there as websites works perfectly. Does it rings any bell ? Thank you!
    0
  • cPanelLauren
    It appears like both my domains exists only in the localdomains file. The remotedomains file is however empty.

    Your domain doesn't get it's mail on the server though, it gets it at Google so your domain should be remote. Can you add it in /etc/remotedomains
    or Go to WHM>>DNS Functions>>Edit DNS Zone and modify your domain to be "remote mail exchange" at the bottom. For the email can you get me the output of the following: exigrep 1is4jg-005Nf5-99 /var/log/exim_mainlog
    0
  • lubie
    For the email can you get me the output of the following: exigrep 1is4jg-005Nf5-99 /var/log/exim_mainlog

    Sure, it looks like what was in the log : cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1is4jg-005Nf5-99 1is4jg-005Nf5-99 <= test@MYCLIENT.com H=(host.beauvoir.ca) [::1]:55714 P=esmtpa A=dovecot_login:test@MYCLIENT.com S=576 id=48ae2337f957aac0fb2331a9a1270117@MYCLIENT.com T="test" for ADMIN@MYCOMPANY.com 1is4jg-005Nf5-99 => beauvoir R=localuser T=dovecot_delivery C="250 2.0.0 poZ0FxBeIF4tkhMAjQdSkw Saved" 1is4jg-005Nf5-99 Completed
    Your domain doesn't get it's mail on the server though, it gets it at Google so your domain should be remote. Can you add it in /etc/remotedomains

    I did just that and it gave me this warning : zone mycompany.com/IN: NS 'ns1.mycompany.com' has no address records (A or AAAA) zone mycompany.com/IN: NS 'ns2.mycompany.com' has no address records (A or AAAA) zone mycompany.com/IN: not loaded due to errors.
    But the change appears to have worked as the domain MYCOMPANY.com is now in /etc/remotedomains file and not in localdomains. Does it means I should change nameservers on mycompany's account DNS zone to my cloudflare's DNS? or should I keep ns1.MYCOMPANY.com and NS2.MYCOMPANY.com ? Now I just tested some email test to my domain from the server and it worked just fine! It looks like it also work for my client's account even without any changes there. I will do some more tests to be sure everything works softly but I believe the problem was as simple as that. Still I dont quite understand why it's like that. I always select "auto select mode" for mail exanger when I create a new cPanel account. Should I consider it good practice to always force external mail exchangers when a domain's mail is managed from outside the server? Also, Is it good practice to use external nameservers (like cloudflare) if the account's DNS are managed in cloudflare ? I thank you very much for your help, I really appreciate your time.
    0
  • cPanelLauren
    I did just that and it gave me this warning :

    That warning is a result of the local zone file not being configured properly. ns1.mycompany.com and ns2.mycompany.com don't have A records attributed to them in the local zone file. This is unrelated to the domain being present in /etc/remotedomains, this just occurred because the zones were reloaded.
    Does it means I should change nameservers on mycompany's account DNS zone to my cloudflare's DNS? or should I keep ns1.MYCOMPANY.com and NS2.MYCOMPANY.com ?

    This is up to you? I'm not sure how that's relevant.
    I always select "auto select mode" for mail exanger when I create a new cPanel account.

    I do as well in most cases, but in this instance, the domain's zone file seems to have had some inconsistencies and should have been updated when the MX records were set to retrieve mail elsewhere.
    Should I consider it good practice to always force external mail exchangers when a domain's mail is managed from outside the server?

    This would be a good practice, if you know that mail won't be managed on the server.
    Also, Is it good practice to use external nameservers (like cloudflare) if the account's DNS are managed in cloudflare ?

    There's nothing wrong with using CloudFlare and it can improve security as well as response times.
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post