First time setup struggle. Can't send nor receive. Debug posted.

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
NetChain
New user
New user
Posts: 20
Joined: 2016-08-07 23:58

First time setup struggle. Can't send nor receive. Debug posted.

Post by NetChain » 2019-02-02 01:37

Hello everyone.

I have setup the server a couple of weeks ago, but was unable to make it work probably because I'm not familiar with the server.

I have created self-signed certificate and attached it with the key to the server according to the documentation. I have also created private and public keys to one particular domain name and updated DKIM DNS records as well as SPF (I'm running BIND on my own). I also asked my back-bone provider to update their reverse DNS records for the IP's I'm leasing from them to resolve to my mail server address: mail.<mydomain>.us

In the past 2 weeks I tried various settings so much that I don't even remember what worked and when. Bottom line, right now I am unable to send mail to GMail and can't receive from GMail. Very first time it worked (I think before I installed certificates), but now it isn't.

I got symptoms like a firewall is blocking, but it is currently disabled completely (until I make everything works), beside I can easily connect to the server from my home computer via Becky (an email client), so obviously all ports are open.

Let's start with the sending problem: Here's the log from my latest attempt. It tries to connect and then times out in about 20 seconds. However if I open telnet on the same server then I can easily connect to the same address using the same port.

Code: Select all

"DEBUG"	11080	"2019-02-01 14:25:02.077"	"Starting external delivery process. Server: 31045262.in1.mandrillapp.com (54.245.105.162), Port: 25, Security: 2, User name: "
"DEBUG"	11080	"2019-02-01 14:25:02.077"	"Creating session 287"
"TCPIP"	11080	"2019-02-01 14:25:02.077"	"Connecting to 54.245.105.162:25..."
"DEBUG"	9312	"2019-02-01 14:25:23.295"	"SMTPDeliverer - Message 44 - Connection failed: Host name: 54.245.105.162, message: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond"
"DEBUG"	9312	"2019-02-01 14:25:23.295"	"Ending session 287"
"DEBUG"	11080	"2019-02-01 14:25:23.295"	"External delivery process completed"
Please keep in mind that the problem can be something very simple, since I don't know hMail Server at all, although I have been running other mail servers on my own in the past 20 years (along with DNS, web, etc.)

Here's my debug dump.
Thanks in advance.

Code: Select all

2019-02-01   Hmailserver: 5.6.7-B2425

DOMAINS

   "Domain1.com" - lixxxxxx.us                    Enabled: True

SIGNATURE         LIMITS                       DKIM               ADVANCED
  Enabled: False   Max size:                0   Enabled: False   
                   Max message size:        0                      Plus addressing: False
                   Max size of accounts:    0                    
                                                                   Greylisting:     False

   "Domain2.com" - naxxxxxxxxxxxxxxxxxx.com       Enabled: True

SIGNATURE         LIMITS                       DKIM               ADVANCED
  Enabled: False   Max size:                0   Enabled: False   
                   Max message size:        0                      Plus addressing: False
                   Max size of accounts:    0                    
                                                                   Greylisting:     False

   "Domain3.com" - nexxxxxx.us                    Enabled: True

SIGNATURE         LIMITS                       DKIM               ADVANCED
  Enabled: False   Max size:                0   Enabled: True    
                   Max message size:        0   Header:   Relaxed  Plus addressing: False
                   Max size of accounts:    0   Body:     Relaxed
                                                Algorithm: SHA256  Greylisting:     False
                                                Private key: c:\www\mail\server\certificates\Domain3.com.private.pem
                                                Selector:    dkim

   "Domain4.com" - noxx.tox                       Enabled: True

SIGNATURE         LIMITS                       DKIM               ADVANCED
  Enabled: False   Max size:                0   Enabled: False   
                   Max message size:        0                      Plus addressing: False
                   Max size of accounts:    0                    
                                                                   Greylisting:     False
-----------------------------------------------------------------------------------------------

GLOBAL RULES
-----------------------------------------------------------------------------------------------

IP RANGES

IP: 213.155.112.0 - 213.155.119.255     Priority: 20     Name: Istanbul, Turkey

  Allow connections                         Other
     SMTP:  False                              Antispam :  False
     POP3:  False                              Antivirus:  False
     IMAP:  False                              SSL/TLS:    False


IP: 185.211.0.0 - 185.211.255.255     Priority: 20     Name: Moscow, Russia

  Allow connections                         Other
     SMTP:  False                              Antispam :  False
     POP3:  False                              Antivirus:  False
     IMAP:  False                              SSL/TLS:    False


IP: 127.0.0.1 - 127.0.0.1     Priority: 15     Name: My computer

  Allow connections                         Other
     SMTP:   True                              Antispam :   True !! 'Spam tests' not enabled !!
     POP3:   True                              Antivirus:   True !! ANTIVIRUS NOT CONFIGURED !!
     IMAP:   True                              SSL/TLS:    False

  Allow Deliveries from                     Require Authentication from
     Local To Local       -  True              Local To Local       - False
     Local To External    -  True              Local To External    - False
     External To Local    -  True              External To Local    - False
     External To External -  True              External To External -  True


IP: 0.0.0.0 - 255.255.255.255     Priority: 10     Name: Internet

  Allow connections                         Other
     SMTP:   True                              Antispam :   True !! 'Spam tests' not enabled !!
     POP3:   True                              Antivirus:   True !! ANTIVIRUS NOT CONFIGURED !!
     IMAP:   True                              SSL/TLS:    False

  Allow Deliveries from                     Require Authentication from
     Local To Local       -  True              Local To Local       -  True
     Local To External    -  True              Local To External    -  True
     External To Local    -  True              External To Local    - False
     External To External -  True              External To External -  True


   !!  Warning:  DEFAULT DOMAIN is SET  !! - "Domain3.com"
------------------------------------------------------
AUTOBANNED Local Addresses:
    No entries

-----------------------------------------------------------------------------------------------

AUTOBAN
  Autoban Enabled: True       Max invalid logon attempts:      3
                              Minutes Before Reset:           30  (0.50 hours, 0.02 days)
                              Minutes to Autoban:             60  (1.00 hours, 0.04 days)

No problems were found in the IP range configuration.
-----------------------------------------------------------------------------------------------

INCOMING RELAYS
   No entries
-----------------------------------------------------------------------------------------------

MIRRORING         Disabled
-----------------------------------------------------------------------------------------------

PROTOCOLS

SMTP
GENERAL             DELIVERY                  RFC COMPLIANCE            ADVANCED
No. Connections:  0  No Retries:  4 Mins: 60   Plain Text:        False  Bind: 66.181.16.23
                     Host: EXTERNAL.TLD        Empty sender:       True  Batch recipients:   100
Max Msg Size: 20480  Relay:-                   Incorrect endings:  True  Use STARTTLS:      True
                     (none entered)            Disc. on invalid:   True  Delivered-To hdr: False
                                               Max number commands:  25  Loop limit:           5
                                                                         Recipient hosts:     15
  Routes:
     No routes defined.

POP3
  No. Connections: 0

IMAP
 GENERAL                   PUBLIC FOLDERS                    ADVANCED
  No. Connections:   0      Public folder name: #Public       IMAP sort:  True
                                                              IMAP Quota: True
                                                              IMAP Idle:  True
                                                              IMAP ACL:   True
                                                              Delim: "."
-----------------------------------------------------------------------------------------------

ANTISPAM

GENERAL                              SPAM TESTS              Score   SPAMASSASSIN
  Spam Mark:                  5       Use SPF:           False        Use Spamassassin:   False
  Add X-HmailServer-Spam:     True    Check HELO host:   False    
  Add X-HmailServer-Reason:   True    Check MX records:  False    
  Add X-HmailServer-Subject: False    Verify DKIM:       False    

  Spam delete threshold: 20         Maximum message size: 1024

DNSBL ENTRIES:
   No 'enabled' entries

SURBL ENTRIES:
   No 'enabled' entries

GREYLISTING:
  Greylisting:  False

WHITELISTING
   No entries
-----------------------------------------------------------------------------------------------

ANTIVIRUS:  No application configured.

  Block Attachments: False
-----------------------------------------------------------------------------------------------

SSL CERTIFICATES
   NetChainUS.new
       Certificate: C:\www\Mail\Server\Certificates\NetChainUS.crt
       Private key: C:\www\Mail\Server\Certificates\NetChainUS.key
   NetChainUS.old
       Certificate: C:\www\Mail\Server\Certificates\Domain3.com.crt
       Private key: C:\www\Mail\Server\Certificates\Domain3.com.key
-----------------------------------------------------------------------------------------------

SSL/TLS
             SSL 3.0 :  False
             TLS 1.0 :   True
             TLS 1.1 :   True
             TLS 1.2 :   True                Verify Remote SSL/TLS Certs:  False
SslCipherList  :

ECDHE-RSA-AES128-GCM-SHA256     - ECDHE-ECDSA-AES128-GCM-SHA256   - ECDHE-RSA-AES256-GCM-SHA384     
ECDHE-ECDSA-AES256-GCM-SHA384   - DHE-RSA-AES128-GCM-SHA256       - DHE-DSS-AES128-GCM-SHA256       
kEDH+AESGCM                     - ECDHE-RSA-AES128-SHA256         - ECDHE-ECDSA-AES128-SHA256       
ECDHE-RSA-AES128-SHA            - ECDHE-ECDSA-AES128-SHA          - ECDHE-RSA-AES256-SHA384         
ECDHE-ECDSA-AES256-SHA384       - ECDHE-RSA-AES256-SHA            - ECDHE-ECDSA-AES256-SHA          
DHE-RSA-AES128-SHA256           - DHE-RSA-AES128-SHA              - DHE-DSS-AES128-SHA256           
DHE-RSA-AES256-SHA256           - DHE-DSS-AES256-SHA              - DHE-RSA-AES256-SHA              
AES128-GCM-SHA256               - AES256-GCM-SHA384               - ECDHE-RSA-RC4-SHA               
ECDHE-ECDSA-RC4-SHA             - AES128                          - AES256                          
RC4-SHA                         - HIGH                            - !aNULL                          
!eNULL                          - !EXPORT                         - !DES                            
!3DES                           - !MD5                            - !PSK;                           
-----------------------------------------------------------------------------------------------

TCPIP PORTS                                         Connection Sec
               66.181.16.23    / 25    / SMTP   -   StartTLS Optional   Cert: NetChainUS.new
               66.181.16.23    / 110   / POP3   -   StartTLS Required   Cert: NetChainUS.new
               66.181.16.23    / 143   / IMAP   -   StartTLS Required   Cert: NetChainUS.new
               66.181.16.23    / 465   / SMTP   -   SSL/TLS             Cert: NetChainUS.new
               66.181.16.23    / 587   / SMTP   -   StartTLS Required   Cert: NetChainUS.new
               66.181.16.23    / 995   / POP3   -   StartTLS Required   Cert: NetChainUS.new
-----------------------------------------------------------------------------------------------

LOGGING      Logging Enabled: True

  Paths:-
    Current:  D:\Mail\Logs\hmailserver_2019-02-01.log
    Error:    D:\Mail\Logs\ERROR_hmailserver_2019-02-01.log
    Event:    D:\Mail\Logs\hmailserver_events.log - Not present
    Awstats:  D:\Mail\Logs\hmailserver_awstats.log
                        APPLICATION -    True
                        SMTP        -    True
                        POP3        -    True
                        IMAP        -    True
                        TCPIP       -    True
                        DEBUG       -    True
                        AWSTATS     -    True
-----------------------------------------------------------------------------------------------

SYSTEM TESTS

Database type: MSSQL

IPv6 support is not available in operating system.

Backup directory D:\Mail\bak is writable.

Relative message paths are stored in the database for all messages.

-----------------------------------------------------------------------------------------------

HMAILSERVER.INI

[Directories]
Program folder:  C:\www\Mail\Server\
Database folder: 
Data folder:     D:\Mail\Data
Log folder:      D:\Mail\Logs
Temp folder:     D:\Mail\Temp
Event folder:    C:\www\Mail\Server\Events

[Database]
Type=              MSSQL
Username=          sa
PasswordEncryption=1
Port=              0
Server=            mysql.web
Internal=          0
-----------------------------------------------------------------------------------------------

Generated by HMSSettingsDiagnostics v1.95, Hmailserver Forum.

User avatar
mattg
Moderator
Moderator
Posts: 20131
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: First time setup struggle. Can't send nor receive. Debug posted.

Post by mattg » 2019-02-02 01:51

You didn't post enough of the log to show who you are sending too. That log just shows the receiving server doing nothing, not rejecting, not communicating, just doing nothing

I'd check your DNS entry for that recipient
Also check that your LAN firewall device allows outgoing connections

Can you send receive other than to gmail?

All of your TCP/IP entries have a public IP address. You should have 0.0.0.0 for all of these unless you have multiple Network connections, and then you normally use the LAN IP address not the WAN IP address, unless your WAN IP is directly connected to your server
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

NetChain
New user
New user
Posts: 20
Joined: 2016-08-07 23:58

Re: First time setup struggle. Can't send nor receive. Debug posted.

Post by NetChain » 2019-02-02 02:51

Matt, I think you're on to something.

I have 2 network cards on the server. One is for local network 192.168.x.x and another is for public IP address, connected directly via HSPA switch. There's no firewall between the hMail and the entire Internet. I think communication without SSL/TLC via port 25 works, but with the certificate is not. I don't know any server who is not using SSL except ours to test it, so I couldn't send unsecured test messages. However, we do have another mail server (which does NOT using SSL/TLC) running on the same network (different public IP address), but that 2nd mail server is also on the same local network 192.168.x.x, so I was able to send a message there without any problems.

I don't think the local network has anything to do with it, but I just mentioned it for the records.

I think my hMail simply can not communicate with servers that SSL/TLC, but I might be wrong.

Here are more logs on the delivery attempt. I was trying to test DKIM by sending a test message to dkimvalidator.com. As I mentioned despite the fact that hMail couldn't connect to that server, I was able to connect via telnet on port 25 to IP address 54.245.105.146 as well as its MX address: 31045262.in1.mandrillapp.com

Code: Select all

"DEBUG"	15968	"2019-02-01 14:24:19.967"	"Adding task DeliveryTask to work queue SMTP delivery queue"
"DEBUG"	11080	"2019-02-01 14:24:19.967"	"Executing task DeliveryTask in work queue SMTP delivery queue"
"DEBUG"	11080	"2019-02-01 14:24:19.967"	"Delivering message..."
"APPLICATION"	11080	"2019-02-01 14:24:19.967"	"SMTPDeliverer - Message 44: Delivering message from user@mydomain.us to g70V18FGClBU9r@dkimvalidator.com. File: D:\Mail\Data\{B8A4FA3C-7CE4-49B3-A8B2-4D928F1A1928}.eml"
"DEBUG"	11080	"2019-02-01 14:24:19.967"	"Applying rules"
"DEBUG"	11080	"2019-02-01 14:24:19.967"	"Performing local delivery"
"DEBUG"	11080	"2019-02-01 14:24:19.967"	"Local delivery completed"
"TCPIP"	11080	"2019-02-01 14:24:19.967"	"DNS MX lookup: dkimvalidator.com"
"TCPIP"	11080	"2019-02-01 14:24:20.092"	"DNS - MX Result: 6 IP addresses were found."
"DEBUG"	11080	"2019-02-01 14:24:20.092"	"Starting external delivery process. Server: 31045262.in1.mandrillapp.com (54.245.105.146), Port: 25, Security: 2, User name: "
"DEBUG"	11080	"2019-02-01 14:24:20.092"	"Creating session 285"
"TCPIP"	11080	"2019-02-01 14:24:20.092"	"Connecting to 54.245.105.146:25..."
"DEBUG"	16464	"2019-02-01 14:24:41.061"	"SMTPDeliverer - Message 44 - Connection failed: Host name: 54.245.105.146, message: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond"
"DEBUG"	16464	"2019-02-01 14:24:41.061"	"Ending session 285"
"DEBUG"	11080	"2019-02-01 14:24:41.061"	"External delivery process completed"
"DEBUG"	11080	"2019-02-01 14:24:41.061"	"Starting external delivery process. Server: 31045262.in1.mandrillapp.com (54.213.129.255), Port: 25, Security: 2, User name: "
"DEBUG"	11080	"2019-02-01 14:24:41.061"	"Creating session 286"
"TCPIP"	11080	"2019-02-01 14:24:41.061"	"Connecting to 54.213.129.255:25..."
"DEBUG"	16464	"2019-02-01 14:25:02.077"	"SMTPDeliverer - Message 44 - Connection failed: Host name: 54.213.129.255, message: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond"
"DEBUG"	16464	"2019-02-01 14:25:02.077"	"Ending session 286"
"DEBUG"	11080	"2019-02-01 14:25:02.077"	"External delivery process completed"
"DEBUG"	11080	"2019-02-01 14:25:02.077"	"Starting external delivery process. Server: 31045262.in1.mandrillapp.com (54.245.105.162), Port: 25, Security: 2, User name: "
"DEBUG"	11080	"2019-02-01 14:25:02.077"	"Creating session 287"
"TCPIP"	11080	"2019-02-01 14:25:02.077"	"Connecting to 54.245.105.162:25..."
"DEBUG"	9312	"2019-02-01 14:25:23.295"	"SMTPDeliverer - Message 44 - Connection failed: Host name: 54.245.105.162, message: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond"
"DEBUG"	9312	"2019-02-01 14:25:23.295"	"Ending session 287"
"DEBUG"	11080	"2019-02-01 14:25:23.295"	"External delivery process completed"
"DEBUG"	11080	"2019-02-01 14:25:23.295"	"Summarizing delivery result"
"DEBUG"	11080	"2019-02-01 14:25:23.295"	"Summarized delivery results"
"DEBUG"	11080	"2019-02-01 14:25:23.295"	"SD::RescheduleDelivery_"
"DEBUG"	11080	"2019-02-01 14:25:23.295"	"Retrieving retry options."
"DEBUG"	11080	"2019-02-01 14:25:23.295"	"Starting rescheduling."
"APPLICATION"	11080	"2019-02-01 14:25:23.295"	"SMTPDeliverer - Message 44: Message could not be delivered. Scheduling it for later delivery in 60 minutes."
"DEBUG"	11080	"2019-02-01 14:25:23.295"	"PersistentMessage::SetNextTryTime()"
"DEBUG"	11080	"2019-02-01 14:25:23.311"	"PersistentMessage::~SetNextTryTime()"
"DEBUG"	11080	"2019-02-01 14:25:23.311"	"Message rescheduled for later delivery."
"APPLICATION"	11080	"2019-02-01 14:25:23.311"	"SMTPDeliverer - Message 44: Message delivery thread completed."
[i]this is a beginning of other irrelevant activity[/i]
"DEBUG"	19640	"2019-02-01 14:30:09.342"	"Creating session 288"

User avatar
mattg
Moderator
Moderator
Posts: 20131
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: First time setup struggle. Can't send nor receive. Debug posted.

Post by mattg » 2019-02-02 02:57

Make sure that you are also logging SMTP please
ALSO, change your BIND TO in SMTP >> Advanced to 0.0.0.0 and see if that makes a difference


Try again and post your entire log

Outgoing connections to another server will use their certificate, not yours, and you are set correctly to connect via StartTLS for outgoing connections, so it should just work, if your hmailserver can actually reach the other server.

If you telnet from the same machine, you will use the same connectors in hMailsevrer UNLESS you are restricting hmailserver to a specific IP address

ALSO
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

palinka
Senior user
Senior user
Posts: 1107
Joined: 2017-09-12 17:57

Re: First time setup struggle. Can't send nor receive. Debug posted.

Post by palinka » 2019-02-02 19:02

mattg wrote:
2019-02-02 02:57
Make sure that you are also logging SMTP please
ALSO, change your BIND TO in SMTP >> Advanced to 0.0.0.0 and see if that makes a difference
Should that actually be left blank?

To the OP, I hope you don't mind me unmasking you but you left plenty of breadcrumbs for that. I used mxtoolbox to run smtp test on mail.netchain.us and it could not connect.

Would you please run the hmailserver diagnostic test in the admin app (not Jimi's diagnostic script). You can find that under utilities > diagnostics. That will tell you if the outside world can reach you and if you can reach the outside world.

Code: Select all

"TCPIP"	11080	"2019-02-01 14:24:20.092"	"Connecting to 54.245.105.146:25..."
"DEBUG"	16464	"2019-02-01 14:24:41.061"	"SMTPDeliverer - Message 44 - Connection failed: Host name: 54.245.105.146, message: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond"
You said you could send a message to another server on your LAN. Mxtoolbox could not connect to you externally and you could not connect to an external server. My guess is the bind address is preventing you from receiving and also port 25 outbound (maybe inbound too) may be blocked. Definitely the issues of sending and receiving failing are unconnected - you have at least 2 problems.

User avatar
mattg
Moderator
Moderator
Posts: 20131
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: First time setup struggle. Can't send nor receive. Debug posted.

Post by mattg » 2019-02-03 02:34

palinka wrote:
2019-02-02 19:02
mattg wrote:
2019-02-02 02:57
Make sure that you are also logging SMTP please
ALSO, change your BIND TO in SMTP >> Advanced to 0.0.0.0 and see if that makes a difference
Should that actually be left blank?
Yes, you are correct
This should be blank in most circumstances
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

NetChain
New user
New user
Posts: 20
Joined: 2016-08-07 23:58

Re: First time setup struggle. Can't send nor receive. Debug posted.

Post by NetChain » 2019-02-05 00:08

Thank you everyone (mattg and palinka).

It's kind of embarrassing: I was testing the server on the old Windows 2003 server machine and as soon as I disabled the firewall I got some viruses. They were causing all kinds of problems, probably taking hostage port 25 and God knows what.

As soon as I noticed unfamiliar processes by looking at Process Explorer, I installed Malware Bytes, it found and cleaned a bunch of things and the mail server started working flawlessly.

After testing configuration that works for me, I will move it on production server.
palinka wrote:
2019-02-02 19:02
To the OP, I hope you don't mind me unmasking you but you left plenty of breadcrumbs...
Not at all, it's going to be publicly visible server anyway, so I wasn't really hiding anything.

Post Reply