1 (edited by theflash2015 2022-09-14 11:51:49)

Topic: cant receive emails

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):  1.5.2 MARIADB edition
- Deployed with iRedMail Easy or the downloadable installer? downloadable installer
- Linux/BSD distribution name and version: Ubuntu 20.04 LTS x64
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

I set up my email server 5 months ago, it worked for 5 months, but i cant receive emails since yesterday.
I tried to send an email from ******@qq.com to postmaster@flashgamestore.com, it shows "The email has been delivered to the recipient's mailbox." on my qq email, but i didn't receive the email.

Thank you.

Post's attachments

Screenshot 2022-09-14 111020.png 16.93 kb, file has never been downloaded. 

Screenshot 2022-09-14 115022.png
Screenshot 2022-09-14 115022.png 47.63 kb, 1 downloads since 2022-09-14 

You don't have the permssions to download the attachments of this post.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Stable release is out.

2

Re: cant receive emails

The screenshot doesn't show anything, what about logs?

3

Re: cant receive emails

Thank you for your reply.
Please check these logs



Cthulhu wrote:

The screenshot doesn't show anything, what about logs?

Post's attachments

dovecot.log 4.08 kb, 1 downloads since 2022-09-15 

imap.log 1.39 mb, 1 downloads since 2022-09-15 

mail1.log 1017.46 kb, 1 downloads since 2022-09-15 

sieve.log 317 b, 1 downloads since 2022-09-15 

You don't have the permssions to download the attachments of this post.

4 (edited by Cthulhu 2022-09-15 20:57:28)

Re: cant receive emails

First of all, your mailserver is sending out spam, and that massively

mildred1984.terpstra@zoomservice.top is the originating source

then:

the smtp banner shows mail.steamgame007.com ( so you have several domains hosted and use this as smtp banner?

104.156.244.145.vultrusercontent.com is the PTR, which is a violation and seems to be a ddynamic ip

did you follow the guides?

https://docs.iredmail.org/setup.dns.html#ptr

awell, you should have a shitton of mails in the postmaster account, did you even check those?

i can clearly see that you got several warnings:

Content-filter at mail.flashgamestore.com" <postmaster@mail.flashgamestore.com>, subject=Spam FROM LOCAL [178.176.174.114]:25132 <mildred1984.terpstra@zoomservice.top>

and you use several different IP's:

178.176.174.74
178.176.175.251
178.176.174.114

the compromised mail account is sending from all of those 3 IP

So, i really don't understand what your milserver setup is, why you dot have an PTR, nor why your mailserver banner is mismatching

did you at least close the compromised account?

5 (edited by theflash2015 2022-09-19 16:06:28)

Re: cant receive emails

I only set A record and MX record, because it worked without PTR for several months.
I've changed password for the compromised account, still can't receive email.
and then i blocked all internet access, and sever vCPU usage(150%-200%, only 3% for new server) is still high.
The email server is only used to receive emails, outgoing traffic on port 25 is blocked by ISP.

I migrated to a new server and everything works fine, but still need to figure out why old server didnt work.

Thank you so much for your help!

Cthulhu wrote:

First of all, your mailserver is sending out spam, and that massively

mildred1984.terpstra@zoomservice.top is the originating source

then:

the smtp banner shows mail.steamgame007.com ( so you have several domains hosted and use this as smtp banner?

104.156.244.145.vultrusercontent.com is the PTR, which is a violation and seems to be a ddynamic ip

did you follow the guides?

Post's attachments

InkedScreenshot 2022-09-19 152001.jpg
InkedScreenshot 2022-09-19 152001.jpg 12.28 kb, file has never been downloaded. 

Screenshot 2022-09-19 145647.png 169.27 kb, file has never been downloaded. 

Screenshot 2022-09-19 151523.png 82.48 kb, file has never been downloaded. 

Screenshot 2022-09-19 152010.png
Screenshot 2022-09-19 152010.png 3.59 kb, file has never been downloaded. 

Screenshot 2022-09-19 152244.png
Screenshot 2022-09-19 152244.png 55.39 kb, file has never been downloaded. 

You don't have the permssions to download the attachments of this post.