Community

Unable to send or receive mail

Hi,

Is there someone who can help me?
My users are not able to send or receive email.
I suspect it is the setting:

Allow / Disallow local delivery
Allow local delivery
Require authentication

When I enable the Require Authentication the users are only able to receive.
The other way around they are only able to send.

MXToolbox shows Local Delivery not Allowed.
Looking at DNS, I had contact with my DNS provider and the domain is setup properly, so that could not be the case, they’ve checked.

I really really need help, who is willing?

Kind Regards, FrankB

Hi Frank
Please take a screenshot from that rule and upload here.
And second, to further assisst please set smtp-in and processing module log level on “Protocol communication”:
WEBADMIN > SERVICES > SMTP Receiving > Service Configuration > Logging
and
WEBADMIN > QUEUE > Processing > Service Configuration > Logging

Then send a test email and attach the log file.
by default logs stores in :
[axigen/working/directory]/log/everything.txt

Hi Mohammad,

image
This is in: Acceptance & Routing > Acceptance Basic Rules

Everything is empty, I made the settings you asked and send an email with both options, e.g. Require Authentication on and Require Authentication off.

I’ve attached the smtp recieved and the smtp send log files.

Thank you for your help.

Kind Regards, Frank Bastiaens

These are my logfiles

MD5 Hash: 4c0fbee04e5103d31085fd79da56e5d2

Dear Frank
In files you attached there are too many attempts for brute force attack.
can you tell me which one is sender and recipient and mention time?
also please open Queue > View Queue
and determine is any email stick in queue?

Hi Mohammad,

I’ve checked the queue, there’s nothing in there.
The email I send my mail from was performance-high@putloo.com or f.bastiaens@aimed.nl

Kind Regards, Frank

Ps, any document whit the best settings to block these bruteforce attacks?

I dont see these emails.
to have better investigation Queue Processing log require.
please send and receive again and send the the logs again (smtp-in, queue processing, smtp-out).

To avoid bruteforce attack if you run axigen on linux you can use fail2ban. check attached file
fail2ban.txt (2.1 KB)

Hi Mohammad,

The subject on all the email was: Axigen Test Email.
I send 3 from the outside they arrived, but sending didn’t work.

And alas, I have a windows Axigen Server, so fail2ban won’t be an option. :frowning:

http://autoupdates/Logfiles/AxigenLogs.zip are the logfiles.
MG5 Checksum: b2c7b46270cd23381455e9a9b9ce4059

In this case I sended all my logfiles.

Kind Regards, Frank

Dear Frank
Link is not valid

To avoid brute force in windows I joined axigen to active directory.
Its not a complete solution but for now I think its best solution.
axigen needs to implement a better solution.

this domain “aimed.nl” uses MSExchange and this domain “putloo.com” does not have any MX record in its DNS server and maybe this is the reason you cannot send email.

http://www.svs4all.com/autoupdates/Logfiles/AxigenLogs.zip

This is the correct one, I never send an email to putloo.
At the moment the server is set to receive mails, but can’t send, shall I reverse the setting of the screenshot for the other situation?

Kind Regards, Frank

Dear Frank
sorry for delay
I looked into the logs and found nothing reasonable to avoid sending your emails.
If you send your emails and don`t receive NDR (Non Delivery Response) or there is no email in Queue then your email is sent.
I just see some errors that showed sometimes gmail blocked you.
to check your email server and its grade you can use there sites:
https://www.mail-tester.com/
https://emailsecuritygrader.com/

Thank you Mohammad,

I’ve now switched the bottom checkmark on again.
Have a look at the logfiles now, you’ll see the problem is at the server. (from Aimed.nl)
Use the same URL, with this MD5 hash: 4ba276b70ba22f55303e1fa170d09c49

Cheers.

I can probably try to expand my Powershell script, to automatically ban any brute attempt IP’s in the windows firewall.
At the moment it only gives me the IP, country and attempts and I manually add them in the global IP ban in webadmin.

cant promise when it will be finished, but I’ll let you know.

for reference: Made a powershell script to parse SMTP Receiving log

Dear Frank
Please check some configuration:
1- check SSL configuration, use below cypher, enable all TLS versions and disable all SSL versions:
https://www.axigen.com/documentation/a-grade-ssl-listeners-p3277035

2- check SPF configuration or disable it for a while.

3- check the size of email before send:
image

4- check all user and domain rules or anti-spam filters that sending domain does not contain it:
image

and finally I strongly recommend you to update Axigen to newer version.
Please send me feedback.

Updated script added in the forum post linked above.