English
Chinese (Simplified)
French
German
Italian
Japanese
Russian
Spanish
Vietnamese
Problems sending emails to Nemesis ESMTP Service
-
Hello everyone,
For a few days we have been experiencing problems sending to some German email addresses.
I would like to point out that our server/domain/IP address is not present in the blacklists that can be consulted online, we have dozens of email domains configured and they do not present problems.
Looking in the mdaemon logs I found a recurring item:Fri 2024-05-17 12:51:05.275: <-- 220 gmx.net (mxgmx109) Nemesis ESMTP Service ready
Fri 2024-05-17 12:49:19.203: <-- 220 kundenserver.de (mxeue103) Nemesis ESMTP Service ready
Fri 2024-05-17 12:56:35.280: <-- 220 gmx.net (mxgmx108) Nemesis ESMTP Service readypractically in the problems of sending the addresses in question the Nemesis ESMTP Service is always present and the error is always the same:
Fri 2024-05-17 12:56:35.281: --> EHLO mail.grifonline.it
Fri 2024-05-17 12:56:35.331: <-- 250-gmx.net Hello mail.xxx.it [91.200.128.11]
Fri 2024-05-17 12:56:35.331: <-- 250-8BITMIME
Fri 2024-05-17 12:56:35.331: <-- 250-SIZE 157286400
Fri 2024-05-17 12:56:35.331: <-- 250 STARTTLS
Fri 2024-05-17 12:56:35.331: --> STARTTLS
Fri 2024-05-17 12:56:35.379: <-- 220 OK
Fri 2024-05-17 13:01:38.548: Connection timed out!
Fri 2024-05-17 13:01:38.548: SMTP session terminated (Bytes in/out: 162/35)
Fri 2024-05-17 13:01:38.548: ----------The problem is certainly linked to the anti-spam system of this system but how can I intervene to resolve the problem?
Thank you.
-
Arron Staff
What version of MDaemon are you using?
If you add the receiving servers to the NO STARTTLS list, (Security / Security Settings / SSL & TLS / NO STARTLS List), are you able to send mail?
-
Hi Aaron,
Mdaemon v14.5.7
Do you mean 'STARTTLS White List white list'?
-
Arron Staff
Unfortunately MDaemon 14.5.7 is no longer supported, so my first suggestion is to upgrade to a supported version. I understand that upgrading is not always an option, so I'll do my best to try to get you pointed in the right direction.
Yes, add the IP to the STARTTLS whitelist.
If adding the IP to the STARTTLS whitelist fixes it and allows you to send mail to the servers without TLS, then there is something going wrong with the TLS negotiations. There are many different possibilities.
You can also contact the admin for the receiving server and see if they can offer any insight as to what is happening. A log snippet that shows the error from their side might point you in the right direction.
Another option would be to use Wireshark on your server to capture the traffic, there may be clues in the capture to help you figure out what the issue is.
-
@Arron
Hi Aaron,
your suggestion seems to have solved the problem, or at least with some domains the emails didn't bounce back.
The use of Wireshark for analyzing the problem is very interesting.Thank you very much!
Best regrds,
max
-
Arron Staff
I wouldn't really consider it a solution to the problem, but I'm glad it got the mail flowing for you. The reason I don't consider it a solution is because you are now sending email in plain text to that host.
