0

I have multiple domains on a server and Exim4 has been delivering mail to users for years without issues. Over the 4th of July weekend it started rejecting email to one user. This user has multiple email addresses e.g. FirstNameLastname, FirstInitialLastName, ect. It rejects all of them.

However, if I redirect the email to another server it redirects fine. If I redirect it to my account on that domain it works fine.

The reject message in the logs is not enlightening:

 rejected RCPT <dan...

My first thought was that permissions got changed on the account but they are the same as all the others. I did change them to 777 for cur and new but that didn’t work. They have a lot of subfolders but the total size is only 3.1M and the server has plenty of space so I don’t think it is a size issue.

Since literally nothing has changed since last week I am at a loss as to what is causing the issue.

Update: I tried sending an email using the command line directly from the server in case Charter was doing weird things and get the same error.

JScarry
  • 1
  • 5
  • What is the rest of the log entry? – Michael Hampton Jul 07 '20 at 18:30
  • @MichaelHampton That’s basically it. But here is is: 2020-07-07 11:08:22 H=impout007aa.msg.chrl.nc.charter.net (impout007.msg.chrl.nc.charter.net) [47.43.20.31] F= rejected RCPT : – JScarry Jul 07 '20 at 18:34
  • What comes after the colon? – Michael Hampton Jul 07 '20 at 18:41
  • @MichaelHampton Nothing comes after the colon. That’s the end of the line. The next line is a valid rejection for spam. All of the rejection lines seem to end with a colon. – JScarry Jul 07 '20 at 18:51
  • Start exim in debug mode by issuing `exim4 -bd -d+all -oX 22223 | tee /tmp/debuglog`, and try to connect to the given port (22223), and send a mail to the user. Exim should produce a really detailed log of what it does and why. Maybe you spot something there, if not, then please paste the relevant log fragments. – Lacek Jul 14 '20 at 07:54

1 Answers1

0

I am using this server for a new telemedicine program and will be sending email to users. I don’t want email to bounce because they look like spam. So a few days before this happened, I changed some things in my DNS so that outgoing emails had the appropriate SPF, DMARC, and DKIM TXT files. I also needed to make some changes on the server so that outgoing mail matched the domain of the sender. I also changed the server name in /etc/hosts to match the domain that is sending email. None of that caused any problems but a few days after that I rebooted the server. That’s when mail started to be rejected.

There is an exim debug command exim -bt username@domain.com that will give information on each user. For reasons that are not clear to me, it sent that users mail to trash and then listed the other aliases. None of the other users on the server were affected. However, the affected user is not part of the telemedicine company so was not in their aliases file.

The solution was to add that user to the /etc/mail/virtuals/telemedicine.com file.

JScarry
  • 1
  • 5