Need help with DNS and mail server settings

[egomaniacXFR]

Hello,

situation is this:
A few friends of mine want to own a board (about soccer) and asked me to help them. They've rented a cloud server from the german provider 1&1, I've got it set up with Plesk and bought and installed Wolt Labs Burning Board. No big problems until now.

One of my friends bought a domain and I inserted it into Plesk. First I noticed that I couldn't access the board by the domain name. To set the board up I instead connected to it by using the IP adress with "/index.php?board-list/" attached to it. But of course I want to change this, however I don't know exactly how since I'm not a pro at this.

So, the 3 problems now are:

1. Instead of accessing the board, I just see a "Domain Default page" saying
If you are seeing this message, the website for #.#.#.# is not available at this time.

If you are the owner of this website, one of the following things may be occurring:

• You have not put any content on your website.
• Your provider has suspended this page.

when I'm entering the IP adress (without the "/index.php?board-list/" at the end).

2. I can't access the website by using the domain name. I guess the DNS server settings aren't right, but don't know what exactly is wrong.

3. I made an email adress with Plesk. It's using the domain name and I think that might be the problem why it's not working correctly. I entered the email adress in BB and selected php as method. Unfortunately it's not sending any email. In the menu I saw that Plesk just put them in the queue. Back in BB, this time I selected SMTP instead of php but as soon as I try to send a mail, I'll receive an error message saying it couldn't connect to the domain.

I guess you'll need more information. Just tell me what exactly you need and I'll post the info or screenshots.

A little help would be really appreciated!
Ty.

 

[egomaniacXFR]

Update:

I have solved problems #1 and #2. Just added a .htaccess file with 'redirect'.
But I still don't know what to do to make the mail system work :/

 

[UFHH01]

Hi egomaniacXFR,

it is far easier to investiagte DNS - issues, when you provide the fully-qualified-domain-name, instead of staying in the dark with anonymizing IP and domain name.
Please be aware, that Plesk is mostly not the initial nameserver. Please check your DNS - settings for example at "http://www.dnswatch.info/" or with "dig" over your command line.

 

[egomaniacXFR]

http://www.dnswatch.info/dns/dnslookup?la=de&host=doksana.net&type=A&submit=Auflösen

DNS settings in Plesk: http://fs5.directupload.net/images/151123/6vgj5ek2.jpg
And the log file (while using SMTP as sending method): http://fs5.directupload.net/images/151123/oc8ff5c6.jpg

Provided by 1&1:

• A: 82.223.18.195
• MX: mx00.kundenserver.de
• MX: mx01.kundenserver.de

 

[UFHH01]

Hi egomaniacXFR,

if you want to use your PLESK server to handle mail, I would setup your MX records as:

doksana.net.            3599    IN      MX      10 mail.doksana.net.
doksana.net.            3599    IN      MX      20 mx00.kundenserver.de.

... BUT... your IP "82.223.18.195" doesn't resolve anywhere. Please check your reverse entries at your hosting - providers control panel ( 1&1 ), or contact their support for that issue.

 

[egomaniacXFR]

Changed the MX records and added the domain to the reverse DNS entry (wrong entry?), but it's not working.
Still the syntax error when using STMP method and no error but also no emails sent when using php method in WBB.

 

[UFHH01]

Hi egomaniacXFR,

DNS - changes may take up to 48 hours, untill they are sync with all nameservers worldwide. At the moment, I can see the changes for your reverse entry, but you didn't change the MX record as suggested, which you can verify again by using "dig" over your command line, or by using http://www.dnswatch.info/ .

Please be aware, that your issue from WoltLab has got nothing to do with your mail-server itself ( please see line 3 of your error message: http://fs5.directupload.net/images/151123/oc8ff5c6.jpg ). It is just a misconfiguration. If you use SMTP as your setting, please use

SMTP-Server:      mail.doksana.net
SMTP-Port:        25
SMTP-User:        [email protected]
SMTP-Password:    YOUR_PASSWORD_WHICH_YOU_SET_UP

Update / Edit:

Currently, you now have the following entries:

doksana.net.            3599    IN      MX      10 mail.doksana.net.
doksana.net.            3599    IN      MX      20 mx00.kundenserver.de.
doksana.net.            3599    IN      MX      30 mx00.kundenserver.de.
doksana.net.            3599    IN      MX      31 mx01.kundenserver.de.

You may want to correct ( delete ) the double entry for "mx00.kundenserver.de" and should ask yourself, if you need the MX entries for "kundenserver.de".

 

[egomaniacXFR]

Ok, all done. I'm not getting an error message anymore but it seems emails still can't be sent. I'm not receiving a single mail and there aren't any listed in the queue.
I took some screenshots of the settings. Maybe these can help.

1&1:
http://fs5.directupload.net/images/151123/vh6yoz7k.jpg

Plesk:
#1 http://fs5.directupload.net/images/151123/mvnax66c.jpg
#2 http://fs5.directupload.net/images/151123/s9qevvlq.jpg
#3 http://fs5.directupload.net/images/151123/xb3qmifx.jpg
#4 http://fs5.directupload.net/images/151123/8natn99w.jpg
#5 http://fs5.directupload.net/images/151123/es9jhkm6.jpg

WBB:
http://fs5.directupload.net/images/151123/b6w67zns.jpg

Edit:

I deactivated that Port 587 service which you can see in Plesk screenshot #1 and tried again. There was no error message and I could see an email in the queue for a few seconds before disappearing. I haven't received that email unfortunately...

 

[UFHH01]

Hi egomaniacXFR,

re-activate port 587 again please, it is not the cause of any of your issues.

Please make sure, that postfix and dovecot services are running, try as well to restart the services ( Plesk Control Panel: Home > Tools & Settings > Services Management ).


Your screenshots are not very helpfull for further investigations. Please consider to post log - files from your mail.log ( location is "/var/log/" on your server ):

Odin / Parallels Plesk Panel for Linux services logs and configuration files ( KB - article: 111 283 )​

 

[egomaniacXFR]

Ok,

I re-activated port 587, chose to use the domain name in mails using SMTP, and restarted the Postfix SMTP-Server, Plesk Milter, Dovecot IMAP and POP3 server and the nginx reverse-proxy-server (one user told me he saw a 502 nginx error on the website).
It seems like it's working now. I received some mails and other users too. I think that's fine for now (as long as it works).

Thank you for your great help! I'll come back if it stops working

 

[egomaniacXFR]

Didn't took that long

A user informed me that he haven't received an email and I checked a few things with mxtoolbox.com and noticed these things:

smtp mx00.kundenserver.de Reverse DNS does not match SMTP Banner
smtp mx01.kundenserver.de Reverse DNS does not match SMTP Banner
smtp mx00.kundenserver.de Reverse DNS does not match SMTP Banner
dmarc doksana.net Missing or Invalid Record
blacklist mail.doksana.net Blacklisted by SEM FRESH
dns doksana.net SOA Expire Value out of recommended range

I guess these entries shouldn't be...

About the blacklist by SEM FRESH: they say it's automatically for some specific domains so I guess I just have to wait one or two days to get removed from that list.
About the SMTP Banner: that website tells that I should make a PTR entry. I don't know exactly where I can add such (the ISP control center only shows TXT, SRV and SPF), so I added it as a TXT along with others. This is what it looks like right now:

TXT doksana.net 60 min 195.18.223.82.in-addr.arpa. 3600 IN PTR doksana.net.
TXT doksana.net 60 min doksana.net. 172800 IN NS ns-de.1and1-dns.biz.
TXT doksana.net 60 min doksana.net. 172800 IN NS ns-de.1and1-dns.com.
TXT doksana.net 60 min doksana.net. 172800 IN NS ns-de.1and1-dns.de.
TXT doksana.net 60 min doksana.net. 172800 IN NS ns-de.1and1-dns.org.

I haven't looked at the dmarc thing.
And about the SOA error I only found out a single TTL value. Can I just change the single values in Plesk or do I have to stick to the values provided by the ISP?

 

[UFHH01]

Hi egomaniacXFR,

please remove these new TXT - records, because they are just FALSE and useless.
Your IP related PTR record is correct and existent:

195.18.223.82.in-addr.arpa. PTR 86400 doksana.net

( Please see: http://www.dnswatch.info/dns/dnslookup?la=de&host=82.223.18.195&submit=Auflösen )​

You may ignore the SOA "warning", because this warning is just a warning and can be ignored.

I did state previously:

You may want to correct ( delete ) the double entry for "mx00.kundenserver.de" and should ask yourself, if you need the MX entries for "kundenserver.de".

... because you might experience issues, when the MX - backup - servers are not configured to be slaves ( which is not the case! ). 1&1 configures these standard MX - entries, but they also inform you, that IF you have your own server ( with your own domain! ), you should delete the standard entries. Please read their documentations, or ask their support, if you need further assistance with these MX - backup - servers.


SPF entries are done these days as TXT - records. Please use for your domain:

doksana.net. TXT 3600 "v=spf1 +a +mx +a:doksana.net +ip4:82.223.18.195 ?all"

( 3600 = seconds => 60 = minutes )
​

DMARC - entries are as well done as TXT - records. Please use for example "http://www.kitterman.com/dmarc/assistant.html" and use the site to create a new TXT - record, as for example:

_dmarc.doksana.net. TXT 3600 v=DMARC1; p=none; rua=mailto:[email protected]; ruf=mailto:[email protected]; fo=0; adkim=r; aspf=r; pct=100; rf=afrf; ri=86400; sp=none

( Please make sure to create the eMail-account "[email protected]", so that your new DMARC - entry meets the standards. Please use Google for more informations to "DMARC" .)​

blacklist mail.doksana.net Blacklisted by SEM FRESH

Please read the additional informations from mxtoolbox for it:

More Information About Sem Fresh
This RHSBL run by Spam Eating Monkey contains domains registered in the last 5 days under the .AERO, .BIZ, .COM, .INFO, .NAME, .NET, .PRO, .SK, .TEL and .US TLDs. Domains are automatically expired after five days.

Sem Fresh Is A Right-Hand Side Blacklist
Domain-based Blacklists are also commonly referred to as Right-Hand-Side Black Lists (RHSBL), and as such list actual domain-names as opposed to IP addresses of outbound email servers. This would likely be as a result of your domain name being reported as sending Unsolicited Bulk Email (UBE) as opposed to your Sending MTA (Mail Transfer Agent), i.e. your outbound email server IP Address.

Sem Fresh Automatically Delists Entries
This blacklist does not offer any form of manual request to delist. Your IP Address will either automatically expire from listing after a given timeframe, or after time expires from the last receipt of spam into their spamtraps from your IP Address.


More information about SEM FRESH can be found at their website: http://spameatingmonkey.com/

Reason for listing - No Details Available

Please check as well your mail.log, as suggested before, if you experience issues and use for example "http://www.mail-tester.com/" as another reference to test your mail-server and its configuration.

Consider as well to clear your Fail2Ban - bans ( if you use Fail2Ban on your server ), because it might be, that exessive testing during your mail - server - configuration may lead to bans.

Please ask as well your users to check their spam - folder, because the mails from your server for the "Testuser", that I created for test purposes on your forum, were delivered to my spam folder as well.


Edit:

Transcript: Connecting to 82.223.18.195

Transcript: 11/24/2015 6:01:04 PM Connection attempt #1 - Unable to connect after 15 seconds. [15.00 sec]

Please make sure, that you opened all necessary ports and that no firewall blocks the needed ports!

 

[egomaniacXFR]

Ok, I've removed the TXT's and the backup mail servers.
Now, there is only mail.doksana.net listed as the mail server. It's still sending mails so I guess I didn't messed it up

Email is created but I have a problem with the dmarc entry. The name is restricted and I don't really know how to write it down correctly. I just removed that _dmarc part but I'm sure it's wrong.

I'll look for the log file later in a few hours.

Fail2Ban isn't installed.

Spam folder is at least better than no mail at all

There is a standard "Linux Firewall" installed. I'll look into it in 2-4 hours. Which ports are needed? 25 and 587?

 

[UFHH01]

Hi egomaniacXFR,

please note that you inserted your DMARC - entry at "doksana.net" and not to "_dmarc.doksana.net". When setting up a DMARC - entry, you can always insert subdomains as "mail.", "smtp." and in your case "_dmarc." in front of "doksana.net". Please don't insert entries, if they don't meet the recommendations / suggestions. I don't know your domain providers control panel, if you need help with that, please consider to contact your domain provider, because this is a PLESK - related forum.

Please see as well: https://dmarcian.com/dmarc-inspector/doksana.net


Consider NOT to use the standard firewall, if you don't know how to configure it.

Which Ports Need To Be Opened for all Plesk Services to Work with a Firewall? ( KB - article 391 )​

 

[UFHH01]

Hi egomaniacXFR,

actually, you now changed as well your hostname to "localhost.localdomain". which will cause errors. This is not a fully qualified hostname and it doesn't meet your DNS settings.

Please check:

/etc/hosts ... it should look like:

127.0.0.1    localhost.localdomain    localhost
127.0.0.1    servername.doksana.net    servername
82.223.18.195   servername.doksana.net    servername

... where "servername" can be any possible name of your choice and this should meet as well the reverse entry of your IP. See =>

195.18.223.82.in-addr.arpa. PTR 86400 doksana.net

... which you already successfully changed to "doksana.net" previously.

Please keep in mind, that IF you change the "hosts" - file with the "servername", that you have to change the SPF - entry as well to:

doksana.net. TXT 3600 "v=spf1 +a +mx +a:servername.doksana.net +ip4:82.223.18.195 ?all"

/etc/hostname ... should equal your "hosts" file and would look like this, if you change it:

servername.doksana.net

Apart from this, your mail - server is acrually now reachable as expected, but your correct DMARC - record is still missing.

 

[egomaniacXFR]

These ports are open right now. I added the last 3.

TCP 80
TCP 443
TCP 22
TCP 8443
TCP 8447
TCP 25
TCP 587
TCP 465

My hosts file contains much more localhost's and localdomain's. Is that correct? Which should I change? All of them?

I can't copy the mail.log. It says the source file couldn't be read... I can open it via Putty though...

 

[UFHH01]

Hi egomaniacXFR,

if you don't use IPv6, just use what I suggested above. ^^

 

[egomaniacXFR]

I think I messed it up...

 

[UFHH01]

Hi egomaniacXFR,

PLEASE, PLEASE, PLEASE!!! The suggestion "servername" is an EXAMPLE. Please choose a desired name of YOUR choice, to name your server and correct your mistakes. Read the suggestions AGAIN a bit more carefully, so that you just don't follow them without thinking, but as well understand it.

 

[egomaniacXFR]

Yeah, I thought so....
But would it be ok if I use the domain name? So the 2 lines would look like this: doksana.doksana.net doksana.
Or does it have to be something else?