Facebook
Twittergregconway
Basic Pleskian
Morning all!
I am busy replacing CentOS 6 boxes with new CentOS8 boxes. I have four CentOS 8 boxes so far.
One of them is a vps (which shouldn't make a difference but mentioning this as it's what's different from the rest!) has a strange problem where it's sending some traffic from the wrong IP address.
I have the following setup -
IP address 1 - 1.2.3.4 - with hostname domain.com
IP address 2 - 1.2.3.5 - with a random hostnam - say ssh.domain.com, as I use this purely for SSH access.
IP address 3 - 1.2.3.6 - with hostname domain1.com. This is the Plesk subscription that is sending email.
Usually when FTP'ing site backups to other boxes this would normally come from 1.2.3.4 / domain.com.
But in this case I noticed that FTP traffic is instead coming from 1.2.3.5 - the IP address that is used for SSH access, and nothing else!
At this stage I didn't think tooo much of it. amended the firewall on the FTP server accordingly and moved on!
Now I have gone live with the box I realise from the deferred emails that emails are sending from the wrong IP.
In older versions of Plesk mail was alwasys sent from the primary IP address (1.2.3.4 / domain.com)
In Plesk Obsidian we have these options for outgoing mail -
Send from domain IP addresses
Send from domain IP addresses and use domain names in SMTP greetings
Send from the specific IP addresses (with a choice of IPs present on the box)
So I figured the second option makes most sense, and sent that.
To my mind that means the users of this subscription can send their email and it will appear from 1.2.3.6 with hostname domain1.com.
However... I am seeing the below error, which indicates that instead of sending from domain IP address and using domain name in SMTP greeting - like FTP, emails are being sent from 1.2.3.5!
to=<[email protected]>, relay=mx.ab.relay.server.net[9.8.7.6]:25, delay=12936, delays=12935/0.04/0.07/0, dsn=4.0.0, status=deferred (host mx.ab.relay.server.net[9.8.7.6] refused to talk to me: 421 EHLO MXIN201 Your HELO/EHLO domain.com is not matching your DNS configuration domain.com ;id=cC6bkgi6o59Ki;sid=cC6bkgi6o59Ki;mta=mx3.af;d=20201109;t=173433[TIZ];ipsrc=1.2.3.5; )
additionally I've had various SPF bouncebacks advising me the server was sending from 1.2.3.5. I've added 1.2.3.5 to the SPF record for domain and that's resolved this particular issue, but not in the right way!
I'm sure there's something very simply in a file that I need to change to correct his.... does anybody have an ideas what this file/change might be?!
Thanks for any help received!
I am busy replacing CentOS 6 boxes with new CentOS8 boxes. I have four CentOS 8 boxes so far.
One of them is a vps (which shouldn't make a difference but mentioning this as it's what's different from the rest!) has a strange problem where it's sending some traffic from the wrong IP address.
I have the following setup -
IP address 1 - 1.2.3.4 - with hostname domain.com
IP address 2 - 1.2.3.5 - with a random hostnam - say ssh.domain.com, as I use this purely for SSH access.
IP address 3 - 1.2.3.6 - with hostname domain1.com. This is the Plesk subscription that is sending email.
Usually when FTP'ing site backups to other boxes this would normally come from 1.2.3.4 / domain.com.
But in this case I noticed that FTP traffic is instead coming from 1.2.3.5 - the IP address that is used for SSH access, and nothing else!
At this stage I didn't think tooo much of it. amended the firewall on the FTP server accordingly and moved on!
Now I have gone live with the box I realise from the deferred emails that emails are sending from the wrong IP.
In older versions of Plesk mail was alwasys sent from the primary IP address (1.2.3.4 / domain.com)
In Plesk Obsidian we have these options for outgoing mail -
Send from domain IP addresses
Send from domain IP addresses and use domain names in SMTP greetings
Send from the specific IP addresses (with a choice of IPs present on the box)
So I figured the second option makes most sense, and sent that.
To my mind that means the users of this subscription can send their email and it will appear from 1.2.3.6 with hostname domain1.com.
However... I am seeing the below error, which indicates that instead of sending from domain IP address and using domain name in SMTP greeting - like FTP, emails are being sent from 1.2.3.5!
to=<[email protected]>, relay=mx.ab.relay.server.net[9.8.7.6]:25, delay=12936, delays=12935/0.04/0.07/0, dsn=4.0.0, status=deferred (host mx.ab.relay.server.net[9.8.7.6] refused to talk to me: 421 EHLO MXIN201 Your HELO/EHLO domain.com is not matching your DNS configuration domain.com ;id=cC6bkgi6o59Ki;sid=cC6bkgi6o59Ki;mta=mx3.af;d=20201109;t=173433[TIZ];ipsrc=1.2.3.5; )
additionally I've had various SPF bouncebacks advising me the server was sending from 1.2.3.5. I've added 1.2.3.5 to the SPF record for domain and that's resolved this particular issue, but not in the right way!
I'm sure there's something very simply in a file that I need to change to correct his.... does anybody have an ideas what this file/change might be?!
Thanks for any help received!
Last edited:
