Resolved Prepping for PLESK please help.

[Droo]

BIG EDIT!!!!!

IF YOU ARE HAVING ISSUES GETTING POSTFIX TO SEND MAILS, PLEASE DOUBLE CHECK THAT YOUR VPS/SERVER PROVIDER DOES NOT HAVE PORT 25 BLOCKED DUE TO SPAMMING AND EMAIL ABUSE.

"How can I check if port 25 is blocked?"

I would try to telnet into your VPS ip address eg.

telnet xxx.xxx.xxx.xxx 25

In case of IP address replacing
xxx.xxx.xxx.xxx with your servers IP address of course.

telnet mydomain.tld 25

In case of domain

After all the reading, trying, applying, reinstalling, pulling out of hair and eventually begging for help;
this was my problem the entire time.

/end EDIT!!!!!


Hello I'm looking for a bit of help.

Consider if:

I have a VPS with ONE ip address @ 1.2.3.4
I have domain1.tld, domain2.tld, domain3.tld
I want Plesk on server1.domain1.tld while having a website on domain1.tld
I want server1.domain1.tld to be the DNS server for all new domains.
I want server1.domain1.tld to be the mail server for all new domains.

I have set Glue records at the registrar for domain1.tld as follows:

1. ns1.domain1.tld > 1.2.3.4
   
2. ns2.domain1.tld > 1.2.3.4

I have set the DNS for domain1.tld to ns1 & ns2.domain1.tld
I have set VPS hostname to server1.domain1.tld
I have set the DNS for domain2.tld and domain3.tld to ns1 & ns2.domain1.tld

I have then installed Plesk Onyx on VPS with CentOS 7

I have set up subscriptions, and added domain1.tld, domain2.tld, and domain3.tld which all resolved.
I have tried presence builder, wordpress, and a few other applications on the domains just testing. Everything there worked fine.

I have set up email accounts for example [email protected] and tried to access it via webmail, this worked fine.
I have sent an email from a personal email account for instance "[email protected]" to "[email protected]" and this worked fine. HOWEVER , I can not send emails out from my Plesk server.

I have checked for the logs, the logs either don't exist or are empty.
I have searched and read the forums here for that problem and followed the suggestions for fixing "empty logs" and they did not work for me.
I have tried a php send mail script which also did not work so at this point I do not know what to do.

Can I get some assistance?
I'd like to know how you all setup glue records (www. mx. mail. ftp. etc etc) on your domain registrar.
I'd like to know how to properly set ptr/rdns (I have set a ptr of mail.domain1.tld to the vps's ip address)
I'd like to know what all ports you all allow through the firewall to make your Plesk run smooth as possible.

Thank you all in advance for any help with this issue.

Please note: My issue right now is "sending mail out" but I provided all of the information above in hopes that you can tell me if these seem to be the proper steps you would take to get your Plesk to work. Thanks again.

 

[UFHH01]

Hi Droo,

I want Plesk on server1.domain1.tld while having a website on domain1.tld

But you setup your server hostname to "server1.localdomain". ( I could investigate this with the provided informations over our private conversation )

Pls. go to => HOME > Tools & Settings > Server Settings > ( options ) Full hostname​

... and change your hostname to "server1.domain1.tld". This will change initiate the change your postfix configuration and as well the correct settings at "/etc/hostname". ( Pls. check the file and as well the postfix configuration files at "/etc/postfix/*" for correct settings )

Pls. don't forget to change as well the content of the file "/etc/hosts", so that it looks liek for example:

127.0.0.1    localhost.localdomain    localhost
127.0.0.1    server1.domain1.tld        server1

XXX.XXX.XXX.XXX    server1.domain1.tld        server1

( where XXX.XXX.XXX.XXX has to be replace dwith your IPv4 address )​

I can not send emails out from my Plesk server.

Have you inspected your "mail.log" for further investigations? ( especially now, after your above suggested changes? )


To avoid issues, pls. secure your subdomain "server1.domain1.tld" with a valid certificate ( you could use the free Plesk extensions "Let's Encrypt" ) and use it as well to secure your Plesk Control Panel, if you open Plesk over the URL : => server1.domain1.tld:8443

=> HOME > Tools & Settings > SSL/TLS cerificates > ( option ) Certificate for securing Plesk​

To avoid issues, pls. secure the subdomain "mail.domain1.tld" with a valid certificate ( you could use the free Plesk extensions "Let's Encrypt" ) and go to

=> HOME > Tools & Settings > SSL/TLS cerificates > ( option ) Certificate for securing mail

and secure the mail - server with this newly created Let's Encrypt certificate.​

Pls. use as well the sites "mxtoolbox.com" and "mail-tester.com" for example, to test your ( mail ) server configuration.

I'd like to know how you all setup glue records (www. mx. mail. ftp. etc etc) on your domain registrar.

Pls. use exactly the same entries, as seen over your Plesk DNS - settings, to avoid issues/errors/problems :

=> HOME > Domains > YOUR-DOMAIN.COM > DNS Settings​

I'd like to know how to properly set ptr/rdns (I have set a ptr of mail.domain1.tld to the vps's ip address)

Consider to setup your rDNS entry for your IPv4 to the very same entry as you setup your hostname and you are save to setup:

=> HOME > Tools & Settings > Mail Server Settings > ( option ) Outgoing mail mode = Send from domain IP addresses and use domain names in SMTP greeting

... to avoid issues with SMTP greetings afterwards.​

I'd like to know what all ports you all allow through the firewall to make your Plesk run smooth as possible.

Pls. visit

=> Which Ports Need To Be Opened for all Plesk Services to Work with a Firewall?

... for decent informations to your question.​

 

[Droo]

Hello again and thank you for all of your help, present and future

I will read and follow these directives one at a time until this is resolved.

But you setup your server hostname to "server1.localdomain". ( I could investigate this with the provided informations over our private conversation )

Pls. go to => HOME > Tools & Settings > Server Settings > ( options ) Full hostname
... and change your hostname to "server1.domain1.tld".

I checked, and it was already set that way:

( Pls. check the file and as well the postfix configuration files at "/etc/postfix/*" for correct settings )

I'm stopping here for the moment, after inspecting /etc/postfix/main.cf, I noticed some of these settings were not edited nor were they un-commented. I thought I would stop here and verify what these should be and whether or not they should be un-commented.

Assuming that:

1. myhostname should = server1.epicinsomniac.com
2. virtual.domain.tld should be omitted (or may I add mail.epicinsomniac.com here as well)
3. mydomain = epicinsomniac.com
4. myorigin = server1
5. myorigin = epicinsomniac.com

Please verify before I take further steps, and thank you for all your help so far.

 

[UFHH01]

Hi Droo,

I checked, and it was already set that way:

Pls. note, that your screenshot doesn't include "epiciXXXXniac.com", but only "server1" at your file "/etc/hostname". Pls. consider to correct this to your FULL QUALIFIED DOMAIN NAME ( FQDN ) => server1.epiciXXXXniac.com

/etc/postfix/main.cf

Pls. note, that standard configuations are ALWAYS commented with a "#" in front, which means, that these settings are not used, but are instead examples or/and comments.
Pls. scroll down untill you get to your "real" - configuation settings, which then should show you the correct used settings.

 

[Droo]

I fixed /etc/hostname then proceeded to examine /etc/postfix/main.cf and I found no other areas containing those items (myhostname, mydomain, myorigin, etc) that weren't commented out nor any that contained any of my server information. Am I simply over-looking them? Providing entirety of main.cf in a code box:

EDIT: The forum did not like that code box, it was too many characters so I have provided a plain link to it, would you please take a look?

http://epicinsomniac.com/main.cf

It should appear as easily searchable text (control + F)


My apologies if this is considered bad form, just trying to get to the bottom of my troubles. Please advise.

 

[UFHH01]

Hi Droo,

pls. consider to use

plesk repair mail -y -v

... and check your config again afterwards.

( your main.cf - link can be removed again, thx! )

 

[Droo]

I see no changes in information in the new main.cf file, to be sure it wasn't some weird permissions problem I created a backup of main.cf then deleted main.cf.
I then

plesk repair mail -y -v

again. It created a new main.cf but heavily truncated and with none of the relevant server information. I have since copied the backup back to main.cf

Recommend my next step? Thank you.

 

[UFHH01]

Hi Droo,

Recommend my next step?

A manual edit

If ( for what ever reason ) your Plesk Repair procedure didn't succeed, pls. note the following standard configuration for you:

myhostname = server1.epiciXXXXniac.com[/INDENT]
myorigin = /etc/mailname
mydestination = localhost.epiciXXXXniac.com, localhost, localhost.localdomain

relayhost =
mynetworks = , 127.0.0.0/8 [::1]/128 XXX.XXX.XXX.XXX/32

 

[Droo]

Alright moving along. I checked the mail log again (which by the way isn't located where 90% of the posts say it is) @ /var/logs/maillog

Previously I had major issues trying to get that to populate and several fixes I tried didn't work. What finally worked for me was:

yum -y install rsyslog

After doing this, apparently it fixed whatever permissions issue was going on.

The log was huge so I deleted it then restarted postfix and rsyslog service. Rebooted the VPS too just to be on the safe side. Now my maillog is as follows:

Sep 20 05:30:19 server1 /usr/lib64/plesk-9.0/psa-pc-remote[14784]: PleskFilter: mi_stop=1
Sep 20 05:30:19 server1 postfix/postfix-script[15323]: stopping the Postfix mail system
Sep 20 05:30:19 server1 postfix/master[15278]: terminating on signal 15
Sep 20 05:30:23 server1 dovecot: master: Warning: Killed with signal 15 (by pid=15326 uid=0 code=kill)
Sep 20 05:30:56 server1 dovecot: master: Dovecot v2.2.27 (c0f36b0) starting up for imap, pop3, sieve (core dumps disabled)
Sep 20 05:30:59 server1 postfix/postfix-script[1088]: warning: not set-gid or not owner+group+world executable: /usr/sbin/postdrop
Sep 20 05:30:59 server1 postfix/postfix-script[1095]: starting the Postfix mail system
Sep 20 05:30:59 server1 postfix/master[1097]: daemon started -- version 2.10.1, configuration /etc/postfix

I checked my Plesk mail queue:

then:

postqueue -f

Rechecked Plesk mail queue:

Good, they are back to active instead of deferred, but it didn't last, they very soon went back to deferred so I checked the newer /var/logs/maillog

Sep 20 05:43:07 server1 plesk_saslauthd[4059]: privileges set to (89:89) (effective 89:89)
Sep 20 05:43:07 server1 plesk_saslauthd[4059]: failed mail authenticatication attempt for user 'student' (password len=9)
Sep 20 05:43:07 server1 postfix/smtpd[4056]: warning: unknown[37.189.246.168]: SASL LOGIN authentication failed: authentication failure
Sep 20 05:43:07 server1 postfix/smtpd[4056]: disconnect from unknown[37.189.246.168]
Sep 20 05:43:22 server1 postfix/smtp[4051]: connect to gmail-smtp-in.l.google.com[2607:f8b0:4003:c0b::1a]:25: Connection timed out
Sep 20 05:43:23 server1 postfix/smtp[4052]: connect to gmail-smtp-in.l.google.com[2607:f8b0:4003:c0b::1b]:25: Connection timed out
Sep 20 05:43:23 server1 postfix/smtp[4051]: connect to gmail-smtp-in.l.google.com[64.233.180.26]:25: Connection refused
Sep 20 05:43:24 server1 postfix/smtp[4053]: connect to gmail-smtp-in.l.google.com[2607:f8b0:4003:c0b::1a]:25: Connection timed out
Sep 20 05:43:24 server1 postfix/smtp[4054]: connect to gmail-smtp-in.l.google.com[2607:f8b0:4003:c0b::1a]:25: Connection timed out
Sep 20 05:43:25 server1 postfix/smtp[4052]: connect to alt1.gmail-smtp-in.l.google.com[173.194.219.27]:25: Connection refused
Sep 20 05:43:25 server1 postfix/smtp[4053]: connect to alt1.gmail-smtp-in.l.google.com[173.194.219.26]:25: Connection refused
Sep 20 05:43:26 server1 postfix/smtp[4055]: connect to gmail-smtp-in.l.google.com[2607:f8b0:4003:c0b::1a]:25: Connection timed out
Sep 20 05:43:26 server1 postfix/smtp[4055]: connect to alt1.gmail-smtp-in.l.google.com[173.194.219.27]:25: Connection refused
Sep 20 05:43:37 server1 plesk_saslauthd[4059]: select timeout, exiting
Sep 20 05:43:54 server1 postfix/smtp[4051]: connect to alt1.gmail-smtp-in.l.google.com[2607:f8b0:4002:c03::1a]:25: Connection timed out
Sep 20 05:43:54 server1 postfix/smtp[4054]: connect to alt1.gmail-smtp-in.l.google.com[2607:f8b0:4002:c03::1b]:25: Connection timed out
Sep 20 05:43:55 server1 postfix/smtp[4052]: connect to alt1.gmail-smtp-in.l.google.com[2607:f8b0:4002:c03::1a]:25: Connection timed out
Sep 20 05:43:55 server1 postfix/smtp[4051]: connect to alt1.gmail-smtp-in.l.google.com[173.194.219.27]:25: Connection refused
Sep 20 05:43:55 server1 postfix/smtp[4054]: connect to alt1.gmail-smtp-in.l.google.com[173.194.219.26]:25: Connection refused
Sep 20 05:43:55 server1 postfix/smtp[4053]: connect to alt1.gmail-smtp-in.l.google.com[2607:f8b0:4002:c03::1b]:25: Connection timed out
Sep 20 05:43:56 server1 postfix/smtp[4052]: connect to alt2.gmail-smtp-in.l.google.com[173.194.66.27]:25: Connection refused
Sep 20 05:43:56 server1 postfix/smtp[4052]: A4DD61E1FFE: to=<[email protected]>, relay=none, delay=58687, delays=58624/0.01/63/0, dsn=4.4.1, status=deferred (conn$
Sep 20 05:43:56 server1 postfix/smtp[4055]: connect to alt1.gmail-smtp-in.l.google.com[2607:f8b0:4002:c03::1a]:25: Connection timed out
Sep 20 05:43:58 server1 postfix/smtp[4054]: connect to alt2.gmail-smtp-in.l.google.com[173.194.66.26]:25: Connection refused
Sep 20 05:43:58 server1 postfix/smtp[4054]: 1CD501E2010: to=<[email protected]>, relay=none, delay=29652, delays=29587/0.03/65/0, dsn=4.4.1, status=deferred (conn$
Sep 20 05:43:58 server1 postfix/smtp[4053]: connect to alt2.gmail-smtp-in.l.google.com[173.194.66.26]:25: Connection refused
Sep 20 05:43:58 server1 postfix/smtp[4053]: 4C6641E209A: to=<[email protected]>, relay=none, delay=26927, delays=26862/0.02/65/0, dsn=4.4.1, status=deferred (conn$
Sep 20 05:44:25 server1 postfix/smtp[4051]: connect to alt2.gmail-smtp-in.l.google.com[2607:f8b0:400d:c01::1a]:25: Connection timed out
Sep 20 05:44:25 server1 postfix/smtp[4051]: 5D33C1E1F6A: to=<[email protected]>, relay=none, delay=59070, delays=58977/0.02/92/0, dsn=4.4.1, status=deferred (conn$
Sep 20 05:44:26 server1 postfix/smtp[4055]: connect to alt2.gmail-smtp-in.l.google.com[2607:f8b0:400d:c01::1a]:25: Connection timed out
Sep 20 05:44:26 server1 postfix/smtp[4055]: 636701E2013: to=<[email protected]>, relay=none, delay=29679, delays=29585/0.04/93/0, dsn=4.4.1, status=deferred (con$
Sep 20 05:44:53 server1 postfix/smtpd[4090]: connect from 216-188-224-46.static.grandenetworks.net[216.188.224.46]
Sep 20 05:44:53 server1 plesk_saslauthd[4092]: listen=6, status=5, dbpath='/var/spool/postfix/plesk/passwd.db', keypath='/var/spool/postfix/plesk/passwd_db_key', $
Sep 20 05:44:53 server1 plesk_saslauthd[4092]: privileges set to (89:89) (effective 89:89)
Sep 20 05:44:53 server1 plesk_saslauthd[4092]: failed mail authenticatication attempt for user 'awards' (password len=8)
Sep 20 05:44:53 server1 postfix/smtpd[4090]: warning: 216-188-224-46.static.grandenetworks.net[216.188.224.46]: SASL Login authentication failed: authentication f$
Sep 20 05:44:53 server1 postfix/smtpd[4090]: lost connection after AUTH from 216-188-224-46.static.grandenetworks.net[216.188.224.46]
Sep 20 05:44:53 server1 postfix/smtpd[4090]: disconnect from 216-188-224-46.static.grandenetworks.net[216.188.224.46]

Looks like some connection refused (as well as some script kiddies trying to use my box to spam already apparently even though it isn't working yet )

 

[Droo]

Huge progress from mxtoolbox, the warnings and errors are dwindling.

I am still following your initial instructions, just slowly. I want to understand why things are the way they are.

 

[Droo]

Even though I'm getting green lights "good" from a few services that check my configuration, I still can't seem to send an email out.
I did however add domain2.tld to subscriptions and tested it. Loaded no problem. I added an email address "[email protected]" and used webmail to send a message from "[email protected]" to "[email protected]" but I guess that was never an issue. Just an update.

LetsEncrypt certs applied to server1.epicxxxx.com and mail.epicxxxx.com although, it would not allow me to add it to server1, I had to add it to mail first, then CHANGE the cert on "plesk" to the cert in the pool.

Quick question. I do not have to literally "add" the subdomains "server1" and "mail" do I? Thanks again UFHH01, I'm going to call it a night and pick this up again tomorrow.

 

[UFHH01]

Hi Droo,

Quick question. I do not have to literally "add" the subdomains "server1" and "mail" do I?

If you don't do that and desire a Let's Encrypt certificate over the Plesk Control Panel, you have only the option to apply for a certificate for YOUR-DOMAIN.COM and WWW.YOUR-DOMAIN.COM, which would never match server1.YOUR-DOMAIN.COM or mail.YOUR-DOMAIN.COM, so a certificate would be invalid for both of these.


Additional explanations for Let's Encrypt:
The Let's Encrypt validation process, is to validate over http, by placing temporary files and folders at "/var/www/vhosts/YOUR-DOMAIN.COM/httpdocs/.well-known". If the Let's Encrypt authority is not able to validate the temporary files, you won't be able to get a certificate for YOUR-DOMAIN.COM and www.YOUR-DOMAIN.COM. The same goes with subdomain - certificates from Let's Encrypt, if the validation process can't validate a file at "/var/www/vhosts/YOUR-DOMAIN.COM/server1.YOUR-DOMAIN.COM/.well-known/acme-challenge/*", you can't get a certificate for "server1.YOUR-DOMAIN.COM".

 

[Droo]

Hello again! I've always had to apply for certs for customers it was always a pain but it has been a long while. I never knew about Let's Encrypt until I started using Plesk. Anyway moving on, I have added server1.epicxxxxxx.com and mail.epicxxxxxx.com subdomains, then used let's encrypt on them to secure them.

Moving on:
"I'd like to know how you all setup glue records (www. mx. mail. ftp. etc etc) on your domain registrar."

Pls. use exactly the same entries, as seen over your Plesk DNS - settings, to avoid issues/errors/problems :

=> HOME > Domains > YOUR-DOMAIN.COM > DNS Settings

These are my current DNS settings and glue records at the domain registrar for epicinsomniac.com

Please note that my "addon domains" (spacecowboy.me for example) only have their DNS set to ns1/ns2.epicinsomniac.com, no glue records, at their registrars.

Upon using mxtoolbox to check on spacecowboy.me, it showed many errors until I used:

=> HOME > Domains > spacecowboy.me > DNS Settings

and changed its DNS records from ns1/ns2.spacecowboy.me to ns1/ns2.epicinsomniac.com

I'm now wondering if I should change the MX record to "mail.epicinsomniac.com" but the existing mail record points the to VPS ip address anyway, it is just a curiosity.

I will take a short break here to ask you to look over what I've done and correct me where I'm wrong and get a bite to eat (it actually did not take long of course, it took longer to get and post screen shots and double check everything lol, I just want to be thorough.) Thank you for helping me through this journey so far!

 

[UFHH01]

Hi Droo,

pls. note that most domain providers / server providers have unique control panels, not related to Plesk, it's components and extensions. Pls. consider to ask YOUR domain provider / server provider for help, if you have questions related to THEIR control panel.

 

[Droo]

Yes I'm quite used to several different domain providers control panels, I was just simply showing you my settings to verify everything was as it should be.

There was not much left to do so I have completed:

Consider to setup your rDNS entry for your IPv4 to the very same entry as you setup your hostname and you are save to setup:

=> HOME > Tools & Settings > Mail Server Settings > ( option ) Outgoing mail mode = Send from domain IP addresses and use domain names in SMTP greeting

... to avoid issues with SMTP greetings afterwards

I did this via my VPS control panel under ptr/rdns:

I had this set for "mail.epicinsomniac.com" as per a forum post somewhere while seeking help before. I have changed it to "server1.epicinsomniac.com" per your instructions.
I then made the mail server settings change that you suggested. Next is to check firewall ports.

 

[Droo]

After a server restart and > postqueue -f in the console, still no mail going out. I started double checking things and found this:

That looks VERY messy, does that look right to you?

 

[UFHH01]

Hi Droo,

pls. scroll up to => #2 , to see the recommendations for your "/etc/hosts" - file.

still no mail going out

Interesting would be the corresponding entries from your "mail.log" for further investigations.

 

[Droo]

so you want to remove everything that is there, and redo the hosts file exactly like step 2?

Including maillog (I do not have mail.log I only have /var/log/maillog that may not be important, just pointing it out again just in case.

 

[Droo]

Update: I just double checked /etc/hostname and it had reverted back to just server1 instead of server1.epicinsomniac.com
So I edited it again, saved and rebooted the server. It reset back to server1 only.

Frustrating. Anyway I did some digging and ended up contacting my VPS provider and they had this to say:

"Setting hostname via command line will not work. It will get reset after a reboot.
You can change the hostname by login to your ssdnodes control panel".

Which I have already done a long time ago but I double checked anyway:

Do you think this is going to end up being a problem? Is this why the /etc/hosts looks so ugly?

 

[UFHH01]

Hi Droo,

I do not have mail.log I only have /var/log/maillog that may not be important, just pointing it out again just in case.

Just for your notice, this is not relevant and depends on your syslog - settings - - - some distributions have as standart configuration "mail.log", the others "maillog".

so you want to remove everything that is there, and redo the hosts file exactly like step 2?

Well, I recommend it, because these are the correct settings. I you desire to leave it this way, you could experience issues/errors/problems.

You included your current mail.log, without having a tiny little look at it, am I correct with this assumption?
I mention this, because there is no single entry at the moment about an eMail to "[email protected]", so there is no possibility to investigate the issue.