Cant send email

Hi

I have Hestia

  • Hestia Control Panel v1.9.3
  • Operating SystemUbuntu 22.04 (x86_64)

I cant send emails. i can login to the webmail, recive emails but php or webmail wont sent out any emails that i send from email or from my website, do anyone know the reason for this could be m?

We need some more information. Maybe some logs and how is your configuration.

You set all DNS records? Any error message?

I set the email setting in hestia when i installed it and DNS is

; A Record
@ 600 IN A 164.68.121.42
cloud 600 IN A 164.68.121.42
mail 600 IN A 164.68.121.42
webmail 600 IN A 164.68.121.42
www 3600 IN A 164.68.121.42

; NS Record
@ 3600 IN NS ns51.domaincontrol.com.
@ 3600 IN NS ns52.domaincontrol.com.
164.68.121.42 3600 IN NS ns1.xxx.com.

; MX Record
@ 3600 IN MX 10 mail.xxx.xcom.

I suppose you domain is the one similar to spotify.com, if that’s the case, the DNS records added in Hestia doesn’t matter because you are using external name servers.

It looks like you are using Brevo as smtp relay, at least you have a TXT record to validate the domain in Brevo.

Try to send a mail and check the Exim log to know what’s going on:

tail -n30 /var/log/exim4/mainlog
2 Likes
2025-06-12 21:00:04 1uPn9g-002pIC-H5 <= [email protected] U=root P=local S=1148 [email protected]
2025-06-12 21:00:04 1uPn9g-002pIC-H5 => admin <[email protected]> R=localuser T=local_delivery
2025-06-12 21:00:04 1uPn9g-002pIC-H5 Completed
2025-06-12 21:00:06 no host name found for IP address 66.63.187.179
2025-06-12 21:01:14 dovecot_login authenticator failed for c-85-225-19-144.bbcust.telenor.se [85.225.19.144]: 535 Incorrect authentication data ([email protected])
2025-06-12 21:01:34 TLS error on connection from [222.215.41.28] (gnutls_handshake): The TLS connection was non-properly terminated.
2025-06-12 21:01:39 no host name found for IP address 115.23.23.103
2025-06-12 21:01:47 no host name found for IP address 111.26.62.42
2025-06-12 21:01:48 dovecot_login authenticator failed for ([115.23.23.103]) [115.23.23.103]: 535 Incorrect authentication data (set_id=akxxxoto-moxxxka)
2025-06-12 21:01:54 dovecot_login authenticator failed for ([111.26.62.41]) [111.26.62.42]: 535 Incorrect authentication data ([email protected])
2025-06-12 21:02:06 dovecot_login authenticator failed for ([223.76.212.16]) [223.76.212.16]: 535 Incorrect authentication data (set_id=akaxxxto-mxka)xx
root@cloud:~#

That doesn’t show anything relevant to your issue. I see a mail delivered to a local domain and several authentication failures.

As I said, you should try to reproduce the issue and then check the log for the relevant lines. If tail -n30 doesn’t show them, check the entire log.

I had this in my inbox this morning.

## Warning: message 1uPBEU-001AFR-RT delayed 48 hours

![Contact photo](https://webmail.sxxy.com/skins/elastic/images/contactpic.svg)

From [Mail Delivery System](mailto:[email protected]) on 2025-06-13 09:18

[Details](https://webmail.sxxfy.com/?_task=mail&_caps=pdf%3D1%2Cflash%3D0%2Ctiff%3D0%2Cwebp%3D1%2Cpgpmime%3D0&_uid=768&_mbox=INBOX&_framed=1&_action=preview#headers) [Headers](https://webmail.sxxfy.com/?_task=mail&_caps=pdf%3D1%2Cflash%3D0%2Ctiff%3D0%2Cwebp%3D1%2Cpgpmime%3D0&_uid=768&_mbox=INBOX&_framed=1&_action=preview#all-headers)

This message was created automatically by mail delivery software.
A message that you sent has not yet been delivered to one or more of its
recipients after more than 48 hours on the queue on cloud.xxtfy.com.

The message identifier is: 1uPBEU-001AFR-RT
The date of the message is: Wed, 11 Jun 2025 04:30:30 +0200
The subject of the message is: test

The address to which the message has not yet been delivered is:

[[email protected]](mailto:[email protected])

No action is required on your part. Delivery attempts will continue for
some time, and this warning may be repeated at intervals if the message
remains undelivered. Eventually the mail delivery software will give up,
and when that happens, the message will be returned to you.

Reporting-MTA: dns; localhost

Action: delayed
Final-Recipient: rfc822;[[email protected]](mailto:[email protected])
Status: 4.0.0

Return-path: <[[email protected]](mailto:[email protected])>
Received: from localhost ([127.0.0.1] helo=webmail.xxxtfy.com)
by cloud.xxxfy.com with esmtpa (Exim 4.95)
(envelope-from <[[email protected]](mailto:[email protected])>)
id 1uPBEU-001AFR-RT
for [[email protected]](mailto:[email protected]);
Wed, 11 Jun 2025 04:30:31 +0200
MIME-Version: 1.0
Date: Wed, 11 Jun 2025 04:30:30 +0200
From: [[email protected]](mailto:[email protected])
To: [[email protected]](mailto:[email protected])
Subject: test
Message-ID: <[[email protected]](mailto:[email protected])>
X-Sender: [[email protected]](mailto:[email protected])
Content-Type: text/plain; charset=US-ASCII;
format=flowed
Content-Transfer-Encoding: 7bit

I don’t see the reason for the error in that mail.

As I said, try to send a new mail and check the log.

You can check the ID of the message you posted, but you might get a lot of lines, or the first log may have already been deleted.

exigrep '1uPBEU-001AFR-RT' /var/log/exim4/mainlog* --no-pager | sort

I tried to send another email and got this

iagnostic-Code: smtp; 550-5.7.26 Your email has been blocked because the sender is unauthenticated.
550-5.7.26 Gmail requires all senders to authenticate with either SPF or DKIM.
550-5.7.26
550-5.7.26 Authentication results:
550-5.7.26 DKIM = did not pass
550-5.7.26 SPF [xxxfy.com] with ip: [164.68.121.42] = did not pass
550-5.7.26
550-5.7.26 For instructions on setting up authentication, go to
550 5.7.26 Email sender guidelines - Google Workspace Admin Help a640c23a62f3a-adec897be7asi495514166b.568 - gsmtp

Subject test
From [email protected]
To xxot
Date Today 20:19

And update the DNS with SPF1 and DKIM and tried again, i got the email to my inbox. I got it to the spam folder, is that something that will got away automatically ?

2025-06-15 21:27:24 1uQt0m-000oRG-2S <= [email protected] H=localhost (webmail.sxxxx.com) [127.0.0.1] P=esmtpa A=dovecot_login:[email protected] S=523 [email protected]
2025-06-15 21:27:24 1uQt0m-000oRG-2S H=gmail-smtp-in.l.google.com [74.125.143.26] TLS error on connection (recv): The TLS connection was non-properly terminated.
2025-06-15 21:27:24 1uQt0m-000oRG-2S => [email protected] R=dnslookup T=remote_smtp H=gmail-smtp-in.l.google.com [74.125.143.26] X=TLS1.3:ECDHE_X25519__ECDSA_SECP256R1_SHA256__AES_256_GCM:256 CV=yes K C=“250 2.0.0 OK 4fb4d7f45d1cf-608b49d0107si5387569a12.360 - gsmtp”
2025-06-15 21:27:24 1uQt0m-000oRG-2S Completed
root@cloud:~#

Hi @razzera,

If you’re able to log into webmail and receive emails, but can’t send them either via webmail or PHP it’s likely related to outbound SMTP restrictions.

Please check with your hosting provider to confirm if:

  1. SMTP ports (especially Port 25, 465, or 587) are blocked – Many hosting providers block Port 25 by default to prevent spam.
  2. Your server’s IP address is blacklisted – This can also prevent emails from being sent or delivered properly.

If neither of these are the issue, and assuming you haven’t made manual changes to the mail server configuration files, Hestia should work out of the box for sending mail after installation.

Also worth checking:

  • Mail logs (/var/log/exim4/mainlog or /var/log/mail.log) for any delivery errors.
  • Ensure that SPF, DKIM, and PTR records are correctly set for your domain.

Let me know what you find and I can help troubleshoot further.

I checked your IP address, and it appears to be blacklisted:

:link: SpamRATS! - SpamRATS Lookup Tool!

This is likely the reason you’re unable to send emails. I recommend requesting delisting from the blacklist and then testing email sending again. Once the IP is clean, outgoing mail should start working as expected assuming no other configuration changes were made.

was removed without a problem and all passed now so let’s see what happens! :o

Hi again

Webmail is working, however sending trough PHP seems to been not working.

I went to my website and went to “forgot password” and enterd my emails.

forgot password

An email has been sent with further instructions on how to reset your password. Please check your email inbox.

i go to my gmail inbox and i have no email, not in spam or inbox.

I see nothing in tail -n30 /var/log/exim4/mainlog

Anyone know where i can see anything or what the problem might be ?

The method for sending emails via the script is configuration for email_method = php

Try using GitHub - PHPMailer/PHPMailer: The classic email sending library for PHP

Is SMTP the other option ?

I tried SMTP and got the following response now.

And i see the following

root@cloud:~# tail -n30 /var/log/exim4/mainlog
2025-06-20 12:52:06 H=vmiXXXXXXX.contaboserver.net (XXXX.com) [16x.x8.1x1.4x] F=<[email protected]> rejected RCPT <[email protected]>: relay not permitted
2025-06-20 12:52:06 unexpected disconnection while reading SMTP command from vmiXXXXXXX.contaboserver.net (xxx.com) [16x.x8.1x1.4x] D=0s

Can guys help out ?

settings in the script php files

Image: https://imgur.com/a/wdVr7mf

Email Settings	The email address new account registrations will be sent from.	[email protected]
configuration	Email Settings	The method for sending emails via the script.
configuration	Email Settings	Your SMTP host if you've selected SMTP email method. (leave blank is email_method = php)	mail.xxx.com	edit
configuration	Email Settings	Your SMTP port if you've selected SMTP email method. (Normally 25)	587	edit
configuration	Email Settings	Whether your SMTP server requires authentication.	yes	edit
configuration	Email Settings	Your SMTP username if SMTP auth is required.	[email protected]	edit
configuration	Email Settings	Your SMTP password if SMTP auth is required.	*PASSWORD*	edit

The error message is shown by Exim when the domain is not in the local_domains or relay_to_domains lists.

❯ grep -A1 'relay not permitted' /etc/exim4/exim4.conf.template
  require message       = relay not permitted
          domains       = +local_domains : +relay_to_domains

Both variables get their domain list from the following options:

❯ grep -E '(local|to)_domains =' /etc/exim4/exim4.conf.template
domainlist local_domains = dsearch;/etc/exim4/domains/
domainlist relay_to_domains = dsearch;/etc/exim4/domains/

That means the variables are populated with the domain names from the files in the /etc/exim4/domains/ directory.

Do the FROM user and domain ([email protected]) exists?

root@cloud:~# grep -A1 'relay not permitted' /etc/exim4/exim4.conf.template
  require message       = relay not permitted
          domains       = +local_domains : +relay_to_domains
root@cloud:~# grep -E '(local|to)_domains =' /etc/exim4/exim4.conf.template
domainlist local_domains = dsearch;/etc/exim4/domains/
domainlist relay_to_domains = dsearch;/etc/exim4/domains/

Sebd and recived with out a problem ?


image

2025-06-20 20:26:04 1uSgRA-0009Q8-Bv <= [email protected] H=localhost (webmail.sptfy.com) [127.0.0.1] P=esmtpa A=dovecot_login:[email protected] S=528 [email protected]
2025-06-20 20:26:04 1uSgRA-0009Q8-Bv H=gmail-smtp-in.l.google.com [108.177.127.27] TLS error on connection (recv): The TLS connection was non-properly terminated.
2025-06-20 20:26:04 1uSgRA-0009Q8-Bv => [email protected] R=dnslookup T=remote_smtp H=gmail-smtp-in.l.google.com [108.177.127.27] X=TLS1.3:ECDHE_X25519__ECDSA_SECP256R1_SHA256__AES_256_GCM:256 CV=yes K C="250 2.0.0 OK a640c23a62f3a-ae0545a5381si203181166b.766 - gsmtp"
2025-06-20 20:26:04 1uSgRA-0009Q8-Bv Completed

But when i try the “forgot password” function on my website i get

2025-06-20 20:29:28 H=vmixxxxx.contaboserver.net (xy.cxxxom) [1xx.x8.12x.xxx] F=<[email protected]> rejected RCPT <[email protected]>: relay not permitted
2025-06-20 20:29:28 unexpected disconnection while reading SMTP command from vmixxxxx.contaboserver.net (xxxxxy.com) [1xx.x8.12x.xxx] D=0s

What’s the plugin you are using to send emails?

The part to set the smtp settings, is there some option to specify STARTTLS or TLS?

Instead of mail.sxxxx.com try 127.0.0.1 as smtp server.

1 Like

setting 127.0.0.1 as the smtp server worked like a charm!!! :smiley:

2 Likes