Cant send email

1

Hi

I have Hestia

  • Hestia Control Panel v1.9.3
  • Operating SystemUbuntu 22.04 (x86_64)

I cant send emails. i can login to the webmail, recive emails but php or webmail wont sent out any emails that i send from email or from my website, do anyone know the reason for this could be m?

2

We need some more information. Maybe some logs and how is your configuration.

You set all DNS records? Any error message?

3

I set the email setting in hestia when i installed it and DNS is

; A Record
@ 600 IN A 164.68.121.42
cloud 600 IN A 164.68.121.42
mail 600 IN A 164.68.121.42
webmail 600 IN A 164.68.121.42
www 3600 IN A 164.68.121.42

; NS Record
@ 3600 IN NS ns51.domaincontrol.com.
@ 3600 IN NS ns52.domaincontrol.com.
164.68.121.42 3600 IN NS ns1.xxx.com.

; MX Record
@ 3600 IN MX 10 mail.xxx.xcom.

4

I suppose you domain is the one similar to spotify.com, if that’s the case, the DNS records added in Hestia doesn’t matter because you are using external name servers.

It looks like you are using Brevo as smtp relay, at least you have a TXT record to validate the domain in Brevo.

Try to send a mail and check the Exim log to know what’s going on:

tail -n30 /var/log/exim4/mainlog
2 Likes
5 
2025-06-12 21:00:04 1uPn9g-002pIC-H5 <= [email protected] U=root P=local S=1148 [email protected]
2025-06-12 21:00:04 1uPn9g-002pIC-H5 => admin <[email protected]> R=localuser T=local_delivery
2025-06-12 21:00:04 1uPn9g-002pIC-H5 Completed
2025-06-12 21:00:06 no host name found for IP address 66.63.187.179
2025-06-12 21:01:14 dovecot_login authenticator failed for c-85-225-19-144.bbcust.telenor.se [85.225.19.144]: 535 Incorrect authentication data ([email protected])
2025-06-12 21:01:34 TLS error on connection from [222.215.41.28] (gnutls_handshake): The TLS connection was non-properly terminated.
2025-06-12 21:01:39 no host name found for IP address 115.23.23.103
2025-06-12 21:01:47 no host name found for IP address 111.26.62.42
2025-06-12 21:01:48 dovecot_login authenticator failed for ([115.23.23.103]) [115.23.23.103]: 535 Incorrect authentication data (set_id=akxxxoto-moxxxka)
2025-06-12 21:01:54 dovecot_login authenticator failed for ([111.26.62.41]) [111.26.62.42]: 535 Incorrect authentication data ([email protected])
2025-06-12 21:02:06 dovecot_login authenticator failed for ([223.76.212.16]) [223.76.212.16]: 535 Incorrect authentication data (set_id=akaxxxto-mxka)xx
root@cloud:~#
6

That doesn’t show anything relevant to your issue. I see a mail delivered to a local domain and several authentication failures.

As I said, you should try to reproduce the issue and then check the log for the relevant lines. If tail -n30 doesn’t show them, check the entire log.

7

I had this in my inbox this morning.

## Warning: message 1uPBEU-001AFR-RT delayed 48 hours

![Contact photo](https://webmail.sxxy.com/skins/elastic/images/contactpic.svg)

From [Mail Delivery System](mailto:[email protected]) on 2025-06-13 09:18

[Details](https://webmail.sxxfy.com/?_task=mail&_caps=pdf%3D1%2Cflash%3D0%2Ctiff%3D0%2Cwebp%3D1%2Cpgpmime%3D0&_uid=768&_mbox=INBOX&_framed=1&_action=preview#headers) [Headers](https://webmail.sxxfy.com/?_task=mail&_caps=pdf%3D1%2Cflash%3D0%2Ctiff%3D0%2Cwebp%3D1%2Cpgpmime%3D0&_uid=768&_mbox=INBOX&_framed=1&_action=preview#all-headers)

This message was created automatically by mail delivery software.
A message that you sent has not yet been delivered to one or more of its
recipients after more than 48 hours on the queue on cloud.xxtfy.com.

The message identifier is: 1uPBEU-001AFR-RT
The date of the message is: Wed, 11 Jun 2025 04:30:30 +0200
The subject of the message is: test

The address to which the message has not yet been delivered is:

[[email protected]](mailto:[email protected])

No action is required on your part. Delivery attempts will continue for
some time, and this warning may be repeated at intervals if the message
remains undelivered. Eventually the mail delivery software will give up,
and when that happens, the message will be returned to you.

Reporting-MTA: dns; localhost

Action: delayed
Final-Recipient: rfc822;[[email protected]](mailto:[email protected])
Status: 4.0.0

Return-path: <[[email protected]](mailto:[email protected])>
Received: from localhost ([127.0.0.1] helo=webmail.xxxtfy.com)
by cloud.xxxfy.com with esmtpa (Exim 4.95)
(envelope-from <[[email protected]](mailto:[email protected])>)
id 1uPBEU-001AFR-RT
for [[email protected]](mailto:[email protected]);
Wed, 11 Jun 2025 04:30:31 +0200
MIME-Version: 1.0
Date: Wed, 11 Jun 2025 04:30:30 +0200
From: [[email protected]](mailto:[email protected])
To: [[email protected]](mailto:[email protected])
Subject: test
Message-ID: <[[email protected]](mailto:[email protected])>
X-Sender: [[email protected]](mailto:[email protected])
Content-Type: text/plain; charset=US-ASCII;
format=flowed
Content-Transfer-Encoding: 7bit
8

I don’t see the reason for the error in that mail.

As I said, try to send a new mail and check the log.

You can check the ID of the message you posted, but you might get a lot of lines, or the first log may have already been deleted.

exigrep '1uPBEU-001AFR-RT' /var/log/exim4/mainlog* --no-pager | sort
9

I tried to send another email and got this

iagnostic-Code: smtp; 550-5.7.26 Your email has been blocked because the sender is unauthenticated.
550-5.7.26 Gmail requires all senders to authenticate with either SPF or DKIM.
550-5.7.26
550-5.7.26 Authentication results:
550-5.7.26 DKIM = did not pass
550-5.7.26 SPF [xxxfy.com] with ip: [164.68.121.42] = did not pass
550-5.7.26
550-5.7.26 For instructions on setting up authentication, go to
550 5.7.26 Email sender guidelines - Google Workspace Admin Help a640c23a62f3a-adec897be7asi495514166b.568 - gsmtp

Subject test
From [email protected]
To xxot
Date Today 20:19

And update the DNS with SPF1 and DKIM and tried again, i got the email to my inbox. I got it to the spam folder, is that something that will got away automatically ?

2025-06-15 21:27:24 1uQt0m-000oRG-2S <= [email protected] H=localhost (webmail.sxxxx.com) [127.0.0.1] P=esmtpa A=dovecot_login:[email protected] S=523 [email protected]
2025-06-15 21:27:24 1uQt0m-000oRG-2S H=gmail-smtp-in.l.google.com [74.125.143.26] TLS error on connection (recv): The TLS connection was non-properly terminated.
2025-06-15 21:27:24 1uQt0m-000oRG-2S => [email protected] R=dnslookup T=remote_smtp H=gmail-smtp-in.l.google.com [74.125.143.26] X=TLS1.3:ECDHE_X25519__ECDSA_SECP256R1_SHA256__AES_256_GCM:256 CV=yes K C=“250 2.0.0 OK 4fb4d7f45d1cf-608b49d0107si5387569a12.360 - gsmtp”
2025-06-15 21:27:24 1uQt0m-000oRG-2S Completed
root@cloud:~#

10

Hi @razzera,

If you’re able to log into webmail and receive emails, but can’t send them either via webmail or PHP it’s likely related to outbound SMTP restrictions.

Please check with your hosting provider to confirm if:

  1. SMTP ports (especially Port 25, 465, or 587) are blocked – Many hosting providers block Port 25 by default to prevent spam.
  2. Your server’s IP address is blacklisted – This can also prevent emails from being sent or delivered properly.

If neither of these are the issue, and assuming you haven’t made manual changes to the mail server configuration files, Hestia should work out of the box for sending mail after installation.

Also worth checking:

  • Mail logs (/var/log/exim4/mainlog or /var/log/mail.log) for any delivery errors.
  • Ensure that SPF, DKIM, and PTR records are correctly set for your domain.

Let me know what you find and I can help troubleshoot further.

11

I checked your IP address, and it appears to be blacklisted:

:link: SpamRATS! - SpamRATS Lookup Tool!

This is likely the reason you’re unable to send emails. I recommend requesting delisting from the blacklist and then testing email sending again. Once the IP is clean, outgoing mail should start working as expected assuming no other configuration changes were made.

12

was removed without a problem and all passed now so let’s see what happens! :o