Exim not listening on external IP for port 587

Community Support Mail
1

Hello,

I am experiencing an issue with Exim on my server where the service is not listening on the external IP addresses for SMTP on port 587. It’s only listening on 127.0.0.1:587, making mail service completely unavailable.

I have already checked the config and confirmed that daemon_smtp_ports = 25 : 465 : 587 is present. I also confirmed that Exim is supposed to be listening on all available interfaces, but it still only binds to localhost for port 587.

What i’ve done so far:

  1. Checked the firewall settings (UFW and iptables) to ensure ports 587, 25, and 465 are open.
  2. Checked that Exim is configured to listen on all interfaces.

Attaching a few logs:

  1. Netstat output

tcp 0 0 127.0.0.1:587 0.0.0.0:* LISTEN 149989/exim4

  1. Exim Log

2025-03-14 13:00:02 1tt4du-000ZsA-AQ ** [email protected] <[email protected]> R=dnslookup T=remote_smtp H=gmail-smtp-in.l.google.com [2a00:1450:4013:c00::1a] X=TLS1.3:ECDHE_X25519__ECDSA_SECP256R1_SHA256__AES_256_GCM:256 CV=yes DN="CN=mx.google.com": SMTP error from remote mail server after pipelined end of data: 550-5.7.1 [2a01:4f8:200:4316::2] Gmail has detected that this message does not\n550-5.7.1 meet IPv6 sending guidelines regarding PTR records and authentication\n550-5.7.1 . For more information, go to\n550 5.7.1 https://support.google.com/mail/?p=IPv6AuthError a640c23a62f3a-ac3146ab6dbsi320071266b.45 - gsmtp

  1. iptables

ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587

  1. /etc/exim4/exim.conf
daemon_smtp_ports = 25 : 465 : 587
tls_certificate = /usr/local/hestia/ssl/mail/mail.webtronix-solutions.gr.crt
tls_privatekey = /usr/local/hestia/ssl/mail/mail.webtronix-solutions.gr.key

Im open to any suggestions or possible causes for the problem…

2

Update, i’ve restarted the entire server, it now sits at

● exim4.service - LSB: exim Mail Transport Agent
     Loaded: loaded (/etc/init.d/exim4; generated)
     Active: active (exited) since Fri 2025-03-14 13:51:18 UTC; 45min ago
       Docs: man:systemd-sysv-generator(8)
    Process: 2269 ExecStart=/etc/init.d/exim4 start (code=exited, status=0/SUCCESS)
        CPU: 189ms

Mar 14 13:51:17 panel.webtronix-solutions.gr systemd[1]: Starting LSB: exim Mail Transport Agent...
Mar 14 13:51:17 panel.webtronix-solutions.gr exim4[2269]:  * Starting MTA
Mar 14 13:51:18 panel.webtronix-solutions.gr exim4[2269]:    ...done.
Mar 14 13:51:18 panel.webtronix-solutions.gr exim4[2269]: ALERT: exim paniclog /var/log/exim4/paniclog has non-zero siz>
Mar 14 13:51:18 panel.webtronix-solutions.gr systemd[1]: Started LSB: exim Mail Transport Agent.`

log says

sgoufas@panel:~$ sudo tail -f /var/log/exim4/mainlog
2025-03-14 14:34:34 1tt67O-0002o5-R3 <= <> R=1tt67N-0002lv-Qk U=Debian-exim P=local S=2973
2025-03-14 14:34:34 1tt67O-0002o5-R3 == [email protected] R=local_user T=maildir_home defer (2): No such file or directory: failed to chdir to /home/hestiaweb
2025-03-14 14:34:34 1tt67O-0002oB-S2 <= <> R=1tt67N-0002lv-Qk U=Debian-exim P=local S=781
2025-03-14 14:34:34 1tt67N-0002lv-Qk Frozen
2025-03-14 14:34:34 1tt67O-0002oB-S2 lowest numbered MX record points to local host: webtronix-solutions.gr
2025-03-14 14:34:34 1tt67O-0002oB-S2 == [email protected] <[email protected]> R=dnslookup defer (-1): lowest numbered MX record points to local host
2025-03-14 14:34:36 1tt67O-0002oB-S2 H=gmail-smtp-in.l.google.com [2a00:1450:4013:c18::1b] TLS error on connection (recv): The TLS connection was non-properly terminated.
2025-03-14 14:34:36 1tt67O-0002oB-S2 H=gmail-smtp-in.l.google.com [2a00:1450:4013:c18::1b] TLS error on connection (recv): The specified session has been invalidated for some reason.
2025-03-14 14:34:36 1tt67O-0002oB-S2 ** [email protected] <[email protected]> R=dnslookup T=remote_smtp H=gmail-smtp-in.l.google.com [2a00:1450:4013:c18::1b] X=TLS1.3:ECDHE_X25519__ECDSA_SECP256R1_SHA256__AES_256_GCM:256 CV=yes DN="CN=mx.google.com": SMTP error from remote mail server after pipelined end of data: 550-5.7.1 [2a01:4f8:200:4316::2] Gmail has detected that this message does not\n550-5.7.1 meet IPv6 sending guidelines regarding PTR records and authentication\n550-5.7.1 . For more information, go to\n550 5.7.1  https://support.google.com/mail/?p=IPv6AuthError a640c23a62f3a-ac3146aa380si326873866b.145 - gsmtp
2025-03-14 14:34:36 1tt67O-0002oB-S2 Frozen (delivery error message)

paniclog

sudo cat /var/log/exim4/paniclog
2025-03-14 13:33:05 daemon_notifier_socket bind: Address already in use
2025-03-14 13:33:56 daemon_notifier_socket bind: Address already in use
2025-03-14 13:35:38 socket bind() to port 25 for address :: failed: Address already in use: daemon abandoned
2025-03-14 13:37:35 socket bind() to port 25 for address (any IPv4) failed: Address already in use: daemon abandoned
2025-03-14 13:38:26 socket bind() to port 25 for address :: failed: Address already in use: daemon abandoned
2025-03-14 13:55:48 socket bind() to port 25 for address :: failed: Address already in use: daemon abandoned
3

Hi @sgoufas

Could you please execute these commands and show the output?

First you should empty paniclog:

cp /var/log/exim4/paniclog /root/paniclog.backup
:> /var/log/exim4/paniclog

Now stop exim4 and show if there is something listening on ports 25,465 and 587:

systemctl stop exim4
lsof -Pn +c0 -i:25,465,587 -sTCP:LISTEN

Once you get the outputs, start exim4 again and check the status and listening ports:

systemctl start exim4
systemctl status exim4 --no-pager -l
lsof -Pn +c0 -i:25,465,587 -sTCP:LISTEN
1 Like
4

Hello, the problem was that during installation exim got corrupted and got installed twice. The faulty exim was listening to port 25 and 587, rendering the working exim to fault. Removing and reconfiguring exim fixed it.

But now roundcube fails tou authenticate saying Connection to storage server failed.

5

That’s pretty strange. How did that happen?

How did you reconfigure it? There are several things that need to be done depending on the packages you installed.

That usually means there’s a problem connecting to the IMAP server. I would delete that server and install a fresh one since that installation seems to have a few issues.

6

Yeah the certificates were the issue. The problems remain tho… im at a loss here

dovecot.log says

Mar 14 17:50:12 master: Warning: SIGHUP received - reloading configuration
Mar 14 17:52:11 master: Warning: Killed with signal 15 (by pid=111287 uid=0 code=kill)
Mar 14 17:52:13 master: Info: Dovecot v2.3.16 (7e2e900c1a) starting up for imap, pop3 (core dumps disabled)
Mar 14 17:52:40 auth: Error: passwd-file([email protected],127.0.0.1,<tDTHGlEwoNR/AAAB>): stat(/etc/exim4/domains/webtronix-solutions.gr/passwd) failed: Permission denied (euid=119(dovecot) egid=125(dovecot) missing +x perm: /etc/exim4/domains, we're not in group 8(mail), dir owned by 8:8 mode=0750)
Mar 14 17:52:42 imap-login: Info: Disconnected: Connection closed (auth service reported temporary failure): user=<[email protected]>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured, session=<tDTHGlEwoNR/AAAB>
Mar 14 17:53:55 master: Warning: Killed with signal 15 (by pid=114297 uid=0 code=kill)
Mar 14 17:53:57 master: Info: Dovecot v2.3.16 (7e2e900c1a) starting up for imap, pop3 (core dumps disabled)
Mar 14 17:54:54 auth: Error: passwd-file([email protected],127.0.0.1,<AG/OIlEweoZ/AAAB>): stat(/etc/exim4/domains/webtronix-solutions.gr/passwd) failed: Permission denied (euid=119(dovecot) egid=125(dovecot) missing +x perm: /etc/exim4/domains, we're not in group 8(mail), dir owned by 8:8 mode=0750)
Mar 14 17:54:56 imap-login: Info: Disconnected: Connection closed (auth service reported temporary failure): user=<[email protected]>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured, session=<AG/OIlEweoZ/AAAB>

Sending mails through a client like thunderbird works

7

Seems dovecot user is not included in mail group, that shouldn’t happen so I’m wondering what you did.

id dovecot
namei -mo /etc/exim4/domains/webtronix-solutions.gr/passwd

But again, I would install a new fresh server.

8

Yeah thats my last resort, a few websites are already hosted here so it’d be inconvenient…
The problem is that dovecot cannot read the password file even though its in the correct group

9

If I don’t see the output of the commands, I can’t determine whether there is an issue.

10

The server decided to stop working as of today, up to this morning it was OK

As of now

  • Users cannot log into Roundcube, and logs show “Temporary authentication failure” or “Permission denied”.
  • Sending and receiving emails via SMTP works fine.
  • The mail password file is located at /home/admin/conf/mail/webtronix-solutions.gr/passwd, but Dovecot cannot access it due to permissions.
  • I have already tried adjusting ownership and permissions, ensuring Dovecot is in the mail group, and restarting services.

dovecot.log has

Mar 14 18:27:17 auth: Error: passwd-file([email protected],127.0.0.1,<TBOgllEwRMp/AAAB>): stat(/etc/exim4/domains/webtronix-solutions.gr/passwd) failed: Permission denied (euid=119(dovecot) egid=125(dovecot) missing +w perm: /etc/exim4/domains/webtronix-solutions.gr/passwd stat(/etc/exim4/domains/webtronix-solutions.gr/passwd) failed: Permission denied, dir owned by 8:8 mode=0755)
Mar 14 18:27:19 imap-login: Info: Disconnected: Connection closed (auth service reported temporary failure): user=<[email protected]>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured, session=<TBOgllEwRMp/AAAB>
Mar 14 18:28:56 master: Warning: Killed with signal 15 (by pid=125922 uid=0 code=kill)
Mar 14 18:28:57 master: Info: Dovecot v2.3.16 (7e2e900c1a) starting up for imap, pop3 (core dumps disabled)
Mar 14 18:33:56 master: Warning: Killed with signal 15 (by pid=127371 uid=0 code=kill)
Mar 14 18:33:57 master: Info: Dovecot v2.3.16 (7e2e900c1a) starting up for imap, pop3 (core dumps disabled)
Mar 14 18:38:56 master: Warning: Killed with signal 15 (by pid=128476 uid=0 code=kill)
Mar 14 18:38:57 master: Info: Dovecot v2.3.16 (7e2e900c1a) starting up for imap, pop3 (core dumps disabled)
Mar 14 18:39:44 master: Warning: Killed with signal 15 (by pid=129691 uid=0 code=kill)
Mar 14 18:42:33 master: Info: Dovecot v2.3.16 (7e2e900c1a) starting up for imap, pop3 (core dumps disabled)
Mar 14 18:44:15 master: Warning: Killed with signal 15 (by pid=2782 uid=0 code=kill)
Mar 14 18:44:16 master: Info: Dovecot v2.3.16 (7e2e900c1a) starting up for imap, pop3 (core dumps disabled)

roundcube logs

Forwarded-For: 79.107.126.250). AUTHENTICATE PLAIN: Temporary authentication failure. [panel.webtronix-solutions.gr:2025-03-14 17:54:56] in /var/lib/roundcube/program/lib/Roundcube/rcube_imap.php on line 211 (POST /?_task=login&_action=login)
[14-Mar-2025 18:05:49 +0000]: <338bu9p0> IMAP Error: Login failed for [email protected] against localhost from 79.107.126.250 (X-Forwarded-For: 79.107.126.250). AUTHENTICATE PLAIN: Temporary authentication failure. [panel.webtronix-solutions.gr:2025-03-14 18:05:49] in /var/lib/roundcube/program/lib/Roundcube/rcube_imap.php on line 211 (POST /?_task=login&_action=login)
[14-Mar-2025 18:17:26 +0000]: <338bu9p0> IMAP Error: Login failed for [email protected] against localhost from 79.107.126.250 (X-Forwarded-For: 79.107.126.250). AUTHENTICATE PLAIN: Temporary authentication failure. [panel.webtronix-solutions.gr:2025-03-14 18:17:26] in /var/lib/roundcube/program/lib/Roundcube/rcube_imap.php on line 211 (POST /?_task=login&_action=login)
[14-Mar-2025 18:27:19 +0000]: <338bu9p0> IMAP Error: Login failed for [email protected] against localhost from 79.107.126.250 (X-Forwarded-For: 79.107.126.250). AUTHENTICATE PLAIN: Temporary authentication failure. [panel.webtronix-solutions.gr:2025-03-14 18:27:19] in /var/lib/roundcube/program/lib/Roundcube/rcube_imap.php on line 211 (POST /?_task=login&_action=login)
[14-Mar-2025 18:28:57 +0000]: <d5iie81q> DB Error: SQLSTATE[HY000] [2002] No such file or directory in /var/lib/roundcube/program/lib/Roundcube/rcube_db.php on line 201 (GET /)
[14-Mar-2025 18:44:15 +0000]: <338bu9p0> DB Error: SQLSTATE[HY000] [2002] No such file or directory in /var/lib/roundcube/program/lib/Roundcube/rcube_db.php on line 201 (POST /?_task=login&_action=login)
[14-Mar-2025 18:44:29 +0000]: <338bu9p0> IMAP Error: Login failed for [email protected] against localhost from 79.107.126.250 (X-Forwarded-For: 79.107.126.250). AUTHENTICATE PLAIN: Temporary authentication failure. [panel.webtronix-solutions.gr:2025-03-14 18:44:29] in /var/lib/roundcube/program/lib/Roundcube/rcube_imap.php on line 211 (POST /?_task=login&_action=login)

running sudo dovearm auth test

passdb: [email protected] auth failed
extra fields:
  [email protected]
  code=temp_fail

file permissions are as follow

namei -mo /etc/exim4/domains/webtronix-solutions.gr/passwd
ls -ld /home/admin/conf/mail/webtronix-solutions.gr
ls -ld /home/admin/conf/mail
ls -ld /home/admin/conf
ls -ld /home/admin
ls -ld /etc/exim4/domains/webtronix-solutions.gr
ls -l /etc/exim4/domains/webtronix-solutions.gr/passwd
id dovecot
f: /etc/exim4/domains/webtronix-solutions.gr/passwd
 drwxr-xr-x root root /
 drwxr-xr-x root root etc
 drwxr-xr-x root root exim4
 drwxr-xr-x mail mail domains
 lrwxrwxrwx mail mail webtronix-solutions.gr -> /home/admin/conf/mail/webtronix-solutions.gr
   drwxr-xr-x root root /
   drwxr-xr-x root root home
   drwxr-x--x root root admin
   drwxr-x--- root root conf
                        mail - Permission denied
ls: cannot access '/home/admin/conf/mail/webtronix-solutions.gr': Permission denied
ls: cannot access '/home/admin/conf/mail': Permission denied
drwxr-x--- 5 root root 4096 Mar 14 07:36 /home/admin/conf
drwxr-x--x+ 14 root root 4096 Mar 14 07:37 /home/admin
lrwxrwxrwx 1 mail mail 44 Mar 14 17:50 /etc/exim4/domains/webtronix-solutions.gr -> /home/admin/conf/mail/webtronix-solutions.gr
ls: cannot access '/etc/exim4/domains/webtronix-solutions.gr/passwd': Permission denied
uid=119(dovecot) gid=125(dovecot) groups=125(dovecot),8(mail)

dovecot and exim services are OK, attaching iptables for the hell of it…

sgoufas@panel:~$ sudo systemctl status dovecot
sudo systemctl status exim4
sudo iptables -L -n | grep '22\|143\|993'
● dovecot.service - Dovecot IMAP/POP3 email server
     Loaded: loaded (/lib/systemd/system/dovecot.service; enabled; vendor preset: enabled)
     Active: active (running) since Fri 2025-03-14 18:49:18 UTC; 20s ago
       Docs: man:dovecot(1)
             https://doc.dovecot.org/
   Main PID: 4588 (dovecot)
     Status: "v2.3.16 (7e2e900c1a) running"
      Tasks: 4 (limit: 76927)
     Memory: 3.3M
        CPU: 42ms
     CGroup: /system.slice/dovecot.service
             ├─4588 /usr/sbin/dovecot -F
             ├─4589 dovecot/anvil
             ├─4590 dovecot/log
             └─4591 dovecot/config

Mar 14 18:49:18 panel.webtronix-solutions.gr systemd[1]: Starting Dovecot IMAP/POP3 email server...
Mar 14 18:49:18 panel.webtronix-solutions.gr systemd[1]: Started Dovecot IMAP/POP3 email server.
● exim4.service - LSB: exim Mail Transport Agent
     Loaded: loaded (/etc/init.d/exim4; generated)
     Active: active (running) since Fri 2025-03-14 18:48:01 UTC; 1min 37s ago
       Docs: man:systemd-sysv-generator(8)
    Process: 4082 ExecStart=/etc/init.d/exim4 start (code=exited, status=0/SUCCESS)
      Tasks: 1 (limit: 76927)
     Memory: 2.6M
        CPU: 117ms
     CGroup: /system.slice/exim4.service
             └─4350 /usr/sbin/exim4 -bd -q30m -oX 25:465:587

Mar 14 18:48:01 panel.webtronix-solutions.gr systemd[1]: Starting LSB: exim Mail Transport Agent...
Mar 14 18:48:01 panel.webtronix-solutions.gr exim4[4082]:  * Starting MTA
Mar 14 18:48:01 panel.webtronix-solutions.gr exim4[4082]:    ...done.
Mar 14 18:48:01 panel.webtronix-solutions.gr exim4[4082]: ALERT: exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken
Mar 14 18:48:01 panel.webtronix-solutions.gr systemd[1]: Started LSB: exim Mail Transport Agent.
fail2ban-MAIL  tcp  --  0.0.0.0/0            0.0.0.0/0            multiport dports 25,465,587,110,995,143,993
fail2ban-SSH  tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:22
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:22
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            multiport dports 143,993
REJECT     all  --  218.92.0.221         0.0.0.0/0            reject-with icmp-port-unreachable
11

Execute the namei command as root.

12 
namei -mo /etc/exim4/domains/webtronix-solutions.gr/passwd
f: /etc/exim4/domains/webtronix-solutions.gr/passwd
 drwxr-xr-x root root /
 drwxr-xr-x root root etc
 drwxr-xr-x root root exim4
 drwxr-xr-x mail mail domains
 lrwxrwxrwx mail mail webtronix-solutions.gr -> /home/admin/conf/mail/webtronix-solutions.gr
   drwxr-xr-x root root /
   drwxr-xr-x root root home
   drwxr-x--x root root admin
   drwxr-x--- root root conf
   drwxr-x--- mail mail mail
   drwxr-x--- mail mail webtronix-solutions.gr
 -rw-r----- mail mail passwd
13

I think you modified the user:group and the perms because they are wrong.

Here an example with the right perms:

❯ namei -mo /etc/exim4/domains/example.net/passwd
f: /etc/exim4/domains/example.net/passwd
 drwxr-xr-x root        root /
 drwxr-xr-x root        root etc
 drwxr-xr-x root        root exim4
 drwxr-xr-x root        root domains
 lrwxrwxrwx root        root example.net -> /home/test/conf/mail/example.net
   drwxr-xr-x root        root /
   drwxr-xr-x root        root home
   drwxr-xr-x root        root test
   drwxr-xr-x root        root conf
   drwxr-xr-x root        root mail
   drwxrwx--x Debian-exim mail example.net
 -rw-rw---- dovecot     mail passwd
14

Alright, redid the perms, other than the passwords file i didnt touch the others so thats weird to say the least…

dovearm auth test

passdb: [email protected] auth failed
extra fields:
  [email protected]
  code=temp_fail

dovecot log

Mar 14 19:37:12 master: Warning: Killed with signal 15 (by pid=17704 uid=0 code=kill)
Mar 14 19:37:14 master: Info: Dovecot v2.3.16 (7e2e900c1a) starting up for imap, pop3 (core dumps disabled)
Mar 14 19:37:35 auth: Error: passwd-file([email protected]): stat(/etc/exim4/domains/webtronix-solutions.gr/passwd) failed: Permission denied (euid=119(dovecot) egid=125(dovecot) missing +w perm: /etc/exim4/domains/webtronix-solutions.gr/passwd stat(/etc/exim4/domains/webtronix-solutions.gr/passwd) failed: Permission denied, dir owned by 0:0 mode=0755)

f: /etc/exim4/domains/webtronix-solutions.gr/passwd
 drwxr-xr-x root        root /
 drwxr-xr-x root        root etc
 drwxr-xr-x root        root exim4
 drwxr-xr-x root        root domains
 lrwxrwxrwx root        root webtronix-solutions.gr -> /home/admin/conf/mail/webtronix-solutions.gr
   drwxr-xr-x root        root /
   drwxr-xr-x root        root home
   drwxr-x--x root        root admin
   drwxr-x--- root        root conf
   drwxr-x--- mail        mail mail
   drwxrwx--- Debian-exim mail webtronix-solutions.gr
 -rw-rw---- dovecot     mail passwd
15

Compare again the perms with the ones I posted. You are no using the right ones

16

It fixed the issue but another popped up so i ended up formatting the entire server.

1 Like
17

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.