Exim4 email delivery error

praderj · May 23, 2021, 2:17pm

Hi Team,
I’m facing this weird issue with the exim4. I recently moved to Hestia from Cyberpanel. Everything is working fine except the exim4. The thing is Exim4 didn’t work on some particular cases. Except that it works fine. I use Amazon SES to deliver weekly newsletters on example.org. I also use custom mail from domain newsletter.example.org on Amazon SES. I can able to deliver the emails perfectly on most of the services like Gmail Hotmail etc.
But when it comes to the emails on my server, say for example info@example(dot)org, the email delivery fails. Both the domains are hosted on the same server and are DKIM, SPF and DMARC verified. I tried to fix it for the past 2 days, but I could not fix it. I have used the dig command to check the DNS records and everything looks fine.

What am I missing? Can someone help me out? I’m giving the Exim log that appears when the emails got rejected.

praderj · May 23, 2021, 2:21pm

This is the error log

2021-05-23 08:38:12 H=a8-96.smtp-out(.)amazonses(.)com [54.240.8.96] X=TLS1.2:ECDHE_SECP2XXX__RSA_PSS_RSAE_SHA256__AES_128_CBC__SHA1:128 CV=no SNI=“mail(.)example(.)org” F=<01000179985fe26a-2326bcab-71da-47d4-9818-456ecd8ac33b-000000@newsletter(.)example(.)org> rejected RCPT <info@example(.)org>: Sender verify failed
2021-05-23 08:53:50 H=a48-90.smtp-out.amazonses.com [54.240.48.90] sender verify fail for 01000179986e3492-b2d0ad03-d151-4554-a3f0-101ef789a56f-000000@newsletter.example.org: Unrouteable address

Sorry, I have to replace . with (.) because of the new user restriction.

Thanks in advance!

mehargags · May 24, 2021, 1:51am

Without knowing your actual domain name I can’t really comment. Make sure your MX records are setup properly and being read from the right nameservers.

Sender verify failed on SES usually means that you are in Sandbox and you can only send to verified email IDs only. If this is a new AWS SES setup, after testing you need request service limit increase with AWS.

Also, use SES API/SMTP inside your apps directly, don’t configure it server wise on Exim MTA.

praderj · May 24, 2021, 2:05am

Hi @mehargags, thanks for the reply. I have set up everything correctly. The actual domain names are catholicgallery.org and the mail from domain is newsletter.catholicgallery.org . I have set up the MX records correctly on Cloudflare. I have used some online tools and verified that the records are resolving correctly. The emails are delivered properly everywhere except the local domains. Also, Im not on SES sandbox. Im using ses for the past 4 years. I regularly send around 12,000 emails every week.

I’m not trying to configure SES server wide. I haven’t touched the conf yet. I use Mailster for WordPress to deliver the emails. I can send the mails to my gmail but not to any of the webmails hosted on the server.

Thanks again.

mehargags · May 24, 2021, 11:25am

You badly confused your topic with all that mention of SES and newletter thing. The issue I presume is with local delivery so you need this command to edit Exim config

EXIM Enable Delivery to local domains

sed -i 's/domains = !+local_domains/domains = */' /etc/exim4/exim4.conf.template

then update exim config and restart MTA

update-exim4.conf
systemctl restart exim4

You might want to clear exim queue and watch any stuck messages after this:
exim -bp

Search for exim commands, you should easily get it.

praderj · May 24, 2021, 1:20pm

Thank you so much for the answer. I tried the steps and it didn’t work.
So I reverted back to the original conf. I have removed the newsletter.catholicgallery.org from the mail domain and everything worked perfectly. Thanks for helping.