How does Catch-All work properly?

kparzinger · April 24, 2025, 7:46am

Hello Friends,

I am completely new in HestiaCP and installed all things with guides.

My test enviroment works perfectly with exim4 and roundcube and all the stuff. What a pleasure.

Now I set “[email protected]” as catch all mail address to my mail domain on domain level and also created the mailbox “[email protected]” to see the mails but I am not able to mail to "test@… ". It bounces back.

How do I configure correctly a catch-all address for my domain?

Best Klaus

sahsanu · April 24, 2025, 8:42am

Hi @kparzinger

Double check that whatever account exists and you added the catch all account exactly as whatever.

Note: Replace whatever with the actual data.

grep whatever /etc/exim4/domains/kparzinger.de/{accounts,aliases}

Also check the log:

exigrep '=> whatever.*@kparzinger.de' /var/log/exim4/mainlog

kparzinger · April 24, 2025, 8:48am

Thanks a lot for this quick response. Yeah double checked in HestiaCP and attached the greps:

root@mail:~# grep whatever /etc/exim4/domains/kparzinger.de/{accounts,aliases}
/etc/exim4/domains/kparzinger.de/accounts:whatever:whatever:kparzinger:mail:/home/kparzinger
/etc/exim4/domains/kparzinger.de/aliases:*@kparzinger.de:[email protected]

exigrep did not deliver any outcomes.

sahsanu · April 24, 2025, 9:01am

I’ve sent a test mail to catchalltest and your server didn’t bounce it…

kparzinger · April 24, 2025, 9:18am

Totally correct, i received it.
Hm… so its a problem of my test sender host (IONOS) maybe.

sahsanu · April 24, 2025, 9:21am

I don’t know, what was the error message when the mail bounced?

kparzinger · April 24, 2025, 9:22am

Test mail from MS Exchange (O365) returns:

550 5.7.350 Remote server returned message detected as spam -> 550 Rejected because 40.107.149.96 is in a black list at zen.spamhaus.org;Error: open resolver; https://check.spamhaus.org/returnc/pub/46.38.225.220/

But i turned off the spam and virus protection in HestiaCP

kparzinger · April 24, 2025, 9:27am

Oh wait, this is crazy:

I took a mail and forwarded it to “[email protected]” which is not a configured mail box and it was sent and received normally (now in inbox of “[email protected]”) which means the mails before where marked as spam but I deactivated the spam protection for the domain.

sahsanu · April 24, 2025, 10:14am

But reject spam was active? If it wasn’t then the mail shouldn’t bounce… at least not because it was detected as spam. Maybe it was rejected because it was in a block list. As I said, the error message in the bounced mail should give the details to know what happened.

eris · April 24, 2025, 11:29am

I assume 40.107.149.96 if you server ip . In that case

kparzinger · April 24, 2025, 11:36am

I posted the error but i did 2 posts

this is the error message. and @eris nope this is the IP of one of the IONOS servers. IP is not blocked because mails to other mail addresses are working (like [email protected] which is a normal mailbox)

sahsanu · April 24, 2025, 11:40am

Sorry, I didn’t see it. Regarding the open resolver error:

kparzinger · April 24, 2025, 12:17pm

Thanks, I will try the next days and write back.

kparzinger · April 24, 2025, 10:36pm

@sahsanu sorry I dont get it.

I changed the dns records for resolving and tested again (I can also do the other options) but there is one thing i really dont get it:

Why is a new mail blocked by “spamhouse” and a forwarded one not?
Why is every new mail from Microsoft servers and IONOS servers blocked?

So i did this test with 2 mail sender addresse, one is hosted by Microsoft via Office 365, one is hosted by Ionso (btw i also tested with a mail box from a Hetzner host).

1 new mail sent to “any*@kparzinger.de” → blocked
1 new mail sent to “[email protected]” (which is a mail user): → OK
1 forwarded mail sent to “any*@kparzinger.de” → received at “[email protected]” (catchall)

I cant believe that IP addresses from Microsoft, Ionos and Hetzner are blocked on a blacklist.

sahsanu · April 24, 2025, 10:49pm

Spamhaus, to avoid abuse on their service, is denying requests to their DNSRBL when using public resolvers like 8.8.8.8, 1.1.1.1, 9.9.9.9, the ones used by Hetzner, etc.

I made a script to check whether the server is using an open resolver blocked by Spamhaus:

curl -fsSLm10 https://7j.gg/chksph2 | bash -s --

They aren’t, the problem is that you are using an open resolver blocked by Spamhaus to check whether the incoming ips are or not in the block lists.

kparzinger · April 25, 2025, 5:51am

Ok whatever, I checked today again the resolv.conf and the old ones where again set. I have to check is this is a problem after reboots of the server.

I changed it again, test again: WORKS!

root@mail:~# curl -fsSLm10 https://7j.gg/chksph2 | bash -s --
Test 01: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 02: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 03: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 04: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 05: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 06: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 07: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 08: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 09: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 10: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4

sahsanu · April 25, 2025, 1:47pm

Great!

Let me know if you need help to solve it.

kparzinger · April 25, 2025, 2:27pm

I will test a couple of days but looks good now.

This is my first iteration of a webserver and I am totally happy right now