How does Catch-All work properly?

Hello Friends,

I am completely new in HestiaCP and installed all things with guides.

My test enviroment works perfectly with exim4 and roundcube and all the stuff. What a pleasure.

Now I set “[email protected]” as catch all mail address to my mail domain on domain level and also created the mailbox “[email protected]” to see the mails but I am not able to mail to "test@… ". It bounces back.

How do I configure correctly a catch-all address for my domain?

Best Klaus

Hi @kparzinger

Double check that whatever account exists and you added the catch all account exactly as whatever.

Note: Replace whatever with the actual data.

grep whatever /etc/exim4/domains/kparzinger.de/{accounts,aliases}

Also check the log:

exigrep '=> whatever.*@kparzinger.de' /var/log/exim4/mainlog

Thanks a lot for this quick response. Yeah double checked in HestiaCP and attached the greps:

root@mail:~# grep whatever /etc/exim4/domains/kparzinger.de/{accounts,aliases}
/etc/exim4/domains/kparzinger.de/accounts:whatever:whatever:kparzinger:mail:/home/kparzinger
/etc/exim4/domains/kparzinger.de/aliases:*@kparzinger.de:[email protected]

exigrep did not deliver any outcomes.

I’ve sent a test mail to catchalltest and your server didn’t bounce it…

Totally correct, i received it.
Hm… so its a problem of my test sender host (IONOS) maybe.

I don’t know, what was the error message when the mail bounced?

Test mail from MS Exchange (O365) returns:

550 5.7.350 Remote server returned message detected as spam -> 550 Rejected because 40.107.149.96 is in a black list at zen.spamhaus.org;Error: open resolver; https://check.spamhaus.org/returnc/pub/46.38.225.220/

But i turned off the spam and virus protection in HestiaCP

Oh wait, this is crazy:

I took a mail and forwarded it to “[email protected]” which is not a configured mail box and it was sent and received normally (now in inbox of “[email protected]”) which means the mails before where marked as spam but I deactivated the spam protection for the domain.

But reject spam was active? If it wasn’t then the mail shouldn’t bounce… at least not because it was detected as spam. Maybe it was rejected because it was in a block list. As I said, the error message in the bounced mail should give the details to know what happened.

I assume 40.107.149.96 if you server ip . In that case

I posted the error :slight_smile: but i did 2 posts

this is the error message. and @eris nope this is the IP of one of the IONOS servers. IP is not blocked because mails to other mail addresses are working (like [email protected] which is a normal mailbox)

Sorry, I didn’t see it. Regarding the open resolver error:

1 Like

Thanks, I will try the next days and write back.

1 Like

@sahsanu sorry I dont get it.

I changed the dns records for resolving and tested again (I can also do the other options) but there is one thing i really dont get it:

  • Why is a new mail blocked by “spamhouse” and a forwarded one not?
  • Why is every new mail from Microsoft servers and IONOS servers blocked?

So i did this test with 2 mail sender addresse, one is hosted by Microsoft via Office 365, one is hosted by Ionso (btw i also tested with a mail box from a Hetzner host).

1 new mail sent to “any*@kparzinger.de” → blocked
1 new mail sent to “[email protected]” (which is a mail user): → OK
1 forwarded mail sent to “any*@kparzinger.de” → received at “[email protected]” (catchall)

I cant believe that IP addresses from Microsoft, Ionos and Hetzner are blocked on a blacklist.

Spamhaus, to avoid abuse on their service, is denying requests to their DNSRBL when using public resolvers like 8.8.8.8, 1.1.1.1, 9.9.9.9, the ones used by Hetzner, etc.

I made a script to check whether the server is using an open resolver blocked by Spamhaus:

curl -fsSLm10 https://7j.gg/chksph2 | bash -s --

They aren’t, the problem is that you are using an open resolver blocked by Spamhaus to check whether the incoming ips are or not in the block lists.

Ok whatever, I checked today again the resolv.conf and the old ones where again set. I have to check is this is a problem after reboots of the server.

I changed it again, test again: WORKS!

root@mail:~# curl -fsSLm10 https://7j.gg/chksph2 | bash -s --
Test 01: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 02: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 03: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 04: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 05: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 06: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 07: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 08: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 09: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4
Test 10: Listed by XBL, see https://check.spamhaus.org/query/ip/127.0.0.4

Great! :smiley:

Let me know if you need help to solve it.

I will test a couple of days but looks good now.

This is my first iteration of a webserver and I am totally happy right now :slight_smile:

1 Like