Mail sent with the wrong domain

Ade · July 14, 2025, 2:58pm

I believe to have an issue similar to this but I’m lost with the resolution steps

If I check the PTR record with dig -x 150.x.x.x +short I see the domain I want. But for some reasons, Exim is now sending the emails using the wrong one (however it was working properly before)

for i in $(ip a | awk ‘/inet / {print $2}’ | cut -d ‘/’ -f1); do dig -x $i | grep -vE ‘^;|^$’;done

shows two PTRs, the second that it shows is the one currently in use to send emails, which is wrong (generic Oracle domain ending with …25.oraclevcn.com). Where do I have to change it so that it finds the right one?

Many thanks

nu01 · July 14, 2025, 3:58pm

I maybe wrong here, but is it sending through an alias, which maybe added under the primary domain, and or is there any forwarder setup?
Also, as per that post, it maybe due to incorrect IP as well.
These may help too, I guess: https://serverfault.com/questions/548826/exim-change-sender-address-when-sending-mails-out-of-local-network
31. Address rewriting

Ade · July 14, 2025, 5:35pm

Thank you for your reply!
I’m not sure I can answer that, I’ve set this a very long time ago. How can I check that?

nu01 · July 15, 2025, 3:31am

Go to the mail domain in GUI/Panel. Check under the said email if there are any aliases set against it or if anything that maybe out of order. I am outside and my panel will not open on my browser right now. I also cannot recall the exact exim commands/files, but this may help: https://serverfault.com/questions/173104/understanding-exim4s-etc-aliases
Exim Cheatsheet (very old, but some may still work).

Ade · July 15, 2025, 12:31pm

The inbox has a forward all set, but I’ve tried creating a new inbox based on the same domain and the issue is still the same. I’ve tried a different email account based on a different domain and that’s affected too. I’m not sure what has happened but whatever it is it’s affecting all the domains

nu01 · July 15, 2025, 2:00pm

Is there any cloudflare or similar thing / pattern in between? Also, do try and provide logs. You can find them in the UI or under the domain logs. You can see the sent header as well. Would definitely require logs mate.

Also, check this comment once: After 421 misdirected request solution - Problems with email - #4 by sahsanu

Ade · July 17, 2025, 6:43pm

Sorry for the late reply here!
But I think I might have missed to share this info when I started the thread, the emails are sent properly, there’s no issue there, but due to the error I shared above, sometimes they go to spam.
The emails are delivered without errors, but if this is of any help, this is the log of the email I’ve sent as a test:

2025-07-17 18:24:58 1ucTHt-007xGP-WF <= [email protected] H=hestia.mycoolsite.com (webmail.mycoolsite.com) [127.0.0.1] P=esmtpa A=dovecot_login:[email protected] S=611 [email protected]
2025-07-17 18:24:58 1ucTHt-007xGP-WF => [email protected] R=dnslookup T=remote_smtp H=gmail-smtp-in.l.google.com [172.253.63.27] X=TLS1.3:ECDHE_X25519__ECDSA_SECP256R1_SHA256__AES_256_GCM:256 CV=yes K C="250 2.0.0 OK 6a1803df08f44-70514dd394fsi5277226d6.243 - gsmtp"
2025-07-17 18:24:58 1ucTHt-007xGP-WF Completed

Ade · July 24, 2025, 9:09pm

Does anyone have any further input on this?

sahsanu · July 24, 2025, 9:24pm

I don’t really understand the problem, I mean, I don’t know how many ips are assigned to your server…

Exim sends the mails using the ip assigned to that mail domain. Is that the right ip or you want to use another one?

cat /etc/exim4/domains/YourDomain/ip

Ade · July 24, 2025, 9:41pm

Hi @sahsanu thank you for your reply.

Using cat on that file shows an internal IP:

10.0.0.177

The issue is that I have an PTR record that was set years ago with Oracle and that has always worked. If I use my local computer and run a command like:

dig -x 150.x.x.x +short

Where 150.x.x.x is my server IP, I see the domain I’ve set as PTR.
However, when trying to send an email, recipients or mail testers like mail-tester[.]com are returning this:

So it looks like the emails are being sent with the wrong hostname

sahsanu · July 24, 2025, 9:54pm

That’s a different “problem”.

Is your server using the right hostname?

Anyway, you can force Exim to use the hostname you want.

First, backup exim conf just in case…

Check what are the directives using lookup dnsdb to get the primary_hostname:

grep '${lookup dnsdb{>: defer_never,ptr=$.*}{${listextract{1}{$value}}}{$primary_hostname}}' /etc/exim4/exim4.conf.template

You should see 3 of them, one smtp_active_hostname and two helo_data. Search them in exim conf file /etc/exim4/exim4.conf.template and just replace their values with your hostname.

smtp_active_hostname = whatever.yourdomain.tld
helo_data = whatever.yourdomain.tld
helo_data = whatever.yourdomain.tld

Save the conf file and restart exim4.

Ade · July 24, 2025, 10:56pm

The grep command returns this:

So I just need to replace the smtp_active_hostname and helo_data with the PTR domain?

sahsanu · July 24, 2025, 11:10pm

Yes. Just that, but make a backup of the conf file before the change.

Ade · July 25, 2025, 8:30am

That worked, thank you! I’m not sure why I had to do this since it was working well

sahsanu · July 25, 2025, 10:39am

You’re welcome.

This script tries to simulate how Exim gets the PTR, show the output.

curl -fsSLm15 https://7j.gg/eximpri | bash -s --

Also, maybe the ip used by your server is added to the /etc/hosts and it’s getting the PTR from the hosts file.

system · August 24, 2025, 10:39am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.