Hello
I have added all 7 DNS records that hestiacp asks to add.
No DNS record is proxied in cloudflare.
I have opened these ports:
25, 465, 587
8083, 80, 443 (for hestiacp)
993, 143, 995, 110
Still, I am not receiving emails. 
3 Likes
Hi @laura,
You should check the logs to know what is going on.
/var/log/exim4/mainlog
But if you receive no mails at all, I suppose it is because you are using 1.1.1.1 as your DNS resolver.
If that is the case you have 4 options:
1.- Use other resolver (that is not being blocked by spamhaus) instead of Cloudflare ones (1.1.1.1, 1.0.0.1).
2.- Install and use your own dns resolver (like Unbound or PowerDNS).
3.- Remove zen.spamhaus.org from /etc/exim4/dnsbl.conf and restart exim (I donât recommend it)
4.- Create a free query key from spamhaus and use it in exim. To do so, check this link
1 Like
I was using Cloudflareâs 1.1.1.1 as DNS resolver.
Now, I changed DNS to Google DNS- The Best Free and Public DNS Servers (2024)
8.8.8.8
8.8.4.4
Still when i send email from âGmailâ to âHestiaCP webmailâ, it is rejecting.
like this;
Message blocked
Your message to [email protected] has been blocked.
Show the output of this command (no output means your dns resolver is not being blocked):
dig 1.0.0.1.zen.spamhaus.org +short
Again, you must check the Exim logs as I said in previous post.
1 Like
I did this:
- SSH into Virtual machine
sudo su -dig 1.0.0.1.zen.spamhaus.org +short
It shows- 127.255.255.254
Then it is being blocked by spamhaus and you wonât receive any mail.
Are you sure you changed your dns?
cat /etc/resolv.conf
1 Like
Yes. I have changes DNS in my Windows laptop (Control Panel > Network and Internet âŚ)
I also rechecked whether I have changed or not in Windows Settings.
When I run this command cat /etc/resolv.conf after SSH into VM, it shows this:
root@panel:~# cat /etc/resolv.conf
This is /run/systemd/resolve/stub-resolv.conf managed by man:systemd-resolved(8).
Do not edit.
This file might be symlinked as /etc/resolv.conf. If youâre looking at
/etc/resolv.conf and seeing this text, you have followed the symlink.
This is a dynamic resolv.conf file for connecting local clients to the
internal DNS stub resolver of systemd-resolved. This file lists all
configured search domains.
Run âresolvectl statusâ to see details about the uplink DNS servers
currently in use.
Third party programs should typically not access this file directly, but only
through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a
different way, replace this symlink by a static file or a different symlink.
See man:systemd-resolved.service(8) for details about the supported modes of
operation for /etc/resolv.conf.
nameserver 127.0.0.53
options edns0 trust-ad
search ap-south-1.compute.internal
No, you must change it in your server.
Show the output of:
cat /etc/systemd/resolved.conf
1 Like
root@panel:~# cat /etc/systemd/resolved.conf
This file is part of systemd.
systemd is free software; you can redistribute it and/or modify it under the
terms of the GNU Lesser General Public License as published by the Free
Software Foundation; either version 2.1 of the License, or (at your option)
any later version.
Entries in this file show the compile time defaults. Local configuration
should be created by either modifying this file, or by creating "drop-ins" in
the resolved.conf.d/ subdirectory. The latter is generally recommended.
Defaults can be restored by simply deleting this file and all drop-ins.
Use 'systemd-analyze cat-config systemd/resolved.conf' to display the full config.
See resolved.conf(5) for details.
[Resolve]
Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
Cloudflare: 1.1.1.1 cloudflare-dns. com 1.0.0.1 cloudflare-dns. com 2606:4700:4700::1111 cloudflare-dns. com 2606:4700:4700::1001 cloudflare-dns. com
Google: 8.8.8.8 dns.google 8.8.4.4 dns.google 2001:4860:4860::8888 dns.google 2001:4860:4860::8844 dns.google
Quad9: 9.9.9.9 dns.quad9. net 149.112.112.112 dns.quad9. net 2620:fe::fe dns.quad9. net 2620:fe::9 dns.quad9. net
DNS=
FallbackDNS=
Domains=
DNSSEC=no
DNSOverTLS=no
MulticastDNS=no
LLMNR=no
Cache=no-negative
CacheFromLocalhost=no
DNSStubListener=yes
DNSStubListenerExtra=
ReadEtcHosts=yes
ResolveUnicastSingleLabel=no
Edit the file and modify
DNS=
to
DNS=8.8.8.8
Save the file and restart systemd-resolved
systemctl restart systemd-resolved
Check again /etc/resolv.conf file, you should see a line with nameserver 8.8.8.8
If you donât see it, show me the output of this command and Iâll show you other way to change it:
systemctl status resolvconf.service
1 Like
Now, it is showing this
DNS=8.8.8.8
FallbackDNS=
Domains=
DNSSEC=no
DNSOverTLS=no
Ok.
Did you run systemctl restart systemd-resolved?
Show:
cat /etc/resolv.conf
1 Like
I run systemctl restart systemd-resolved
root@panel:~# systemctl restart systemd-resolved
root@panel:~# systemctl restart systemd-resolved
root@panel:~# cat /etc/resolv.conf
This is /run/systemd/resolve/stub-resolv.conf managed by man:systemd-resolved(8).
Do not edit.
This file might be symlinked as /etc/resolv.conf. If youâre looking at
/etc/resolv.conf and seeing this text, you have followed the symlink.
This is a dynamic resolv.conf file for connecting local clients to the
internal DNS stub resolver of systemd-resolved. This file lists all
configured search domains.
Run âresolvectl statusâ to see details about the uplink DNS servers
currently in use.
Third party programs should typically not access this file directly, but only
through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a
different way, replace this symlink by a static file or a different symlink.
See man:systemd-resolved.service(8) for details about the supported modes of
operation for /etc/resolv.conf.
nameserver 127.0.0.53
options edns0 trust-ad
search ap-south-1.compute.internal
Show me the output of:
systemctl status resolvconf.service
1 Like
root@panel:~# systemctl status resolvconf.service
Unit resolvconf.service could not be found.
apt install resolvconf
echo 'nameserver 8.8.8.8' >> /etc/resolvconf/resolv.conf.d/head
resolvconf -u
systemctl restart resolvconf
After that check again /etc/resolv.conf
cat /etc/resolv.conf
3 Likes
root@panel:~# cat /etc/resolv.conf
Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
DO NOT EDIT THIS FILE BY HAND â YOUR CHANGES WILL BE OVERWRITTEN
127.0.0.53 is the systemd-resolved stub resolver.
run âsystemd-resolve --statusâ to see details about the actual nameservers.
nameserver 8.8.8.8
nameserver 127.0.0.53
search ap-south-1.compute.internal
options edns0 trust-ad
Great.
Now check again with dig:
dig 1.0.0.1.zen.spamhaus.org +short
If no output all should be good, try to send a mail to your server.
1 Like
no output. sending mail to serverâŚ
1 Like
yes. i am getting email. thanks a lot.
can you explain in short what you were telling?
i have no idea what i was doing.