System emails going to spambox [newbie questions]

Hi there, it seems to me that I am configuring hestia incorrectly when it comes to the initial configuration regarding DNS’s. I am very beginner in these matters, so I am very much asking for gentle tratings :slight_smile:

My configuration, I did not move anything, I pasted as it was in the standard: Install | Hestia Control Panel
Before installation, at my domain provider I set glue records (I have one IP address on the VPS both ns I set to one IP, if that makes any difference), also I set glue for ns1.hostname.ltd and ns2.hostname.ltd, I set ptr to panel.hostname.ltd, I set in hostname and hosts panel.hostname.ltd (ubuntu 22 LTS). After the installation I didn’t have SSL for the panel yet, of course, because I was going to use lets encrypt for everything. I logged in, checked that the ns-child package had the correct NS, then without moving the admin account, I created an new account (I set it as ns-child) for the same domain in the sense without the panel prefix and installed run mail and DNS there, I also added the A record for “panel” prefix, rebooted the machine, then ran the v-add-letsencrypt-host command and everything seemed to work (panel, webmails etc had ssl), emails sent from the webmail arrive in the inbox e.g. gmail not in spam.

Now I will describe the problem, hestia system emails go to spam, what could be the reason for this? What I’ve noticed is that informational emails, that is, sent by hestia, go to spam, while a newly created mailbox in that domain (but without prefix panel) normally appears in the inbox in gmail there is only problem with hestia’s service mails, I’ve tested this in many ways, I don’t want to use smtp or relay. There must be a configuration error somewhere, something I did wrong:(
The only thing I see is that those invalid headers of emails from hestia that go from spam ( from panel.domain.ltd) have that header in gmail:

Received-SPF: none (google.com: panel.domain.ltd (hostname) does not designate permitted sender hosts) client-ip=IP OF VPS;
Authentication-Results: mx.google.com;
spf=none (google.com: panel.domain.ltd (hostname) does not designate permitted sender hosts) [email protected] (hostname);
dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=QUARANTINE) header.from=domain.ltd
Received: from admin by panel.domain.ltd (hostname) with local (Exim 4.95)

I also read the topic in the docs about master>slave clustering, but from what I understand I would have to have, in addition to the main server, two separate VPS servers with different IPs to set this up? Unfortunately I only have one VPS so it won’t work. Does this go along with these additional two servers?

You have not defined the right records (SPF, DMARC DKIM and maybe MX record and A records for mail.panel.domain.ltd and webmail.panel.domain.ltd) for panel.domain.tld, You could add panel.domain.ltd as mail domain and once created, click on the fourth icon that you will see when hover on the name of the mail domain and click DNS Records and you will see the info you should use in your DNS hosting.

1 Like

But did I even do it correctly from the beginning? Admin account, the main one, there in the user tab (System administrator) package system, when I go to this account there are no records neither dns nor mail, it is only in the web tab panel.domain.ltd and in green certificates, I can’t here on the admin end also add the email [email protected], first I get a red message that I better add a user, but I click “continue”, I enter the email panel.domain.ltd and getting error: Error: mail domain panel.domain.tld doesn’t exist
when I try to add dns zone panel.domain.ltd on System administrator account it pops up Error: Unable to add panel.domain.ltd belongs to a different user.

On the other hand, when I try to add email on this second domain.tld account (where I gave in DNS prefix A for panel) that is hostname without prefix account, I get the message: Error: mail domain panel.domain.ltd doesn’t exist.

In addition, when I create a new account with a new domain, which I delegate to ns1.domain.tld and ns2.domain.tld, add a page via web I select mail and DNS, the mail record looks like this: mail.newdomain.tld

I think I messed something up do you have any advice for me?

I don’t use DNS server provided by HestiaCP so I don’t know what HestiaCP does or doesn’t do regarding DNS server.

If you have added domain.tld to another user, add the mail for panel.domain.tld to that user or you could change this option: Server settings -> Configure -> Security -> Policies -> Domains/Enforce subdomain ownership and change yes to no but better if you add the mail for panel.domain.tld to the other user, it is a security risk to use admin user.

In “Settings” → White label you are able to alter the email used for sending the out going mail.

Make sure you have added you server ip to the spf records in your DNS.

Other option is to use:

And use an smtp / other mail server for sending the email

@eris Unfortunately, the same thing continues, I can’t figure out what I’m doing wrong still in spam box.

Check /var/log/exim4/mainlog and see why it happens. It maybe because the sending ip is not whitelitested

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.