Gmail hates me now

Hi all,
first post.
Trying mail-in-a-box and trying to get it to work. I’ve followed the docs as carefully as I could.
All worked great for about a week and then emails to gmail not only don’t go to gmail spam, they get bounced back. Now this is happening to lots of sent mails to all other domains I send to. Basically I can’t send email to anyone. Lots of “Connection timed out”. Seems I’m receiving ok. But this worked great for a week.

My setup is on AWS (Amazon web services). Stock standard Ubuntu server 18. Then I updated/patched it all. Then loaded MIAB. All pretty standard. I have all the ports open that are required. however System Status Checks report :heavy_multiplication_x: Incoming Mail (SMTP/postfix) is running but is not publicly accessible at 52.63.192.134:25.

mxtoolbox(dot)com reports my two domains, goodlets(dot)com and icafe(dot)com(dot)au are all good. No blacklist. I’ve even tried to get into the gmail postmaster tools page (postmaster(dot)google(dot)com/u/0/managedomains) and get the txt record which i’ve added to my dns records, still nothing. I can’t figure out why gmail and now lots of other domains are simply rejecting my email. I’ve put every recommended dns record in there.

mxtoolbox(dot)com check on 52.63.192.134 my ip reports all good and even reports Connecting to 52.63.192.134… 220 box(dot)goodlets(dot)com ESMTP Hi, I’m a Mail-in-a-Box (Ubuntu/Postfix; see https:// mailinabox(dot)email/) [1819 ms]

What am I doing wrong or how do I troubleshoot this further? I don’t know what else to do?
Thanks in advance.
(i’ve put (dot) in place of .)

1 Like

Welcome to the “Gmail hates me” club @Bendo You are in good company.

I think that I see a couple of possible issues but at the moment I don’t have time to troubleshoot for you. I will get back with you later today.

Have you contacted AWS and requested them to unblock port 25 so that you can run an email server? AWS requires this. @Bendo

The second issue - and this is absolutely the big issue. You have NOT requested AWS to set the rDNS (PTR record) for your MiaB instance. I am showing that it is:

ec2-52-63-192-134.ap-southeast-2.compute.amazonaws.com

but needs to be

box.goodlets.com

The third issue is that you’re trying to run a mail server on AWS … their IP ranges are blocked by many because of spammers. I am working with someone else right now to find a solution … and it looks like that solution may be an inexpensive SMTP relay that I have developed OR simply not using AWS for MiaB installations.

Search here for pupsncats. He has a tutorial for MiaB on AWS Lightsail.

Ok this is supposed to be easy. What am I missing. I’ve following the pupsncats but below is what I’m getting…

Standard miab setup with ufw…
ufw status
Status: active

To Action From


22/tcp ALLOW Anywhere
53 ALLOW Anywhere
25/tcp ALLOW Anywhere
587/tcp ALLOW Anywhere
993/tcp ALLOW Anywhere
995/tcp ALLOW Anywhere
4190/tcp ALLOW Anywhere
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
22/tcp (v6) ALLOW Anywhere (v6)
53 (v6) ALLOW Anywhere (v6)
25/tcp (v6) ALLOW Anywhere (v6)
587/tcp (v6) ALLOW Anywhere (v6)
993/tcp (v6) ALLOW Anywhere (v6)
995/tcp (v6) ALLOW Anywhere (v6)
4190/tcp (v6) ALLOW Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)

Lightsail Firewall allow
Application, Protocol, Port range,
All TCP+UDP, ALL, 0 - 65535,

System Status Checks

:heavy_multiplication_x: Incoming Mail (SMTP/postfix) is running but is not publicly accessible at 13.211.62.28:25.

I mean, shouldn’t it be accessible even without DNS setup?
Shouldn’t port 25 be open now?

However https://mxtoolbox.com states the following…
Connecting to 13.211.62.28
220 box.goodlets.com ESMTP Hi, I’m a Mail-in-a-Box (Ubuntu/Postfix; see https://mailinabox.email/) [2640 ms]
EHLO keeper-us-east-1b.mxtoolbox.com
250-box.goodlets.com
250-PIPELINING
250-SIZE 134217728
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8 [797 ms]
MAIL FROM:supertool@mxtoolbox.com
250 2.1.0 Ok [828 ms]
RCPT TO:test@mxtoolboxsmtpdiag.com
554 5.7.1 test@mxtoolboxsmtpdiag.com: Relay access denied [1156 ms]
LookupServer 5937ms

So why does System Status Checks state that it is not publicly accessible when mxtoolbox says it is?
Or is it just AWS will not allow any port 25 even when it says it is open?
Any pointers appreciated but I’ll go over the pupsncats again…
Thanks

I don’t know anything about AWS, but when I had MiaB on my residential connection, MiaB would only see the local connection status and not the firewall WAN connection, thus would incorreclty report all kinds of issues related to DNS. I gave up on trying to fix it as the server otherwise performed flawlessy.

There is info here in discourse

Search for AWS port 25

It would normally be, yes. But AWS blocks it. Their docs say that they only block outgoing, but you are not the first to have this issue. Have you contacted their support to request that the block be removed?

They probably connect on the secure port 587.

1 Like

Hi, this is David aka pupsncats who made the tutorial for AWS Lightsail.
First, do you have the firewall open on AWS? You may have UFW open but if you don’t have AWS firewall open then it’s a no go. My preference I open all ports on the AWS EC2 instance/lightsail instance. Then let UFW/MailInABox handle the ports that need to be open.

Second, you need to let AWS know that your instance is an email server and that you need port 25 open. They will allow a few test emails to go through but they will shut you done if you don’t inform them what you are doing. You also need to let them know to set your reverse DNS at the same time…AND…check to make sure they do it. Many times they forget. Check it after a few days.

I think those are your problems. Super simple to fix. And Mail In A Box is super easy. Amazon AWS just requires a few extra steps.

Feel free to message me if you need help. I most likely won’t respond until tomorrow night or until Wednesday as I friends visiting right now and I have to take them to Denver tomorrow.

Good luck!
David

I used pupsncats guide to set up an email server in Lightsail about 11 months ago. I had to send them the rDNS form the second time, before things were working correctly. They must have to manually adjust things.

I just setup another MiaB at IntoVPS. The server is in Cluj, Romania. $3/mo 2gig ram and 20gig SSD. No issues at all. Tip of the hat to Alento.

Dennis

Here is the link to the form that you need to fill out for Amazon AWS port 25 restriction and reverse dns
https://aws.amazon.com/premiumsupport/knowledge-center/ec2-port-25-throttle/

Here is how to open the Lightsail firewall for your instance. This is the video I created. Goto timecode 14:12
https://www.youtube.com/watch?v=CUaNRKZCk38

I created a mailserver several days back on AWS but I did not have to open port 25 in a special way. I simply went to my firewall and enabled incoming for port 25. However, I too faced the weird issue of getting blacklisted IPs from AWS. It seems that most of their IPs are all bad.

@alento, do you have a solution to this? it seems like you know a several. Would you have some time to paste some links to them? Do you recommend a particular provider/s for mailinabox with whom we will be able to proceed with least trouble?
Thanks

@Isuru Yes, I do have a solution to this problem. At least to the problem of getting email to the recipient’s server. The problem of email being discarded by providers due to their internal spam policies is only solvable by not using those providers. So, what I am saying is that no solution is 100% as there are factors outside of the solutions control.

So, in response to issues I have dealt with on Slack, and my own personal issues, I have created an affordable SMTP relay. Please PM me with your email address and I will send you more information if you so desire.

1 Like

Hi all,
well eventually AWS removed the restriction on port 25. Now gmail likes me. I can email test emails back and forth from gmail.

Strange as when I first set up MIAB two months ago, test emails back and forth to gmail worked. Then after about a week they stopped. So I think that the port 25 restriction happens AFTER you start using port 25 rather than a blanket restriction to start with. They must detect it and block it when it happens. Hence my confusion as to why emails suddenly stopped working.
Eventually AWS allowed me to have port 25 open. I asked it for my account rather than the IP address because if you delete and recreate the instance or lightsail instance, you will get a new and different IP address. So pointless getting them to lift restrictions per IP address.

I followed the link provided to request port 25 to be unblocked but eventually they were responding to my gmail emails rather than inside the AWS support portal. Strange.

I had to give a business case to AWS as to why I wanted port 25 open and what measures was I going to implement to not send spam from my instance. I replied that it was a personal email server for internal emails only. As to what measures I said that as I haven’t actually used MIAB for email except for about a week, then I didn’t know too much about it to say what measures it has to reduce spam! How can I know much about a product if I am unable to use it?

Anyway if the MIAB powers that be have a documentation page, I’ll be happy to add something to it about how to get around AWS restrictions. I think it needs to be front and center that hosting providers like AWS block port 25. MIAB may well lose many users due to port 25 not working and no one knowing that providers block port 25… even any time after you start using it. New users may blame MIAB somehow.

Thanks everyone for your help and input. I’ll now proceed to getting other MAIB stuff working. Keep up the good work.