Need email help

bksales · May 25, 2022, 8:32pm

I have a test server on Vultr and it’s no longer able to email voicemails out automatically. I can manually send an email just fine from the command prompt, so I’m wondering if this is a postfix issue.

Not sure where to look. So far I’ve tried

buying a domain from godaddy for $2.99, adding it to Vultr, and telling godaddy to use the Vultr NS servers.
set the from address in voicemail admin and the one setting in Advanced settings.
I checked /etc/postfix/main.cf and saw it was not changed there so I manually set the myhostname and mydomain fields
restarted postfix and asterisk for good measure
checked that reverse dns lookup is working
verified the domain with google (added the txt record to Vultr and made sure Google accepted it)
mailq shows empty

What I get now is that voicemails to a gmail account bounce and while others do not show a bounce in the mail log they just never get delivered. Manually sending emails to non-gmail accounts from the command prompt still works, gmail still gets bounced.

PBX Version: 15.0.23
PBX Distro: 12.7.8-2203-2.sng7
Asterisk Version: 16.24.1

Suggestions welcomed.

bksales · May 25, 2022, 8:38pm

This is from the mail log (with domains removed):

May 25 11:24:14 pbx postfix/qmgr[29820]: 4C7083059D22: from=[email protected], size=592098, nrcpt=4 (queue active)

May 25 11:24:15 pbx postfix/smtp[5294]: 4C7083059D22: to=[email protected], relay=domain1.mail.protection.outlook.com[104.47.73.10]:25, delay=1.2, delays=0.19/0.07/0.21/0.74, dsn=2.6.0, status=sent (250 2.6.0 [email protected] [InternalId=63114544424521, Hostname=SA0PR17MB4267.namprd17.prod.outlook.com] 600531 bytes in 0.166, 3513.634 KB/sec Queued mail for delivery)

May 25 11:24:16 pbx postfix/smtp[5297]: 4C7083059D22: to=[email protected], relay=domain2.mail.protection.outlook.com[104.47.58.110]:25, delay=2.3, delays=0.19/0.12/0.34/1.7, dsn=2.6.0, status=sent (250 2.6.0 [email protected] [InternalId=1816771174993, Hostname=PH7PR01MB7653.prod.exchangelabs.com] 600644 bytes in 0.437, 1341.562 KB/sec Queued mail for delivery)

I noticed that it’s sending from [email protected] when sending a voicemail notification, but it sends from root when done from the command prompt. Cant imagine that’s my issue, but maybe that’s worth changing?

dolesec · May 25, 2022, 9:06pm

if you’re using office 365 use direct send , thats my advice or something like SES or smtp.com

in its simplest form direct send has some caveats like only being able relay mail to addresses in the tenant domains - most instances this is fine

see option 2 below
How to set up a multifunction device or application to send email using Microsoft 365 or Office 365 | Microsoft Docs

bksales · May 25, 2022, 9:20pm

Thanks. Need to do some reading on how to authenticate myself to send via Microsoft

adell4444 · May 25, 2022, 9:23pm

Based on the maillog you posted it looks like mail is sending properly using your Microsoft direct send. You can see your specific microsoft domain over port 25 and getting a status 250 sent in return. This is normal.

Run a message trace for sent emails from the mailbox you are using to send and see what is happening. Then look at the recipient side and do the same thing.

bksales · May 26, 2022, 6:36pm

I see them as quarantined. Would be nice to have some more info from Microsoft as to exactly why this is happening.

sholinaty · May 26, 2022, 7:26pm

does your email /dns admin have DMARC /DKIM / SPF set up?
could be your PBX is just failing to auth the mail properly.

adell4444 · May 26, 2022, 7:48pm

When using direct send through your Office 365 tenant make sure you have a connector for the IP address of your FreePBX server. This will allow your SPF (assuming it is correct) to auth the emails.

bksales · May 26, 2022, 7:51pm

DMARC and DKIM no, SPF yes apparently. Something to look into.

sholinaty · May 26, 2022, 7:54pm

if theres no DMARC (quarantine / reject), you arent bouncing due to DKIM/SPF typically.

and your SPF record passed its check, so that should be fine.

bksales · May 26, 2022, 8:28pm

Dumb question, but do I need to create the dmarc txt record at Vultr or in Office 365?

sholinaty · May 26, 2022, 8:31pm

you honestly shouldnt mess with it if you arent ready.

you’d set up SPF / DKIM records at wherever your DNS is hosted (godaddy?)
you’d have to configure your SENDING service to handle DKIM properly,
you’d have to configure DNS to be SPF compliment
then you could start messign with DMARC (that just basically tells receiving servers what to do if DKIM/SPF checks fail.)

but you don’t appears to have DMARC set up
so you didn’t fail due to DMARC
so that is unlikely to be your issue

bksales · May 31, 2022, 6:36pm

I saw in the o365 quarantine logs that the email coming from [email protected] traces back to [email protected], so I changed the serveremail (Server Email in Voicemail admin) back to [email protected] to see if that will help. Now I can’t restart postfix. Not sure if I broke something.

toborgps · June 1, 2022, 9:29am

Not sure if this is applicable here - but Vultr blocks email servers by default. Might be worth requesting them to unblock those ports. Again not sure if that will benefit anything - but can’t hurt to rule it out.

bksales · June 1, 2022, 8:55pm

Thanks. I dont think that’s what’s going on here since my messages do get out, they’re just getting bounced back by Google and quarantined by Microsoft.

FernandoM · June 13, 2022, 5:58pm

On Gmail, do you have the app password or using the emial password?

bksales · June 13, 2022, 7:37pm

Neither. Just made some tweaks to the spf record at Vultr and now emails are at least getting through Microsoft, still bouncing from Google. Probably need to update the record to include Google as well. Not sure what else to try.

system · July 14, 2022, 7:37pm

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.