Need email help

I have a test server on Vultr and it’s no longer able to email voicemails out automatically. I can manually send an email just fine from the command prompt, so I’m wondering if this is a postfix issue.

Not sure where to look. So far I’ve tried

  • buying a domain from godaddy for $2.99, adding it to Vultr, and telling godaddy to use the Vultr NS servers.
  • set the from address in voicemail admin and the one setting in Advanced settings.
  • I checked /etc/postfix/ and saw it was not changed there so I manually set the myhostname and mydomain fields
  • restarted postfix and asterisk for good measure
  • checked that reverse dns lookup is working
  • verified the domain with google (added the txt record to Vultr and made sure Google accepted it)
  • mailq shows empty

What I get now is that voicemails to a gmail account bounce and while others do not show a bounce in the mail log they just never get delivered. Manually sending emails to non-gmail accounts from the command prompt still works, gmail still gets bounced.

PBX Version: 15.0.23
PBX Distro: 12.7.8-2203-2.sng7
Asterisk Version: 16.24.1

Suggestions welcomed.

This is from the mail log (with domains removed):

May 25 11:24:14 pbx postfix/qmgr[29820]: 4C7083059D22: from=[email protected], size=592098, nrcpt=4 (queue active)

May 25 11:24:15 pbx postfix/smtp[5294]: 4C7083059D22: to=[email protected],[]:25, delay=1.2, delays=0.19/0.07/0.21/0.74, dsn=2.6.0, status=sent (250 2.6.0 [email protected] [InternalId=63114544424521,] 600531 bytes in 0.166, 3513.634 KB/sec Queued mail for delivery)

May 25 11:24:16 pbx postfix/smtp[5297]: 4C7083059D22: to=[email protected],[]:25, delay=2.3, delays=0.19/0.12/0.34/1.7, dsn=2.6.0, status=sent (250 2.6.0 [email protected] [InternalId=1816771174993,] 600644 bytes in 0.437, 1341.562 KB/sec Queued mail for delivery)

I noticed that it’s sending from [email protected] when sending a voicemail notification, but it sends from root when done from the command prompt. Cant imagine that’s my issue, but maybe that’s worth changing?

if you’re using office 365 use direct send , thats my advice or something like SES or

in its simplest form direct send has some caveats like only being able relay mail to addresses in the tenant domains - most instances this is fine

see option 2 below
How to set up a multifunction device or application to send email using Microsoft 365 or Office 365 | Microsoft Docs

Thanks. Need to do some reading on how to authenticate myself to send via Microsoft

Based on the maillog you posted it looks like mail is sending properly using your Microsoft direct send. You can see your specific microsoft domain over port 25 and getting a status 250 sent in return. This is normal.

Run a message trace for sent emails from the mailbox you are using to send and see what is happening. Then look at the recipient side and do the same thing.

I see them as quarantined. Would be nice to have some more info from Microsoft as to exactly why this is happening.

does your email /dns admin have DMARC /DKIM / SPF set up?
could be your PBX is just failing to auth the mail properly.

When using direct send through your Office 365 tenant make sure you have a connector for the IP address of your FreePBX server. This will allow your SPF (assuming it is correct) to auth the emails.

DMARC and DKIM no, SPF yes apparently. Something to look into.

if theres no DMARC (quarantine / reject), you arent bouncing due to DKIM/SPF typically.

and your SPF record passed its check, so that should be fine.

Dumb question, but do I need to create the dmarc txt record at Vultr or in Office 365?

you honestly shouldnt mess with it if you arent ready.

you’d set up SPF / DKIM records at wherever your DNS is hosted (godaddy?)
you’d have to configure your SENDING service to handle DKIM properly,
you’d have to configure DNS to be SPF compliment
then you could start messign with DMARC (that just basically tells receiving servers what to do if DKIM/SPF checks fail.)

but you don’t appears to have DMARC set up
so you didn’t fail due to DMARC
so that is unlikely to be your issue

I saw in the o365 quarantine logs that the email coming from [email protected] traces back to [email protected], so I changed the serveremail (Server Email in Voicemail admin) back to [email protected] to see if that will help. Now I can’t restart postfix. Not sure if I broke something.

Not sure if this is applicable here - but Vultr blocks email servers by default. Might be worth requesting them to unblock those ports. Again not sure if that will benefit anything - but can’t hurt to rule it out.

Thanks. I dont think that’s what’s going on here since my messages do get out, they’re just getting bounced back by Google and quarantined by Microsoft.

On Gmail, do you have the app password or using the emial password?

Neither. Just made some tweaks to the spf record at Vultr and now emails are at least getting through Microsoft, still bouncing from Google. Probably need to update the record to include Google as well. Not sure what else to try.

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.