Mail works only internally

My YunoHost server

Hardware: Rackserver - VM
YunoHost version: (stable).
I have access to my server : Through SSH | through the webadmin | direct access via keyboard / screen | …
All of the above
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no
If yes, please explain:

Description of my issue

Email doesn’t seem to send externally only internal i.e. from my wp site to an server internal email adres works fine, but from my site to any other domain or from any mail application like round cube to some other domain nope…

Things I did, changing the mx rule to the CORRECT values (for some reason YunoHost keeps nagging about that). Also I did de reverse DNS :wink:


Hmmmmokay, does the diagnosis complains about anything in particular that would sound related to email …?

Naively I would investigate by :

  • starting the command tail -f /var/log/mail.{info,warn,err} … this command will display the last line in corresponding files AND (most importantly) hang and display new incoming line … keep this running in one terminal (don’t Ctrl+C until you’re done with next steps)
  • try to send an email like you would usually do
  • wait for stuff to show up in the terminal from step 1
  • … and then we need to analyze what’s going on in that log …

Well it complains about the DNS records which are set correctly.

Just stupid right?!

Also when trying to send an e-mail using Roundcube, the postmaster gives a;
smtp; 550 Bad HELO - Host impersonating domain name!

The current values and the expected values are note the same, there is " " in the middle of your DKIM key in your DNS record that shouldn’t be here and that should explain why your mails are refused. Correcting that should correct your issue.

1 Like

could you point it out I don’t seem to see it…

1 Like

How the heck, this does not compute in my brains, look at the dns record below. there is no extra "…
it’s not a bug, it’s a feature… or is it a bug?

Hmpf idk, indeed there’s no space in your screenshot but who knows maybe that’s your registrar doing some funky stuff…

Hmm yeah, soon we will be our own registrar… For now I’ve send them a link to this topic so they can answer it eventually.

(To be clear I can confirm the issue using a dig +short TXT mail._domainkey.thedomain.tld)

The response form the registrar,

Hi Shaady,

It’s correct in your DNS that I’ve been able to confirm, you can also do your DKIM check via this check (Tools - and that matches 1/1 of what you entered in DirectAdmin with your TXT record:
“v=DKIM1; h=sha256; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4W3rV2RHY9Ad8/3r5AXkdXf77HklXU4 LxjoVgKp+XL5r/2LuUFra7rrtLB79iSbV78Hhu1mDPnxK66Zu0QhX8xSaonVAWFSJ+cmZBEx3MlKw2ulmgVoy6hLpvdYwEZNQo6wIDAQAB”

With us in the DNS:
“v=DKIM1; h=sha256; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4W3rV2RHY9Ad8/3r5AXkdXf77HklXU4 LxjoVgKp+XL5r/2LuUFra7rrtLB79iSbV78Hhu1mDPnxK66Zu0QhX8xSaonVAWFSJ+cmZBEx3MlKw2ulmgVoy6hLpvdYwEZNQo6wIDAQAB”

Because many TXT records are very long they are sometimes automatically broken down by the clients who read out the characters that are named in that topic, but the output MUST always be the same with such lookups otherwise the soup does indeed run. Whatever the case now, at least I see that in your screenshots but that’s totally contradictory what I see in back as our dns and look at that check.


Sjoerd Klein Meulekamp

Zblerg wokay … supposedly the code already handle the fact that records might be in several pieces … but wokay lemme double check that …

Not sure when I will have the time for this so don’t hesitate to re-poke me if i forget about it