Domain webmail unable to receive or send emails,

Got the reply from Siteground support as below:

Upon careful examination by our system administrators, it has been determined that the root of the issue lies with the DNS records currently managed by Cloudflare. It appears that your DNS MX records are not resolving consistently, which is contributing to the email difficulties you’re experiencing.

Regarding the issue with incoming mail, our tests confirm that the email service for your domain is functioning properly internally. However, we’ve noticed that test messages sent to [email protected] from external services like Gmail are not reaching our servers. This indicates that the issue may stem from recent changes to your domain’s DNS records or a possible DNS misconfiguration at Cloudflare.

Could anyone assist on resolving related issues? Much appreciated.

Name of the Domain is as follows:

You have an MTA-STS policy that does not allow emails to be sent to the Siteground mail servers.

dig +short _mta-sts.them.co.com txt
"v=STSv1; id=20240504T153000;"
version: STSv1
mode: enforce
mx: *.mx.cloudflare.net
max_age: 86400

https://mta-sts.them.co.com/.well-known/mta-sts.txt

Either fix your broken configuration, or delete the _mta-sts DNS record if you don’t know how to change the configuration.

2 Likes

Hi Laudian,

Much appreciated for your assistance, yes MTA-STS policy is setup lately, by the tutorial and recommendations provided by Siteground. By adding that and scanning on domain on https://easydmarc.com/ the outcome turns into 10/10 “Risk Assessment Level: Low”

Could you please suggest solutions to fix the configuration? Or simply delete the _mta-sts DNS would be most pratical, thank you!

In your mta-sts policy file, you have mx: *.mx.cloudflare.net. That means only Cloudflare MX servers are allowed to receive emails for your domain. But your MX records are these:

dig +short them.co.com mx
30 mx30.antispam.mailspamprotection.com.
10 mx10.antispam.mailspamprotection.com.
20 mx20.antispam.mailspamprotection.com.

See here for a test:
https://mxtoolbox.com/SuperTool.aspx?action=mta-sts%3athem.co.com&run=toolpage

So your policy file should look like this:

version: STSv1
mode: enforce
mx: mx30.antispam.mailspamprotection.com
mx: mx20.antispam.mailspamprotection.com
mx: mx10.antispam.mailspamprotection.com
max_age: 86400

When you update the policy file, you should also update your _mta-sts DNS record with the current date/time, so that mail servers know you have a new mta-sts policy.

1 Like

Dear Laudian,

Could you please run again the diagnostics and see if all settings are fixed now? Much appreciated for your assistance,

Best,
Mark

You still have an _mta-sts record, but your policy is no longer available. This will not work.

seems to be working on my side, maybe is because of the DNS record has just been setup? Not sure if it has been properly setup.

But the function of receiving / sending email seems still not working… not sure what went wrong:(

I’ve just sent a test email to you and it seems to be working now:

May 11 14:40:35 istnice postfix/smtp[781410]: DD2AD4B80063: to=<[email protected]>, relay=mx10.antispam.mailspamprotection.com[34.149.79.66]:25, delay=13, delays=1.2/0.01/3/8.6, dsn=2.0.0, status=sent (250 OK id=1s5m1f-00000002hZ4-1G1b)

You also have a mail DNS record that is proxied. You will need to change that record to DNS-Only.

Hi Laudian,

Thank you so much for helping out, have done all means you’ve mentioned.

The mail seems to be functioning normal, somehow emails sent from GOOGLE has all been rejected, it couldn’t go through from Gmail, but other systems, which is very weird :frowning:

Systems that don’t use MTA-STS would have worked, while systems that do use it would have refused to send emails to you. That’s what MTA-STS is supposed to do after all.

My own test email was rejected (or rather, refused to send) earlier and did work now.

So after all, is it recommended not to setup MTA-STS? Since Google is quite a popular system used by most users, or could it be bypassed by adding up addition rules or so on?

Setting up MTA-STS is good if you do it correctly. Your configuration was incorrect, and that’s why it did not work.

It all looks good now though, so sending emails from Gmail should also work now (or soon).

1 Like

Thank you for all supports given, really helped out. Will wait for 24 hrs and see if Google started to come through, if not will also share the results with you! Have a good day Laudian!

Dear Laudian,

I hope this message finds you well.

Truly appreciated your help, the email works perfectly now, both sending and receiving by Google system, now figuring out the possible solutions to send with Signatures, sending with signatures seems to lead to another block if using domain webmail. Will share with you once there is any suggest solutions provided by Siteground, thank you!

Best,
Mark

A post was split to a new topic: Unable to receive or send emails