Hello Community,

I have an Nethserver v8 installed and an nethsecurity v8 installed.

my current goal is that i want to get emails throught Hetzner(outside) into my Nethserver mail1 application, i have several ports open like 25,143 and 587, ive put dns entries in hetzner with mail.xxxx.xx which is configured in my mail1.

I have a webtop running where i currently cant send, nor receive emails, UNLESS i create the specific hetzner email, then i can send emails from my webtop, but thats not my goal i want to do everything from inside my nethserver.

any help is appreciated i can send logs or test if u tell me where, thanks alot for your time!

You would need to setup at least an A wildcard record “*.domain.tld” pointing to the NS8 IP and an MX record to declare your mailserver. Check out this wiki page for more information about needed DNS records for mail.

You can check your mail server and the DNS records at https://mxtoolbox.com/

I got an A record on Hetzner with mail.xx and my public ip and webtop.xx on my public IP,

when i go to my public IP i see this error message right here:

• OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS LOGINDISABLED] Dovecot ready.
  GET BAD Error in IMAP command received by server.
  Host: BAD Error in IMAP command received by server.
• BYE Too many invalid IMAP commands.

ON my Port Forwards in my Firewall i have 25,143,587, 443, 80, 110, 993 and 995.
An MX is also configured on my Hetzner DNS to mail.xxx

As Markus stated, you also need to point an MX record to the IP address of your NS8 mailinstance

you mentioned you did that, so please start troubleshooting mail traffic using a tool like mxtoolbox

does your mail / MX record resolve from the outside?

To add to what Rob said, make sure all your external DNS is working with mxtoolbox or similar. If that all checks out I would suggest looking at the second line in your error message.

It seems you’re using telnet to connect to port 143 which doesn’t work as you need to use STARTTLS to enable login or you connect to port 993 using TLS

i fixxed it now by using the mxtool website and now ive got everything authenticated on there, my problem now is that i can send and receive emails, but only from gmails right now, no other email services…

That’s interesting as usually mailing is working and gmail needs special care like working SPF, DKIM etc…

Just to exclude missing IPv4/IPv6 issues, could you please check /etc/hosts if the localhost entries (127.0.0.1, ::1) are correct, see also One NethServer environment cannot send email - #6 by mrmarkuz

Could you please share the mail app logs when sending/receving is not working to get the error?

Did you set right identities for sending with other accounts than gmail? For example you can’t send via gmail using the mail address “user@outlook.com”.

127.0.0.1 localhost

commented by set-fqdn #127.0.1.1

The following lines are desirable for IPv6 capable hosts

::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
127.0.0.1 cluster-leader
10.5.4.1 cluster-localnode
127.0.1.1 z1.gradi-consulting.de z1

This is the mail system at host mail.gradi-consulting.de.

I’m sorry to have to inform you that your message could not
be delivered to one or more recipients. It’s attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

               The mail system

xxx@witt-solutions.de: host www220.your-server.de[188.40.30.77] said:
550-Verification failed for xxx@gradi-consulting.de 550-Unrouteable
address 550 Sender verify failed (in reply to MAIL FROM command)

It seems the Hetzner smarthost www220.your-server.de is still used.
Please check the Relay settings in the cluster-admin, there should be no rule:

grafik1879×1080 86.8 KB

Maybe helpful info: