Applicable to:
- Plesk for Linux
Symptoms
- Plesk Obisidian running on a Linux-based operating system
-
Emails sent through a mailing list (mailman) to external mailboxes (Gmail, Outlook, Yahoo!, etc.) are not received
-
The messages do not appear to be leaving the Plesk server and one of the following error messages appears in
/var/log/maillog
:NOQUEUE: reject: RCPT from localhost[::1]: 454 4.7.1 list@example.com: Relay access denied;
from=list@example.com to=john_doe@example.net proto=ESMTP helo=<mail.example.com>
NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 554 5.7.1
-
One of the following error messages appears in
/var/log/mailman/smtp-failure
:delivery to list@example.com failed with code -1: Server not connected
delivery to john_doe@example.com failed with code -1: [Errno 104] Connection reset by peer
delivery to john_doe@example.com failed with code 553: sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
Cause
The localhost IPv4 and IPv6 address ranges are not whitelisted within the mail server settings.
Resolution
Warning: To use mailing lists, you need to have localhost (IP ranges 127.0.0.0/8
and ::1/128
) in the mail server's white list. However, to use outgoing mail control, you should not have localhost in the mail server white list. As a compromise, you can use mail forwarding on the mailbox instead of mailing lists.
The localhost IPv4 range 127.0.0.0/8
and IPv6 range ::1/128
must be added to the mail server white list in order for mailman to function as expected:
Warning: By applying the following solution, any set limits on outgoing mail will stop working and this is expected.
-
Go to Tools & Settings > Mail Server Settings > White List
-
Press Add Network > add
127.0.0.0/8
to the IP address/mask field -
Press Add one more > enter
::1/128
to the IP address/mask field -
Press OK
- The end result should appear as follows:
In case the records exist already and the issue is still present, you must run the following command in order to reapply the currently defined mail server configuration:
# plesk repair mail -y
Mailman Limitations:
- By default, the Mailman web interface in Plesk is secured with a self-signed SSL/TLS certificate. It protects the connection but triggers a self-signed SSL/TLS certificate warning. You can safely ignore the warning when you access the Mailman web interface. At the moment, it is not possible to secure the Mailman web interface with a valid SSL/TLS certificate.
- At the moment, Mailman does not support ARC headers, therefore emails sent via Mailman cannot pass ARC checks. Some mail services (for example, Gmail) may treat such emails as unauthenticated.
- The operating system dist-upgrade (for example, from Debian 10 to Debian 11) requires manual actions to upgrade to Mailman 3
Comments
0 comments
Please sign in to leave a comment.