Unable to receive email from gmail on my VDS

Victor Polevoy asked:

I am using mailu (docker mail server) as all-in-one mail server solution: pop3/imap/smtp with web-interface and so on. I can send emails from my vds to any other email and I can send email from one mailbox to another one using the same server (like, from [email protected] to [email protected]). However, when I send a text from gmail (or any other mail server outside my vds) my webserver is not contacted at all and I have “recipient not found” message then. This happens from time to time and I don’t know the reason for it.
My domain is thefx.co and it has all needed records:

$ dig @ thefx.co mx

; <<>> DiG 9.13.3 <<>> @ thefx.co mx
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45588
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 512
;thefx.co.          IN  MX

thefx.co.       1799    IN  MX  0 thefx.co.
thefx.co.       1799    IN  MX  10 mailstore1.secureserver.net.
thefx.co.       1799    IN  MX  1 smtp.secureserver.net.

;; Query time: 66 msec
;; WHEN: Sat Oct 27 18:34:54 MSK 2018
;; MSG SIZE  rcvd: 117

And the domain is accessible of course. But sometimes (and now also) other mail servers can’t reach mine:

If I test my mailbox (for example, [email protected]) the service says:

X record found: thefx.co (Priority 0)
MX record found: smtp.secureserver.net (Priority 1)
MX record found: mailstore1.secureserver.net (Priority 10)
Connecting to thefx.co
Connect to thefx.co failed
Connecting to smtp.secureserver.net
Connected to smtp.secureserver.net
Dialog with smtp.secureserver.net ok
220 p3plibsmtp01-08.prod.phx3.secureserver.net bizsmtp ESMTP server ready
HELO verifyemailaddress.org
250 p3plibsmtp01-08.prod.phx3.secureserver.net hello [], pleased to meet you
MAIL FROM: <[email protected]>
250 2.1.0 <[email protected]> sender ok
RCPT TO: <[email protected]>
550 5.1.1 <[email protected]> Recipient not found. <http://x.co/irbounce>
221 2.0.0 p3plibsmtp01-08.prod.phx3.secureserver.net bizsmtp closing connection
Email address [email protected] rejected

I have no idea why anyone can’t connect to my server but If I try to see whether I have opened ports or not, I see they actually are opened:

$ nmap thefx.co
Starting Nmap 7.70 ( https://nmap.org ) at 2018-10-27 18:48 MSK
Nmap scan report for thefx.co (
Host is up (0.044s latency).
Not shown: 986 closed ports
25/tcp    filtered smtp
465/tcp   open     smtps
587/tcp   open     submission
993/tcp   open     imaps
995/tcp   open     pop3s

Nmap done: 1 IP address (1 host up) scanned in 1.87 seconds

Interesting thing that from my home pc I see that 25/tcp is opened and filtered but I can’t see it from nmap‘s output on my VDS (where it comes from)? If I telnet these ports, all of them are opened successfully.

I don’t expose 25 port for mailu from the docker container, probably, this is the reason for the problem.

UPD: I have opened 25 port for mailu and now gmail sends email successfully and I receive it on my side. Why was it necessary?

My answer:

You have multiple MX records. One points to your mail server, the other two point to GoDaddy’s mail servers.

Your mail server test at verifyemailaddress.org went to GoDaddy’s mail servers, not your own, because you didn’t have port 25 open, and thus your MX record could not be used.

It’s not clear why you have MX records pointing to GoDaddy if you are hosting your mail yourself.

You should remove the MX records which point to the wrong mail servers.

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.