Introduction
The 421 SMTP error is a temporary issue that prevents outgoing emails from being sent. This error usually indicates a temporary failure due to rate limits, server configuration issues, DNS misconfigurations, or incorrect file permissions. Understanding the root causes and applying the correct fixes is essential to ensure smooth email delivery.
This article covers the most common causes of the Exim 421 error and their respective solutions.
🔍 Common Causes and Fixes for Exim 421 Errors
1️⃣ Mail Server Overload
-
Cause: The mail server is under heavy load and temporarily unable to process new connections.
-
Fix:
-
Restart the mail service:
service exim restart # For Exim (cPanel) systemctl restart postfix # For Postfix systemctl restart sendmail # For Sendmail -
Check the server load:
uptime topIf the load is high, investigate and reduce it.
-
2️⃣ SMTP Connection Limit Exceeded
-
Cause: The email provider may have set a limit on the number of outgoing connections or emails per hour.
-
Fix:
-
Check the mail queue:
exim -bpc # Check Exim mail queue count -
Increase the maximum connection limit in Exim configuration:
nano /etc/exim.confLook for:
smtp_accept_max = 100Increase it if necessary.
-
Restart Exim:
service exim restart
-
3️⃣ IP Address is Blacklisted or Blocked
-
Cause: The sending IP may be blacklisted due to spam reports.
-
Fix:
-
Check if your IP is blacklisted:
host -t txt <your_ip>.zen.spamhaus.orgOr use:
-
If blacklisted, request delisting from the blacklist provider.
-
Ensure your PTR record (Reverse DNS) is properly set for your mail server.
-
4️⃣ DNS Issues
-
Cause: Incorrect SPF, DKIM, DMARC, or MX records can lead to SMTP 421 errors.
-
Fix:
-
Check your domain’s DNS records:
dig +short MX domain.com -
Validate SPF, DKIM, and DMARC using:
-
Ensure proper SPF record:
v=spf1 mx a ip4:<server_ip> -all -
Restart DNS service:
systemctl restart named
-
5️⃣ Firewall (CSF/IPTables) Blocking Port 25/587
-
Cause: CSF or iptables might be blocking outgoing SMTP traffic.
-
Fix:
-
Check firewall rules:
csf -g <your_server_ip> iptables -L -n | grep "25" -
Allow SMTP ports:
csf -a <your_server_ip> csf -r
-
6️⃣ Exim Mail Queue Issues
-
Cause: The mail queue is too large or stuck, causing emails to be rejected with error 421.
-
Fix:
-
Check the mail queue:
exim -bpc -
If too many emails are stuck, clear them:
exim -bp | exiqgrep -i | xargs exim -Mrm
-
7️⃣ Email Authentication Issues
-
Cause: If SMTP authentication is not enabled, some mail servers may reject the connection.
-
Fix:
-
Ensure SMTP authentication is enabled in your email client (Thunderbird, Outlook, etc.).
-
In cPanel (Exim):
-
Go to WHM → Service Configuration → Exim Configuration Manager
-
Ensure Require SMTP Authentication is enabled.
-
-
8️⃣ Mail Server Not Listening on Correct Ports
-
Cause: If the mail server isn’t properly listening on ports 25, 465, or 587, emails won’t go out.
-
Fix:
-
Check listening ports:
netstat -tlnp | grep -E '25|465|587' -
If the ports are not open, enable them in:
nano /etc/exim.confEnsure:
daemon_smtp_ports = 25 : 465 : 587 -
Restart Exim:
service exim restart
-
9️⃣ Fixing Ownership Issues in /var/spool/exim/input/
If /var/spool/exim/input/ has incorrect ownership, Exim may fail to process emails with a 421 error.
Checking Current Ownership
namei -l /var/spool/exim/input/If it shows mail:mail instead of mailnull:mail, fix it with:
chown -v mailnull /var/spool/exim/input/Then restart Exim:
service exim restart🔍 Who is mailnull in Exim?
mailnull is a dedicated system user that Exim uses for handling mail queue processing and email deliveries in many Linux-based mail server configurations.
- In cPanel & Exim installations,
mailnullis the recommended user that Exim should run under for mail queue management. - It prevents mail processing from running as
root, which is a security risk.
🔐 Why mailnull and Not mail?
mailnullis a low-privilege user for Exim’s operations.- Using
mailcan lead to permission conflicts. - cPanel & Exim best practices recommend using
mailnullfor security and proper mail queue handling.
Final Steps: Checking Logs
If the issue persists, check mail logs:
tail -f /var/log/exim_mainlog
tail -f /var/log/exim_paniclog💡 Conclusion
The 421 SMTP error in Exim can occur due to overload, firewall blocks, DNS misconfigurations, blacklisting, or incorrect permissions. By checking logs, firewall rules, DNS settings, and Exim configurations, you can quickly diagnose and resolve the issue.
For additional troubleshooting, always monitor Exim logs and keep your mail server configuration optimized. 🚀
