Email problems

Everything was working fine,until over the weekend. I can send emails without a problem but I have a problem receiving them. I also am unable to telnet bookowl.co.uk I get connection refused. But if I telnet the ip address 192.168.*.* then I can do a ehlo and everything seems fine. I can also telnet from my laptop and both the domain name and ip are accepted. The hosts file looks ok 127.0.0.1 localhost.localdomain There are no errors showing in the maillog file except that when I log on there is a delay of around 6 mins before a message is placed on the lmaillog saying that I have been disconnected because of inactivity.

 

I assume you use port forwarding on your router? Did your ISP do some work this weekend to block traffic over port 25?

 

port 25 is ok. I did a quick check from dnsstuff and got the following reponse.

 

UPDATE:
The reason for the 6 minute delay turned out to be 91700 emails in the bookowl.co.uk mailfolder cur
I have deleted these and now the delay has disapeared.

I also had thousands of emails on Sunday morning which caused a lock up on my server. The email seem to be system emails. If I get another I will post a copy of it

I am still unable to telnet bookowl.co.uk from the server although I can from my laptop.
Port 25 is open
Also I have noticed an error message 'Bind to port 22 on 0.0.0.0 failed' which I believe is something to do with ipv6/ipv4

Anybody know what is happening

Thanks

 

It's a DNS problem. bookowl.co.uk doesn't exist in DNS:

Code:

mh1:~# telnet bookowl.co.uk 25
telnet: could not resolve bookowl.co.uk/25: No address associated with hostname
mh1:~# dig bookowl.co.uk

; <<>> DiG 9.2.1 <<>> bookowl.co.uk
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64517
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;bookowl.co.uk.                 IN      A

;; AUTHORITY SECTION:
bookowl.co.uk.          2548    IN      SOA     server0004.freedom2surf.net. hostmaster.bookowl.co.uk. 2007012535 14400 3600 604800 2560

;; Query time: 46 msec
;; SERVER: 213.191.92.84#53(213.191.92.84)
;; WHEN: Tue Feb  6 14:00:16 2007
;; MSG SIZE  rcvd: 105

 

Errrm, the MX record points to mail1.bookowl.co.uk and telnet-ting to that server works.

Code:

~$ dig MX  bookowl.co.uk

; <<>> DiG 9.3.2 <<>> MX bookowl.co.uk
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7070
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3

;; QUESTION SECTION:
;bookowl.co.uk.                 IN      MX

;; ANSWER SECTION:
bookowl.co.uk.          86400   IN      MX      10 mail1.bookowl.co.uk.

;; AUTHORITY SECTION:
bookowl.co.uk.          86287   IN      NS      server0004.freedom2surf.net.
bookowl.co.uk.          86287   IN      NS      server0001.freedom2surf.net.

;; ADDITIONAL SECTION:
mail1.bookowl.co.uk.    86287   IN      A       194.106.43.87
server0001.freedom2surf.net. 78169 IN   A       194.106.56.46
server0004.freedom2surf.net. 78169 IN   A       194.106.56.34

 

I'm getting different results. Maybe he has changed it recently and the modifications haven't fully propagated yet?

 

Since deleting the emails I am now able to send and receive emails. I think the problem was the amount of emails I had was causing a timeout on my system.
I think the problem originated because I am unable to receive admin emails and possibly the ipv6 issue. I also am still unable to telnet bookowl.co.uk 25 from my server, although I can from my laptop connected to the network.

 

What's the output of

Code:

dig MX  bookowl.co.uk

on your server? What's in /etc/resolv.conf?

 

Code:

[root@server1 ~]# dig MX bookowl.co.uk

; <<>> DiG 9.3.3rc2 <<>> MX bookowl.co.uk
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37657
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;bookowl.co.uk.                 IN      MX

;; AUTHORITY SECTION:
bookowl.co.uk.          86400   IN      SOA     ns1.elmtreedesign.co.uk. admin.bookowl.co.uk. 2007012414 28800 7200 604800 86400

;; Query time: 2 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Feb  8 11:06:26 2007
;; MSG SIZE  rcvd: 91

[root@server1 ~]#

nameserver 127.0.0.1

This is the contents of etc/eliases

Code:

#
#  Aliases in this file will NOT be expanded in the header from
#  Mail, but WILL be visible over networks or from /bin/mail.
#
#	>>>>>>>>>>	The program "newaliases" must be run after
#	>> NOTE >>	this file is updated for any changes to
#	>>>>>>>>>>	show through to sendmail.
#

# Basic system aliases -- these MUST be present.
mailer-daemon:	postmaster
postmaster:	root

# General redirections for pseudo accounts.
bin:		root
daemon:		root
adm:		root
lp:		root
sync:		root
shutdown:	root
halt:		root
mail:		root
news:		root
uucp:		root
operator:	root
games:		root
gopher:		root
ftp:		root
nobody:		root
radiusd:	root
nut:		root
dbus:		root
vcsa:		root
canna:		root
wnn:		root
rpm:		root
nscd:		root
pcap:		root
apache:		root
webalizer:	root
dovecot:	root
fax:		root
quagga:		root
radvd:		root
pvm:		root
amanda:		root
privoxy:	root
ident:		root
named:		root
xfs:		root
gdm:		root
mailnull:	root
postgres:	root
sshd:		root
smmsp:		root
postfix:	root
netdump:	root
ldap:		root
squid:		root
ntp:		root
mysql:		root
desktop:	root
rpcuser:	root
rpc:		root
nfsnobody:	root

ingres:		root
system:		root
toor:		root
manager:	root
dumper:		root
abuse:		root

newsadm:	news
newsadmin:	news
usenet:		news
ftpadm:		ftp
ftpadmin:	ftp
ftp-adm:	ftp
ftp-admin:	ftp
www:		webmaster
webmaster:	root
noc:		root
security:	root
hostmaster:	root
info:		postmaster
marketing:	postmaster
sales:		postmaster
support:	postmaster


# trap decode to catch security attacks
decode:		root

# Person who should get root's mail
root: bookowl.co.uk-andrew

and this is the output of postqueue -p

Code:

[root@server1 ~]# postqueue -p
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
19CC091E30C     1221 Thu Feb  8 04:04:21  [email protected]
   (connect to server1.elmtreedesign.co.uk[194.106.43.87]: Connection refused)
                                         [email protected]

0E38291E30A    30420 Thu Feb  8 04:02:33  [email protected]
   (connect to server1.elmtreedesign.co.uk[194.106.43.87]: Connection refused)
                                         [email protected]

-- 31 Kbytes in 2 Requests.
[root@server1 ~]#

Everything seems to work except I still don't get the root email. Thanks

 

That's because you need to specify a valid user for root in your aliases file. root is now directed to the domain in /etc/aliases.

Code:

# Person who should get root's mail
root: bookowl.co.uk-andrew

should be something like:

Code:

# Person who should get root's mail
root: [email protected]

Don't forget to run 'newaliases' after making changes.

 

Thanks martinfst I made the changes in the aliases file and run newaliases also rebooted system. I still get errors in the maillog and the mail not forwarded. I did a flush to try and force it through but nothing.

maillog

Code:

Feb  8 11:55:25 server1 sendmail[2799]: alias database /etc/aliases rebuilt by root
Feb  8 11:55:25 server1 sendmail[2799]: /etc/aliases: 77 aliases, longest 20 bytes, 789 bytes total
Feb  8 11:55:39 server1 dovecot: pop3-login: Login: user=<bookowl.co.uk-andrew>, method=PLAIN, rip=::ffff:192.168.16.80, lip=::ffff:192.168.16.90
Feb  8 11:55:39 server1 dovecot: POP3(bookowl.co.uk-andrew): Disconnected: Logged out top=0/0, retr=0/0, del=0/0, size=0
Feb  8 11:55:46 server1 postfix/qmgr[2428]: 19CC091E30C: from=<[email protected]>, size=1221, nrcpt=1 (queue active)
Feb  8 11:55:46 server1 postfix/qmgr[2428]: 0E38291E30A: from=<[email protected]>, size=30420, nrcpt=1 (queue active)
Feb  8 11:55:47 server1 postfix/smtp[2810]: connect to server1.elmtreedesign.co.uk[194.106.43.87]: Connection refused (port 25)
Feb  8 11:55:47 server1 postfix/smtp[2812]: connect to server1.elmtreedesign.co.uk[194.106.43.87]: Connection refused (port 25)
Feb  8 11:55:47 server1 postfix/smtp[2810]: 19CC091E30C: to=<[email protected]>, relay=none, delay=28286, status=deferred (connect to server1.elmtreedesign.co.uk[194.106.43.87]: Connection refused)
Feb  8 11:55:47 server1 postfix/smtp[2812]: 0E38291E30A: to=<[email protected]>, relay=none, delay=28394, status=deferred (connect to server1.elmtreedesign.co.uk[194.106.43.87]: Connection refused)

 

Are 'bookowl.co.uk' and 'server1.elmtreedesign.co.uk' on the same server? If yes, have a look at '/etc/postfix/local-host-names'. It should contain both domains/servers.

 

Thanks Till and martinfst

Both domains are on the same server and are list in local-host-names

Code:

###################################
#
# ISPConfig local-host-names Configuration File
#         Version 1.0
#
###################################
localhost
server1.elmtreedesign.co.uk
localhost.server1.elmtreedesign.co.uk
localhost.elmtreedesign.co.uk
localhost.localdomain
www.bookowl.co.uk
www.royalspring.co.uk
bookowl.co.uk
#### MAKE MANUAL ENTRIES BELOW THIS LINE! ####

The output of netstat is

Code:

###################################
#
# ISPConfig local-host-names Configuration File
#         Version 1.0
#
###################################
localhost
server1.elmtreedesign.co.uk
localhost.server1.elmtreedesign.co.uk
localhost.elmtreedesign.co.uk
localhost.localdomain
www.bookowl.co.uk
www.royalspring.co.uk
bookowl.co.uk
#### MAKE MANUAL ENTRIES BELOW THIS LINE! ####

and the output of iptables is

Code:

[root@server1 ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
[root@server1 ~]#

Thanks for your help

 

sorry about that

Code:

[root@server1 ~]# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             Stat e       PID/Program name
tcp        0      0 *:mysql                     *:*                         LIST EN      1872/mysqld
tcp        0      0 *:5900                      *:*                         LIST EN      2673/vino-server
tcp        0      0 *:sunrpc                    *:*                         LIST EN      1536/portmap
tcp        0      0 *:hosts2-ns                 *:*                         LIST EN      2324/ispconfig_http
tcp        0      0 *:34801                     *:*                         LIST EN      1555/rpc.statd
tcp        0      0 192.168.16.90:domain        *:*                         LIST EN      2454/named
tcp        0      0 localhost.localdomai:domain *:*                         LIST EN      2454/named
tcp        0      0 localhost.localdomain:ipp   *:*                         LIST EN      1755/cupsd
tcp        0      0 localhost.localdomain:rndc  *:*                         LIST EN      2454/named
tcp        0      0 *:smtp                      *:*                         LIST EN      2420/master
tcp        0      0 192.168.16.90:60041         192.168.16.80:microsoft-ds  ESTA BLISHED 2704/gnome-vfs-daem
tcp        0      0 192.168.16.90:60038         192.168.16.80:microsoft-ds  TIME _WAIT   -
tcp        0      0 192.168.16.90:41830         192.168.16.80:netbios-ssn   ESTA BLISHED 2704/gnome-vfs-daem
tcp        0      0 *:imaps                     *:*                         LIST EN      1900/dovecot
tcp        0      0 *:pop3s                     *:*                         LIST EN      1900/dovecot
tcp        0      0 *:pop3                      *:*                         LIST EN      1900/dovecot
tcp        0      0 *:imap                      *:*                         LIST EN      1900/dovecot
tcp        0      0 *:http                      *:*                         LIST EN      2350/httpd
tcp        0      0 *:ftp                       *:*                         LIST EN      2474/proftpd: (acce
tcp        0      0 *:ssh                       *:*                         LIST EN      1775/sshd
tcp        0      0 ::1:rndc                    *:*                         LIST EN      2454/named
tcp        0      0 *:https                     *:*                         LIST EN      2350/httpd
[root@server1 ~]#

 

Please change it to

Code:

nameserver 145.253.2.75
nameserver 193.174.32.18

Also, make sure that SELinux is disabled.

 

Thanks Falko
Have changed the nameservers. will have to wait till saturday to see if the emails come through, allthough I have tried to flush the old ones with no luck.

 

Still not getting roots emails