Just to give you an oversight on what has changed recently; I upgraded to the latest ISPConfig 3.0.5.4, and found that Apache and MySQL (possibly more), weren't starting on bootup. I reinstalled, and it looks like it fixed it A customer's domain has been compromised, so has been sending out a lot of spam - 'qshape deferred active incoming' shows a total of 21664. I've been trying to clear down the postfix queue, based on the specific domain which has been sending these emails. As part of the above, I also added in some blacklists to 'smtpd_recipient_restrictions' but something seems to have gone wrong, and stopped email sending / receiving. I've reinstalled ISPConfig, and emails look like they're starting to move now. However, in my mail.log I'm receiving the following errors; Code: Apr 25 07:51:16 vps1 postfix/smtp[2139]: warning: mysql query failed: MySQL server has gone away Apr 25 07:51:16 vps1 postfix/smtp[2139]: fatal: mysql:/etc/postfix/mysql-virtual_relaydomains.cf(0,lock|fold_fix): table lookup problem Apr 25 07:51:16 vps1 postfix/qmgr[2040]: warning: private/retry socket: malformed response Apr 25 07:51:16 vps1 postfix/qmgr[2040]: warning: transport retry failure -- see a previous warning/fatal/panic logfile record for the problem description Apr 25 07:51:16 vps1 postfix/master[2034]: warning: process /usr/lib/postfix/error pid 2646 exit status 1 Apr 25 07:51:16 vps1 postfix/master[2034]: warning: process /usr/lib/postfix/smtp pid 2352 exit status 1 Apr 25 07:51:16 vps1 postfix/master[2034]: warning: process /usr/lib/postfix/error pid 2647 exit status 1 Apr 25 07:51:16 vps1 postfix/qmgr[2040]: warning: connect to mysql server 127.0.0.1: Can't connect to MySQL server on '127.0.0.1' (111) Apr 25 07:51:16 vps1 postfix/qmgr[2040]: fatal: mysql:/etc/postfix/mysql-virtual_relaydomains.cf(0,lock|fold_fix): table lookup problem Apr 25 07:51:16 vps1 postfix/smtp[2413]: warning: mysql query failed: MySQL server has gone away Apr 25 07:51:16 vps1 postfix/smtp[2413]: fatal: mysql:/etc/postfix/mysql-virtual_relaydomains.cf(0,lock|fold_fix): table lookup problem Apr 25 07:51:16 vps1 postfix/master[2034]: warning: process /usr/lib/postfix/error pid 2701 exit status 1 Apr 25 07:51:16 vps1 postfix/master[2034]: warning: process /usr/lib/postfix/error pid 2645 exit status 1 Apr 25 07:51:16 vps1 postfix/master[2034]: warning: process /usr/lib/postfix/error pid 2706 exit status 1 Apr 25 07:51:16 vps1 postfix/master[2034]: warning: process /usr/lib/postfix/smtp pid 2234 exit status 1 Apr 25 07:51:16 vps1 postfix/master[2034]: warning: process /usr/lib/postfix/smtp pid 2346 exit status 1 Apr 25 07:51:16 vps1 postfix/master[2034]: warning: process /usr/lib/postfix/smtp pid 2426 exit status 1 My /etc/postfix/main.cf file is the following (MYSERVERHOSTNAME replaces my actual server name); Code: smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = /usr/share/doc/postfix # TLS parameters smtpd_tls_cert_file = /etc/postfix/smtpd.cert smtpd_tls_key_file = /etc/postfix/smtpd.key smtpd_use_tls = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. myhostname = MYSERVERHOSTNAME alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases myorigin = /etc/mailname mydestination = MYSERVERHOSTNAME, localhost, localhost.localdomain relayhost = mynetworks = 127.0.0.0/8 [::1]/128 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all html_directory = /usr/share/doc/postfix/html virtual_alias_domains = virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf, hash:/var/lib/mailman/data/virtual-mailman virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf virtual_mailbox_base = /var/vmail virtual_uid_maps = static:5000 virtual_gid_maps = static:5000 smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtpd_sasl_authenticated_header = yes smtpd_tls_security_level = may transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $$ smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf smtpd_client_message_rate_limit = 100 maildrop_destination_concurrency_limit = 1 maildrop_destination_recipient_limit = 1 virtual_transport = maildrop header_checks = regexp:/etc/postfix/header_checks mime_header_checks = regexp:/etc/postfix/mime_header_checks nested_header_checks = regexp:/etc/postfix/nested_header_checks body_checks = regexp:/etc/postfix/body_checks owner_request_special = no content_filter = amavis:[127.0.0.1]:10024 receive_override_options = no_address_mappings message_size_limit = 0 content_filter = amavis:[127.0.0.1]:10024 inet_protocols = all smtp_tls_security_level = may smtpd_helo_required = yes disable_vrfy_command = yes strict_rfc821_envelopes = yes invalid_hostname_reject_code = 554 multi_recipient_bounce_reject_code = 554 non_fqdn_reject_code = 554 relay_domains_reject_code = 554 unknown_address_reject_code = 554 unknown_client_reject_code = 554 unknown_hostname_reject_code = 554 unknown_local_recipient_reject_code = 554 unknown_relay_recipient_reject_code = 554 unknown_sender_reject_code = 554 unknown_virtual_alias_reject_code = 554 unknown_virtual_mailbox_reject_code = 554 unverified_recipient_reject_code = 554 unverified_sender_reject_code = 554 smtpd_recipient_restrictions = check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination The /etc/postfix/mysql-virtual_relaydomains.cf file (PASSWORDHASH replaces the actual password hash); Code: user = ispconfig password = PASSWORDHASH dbname = dbispconfig table = mail_transport select_field = domain where_field = domain additional_conditions = and active = 'y' and server_id = 1 hosts = 127.0.0.1 Could someone assist in fixing the issue please? Many thanks in advance.
It seems your mysql server is facing problems. Have you checked the syslog and mysql log for warnings/errors?
In /var/log/mysql there's the following warnings; Code: 140425 7:51:14 [Note] /usr/sbin/mysqld: Normal shutdown 140425 7:51:14 [Note] Event Scheduler: Purging the queue. 0 events 140425 7:51:14 InnoDB: Starting shutdown... 140425 7:51:19 InnoDB: Shutdown completed; log sequence number 0 502928167 140425 7:51:19 [Note] /usr/sbin/mysqld: Shutdown complete 140425 7:51:19 [Note] Plugin 'FEDERATED' is disabled. 140425 7:51:19 InnoDB: Initializing buffer pool, size = 8.0M 140425 7:51:19 InnoDB: Completed initialization of buffer pool 140425 7:51:19 InnoDB: Started; log sequence number 0 502928167 140425 7:51:19 [Note] Event Scheduler: Loaded 0 events 140425 7:51:19 [Note] /usr/sbin/mysqld: ready for connections. Version: '5.1.73-0ubuntu0.10.04.1' socket: '/var/run/mysqld/mysqld.sock' port: 3306 (Ubuntu) Both /var/log/mysql.err and /var/log/mysql.log are empty. /var/log/syslog is full of postfix 'Connection timed out' messages; Code: Apr 25 09:11:10 vps1 postfix/smtp[7981]: connect to mta1.*****.fr[*.*.*.*]:25: Connection timed out Apr 25 09:11:10 vps1 postfix/smtp[7981]: 3C89629DBCA: to=<********@*****.fr>, relay=none, delay=380103, delays=379741/320/42/0, dsn=4.4.1, status=deferred (connect to mta1.*****.fr[*.*.*.*]:25: Connection timed out
Can you ping localhost and external hostnames / ip addresses? Code: ping google.com ping localhost ping 127.0.0.1
I'm also seeing these errors; Code: postfix/smtpd[20839]: warning: ::1: address not listed for hostname localhost Code: Apr 25 09:03:36 vps1 postfix/trivial-rewrite[7891]: warning: connect to mysql server localhost: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) Apr 25 09:03:36 vps1 postfix/trivial-rewrite[7891]: fatal: mysql:/etc/postfix/mysql-virtual_relaydomains.cf(0,lock|fold_fix): table lookup problem /etc/hosts file shows; Code: 127.0.0.1 localhost 46.*.*.* vps1.MYSERVERHOSTNAME vps1 # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters If I 'dig -x' my IP (my IP and hostname hidden); Code: ; <<>> DiG 9.7.0-P1 <<>> -x 46.*.*.* ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63971 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;*.*.*.46.in-addr.arpa. IN PTR ;; ANSWER SECTION: *.*.*.46.in-addr.arpa. 10689 IN PTR vps1.MYSERVERHOSTNAME. ;; Query time: 0 msec ;; SERVER: 46.32.224.29#53(46.32.224.29) ;; WHEN: Fri Apr 25 10:26:55 2014 ;; MSG SIZE rcvd: 78 Both 'hostname' and 'hostname -f' show the correct hostname.
Okay, what about the mysql server config. Is mysql even listening on that socket mentioned in the log file?
Here's my /etc/mysql/my.cnf file with comments stripped - looks like it's listening on the socket? (apologies, I know a little about server config, but not loads); Code: [client] port = 3306 socket = /var/run/mysqld/mysqld.sock [mysqld_safe] socket = /var/run/mysqld/mysqld.sock nice = 0 [mysqld] user = mysql socket = /var/run/mysqld/mysqld.sock port = 3306 basedir = /usr datadir = /var/lib/mysql tmpdir = /tmp skip-external-locking #bind-address = 127.0.0.1 key_buffer = 16M max_allowed_packet = 16M thread_stack = 192K thread_cache_size = 8 myisam-recover = BACKUP max_connections = 500 max_user_connections = 500 #table_cache = 64 #thread_concurrency = 10 query_cache_limit = 1M query_cache_size = 16M #general_log_file = /var/log/mysql/mysql.log #general_log = 1 log_error = /var/log/mysql/error.log #log_slow_queries = /var/log/mysql/mysql-slow.log #long_query_time = 2 #log-queries-not-using-indexes #server-id = 1 #log_bin = /var/log/mysql/mysql-bin.log expire_logs_days = 10 max_binlog_size = 100M #binlog_do_db = include_database_name #binlog_ignore_db = include_database_name # chroot = /var/lib/mysql/ # ssl-ca=/etc/mysql/cacert.pem # ssl-cert=/etc/mysql/server-cert.pem # ssl-key=/etc/mysql/server-key.pem [mysqldump] quick quote-names max_allowed_packet = 16M [mysql] #no-auto-rehash # faster start of mysql but no tab completition [isamchk] key_buffer = 16M !includedir /etc/mysql/conf.d/
I've checked the db tables for errors, and they all look fine. I've just rotated all the log files, and restarted the services. I'll keep an eye on them and see if any errors come back.
This one so far; Code: Apr 25 13:20:02 vps1 postfix/smtpd[30422]: warning: ::1: address not listed for hostname localhost
So everything seems to be ok now, just the following message in the logs; Code: Apr 25 13:20:02 vps1 postfix/smtpd[30422]: warning: ::1: address not listed for hostname localhost Code: 127.0.0.1 localhost 46.32.228.250 vps1.olimortimer.com vps1 # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters Do I simply remove localhost from the ::1 line?
