PDA

View Full Version : Mail log entries?


ctroyp
3rd October 2005, 17:56
Could anyone enlighten me as to what happened to cause these entries? Is it spam that was rejected or something of the sort?
Oct 3 05:57:32 server1 postfix/smtpd[13711]: cannot load Certificate Authority data
Oct 3 05:57:32 server1 postfix/smtpd[13711]: warning: TLS library problem: 13711:error:02001002:system library:fopen:No such file or directory:bss_file.c:104:fopen('/etc/postfix/ssl/cacert.pem','r'):
Oct 3 05:57:32 server1 postfix/smtpd[13711]: warning: TLS library problem: 13711:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:107:
Oct 3 05:57:32 server1 postfix/smtpd[13711]: warning: TLS library problem: 13711:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:279:
Oct 3 05:57:32 server1 postfix/smtpd[13711]: connect from unknown[219.133.246.126]
Oct 3 05:57:33 server1 postfix/smtpd[13711]: NOQUEUE: reject: RCPT from unknown[219.133.246.126]: 554 <popogigi1975@yahoo.com.tw>: Relay access denied; from=<xdfgszdrgser@aol.com> to=<popogigi1975@yahoo.com.tw> proto=SMTP helo=<67.141.5.42>
Oct 3 05:58:24 server1 postfix/smtpd[13711]: lost connection after RCPT from unknown[219.133.246.126]
Oct 3 05:58:24 server1 postfix/smtpd[13711]: disconnect from unknown[219.133.246.126]
Oct 3 06:01:44 server1 postfix/anvil[13713]: statistics: max connection rate 1/60s for (smtp:219.133.246.126) at Oct 3 05:57:32
Oct 3 06:01:44 server1 postfix/anvil[13713]: statistics: max connection count 1 for (smtp:219.133.246.126) at Oct 3 05:57:32
Oct 3 06:01:44 server1 postfix/anvil[13713]: statistics: max cache size 1 at Oct 3 05:57:32

falko
3rd October 2005, 18:54
Oct 3 05:57:32 server1 postfix/smtpd[13711]: warning: TLS library problem: 13711:error:02001002:system library:fopen:No such file or directory:bss_file.c:104:fopen('/etc/postfix/ssl/cacert.pem','r'):

This is because of a missing file (/etc/postfix/ssl/cacert.pem), but it's only a warning, nothing serious.

Oct 3 05:57:33 server1 postfix/smtpd[13711]: NOQUEUE: reject: RCPT from unknown[219.133.246.126]: 554 <popogigi1975@yahoo.com.tw>: Relay access denied; from=<xdfgszdrgser@aol.com> to=<popogigi1975@yahoo.com.tw> proto=SMTP helo=<67.141.5.42>

There someone tried to send emails over your server; might be a spammer, but as you can see he wasn't successful... :D

ctroyp
3rd October 2005, 19:14
Cool! Its nice to see the defense in action.

I had a similar entry that was showing that an email was blocked that I actually sent from another one of my email accounts (not hosted from my server). Where do I configure to allow access for this account? FYI, it is an identical error as the one I posted above, but with a known sender that I want to allow.

falko
3rd October 2005, 19:50
Cool! Its nice to see the defense in action.

I had a similar entry that was showing that an email was blocked that I actually sent from another one of my email accounts (not hosted from my server). Where do I configure to allow access for this account? FYI, it is an identical error as the one I posted above, but with a known sender that I want to allow.
If you're sending with an email client, just enter your ISPConfig server as SMTP server, and use a username and password from your ISPConfig box.

ctroyp
3rd October 2005, 20:01
If you're sending with an email client, just enter your ISPConfig server as SMTP server, and use a username and password from your ISPConfig box.

I must have explained wrong...I am trying to send an email to this account using a yahoo account. The email doesn't come in the this account and it does not get kicked back to my yahoo account (which tells me it went somewhere). By the way, I am using UebiMiau to access the mail hosted from my server.

falko
3rd October 2005, 20:08
I must have explained wrong...I am trying to send an email to this account using a yahoo account. The email doesn't come in the this account and it does not get kicked back to my yahoo account (which tells me it went somewhere).
The mail from Yahoo should arrive without problems, unless the MX record for your domain is pointing to some other server. I'd check that ASAP.
Do you see anything in your mail logs when sending an email from Yahoo?

ctroyp
3rd October 2005, 20:14
Actually, it does kick back to yahoo. It says that the message the remote server did not like the recipient "Relay acces denied".

Furthermore, I can access my email using Uebmiau but there are no messages. And, in my maillog, I get the message similar to what I posted earlier "relay access denied".

Where is it that I can setup the email aliases for my accounts within ISPConfig? Or, where can I locate the manual that will have this info?

falko
3rd October 2005, 20:29
Actually, it does kick back to yahoo. It says that the message the remote server did not like the recipient "Relay acces denied".

Then it seems as if you haven't created that email address in ISPConfig. :rolleyes:
Go to the email tab of the web site (domain) in question and create the appropriate email address.

ctroyp
3rd October 2005, 20:30
Here is the actual entry in the maillog from my yahoo test mail:
Oct 3 14:21:26 server1 postfix/smtpd[25562]: connect from web36204.mail.mud.yahoo.com[209.191.68.230]
Oct 3 14:21:26 server1 postfix/smtpd[25562]: NOQUEUE: reject: RCPT from web36204.mail.mud.yahoo.com[209.191.68.230]: 554 <web2_ctp@domain2.com>: Relay access denied; from=<me@yahoo.com> to=<web2_ctp@domain2.com> proto=SMTP helo=<web36204.mail.mud.yahoo.com>
Oct 3 14:21:26 server1 postfix/smtpd[25562]: disconnect from web36204.mail.mud.yahoo.com[209.191.68.230]

ctroyp
3rd October 2005, 20:32
Then it seems as if you haven't created that email address in ISPConfig. :rolleyes:
Go to the email tab of the web site (domain) in question and create the appropriate email address.

The account has been created under the "User & Email" tab of the respective domain. ...everything looks right?

falko
3rd October 2005, 20:58
Is domain2.com in /etc/postfix/local-host-names?

ctroyp
3rd October 2005, 21:01
Yes, it is entered as:

www.domain2.com

ctroyp
3rd October 2005, 21:02
Not sure if it matters at this point, but I have always been able to send email from this account--just not receive.

falko
3rd October 2005, 21:57
Yes, it is entered as:

www.domain2.com
It has to be domain2.com, not www.domain2.com. With www.domain2.com, you can receive emails for <user>@www.domain2.com, but not for <user>@domain2.com.
Did you create domain2.com as a Co-Domain for the web site www.domain2.com? If not, do that.

ctroyp
3rd October 2005, 22:06
Okay, will do...thanks!

One other thing... I have not been able to login to phpmyadmin for each of my sites. I cannot figure out what happened. I can access the login screen, but cannot login. The only thing I did was reboot my server, then I couldn't login. Any ideas?

falko
3rd October 2005, 23:12
Okay, will do...thanks!

One other thing... I have not been able to login to phpmyadmin for each of my sites. I cannot figure out what happened. I can access the login screen, but cannot login. The only thing I did was reboot my server, then I couldn't login. Any ideas?
Did your MySQL server start on your reboot?