HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=4)
-   -   Amavis: DENIED ISPCONFIG: ACCESS from IP x.x.x.x DENIED / cant recieve emails (http://www.howtoforge.com/forums/showthread.php?t=40189)

KaiserGimmel 16th October 2009 22:42

Amavis: DENIED ISPCONFIG: ACCESS from IP x.x.x.x DENIED / cant recieve emails
 
Hello guys,

i googled a lot and apparently i cant find a solution for my problem.
I installed ispconfig the 3rd time today (ISPConfig 3.0.1.5 and .6) - even set up my vserver again.

I did everything like in the tutorial for debian lenny - but i cant receive emails. Something is wrong with amavis:

Code:

root@torchwood:~$ tail /var/log/mail.log
Oct 16 20:23:06 torchwood postfix/smtpd[16182]: connect from moutng.kundenserver.de[212.227.17.8]
Oct 16 20:23:06 torchwood postfix/smtpd[16182]: 6D60667CA42: client=moutng.kundenserver.de[212.227.17.8]
Oct 16 20:23:06 torchwood postfix/cleanup[16189]: 6D60667CA42: message-id=<4AD8D626.1020007@sender.de>
Oct 16 20:23:06 torchwood postfix/qmgr[12030]: 6D60667CA42: from=<me@sender.de>, size=8269, nrcpt=1 (queue active)
Oct 16 20:23:06 torchwood postfix/smtpd[16182]: disconnect from moutng.kundenserver.de[212.227.17.8]
Oct 16 20:23:06 torchwood amavis[31237]: (!)DENIED ACCESS from IP 77.237.241.239, policy bank ''
Oct 16 20:23:06 torchwood postfix/smtp[16190]: 6D60667CA42: to=<max@reciever.de>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.04, delays=0.03/0.01/0/0, dsn=4.4.2, status=deferred (lost connection with 127.0.0.1[127.0.0.1] while receiving the initial server greeting)

at first i had the problem that postfix couldnt connect to the mysql because of permission problems. I fixed that after i copied the ispconfig user and added it to connect from my hostname. Im wondering what went wrong in the install.php - there was the correct hostname entered. Google said i should modify the amavis 50-user config and add an my ip there - but that didnt helped me...

In the case its related to the amavis problem:
Code:

root@torchwood:~# cat /etc/hosts
77.237.241.239  torchwood.melcher.it torchwood
127.0.0.1 localhost.localdomain localhost

Code:

root@torchwood:/home# hostname -f
torchwood.melcher.it
root@torchwood:/home# hostname
torchwood.melcher.it

what i tried:
Code:

telnet localhost 10024 => Connection closed by foreign host.
Code:

netstat -tulpn | grep 10024 => tcp        0      0 127.0.0.1:10024        0.0.0.0:*              LISTEN      30817/amavisd (mast
if i try to send an email the same happens:
Code:

Oct 16 20:35:32 torchwood postfix/smtpd[21268]: connect from ppp-93-104-79-85.dynamic.mnet-online.de[93.104.79.85]
Oct 16 20:35:32 torchwood postfix/smtpd[21268]: 810A067CA47: client=ppp-93-104-79-85.dynamic.mnet-online.de[93.104.79.85], sasl_method=PLAIN, sasl_username=max@melcher.it
Oct 16 20:35:32 torchwood postfix/cleanup[21475]: 810A067CA47: message-id=<4AD8D912.5080801@melcher.it>
Oct 16 20:35:32 torchwood postfix/qmgr[21072]: 810A067CA47: from=<max@melcher.it>, size=664, nrcpt=1 (queue active)
Oct 16 20:35:32 torchwood amavis[31240]: (!)DENIED ACCESS from IP 77.237.241.239, policy bank ''
Oct 16 20:35:32 torchwood postfix/smtp[21073]: 810A067CA47: to=<me@maxmelcher.de>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.17, delays=0.17/0/0/0, dsn=4.4.2, status=deferred (lost connection with 127.0.0.1[127.0.0.1] while receiving the initial server greeting)


Please help me - its urgent!
many thanks in advance
Max

KaiserGimmel 16th October 2009 23:17

I added into /etc/amavis/conf.d/50-user :
Code:

@inet_acl = qw( 127.0.0.1 [::1] 77.237.241.239 );
$inet_socket_bind = undef;

now i can connect with telnet localhost 10024 but i still cant get emails. :(

falko 17th October 2009 14:17

What's the output of
Code:

netstat -tap
? Are there any other errors in your mail log now?

KaiserGimmel 17th October 2009 23:16

Hello Falk,

thanks for your reply:

Code:

root@torchwood:~# netstat -tap
Aktive Internetverbindungen (Server und stehende Verbindungen)
Proto Recv-Q Send-Q Local Address          Foreign Address        State      PID/Program name
tcp        0      0 *:imaps                *:*                    LISTEN      9677/couriertcpd
tcp        0      0 *:pop3s                *:*                    LISTEN      9700/couriertcpd
tcp        0      0 *:10024                *:*                    LISTEN      9142/amavisd (maste
tcp        0      0 localhost.localdo:10025 *:*                    LISTEN      9764/master
tcp        0      0 *:mysql                *:*                    LISTEN      9208/mysqld
tcp        0      0 *:pop3                  *:*                    LISTEN      9688/couriertcpd
tcp        0      0 *:imap2                *:*                    LISTEN      9664/couriertcpd
tcp        0      0 localhost.localdo:spamd *:*                    LISTEN      9286/spamd.pid
tcp        0      0 *:http-alt              *:*                    LISTEN      7874/apache2
tcp        0      0 *:www                  *:*                    LISTEN      7874/apache2
tcp        0      0 *:ftp                  *:*                    LISTEN      9775/pure-ftpd (SER
tcp        0      0 *:ssh                  *:*                    LISTEN      9115/sshd
tcp        0      0 *:smtp                  *:*                    LISTEN      473/smtpd
tcp        0      0 *:https                *:*                    LISTEN      7874/apache2
tcp        1      0 torchwood.melcher.:smtp mx002.twitter.com:35603 CLOSE_WAIT  13470/smtpd
tcp        0      0 torchwood.melcher:49089 localhost.locald:sunrpc TIME_WAIT  -
tcp        1      0 torchwood.melcher.:smtp mx003.twitter.com:48117 CLOSE_WAIT  13340/smtpd
tcp        0      0 torchwood.melcher:imaps ppp-93-104-23-229:49175 VERBUNDEN  32444/couriertls
tcp        1      0 torchwood.melcher.:smtp mx003.twitter.com:56442 CLOSE_WAIT  14643/smtpd
tcp        0      0 torchwood.melc:http-alt ppp-93-104-23-229:49453 TIME_WAIT  -
tcp        1      0 torchwood.melcher.:smtp mx001.twitter.com:60968 CLOSE_WAIT  27205/smtpd
tcp        0      0 torchwood.melcher:imaps ppp-93-104-23-229:49215 VERBUNDEN  32574/couriertls
tcp        0      0 torchwood.melc:http-alt ppp-93-104-23-229:49463 TIME_WAIT  -
tcp        0      0 localhost.localdo:mysql torchwood.melcher:46900 TIME_WAIT  -
tcp        1      0 torchwood.melcher.:smtp mx001.twitter.com:60966 CLOSE_WAIT  9031/smtpd
tcp        1      0 torchwood.melcher.:smtp mx002.twitter.com:44990 CLOSE_WAIT  736/smtpd
tcp        1      0 torchwood.melcher.:smtp mx002.twitter.com:58734 CLOSE_WAIT  19082/smtpd
tcp        0      0 torchwood.melcher.i:www ppp-93-104-23-229:49306 TIME_WAIT  -
tcp        1      0 torchwood.melcher.:smtp moutng.kundenserv:62288 CLOSE_WAIT  13898/smtpd
tcp        0      0 torchwood.melc:http-alt ppp-93-104-23-229:49452 TIME_WAIT  -
tcp        1      0 torchwood.melcher.:smtp mx003.twitter.com:40247 CLOSE_WAIT  23661/smtpd
tcp        1      0 torchwood.melcher.:smtp mx003.twitter.com:39664 CLOSE_WAIT  15840/smtpd
tcp        0  3700 torchwood.melcher.i:ssh ppp-93-104-23-229:49167 VERBUNDEN  32432/sshd: kaos [p
tcp        0      0 torchwood.melcher.:smtp moutng.kundenserv:54078 VERBUNDEN  32529/smtpd
tcp        0      0 torchwood.melc:http-alt ppp-93-104-23-229:49454 TIME_WAIT  -
tcp        0      0 torchwood.melcher:imaps ppp-93-104-23-229:49214 VERBUNDEN  32572/couriertls
tcp        1      0 torchwood.melcher.:smtp mx004.twitter.com:44535 CLOSE_WAIT  14859/smtpd
tcp        1      0 torchwood.melcher.:smtp mx007.twitter.com:40430 CLOSE_WAIT  14271/smtpd
tcp        0      0 torchwood.melc:http-alt ppp-93-104-23-229:49455 TIME_WAIT  -
tcp        0      0 localhost.localdo:mysql torchwood.melcher:46901 TIME_WAIT  -
tcp        0      0 torchwood.melcher:60208 localhost.locald:sunrpc TIME_WAIT  -

i got it working after I added my external ip to the main.conf of postfix with
-o mynetworks=[external_ip]

at 05:00 i got this in the log and mails are not deliverd again:

Code:

Oct 17 05:10:51 torchwood amavis[30901]: (30901-14) (!)rw_loop: leaving rw loop, no progress
Oct 17 05:10:51 torchwood postfix/proxymap[26293]: warning: connect to mysql server 127.0.0.1: Host 'torchwood.melcher.it' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts'
Oct 17 05:10:51 torchwood postfix/proxymap[26293]: warning: connect to mysql server 127.0.0.1: Host 'torchwood.melcher.it' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts'
Oct 17 05:10:51 torchwood postfix/trivial-rewrite[23493]: fatal: proxy:mysql:/etc/postfix/mysql-virtual_domains.cf(0,lock|fold_fix): table lookup problem
Oct 17 05:10:51 torchwood postfix/trivial-rewrite[23494]: fatal: proxy:mysql:/etc/postfix/mysql-virtual_domains.cf(0,lock|fold_fix): table lookup problem
Oct 17 05:10:51 torchwood postfix/trivial-rewrite[23495]: fatal: proxy:mysql:/etc/postfix/mysql-virtual_domains.cf(0,lock|fold_fix): table lookup problem
Oct 17 05:10:51 torchwood postfix/trivial-rewrite[23501]: fatal: proxy:mysql:/etc/postfix/mysql-virtual_domains.cf(0,lock|fold_fix): table lookup problem

I'm wondering why this case is not covered by the installation of ipconfig...
I've done the flush-host thing and now I'm googling how to fix the queries per day thing... I assume that somehow connects from my local machine to my local machine are not treated as local connections - but I really dont know why... -.-

suggestions?
so long
Max

p.s. as you see in the netstat there are a lot of open connections - at least the mails didnt get bounced... :)


All times are GMT +2. The time now is 20:04.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.