mail stopped working
I've a Squeeze Perfect Server installation with Bind Dovecot and Apache2.
After the above installation I installed Roundcube and everything was working fine.
I installed a secure certificate recently with StartSSL using that how-to.
It seems my own mail is no longer working, nor is anyone elses.
I've noticed that under Monitor I do have several requests in the mail queue for the last several days only.
There is nothing in mail.err log.
Every hour root gets mail from cron saying ispconfig/server/server.sh with a warning: "There is no public key available for the following key id: xxxxx"
I actual have a directory that's gone missing, where I keep my individual daily database backups. Not sure how that happened. I'm the only one with root password, but I haven't changed the password for a while.
I would like to get mail working again but not sure where to look.
Any help would be greatly appreciated.
Please take a look into the mail.log file in /var/log/ folder and post the errors that you get there. Most likely a wrong or no key file is installed for the ssl cert in postfix and /or dovecot.
Till, thank you for your help.
I created a mail account for a site that had none. Then sent from my Outlook account an email to it. Also I signed into the new account in Roundcube an saw my welcome message. I sent an email to my outlook account from Roundcube. That was at 10:55 and 10:56 respectively.
Since then the mail.log has been ablaze with activity about my email attempts.
So far the mail has not been delivered in either direction.
Also under /var/mail/ the expected new user record was not created, webnn.
Also I did a netstat -tapn and dovecot is listed but not postfix.
Here is the output from mail.log, but I don't see "errors".
The welcome message indicates that the local mailsystem is working correctly. To test if its a local issue or a remote issue, please login to roundcube, then send a email to the same address that you used for the roundcube login. It should be visible in the inbox within 1-2 minutes.
local test results
Till, thank you again for your response and help.
Yes, you are right the mail was delivered to the same account that sent it in less than 1 minute.
I'm quite sure that my system has been hacked and I'm wondering if fail2ban is working properly. I remember, it may have been when I was running Fedora not sure, but I used to get messages to root mail all day long about IP addresses being banned. I don't get them anymore. I'm wondering if fail2ban is working properly? I've copied the log from Monitor and pasted it below.
So the eror might be one of the following problems:
- Your server blocks external mail connections:
Please post the output of:
- Your internet access provider which provides the internet connection to yourserver blocks port 25 or there is a router between the server and the internet whcih blocks port 25.
- There is a dns problem, e.g. the MX record does not point to the server. Test the dns record(s) of the domain with e.g. intodns:
If you wnat to test it for other services you will have to use e.g. a mail client (not webmail) or a external FTP client and enter a wrong password more then 5 times.
If you think that the system has been hacked, then you should check it with rkhunter:
The most important part is if there are any rootkits found. In the first part which checks the binaries you will most likely see some false positives.
Till, thanks again for your response and help with this.
Here are the results:
Linksys wireless router:
Block Anonymous Internet Requests: ON
Filter Multicast: ON
Filter IDENT(Port 113): ON
No blocked services
No website blocking
Along with everything Apache and DNS, SMTP, and POP3 all are sent to the local address of my server.
iptables and netstat output are fine, postfix is listening on all network interfaces on port 25 and 587 and it is not blocked by a local firewall.
The dns record seems to be fine as well.
I then tested if I'am able to connect to your server on port 25 or 587 from outside but that not possible. I then tested the same for port 80 (apache) and this works.
So it seems that somehow the email ports are blocked between the internet and the server.
As you mentioned that this setup worked before, do you remember anything that happened right before the problems started that might be realted to the issue, e.g. did you configure something in the router or did youraccess provider announced any changes in ther service?
Till, thanks again for your response and help.
Two months ago, I installed a StartSSL class2 certificate. Following that I set up 2 sites in Joomla. Before that I know mail was working because I did a site for a guy and tested that his mail was working.
When I got a complaint about mail not working, first I checked root mail, which I should check more frequently. That's when I noticed that my daily MySQL backups had stopped working. Reason: the backup directory was missing. That's why I thought I was hacked.
I don't remember any notice from my ISP about changes. Perhaps the next step is to contact them and ask what's going on.
|All times are GMT +2. The time now is 22:42.|
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.