Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 12th May 2010, 19:22
DrJohn DrJohn is offline
Member
 
Join Date: Aug 2007
Location: Portland, OR, USA
Posts: 66
Thanks: 8
Thanked 2 Times in 2 Posts
Default Disappearing emails ispconfig 2 / postfix

Strange problem: forwarding or replying to some (not all) email from an external isp (via that isp's SMTP) to my primary email on the ispconfig-hosted (virtual) server here, the email never makes it to my inbox. Looking at /var/log/mail.log, I see that the mail is relayed internally to admispconfig@localhost.localdomain, which doesn't correspond to any user on the system.

Here's a snippet from mail.log:
Code:
May 12 08:44:53 mailserver postfix/smtpd[23041]: warning: 174.121.77.192: hostname c0.4d.79ae.static.theplanet.com verification failed: Name or service not known
May 12 08:44:54 mailserver postfix/smtpd[23041]: connect from unknown[174.121.77.192]
May 12 08:44:54 mailserver postfix/smtpd[23041]: setting up TLS connection from unknown[174.121.77.192]
May 12 08:44:54 mailserver postfix/smtpd[23041]: Anonymous TLS connection established from unknown[174.121.77.192]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
May 12 08:44:55 mailserver postgrey: action=pass, reason=triplet found, client_name=unknown, client_address=174.121.77.192, sender=john@sendingsite.com, recipient=john@hostedsite.com
May 12 08:44:55 mailserver postfix/smtpd[23041]: CBE39F47F1: client=unknown[174.121.77.192]
May 12 08:44:56 mailserver postfix/cleanup[23046]: CBE39F47F1: message-id=<4BEACCF3.9090900@sendingsite.com>
May 12 08:44:56 mailserver postfix/qmgr[12971]: CBE39F47F1: from=<john@sendingsite.com>, size=42802, nrcpt=1 (queue active)
May 12 08:44:56 mailserver postfix/smtpd[23041]: disconnect from unknown[174.121.77.192]
May 12 08:44:56 mailserver postfix/pickup[21838]: 80719F481A: uid=10007 from=<site4_myloginid>
May 12 08:44:56 mailserver postfix/cleanup[23046]: 80719F481A: message-id=<20100512154456.80719F481A@mailserver.mydomain.loc>
May 12 08:44:56 mailserver postfix/qmgr[12971]: 80719F481A: from=<site4_myuserid@mailserver.mydomain.loc>, size=436, nrcpt=1 (queue active)
May 12 08:44:56 mailserver postfix/local[23064]: 80719F481A: to=<admispconfig@localhost.localdomain>, relay=local, delay=0.3, delays=0.18/0.02/0/0.11, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail -f-)
May 12 08:44:56 mailserver postfix/qmgr[12971]: 80719F481A: removed
If I send a new message the same way, on the other hand, it is delivered. Mail.log:
Code:
May 12 09:02:38 mailserver postfix/smtpd[23041]: warning: 174.121.77.192: hostname c0.4d.79ae.static.theplanet.com verification failed: Name or service not known
May 12 09:02:38 mailserver postfix/smtpd[23041]: connect from unknown[174.121.77.192]
May 12 09:02:39 mailserver postfix/smtpd[23041]: setting up TLS connection from unknown[174.121.77.192]
May 12 09:02:39 mailserver postfix/smtpd[23041]: Anonymous TLS connection established from unknown[174.121.77.192]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
May 12 09:02:39 mailserver postgrey: action=pass, reason=triplet found, client_name=unknown, client_address=174.121.77.192, sender=john@sendingsite.com, recipient=john@hostedsite.com
May 12 09:02:39 mailserver postfix/smtpd[23041]: 83EF6F47F1: client=unknown[174.121.77.192]
May 12 09:02:39 mailserver postfix/cleanup[23453]: 83EF6F47F1: message-id=<4BEAD11D.3060809@sendingsite.com>
May 12 09:02:39 mailserver postfix/qmgr[12971]: 83EF6F47F1: from=<john@sendingsite.com>, size=1353, nrcpt=1 (queue active)
May 12 09:02:39 mailserver postfix/smtpd[23041]: disconnect from unknown[174.121.77.192]
May 12 09:02:39 mailserver postfix/pickup[21838]: D5BD6F481A: uid=10007 from=<myuserid>
May 12 09:02:39 mailserver postfix/cleanup[23453]: D5BD6F481A: message-id=<20100512160239.D5BD6F481A@mailserver.mydomain.loc>
May 12 09:02:39 mailserver postfix/qmgr[12971]: D5BD6F481A: from=<myuserid@mailserver.loc>, size=435, nrcpt=1 (queue active)
May 12 09:02:40 mailserver postfix/local[23472]: D5BD6F481A: to=<admispconfig@localhost.localdomain>, relay=local, delay=0.27, delays=0.14/0.03/0/0.1, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail -f-)
May 12 09:02:40 mailserver postfix/qmgr[12971]: D5BD6F481A: removed

May 12 09:02:48 mailserver postfix/local[23455]: 83EF6F47F1: to=<myuserid@mailserver.mydomain.loc>, orig_to=<john@hostedsite.com>, relay=local, delay=9.4, delays=0.14/0.03/0/9.3, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail -f-)
May 12 09:02:48 mailserver postfix/qmgr[12971]: 83EF6F47F1: removed
Does it have anything to do with admispconfig@localhost.localdomain?

I can post main.cf, etc. if needed.

Thanks
Reply With Quote
Sponsored Links
  #2  
Old 14th May 2010, 14:44
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default

The admispconfig@localhost.localdomain address is used only for traffic accounting, i.e., whenever a mail is sent, another mail with the size of the previously sent mail is sent to that account. That's why you see all those lines with admispconfig@localhost.localdomain in the logs. I don't think this has anything to do with the fact that emails are disappearing. Are there any other errors in your mail log?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 14th May 2010, 18:21
DrJohn DrJohn is offline
Member
 
Join Date: Aug 2007
Location: Portland, OR, USA
Posts: 66
Thanks: 8
Thanked 2 Times in 2 Posts
Default

OK, I understand about the admispconfig user. There are no other apparent errors in mail.log.

An associate uses an external virus / spam scanning service for his company (same one I used to use until I made the postfix rules stronger and installed postgrey here), and he asked about a particular trojan in a zip attachment that kept getting into his employees' inboxes. After looking at the situation, it appears that the trojan was being sent directly to his hosted server, bypassing the external scans, and that the host company had weak incoming detection capabilities.

Anyway, the subject issue arose when I tested the setup here by sending the trojan email with attachment in to my system from his. Sure enough, it never made it through to the inbox. But, when I sent the email in without the attachment (using 'reply' instead of 'forward') the same happened -- no receipt.

Perhaps clam sees the message as a threat, even without the 'live' attachment, because the message body contains the original email?

Thanks,

JH
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
How cai remove amavis from postfix ? gabrix Server Operation 16 2nd October 2012 10:58
Hosting multiple websites and webmail dmwcool Installation/Configuration 8 30th March 2010 04:15
Cannot send or receive mail farbrorc Installation/Configuration 6 24th January 2010 12:56
421 Unexpected failure Lizard King Installation/Configuration 20 7th July 2009 21:43
Mail System Error - Returned Mail tristanlee85 General 16 16th March 2008 10:40


All times are GMT +2. The time now is 22:44.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.