#1  
Old 16th June 2009, 00:26
gillesdevals gillesdevals is offline
Junior Member
 
Join Date: Oct 2007
Posts: 27
Thanks: 1
Thanked 3 Times in 3 Posts
Default domains not accessible

Hi, since one day, all the domains of my ISPConfig 3 server are not accessible. I can access to my server only through the IP address. I can login to the ISPConfig panel.

I need help

Any log from my server :

Mail-queue :

Data from: 2009-06-15 09:15
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
BD0BD84C299 3821 Sat Jun 13 13:18:39 idlufdimuaif@jaydemail.com
(host mail-1.domain.ch[194.124.254.5] said: 450 : Sender address rejected: MX or A record not found (in reply to RCPT TO command))
gilles.devals@domain.ch
(host mail.nell.ch[213.196.180.49] said: 450 Domain in Reverse-Path resolves to an invalid IP address (in reply to RCPT TO command))
fwinzer@nell.ch

-- 5 Kbytes in 1 Request.

Mail-log
Jun 15 08:54:38 ks354764 amavis[4046]: Internal decoder for .zip
Jun 15 08:54:38 ks354764 amavis[4046]: No decoder for .7z tried: 7zr, 7za, 7z
Jun 15 08:54:38 ks354764 amavis[4046]: No decoder for .rar
Jun 15 08:54:38 ks354764 amavis[4046]: Found decoder for .arj at /usr/bin/arj
Jun 15 08:54:38 ks354764 amavis[4046]: Found decoder for .arc at /usr/bin/nomarch
Jun 15 08:54:38 ks354764 amavis[4046]: Found decoder for .zoo at /usr/bin/zoo
Jun 15 08:54:38 ks354764 amavis[4046]: No decoder for .lha
Jun 15 08:54:38 ks354764 amavis[4046]: No decoder for .doc tried: ripole
Jun 15 08:54:38 ks354764 amavis[4046]: Found decoder for .cab at /usr/bin/cabextract
Jun 15 08:54:38 ks354764 amavis[4046]: No decoder for .tnef
Jun 15 08:54:38 ks354764 amavis[4046]: Internal decoder for .tnef
Jun 15 08:54:38 ks354764 amavis[4046]: Found decoder for .exe at /usr/bin/arj
Jun 15 08:54:38 ks354764 amavis[4046]: Using primary internal av scanner code for ClamAV-clamd
Jun 15 08:54:38 ks354764 amavis[4046]: Using primary internal av scanner code for check-jpeg
Jun 15 08:54:38 ks354764 amavis[4046]: Found secondary av scanner ClamAV-clamscan at /usr/bin/clamscan
Jun 15 08:54:38 ks354764 amavis[4046]: Creating db in /var/lib/amavis/db/; BerkeleyDB 0.34, libdb 4.6
Jun 15 08:54:42 ks354764 spamd[4162]: logger: removing stderr method
Jun 15 08:54:46 ks354764 spamd[4201]: spamd: server started on port 783/tcp (running version 3.2.5)
Jun 15 08:54:46 ks354764 spamd[4201]: spamd: server pid: 4201
Jun 15 08:54:46 ks354764 spamd[4201]: spamd: server successfully spawned child process, pid 4467
Jun 15 08:54:46 ks354764 spamd[4201]: spamd: server successfully spawned child process, pid 4468
Jun 15 08:54:46 ks354764 spamd[4201]: prefork: child states: II
Jun 15 08:54:48 ks354764 authdaemond: modules="authmysql", daemons=5
Jun 15 08:54:48 ks354764 authdaemond: Installing libauthmysql
Jun 15 08:54:48 ks354764 authdaemond: Installation complete: authmysql
Jun 15 08:54:50 ks354764 postfix/master[4693]: daemon started -- version 2.5.5, configuration /etc/postfix
Jun 15 08:55:02 ks354764 imapd: Connection, ip=[::ffff:127.0.0.1]
Jun 15 08:55:02 ks354764 pop3d: Connection, ip=[::ffff:127.0.0.1]
Jun 15 08:55:02 ks354764 pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Jun 15 08:55:02 ks354764 imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Jun 15 08:55:03 ks354764 postfix/smtpd[4967]: connect from localhost.localdomain[127.0.0.1]
Jun 15 08:55:03 ks354764 postfix/smtpd[4967]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
Jun 15 08:55:03 ks354764 postfix/smtpd[4967]: disconnect from localhost.localdomain[127.0.0.1]
Jun 15 09:00:02 ks354764 pop3d: Connection, ip=[::ffff:127.0.0.1]
Jun 15 09:00:02 ks354764 pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Jun 15 09:00:02 ks354764 imapd: Connection, ip=[::ffff:127.0.0.1]
Jun 15 09:00:02 ks354764 imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Jun 15 09:00:02 ks354764 postfix/smtpd[5324]: connect from localhost.localdomain[127.0.0.1]
Jun 15 09:00:02 ks354764 postfix/smtpd[5324]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
Jun 15 09:00:02 ks354764 postfix/smtpd[5324]: disconnect from localhost.localdomain[127.0.0.1]
Jun 15 09:03:37 ks354764 postfix/smtpd[21616]: connect from unknown[190.254.240.79]
Jun 15 09:03:38 ks354764 postfix/smtpd[21616]: 6A7BE84C28D: client=unknown[190.254.240.79]
Jun 15 09:03:41 ks354764 postfix/cleanup[21626]: 6A7BE84C28D: message-id=<000d01c9ed87$646eca40$6400a8c0@shtickqaya167>
Jun 15 09:03:41 ks354764 postfix/qmgr[4706]: 6A7BE84C28D: from=, size=1098, nrcpt=1 (queue active)
Jun 15 09:03:42 ks354764 postfix/smtpd[21616]: disconnect from unknown[190.254.240.79]
Jun 15 09:03:43 ks354764 postfix/smtpd[21631]: connect from localhost.localdomain[127.0.0.1]
Jun 15 09:03:43 ks354764 postfix/smtpd[21631]: 8D5D584C298: client=localhost.localdomain[127.0.0.1]
Jun 15 09:03:43 ks354764 postfix/cleanup[21626]: 8D5D584C298: message-id=<000d01c9ed87$646eca40$6400a8c0@shtickqaya167>
Jun 15 09:03:43 ks354764 postfix/qmgr[4706]: 8D5D584C298: from=, size=1565, nrcpt=1 (queue active)
Jun 15 09:03:43 ks354764 amavis[4300]: (04300-01) Passed CLEAN, [190.254.240.79] [190.254.240.79] -> , Message-ID: <000d01c9ed87$646eca40$6400a8c0@shtickqaya167>, mail_id: tmducoDf5Qx2, Hits: 17.284, size: 1098, queued_as: 8D5D584C298, 1897 ms
Jun 15 09:03:43 ks354764 postfix/smtp[21627]: 6A7BE84C28D: to=, relay=127.0.0.1[127.0.0.1]:10024, delay=5.2, delays=3.3/0.04/0.02/1.9, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=04300-01, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 8D5D584C298)
Jun 15 09:03:43 ks354764 postfix/qmgr[4706]: 6A7BE84C28D: removed
Jun 15 09:03:43 ks354764 postfix/pipe[21633]: 8D5D584C298: to=, orig_to=, relay=maildrop, delay=0.24, delays=0.03/0.03/0/0.18, dsn=2.0.0, status=sent (delivered via maildrop service)
Jun 15 09:03:43 ks354764 postfix/qmgr[4706]: 8D5D584C298: removed
Jun 15 09:05:02 ks354764 postfix/smtpd[21616]: connect from localhost.localdomain[127.0.0.1]
Jun 15 09:05:02 ks354764 postfix/smtpd[21616]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
Jun 15 09:05:02 ks354764 postfix/smtpd[21616]: disconnect from localhost.localdomain[127.0.0.1]
Jun 15 09:05:02 ks354764 pop3d: Connection, ip=[::ffff:127.0.0.1]
Jun 15 09:05:02 ks354764 pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Jun 15 09:05:02 ks354764 imapd: Connection, ip=[::ffff:127.0.0.1]
Jun 15 09:05:02 ks354764 imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Jun 15 09:06:05 ks354764 postfix/smtpd[21616]: warning: 88.241.161.227: hostname dsl88.241-41443.ttnet.net.tr verification failed: Name or service not known
Jun 15 09:06:05 ks354764 postfix/smtpd[21616]: connect from unknown[88.241.161.227]
Jun 15 09:06:06 ks354764 postfix/smtpd[21616]: 9910984C28D: client=unknown[88.241.161.227]
Jun 15 09:06:06 ks354764 postfix/cleanup[21885]: 9910984C28D: message-id=
Jun 15 09:06:07 ks354764 postfix/qmgr[4706]: 9910984C28D: from=, size=5764, nrcpt=1 (queue active)
Jun 15 09:06:07 ks354764 postfix/smtpd[21616]: disconnect from unknown[88.241.161.227]
Jun 15 09:06:08 ks354764 postfix/smtpd[21890]: connect from localhost.localdomain[127.0.0.1]
Jun 15 09:06:08 ks354764 postfix/smtpd[21890]: 7399D84C298: client=localhost.localdomain[127.0.0.1]
Jun 15 09:06:08 ks354764 postfix/cleanup[21885]: 7399D84C298: message-id=
Jun 15 09:06:08 ks354764 postfix/qmgr[4706]: 7399D84C298: from=, size=6259, nrcpt=1 (queue active)
Jun 15 09:06:08 ks354764 postfix/pipe[21892]: 7399D84C298: to=, orig_to=, relay=maildrop, delay=0.08, delays=0.02/0.02/0/0.03, dsn=2.0.0, status=sent (delivered via maildrop service)
Jun 15 09:06:08 ks354764 postfix/qmgr[4706]: 7399D84C298: removed
Jun 15 09:06:08 ks354764 amavis[4302]: (04302-01) Passed CLEAN, [88.241.161.227] [88.241.161.227] -> , Message-ID: , mail_id: KGbJbt6we-2h, Hits: 9.574, size: 5755, queued_as: 7399D84C298, 1446 ms
Jun 15 09:06:08 ks354764 postfix/smtp[21886]: 9910984C28D: to=, relay=127.0.0.1[127.0.0.1]:10024, delay=2.3, delays=0.85/0.01/0.01/1.4, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=04302-01, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 7399D84C298)
Jun 15 09:06:08 ks354764 postfix/qmgr[4706]: 9910984C28D: removed
Jun 15 09:08:43 ks354764 postfix/smtpd[21631]: timeout after END-OF-MESSAGE from localhost.localdomain[127.0.0.1]
Jun 15 09:08:43 ks354764 postfix/smtpd[21631]: disconnect from localhost.localdomain[127.0.0.1]
Jun 15 09:09:27 ks354764 postfix/anvil[21618]: statistics: max connection rate 1/60s for (smtp:190.254.240.79) at Jun 15 09:03:37
Jun 15 09:09:27 ks354764 postfix/anvil[21618]: statistics: max connection count 1 for (smtp:190.254.240.79) at Jun 15 09:03:37
Jun 15 09:09:27 ks354764 postfix/anvil[21618]: statistics: max cache size 1 at Jun 15 09:03:37
Jun 15 09:10:01 ks354764 pop3d: Connection, ip=[::ffff:127.0.0.1]
Jun 15 09:10:01 ks354764 pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Jun 15 09:10:01 ks354764 imapd: Connection, ip=[::ffff:127.0.0.1]
Jun 15 09:10:01 ks354764 imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Jun 15 09:10:02 ks354764 postfix/smtpd[22111]: connect from localhost.localdomain[127.0.0.1]
Jun 15 09:10:02 ks354764 postfix/smtpd[22111]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
Jun 15 09:10:02 ks354764 postfix/smtpd[22111]: disconnect from localhost.localdomain[127.0.0.1]
Jun 15 09:11:08 ks354764 postfix/smtpd[21890]: timeout after END-OF-MESSAGE from localhost.localdomain[127.0.0.1]
Jun 15 09:11:08 ks354764 postfix/smtpd[21890]: disconnect from localhost.localdomain[127.0.0.1]
Jun 15 09:11:26 ks354764 postfix/smtpd[22111]: connect from unknown[77.235.37.205]
Jun 15 09:11:26 ks354764 postfix/smtpd[22111]: lost connection after CONNECT from unknown[77.235.37.205]
Jun 15 09:11:26 ks354764 postfix/smtpd[22111]: disconnect from unknown[77.235.37.205]
Jun 15 09:14:46 ks354764 postfix/anvil[22178]: statistics: max connection rate 1/60s for (smtp:77.235.37.205) at Jun 15 09:11:26
Jun 15 09:14:46 ks354764 postfix/anvil[22178]: statistics: max connection count 1 for (smtp:77.235.37.205) at Jun 15 09:11:26
Jun 15 09:14:46 ks354764 postfix/anvil[22178]: statistics: max cache size 1 at Jun 15 09:11:26
Jun 15 09:15:01 ks354764 pop3d: Connection, ip=[::ffff:127.0.0.1]
Jun 15 09:15:01 ks354764 pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Jun 15 09:15:01 ks354764 imapd: Connection, ip=[::ffff:127.0.0.1]
Jun 15 09:15:01 ks354764 imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0

System-log
Jun 15 08:54:31 ks354764 kernel: usb usb3: configuration #1 chosen from 1 choice
Jun 15 08:54:31 ks354764 kernel: hub 3-0:1.0: USB hub found
Jun 15 08:54:31 ks354764 kernel: hub 3-0:1.0: 3 ports detected
Jun 15 08:54:31 ks354764 kernel: ohci_hcd 0000:00:03.2: enabling device (0100 -> 0102)
Jun 15 08:54:31 ks354764 kernel: ohci_hcd 0000:00:03.2: PCI INT C -> GSI 22 (level, low) -> IRQ 22
Jun 15 08:54:31 ks354764 kernel: ohci_hcd 0000:00:03.2: OHCI Host Controller
Jun 15 08:54:31 ks354764 kernel: ohci_hcd 0000:00:03.2: new USB bus registered, assigned bus number 4
Jun 15 08:54:31 ks354764 kernel: ohci_hcd 0000:00:03.2: irq 22, io mem 0x4a102000
Jun 15 08:54:31 ks354764 kernel: usb usb4: configuration #1 chosen from 1 choice
Jun 15 08:54:31 ks354764 kernel: hub 4-0:1.0: USB hub found
Jun 15 08:54:31 ks354764 kernel: hub 4-0:1.0: 2 ports detected
Jun 15 08:54:31 ks354764 kernel: USB Universal Host Controller Interface driver v3.0
Jun 15 08:54:31 ks354764 kernel: Initializing USB Mass Storage driver...
Jun 15 08:54:31 ks354764 kernel: usbcore: registered new interface driver usb-storage
Jun 15 08:54:31 ks354764 kernel: USB Mass Storage support registered.
Jun 15 08:54:31 ks354764 kernel: usbcore: registered new interface driver libusual
Jun 15 08:54:31 ks354764 kernel: PNP: No PS/2 controller found. Probing ports directly.
Jun 15 08:54:31 ks354764 kernel: serio: i8042 KBD port at 0x60,0x64 irq 1
Jun 15 08:54:31 ks354764 kernel: serio: i8042 AUX port at 0x60,0x64 irq 12
Jun 15 08:54:31 ks354764 kernel: mice: PS/2 mouse device common for all mice
Jun 15 08:54:31 ks354764 kernel: rtc_cmos 00:02: rtc core: registered rtc_cmos as rtc0
Jun 15 08:54:31 ks354764 kernel: rtc0: alarms up to one month
Jun 15 08:54:31 ks354764 kernel: coretemp coretemp.0: Using relative temperature scale!
Jun 15 08:54:31 ks354764 kernel: w83627ehf: Found W83627DHG chip at 0x290
Jun 15 08:54:31 ks354764 kernel: Software Watchdog Timer: 0.07 initialized. soft_noboot=0 soft_margin=60 sec (nowayout= 0)
Jun 15 08:54:31 ks354764 kernel: md: linear personality registered for level -1
Jun 15 08:54:31 ks354764 kernel: md: raid0 personality registered for level 0
Jun 15 08:54:31 ks354764 kernel: md: raid1 personality registered for level 1
Jun 15 08:54:31 ks354764 kernel: md: raid10 personality registered for level 10
Jun 15 08:54:31 ks354764 kernel: raid6: int64x1 1104 MB/s
Jun 15 08:54:31 ks354764 kernel: raid6: int64x2 1515 MB/s
Jun 15 08:54:31 ks354764 kernel: raid6: int64x4 1410 MB/s
Jun 15 08:54:31 ks354764 kernel: raid6: int64x8 1075 MB/s
Jun 15 08:54:31 ks354764 kernel: raid6: sse2x1 2027 MB/s
Jun 15 08:54:31 ks354764 kernel: raid6: sse2x2 2282 MB/s
Jun 15 08:54:31 ks354764 kernel: raid6: sse2x4 3468 MB/s
Jun 15 08:54:31 ks354764 kernel: raid6: using algorithm sse2x4 (3468 MB/s)
Jun 15 08:54:31 ks354764 kernel: md: raid6 personality registered for level 6
Jun 15 08:54:31 ks354764 kernel: md: raid5 personality registered for level 5
Jun 15 08:54:31 ks354764 kernel: md: raid4 personality registered for level 4
Jun 15 08:54:31 ks354764 kernel: md: multipath personality registered for level -4
Jun 15 08:54:31 ks354764 kernel: md: faulty personality registered for level -5
Jun 15 08:54:31 ks354764 kernel: device-mapper: ioctl: 4.14.0-ioctl (2008-04-23) initialised: dm-devel@redhat.com
Jun 15 08:54:31 ks354764 kernel: device-mapper: multipath: version 1.0.5 loaded
Jun 15 08:54:31 ks354764 kernel: device-mapper: multipath round-robin: version 1.0.0 loaded
Jun 15 08:54:31 ks354764 kernel: No iBFT detected.
Jun 15 08:54:31 ks354764 kernel: usbcore: registered new interface driver usbkbd
Jun 15 08:54:31 ks354764 kernel: usbkbd: :USB HID Boot Protocol keyboard driver
Jun 15 08:54:31 ks354764 kernel: usbcore: registered new interface driver usbmouse
Jun 15 08:54:31 ks354764 kernel: usbmouse: v1.6:USB HID Boot Protocol mouse driver
Jun 15 08:54:31 ks354764 kernel: Netfilter messages via NETLINK v0.30.
Jun 15 08:54:31 ks354764 kernel: nf_conntrack version 0.5.0 (8192 buckets, 32768 max)
Jun 15 08:54:31 ks354764 kernel: CONFIG_NF_CT_ACCT is deprecated and will be removed soon. Plase use
Jun 15 08:54:31 ks354764 kernel: nf_conntrack.acct=1 kernel paramater, acct=1 nf_conntrack module option or
Jun 15 08:54:31 ks354764 kernel: sysctl net.netfilter.nf_conntrack_acct=1 to enable it.
Jun 15 08:54:31 ks354764 kernel: ctnetlink v0.93: registering with nfnetlink.
Jun 15 08:54:31 ks354764 kernel: IPv4 over IPv4 tunneling driver
Jun 15 08:54:31 ks354764 kernel: GRE over IPv4 tunneling driver
Jun 15 08:54:31 ks354764 kernel: ip_tables: (C) 2000-2006 Netfilter Core Team
Jun 15 08:54:31 ks354764 kernel: ClusterIP Version 0.8 loaded successfully
Jun 15 08:54:31 ks354764 kernel: TCP cubic registered
Jun 15 08:54:31 ks354764 kernel: Initializing XFRM netlink socket
Jun 15 08:54:31 ks354764 kernel: NET: Registered protocol family 17
Jun 15 08:54:31 ks354764 kernel: NET: Registered protocol family 15
Jun 15 08:54:31 ks354764 kernel: RPC: Registered udp transport module.
Jun 15 08:54:31 ks354764 kernel: RPC: Registered tcp transport module.
Jun 15 08:54:31 ks354764 kernel: 802.1Q VLAN Support v1.8 Ben Greear
Jun 15 08:54:31 ks354764 kernel: All bugs added by David S. Miller
Jun 15 08:54:31 ks354764 kernel: SCTP: Hash tables configured (established 65536 bind 65536)
Jun 15 08:54:31 ks354764 kernel: rtc_cmos 00:02: setting system clock to 2009-06-15 06:52:18 UTC (1245048738)
Jun 15 08:54:31 ks354764 kernel: md: Autodetecting RAID arrays.
Jun 15 08:54:31 ks354764 kernel: md: Scanned 0 and added 0 devices.
Jun 15 08:54:31 ks354764 kernel: md: autorun ...
Jun 15 08:54:31 ks354764 kernel: md: ... autorun DONE.
Jun 15 08:54:31 ks354764 kernel: EXT3-fs: INFO: recovery required on readonly filesystem.
Jun 15 08:54:31 ks354764 kernel: EXT3-fs: write access will be enabled during recovery.
Jun 15 08:54:31 ks354764 kernel: kjournald starting. Commit interval 5 seconds
Jun 15 08:54:31 ks354764 kernel: EXT3-fs: sda1: orphan cleanup on readonly fs
Jun 15 08:54:31 ks354764 kernel: EXT3-fs: sda1: 8 orphan inodes deleted
Jun 15 08:54:31 ks354764 kernel: EXT3-fs: recovery complete.
Jun 15 08:54:31 ks354764 kernel: EXT3-fs: mounted filesystem with ordered data mode.
Jun 15 08:54:31 ks354764 kernel: VFS: Mounted root (ext3 filesystem) readonly.
Jun 15 08:54:31 ks354764 kernel: Freeing unused kernel memory: 360k freed
Jun 15 08:54:31 ks354764 kernel: Adding 522104k swap on /dev/sda2. Priority:-1 extents:1 across:522104k
Jun 15 08:54:31 ks354764 kernel: EXT3 FS on sda1, internal journal
Jun 15 08:54:31 ks354764 kernel: eth0: Media Link On 100mbps full-duplex
Jun 15 08:54:31 ks354764 rsyslogd: [origin software="rsyslogd" swVersion="3.18.6" x-pid="3966" x-info="http://www.rsyslog.com"] restart
Jun 15 08:54:50 ks354764 kernel: warning: `pure-ftpd-mysql' uses 32-bit capabilities (legacy support in use)
Jun 15 08:55:02 ks354764 pure-ftpd: (?@localhost.localdomain) [INFO] New connection from localhost.localdomain
Jun 15 08:55:02 ks354764 pure-ftpd: (?@localhost.localdomain) [INFO] Logout.
Jun 15 09:00:02 ks354764 pure-ftpd: (?@localhost.localdomain) [INFO] New connection from localhost.localdomain
Jun 15 09:00:02 ks354764 pure-ftpd: (?@localhost.localdomain) [INFO] Logout.
Jun 15 09:05:02 ks354764 pure-ftpd: (?@localhost.localdomain) [INFO] New connection from localhost.localdomain
Jun 15 09:05:02 ks354764 pure-ftpd: (?@localhost.localdomain) [INFO] Logout.
Jun 15 09:10:01 ks354764 pure-ftpd: (?@localhost.localdomain) [INFO] New connection from localhost.localdomain
Jun 15 09:10:01 ks354764 pure-ftpd: (?@localhost.localdomain) [INFO] Logout.
Jun 15 09:15:01 ks354764 pure-ftpd: (?@localhost.localdomain) [INFO] New connection from localhost.localdomain
Jun 15 09:15:01 ks354764 pure-ftpd: (?@localhost.localdomain) [INFO] Logout.
Jun 15 09:20:01 ks354764 pure-ftpd: (?@localhost.localdomain) [INFO] New connection from localhost.localdomain
Jun 15 09:20:01 ks354764 pure-ftpd: (?@localhost.localdomain) [INFO] Logout.

fail2ban-log :
2009-06-14 06:25:42,344 fail2ban.server : INFO Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.3
2009-06-14 06:25:42,346 fail2ban.jail : INFO Creating new jail 'ssh'
2009-06-14 06:25:42,346 fail2ban.jail : INFO Jail 'ssh' uses poller
2009-06-14 06:25:42,349 fail2ban.filter : INFO Added logfile = /var/log/auth.log
2009-06-14 06:25:42,351 fail2ban.filter : INFO Set maxRetry = 6
2009-06-14 06:25:42,355 fail2ban.filter : INFO Set findtime = 600
2009-06-14 06:25:42,356 fail2ban.actions: INFO Set banTime = 600
2009-06-14 06:25:42,524 fail2ban.jail : INFO Jail 'ssh' started
2009-06-14 06:25:52,945 fail2ban.filter : INFO Log rotation detected for /var/log/auth.log
2009-06-14 06:26:01,945 fail2ban.filter : INFO Log rotation detected for /var/log/auth.log
2009-06-14 08:21:13,709 fail2ban.actions: WARNING [ssh] Ban 69.64.38.17
2009-06-14 08:31:13,721 fail2ban.actions: WARNING [ssh] Unban 69.64.38.17
2009-06-14 11:00:34,909 fail2ban.actions: WARNING [ssh] Ban 200.181.118.120
2009-06-14 11:10:34,933 fail2ban.actions: WARNING [ssh] Unban 200.181.118.120
2009-06-14 12:03:10,005 fail2ban.actions: WARNING [ssh] Ban 190.196.68.162
2009-06-14 12:13:10,021 fail2ban.actions: WARNING [ssh] Unban 190.196.68.162
2009-06-15 00:08:46,501 fail2ban.actions: WARNING [ssh] Ban 190.196.68.162
2009-06-15 00:18:46,521 fail2ban.actions: WARNING [ssh] Unban 190.196.68.162
2009-06-15 04:22:55,653 fail2ban.actions: WARNING [ssh] Ban 91.199.22.117
2009-06-15 04:32:55,665 fail2ban.actions: WARNING [ssh] Unban 91.199.22.117
2009-06-15 04:41:01,677 fail2ban.actions: WARNING [ssh] Ban 216.146.46.93
2009-06-15 04:51:01,689 fail2ban.actions: WARNING [ssh] Unban 216.146.46.93
2009-06-15 05:00:39,725 fail2ban.actions: WARNING [ssh] Ban 216.146.46.93
2009-06-15 05:03:43,773 fail2ban.actions: WARNING [ssh] Ban 91.199.22.117
2009-06-15 05:10:39,785 fail2ban.actions: WARNING [ssh] Unban 216.146.46.93
2009-06-15 05:13:43,797 fail2ban.actions: WARNING [ssh] Unban 91.199.22.117
2009-06-15 08:54:54,505 fail2ban.server : INFO Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.3
2009-06-15 08:54:54,514 fail2ban.jail : INFO Creating new jail 'ssh'
2009-06-15 08:54:54,514 fail2ban.jail : INFO Jail 'ssh' uses poller
2009-06-15 08:54:54,599 fail2ban.filter : INFO Added logfile = /var/log/auth.log
2009-06-15 08:54:54,601 fail2ban.filter : INFO Set maxRetry = 6
2009-06-15 08:54:54,604 fail2ban.filter : INFO Set findtime = 600
2009-06-15 08:54:54,606 fail2ban.actions: INFO Set banTime = 600
2009-06-15 08:54:54,980 fail2ban.jail : INFO Jail 'ssh' started

RKHunter-log :

[ Rootkit Hunter version 1.3.2 ]

Checking rkhunter data files...
Checking file mirrors.dat [ No update ]
Checking file programs_bad.dat [ No update ]
Checking file backdoorports.dat [ No update ]
Checking file suspscan.dat [ No update ]
Checking file i18n/cn [ No update ]
Checking file i18n/en [ No update ]
Checking file i18n/zh [ No update ]
Checking file i18n/zh.utf8 [ No update ]

Checking system commands...

Performing 'strings' command checks
Checking 'strings' command [ OK ]

Performing 'shared libraries' checks
Checking for preloading variables [ None found ]
Checking for preload file [ Not found ]
Checking LD_LIBRARY_PATH variable [ Not found ]

Performing file properties checks
Checking for prerequisites [ OK ]
/bin/bash [ OK ]
/bin/cat [ OK ]
/bin/chmod [ OK ]
/bin/chown [ OK ]
/bin/cp [ OK ]
/bin/date [ OK ]
/bin/df [ OK ]
/bin/dmesg [ OK ]
/bin/echo [ OK ]
/bin/ed [ OK ]
/bin/egrep [ OK ]
/bin/fgrep [ OK ]
/bin/fuser [ OK ]
/bin/grep [ OK ]
/bin/ip [ OK ]
/bin/kill [ OK ]
/bin/login [ OK ]
/bin/ls [ OK ]
/bin/lsmod [ OK ]
/bin/mktemp [ OK ]
/bin/more [ OK ]
/bin/mount [ OK ]
/bin/mv [ OK ]
/bin/netstat [ OK ]
/bin/ps [ OK ]
/bin/pwd [ OK ]
/bin/readlink [ OK ]
/bin/sed [ OK ]
/bin/sh [ OK ]
/bin/su [ OK ]
/bin/touch [ OK ]
/bin/uname [ OK ]
/bin/which [ OK ]
/usr/bin/awk [ Warning ]
/usr/bin/basename [ OK ]
/usr/bin/chattr [ OK ]
/usr/bin/cut [ OK ]
/usr/bin/diff [ OK ]
/usr/bin/dirname [ OK ]
/usr/bin/dpkg [ OK ]
/usr/bin/dpkg-query [ OK ]
/usr/bin/du [ OK ]
/usr/bin/env [ OK ]
/usr/bin/file [ OK ]
/usr/bin/find [ OK ]
/usr/bin/GET [ Warning ]
/usr/bin/groups [ OK ]
/usr/bin/head [ OK ]
/usr/bin/id [ OK ]
/usr/bin/killall [ OK ]
/usr/bin/last [ OK ]
/usr/bin/lastlog [ OK ]
/usr/bin/ldd [ OK ]
/usr/bin/less [ OK ]
/usr/bin/locate [ OK ]
/usr/bin/logger [ OK ]
/usr/bin/lsattr [ OK ]
/usr/bin/lsof [ OK ]
/usr/bin/lynx [ OK ]
/usr/bin/mail [ OK ]
/usr/bin/md5sum [ OK ]
/usr/bin/mlocate [ OK ]
/usr/bin/newgrp [ OK ]
/usr/bin/passwd [ OK ]
/usr/bin/perl [ OK ]
/usr/bin/pstree [ OK ]
/usr/bin/rkhunter [ OK ]
/usr/bin/runcon [ OK ]
/usr/bin/sha1sum [ OK ]
/usr/bin/size [ OK ]
/usr/bin/sort [ OK ]
/usr/bin/stat [ OK ]
/usr/bin/strings [ OK ]
/usr/bin/tail [ OK ]
/usr/bin/test [ OK ]
/usr/bin/top [ OK ]
/usr/bin/touch [ OK ]
/usr/bin/tr [ OK ]
/usr/bin/uniq [ OK ]
/usr/bin/users [ OK ]
/usr/bin/vmstat [ OK ]
/usr/bin/w [ OK ]
/usr/bin/watch [ OK ]
/usr/bin/wc [ OK ]
/usr/bin/wget [ OK ]
/usr/bin/whatis [ OK ]
/usr/bin/whereis [ OK ]
/usr/bin/which [ OK ]
/usr/bin/who [ OK ]
/usr/bin/whoami [ OK ]
/usr/bin/gawk [ Warning ]
/usr/bin/lwp-request [ Warning ]
/usr/bin/lynx.cur [ OK ]
/usr/bin/bsd-mailx [ OK ]
/usr/bin/w.procps [ OK ]
/sbin/depmod [ OK ]
/sbin/ifconfig [ OK ]
/sbin/ifdown [ OK ]
/sbin/ifup [ OK ]
/sbin/init [ OK ]
/sbin/insmod [ OK ]
/sbin/ip [ OK ]
/sbin/lsmod [ OK ]
/sbin/modinfo [ OK ]
/sbin/modprobe [ OK ]
/sbin/rmmod [ OK ]
/sbin/runlevel [ OK ]
/sbin/sulogin [ OK ]
/sbin/sysctl [ OK ]
/usr/sbin/adduser [ OK ]
/usr/sbin/chroot [ OK ]
/usr/sbin/cron [ OK ]
/usr/sbin/groupadd [ OK ]
/usr/sbin/groupdel [ OK ]
/usr/sbin/groupmod [ OK ]
/usr/sbin/grpck [ OK ]
/usr/sbin/inetd [ OK ]
/usr/sbin/nologin [ OK ]
/usr/sbin/pwck [ OK ]
/usr/sbin/rsyslogd [ OK ]
/usr/sbin/tcpd [ OK ]
/usr/sbin/unhide [ Warning ]
/usr/sbin/useradd [ OK ]
/usr/sbin/userdel [ OK ]
/usr/sbin/usermod [ OK ]
/usr/sbin/vipw [ OK ]
/usr/sbin/unhide-linux26 [ Warning ]

Checking for rootkits...

Performing check of known rootkit files and directories
55808 Trojan - Variant A [ Not found ]
ADM Worm [ Not found ]
AjaKit Rootkit [ Not found ]
aPa Kit [ Not found ]
Apache Worm [ Not found ]
Ambient (ark) Rootkit [ Not found ]
Balaur Rootkit [ Not found ]
BeastKit Rootkit [ Not found ]
beX2 Rootkit [ Not found ]
BOBKit Rootkit [ Not found ]
CiNIK Worm (Slapper.B variant) [ Not found ]
Danny-Boy's Abuse Kit [ Not found ]
Devil RootKit [ Not found ]
Dica-Kit Rootkit [ Not found ]
Dreams Rootkit [ Not found ]
Duarawkz Rootkit [ Not found ]
Enye LKM [ Not found ]
Flea Linux Rootkit [ Not found ]
FreeBSD Rootkit [ Not found ]
Fuck`it Rootkit [ Not found ]
GasKit Rootkit [ Not found ]
Heroin LKM [ Not found ]
HjC Kit [ Not found ]
ignoKit Rootkit [ Not found ]
ImperalsS-FBRK Rootkit [ Not found ]
Irix Rootkit [ Not found ]
Kitko Rootkit [ Not found ]
Knark Rootkit [ Not found ]
Li0n Worm [ Not found ]
Lockit / LJK2 Rootkit [ Not found ]
Mood-NT Rootkit [ Not found ]
MRK Rootkit [ Not found ]
Ni0 Rootkit [ Not found ]
Ohhara Rootkit [ Not found ]
Optic Kit (Tux) Worm [ Not found ]
Oz Rootkit [ Not found ]
Phalanx Rootkit [ Not found ]
Phalanx Rootkit (strings) [ Not found ]
Portacelo Rootkit [ Not found ]
R3dstorm Toolkit [ Not found ]
RH-Sharpe's Rootkit [ Not found ]
RSHA's Rootkit [ Not found ]
Scalper Worm [ Not found ]
Sebek LKM [ Not found ]
Shutdown Rootkit [ Not found ]
SHV4 Rootkit [ Not found ]
SHV5 Rootkit [ Not found ]
Sin Rootkit [ Not found ]
Slapper Worm [ Not found ]
Sneakin Rootkit [ Not found ]
Suckit Rootkit [ Not found ]
SunOS Rootkit [ Not found ]
SunOS / NSDAP Rootkit [ Not found ]
Superkit Rootkit [ Not found ]
TBD (Telnet BackDoor) [ Not found ]
TeLeKiT Rootkit [ Not found ]
T0rn Rootkit [ Not found ]
Trojanit Kit [ Not found ]
Tuxtendo Rootkit [ Not found ]
URK Rootkit [ Not found ]
VcKit Rootkit [ Not found ]
Volc Rootkit [ Not found ]
X-Org SunOS Rootkit [ Not found ]
zaRwT.KiT Rootkit [ Not found ]

Performing additional rootkit checks
Suckit Rookit additional checks [ OK ]
Checking for possible rootkit files and directories [ None found ]
Checking for possible rootkit strings [ None found ]

Performing malware checks
Checking running processes for suspicious files [ None found ]
Checking for login backdoors [ None found ]
Checking for suspicious directories [ None found ]
Checking for sniffer log files [ None found ]

Performing trojan specific checks
Checking for enabled inetd services [ OK ]
Checking for Apache backdoor [ Not found ]

Performing Linux specific checks
Checking kernel module commands [ Warning ]
Checking kernel module names [ OK ]

Checking the network...

Performing checks on the network interfaces
Checking for promiscuous interfaces [ None found ]

Checking the local host...

Performing system boot checks
Checking for local host name [ Found ]
Checking for local startup files [ Found ]
Checking local startup files for malware [ None found ]
Checking system startup files for malware [ None found ]

Performing group and account checks
Checking for passwd file [ Found ]
Checking for root equivalent (UID 0) accounts [ None found ]
Checking for passwordless accounts [ None found ]
Checking for passwd file changes [ None found ]
Checking for group file changes [ None found ]
Checking root account shell history files [ OK ]

Performing system configuration file checks
Checking for SSH configuration file [ Found ]
Checking if SSH root access is allowed [ Warning ]
Checking if SSH protocol v1 is allowed [ Not allowed ]
Checking for running syslog daemon [ Found ]
Checking for syslog configuration file [ Found ]
Checking if syslog remote logging is allowed [ Not allowed ]

Performing filesystem checks
Checking /dev for suspicious file types [ None found ]
Checking for hidden files and directories [ None found ]

Checking application versions...

Checking version of GnuPG [ OK ]
Checking version of Bind DNS [ OK ]
Checking version of OpenSSL [ OK ]
Checking version of PHP [ OK ]
Checking version of OpenSSH [ OK ]


System checks summary
=====================

File properties checks...
Files checked: 127
Suspect files: 6

Rootkit checks...
Rootkits checked : 108
Possible rootkits: 0

Applications checks...
Applications checked: 5
Suspect applications: 0

The system checks took: 1 minute and 27 seconds

All results have been written to the logfile (/var/log/rkhunter.log)

One or more warnings have been found while checking the system.
Please check the log file (/var/log/rkhunter.log)


Thanks in advance for your help.
Reply With Quote
Sponsored Links
  #2  
Old 16th June 2009, 16:04
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 37,015
Thanks: 840
Thanked 5,651 Times in 4,461 Posts
Default

Check the dns server of your domains which might be the dns server of your domain registry, the problem is not related to web mail or other daemons on your server.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 17th June 2009, 00:19
gillesdevals gillesdevals is offline
Junior Member
 
Join Date: Oct 2007
Posts: 27
Thanks: 1
Thanked 3 Times in 3 Posts
Default ok but

ok to check the dns server, but how can I do.
I'm not an expert to setup a dns server.

Thanks in advance.
Reply With Quote
  #4  
Old 17th June 2009, 10:12
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 37,015
Thanks: 840
Thanked 5,651 Times in 4,461 Posts
 
Default

Use the command. Syntax:

dig mydomain.tld
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Strange email problem for one of my domains... any help appreciated paulrobert_a Installation/Configuration 5 9th August 2010 15:15
Exim Gateway with mailwatch (Unable to receive emails) siul0_0 HOWTO-Related Questions 10 9th May 2009 00:00
Web Hosting Only For Individual Domains bails Installation/Configuration 2 19th August 2008 17:35
Domains limit not enforced for resellers? mrvanes General 3 3rd January 2008 12:07
different counting of domains torusturtle Feature Requests 7 9th May 2007 23:18


All times are GMT +2. The time now is 06:44.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.