Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #11  
Old 16th February 2012, 11:22
Cracklefish Cracklefish is offline
Member
 
Join Date: Mar 2009
Posts: 95
Thanks: 8
Thanked 3 Times in 3 Posts
Default

Quote:
Originally Posted by till View Post
Please post the exact error messages that you get.
opening ISPConfig gives...

Code:

Server error!

The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there was an error in a CGI script.

If you think this is a server error, please contact the webmaster.
Error 500

phpMyAdmin, squirrrelmail and webalizer give...
Code:
Unable to connect
      
      
      
      
      
        
        
          Firefox can't establish a connection to the server at golf1.greenway.co.uk.
        

        
        

  The site could be temporarily unavailable or too busy. Try again in a few
    moments.
  If you are unable to load any pages, check your computer's network
    connection.
  If your computer or network is protected by a firewall or proxy, make sure
    that Firefox is permitted to access the Web.


From var/log/mail...
Code:
Feb 16 09:44:47 Golf1 postfix/smtpd[6188]: lost connection after RCPT from unknown[117.205.164.40]
Feb 16 09:44:47 Golf1 postfix/smtpd[6188]: disconnect from unknown[117.205.164.40]
Feb 16 09:45:02 Golf1 dovecot: pop3-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Feb 16 09:45:02 Golf1 postfix/smtpd[6188]: connect from localhost[::1]
Feb 16 09:45:02 Golf1 postfix/smtpd[6188]: lost connection after CONNECT from localhost[::1]
Feb 16 09:45:02 Golf1 dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Feb 16 09:45:02 Golf1 postfix/smtpd[6188]: disconnect from localhost[::1]
Feb 16 09:46:58 Golf1 postfix/anvil[5901]: statistics: max connection rate 2/60s for (smtp:unknown) at Feb 16 09:41:27
Feb 16 09:46:58 Golf1 postfix/anvil[5901]: statistics: max connection count 1 for (smtp:59.93.9.199) at Feb 16 09:36:58
Feb 16 09:46:58 Golf1 postfix/anvil[5901]: statistics: max cache size 3 at Feb 16 09:41:02
Feb 16 09:48:10 Golf1 clamd[1875]: SelfCheck: Database status OK.
Feb 16 09:48:31 Golf1 postfix/smtpd[6426]: connect from unknown[125.167.150.238]
Feb 16 09:48:31 Golf1 postfix/smtpd[6426]: lost connection after CONNECT from unknown[125.167.150.238]
Feb 16 09:48:31 Golf1 postfix/smtpd[6426]: disconnect from unknown[125.167.150.238]
Feb 16 09:48:40 Golf1 postfix/smtpd[6439]: connect from unknown[125.167.150.238]
Feb 16 09:48:47 Golf1 postfix/smtpd[6439]: NOQUEUE: reject: RCPT from unknown[125.167.150.238]: 554 5.7.1 <siamvi@crosoer.com>: Relay access denied; from=<hassiesuzanna@galaxypwr.com> to=<siamvi@crosoer.com> proto=SMTP helo=<9uqldd7q2l.net>
Reply With Quote
Sponsored Links
  #12  
Old 16th February 2012, 11:29
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,788
Thanks: 840
Thanked 5,612 Times in 4,423 Posts
Default

Quote:
The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there was an error in a CGI script.
Please post the exact error message that you find in the apache error.log.

The mail log you posted is ok. The errors are most likely in the log lines before the lines that you posted.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #13  
Old 16th February 2012, 11:38
Cracklefish Cracklefish is offline
Member
 
Join Date: Mar 2009
Posts: 95
Thanks: 8
Thanked 3 Times in 3 Posts
Default

Quote:
Originally Posted by till View Post
Please post the exact error message that you find in the apache error.log.

The mail log you posted is ok. The errors are most likely in the log lines before the lines that you posted.
Code:
[Thu Feb 16 10:10:48 2012] [error] [client 82.70.171.142] client denied by server configuration: /srv/www/htdocs/phpMyAdmin/index.php
[Thu Feb 16 10:10:48 2012] [error] [client 82.70.171.142] client denied by server configuration: /srv/www/htdocs/phpMyAdmin/index.php3
[Thu Feb 16 10:10:48 2012] [error] [client 82.70.171.142] client denied by server configuration: /srv/www/htdocs/phpMyAdmin/index.php4
[Thu Feb 16 10:10:48 2012] [error] [client 82.70.171.142] client denied by server configuration: /srv/www/htdocs/phpMyAdmin/index.php5
[Thu Feb 16 10:10:48 2012] [error] [client 82.70.171.142] client denied by server configuration: /srv/www/htdocs/phpMyAdmin/index.php4
[Thu Feb 16 10:10:48 2012] [error] [client 82.70.171.142] client denied by server configuration: /srv/www/htdocs/phpMyAdmin/index.php5
[Thu Feb 16 10:10:48 2012] [error] [client 82.70.171.142] client denied by server configuration: /srv/www/htdocs/phpMyAdmin/index.php
[Thu Feb 16 10:11:32 2012] [error] [client 82.70.171.142] client denied by server configuration: /srv/www/htdocs/webmail/index.php
[Thu Feb 16 10:11:32 2012] [error] [client 82.70.171.142] client denied by server configuration: /srv/www/htdocs/webmail/index.php3
[Thu Feb 16 10:11:32 2012] [error] [client 82.70.171.142] client denied by server configuration: /srv/www/htdocs/webmail/index.php4
[Thu Feb 16 10:11:32 2012] [error] [client 82.70.171.142] client denied by server configuration: /srv/www/htdocs/webmail/index.php5
[Thu Feb 16 10:11:32 2012] [error] [client 82.70.171.142] client denied by server configuration: /srv/www/htdocs/webmail/index.php4
[Thu Feb 16 10:11:32 2012] [error] [client 82.70.171.142] client denied by server configuration: /srv/www/htdocs/webmail/index.php5
[Thu Feb 16 10:11:32 2012] [error] [client 82.70.171.142] client denied by server configuration: /srv/www/htdocs/webmail/index.php
[Thu Feb 16 10:16:04 2012] [error] [client 82.70.171.142] No user or group set - set suPHP_UserGroup
Reply With Quote
  #14  
Old 17th February 2012, 17:36
Cracklefish Cracklefish is offline
Member
 
Join Date: Mar 2009
Posts: 95
Thanks: 8
Thanked 3 Times in 3 Posts
Default

Further info

Just been looking back through the mail logs. It looks like the problem happened around about the same time as the update to ISPConfig. I seem to have attracted the attentions of a hacker. There are many thousand attempts to gain access. Here are some edited highlights of the mail log from before the update and after it. For brevity I have heavily edited it I hope I've not removed any important stuff.

Code:
Feb 14 19:17:09 Golf1 amavis[7481]: (07481-01) post_process_request_hook: timer was not running
Feb 14 19:17:09 Golf1 amavis[7481]: (07481-01) idle_proc, bye: was busy, 17.2 ms, total idle 0.013 s, busy 3.394 s
Feb 14 19:17:09 Golf1 amavis[7481]: (07481-01) load: 100 %, total idle 0.013 s, busy 3.394 s
Feb 14 19:20:27 Golf1 postfix/anvil[7755]: statistics: max connection rate 1/60s for (smtp:188.48.7.240) at Feb 14 19:16:55
Feb 14 19:20:27 Golf1 postfix/anvil[7755]: statistics: max connection count 1 for (smtp:188.48.7.240) at Feb 14 19:16:55
Feb 14 19:20:27 Golf1 postfix/anvil[7755]: statistics: max cache size 1 at Feb 14 19:16:55
Feb 14 19:24:43 Golf1 postfix/smtpd[8570]: connect from unknown[119.30.47.54]
Feb 14 19:24:50 Golf1 postfix/smtpd[8570]: NOQUEUE: reject: RCPT from unknown[119.30.47.54]: 554 5.7.1 <siamvi@crosoer.com>: Relay access denied; from=<relegationh5@oak-harbor.com> to=<siamvi@crosoer.com> proto=ESMTP helo=<VCBFTNGC>
Feb 14 19:25:09 Golf1 postfix/smtpd[8570]: NOQUEUE: reject: RCPT from unknown[119.30.47.54]: 554 5.7.1 <siamvi@crosoer.com>: Relay access denied; from=<moussing2@bigprairieprepress.20m.com> to=<siamvi@crosoer.com> proto=ESMTP helo=<VCBFTNGC>
Feb 14 19:25:15 Golf1 postfix/smtpd[8570]: NOQUEUE: reject: RCPT from unknown[119.30.47.54]: 554 5.7.1 <siamvi@crosoer.com>: Relay access denied; from=<prefixesyb@prioritymarketing.com> to=<siamvi@crosoer.com> proto=ESMTP helo=<VCBFTNGC>
Feb 14 19:25:18 Golf1 postfix/smtpd[8570]: lost connection after DATA from unknown[119.30.47.54]
Feb 14 19:25:18 Golf1 postfix/smtpd[8570]: disconnect from unknown[119.30.47.54]
Feb 14 19:25:49 Golf1 postfix/master[2512]: terminating on signal 15
Feb 14 19:25:51 Golf1 postfix/postfix-script[9089]: starting the Postfix mail system
Feb 14 19:25:51 Golf1 postfix/master[9090]: daemon started -- version 2.7.1, configuration /etc/postfix
Feb 14 19:25:57 Golf1 amavis[9114]: logging initialized, log level 5, syslog: amavis.mail
Feb 14 19:25:57 Golf1 amavis[9114]: run_command: [9124] /usr/bin/uptime </dev/null 2>/dev/null
Feb 14 19:25:57 Golf1 amavis[9124]: open_on_specific_fd: target fd0 closing, to become < /dev/null
Feb 14 19:25:57 Golf1 amavis[9124]: open_on_specific_fd: target fd1 closing, to become > &=6
Feb 14 19:25:57 Golf1 amavis[9124]: open_on_specific_fd: target fd1 dup2 from fd6 > &=6
Feb 14 19:25:57 Golf1 amavis[9124]: open_on_specific_fd: source fd6 closed
Feb 14 19:25:57 Golf1 amavis[9124]: open_on_specific_fd: target fd2 closing, to become > /dev/null
Feb 14 19:25:57 Golf1 amavis[9114]: system uptime 4 2:58:00:  19:25pm  up 4 days  2:58,  1 user,  load average: 0.29, 0.17, 0.06
Feb 14 19:25:57 Golf1 amavis[9114]: Valid PID file (younger than sys uptime 4 2:58:00)
Feb 14 19:25:57 Golf1 amavis[2540]: Net::Server: 2012/02/14-19:25:57 Server closing!
Feb 14 19:25:57 Golf1 amavis[7481]: (07481-01) SpamControl: rundown_child on SpamAssassin done
Feb 14 19:25:57 Golf1 amavis[7481]: (07481-01) child_finish_hook: invoking DESTROY methods
Feb 14 19:25:57 Golf1 amavis[7552]: SpamControl: rundown_child on SpamAssassin done
Feb 14 19:25:57 Golf1 amavis[7552]: child_finish_hook: invoking DESTROY methods
Feb 14 19:25:57 Golf1 amavis[7481]: (07481-01) Amavis::TempDir DESTROY called
Feb 14 19:25:57 Golf1 amavis[7481]: (07481-01) TempDir removal: empty tempdir is being removed: /var/spool/amavis/tmp/amavis-20120214T191706-07481
Feb 14 19:25:57 Golf1 amavis[7552]: Amavis::Lookup::SQL DESTROY called
Feb 14 19:25:57 Golf1 amavis[7481]: (07481-01) rmdir_recursively: /var/spool/amavis/tmp/amavis-20120214T191706-07481, excl=
Feb 14 19:25:57 Golf1 amavis[7552]: Amavis::Lookup::SQL DESTROY called
Feb 14 19:25:57 Golf1 amavis[7552]: Amavis::Out::SQL::Connection DESTROY called
Feb 14 19:25:57 Golf1 amavis[7481]: (07481-01) rmdir_recursively: /var/spool/amavis/tmp/amavis-20120214T191706-07481/parts, excl=0
Feb 14 19:25:57 Golf1 amavis[7481]: (07481-01) Amavis::Lookup::SQL DESTROY called
Feb 14 19:25:57 Golf1 amavis[7552]: Amavis::Cache DESTROY called
Feb 14 19:25:57 Golf1 amavis[7481]: (07481-01) Amavis::Cache DESTROY called
Feb 14 19:25:57 Golf1 amavis[7552]: Amavis::DB::SNMP DESTROY called
Feb 14 19:25:57 Golf1 amavis[7481]: (07481-01) Amavis::DB::SNMP DESTROY called
Feb 14 19:25:57 Golf1 amavis[7481]: (07481-01) Amavis::Out::SQL::Connection DESTROY called
Feb 14 19:25:57 Golf1 amavis[7481]: (07481-01) disconnecting from SQL
Feb 14 19:25:57 Golf1 amavis[7481]: (07481-01) Amavis::Lookup::SQL DESTROY called
Feb 14 19:25:58 Golf1 amavis[9114]: Waiting for the process [2540] to terminate
Feb 14 19:26:03 Golf1 amavis[9114]: Daemon [2540] terminated by SIGTERM
Feb 14 19:26:08 Golf1 amavis[9156]: logging initialized, log level 5, syslog: amavis.mail
Feb 14 19:26:08 Golf1 amavis[9156]: starting.  /usr/sbin/amavisd at linux-jfp8.site amavisd-new-2.6.4 (20090625), Unicode aware, LC_ALL="POSIX", LC_CTYPE="en_GB.UTF-8", LANG="POSIX"
Feb 14 19:26:08 Golf1 amavis[9156]: user=, EUID: 65 (65);  group=, EGID: 305 305 (305 305)
Feb 14 19:26:08 Golf1 amavis[9156]: Perl version               5.012001
Feb 14 19:26:09 Golf1 amavis[9156]: INFO: no optional modules: unicore::Canonical.pl unicore::Exact.pl unicore::PVA.pl
Feb 14 19:26:09 Golf1 amavis[9156]: SpamControl: attempting to load scanner SpamAssassin, module Amavis::SpamControl::SpamAssassin
Feb 14 19:26:09 Golf1 amavis[9156]: SpamControl: scanner SpamAssassin, module Amavis::SpamControl::SpamAssassin
Feb 14 19:26:12 Golf1 amavis[9156]: INFO: SA version: 3.3.1, 3.003001, no optional modules: Image::Info Image::Info::GIF Image::Info::JPEG Image::Info::PNG Image::Info::TIFF
Feb 14 19:26:12 Golf1 amavis[9156]: SpamControl: init_pre_chroot on SpamAssassin done
Feb 14 19:26:12 Golf1 amavis[9159]: Net::Server: Process Backgrounded
Feb 14 19:26:12 Golf1 amavis[9159]: Net::Server: 2012/02/14-19:26:12 Amavis (type Net::Server::PreForkSimple) starting! pid(9159)
Feb 14 19:26:12 Golf1 amavis[9159]: Net::Server: Binding to UNIX socket file /var/spool/amavis/amavisd.sock using SOCK_STREAM
Feb 14 19:26:12 Golf1 amavis[9159]: Net::Server: Binding to TCP port 10024 on host 127.0.0.1
Feb 14 19:26:12 Golf1 amavis[9159]: Net::Server: Group Not Defined.  Defaulting to EGID '305 305'
Feb 14 19:26:12 Golf1 amavis[9159]: Net::Server: User Not Defined.  Defaulting to EUID '65'
Feb 14 19:26:12 Golf1 amavis[9159]: Net::Server: Setting up serialization via flock
Feb 14 19:26:12 Golf1 amavis[9159]: after_chroot_init: EUID: 65 (65);  EGID: 305 305 (305 305)
Feb 14 19:26:12 Golf1 amavis[9159]: config files read: /etc/amavisd.conf
Feb 14 19:26:12 Golf1 amavis[9159]: Module Amavis::Conf        2.207
Feb 14 19:26:12 Golf1 amavis[9159]: Module Archive::Zip        1.30
Feb 14 19:26:12 Golf1 amavis[9159]: Module BerkeleyDB          0.42
Feb 14 19:26:12 Golf1 amavis[9159]: Module Compress::Zlib      2.024
Feb 14 19:26:12 Golf1 amavis[9159]: Module Convert::TNEF       0.17
Feb 14 19:26:12 Golf1 amavis[9159]: Module Convert::UUlib      1.33
Feb 14 19:26:12 Golf1 amavis[9159]: Module Crypt::OpenSSL::RSA 0.26
Feb 14 19:26:12 Golf1 amavis[9159]: Module DBD::mysql          4.014
Feb 14 19:26:12 Golf1 amavis[9159]: Module DBI                 1.609
Feb 14 19:26:12 Golf1 amavis[9159]: Module DB_File             1.82
Feb 14 19:26:12 Golf1 amavis[9159]: Module Digest::MD5         2.39
Feb 14 19:26:12 Golf1 amavis[9159]: Module Digest::SHA         5.47
Feb 14 19:26:12 Golf1 amavis[9159]: Module Digest::SHA1        2.12
Feb 14 19:26:12 Golf1 amavis[9159]: Module IO::Socket::INET6   2.61
Feb 14 19:26:12 Golf1 amavis[9159]: Module MIME::Entity        5.427
Feb 14 19:26:12 Golf1 amavis[9159]: Module MIME::Parser        5.427
Feb 14 19:26:12 Golf1 amavis[9159]: Module MIME::Tools         5.427
Feb 14 19:26:12 Golf1 amavis[9159]: Module Mail::DKIM::Verifier 0.38
Feb 14 19:26:12 Golf1 amavis[9159]: Module Mail::Header        2.06
Feb 14 19:26:12 Golf1 amavis[9159]: Module Mail::Internet      2.06
Feb 14 19:26:12 Golf1 amavis[9159]: Module Mail::SPF           v2.007
Feb 14 19:26:12 Golf1 amavis[9159]: Module Mail::SpamAssassin  3.003001
Feb 14 19:26:12 Golf1 amavis[9159]: Module Net::DNS            0.66
Feb 14 19:26:12 Golf1 amavis[9159]: Module Net::Server         0.97
Feb 14 19:26:12 Golf1 amavis[9159]: Module NetAddr::IP         4.027
Feb 14 19:26:12 Golf1 amavis[9159]: Module Razor2::Client::Version 2.84
Feb 14 19:26:12 Golf1 amavis[9159]: Module Socket6             0.23
Feb 14 19:26:12 Golf1 amavis[9159]: Module Time::HiRes         1.9719
Feb 14 19:26:12 Golf1 amavis[9159]: Module URI                 1.54
Feb 14 19:26:12 Golf1 amavis[9159]: Module Unix::Syslog        1.1
Feb 14 19:26:12 Golf1 amavis[9159]: Amavis::DB code      loaded
Feb 14 19:26:12 Golf1 amavis[9159]: Amavis::Cache code   loaded
Feb 14 19:26:12 Golf1 amavis[9159]: SQL base code        loaded
Feb 14 19:26:12 Golf1 amavis[9159]: SQL::Log code        NOT loaded
Feb 14 19:26:12 Golf1 amavis[9159]: SQL::Quarantine      NOT loaded
Feb 14 19:26:12 Golf1 amavis[9159]: Lookup::SQL code     loaded
Feb 14 19:26:12 Golf1 amavis[9159]: Lookup::LDAP code    NOT loaded
Feb 14 19:26:12 Golf1 amavis[9159]: AM.PDP-in proto code loaded
Feb 14 19:26:12 Golf1 amavis[9159]: SMTP-in proto code   loaded
Feb 14 19:26:12 Golf1 amavis[9159]: Courier proto code   NOT loaded
Feb 14 19:26:12 Golf1 amavis[9159]: SMTP-out proto code  loaded
Feb 14 19:26:12 Golf1 amavis[9159]: Pipe-out proto code  NOT loaded
Feb 14 19:26:12 Golf1 amavis[9159]: BSMTP-out proto code NOT loaded
Feb 14 19:26:12 Golf1 amavis[9159]: Local-out proto code loaded
Feb 14 19:26:12 Golf1 amavis[9159]: OS_Fingerprint code  NOT loaded
Feb 14 19:26:12 Golf1 amavis[9159]: ANTI-VIRUS code      loaded
Feb 14 19:26:12 Golf1 amavis[9159]: ANTI-SPAM code       loaded
Feb 14 19:26:12 Golf1 amavis[9159]: ANTI-SPAM-EXT code   NOT loaded
Feb 14 19:26:12 Golf1 amavis[9159]: ANTI-SPAM-C code     NOT loaded
Feb 14 19:26:12 Golf1 amavis[9159]: ANTI-SPAM-SA code    loaded
Feb 14 19:26:12 Golf1 amavis[9159]: Unpackers code       loaded
Feb 14 19:26:12 Golf1 amavis[9159]: DKIM code            NOT loaded
Feb 14 19:26:12 Golf1 amavis[9159]: Tools code           NOT loaded
Feb 14 19:26:12 Golf1 amavis[9159]: Found $file            at /usr/bin/file
Feb 14 19:26:12 Golf1 amavis[9159]: No $altermime,         not using it
Feb 14 19:26:12 Golf1 amavis[9159]: Internal decoder for .mail
Feb 14 19:26:12 Golf1 amavis[9159]: Internal decoder for .asc 
Feb 14 19:26:12 Golf1 amavis[9159]: Internal decoder for .uue 
Feb 14 19:26:12 Golf1 amavis[9159]: Internal decoder for .hqx 
Feb 14 19:26:12 Golf1 amavis[9159]: Internal decoder for .ync 
Feb 14 19:26:13 Golf1 amavis[9159]: No decoder for       .F    tried: unfreeze, freeze -d, melt, fcat
Feb 14 19:26:13 Golf1 amavis[9159]: Found decoder for    .Z    at /usr/bin/uncompress
Feb 14 19:26:13 Golf1 amavis[9159]: Found decoder for    .gz   at /usr/bin/gzip -d
Feb 14 19:26:13 Golf1 amavis[9159]: Internal decoder for .gz   (backup, not used)
Feb 14 19:26:13 Golf1 amavis[9159]: Found decoder for    .bz2  at /usr/bin/bzip2 -d
Feb 14 19:26:13 Golf1 amavis[9159]: No decoder for       .lzo  tried: lzop -d
Feb 14 19:26:13 Golf1 amavis[9159]: Found decoder for    .rpm  at /usr/bin/rpm2cpio
Feb 14 19:26:13 Golf1 amavis[9159]: Found decoder for    .cpio at /usr/bin/pax
Feb 14 19:26:13 Golf1 amavis[9159]: Found decoder for    .tar  at /usr/bin/pax
Feb 14 19:26:13 Golf1 amavis[9159]: Found decoder for    .deb  at /usr/bin/ar
Feb 14 19:26:13 Golf1 amavis[9159]: Internal decoder for .zip 
Feb 14 19:26:13 Golf1 amavis[9159]: No decoder for       .7z   tried: 7zr, 7za, 7z
Feb 14 19:26:13 Golf1 amavis[9159]: Found decoder for    .rar  at /usr/bin/unrar
Feb 14 19:26:13 Golf1 amavis[9159]: Found decoder for    .arj  at /usr/bin/unarj
Feb 14 19:26:13 Golf1 amavis[9159]: No decoder for       .arc  tried: nomarch, arc
Feb 14 19:26:13 Golf1 amavis[9159]: Found decoder for    .zoo  at /usr/bin/zoo
Feb 14 19:26:13 Golf1 amavis[9159]: No decoder for       .lha  tried: lha
Feb 14 19:26:13 Golf1 amavis[9159]: No decoder for       .cab  tried: cabextract
Feb 14 19:26:13 Golf1 amavis[9159]: No decoder for       .tnef tried: tnef
Feb 14 19:26:13 Golf1 amavis[9159]: Internal decoder for .tnef
Feb 14 19:26:13 Golf1 amavis[9159]: Found decoder for    .exe  at /usr/bin/unrar; /usr/bin/unarj
Feb 14 19:26:13 Golf1 amavis[9159]: Using primary internal av scanner code for ClamAV-clamd
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: KasperskyLab AVP - aveclient
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: KasperskyLab AntiViral Toolkit Pro (AVP)
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: KasperskyLab AVPDaemonClient
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: CentralCommand Vexira (new) vascan
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: Avira AntiVir
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: Command AntiVirus for Linux
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: Symantec CarrierScan via Symantec CommandLineScanner
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: Symantec AntiVirus Scan Engine
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: F-Secure Antivirus for Linux servers
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: CAI InoculateIT
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: CAI eTrust Antivirus
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: MkS_Vir for Linux (beta)
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: MkS_Vir daemon
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: ESET NOD32 Linux Mail Server - command line interface
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: ESET NOD32 for Linux File servers
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: Norman Virus Control v5 / Linux
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: Panda CommandLineSecure 9 for Linux
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: NAI McAfee AntiVirus (uvscan)
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: VirusBuster
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: CyberSoft VFind
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: avast! Antivirus
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: Ikarus AntiVirus for Linux
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: BitDefender
Feb 14 19:26:13 Golf1 amavis[9159]: No primary av scanner: ArcaVir for Linux
Feb 14 19:26:13 Golf1 amavis[9159]: Found secondary av scanner ClamAV-clamscan at /usr/bin/clamscan
Feb 14 19:26:13 Golf1 amavis[9159]: No secondary av scanner: FRISK F-Prot Antivirus
Feb 14 19:26:13 Golf1 amavis[9159]: No secondary av scanner: Trend Micro FileScanner
Feb 14 19:26:13 Golf1 amavis[9159]: No secondary av scanner: drweb - DrWeb Antivirus
Feb 14 19:26:13 Golf1 amavis[9159]: No secondary av scanner: Kaspersky Antivirus v5.5
Feb 14 19:26:13 Golf1 amavis[9159]: Using internal spam scanner code for SpamAssassin
Feb 14 19:26:13 Golf1 amavis[9159]: Creating db in /var/spool/amavis/db/; BerkeleyDB 0.42, libdb 4.5
Feb 14 19:26:13 Golf1 amavis[9159]: initializing Mail::SpamAssassin
Feb 14 19:26:13 Golf1 amavis[9159]: SpamAssassin debug facilities: info
Feb 14 19:26:16 Golf1 clamd[1836]: Pid file removed.
Feb 14 19:26:16 Golf1 clamd[1836]: --- Stopped at Tue Feb 14 19:26:16 2012
Feb 14 19:26:16 Golf1 clamd[1836]: Socket file removed.
Feb 14 19:26:16 Golf1 clamd[9215]: clamd daemon 0.97.3 (OS: linux-gnu, ARCH: i386, CPU: i686)
Feb 14 19:26:16 Golf1 clamd[9215]: Running as user vscan (UID 65, GID 305)
Feb 14 19:26:16 Golf1 clamd[9215]: Log file size limited to 1048576 bytes.
Feb 14 19:26:16 Golf1 clamd[9215]: Reading databases from /var/lib/clamav
Feb 14 19:26:16 Golf1 clamd[9215]: Not loading PUA signatures.
Feb 14 19:26:16 Golf1 clamd[9215]: Bytecode: Security mode set to "TrustSigned".
Feb 14 19:26:34 Golf1 amavis[9159]: SA info: rules: meta test ADVANCE_FEE_3_NEW_FORM has dependency 'ADVANCE_FEE_3_NEW' with a zero score
Feb 14 19:26:34 Golf1 amavis[9159]: SA info: rules: meta test ADVANCE_FEE_3_NEW_MONEY has dependency 'ADVANCE_FEE_3_NEW' with a zero score
Feb 14 19:26:35 Golf1 amavis[9159]: SpamAssassin loaded plugins: AutoLearnThreshold, Bayes, BodyEval, Check, DKIM, DNSEval, FreeMail, HTMLEval, HTTPSMismatch, Hashcash, HeaderEval, ImageInfo, MIMEEval, MIMEHeader, Pyzor, Razor2, RelayEval, ReplaceTags, SPF, SpamCop, URIDNSBL, URIDetail, URIEval, VBounce, WLBLEval, WhiteListSubject
Feb 14 19:26:35 Golf1 amavis[9159]: SpamControl: init_pre_fork on SpamAssassin done
Feb 14 19:26:35 Golf1 amavis[9159]: extra modules loaded after daemonizing/chrooting: Mail/SpamAssassin/Plugin/FreeMail.pm
Feb 14 19:26:35 Golf1 amavis[9159]: DKIM signature verification disabled, corresponding features not available. If not intentional, consider enabling it by setting: $enable_dkim_verification to 1, or explicitly disable it by setting it to 0 to quench down this warning.
Feb 14 19:26:35 Golf1 amavis[9159]: Net::Server: Beginning prefork (2 processes)
Feb 14 19:26:35 Golf1 amavis[9159]: Net::Server: Starting "2" children
Feb 14 19:26:35 Golf1 amavis[9218]: Net::Server: Child Preforked (9218)
Feb 14 19:26:35 Golf1 amavis[9218]: entered child_init_hook
Feb 14 19:26:35 Golf1 amavis[9219]: Net::Server: Child Preforked (9219)
Feb 14 19:26:35 Golf1 amavis[9159]: Net::Server: Parent ready for children.
Feb 14 19:26:35 Golf1 amavis[9219]: entered child_init_hook
Feb 14 19:26:35 Golf1 amavis[9219]: TIMING [total 68 ms] - bdb-open: 68 (100%)100, rundown: 0 (0%)100
Feb 14 19:26:35 Golf1 amavis[9218]: TIMING [total 84 ms] - bdb-open: 84 (100%)100, rundown: 0 (0%)100
Feb 14 19:26:35 Golf1 amavis[9219]: SpamControl: init_child on SpamAssassin done
Feb 14 19:26:35 Golf1 amavis[9218]: SpamControl: init_child on SpamAssassin done
Feb 14 19:26:44 Golf1 clamd[9215]: Loaded 1054224 signatures.
Feb 14 19:26:46 Golf1 clamd[9215]: TCP: Bound to address 127.0.0.1 on port 3310
Feb 14 19:26:46 Golf1 clamd[9215]: TCP: Setting connection queue length to 200
Feb 14 19:26:46 Golf1 clamd[9215]: LOCAL: Unix socket file /var/lib/clamav/clamd-socket
Feb 14 19:26:46 Golf1 clamd[9215]: LOCAL: Setting connection queue length to 200
Feb 14 19:26:46 Golf1 clamd[9221]: Limits: Global size limit set to 104857600 bytes.
Feb 14 19:26:46 Golf1 clamd[9221]: Limits: File size limit set to 26214400 bytes.
Feb 14 19:26:46 Golf1 clamd[9221]: Limits: Recursion level limit set to 16.
Feb 14 19:26:46 Golf1 clamd[9221]: Limits: Files limit set to 10000.
Feb 14 19:26:46 Golf1 clamd[9221]: Archive support enabled.
Feb 14 19:26:46 Golf1 clamd[9221]: Algorithmic detection enabled.
Feb 14 19:26:46 Golf1 clamd[9221]: Portable Executable support enabled.
Feb 14 19:26:46 Golf1 clamd[9221]: ELF support enabled.
Feb 14 19:26:46 Golf1 clamd[9221]: Mail files support enabled.
Feb 14 19:26:46 Golf1 clamd[9221]: OLE2 support enabled.
Feb 14 19:26:46 Golf1 clamd[9221]: PDF support enabled.
Feb 14 19:26:46 Golf1 clamd[9221]: HTML support enabled.
Feb 14 19:26:46 Golf1 clamd[9221]: Self checking every 600 seconds.
Feb 14 19:26:46 Golf1 dovecot: dovecot: Killed with signal 15 (by pid=9228 uid=0 code=kill)
Feb 14 19:26:47 Golf1 dovecot: Dovecot v1.2.17 starting up (core dumps disabled)
Feb 14 19:26:48 Golf1 dovecot: auth-worker(default): mysql: Connected to localhost (dbispconfig)
Feb 14 19:30:02 Golf1 dovecot: pop3-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Feb 14 19:30:02 Golf1 dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Feb 14 19:30:02 Golf1 postfix/smtpd[9582]: connect from localhost[::1]
Feb 14 19:30:02 Golf1 postfix/smtpd[9582]: lost connection after CONNECT from localhost[::1]
Feb 14 19:30:02 Golf1 postfix/smtpd[9582]: disconnect from localhost[::1]
Feb 14 19:31:41 Golf1 postfix/smtpd[9582]: connect from netacc-gpn-4-242-59.pool.telenor.hu[84.224.242.59]
Feb 14 19:31:43 Golf1 postfix/smtpd[9582]: NOQUEUE: reject: RCPT from netacc-gpn-4-242-59.pool.telenor.hu[84.224.242.59]: 554 5.7.1 <nsuk@crosoer.com>: Relay access denied; from=<Darin@sidif.com> to=<nsuk@crosoer.com> proto=SMTP helo=<netacc-gpn-4-242-59.pool.telenor.hu>
Feb 14 19:31:44 Golf1 postfix/smtpd[9582]: disconnect from netacc-gpn-4-242-59.pool.telenor.hu[84.224.242.59]
Feb 14 20:00:02 Golf1 postfix/smtpd[10957]: lost connection after CONNECT from localhost[::1]
Feb 14 20:00:02 Golf1 postfix/smtpd[10957]: disconnect from localhost[::1]
Feb 14 20:01:12 Golf1 postfix/smtpd[10957]: connect from p4FE85D52.dip.t-dialin.net[79.232.93.82]
Feb 14 20:01:12 Golf1 postfix/smtpd[10957]: NOQUEUE: reject: RCPT from p4FE85D52.dip.t-dialin.net[79.232.93.82]: 554 5.7.1 <452ed750.8080606@crosoer.com>: Relay access denied; from=<brassierirc59@ef-law.com> to=<452ed750.8080606@crosoer.com> proto=ESMTP helo=<ef-law.com>
Feb 14 20:01:12 Golf1 postfix/smtpd[10957]: NOQUEUE: reject: RCPT from p4FE85D52.dip.t-dialin.net[79.232.93.82]: 554 5.7.1 <nsuk@crosoer.com>: Relay access denied; from=<brassierirc59@ef-law.com> to=<nsuk@crosoer.com> proto=ESMTP helo=<ef-law.com>
Feb 14 20:01:12 Golf1 postfix/smtpd[10957]: NOQUEUE: reject: RCPT from p4FE85D52.dip.t-dialin.net[79.232.93.82]: 554 5.7.1 <petgord34truew@crosoer.com>: Relay access denied; from=<brassierirc59@ef-law.com> to=<petgord34truew@crosoer.com> proto=ESMTP helo=<ef-law.com>
Feb 14 20:01:13 Golf1 postfix/smtpd[10957]: disconnect from p4FE85D52.dip.t-dialin.net[79.232.93.82]
Feb 14 20:01:41 Golf1 postfix/smtpd[10957]: connect from p4FE85D52.dip.t-dialin.net[79.232.93.82]
Feb 14 20:02:39 Golf1 postfix/smtpd[10957]: disconnect from p4FE85D52.dip.t-dialin.net[79.232.93.82]
Feb 14 20:05:02 Golf1 dovecot: pop3-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Feb 14 20:05:02 Golf1 dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Feb 14 20:05:02 Golf1 postfix/smtpd[11320]: connect from localhost[::1]
Feb 14 21:10:02 Golf1 postfix/smtpd[13833]: lost connection after CONNECT from localhost[::1]
Feb 14 21:10:02 Golf1 postfix/smtpd[13833]: disconnect from localhost[::1]
eb 14 21:27:08 Golf1 clamd[9221]: SelfCheck: Database status OK.
Feb 14 21:29:09 Golf1 postfix/smtpd[14554]: connect from static.233.83.46.78.clients.your-server.de[78.46.83.233]
Feb 14 21:29:09 Golf1 postfix/smtpd[14554]: NOQUEUE: reject: RCPT from static.233.83.46.78.clients.your-server.de[78.46.83.233]: 554 5.7.1 <rick@crosoer.com>: Relay access denied; from=<sabri-anbouwen@simpac.co.uk> to=<rick@crosoer.com> proto=SMTP helo=<static.233.83.46.78.clients.your-server.de>
Feb 14 21:29:09 Golf1 postfix/smtpd[14554]: NOQUEUE: reject: RCPT from static.233.83.46.78.clients.your-server.de[78.46.83.233]: 554 5.7.1 <siamvi@crosoer.com>: Relay access denied; from=<sabri-anbouwen@simpac.co.uk> to=<siamvi@crosoer.com> proto=SMTP helo=<static.233.83.46.78.clients.your-server.de>
Feb 14 21:29:09 Golf1 postfix/smtpd[14554]: NOQUEUE: reject: RCPT from static.233.83.46.78.clients.your-server.de[78.46.83.233]: 554 5.7.1 <wtop@crosoer.com>: Relay access denied; from=<sabri-anbouwen@simpac.co.uk> to=<wtop@crosoer.com> proto=SMTP helo=<static.233.83.46.78.clients.your-server.de>
Feb 14 21:29:09 Golf1 postfix/smtpd[14554]: NOQUEUE: reject: RCPT from static.233.83.46.78.clients.your-server.de[78.46.83.233]: 554 5.7.1 <xgq@crosoer.com>: Relay access denied; from=<sabri-anbouwen@simpac.co.uk> to=<xgq@crosoer.com> proto=SMTP helo=<static.233.83.46.78.clients.your-server.de>
Feb 14 21:29:09 Golf1 postfix/smtpd[14554]: lost connection after RCPT from static.233.83.46.78.clients.your-server.de[78.46.83.233]
Feb 14 21:29:09 Golf1 postfix/smtpd[14554]: disconnect from static.233.83.46.78.clients.your-server.de[78.46.83.233]
Feb 14 22:53:48 Golf1 postfix/smtpd[17806]: warning: 187.126.64.252: hostname 18712664252.user.veloxzone.com.br verification failed: Name or service not known
Feb 14 22:53:48 Golf1 postfix/smtpd[17806]: connect from unknown[187.126.64.252]
Feb 14 22:53:49 Golf1 postfix/smtpd[17806]: NOQUEUE: reject: RCPT from unknown[187.126.64.252]: 554 5.7.1 <452ea09a.9000602@crosoer.com>: Relay access denied; from=<Amado@digital-musik.de> to=<452ea09a.9000602@crosoer.com> proto=SMTP helo=<18712664252.user.veloxzone.com.br>
Feb 14 22:53:50 Golf1 postfix/smtpd[17806]: NOQUEUE: reject: RCPT from unknown[187.126.64.252]: 554 5.7.1 <jmh711nsuk@crosoer.com>: Relay access denied; from=<Amado@digital-musik.de> to=<jmh711nsuk@crosoer.com> proto=SMTP helo=<18712664252.user.veloxzone.com.br>
Feb 14 22:53:50 Golf1 postfix/smtpd[17806]: NOQUEUE: reject: RCPT from unknown[187.126.64.252]: 554 5.7.1 <rick@crosoer.com>: Relay access denied; from=<Amado@digital-musik.de> to=<rick@crosoer.com> proto=SMTP helo=<18712664252.user.veloxzone.com.br>
Feb 14 22:53:51 Golf1 postfix/smtpd[17806]: disconnect from unknown[187.126.64.252]
Feb 15 00:55:02 Golf1 postfix/smtpd[22598]: lost connection after CONNECT from localhost[::1]
Feb 15 00:55:02 Golf1 postfix/smtpd[22598]: disconnect from localhost[::1]
Feb 15 00:57:09 Golf1 clamd[9221]: SelfCheck: Database status OK.
Feb 15 00:59:38 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<Administrator>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 00:59:38 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<spam>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
eb 15 00:59:45 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<abby>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 00:59:47 Golf1 dovecot: auth-worker(default): mysql: Connected to localhost (dbispconfig)
Feb 15 00:59:48 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<Administrator>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:00:00 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<agent>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:00:01 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<alberto>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:00:01 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<alyssa>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:00:02 Golf1 dovecot: pop3-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Feb 15 01:00:02 Golf1 dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Feb 15 01:00:02 Golf1 postfix/smtpd[22868]: connect from localhost[::1]
Feb 15 01:00:02 Golf1 postfix/smtpd[22868]: lost connection after CONNECT from localhost[::1]
Feb 15 01:00:02 Golf1 postfix/smtpd[22868]: disconnect from localhost[::1]
Feb 15 01:00:03 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<aaron>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:00:04 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<amy>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:00:04 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<alfred>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
b 15 01:00:07 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<alpha>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:00:07 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<america>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:00:07 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<amorphic>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:00:07 Golf1 dovecot: auth-worker(default): mysql: Connected to localhost (dbispconfig)
Feb 15 01:00:08 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<abigail>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:23 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<allen>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:23 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<deborah>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:23 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<frank>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:23 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<eve>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:23 Golf1 dovecot: pop3-login: Aborted login (no auth attempts): rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:24 Golf1 dovecot: pop3-login: Aborted login (no auth attempts): rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:24 Golf1 dovecot: pop3-login: Aborted login (no auth attempts): rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:24 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<john>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:24 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<austin>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
FFeb 15 01:08:24 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<hayden>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:24 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<linda>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:24 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<elaine>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:25 Golf1 dovecot: pop3-login: Aborted login (no auth attempts): rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:25 Golf1 dovecot: pop3-login: Aborted login (no auth attempts): rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:25 Golf1 dovecot: pop3-login: Aborted login (no auth attempts): rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:25 Golf1 dovecot: pop3-login: Disconnected (no auth attempts): rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:25 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<harris>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:25 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<emails>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:25 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<mattie>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:25 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<geo>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:26 Golf1 dovecot: pop3-login: Aborted login (no auth attempts): rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:26 Golf1 dovecot: pop3-login: Aborted login (no auth attempts): rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:26 Golf1 dovecot: pop3-login: Aborted login (no auth attempts): rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:26 Golf1 dovecot: pop3-login: Aborted login (no auth attempts): rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:26 Golf1 dovecot: pop3-login: Aborted login (no auth attempts): rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:26 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<karla>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:26 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<gregory>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
Feb 15 01:08:26 Golf1 dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<lilith>, method=PLAIN, rip=201.210.244.40, lip=192.168.1.14
FFeb 15 09:54:54 Golf1 dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<kanegon@co.uk>, method=PLAIN, rip=200.7.160.51, lip=192.168.1.14
Feb 15 09:54:57 Golf1 dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<kishigami@co.uk>, method=PLAIN, rip=200.7.160.51, lip=192.168.1.14
Feb 15 09:55:00 Golf1 dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<kubota@co.uk>, method=PLAIN, rip=200.7.160.51, lip=192.168.1.14
Feb 15 09:55:02 Golf1 dovecot: pop3-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Feb 15 09:55:02 Golf1 dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Feb 15 09:55:02 Golf1 postfix/smtpd[14543]: connect from localhost[::1]
Feb 15 09:55:02 Golf1 postfix/smtpd[14543]: lost connection after CONNECT from localhost[::1]
Feb 15 09:55:02 Golf1 postfix/smtpd[14543]: disconnect from localhost[::1]
Feb 15 09:55:03 Golf1 dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<kuroda@co.uk>, method=PLAIN, rip=200.7.160.51, lip=192.168.1.14
Feb 15 09:55:06 Golf1 dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<motoki@co.uk>, method=PLAIN, rip=200.7.160.51, lip=192.168.1.14
Feb 15 09:55:09 Golf1 dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<oonishi@co.uk>, method=PLAIN, rip=200.7.160.51, lip=192.168.1.14
Feb 15 09:55:12 Golf1 dovecot: pop3-login: Disconnected (auth failed, 1 attempts): method=PLAIN, rip=200.7.160.51, lip=192.168.1.14
Feb 15 09:55:13 Golf1 dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<@co.uk>, method=PLAIN, rip=200.7.160.51, lip=192.168.1.14
Feb 15 09:57:11 Golf1 clamd[9221]: SelfCheck: Database status OK.
Feb 15 10:00:02 Golf1 dovecot: pop3-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Feb 15 10:00:02 Golf1 dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Feb 15 10:00:03 Golf1 postfix/smtpd[14752]: connect from localhost[::1]
Feb 15 10:00:03 Golf1 postfix/smtpd[14752]: lost connection after CONNECT from localhost[::1]
Feb 15 10:00:03 Golf1 postfix/smtpd[14752]: disconnect from localhost[::1]
Feb 15 10:00:27 Golf1 postfix/smtpd[14752]: connect from unknown[122.163.16.231]
Feb 15 10:00:29 Golf1 postfix/smtpd[14752]: NOQUEUE: reject: RCPT from unknown[122.163.16.231]: 554 5.7.1 <rick@crosoer.com>: Relay access denied; from=<labialdissertation@elsevier.com> to=<rick@crosoer.com> proto=SMTP helo=<manoj3cb87e10e>
Feb 15 10:00:29 Golf1 postfix/smtpd[14752]: lost connection after RCPT from unknown[122.163.16.231]
Feb 15 10:00:29 Golf1 postfix/smtpd[14752]: disconnect from unknown[122.163.16.231]
Feb 15 10:00:33 Golf1 postfix/smtpd[14752]: connect from unknown[121.15.4.201]
Feb 15 10:00:34 Golf1 postfix/smtpd[14752]: NOQUEUE: reject: RCPT from unknown[121.15.4.201]: 554 5.7.1 <452ebf2d.6090008@crosoer.com>: Relay access denied; from=<beverleyzg6@taupower.se> to=<452ebf2d.6090008@crosoer.com> proto=ESMTP helo=<[121.15.4.201]>
Feb 15 10:00:34 Golf1 postfix/smtpd[14752]: disconnect from unknown[121.15.4.201]
Feb 15 10:03:54 Golf1 postfix/anvil[14802]: statistics: max connection rate 1/60s for (smtp:122.163.16.231) at Feb 15 10:00:27
Feb 15 10:03:54 Golf1 postfix/anvil[14802]: statistics: max connection count 1 for (smtp:122.163.16.231) at Feb 15 10:00:27
Feb 15 10:03:54 Golf1 postfix/anvil[14802]: statistics: max cache size 2 at Feb 15 10:00:33
Feb 15 10:05:02 Golf1 dovecot: pop3-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Feb 15 10:05:02 Golf1 dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Feb 15 10:05:02 Golf1 postfix/smtpd[14966]: connect from localhost[::1]
Feb 15 10:05:02 Golf1 postfix/smtpd[14966]: lost connection after CONNECT from localhost[::1]
Feb 15 10:05:02 Golf1 postfix/smtpd[14966]: disconnect from localhost[::1]
Feb 15 10:06:31 Golf1 postfix/smtpd[14966]: connect from unknown[117.207.91.54]
Feb 15 12:29:53 Golf1 postfix/smtpd[20797]: NOQUEUE: reject: RCPT from unknown[77.208.201.0]: 554 5.7.1 <452ed750.8080606@crosoer.com>: Relay access denied; from=<kathy49@realliving.com> to=<452ed750.8080606@crosoer.com> proto=ESMTP helo=<[77.208.201.0]>
Feb 15 12:29:53 Golf1 postfix/smtpd[20797]: NOQUEUE: reject: RCPT from unknown[77.208.201.0]: 554 5.7.1 <nsuk@crosoer.com>: Relay access denied; from=<kathy49@realliving.com> to=<nsuk@crosoer.com> proto=ESMTP helo=<[77.208.201.0]>
Feb 15 12:29:53 Golf1 postfix/smtpd[20797]: NOQUEUE: reject: RCPT from unknown[77.208.201.0]: 554 5.7.1 <petgord34truew@crosoer.com>: Relay access denied; from=<kathy49@realliving.com> to=<petgord34truew@crosoer.com> proto=ESMTP helo=<[77.208.201.0]>
Feb 15 12:29:53 Golf1 postfix/smtpd[20797]: disconnect from unknown[77.208.201.0]
Feb 15 12:29:54 Golf1 postfix/smtpd[20797]: connect from unknown[77.208.201.0]
Feb 15 12:29:54 Golf1 postfix/smtpd[20797]: NOQUEUE: reject: RCPT from unknown[77.208.201.0]: 554 5.7.1 <rick@crosoer.com>: Relay access denied; from=<canting786@iicbelgium.com> to=<rick@crosoer.com> proto=ESMTP helo=<[77.208.201.0]>
Feb 15 12:29:54 Golf1 postfix/smtpd[20797]: NOQUEUE: reject: RCPT from unknown[77.208.201.0]: 554 5.7.1 <siamvi@crosoer.com>: Relay access denied; from=<canting786@iicbelgium.com> to=<siamvi@crosoer.com> proto=ESMTP helo=<[77.208.201.0]>
Feb 15 12:29:54 Golf1 postfix/smtpd[20797]: disconnect from unknown[77.208.201.0]
Feb 15 12:30:02 Golf1 dovecot: pop3-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Feb 15 12:35:02 Golf1 postfix/smtpd[21053]: connect from localhost[::1]
Feb 15 12:35:02 Golf1 postfix/smtpd[21053]: lost connection after CONNECT from localhost[::1]
Feb 15 12:35:02 Golf1 postfix/smtpd[21053]: disconnect from localhost[::1]
Feb 15 12:37:12 Golf1 clamd[9221]: SelfCheck: Database status OK.
Feb 15 12:40:03 Golf1 dovecot: pop3-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Feb 15 12:40:03 Golf1 dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Feb 15 12:40:03 Golf1 postfix/smtpd[21238]: connect from localhost[::1]
Feb 15 12:40:03 Golf1 postfix/smtpd[21238]: lost connection after CONNECT from localhost[::1]
Feb 15 12:40:03 Golf1 postfix/smtpd[21238]: disconnect from localhost[::1]
Feb 15 12:45:02 Golf1 dovecot: pop3-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Feb 15 12:45:02 Golf1 dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Feb 15 12:45:03 Golf1 postfix/smtpd[21452]: connect from localhost[::1]
Feb 15 12:45:03 Golf1 postfix/smtpd[21452]: lost connection after CONNECT from localhost[::1]
Feb 15 12:45:03 Golf1 postfix/smtpd[21452]: disconnect from localhost[::1]
Reply With Quote
  #15  
Old 28th February 2012, 12:35
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,788
Thanks: 840
Thanked 5,612 Times in 4,423 Posts
Default

Open /etc/suphp.conf...

vi /etc/suphp.conf

... and make sure that it contains x-httpd-suphp instead of x-httpd-php towards the end of the file:

Code:
[...]
[handlers]
;Handler for php-scripts
;x-httpd-php="php:/usr/bin/php-cgi5"
x-httpd-suphp="php:/usr/bin/php-cgi5"
[...]
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #16  
Old 28th February 2012, 15:11
Cracklefish Cracklefish is offline
Member
 
Join Date: Mar 2009
Posts: 95
Thanks: 8
Thanked 3 Times in 3 Posts
 
Default

Quote:
Originally Posted by till View Post
Open /etc/suphp.conf...

vi /etc/suphp.conf

... and make sure that it contains x-httpd-suphp instead of x-httpd-php towards the end of the file:

Code:
[...]
[handlers]
;Handler for php-scripts
;x-httpd-php="php:/usr/bin/php-cgi5"
x-httpd-suphp="php:/usr/bin/php-cgi5"
[...]
Actually it had...

Code:
[handlers]
;Handler for php-scripts
;x-httpd-php="php:/www/cgi-bin/php5"
x-httpd-suphp="php:/www/cgi-bin/php5"
[...]
"/www/cgi-bin/php5" is a symlink to "/usr/bin/php-cgi5"

I tried both versions but no difference, however on restarting apache I notices an error message

Code:
Shutting down httpd2 (waiting for all children to terminate)         done
Starting httpd2 (prefork) Unable to store vlogger data in database                                                                  done
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Vhosts...conf not synced to changes crypted General 50 24th April 2010 01:54
amavis rejects all inbound emails aclhkaclhk Installation/Configuration 5 28th February 2010 05:24
The system is currently updating the configuration files. warlock General 8 21st February 2009 19:15
"Too many open files in system" problems Berry Installation/Configuration 3 10th November 2007 22:58
HotSaNIC domino Tips/Tricks/Mods 23 6th November 2006 06:19


All times are GMT +2. The time now is 01:40.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.