amavisd giving me a hard time! Sometimes connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)

Discussion in 'General' started by edge, May 3, 2020.

  1. edge

    edge Active Member Moderator

    Okay. This is what I found till now.
    Code:
    [email protected]:/etc/monit# systemctl status amavis
    ● amavis.service - LSB: Starts amavisd-new mailfilter
       Loaded: loaded (/etc/init.d/amavis; generated)
       Active: active (running) since Thu 2020-05-07 11:00:31 CEST; 38min ago
         Docs: man:systemd-sysv-generator(8)
      Process: 487 ExecStart=/etc/init.d/amavis start (code=exited, status=0/SUCCESS)
        Tasks: 5 (limit: 4701)
       Memory: 198.8M
       CGroup: /system.slice/amavis.service
               ├─1091 /usr/sbin/amavisd-new (master)
               ├─5084 /usr/sbin/amavisd-new (ch17-avail)
               ├─5255 /usr/sbin/amavisd-new (ch16-avail)
               ├─5630 /usr/sbin/amavisd-new (ch4-avail)
               └─5798 /usr/sbin/amavisd-new (virgin child)
    
    May 07 11:38:58 server amavis[5630]: (05630-04) load: 0 %, total idle 140.114 s, busy 0.020 s
    May 07 11:38:58 server amavis[5085]: (05085-20) Amavis::DB::SNMP DESTROY called
    May 07 11:38:58 server amavis[5085]: (05085-20) Net::Server: Child leaving (20)
    May 07 11:38:58 server amavis[5085]: (05085-20) Amavis::Out::SQL::Connection DESTROY called
    May 07 11:38:58 server amavis[5085]: (05085-20) Amavis::Lookup::SQL DESTROY called
    May 07 11:38:58 server amavis[1091]: sd_notify (no socket): STATUS=Starting child process(es), ready for work.
    May 07 11:38:58 server amavis[1091]: Net::Server: Starting "1" children
    May 07 11:38:58 server amavis[5798]: Net::Server: Child Preforked (5798)
    May 07 11:38:58 server amavis[5798]: entered child_init_hook
    May 07 11:38:58 server amavis[5798]: SpamControl: init_child on SpamAssassin done
    [email protected]:/etc/monit#
    Looks to me that SQL is causing the problems. But why only on 10026???
     
  2. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    I think those "DESTROY" logs are just amavis freeing perl class instances (eg. probably frees database handles and such), not an error. That looks like an orderly child exit and restarting a new one.
     
    Last edited: May 7, 2020
    edge likes this.
  3. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    Incoming mail from the internet (non authenitcated) goes through 10024, authenticated mail goes through 10026 - so in most circumstances, 10026 is quite unused, and does a lot less work, compared to 10024. You hit some resource constraints or whatever, and 10024 could be backed up while 10026 is still available.
     
    edge likes this.
  4. edge

    edge Active Member Moderator

    once again thank you Jesse. I've really no clue what is causing this problem here.
    I hope you can find something when you have time.
     
  5. edge

    edge Active Member Moderator

    off-topic @Jesse Norell . Are you still connected to my server? According to who you are... If so.. This must be the longest SSH session ever recorded :)
     
  6. edge

    edge Active Member Moderator

    Looks like @Jesse Norell found the problem, and all credits go to him!
    It was a firewall rule (created by me some time ago) for passive connections (from only my IP) to the server (tcp dpts:50100:51100)
    Jesse explained to me exactly what was going wrong in his email, but I (noob) have no clue what he is on about :-/
     
    till, Steini86 and Th0m like this.
  7. Steini86

    Steini86 Active Member

    Maybe this would have been found earlier if you hadn't posted that disabling the firewall did not make a difference:
    Anyway, glad this was successfully solved!
     
    edge and Th0m like this.
  8. edge

    edge Active Member Moderator

    So true, and the firewall was disabled. But.. Only after this happening, and me restarting things. (postfix / amavisd / .... )
    I guess the damage was already done. Every time I restarted the server I enabled the firewall again.
     

Share This Page