Gld problem using SpamSnake-Ubuntu How to

Discussion in 'HOWTO-Related Questions' started by sypmaster, May 8, 2008.

  1. sypmaster

    sypmaster New Member

    Hi, guys.

    I followed the Spamsnake tutorial, and when I started to use the solution I get an error in gld.

    gld: Unable to connect to MYSQL

    I have checked the sql variables at gld.conf and all are ok. When I issue the command mysql gld_db -u gld_user -p, I connect to the database.
    mysql> show databases;
    +--------------------+
    | Database |
    +--------------------+
    | information_schema |
    | gld_db |
    +--------------------+
    2 rows in set (0.00 sec)

    So the user and password are ok.

    Gld is up and running, and the postfix configuration seems ok.

    If I issue a telnet localhost 2525 I get no response. Is it normal?


    Any suggestions? Can I ignore this configuration?
     
  2. Rocky

    Rocky New Member

    Ok what it seems like is that you may have a username or password error in the gld.conf file.

    Did you create and give the user gld_user, or whatever user, the proper permissions on the gld_db using the following?

    GRANT ALL ON gld_db.* TO [email protected] IDENTIFIED BY ‘gld_password’;

    Did you change the gld_password or gld_user for your needs?

    Make sure you edit /etc/gld.conf and setup the following section with the correct values(SQLUSER/SQLPASSWD/SQLDB):
    SQLHOST=localhost
    SQLUSER=gld_user
    SQLPASSWD=gld_password
    SQLDB-gld_db

    Have you added the following to your /etc/postfix/main.cf file?
    check_policy_service inet:127.0.0.1:2525

    Port 2525 in the above string is used only for postfix-gld and does not affect the functionality of postfix.

    If you do a telnet localhost 25, do you connect to your server?
     
  3. sypmaster

    sypmaster New Member

    Did you create and give the user gld_user, or whatever user, the proper permissions on the gld_db using the following?

    GRANT ALL ON gld_db.* TO [email protected] IDENTIFIED BY ‘gld_password’;
    Yes
    Did you change the gld_password or gld_user for your needs?
    Yes
    Make sure you edit /etc/gld.conf and setup the following section with the correct values(SQLUSER/SQLPASSWD/SQLDB):
    SQLHOST=localhost
    SQLUSER=gld_user
    SQLPASSWD=gld_password
    SQLDB-gld_db
    Yes,but one question. Is it SQLDB-gld_db or SQLDB=gld_db. I choose the last one based on the readme of gld
    Have you added the following to your /etc/postfix/main.cf file?
    check_policy_service inet:127.0.0.1:2525
    Yes
    Port 2525 in the above string is used only for postfix-gld and does not affect the functionality of postfix.

    If you do a telnet localhost 25, do you connect to your server?
    Result of this telnet - 220 ubuntuserver ESMTP Postfix (Ubuntu)
     
  4. Rocky

    Rocky New Member

    You're correct, it's supposed to be SQLDB=gld_db.
    Your telnet response seems correct, and if you do a helo localhost after you do telnet localhost 25, you should get a 250 server1.example.com message.

    Are you receiving mails or are they just getting bounced back? If you do a tail -f /var/log/mail.log, you'll see postfix in action.

    Can you post a breif sample of what you're seeing when viewing your mail.log?

    Have you implement the firewall?
     
  5. sypmaster

    sypmaster New Member

    Well, let me tell how is my net configuration.

    I have a firewall, behind this is the ubuntu server(as a vmware vm) and it will delivery the mails to a zimbra server in another server(centos5/zimbra virtual machine).

    My test domain is anniju.com.br. I am using an external domain to send the teste mail realmotopecas.com.br.

    Here is a sample of the connection from mail.log

    May 8 11:22:11 ubuntuserver postfix/smtpd[8818]: connect from ns1.realmotopecas.com.br[200.243.228.2]
    May 8 11:22:23 ubuntuserver postfix/policy-spf[8822]: handler sender_policy_framework: is decisive.
    May 8 11:22:24 ubuntuserver postfix/policy-spf[8822]: : Policy action=PREPEND Received-SPF: none (realmotopecas.com.br: No applicable sender policy available) receiver=ubuntuserver.datasafenet.com.br; identity=mfrom; envelope-from="[email protected]"; helo=realmail.realmotopecas.com.br; client-ip=200.243.228.2
    May 8 11:22:29 ubuntuserver gld: Unable to connect to MYSQL
    May 8 11:22:29 ubuntuserver postfix/smtpd[8818]: NOQUEUE: reject: RCPT from ns1.realmotopecas.com.br[200.243.228.2]: 450 4.1.2 <[email protected]>: Recipient address rejected: Domain not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<realmail.realmotopecas.com.br>
    May 8 11:22:31 ubuntuserver postfix/smtpd[8818]: disconnect from ns1.realmotopecas.com.br[200.243.228.2]
     
  6. Rocky

    Rocky New Member

    Please remove the following from your smtpd_recipient_restriction:
    reject_unknown_sender_domain
    This is causing your emails from realmotopecas.com.br to be rejected. Don't forget to do a postfix reload.

    Also, did you change SQLHOST=localhost to anything else? If so, try replacing it with localhost and see if that works. You'll have to restart gld after making the change.

    Make sure the user: postfix-gld and group: postfix-gld are created also.

    Do a netstat -tap | grep gld and post the result.
     
  7. sypmaster

    sypmaster New Member

    Please remove the following from your smtpd_recipient_restriction:
    reject_unknown_sender_domain
    I remove and reload/restart postfix. Same error.
    This is causing your emails from realmotopecas.com.br to be rejected. Don't forget to do a postfix reload.

    Also, did you change SQLHOST=localhost to anything else? If so, try replacing it with localhost and see if that works. You'll have to restart gld after making the change.
    Still localhost, no change
    Make sure the user: postfix-gld and group: postfix-gld are created also.
    Both created, by the installer. Home = \ e shel = /bin/false

    Do a netstat -tap | grep gld and post the result.
    netstat -tap | grep gld
    tcp 0 0 localhost.localdom:2525 *:* LISTEN 4927/gld
     
  8. Rocky

    Rocky New Member

    This is the result I get when doing netstat -tap | grep gld:

    tcp 0 0 localhost:2525 *:* LISTEN 498/gld

    Maybe it'll be better if you drop the gld database and start from the beginning.
     
  9. sypmaster

    sypmaster New Member

    well, stange thing. After point the mailgateway server to a internal dns tha has the zone anniju.com.br configured, the gld error stopped. Go figures.
    The ohter error about dropping external e-mail, I think the error is not about that parameter in main.cf.
    I think he is dropping e-mail because the postfix process is unable to read the relay_domains.db. It seems the drop occurs because he thinks the domain anniju.com.br is not configured.
    Is there a postmap command to test the integrity o the.db archive?
     
  10. Rocky

    Rocky New Member

    You can open the relay_domains file using vi /etc/postfix/relay_domains to make sure the parameters are set correctly. It should be in the format of:
    example.com OK
    example2.com OK

    After that, do a postmap /etc/postfix/relay_domains and then a postfix reload. That should assure that the file is legible to postfix.

    For domains that are getting rejected, create a recipient_access file that will store all the domains that you wish to accept emails from. The following should be added to you smtpd_recipient_restriction:
    check_recipient_access hash:/etc/postfix/recipient_access

    Ofcourse, the recipient_access file will have to be created and postmap. It should be in the following format:
    domain.com OK
    domain2.com OK

    Try putting the domain that mails are being rejected from and see if it passes through, after you've done the above. Make sure to do a postfix reload anytime you change the postfix configuration or data files.
     
  11. sypmaster

    sypmaster New Member

    I have reverted a snapshot of the virtual machine and started the configuration again.

    Everithing working now. I have to remove the reject_unknown_recipient_domain from smtpd_recipient_restrictions. To discover this I tested the parameters one by one.

    About gld, I have done something a little diferent. I did not use the table and tabel-whitelist.sql from the source. I grab them from the postfix-gld.deb file.

    Is there any particular reason to use them from the source?
     
  12. Rocky

    Rocky New Member

    Thanks for pointing that out and there is no difference. I had that written down for an update, but lost it somehow. I'll modify the guide asap.

    Rocky
     

Share This Page