Mail-Error - Log filled with references to example.com

Discussion in 'ISPConfig 3 Priority Support' started by inside83, Jan 25, 2015.

  1. inside83

    inside83 Member HowtoForge Supporter

    Hello,

    I hope I'm not boring the support staff but I want my ISPconfig-enabled servers to run as smoothly as possible and I'm fairly new in the Linux world.
    My Mail-Error - Log (Monitor > Show Mail-Error - Log) is filled with "example.com" references. Right now "example.com" is mentioned 32 on the log page.
    It looks something like this:
    example.com_1.jpg
    example.com_2.jpg
    Is this normal?
    Should I be worried?
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    You must have example.com somewhere in the config files instead of your real domain name. try e.g.:

    grep -r example.com /etc

    to find it.
     
  3. inside83

    inside83 Member HowtoForge Supporter

    Should I replace all occurrences of example.com with mydomain.com?
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Yes. example.com is just a placeholder for yur real domain name.
     
  5. inside83

    inside83 Member HowtoForge Supporter

    Could that be done automatically?
    Like replace all example.com with mydomain.com.
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    I wont do that automatically. There cant be that many places, maybe 2-3 files.
     
  7. inside83

    inside83 Member HowtoForge Supporter

    When I executed
    Code:
    grep -r example.com /etc
    the result had 58 lines before it frozen.
    This is the result:
    Code:
    grep: /etc/alternatives/jre_1.7.0/lib/audio/default.sf2: No such file or directory
    grep: /etc/alternatives/jre_openjdk/lib/audio/default.sf2: No such file or directory
    grep: /etc/alternatives/jre/lib/audio/default.sf2: No such file or directory
    /etc/httpd/conf/httpd.conf:#ServerName www.example.com:80
    /etc/httpd/conf/httpd.conf:# Redirect permanent /foo http://www.example.com/bar
    /etc/httpd/conf/httpd.conf:#ErrorDocument 402 http://www.example.com/subscription_info.html
    /etc/httpd/conf/httpd.conf:# Change the ".example.com" to match your domain to enable.
    /etc/httpd/conf/httpd.conf:#    Allow from .example.com
    /etc/httpd/conf/httpd.conf:# Change the ".example.com" to match your domain to enable.
    /etc/httpd/conf/httpd.conf:#    Allow from .example.com
    /etc/httpd/conf/httpd.conf:#    Allow from .example.com
    /etc/httpd/conf/httpd.conf:#    ServerAdmin [email protected]
    /etc/httpd/conf/httpd.conf:#    DocumentRoot /www/docs/dummy-host.example.com
    /etc/httpd/conf/httpd.conf:#    ServerName dummy-host.example.com
    /etc/httpd/conf/httpd.conf:#    ErrorLog logs/dummy-host.example.com-error_log
    /etc/httpd/conf/httpd.conf:#    CustomLog logs/dummy-host.example.com-access_log common
    /etc/httpd/conf.d/webalizer.conf:    # Allow from .example.com
    /etc/postfix/transport:#        In order to send mail for example.com and  its  subdomains
    /etc/postfix/transport:#             example.com      uucp:example
    /etc/postfix/transport:#             .example.com     uucp:example
    /etc/postfix/transport:#        directs  mail  for [email protected] via the slow transport
    /etc/postfix/transport:#        to a mail exchanger for example.com.  The  slow  transport
    /etc/postfix/transport:#             example.com      slow:
    /etc/postfix/transport:#        above).  The following sends all mail for example.com  and
    /etc/postfix/transport:#        its subdomains to host gateway.example.com:
    /etc/postfix/transport:#             example.com      :[gateway.example.com]
    /etc/postfix/transport:#             .example.com     :[gateway.example.com]
    /etc/postfix/transport:#        MX host for example.com.
    /etc/postfix/transport:#             example.com      smtp:bar.example:2025
    /etc/postfix/transport:#        This directs mail for [email protected] to host bar.example
    /etc/postfix/transport:#             .example.com     error:mail for *.example.com is not deliverable
    /etc/postfix/transport:#        This  causes  all mail for [email protected] to be
    /etc/amavisd/amavisd.conf~:$mydomain = 'example.com';   # a convenient default for other settings
    /etc/amavisd/amavisd.conf~:# $myhostname = 'host.example.com';  # must be a fully-qualified domain name!
    /etc/amavisd/amavisd.conf~:# [email protected]'  => [[email protected]' => 10.0}],
    /etc/amavisd/amavisd.conf~:# [email protected]'  => [{'.ebay.com'                 => -3.0}],
    /etc/amavisd/amavisd.conf~:# [email protected]'  => [[email protected]' => -7.0,
    /etc/amavisd/amavisd.conf:# $myhostname = 'host.example.com';  # must be a fully-qualified domain name!
    /etc/amavisd/amavisd.conf:# [email protected]'  => [[email protected]' => 10.0}],
    /etc/amavisd/amavisd.conf:# [email protected]'  => [{'.ebay.com'                 => -3.0}],
    /etc/amavisd/amavisd.conf:# [email protected]'  => [[email protected]' => -7.0,
    /etc/dovecot/conf.d/auth-static.conf.ext:#  args = proxy=y host=%1Mu.example.com nopassword=y
    /etc/dovecot/dovecot-sql.conf:#   connect = host=sql.example.com dbname=virtual user=virtual password=blarg
    /etc/krb5.conf:  kdc = kerberos.example.com
    /etc/krb5.conf:  admin_server = kerberos.example.com
    /etc/krb5.conf: .example.com = EXAMPLE.COM
    /etc/krb5.conf: example.com = EXAMPLE.COM
    /etc/mail/virtusertable:# @foo.org      [email protected]
    /etc/mail/virtusertable:# [email protected] [email protected]
    /etc/mail/virtusertable:# [email protected] [email protected]
    /etc/mail/virtusertable:# [email protected]    [email protected]
    /etc/mail/virtusertable:# [email protected]   [email protected]
    /etc/dovecot-sql.conf:#   connect = host=sql.example.com dbname=virtual user=virtual password=blarg
    /etc/php.ini:; following the section heading [HOST=www.example.com] only apply to
    /etc/php.ini:; PHP files served from www.example.com.  Directives set in these
    /etc/php.ini:;sendmail_from = [email protected]
    grep: /etc/udev/devices/ttyp7: Input/output error
    grep: /etc/udev/devices/kmsg: Operation not permitted
    
     
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    Seems a bit as if there was a fifferent controlpanel installed before you installed ISPConfig as there are so many files that dont belong to a ispconfig setup. You should chcek the files in /etc/postfix, /etc/mail and /etc/amavisd/ directory. before you change a file, do a backup.
     
  9. inside83

    inside83 Member HowtoForge Supporter

    I swear there was nothing but CentOS before I installed ISPConfig.
    Thank you.
    I'll come back with the results.
     
  10. inside83

    inside83 Member HowtoForge Supporter

    etc/postfix
    only
    Code:
    /etc/postfix/transport
    and everything is uncommented
    etc/mail
    only
    Code:
    /etc/mail/virtusertable
    and everything is uncommented
    /etc/amavisd
    both files
    Code:
    /etc/amavisd/amavisd.conf
    /etc/amavisd/amavisd.conf~
    and in both files everything is uncommented exept
    Code:
    # soft-blacklisting (positive score)
         [email protected]'                     =>  3.0,
         '.example.net'                           =>  1.0,
     
  11. till

    till Super Moderator Staff Member ISPConfig Developer

    Ok, so thats all fine.

    Do you see these messages in the mailqueue when you run:

    postqueue -p

    If yes, then you could take a loo inside the message with the postcat command to see which application has send it.
     
  12. inside83

    inside83 Member HowtoForge Supporter

    This is what I get when I run
    postqueue - p
    But when I go to Monitor > Show Mail Queue in ISPConfig, there is nothing.
    It could not fit here in the post so here is the link:
    http://paste.ofcode.org/xeNUCDqAPMCwGaagZmLNiY
    Please help.
     
  13. till

    till Super Moderator Staff Member ISPConfig Developer

  14. inside83

    inside83 Member HowtoForge Supporter

    I just checked and ran
    grep -r example.com /etc/fail2ban
    There is
    Code:
    [email protected]
    in a lot of places in /etc/fail2ban/jail.conf
    Should I put my e-mail address instead?
    There is 'example.com' in other files too, but always uncommented.
    This is what I get when I execute
    postcat /var/spool/postfix/deferred/0/0196531A1FB8
    http://paste.ofcode.org/HcHNtV2ZnJwAvF2hgBEFzw
    It looks like Fail2Ban is informing me (or rather informing [email protected]) about it banning the IP address.
    Am I right?
     
  15. till

    till Super Moderator Staff Member ISPConfig Developer

Share This Page