Hi guys, Is 15 minutes that my email server, realized with ISPConfig and roundcube, is not working properly. In the mail.log file I can see: Code: maildrop[4182]: Unable to open filter file, errno=13. ... status=deferred (temporary failure. Command output: /usr/bin/maildrop: Unable to open filter file, errno=13. Do you know what is going on? I tried to reboot the server and also just postfix, but nothing happen... Thanks Michele
Please check if there is a .mailfilter file in /var/vmail or /home/vmail depending on where your emails are stored.
Thanks Till for your answer. I've a master-master replication of dbispconfig (just the tables regarding the email) and /var/vmail. It was working fine. Now from the main server I've this problem, but if I switch off it, the other server is working without problem. In both servers I've .mailfilter, the same file in both and with this permission: -rw------- 1 root root 1710 2009-10-28 10:26 .mailfilter The .mailfilter anyway is this one: Code: # # Import variables # LOGNAME=tolower("$LOGNAME") EXTENSION="$1" RECIPIENT=tolower("$2") USER=tolower("$3") HOST=tolower("$4") SENDER="$5" DEFAULT="/var/vmail/$HOST/$USER/." # Workaround for broken tolower function in some current fedora releases if(!$USER) { USER=$3 } if(!$HOST) { HOST=$4 } if ( "$EXTENSION" ne "" ) { DELIMITER="+" } if (!$SENDER) { SENDER = "<>" } # # Autocreate maildir, if not existant # `test -e /var/vmail/$HOST` if ( $RETURNCODE != 0 ) { `mkdir /var/vmail/$HOST` } `test -e /var/vmail/$HOST/$USER` if ( $RETURNCODE != 0 ) { `maildirmake /var/vmail/$HOST/$USER` `chmod -R 0700 /var/vmail/$HOST` } # Check if the user has a autoresponder enabled `test -f /var/vmail/mailfilters/$HOST/$USER/.autoresponder` if ( $RETURNCODE == 0 ) { include "/var/vmail/mailfilters/$HOST/$USER/.autoresponder" } # Create a mailsize file `echo $SIZE >> /var/vmail/$HOST/$USER/ispconfig_mailsize` # Move SPAM to junk `test -e /var/vmail/$HOST/$USER/.Junk` if ( $RETURNCODE != 0 ) { `maildirmake -f Junk /var/vmail/$HOST/$USER` `chmod -R 0700 /var/vmail/$HOST/$USER/.Junk` `echo INBOX.Junk >> /var/vmail/$HOST/$USER/courierimapsubscribed` } if (/^Subject:.*\*\*\*SPAM\*\*\*/:h) { to /var/vmail/$HOST/$USER/.Junk/ } # # Test if the user has his own maildrop include, # if not available, check if $DEFAULT is set # (newer maildrop get's that from the DB and updates # it) and deliver or fail temporarily if not available # `test -f /var/vmail/mailfilters/$HOST/$USER/.mailfilter` if ( $RETURNCODE == 0 ) { include "/var/vmail/mailfilters/$HOST/$USER/.mailfilter" } else { if ( "$DEFAULT" ne "" ) { to "$DEFAULT" } else { EXITCODE=75 exit } } Suggestions? thanks Michele
maybe is a stupid thing, but after taht I edited this file /var/www/ispconfig/mail/lib/lang/en_mail_user.lng I started to have problems. But anyway I came back to the old file and I still have this problem...
I'm just realize that into the mail.log, once that I reboot the server, I can see this error: Code: spamd[2258]: dns: sendto() failed: Operation not permitted at /usr/share/perl5/Mail/SpamAssassin/DnsResolver.pm line 395.
Editing the .lng file is not related to your problems. The spamd error is a different problem too. Do you have the problem with all accounts or just one? Please post the content of the postfix master.cf and the output of: ls -la /var/vmail/
Hi Till, It's look like a problem for all my accounts. The postfix of master.cf is: Code: # # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # Do not forget to execute "postfix reload" after editing this file. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - - - - smtpd #submission inet n - - - - smtpd # -o smtpd_tls_security_level=encrypt # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #smtps inet n - - - - smtpd # -o smtpd_tls_wrappermode=yes # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #628 inet n - - - - qmqpd pickup fifo n - - 60 1 pickup cleanup unix n - - - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - - 300 1 oqmgr tlsmgr unix - - - 1000? 1 tlsmgr rewrite unix - - - - - trivial-rewrite bounce unix - - - - 0 bounce defer unix - - - - 0 bounce trace unix - - - - 0 bounce verify unix - - - - 1 verify flush unix n - - 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - - - - smtp # When relaying mail as backup MX, disable fallback_relay to avoid MX loops relay unix - - - - - smtp -o smtp_fallback_relay= # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - - - - showq error unix - - - - - error retry unix - - - - - error discard unix - - - - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - - - - lmtp anvil unix - - - - 1 anvil scache unix - - - - 1 scache # # ==================================================================== # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. # # Many of the following services use the Postfix pipe(8) delivery # agent. See the pipe(8) man page for information about ${recipient} # and other message envelope options. # ==================================================================== # # maildrop. See the Postfix MAILDROP_README file for details. # Also specify in main.cf: maildrop_destination_recipient_limit=1 # maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail ${extension} ${recipient} ${user} ${nexthop} ${sender} # # See the Postfix UUCP_README file for configuration details. # uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) # # Other external delivery methods. # ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailman unix - n n - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user} amavis unix - - - - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes 127.0.0.1:10025 inet n - - - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o smtpd_bind_address=127.0.0.1 And the output of ls -la /var/vmail/ is: Code: drwxr-xr-x 15 vmail vmail 4096 2009-10-28 16:28 . drwxr-xr-x 15 root root 150 2009-10-27 15:48 .. -rw-r--r-- 1 root root 220 2009-10-27 17:37 .bash_logout -rw-r--r-- 1 vmail vmail 3116 2009-10-27 17:37 .bashrc -rw------- 1 root root 1710 2009-10-28 16:27 .mailfilter drwxr-xr-x 3 root root 4096 2009-10-28 14:06 mailfilters -rw-r--r-- 1 root root 675 2009-10-27 17:37 .profile drwx------ 3 vmail vmail 4096 2009-10-28 14:54 domains
And the errors that I have when I reboot the server are: Code: Oct 29 09:27:43 srv3 spamd[2221]: logger: removing stderr method Oct 29 09:27:44 srv3 spamd[2271]: dns: sendto() failed: Operation not permitted at /usr/share/perl5/Mail/SpamAssassin/DnsResolver.pm line 395. Oct 29 09:27:46 srv3 authdaemond: modules="authmysql", daemons=5 Oct 29 09:27:46 srv3 authdaemond: Installing libauthmysql Oct 29 09:27:46 srv3 authdaemond: Installation complete: authmysql Oct 29 09:27:47 srv3 postfix/master[2944]: daemon started -- version 2.5.5, configuration /etc/postfix Oct 29 09:27:48 srv3 postfix/qmgr[2961]: 259542528: from=<[email protected]xx.com>, size=1381, nrcpt=1 (queue active) Oct 29 09:27:48 srv3 spamd[2271]: spamd: server started on port 783/tcp (running version 3.2.5) Oct 29 09:27:48 srv3 spamd[2271]: spamd: server pid: 2271 Oct 29 09:27:48 srv3 spamd[2271]: spamd: server successfully spawned child process, pid 3014 Oct 29 09:27:48 srv3 spamd[2271]: spamd: server successfully spawned child process, pid 3015 Oct 29 09:27:48 srv3 spamd[2271]: prefork: child states: II Oct 29 09:27:48 srv3 maildrop[2991]: Unable to open filter file, errno=13. Thanks Michele
Thanks Till, now the emails are working. Unfortunately I still have this error: Code: spamd[2263]: dns: sendto() failed: Operation not permitted at /usr/share/perl5/Mail/SpamAssassin/DnsResolver.pm line 395. Any idea? Anyway it's strange because it was working fine till yesterday morning and the other server (the replication) don't have this problem... Thanks Michele
A fast upgrade: I did a diagnostic test here: http://www.mxtoolbox.com/diagnostic.aspx and this is the result: Not an open relay. 0 seconds - Good on Connection time 0.593 seconds - Good on Transaction time OK - xxx.xxx.xxx.xxx resolves to Warning - Reverse DNS does not match SMTP Banner I've the same result also if I test the other server... It's look like a Reverse DNS problem... but if I'm going to http://remote.12dt.com/ and I test the IP of the servers, I've the reverse DNS... I had a look into the file /etc/resolv.conf and it's setup by the provider...
Sorry if I write again another post, but I've reboot both servers and this are the differences in the inizialization: MASTER SERVER(the one with the error) Code: spamd[2224]: logger: removing stderr method [U]spamd[2273]: dns: sendto() failed: Operation not permitted at /usr/share/perl5/Mail/SpamAssassin/DnsResolver.pm line 395.[/U] authdaemond: modules="authmysql", daemons=5 authdaemond: Installing libauthmysql authdaemond: Installation complete: authmysql BACKUP SERVER Code: spamd[2247]: logger: removing stderr method spamd[2267]: spamd: server started on port 783/tcp (running version 3.2.5) spamd[2267]: spamd: server pid: 2267 spamd[2267]: spamd: server successfully spawned child process, pid 2535 spamd[2267]: spamd: server successfully spawned child process, pid 2536 spamd[2267]: prefork: child states: II authdaemond: modules="authmysql", daemons=5 authdaemond: Installing libauthmysql authdaemond: Installation complete: authmysql
I can see that if I receive an email, it's look like amavis doesn't check the spam, because in thel log there is: Code: postfix/cleanup[3794]: 26F25251B: message-id=<[email protected]> postfix/qmgr[2945]: XXX: from=<[email protected]>, size=7171, nrcpt=1 (queue active) amavis[2222]: (02222-01) [U]Passed CLEAN[/U], [xxx.xxx.xxx.xxx] [xxx.xxx.xxx.xxx] <[email protected]> -> <[email protected]>, Message-ID: <[email protected]>, mail_id: xxxxx, Hits: 0.179, size: 6694, queued_as: 26F2525xx, 743 ms postfix/smtp[3795]: 1E4A82xxx: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.1, delays=0.34/0.03/0.02/0.74, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=02222-01, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 26F252xxx) postfix/qmgr[2945]: 1E4A8xxxx: removed postfix/pipe[3801]: 26F2xxx: to=<[email protected]>, relay=maildrop, delay=0.49, delays=0.01/0.03/0/0.45, dsn=2.0.0, status=sent (delivered via maildrop service) postfix/qmgr[2945]: 26Fxxxx: removed Any idea?
Ok but how can I check the level spam values that spamassassin gave to the email received? What do you think about the other problem that I explained before? Thanks a lot Till Michele
Ok last upgrade of the day. The ploblem of ReverseDNS was a my fault: I did't setup properly it with my ISP, now it's solved (I've passed also the test http://www.mxtoolbox.com/diagnostic.aspx) But unfortunately I still have this error on the mail.log, once that I reboot the server: Code: spamd[2253]: dns: sendto() failed: Operation not permitted at /usr/share/perl5/Mail/SpamAssassin/DnsResolver.pm line 395.
The sendo() failure can be cuased by a firewall that blocks dns connections. Have you tried to disable the firewall temporarily?
Hi Till, you're right. I've disabled the ISPConfig Firewall and the error disappear... The strange thing is that the other server, with the replication also of firewall rules, have not errors... Do you know which port I've to oper to avoid this error? The firewall rules that I was using was the one by default of ISPConfig (20,21,22,25,53,80,110,143,443,3306,8080,10000) Thanks MiK PS: anyway it's normal that in the mail.log I can not read the spam level that spamassassin gave to every incoming email?
Please try to stop fail2ban and then start the firewall again and check if it still works. This might depend on two things: 1) Set the spam tag level to 0 or even -100 in the rules you use. (just the tag level, not the tag2 level). 2) The loglevel in the amavisd.conf file (or on debian in the 50-user file inside the amvisd directory).
Ok if I stop fail2ban and after I active the firewall rules of ISPConfig, how can I check if I haven't that error if I saw this error in the initialization phase just after a reboot? For the second point: I've solve it setting a log_level=4 in /etc/amavis/conf.d/50-user thanks a lot Michele