Maildrop error: Unable to open filter file, errno=13

Discussion in 'Installation/Configuration' started by voltron81, Oct 28, 2009.

  1. voltron81

    voltron81 New Member

    Hi guys,
    Is 15 minutes that my email server, realized with ISPConfig and roundcube, is not working properly.

    In the mail.log file I can see:
    Code:
     maildrop[4182]: Unable to open filter file, errno=13.
    ...
    status=deferred (temporary failure. Command output: /usr/bin/maildrop: Unable to open filter file, errno=13.
    Do you know what is going on?
    I tried to reboot the server and also just postfix, but nothing happen...
    Thanks

    Michele
     
  2. till

    till Super Moderator

    Please check if there is a .mailfilter file in /var/vmail or /home/vmail depending on where your emails are stored.
     
  3. voltron81

    voltron81 New Member

    Thanks Till for your answer.
    I've a master-master replication of dbispconfig (just the tables regarding the email) and /var/vmail.
    It was working fine.
    Now from the main server I've this problem, but if I switch off it, the other server is working without problem.

    In both servers I've .mailfilter, the same file in both and with this permission:
    -rw------- 1 root root 1710 2009-10-28 10:26 .mailfilter

    The .mailfilter anyway is this one:
    Code:
    #
    # Import variables
    #
    
    LOGNAME=tolower("$LOGNAME")
    EXTENSION="$1"
    RECIPIENT=tolower("$2")
    USER=tolower("$3")
    HOST=tolower("$4")
    SENDER="$5"
    DEFAULT="/var/vmail/$HOST/$USER/."
    
    # Workaround for broken tolower function in some current fedora releases
    
    if(!$USER)
    {
      USER=$3
    }
    if(!$HOST)
    {
      HOST=$4
    }
    
    if ( "$EXTENSION" ne "" )
    {
      DELIMITER="+"
    }
    
    if (!$SENDER)
    {
      SENDER = "<>"
    }
    
    #
    # Autocreate maildir, if not existant
    #
    
    `test -e /var/vmail/$HOST`
    if ( $RETURNCODE != 0 )
    {
      `mkdir /var/vmail/$HOST`
    }
    
    `test -e /var/vmail/$HOST/$USER`
    if ( $RETURNCODE != 0 )
    {
      `maildirmake /var/vmail/$HOST/$USER`
      `chmod -R 0700 /var/vmail/$HOST`
    }
    
    # Check if the user has a autoresponder enabled
    
    `test -f /var/vmail/mailfilters/$HOST/$USER/.autoresponder`
    if ( $RETURNCODE == 0 )
    {
      include "/var/vmail/mailfilters/$HOST/$USER/.autoresponder"
    }
    # Create a mailsize file
    `echo $SIZE >> /var/vmail/$HOST/$USER/ispconfig_mailsize`
    
    
    # Move SPAM to junk
    `test -e /var/vmail/$HOST/$USER/.Junk`
    if ( $RETURNCODE != 0 )
    {
      `maildirmake -f Junk /var/vmail/$HOST/$USER`
      `chmod -R 0700 /var/vmail/$HOST/$USER/.Junk`
      `echo INBOX.Junk >> /var/vmail/$HOST/$USER/courierimapsubscribed`
    }
    if (/^Subject:.*\*\*\*SPAM\*\*\*/:h)
    {
    to /var/vmail/$HOST/$USER/.Junk/
    }
    
    
    
    
    #
    # Test if the user has his own maildrop include,
    # if not available, check if $DEFAULT is set
    # (newer maildrop get's that from the DB and updates
    # it) and deliver or fail temporarily if not available
    #
    
    `test -f /var/vmail/mailfilters/$HOST/$USER/.mailfilter`
    if ( $RETURNCODE == 0 )
    {
      include "/var/vmail/mailfilters/$HOST/$USER/.mailfilter"
    }
    else
    {
      if ( "$DEFAULT" ne "" )
      {
        to "$DEFAULT"
      }
      else
      {
        EXITCODE=75
        exit
      }
    }
    
    Suggestions?

    thanks
    Michele
     
  4. voltron81

    voltron81 New Member

    maybe is a stupid thing, but after taht I edited this file /var/www/ispconfig/mail/lib/lang/en_mail_user.lng I started to have problems.

    But anyway I came back to the old file and I still have this problem... :confused:
     
  5. voltron81

    voltron81 New Member

    I'm just realize that into the mail.log, once that I reboot the server, I can see this error:
    Code:
    spamd[2258]: dns: sendto() failed: Operation not permitted at /usr/share/perl5/Mail/SpamAssassin/DnsResolver.pm line 395.
    
    :eek:
     
  6. till

    till Super Moderator

    Editing the .lng file is not related to your problems.

    The spamd error is a different problem too.

    Do you have the problem with all accounts or just one?

    Please post the content of the postfix master.cf and the output of:

    ls -la /var/vmail/
     
  7. voltron81

    voltron81 New Member

    Hi Till,
    It's look like a problem for all my accounts.
    The postfix of master.cf is:
    Code:
    #
    # Postfix master process configuration file.  For details on the format
    # of the file, see the master(5) manual page (command: "man 5 master").
    #
    # Do not forget to execute "postfix reload" after editing this file.
    #
    # ==========================================================================
    # service type  private unpriv  chroot  wakeup  maxproc command + args
    #               (yes)   (yes)   (yes)   (never) (100)
    # ==========================================================================
    smtp      inet  n       -       -       -       -       smtpd
    #submission inet n       -       -       -       -       smtpd
    #  -o smtpd_tls_security_level=encrypt
    #  -o smtpd_sasl_auth_enable=yes
    #  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    #  -o milter_macro_daemon_name=ORIGINATING
    #smtps     inet  n       -       -       -       -       smtpd
    #  -o smtpd_tls_wrappermode=yes
    #  -o smtpd_sasl_auth_enable=yes
    #  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    #  -o milter_macro_daemon_name=ORIGINATING
    #628      inet  n       -       -       -       -       qmqpd
    pickup    fifo  n       -       -       60      1       pickup
    cleanup   unix  n       -       -       -       0       cleanup
    qmgr      fifo  n       -       n       300     1       qmgr
    #qmgr     fifo  n       -       -       300     1       oqmgr
    tlsmgr    unix  -       -       -       1000?   1       tlsmgr
    rewrite   unix  -       -       -       -       -       trivial-rewrite
    bounce    unix  -       -       -       -       0       bounce
    defer     unix  -       -       -       -       0       bounce
    trace     unix  -       -       -       -       0       bounce
    verify    unix  -       -       -       -       1       verify
    flush     unix  n       -       -       1000?   0       flush
    proxymap  unix  -       -       n       -       -       proxymap
    proxywrite unix -       -       n       -       1       proxymap
    smtp      unix  -       -       -       -       -       smtp
    # When relaying mail as backup MX, disable fallback_relay to avoid MX loops
    relay     unix  -       -       -       -       -       smtp
            -o smtp_fallback_relay=
    #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
    showq     unix  n       -       -       -       -       showq
    error     unix  -       -       -       -       -       error
    retry     unix  -       -       -       -       -       error
    discard   unix  -       -       -       -       -       discard
    local     unix  -       n       n       -       -       local
    virtual   unix  -       n       n       -       -       virtual
    lmtp      unix  -       -       -       -       -       lmtp
    anvil     unix  -       -       -       -       1       anvil
    scache    unix  -       -       -       -       1       scache
    #
    # ====================================================================
    # Interfaces to non-Postfix software. Be sure to examine the manual
    # pages of the non-Postfix software to find out what options it wants.
    #
    # Many of the following services use the Postfix pipe(8) delivery
    # agent.  See the pipe(8) man page for information about ${recipient}
    # and other message envelope options.
    # ====================================================================
    #
    # maildrop. See the Postfix MAILDROP_README file for details.
    # Also specify in main.cf: maildrop_destination_recipient_limit=1
    #
    maildrop  unix  -       n       n       -       -       pipe
      flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail ${extension} ${recipient} ${user} ${nexthop} ${sender}
    #
    # See the Postfix UUCP_README file for configuration details.
    #
    uucp      unix  -       n       n       -       -       pipe
      flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
    #
    # Other external delivery methods.
    #
    ifmail    unix  -       n       n       -       -       pipe
      flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
    bsmtp     unix  -       n       n       -       -       pipe
      flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
    scalemail-backend unix  -       n       n       -       2       pipe
      flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
    mailman   unix  -       n       n       -       -       pipe
      flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
      ${nexthop} ${user}
    
    
    amavis unix - - - - 2 smtp
            -o smtp_data_done_timeout=1200
            -o smtp_send_xforward_command=yes
    
    127.0.0.1:10025 inet n - - - - smtpd
            -o content_filter=
            -o local_recipient_maps=
            -o relay_recipient_maps=
            -o smtpd_restriction_classes=
            -o smtpd_client_restrictions=
            -o smtpd_helo_restrictions=
            -o smtpd_sender_restrictions=
            -o smtpd_recipient_restrictions=permit_mynetworks,reject
            -o mynetworks=127.0.0.0/8
            -o strict_rfc821_envelopes=yes
            -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
            -o smtpd_bind_address=127.0.0.1
    
    And the output of ls -la /var/vmail/ is:
    Code:
    drwxr-xr-x 15 vmail vmail   4096 2009-10-28 16:28 .
    drwxr-xr-x 15 root  root     150 2009-10-27 15:48 ..
    -rw-r--r--  1 root  root     220 2009-10-27 17:37 .bash_logout
    -rw-r--r--  1 vmail vmail   3116 2009-10-27 17:37 .bashrc
    -rw-------  1 root  root    1710 2009-10-28 16:27 .mailfilter
    drwxr-xr-x  3 root  root    4096 2009-10-28 14:06 mailfilters
    -rw-r--r--  1 root  root     675 2009-10-27 17:37 .profile
    drwx------  3 vmail vmail   4096 2009-10-28 14:54 domains
    
     
  8. voltron81

    voltron81 New Member

    And the errors that I have when I reboot the server are:

    Code:
    Oct 29 09:27:43 srv3 spamd[2221]: logger: removing stderr method
    Oct 29 09:27:44 srv3 spamd[2271]: dns: sendto() failed: Operation not permitted at /usr/share/perl5/Mail/SpamAssassin/DnsResolver.pm line 395.
    Oct 29 09:27:46 srv3 authdaemond: modules="authmysql", daemons=5
    Oct 29 09:27:46 srv3 authdaemond: Installing libauthmysql
    Oct 29 09:27:46 srv3 authdaemond: Installation complete: authmysql
    Oct 29 09:27:47 srv3 postfix/master[2944]: daemon started -- version 2.5.5, configuration /etc/postfix
    Oct 29 09:27:48 srv3 postfix/qmgr[2961]: 259542528: from=<michele@xxxx.com>, size=1381, nrcpt=1 (queue active)
    Oct 29 09:27:48 srv3 spamd[2271]: spamd: server started on port 783/tcp (running version 3.2.5)
    Oct 29 09:27:48 srv3 spamd[2271]: spamd: server pid: 2271
    Oct 29 09:27:48 srv3 spamd[2271]: spamd: server successfully spawned child process, pid 3014
    Oct 29 09:27:48 srv3 spamd[2271]: spamd: server successfully spawned child process, pid 3015
    Oct 29 09:27:48 srv3 spamd[2271]: prefork: child states: II
    Oct 29 09:27:48 srv3 maildrop[2991]: Unable to open filter file, errno=13.
    
    Thanks

    Michele
     
  9. till

    till Super Moderator

    Please run:

    chown vmail:vmail /var/vmail/.mailfilter
     
  10. voltron81

    voltron81 New Member

    Thanks Till, now the emails are working.
    Unfortunately I still have this error:
    Code:
    spamd[2263]: dns: sendto() failed: Operation not permitted at /usr/share/perl5/Mail/SpamAssassin/DnsResolver.pm line 395.
    
    Any idea?

    Anyway it's strange because it was working fine till yesterday morning and the other server (the replication) don't have this problem...

    Thanks
    Michele
     
  11. voltron81

    voltron81 New Member

    A fast upgrade:
    I did a diagnostic test here: http://www.mxtoolbox.com/diagnostic.aspx and this is the result:
    Not an open relay.
    0 seconds - Good on Connection time
    0.593 seconds - Good on Transaction time
    OK - xxx.xxx.xxx.xxx resolves to
    Warning - Reverse DNS does not match SMTP Banner


    I've the same result also if I test the other server...
    It's look like a Reverse DNS problem... but if I'm going to http://remote.12dt.com/ and I test the IP of the servers, I've the reverse DNS...
    I had a look into the file /etc/resolv.conf and it's setup by the provider...
    :confused:
     
    Last edited: Oct 29, 2009
  12. voltron81

    voltron81 New Member

    Sorry if I write again another post, but I've reboot both servers and this are the differences in the inizialization:

    MASTER SERVER(the one with the error)
    Code:
    spamd[2224]: logger: removing stderr method
    [U]spamd[2273]: dns: sendto() failed: Operation not permitted at /usr/share/perl5/Mail/SpamAssassin/DnsResolver.pm line 395.[/U]
    authdaemond: modules="authmysql", daemons=5
    authdaemond: Installing libauthmysql
    authdaemond: Installation complete: authmysql
    

    BACKUP SERVER

    Code:
     spamd[2247]: logger: removing stderr method
    spamd[2267]: spamd: server started on port 783/tcp (running version 3.2.5)
    spamd[2267]: spamd: server pid: 2267
    spamd[2267]: spamd: server successfully spawned child process, pid 2535
    spamd[2267]: spamd: server successfully spawned child process, pid 2536
    spamd[2267]: prefork: child states: II
    authdaemond: modules="authmysql", daemons=5
    authdaemond: Installing libauthmysql
    authdaemond: Installation complete: authmysql
    
     
  13. voltron81

    voltron81 New Member

    I can see that if I receive an email, it's look like amavis doesn't check the spam, because in thel log there is:
    Code:
    postfix/cleanup[3794]: 26F25251B: message-id=<XXX@XXX>
    postfix/qmgr[2945]: XXX: from=<XXX@XXX.com>, size=7171, nrcpt=1 (queue active)
    amavis[2222]: (02222-01) [U]Passed CLEAN[/U], [xxx.xxx.xxx.xxx] [xxx.xxx.xxx.xxx] <xxxxx@xxxxxx.com> -> <xxxxx@xxxxxx.com>, Message-ID: <xxxxx@xxxxx>, mail_id: xxxxx, Hits: 0.179, size: 6694, queued_as: 26F2525xx, 743 ms
    postfix/smtp[3795]: 1E4A82xxx: to=<xxxx@xxx.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.1, delays=0.34/0.03/0.02/0.74, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=02222-01, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 26F252xxx)
    postfix/qmgr[2945]: 1E4A8xxxx: removed
    postfix/pipe[3801]: 26F2xxx: to=<xxxx@xxxx.com>, relay=maildrop, delay=0.49, delays=0.01/0.03/0/0.45, dsn=2.0.0, status=sent (delivered via maildrop service)
    postfix/qmgr[2945]: 26Fxxxx: removed
    
    Any idea?
     
  14. till

    till Super Moderator

    Passed clean means that amavisd checked your message successfully and found it to be not spam.
     
  15. voltron81

    voltron81 New Member

    Ok but how can I check the level spam values that spamassassin gave to the email received?

    What do you think about the other problem that I explained before?

    Thanks a lot Till
    Michele
     
  16. voltron81

    voltron81 New Member

    Ok last upgrade of the day.
    The ploblem of ReverseDNS was a my fault: I did't setup properly it with my ISP, now it's solved (I've passed also the test http://www.mxtoolbox.com/diagnostic.aspx)

    But unfortunately I still have this error on the mail.log, once that I reboot the server:
    Code:
    spamd[2253]: dns: sendto() failed: Operation not permitted at /usr/share/perl5/Mail/SpamAssassin/DnsResolver.pm line 395.
    :cool:
     
  17. till

    till Super Moderator

    The sendo() failure can be cuased by a firewall that blocks dns connections. Have you tried to disable the firewall temporarily?
     
  18. voltron81

    voltron81 New Member

    Hi Till,
    you're right. I've disabled the ISPConfig Firewall and the error disappear...
    The strange thing is that the other server, with the replication also of firewall rules, have not errors...

    Do you know which port I've to oper to avoid this error?
    The firewall rules that I was using was the one by default of ISPConfig (20,21,22,25,53,80,110,143,443,3306,8080,10000)

    Thanks
    MiK

    PS: anyway it's normal that in the mail.log I can not read the spam level that spamassassin gave to every incoming email?
     
  19. till

    till Super Moderator

    Please try to stop fail2ban and then start the firewall again and check if it still works.

    This might depend on two things:

    1) Set the spam tag level to 0 or even -100 in the rules you use. (just the tag level, not the tag2 level).

    2) The loglevel in the amavisd.conf file (or on debian in the 50-user file inside the amvisd directory).
     
  20. voltron81

    voltron81 New Member

    Ok if I stop fail2ban and after I active the firewall rules of ISPConfig, how can I check if I haven't that error if I saw this error in the initialization phase just after a reboot?

    For the second point: I've solve it setting a log_level=4 in /etc/amavis/conf.d/50-user

    thanks a lot
    Michele
     

Share This Page