SpamSnake - Ubuntu 12.04 - Greyfix crashing and other unknowns

Discussion in 'HOWTO-Related Questions' started by huey23, Feb 11, 2013.

  1. huey23

    huey23 New Member

    Hello,

    This has been my first successful setup of a Buruwa front-end server. This has also worked well with everything in place for a couple of weeks. Although, I have had a nagging problem that SEEMS to stem from Greyfix. Let me mention that this is the first time I have gotten this to work as well. With all that being said, I would like to fix the issue and not disable Greyfix, if possible.

    Setup
    VM on VMware ESXi 5.1
    Ubuntu 12.04 LTS
    Mailscanner 4.84.5-3
    Greyfix 0.3.9
    Baruwa 1.1.2-4
    Postfix 2.9.3


    Code:
    Feb 11 09:04:41 spam1 postfix/spawn[25348]: warning: /usr/local/sbin/greyfix: process id 25350: command time limit exceeded
    Feb 11 09:04:41 spam1 postfix/spawn[25351]: warning: /usr/local/sbin/greyfix: process id 25353: command time limit exceeded
    Feb 11 09:05:20 spam1 postfix/smtpd[25912]: warning: problem talking to server private/greyfix: Connection timed out
    Feb 11 09:09:35 spam1 postfix/smtpd[25985]: warning: problem talking to server private/greyfix: Connection timed out
    Feb 11 09:09:35 spam1 postfix/smtpd[25985]: NOQUEUE: reject: RCPT from unknown[94.236.241.35]: 451 4.3.5 Server configuration problem; from=<nocost.trials@whissa.us> to=<mstruck@mydomain.tld> proto=ESMTP helo=<support.whissa.us>
    Feb 11 09:43:52 spam1 postfix/smtpd[25977]: warning: connect to private/greyfix: Resource temporarily unavailable
    Feb 11 09:43:52 spam1 postfix/smtpd[25977]: warning: problem talking to server private/greyfix: Resource temporarily unavailable
    I am also receiving 'Other Bad Content Detected' subject messages with this in the information section: Report: MailScanner: Message attempted to kill MailScanner

    This whole process seems to lock up the entire machine. After logging into the machine I am able to type reboot now but nothing happens. I have to do a hard shutdown and after the machine comes back up I run this:

    Code:
    cd /var/lib/greyfix/
    /etc/init.d/postfix stop
    rm __db.00*
    /etc/init.d/postfix start
    Postfix main.cf
    Code:
    smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unknown_recipient_domain, reject_unauth_destination, check_client_access hash:/etc/postfix/whitelist_ip, whitelist_policy, grey_policy, reject_rbl_client b.barracudacentral.org, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, permit
    smtpd_data_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_pipelining
    smtpd_restriction_classes = grey_policy, whitelist_policy
    grey_policy = check_policy_service unix:private/greyfix

    It seems to run fine for the next couple of days and then it starts all over again.

    I am not sure that I am on the correct path with Greyfix being the problem. After searching around I see that it may be clamav as the issue but I do not see anything indicating that in the logs.

    Any help is appreciated.
     
  2. huey23

    huey23 New Member

    Here is something that I did find from user 'atran' on page 3 of this post

    I noticed that my /usr/sbin/fuzzy-cleanmysql would hang and my CPU would jump WAY up when trying to run. I added the <CONFIG> to the while loop and it runs without a hitch. I also check the Hash and Safe tables after the script running and I noticed that the tables were smaller.

    This may have been the issue but I would still like an explanation on the Greyfix error above. Although, it may be related to the while loop in /usr/sbin/fuzzy-cleanmysql.
     
  3. huey23

    huey23 New Member

    I am still having the problem. Could someone help me out on this? I don't want to disable greyfix because it works well, except for once a week (or so) this happens. It seems as if the Greyfix DB is getting full or corrupted and the only way to fix the errors I see below is:


    Code:
    cd /var/lib/greyfix/
    /etc/init.d/postfix stop
    rm __db.00*
    /etc/init.d/postfix start
    Code:
    Feb 18 13:00:03 spam1 postfix/smtpd[12631]: warning: connect to private/greyfix: Resource temporarily unavailable
    Feb 18 13:00:03 spam1 postfix/smtpd[12631]: warning: problem talking to server private/greyfix: Resource temporarily unavailable
    Feb 18 13:00:04 spam1 postfix/smtpd[12631]: warning: connect to private/greyfix: Resource temporarily unavailable
    Feb 18 13:00:04 spam1 postfix/smtpd[12631]: warning: problem talking to server private/greyfix: Resource temporarily unavailable
    master.cf
    Code:
    greyfix    unix  -        n       n       -        -       spawn
       user=nobody  argv=/usr/local/sbin/greyfix   --greylist-delay 60  -/ 24
    main.cf
    Code:
    smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unknown_recipient_domain, reject_unauth_destination, check_client_access hash:/etc/postfix/whitelist_ip, whitelist_policy, grey_policy, reject_rbl_client b.barracudacentral.org, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, permit
    smtpd_data_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_pipelining
    smtpd_restriction_classes = grey_policy, whitelist_policy
    #spf_policy = check_policy_service unix:private/policy
    grey_policy = check_policy_service unix:private/greyfix
    Code:
    root@spam1:# which greyfix
    /usr/local/sbin/greyfix
    
     
  4. huey23

    huey23 New Member

    OK, I think I have narrowed down the issue to the startup script. The problem is this:

    When I run "/etc/init.d/mailscanner restart" I get the message "None found, None killed". Even though it didn't kill the running MailScanner tasks, it starts new ones. Therefore, after a week of that and a restart every night during a specific cron job, on Sunday I have about 20-30 MailScanner processes running which is tearing up the memory and CPU.

    What I am seeing is that I am unable to run any "kill" or "killall" commands on the MailScanner processes. I am always getting "no process found".

    Does this tut need a new start-stop script? If so, where would I find that?
     
  5. Rocky

    Rocky New Member

  6. huey23

    huey23 New Member

    Rocky,

    Thanks for the read. I confirm that I do have perl 5.14.2 and it is probably the issue. Should the tutorial be changed to either

    1) Downgrade the version of perl
    OR
    2) Change the /etc/init.d/mailscanner script to apply the differences

    I think I am going to change my script to apply the differences and see if that helps.
     
  7. huey23

    huey23 New Member

    Thanks Rocky! Great help and great tutorial, as always.

    I got it to work by tweaking the script /etc/init.d/mailscanner

    Here is what I did:

    1) Look in MailScanner.conf and find the line that says "PID file" and copy the PID file and location.
    2) Define the variable "PIDFILE" after "CONFFILE" with your PID file location. Mine looks like this but ymmv
    Code:
    CONFFILE=/opt/MailScanner/etc/MailScanner.conf
    PIDFILE=/opt/MailScanner/var/MailScanner.pid

    3) Comment out this line
    Code:
    start-stop-daemon --start --quiet --startas $STARTAS --name $NAME --test > /dev/null \
    4) Add this line right below it
    Code:
    start-stop-daemon --start --quiet --startas $STARTAS  --pidfile "$PIDFILE" --test > /dev/null \
    5) Comment out this line
    Code:
    start-stop-daemon --start --quiet --nicelevel $run_nice --chuid postfix:celeryd --exec $DAEMON --name $NAME -- $DAEMON_ARGS \
    6) Add this line right below that
    Code:
    start-stop-daemon --start --quiet --nicelevel $run_nice --chuid postfix:celeryd --exec $DAEMON  --pidfile "$PIDFILE" -- $DAEMON_ARGS \
    7) Comment out this line
    Code:
    start-stop-daemon --stop --retry=TERM/30 --name $NAME
    8) Add this line right below that
    Code:
    start-stop-daemon --stop --retry=TERM/30 --pidfile "$PIDFILE"
    9) Finally, comment out this line
    Code:
    start-stop-daemon --stop --signal 1 --quiet --name $NAME
    10) And add this line right below that
    Code:
    start-stop-daemon --stop --signal 1 --quiet --pidfile "$PIDFILE"
    Here is the contents of my updated, working startup script for those of you who do not have it working
    #! /bin/sh
    ### BEGIN INIT INFO
    # Provides: MailScanner daemon
    # Required-Start: $local_fs $remote_fs
    # Required-Stop: $local_fs $remote_fs
    # Default-Start: 2 3 4 5
    # Default-Stop: 0 1 6
    # Short-Description: Controls mailscanner instances
    # Description: MailScanner is a queue-based spam/virus filter
    ### END INIT INFO
    # Author: Simon Walter <simon.walter@hp-factory.de>
    # PATH should only include /usr/* if it runs after the mountnfs.sh script
    PATH=/usr/sbin:/usr/bin:/bin:/sbin:/opt/MailScanner/bin
    DESC="mail spam/virus scanner"
    NAME=MailScanner
    PNAME=mailscanner
    DAEMON=/opt/MailScanner/bin/$NAME
    STARTAS=MailScanner
    SCRIPTNAME=/etc/init.d/$PNAME
    CONFFILE=/opt/MailScanner/etc/MailScanner.conf
    PIDFILE=/opt/MailScanner/var/MailScanner.pid
    # Exit if the package is not installed
    [ -x "$DAEMON" ] || exit 0
    run_nice=0
    stopped_lockfile=/var/lock/subsys/MailScanner.off
    # Read configuration variable file if it is present
    [ -r /etc/default/$PNAME ] && . /etc/default/$PNAME
    # Load the VERBOSE setting and other rcS variables
    . /lib/init/vars.sh
    # Define LSB log_* functions.
    # Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
    . /lib/lsb/init-functions
    # sanity check for permissions
    fail()
    {
    echo >&2 "$0: $1"
    exit 1
    }
    check_dir()
    {
    if [ ! -d $1 ]; then
    mkdir -p "$1" || \
    fail "directory $1: does not exist and cannot be created"
    fi
    actual="$(stat -c %U $1)"
    if [ "$actual" != "$2" ]; then
    chown -R "$2" "$1" || \
    fail "directory $1: wrong owner (expected $2 but is $actual)"
    fi
    actual="$(stat -c %G $1)"
    if [ "$actual" != "$3" ]; then
    chgrp -R "$3" "$1" || \
    fail "directory $1: wrong group (expected $3 but is $actual)"
    fi
    }
    user=$(echo $(awk -F= '/^Run As User/ {print $2; exit}' $CONFFILE))
    group=$(echo $(awk -F= '/^Run As Group/ {print $2; exit}' $CONFFILE))
    check_dir /var/spool/MailScanner ${user:postfix} ${group:-celeryd}
    check_dir /var/lib/MailScanner ${user:postfix} ${group:-celeryd}
    check_dir /var/run/MailScanner ${user:postfix} ${group:-celeryd}
    check_dir /var/lock/subsys ${user:-root} ${group:-root} #Required to Create Folder
    #check_dir /var/lock/subsys ${user:postfix} ${group:-celeryd} #Required to Create Folder
    check_dir /var/lock/subsys/MailScanner ${user:postfix} ${group:-celeryd}
    #
    # Function that starts the daemon/service
    #
    do_start()
    {
    # Return
    # 0 if daemon has been started
    # 1 if daemon was already running
    # 2 if daemon could not be started
    # start-stop-daemon --start --quiet --startas $STARTAS --name $NAME --test > /dev/null \
    start-stop-daemon --start --quiet --startas $STARTAS --pidfile "$PIDFILE" --test > /dev/null \
    || return 1
    # start-stop-daemon --start --quiet --nicelevel $run_nice --chuid postfix:celeryd --exec $DAEMON --name $NAME -- $DAEMON_ARGS \
    start-stop-daemon --start --quiet --nicelevel $run_nice --chuid postfix:celeryd --exec $DAEMON --pidfile "$PIDFILE" -- $DAEMON_ARGS \
    || return 2
    # Add code here, if necessary, that waits for the process to be ready
    # to handle requests from services started subsequently which depend
    # on this one. As a last resort, sleep for some time.
    # Set lockfile to inform cronjobs about the running daemon
    RETVAL="$?"
    if [ $RETVAL -eq 0 ]; then
    touch /var/lock/subsys/mailscanner
    rm -f $stopped_lockfile
    fi
    if [ $RETVAL -eq 0 ]; then
    echo "MailScanner Started"
    fi
    }
    #
    # Function that stops the daemon/service
    #
    do_stop()
    {
    # Return
    # 0 if daemon has been stopped
    # 1 if daemon was already stopped
    # 2 if daemon could not be stopped
    # other if a failure occurred
    # start-stop-daemon --stop --retry=TERM/30 --name $NAME
    start-stop-daemon --stop --retry=TERM/30 --pidfile "$PIDFILE"
    RETVAL="$?"
    [ "$RETVAL" = 2 ] && return 2
    # Remove lockfile for cronjobs
    if [ $RETVAL -eq 0 ]; then
    rm -f /var/lock/subsys/mailscanner
    touch $stopped_lockfile
    fi
    if [ $RETVAL -eq 0 ]; then
    echo "MailScanner Stopped"
    fi
    }
    #
    # Function that sends a SIGHUP to the daemon/service
    #
    do_reload() {
    # start-stop-daemon --stop --signal 1 --quiet --name $NAME
    start-stop-daemon --stop --signal 1 --quiet --pidfile "$PIDFILE"
    return 0
    }
    case "$1" in
    start)
    [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
    do_start
    case "$?" in
    0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
    2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
    esac
    ;;
    stop)
    [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
    do_stop
    case "$?" in
    0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
    2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
    esac
    ;;
    restart|force-reload)
    #
    # If the "reload" option is implemented then remove the
    # 'force-reload' alias
    #
    log_daemon_msg "Restarting $DESC" "$NAME"
    do_stop
    case "$?" in
    0|1)
    do_start
    case "$?" in
    0) log_end_msg 0 ;;
    1) log_end_msg 1 ;; # Old process is still running
    *) log_end_msg 1 ;; # Failed to start
    esac
    ;;
    *)
    # Failed to stop
    log_end_msg 1
    ;;
    esac
    ;;
    *)
    echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
    exit 3
    ;;
    esac
    exit 0
     

Share This Page