1 (edited by nowhere99 2019-10-04 10:55:41)

Topic: mail server suddenly stopped receiving

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): v0.9.8
- Deployed with iRedMail Easy or the downloadable installer? downloaded installer, upgraded many times
- Linux/BSD distribution name and version: Ubuntu server 18.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
====
On 9/27 all accounts stopped receiving mail (of course while I was out of town and of course openvpn-as didn't work due to an upgrade so I've been without email since). Looks like it won't send either. I can log into the admin dashboard page, imap is working fine (moving messages etc). Sogo, Roundcube all see current mail but won't send or receive any new. Here's some interesting example error messages:

mx postfix/postscreen[5892]: fatal: error [-30986] seeking /var/lib/postfix/postscreen_cache.db: Success
mx systemd-resolved[1312]: Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP
mx postfix/smtp[5772]: B182D60657: to=<ebounce@neon.infotraxsys.com>, relay=none, delay=6794, delays=6763/0.02/30/0, dsn=4.4.1, status=deferred (connect to neon.infotraxsys.com[97.75.160.143]:25: Connection timed out)
mx postfix/master[4575]: warning: process /usr/lib/postfix/sbin/postscreen pid 5515 exit status 1
service postfix status
postfix.service - Postfix Mail Transport Agent
Loaded: loaded (/lib/systemd/system/postfix.service; enabled; vendor preset: enabled)
Active: active (exited) since Thu 2019-10-03 17:30:02 MST; 31min ago
Process: 4578 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
Main PID: 4578 (code=exited, status=0/SUCCESS)
Oct 03 17:30:02 mx systemd[1]: Starting Postfix Mail Transport Agent...
Oct 03 17:30:02 mx systemd[1]: Started Postfix Mail Transport Agent.

postfix check gives me this...

/usr/sbin/postconf: warning: mysql:/etc/postfix/mysql/sender_dependent_relayhost_maps.cf: unused parameter: port=3306
/usr/sbin/postconf: warning: mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf: unused parameter: port=3306
/usr/sbin/postconf: warning: mysql:/etc/postfix/mysql/transport_maps_user.cf: unused parameter: port=3306
/usr/sbin/postconf: warning: mysql:/etc/postfix/mysql/transport_maps_domain.cf: unused parameter: port=3306
/usr/sbin/postconf: warning: mysql:/etc/postfix/mysql/transport_maps_maillist.cf: unused parameter: port=3306
/usr/sbin/postconf: warning: mysql:/etc/postfix/mysql/virtual_mailbox_domains.cf: unused parameter: port=3306
/usr/sbin/postconf: warning: mysql:/etc/postfix/mysql/virtual_alias_maps.cf: unused parameter: port=3306
/usr/sbin/postconf: warning: mysql:/etc/postfix/mysql/domain_alias_maps.cf: unused parameter: port=3306
/usr/sbin/postconf: warning: mysql:/etc/postfix/mysql/catchall_maps.cf: unused parameter: port=3306
/usr/sbin/postconf: warning: mysql:/etc/postfix/mysql/domain_alias_catchall_maps.cf: unused parameter: port=3306
/usr/sbin/postconf: warning: mysql:/etc/postfix/mysql/sender_bcc_maps_user.cf: unused parameter: port=3306
/usr/sbin/postconf: warning: mysql:/etc/postfix/mysql/sender_bcc_maps_domain.cf: unused parameter: port=3306
/usr/sbin/postconf: warning: mysql:/etc/postfix/mysql/recipient_bcc_maps_user.cf: unused parameter: port=3306
/usr/sbin/postconf: warning: mysql:/etc/postfix/mysql/recipient_bcc_maps_domain.cf: unused parameter: port=3306
/usr/sbin/postconf: warning: mysql:/etc/postfix/mysql/relay_domains.cf: unused parameter: port=3306
/usr/sbin/postconf: warning: mysql:/etc/postfix/mysql/sender_login_maps.cf: unused parameter: port=3306
.... a lot more of these
postfix/postfix-script: warning: /var/spool/postfix/etc/ssl/certs/ca-certificates.crt and /etc/ssl/certs/ca-certificates.crt differ

Troubleshooting I've:
o updated letsencrypt certs, they seem fine
o updated system and rebooted

UPDATE:
Looks like the NXDOMAIN error is an Ubuntu 18.04 bug, specific to that dist. Most say ignore it...

Don't know what else to do. A little help please?
Thanks!

2

Re: mail server suddenly stopped receiving

To avoid the warning, you can remove all "port =" lines in /etc/postfix/mysql/*.cf. It' safe to ignore, but it doesn't cause the mail sending/receiving issue.

It seems your ISP or network provider blocks port 25? Any error in Postfix log file /var/log/maillog?

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

3

Re: mail server suddenly stopped receiving

Sure enough. My ISP started blocking port 25 on my business line on 9/27 for an unknown reason. I had them unlock it but it may take a while to propagate (where I'm not sure, but OK). I'll post a the final word if this fixes it. So far connections are still refused...

Oct  5 16:30:02 mx postfix/qmgr[1676]: 1324F6092F: from=<redacted@somehwere.net>, size=602, nrcpt=1 (queue active)
Oct  5 16:30:02 mx postfix/submission/smtpd[2267]: disconnect from _gateway[192.168.0.2] ehlo=2 starttls=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=8
Oct  5 16:30:02 mx postfix/smtp-amavis/smtp[2281]: connect to 127.0.0.1[127.0.0.1]:10026: Connection refused
Oct  5 16:30:02 mx postfix/smtp-amavis/smtp[2281]: 1324F6092F: to=<redacted@somehwere..net>, relay=none, delay=0.04, delays=0.03/0.01/0/0, dsn=4.4.1, status=deferred (connect to 127.0.0.1[127.0.0.1]:10026: Connection refused)

4 (edited by nowhere99 2019-10-06 23:35:52)

Re: mail server suddenly stopped receiving

Port's open again but something is still wrong. The above connection refused errors are still showing in mail.log. Checked the router and 25 is still forwarded to this machine.

Also, is amavis running correctly?

sudo service amavis status
● amavis.service - LSB: Starts amavisd-new mailfilter
   Loaded: loaded (/etc/init.d/amavis; generated)
   Active: active (exited) since Sat 2019-10-05 17:38:00 MST; 20min ago
     Docs: man:systemd-sysv-generator(8)
    Tasks: 0 (limit: 4915)
   CGroup: /system.slice/amavis.service

Oct 05 17:38:00 mx amavis[3388]: No ext program for   .iso, tried: 7z
Oct 05 17:38:00 mx amavis[3388]: No decoder for       .F
Oct 05 17:38:00 mx amavis[3388]: No decoder for       .iso
Oct 05 17:38:00 mx amavis[3388]: No decoder for       .jar
Oct 05 17:38:00 mx amavis[3388]: No decoder for       .lha
Oct 05 17:38:00 mx amavis[3388]: No decoder for       .lrz
Oct 05 17:38:00 mx amavis[3388]: No decoder for       .swf
Oct 05 17:38:00 mx amavis[3388]: No decoder for       .zoo
Oct 05 17:38:00 mx amavis[3388]: Using primary internal av scanner code for ClamAV-clamd
Oct 05 17:38:00 mx amavis[3388]: Found secondary av scanner ClamAV-clamscan at /usr/bin/clamscan

ps -aux|grep amavis
XXXXXXXX  4454  0.0  0.0  14428  1004 pts/0    S+   17:59   0:00 grep --color=auto amavis

These are the only other errors I can find

ct  6 08:31:40 mx postfix/submission/smtpd[2559]: warning: hostname EA3500Router does not resolve to address 192.168.0.2: Temporary failure in name resolution
Oct  6 08:31:40 mx postfix/submission/smtpd[2559]: connect from unknown[192.168.0.2]
Oct  6 08:31:40 mx postfix/submission/smtpd[2559]: Anonymous TLS connection established from unknown[192.168.0.2]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
Oct  6 08:31:41 mx postfix/submission/smtpd[2559]: 3F79D60D42: client=unknown[192.168.0.2], sasl_method=PLAIN, sasl_username=redacted@redacted.net
Oct  6 08:31:41 mx postfix/cleanup[2571]: 3F79D60D42: message-id=<4596b608-bce4-1f5e-c4d3-c7d8d9a531de@redacted.net>
Oct  6 08:31:41 mx postfix/qmgr[1621]: 3F79D60D42: from=<redacted@redacted.net>, size=607, nrcpt=1 (queue active)
Oct  6 08:31:41 mx postfix/submission/smtpd[2559]: disconnect from unknown[192.168.0.2] ehlo=2 starttls=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=8
Oct  6 08:31:41 mx postfix/smtp-amavis/smtp[2576]: connect to 127.0.0.1[127.0.0.1]:10026: Connection refused
Oct  6 08:31:41 mx postfix/smtp-amavis/smtp[2576]: 3F79D60D42: to=<redacted@redacted.net>, relay=none, delay=0.12, delays=0.11/0.01/0/0, dsn=4.4.1, status=deferred (connect to 127.0.0.1[127.0.0.1]:10026: Connection refused)

5 (edited by nowhere99 2019-10-06 23:48:48)

Re: mail server suddenly stopped receiving

One more piece of info, which shouldn't matter, is that I resized the root partition this system is  on. The VM was running low on space so I resized vdisk and grew it's LVM. I don't think this corresponds very well with the time the server quit sending/receiving mail tho.

6

Re: mail server suddenly stopped receiving

nowhere99 wrote:

One more piece of info, which shouldn't matter, is that I resized the root partition this system is  on. The VM was running low on space so I resized vdisk and grew it's LVM. I don't think this corresponds very well with the time the server quit sending/receiving mail tho.

"amavis" service is not running, please restart it and try again.

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee