Topic: No Email cannot receive or send ( HELP )
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.2.1 MARIADB edition
- the downloadable installer
- Linux/BSD distribution name and version: Ubuntu 20.04.1 LTS
- Store mail accounts in which backend? MySQL
- Web server? Nginx
- Manage mail accounts with iRedAdmin
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
netstat -tlpn | grep 5
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 835/nginx: master p
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 612/systemd-resolve
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 835/nginx: master p
tcp 0 0 127.0.0.1:8125 0.0.0.0:* LISTEN 1509/netdata
tcp 0 0 127.0.0.1:19999 0.0.0.0:* LISTEN 1509/netdata
tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 661/dovecot
tcp6 0 0 :::80 :::* LISTEN 835/nginx: master p
tcp6 0 0 :::443 :::* LISTEN 835/nginx: master p
tcp6 0 0 ::1:8125 :::* LISTEN 1509/netdata
tcp6 0 0 :::995 :::* LISTEN 661/dovecot
nmap scan
Starting Nmap 7.80 ( https://nmap.org ) at 2020-10-27 04:17 UTC
Nmap scan report for scan (25.xx.xx.xx)
Host is up (0.00050s latency).
rDNS record for 25.xx.xx.xx
Not shown: 996 closed ports
PORT STATE SERVICE
53/tcp open domain
1723/tcp open pptp
2000/tcp open cisco-sccp
8291/tcp open unknown
tail -f /var/log/maillog
Oct 27 03:50:11 mail amavis-mc[1627]: Process [1926] started: /usr/sbin/amavis-services msg-forwarder
Oct 27 03:50:11 mail amavis-mc[1627]: Process [1927] started: /usr/sbin/amavis-services childproc-minder
Oct 27 03:50:11 mail amavis-mc[1627]: Process [1928] started: /usr/sbin/amavis-services snmp-responder
Oct 27 03:50:12 mail amavis-mc[1627]: Process [1926] exited (/usr/sbin/amavis-services msg-forwarder) after 1.4 s: exit 2
Oct 27 03:50:12 mail amavis-mc[1627]: Exceeded restart count, giving up on (/usr/sbin/amavis-services msg-forwarder)
Oct 27 03:50:12 mail amavis-mc[1627]: Process [1927] exited (/usr/sbin/amavis-services childproc-minder) after 1.7 s: exit 2
Oct 27 03:50:12 mail amavis-mc[1627]: Exceeded restart count, giving up on (/usr/sbin/amavis-services childproc-minder)
Oct 27 03:50:13 mail amavis-mc[1627]: Process [1928] exited (/usr/sbin/amavis-services snmp-responder) after 2.0 s: exit 2
Oct 27 03:50:13 mail amavis-mc[1627]: Exceeded restart count, giving up on (/usr/sbin/amavis-services snmp-responder)
Oct 27 03:50:20 mail postfix/postqueue[1939]: fatal: Queue report unavailable - mail system is down
tail -f /var/log/dovecot/dovecot.log.1
Oct 25 14:16:20 mail dovecot: master: Dovecot v2.3.7.2 (3c910f64b) starting up for pop3, imap, sieve, lmtp (core dumps disabled)
tail -f /var/log/dovecot/dovecot.log
Oct 27 01:54:32 mail dovecot: master: Dovecot v2.3.7.2 (3c910f64b) starting up for pop3, imap, sieve, lmtp (core dumps disabled)
Oct 27 03:47:46 mail dovecot: master: Dovecot v2.3.7.2 (3c910f64b) starting up for pop3, imap, sieve, lmtp (core dumps disabled)
tail -f /var/log/mail.log
Oct 27 03:50:11 mail amavis-mc[1627]: Process [1926] started: /usr/sbin/amavis-services msg-forwarder
Oct 27 03:50:11 mail amavis-mc[1627]: Process [1927] started: /usr/sbin/amavis-services childproc-minder
Oct 27 03:50:11 mail amavis-mc[1627]: Process [1928] started: /usr/sbin/amavis-services snmp-responder
Oct 27 03:50:12 mail amavis-mc[1627]: Process [1926] exited (/usr/sbin/amavis-services msg-forwarder) after 1.4 s: exit 2
Oct 27 03:50:12 mail amavis-mc[1627]: Exceeded restart count, giving up on (/usr/sbin/amavis-services msg-forwarder)
Oct 27 03:50:12 mail amavis-mc[1627]: Process [1927] exited (/usr/sbin/amavis-services childproc-minder) after 1.7 s: exit 2
Oct 27 03:50:12 mail amavis-mc[1627]: Exceeded restart count, giving up on (/usr/sbin/amavis-services childproc-minder)
Oct 27 03:50:13 mail amavis-mc[1627]: Process [1928] exited (/usr/sbin/amavis-services snmp-responder) after 2.0 s: exit 2
Oct 27 03:50:13 mail amavis-mc[1627]: Exceeded restart count, giving up on (/usr/sbin/amavis-services snmp-responder)
Oct 27 03:50:20 mail postfix/postqueue[1939]: fatal: Queue report unavailable - mail system is down
tail -f /var/log/mail.log.1
Oct 25 14:18:37 mail amavis-mc[1681]: Exceeded restart count, giving up on (/usr/sbin/amavis-services childproc-minder)
Oct 25 14:18:37 mail amavis-mc[1681]: Process [2035] exited (/usr/sbin/amavis-services msg-forwarder) after 1.6 s: exit 2
Oct 25 14:18:37 mail amavis-mc[1681]: Exceeded restart count, giving up on (/usr/sbin/amavis-services msg-forwarder)
Oct 25 14:18:37 mail amavis-mc[1681]: Process [2037] exited (/usr/sbin/amavis-services snmp-responder) after 1.6 s: exit 2
Oct 25 14:18:37 mail amavis-mc[1681]: Exceeded restart count, giving up on (/usr/sbin/amavis-services snmp-responder)
Oct 25 14:18:45 mail postfix/postqueue[2049]: fatal: Queue report unavailable - mail system is down
Oct 25 15:13:10 mail roundcube: PHP Warning: stream_socket_client(): unable to connect to 127.0.0.1:587 (Connection refused) in /opt/www/roundcubemail-1.3.6/vendor/pear/net_socket/Net/Socket.php on line 159
Oct 25 15:13:10 mail roundcube: <mjhjjb60> PHP Error: Connection refused (POST /mail/?_task=mail&_unlock=loading1603638759339&_framed=1&_lang=en_US&_action=send)
Oct 25 15:13:10 mail roundcube: <mjhjjb60> PHP Error: Failed to connect socket: Connection refused (POST /mail/?_task=mail&_unlock=loading1603638759339&_framed=1&_lang=en_US&_action=send)
Oct 25 15:13:10 mail roundcube: <mjhjjb60> SMTP Error: Connection failed: Failed to connect socket: Connection refused in /opt/www/roundcubemail-1.3.6/program/lib/Roundcube/rcube.php on line 1702 (POST /mail/?_task=mail&_unlock=loading1603638759339&_framed=1&_lang=en_US&_action=send)
tail -f /var/log/syslog
Oct 27 04:35:53 mail fail2ban.actions [961]: NOTICE [sshd] Ban 113.31.147.54
Oct 27 04:36:02 mail CRON[2988]: (sogo) CMD (/usr/sbin/sogo-tool expire-sessions 30 >/dev/null 2>&1; /usr/sbin/sogo-ealarms-notify >/dev/null 2>&1)
Oct 27 04:37:02 mail CRON[2999]: (sogo) CMD (/usr/sbin/sogo-tool expire-sessions 30 >/dev/null 2>&1; /usr/sbin/sogo-ealarms-notify >/dev/null 2>&1)
Oct 27 04:38:01 mail CRON[3006]: (sogo) CMD (/usr/sbin/sogo-tool expire-sessions 30 >/dev/null 2>&1; /usr/sbin/sogo-ealarms-notify >/dev/null 2>&1)
Oct 27 04:39:00 mail systemd[1]: Starting Clean php session files...
Oct 27 04:39:02 mail CRON[3039]: (sogo) CMD (/usr/sbin/sogo-tool expire-sessions 30 >/dev/null 2>&1; /usr/sbin/sogo-ealarms-notify >/dev/null 2>&1)
Oct 27 04:39:02 mail CRON[3040]: (root) CMD ( [ -x /usr/lib/php/sessionclean ] && if [ ! -d /run/systemd/system ]; then /usr/lib/php/sessionclean; fi)
Oct 27 04:39:06 mail systemd[1]: phpsessionclean.service: Succeeded.
Oct 27 04:39:06 mail systemd[1]: Finished Clean php session files.
Oct 27 04:40:01 mail CRON[3093]: (sogo) CMD (/usr/sbin/sogo-tool expire-sessions 30 >/dev/null 2>&1; /usr/sbin/sogo-ealarms-notify >/dev/null 2>&1)
Oct 27 04:41:01 mail CRON[3107]: (sogo) CMD (/usr/sbin/sogo-tool expire-sessions 30 >/dev/null 2>&1; /usr/sbin/sogo-ealarms-notify >/dev/null 2>&1)
tail -f /var/log/syslog.1
Oct 26 23:59:09 mail fail2ban.filter [932]: INFO [sshd] Found 46.101.182.128 - 2020-10-26 23:59:09
Oct 26 23:59:11 mail fail2ban.filter [932]: INFO [sshd] Found 46.101.182.128 - 2020-10-26 23:59:11
Oct 27 00:00:01 mail CRON[39388]: (root) CMD (test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew)
Oct 27 00:00:01 mail CRON[39389]: (root) CMD (/usr/bin/test -x /usr/bin/mlmmj-maintd && /usr/bin/mlmmj-maintd -F -d /var/spool/mlmmj)
Oct 27 00:00:01 mail CRON[39390]: (sogo) CMD (/usr/sbin/sogo-tool update-autoreply -p /etc/sogo/sieve.cred >/dev/null 2>&1)
Oct 27 00:00:01 mail CRON[39391]: (sogo) CMD (/usr/sbin/sogo-tool expire-sessions 30 >/dev/null 2>&1; /usr/sbin/sogo-ealarms-notify >/dev/null 2>&1)
Oct 27 00:00:01 mail systemd[1]: Starting Rotate log files...
Oct 27 00:00:01 mail systemd[1]: Starting Daily man-db regeneration...
Oct 27 00:00:05 mail systemd[1]: man-db.service: Succeeded.
Oct 27 00:00:06 mail systemd[1]: Finished Daily man-db regeneration.
tail -f /var/log/auth.log
Oct 27 04:42:07 mail CRON[3114]: pam_unix(cron:session): session closed for user sogo
Oct 27 04:42:19 mail sshd[3122]: Unable to negotiate with 112.85.42.151 port 27636: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth]
Oct 27 04:43:01 mail CRON[3125]: pam_unix(cron:session): session opened for user sogo by (uid=0)
Oct 27 04:43:08 mail CRON[3125]: pam_unix(cron:session): session closed for user sogo
Oct 27 04:43:52 mail sshd[3131]: Received disconnect from 222.186.180.130 port 58382:11: [preauth]
Oct 27 04:43:52 mail sshd[3131]: Disconnected from 222.186.180.130 port 58382 [preauth]
Oct 27 04:44:01 mail CRON[3133]: pam_unix(cron:session): session opened for user sogo by (uid=0)
Oct 27 04:44:07 mail CRON[3133]: pam_unix(cron:session): session closed for user sogo
Oct 27 04:45:01 mail CRON[3146]: pam_unix(cron:session): session opened for user sogo by (uid=0)
Oct 27 04:45:08 mail CRON[3146]: pam_unix(cron:session): session closed for user sogo
tail -f /var/log/auth.log.1
Oct 25 00:00:01 mail CRON[215607]: pam_unix(cron:session): session opened for user sogo by (uid=0)
Oct 25 00:00:01 mail CRON[215608]: pam_unix(cron:session): session opened for user sogo by (uid=0)
Oct 25 00:00:01 mail CRON[215606]: pam_unix(cron:session): session closed for user root
Oct 25 00:00:02 mail CRON[215605]: pam_unix(cron:session): session closed for user root
Oct 25 00:00:05 mail CRON[215607]: pam_unix(cron:session): session closed for user sogo
Oct 25 00:00:08 mail CRON[215608]: pam_unix(cron:session): session closed for user sogo
Oct 25 00:00:14 mail sshd[215686]: Invalid user damian from 61.153.14.115 port 40860
Oct 25 00:00:14 mail sshd[215686]: pam_unix(sshd:auth): check pass; user unknown
Oct 25 00:00:14 mail sshd[215686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.153.14.115
Oct 25 00:00:16 mail sshd[215686]: Failed password for invalid user damian from 61.153.14.115 port 40860 ssh2
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.