Aug 5, 2024: iRedMail-1.7.1 has been released.

**LuizC** · 2022-10-12 23:49:51

LuizC
Member
Offline

Registered: 2020-06-07
Posts: 54

Topic: [CLOSED] Fail2Ban loses connection with PGSQL and everything crashes

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.5.2
- Deployed with iRedMail Easy or the downloadable installer? Downloadable
- Linux/BSD distribution name and version: 20.02
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): PGSQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Suddenly, I noted that my server was down for no reasons. I discoverred that it was related to a HUGE amount of emails receveid by postmaster@my-domain.com, it received THOUNSANDS of emails. The most common shows in it's subjets:

Cron <root@ip-172-26-11-212> /bin/bash /usr/local/bin/fail2ban_banned_db unban_db

And it's contents:

psql: error: could not connect to server: No such file or directory
    Is the server running locally and accepting
    connections on Unix domain socket "/var/run/postgresql/.s.PGSQL.5432"?

From time to time, I received another type of email, as is in the attached image.

I stoped Postfix, check if Postgres ir running (yes, it is) and go to /var/log/mail.log and I'm posting the last part of it:

Oct 12 00:30:56 ip-172-26-11-212 postfix/qmgr[1836]: 4MnCYT3nxCzB2XL: from=<root@ip-172-26-15-121.ec2.internal>, size=2175, nrcpt=1 (queue active)
Oct 12 00:30:56 ip-172-26-11-212 postfix/cleanup[6071]: 4MnD8c0psGzB9xn: message-id=<4Mn8cn4NKdzB0NZ@ip-172-26-15-121.ec2.internal>
Oct 12 00:30:56 ip-172-26-11-212 postfix/local[5167]: 4MnCYT3nxCzB2XL: to=<root@ip-172-26-15-121.ec2.internal>, relay=local, delay=1619, delays=1619/0.01/0/0.01, dsn=2.0.0, status=sent (forwarded as 4MnD8c0psGzB9xn)
Oct 12 00:30:56 ip-172-26-11-212 postfix/qmgr[1836]: 4MnCYT3nxCzB2XL: removed
Oct 12 00:30:56 ip-172-26-11-212 postfix/qmgr[1836]: 4Mn98C5lJFzB27h: from=<root@ip-172-26-15-121.ec2.internal>, size=823, nrcpt=1 (queue active)
Oct 12 00:30:56 ip-172-26-11-212 postfix/10025/smtpd[2527]: 4MnD8c1DXZzB2XL: client=localhost[127.0.0.1]
Oct 12 00:30:56 ip-172-26-11-212 postfix/cleanup[6071]: 4MnD8c1DXZzB2XL: message-id=<4MnCP941HXzBBJF@ip-172-26-15-121.ec2.internal>
Oct 12 00:30:56 ip-172-26-11-212 amavis[5610]: (05610-03-161) Passed CLEAN {RelayedInternal}, ORIGINATING LOCAL [127.0.0.1] /ESMTP <root@ip-172-26-15-121.ec2.internal> -> <root@ip-172-26-15-121.ec2.internal>, (), Message-ID: <4MnCP941HXzBBJF@ip-172-26-15-121.ec2.internal>, mail_id: 1IJ0E80rxWMS, b: A-dhE7NBo, Hits: -0.001, size: 835, queued_as: 4MnD8c1DXZzB2XL, Subject: "Cron <root@ip-172-26-11-212> /bin/bash /usr/local/bin/fail2ban_banned_db unban_db", From: <root@ip-172-26-15-121.ec2.internal>, helo=, Tests: [NO_RELAYS=-0.001], autolearn=ham autolearn_force=no, autolearnscore=0, dkim_new=dkim:botike.com.br, 109 ms
Oct 12 00:30:56 ip-172-26-11-212 postfix/amavis/smtp[6098]: 4MnCP941HXzBBJF: to=<root@ip-172-26-15-121.ec2.internal>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10026, conn_use=161, delay=516594, delays=516468/126/0/0.11, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 4MnD8c1DXZzB2XL)
Oct 12 00:30:56 ip-172-26-11-212 postfix/qmgr[1836]: 4MnCP941HXzBBJF: removed
Oct 12 00:30:56 ip-172-26-11-212 postfix/qmgr[1836]: 4Mn8bZ5hG0z9wM7: from=<root@ip-172-26-15-121.ec2.internal>, size=823, nrcpt=1 (queue active)
Oct 12 00:30:56 ip-172-26-11-212 postfix/10025/smtpd[2519]: 4MnD8c22RczBBDq: client=localhost[127.0.0.1]
Oct 12 00:30:56 ip-172-26-11-212 postfix/cleanup[6071]: 4MnD8c22RczBBDq: message-id=<4MnBM25vV1z9wkJ@ip-172-26-15-121.ec2.internal>
Oct 12 00:30:56 ip-172-26-11-212 amavis[5609]: (05609-03-160) Passed CLEAN {RelayedInternal}, ORIGINATING LOCAL [127.0.0.1] /ESMTP <root@ip-172-26-15-121.ec2.internal> -> <root@ip-172-26-15-121.ec2.internal>, (), Message-ID: <4MnBM25vV1z9wkJ@ip-172-26-15-121.ec2.internal>, mail_id: 6kfCagwRnznq, b: A-dhE7NBo, Hits: -0.001, size: 835, queued_as: 4MnD8c22RczBBDq, Subject: "Cron <root@ip-172-26-11-212> /bin/bash /usr/local/bin/fail2ban_banned_db unban_db", From: <root@ip-172-26-15-121.ec2.internal>, helo=, Tests: [NO_RELAYS=-0.001], autolearn=ham autolearn_force=no, autolearnscore=0, dkim_new=dkim:botike.com.br, 110 ms
Oct 12 00:30:56 ip-172-26-11-212 postfix/amavis/smtp[6098]: 4MnBM25vV1z9wkJ: to=<root@ip-172-26-15-121.ec2.internal>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10026, conn_use=160, delay=556434, delays=556307/126/0/0.11, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 4MnD8c22RczBBDq)
Oct 12 00:30:56 ip-172-26-11-212 postfix/qmgr[1836]: 4MnBM25vV1z9wkJ: removed
Oct 12 00:30:56 ip-172-26-11-212 postfix/qmgr[1836]: 4MnBtn1vMFz9wVb: from=<root@ip-172-26-15-121.ec2.internal>, size=823, nrcpt=1 (queue active)
Oct 12 00:30:56 ip-172-26-11-212 postfix/10025/smtpd[2527]: 4MnD8c2qqRz9wkJ: client=localhost[127.0.0.1]
Oct 12 00:30:56 ip-172-26-11-212 postfix/cleanup[6071]: 4MnD8c2qqRz9wkJ: message-id=<4MnBg45GfRzB9gw@ip-172-26-15-121.ec2.internal>
Oct 12 00:30:56 ip-172-26-11-212 amavis[5610]: (05610-03-162) Passed CLEAN {RelayedInternal}, ORIGINATING LOCAL [127.0.0.1] /ESMTP <root@ip-172-26-15-121.ec2.internal> -> <root@ip-172-26-15-121.ec2.internal>, (), Message-ID: <4MnBg45GfRzB9gw@ip-172-26-15-121.ec2.internal>, mail_id: NpYGinF-sPtA, b: A-dhE7NBo, Hits: -0.001, size: 835, queued_as: 4MnD8c2qqRz9wkJ, Subject: "Cron <root@ip-172-26-11-212> /bin/bash /usr/local/bin/fail2ban_banned_db unban_db", From: <root@ip-172-26-15-121.ec2.internal>, helo=, Tests: [NO_RELAYS=-0.001], autolearn=ham autolearn_force=no, autolearnscore=0, dkim_new=dkim:botike.com.br, 104 ms
Oct 12 00:30:56 ip-172-26-11-212 postfix/amavis/smtp[6098]: 4MnBg45GfRzB9gw: to=<root@ip-172-26-15-121.ec2.internal>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10026, conn_use=162, delay=778734, delays=778607/127/0/0.11, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 4MnD8c2qqRz9wkJ)
Oct 12 00:30:56 ip-172-26-11-212 postfix/qmgr[1836]: 4MnBg45GfRzB9gw: removed
Oct 12 00:30:56 ip-172-26-11-212 postfix/qmgr[1836]: 4Mn8Q11NYxzB4wN: from=<root@ip-172-26-15-121.ec2.internal>, size=823, nrcpt=1 (queue active)
Oct 12 00:30:56 ip-172-26-11-212 postfix/10025/smtpd[2519]: 4MnD8c3bllzB9gw: client=localhost[127.0.0.1]
Oct 12 00:30:56 ip-172-26-11-212 postfix/cleanup[6071]: 4MnD8c3bllzB9gw: message-id=<4MnBG15yjbzB279@ip-172-26-15-121.ec2.internal>
Oct 12 00:30:56 ip-172-26-11-212 amavis[5609]: (05609-03-161) Passed CLEAN {RelayedInternal}, ORIGINATING LOCAL [127.0.0.1] /ESMTP <root@ip-172-26-15-121.ec2.internal> -> <root@ip-172-26-15-121.ec2.internal>, (), Message-ID: <4MnBG15yjbzB279@ip-172-26-15-121.ec2.internal>, mail_id: qEkF30o3Nbyv, b: A-dhE7NBo, Hits: -0.001, size: 835, queued_as: 4MnD8c3bllzB9gw, Subject: "Cron <root@ip-172-26-11-212> /bin/bash /usr/local/bin/fail2ban_banned_db unban_db", From: <root@ip-172-26-15-121.ec2.internal>, helo=, Tests: [NO_RELAYS=-0.001], autolearn=ham autolearn_force=no, autolearnscore=0, dkim_new=dkim:botike.com.br, 102 ms
Oct 12 00:30:56 ip-172-26-11-212 postfix/amavis/smtp[6098]: 4MnBG15yjbzB279: to=<root@ip-172-26-15-121.ec2.internal>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10026, conn_use=161, delay=874495, delays=874368/127/0/0.11, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 4MnD8c3bllzB9gw)
Oct 12 00:30:56 ip-172-26-11-212 postfix/qmgr[1836]: 4MnBG15yjbzB279: removed
Oct 12 00:30:56 ip-172-26-11-212 postfix/qmgr[1836]: 4Mn8hv6cB2zB0ks: from=<root@ip-172-26-15-121.ec2.internal>, size=823, nrcpt=1 (queue active)
Oct 12 00:30:56 ip-172-26-11-212 postfix/10025/smtpd[2527]: 4MnD8c4Pl9zB279: client=localhost[127.0.0.1]
Oct 12 00:30:56 ip-172-26-11-212 postfix/cleanup[6071]: 4MnD8c4Pl9zB279: message-id=<4MnC691JwfzB7gm@ip-172-26-15-121.ec2.internal>
Oct 12 00:30:56 ip-172-26-11-212 amavis[5610]: (05610-03-163) Passed CLEAN {RelayedInternal}, ORIGINATING LOCAL [127.0.0.1] /ESMTP <root@ip-172-26-15-121.ec2.internal> -> <root@ip-172-26-15-121.ec2.internal>, (), Message-ID: <4MnC691JwfzB7gm@ip-172-26-15-121.ec2.internal>, mail_id: zdy3P5nKNBSV, b: A-dhE7NBo, Hits: -0.001, size: 835, queued_as: 4MnD8c4Pl9zB279, Subject: "Cron <root@ip-172-26-11-212> /bin/bash /usr/local/bin/fail2ban_banned_db unban_db", From: <root@ip-172-26-15-121.ec2.internal>, helo=, Tests: [NO_RELAYS=-0.001], autolearn=ham autolearn_force=no, autolearnscore=0, dkim_new=dkim:botike.com.br, 102 ms
Oct 12 00:30:56 ip-172-26-11-212 postfix/amavis/smtp[6120]: 4MnC691JwfzB7gm: to=<root@ip-172-26-15-121.ec2.internal>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10026, conn_use=163, delay=999594, delays=999468/127/0/0.11, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 4MnD8c4Pl9zB279)
Oct 12 00:30:56 ip-172-26-11-212 postfix/qmgr[1836]: 4MnC691JwfzB7gm: removed
Oct 12 00:30:56 ip-172-26-11-212 postfix/qmgr[1836]: 4Mn9GD0sPTzB7BH: from=<root@ip-172-26-15-121.ec2.internal>, size=823, nrcpt=1 (queue active)
Oct 12 00:30:56 ip-172-26-11-212 postfix/10025/smtpd[2519]: 4MnD8c5BKRzB7gm: client=localhost[127.0.0.1]
Oct 12 00:30:56 ip-172-26-11-212 postfix/cleanup[6071]: 4MnD8c5BKRzB7gm: message-id=<4MnB2g5kvyzB0R7@ip-172-26-15-121.ec2.internal>
Oct 12 00:30:56 ip-172-26-11-212 amavis[5609]: (05609-03-162) Passed CLEAN {RelayedInternal}, ORIGINATING LOCAL [127.0.0.1] /ESMTP <root@ip-172-26-15-121.ec2.internal> -> <root@ip-172-26-15-121.ec2.internal>, (), Message-ID: <4MnB2g5kvyzB0R7@ip-172-26-15-121.ec2.internal>, mail_id: o69sUsheoqZB, b: A-dhE7NBo, Hits: -0.001, size: 835, queued_as: 4MnD8c5BKRzB7gm, Subject: "Cron <root@ip-172-26-11-212> /bin/bash /usr/local/bin/fail2ban_banned_db unban_db", From: <root@ip-172-26-15-121.ec2.internal>, helo=, Tests: [NO_RELAYS=-0.001], autolearn=ham autolearn_force=no, autolearnscore=0, dkim_new=dkim:botike.com.br, 105 ms
Oct 12 00:30:56 ip-172-26-11-212 postfix/amavis/smtp[6120]: 4MnB2g5kvyzB0R7: to=<root@ip-172-26-15-121.ec2.internal>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10026, conn_use=162, delay=699414, delays=699287/127/0/0.11, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 4MnD8c5BKRzB7gm)
Oct 12 00:30:56 ip-172-26-11-212 postfix/qmgr[1836]: 4MnB2g5kvyzB0R7: removed
Oct 12 00:30:56 ip-172-26-11-212 postfix/qmgr[1836]: 4Mn9DY2VDJzB2yM: from=<root@ip-172-26-15-121.ec2.internal>, size=823, nrcpt=1 (queue active)
Oct 12 00:30:56 ip-172-26-11-212 postfix/10025/smtpd[2527]: 4MnD8c5y7RzB0R7: client=localhost[127.0.0.1]
Oct 12 00:30:56 ip-172-26-11-212 postfix/cleanup[6071]: 4MnD8c5y7RzB0R7: message-id=<4MnBM50nrxz9yxV@ip-172-26-15-121.ec2.internal>
Oct 12 00:30:56 ip-172-26-11-212 amavis[5610]: (05610-03-164) Passed CLEAN {RelayedInternal}, ORIGINATING LOCAL [127.0.0.1] /ESMTP <root@ip-172-26-15-121.ec2.internal> -> <root@ip-172-26-15-121.ec2.internal>, (), Message-ID: <4MnBM50nrxz9yxV@ip-172-26-15-121.ec2.internal>, mail_id: rhY0sG6pWjuN, b: A-dhE7NBo, Hits: -0.001, size: 835, queued_as: 4MnD8c5y7RzB0R7, Subject: "Cron <root@ip-172-26-11-212> /bin/bash /usr/local/bin/fail2ban_banned_db unban_db", From: <root@ip-172-26-15-121.ec2.internal>, helo=, Tests: [NO_RELAYS=-0.001], autolearn=ham autolearn_force=no, autolearnscore=0, dkim_new=dkim:botike.com.br, 103 ms
Oct 12 00:30:56 ip-172-26-11-212 postfix/amavis/smtp[6120]: 4MnBM50nrxz9yxV: to=<root@ip-172-26-15-121.ec2.internal>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10026, conn_use=164, delay=1690074, delays=1689947/127/0/0.11, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 4MnD8c5y7RzB0R7)
Oct 12 00:30:56 ip-172-26-11-212 postfix/qmgr[1836]: 4MnBM50nrxz9yxV: removed
Oct 12 00:30:56 ip-172-26-11-212 postfix/qmgr[1836]: 4Mn98W2KKxzB2T4: from=<root@ip-172-26-15-121.ec2.internal>, size=823, nrcpt=1 (queue active)
Oct 12 00:30:56 ip-172-26-11-212 postfix/10025/smtpd[2519]: 4MnD8c6jzWz9yxV: client=localhost[127.0.0.1]
Oct 12 00:30:56 ip-172-26-11-212 postfix/cleanup[6071]: 4MnD8c6jzWz9yxV: message-id=<4MnBtJ2n9QzB3bD@ip-172-26-15-121.ec2.internal>
Oct 12 00:30:56 ip-172-26-11-212 amavis[5609]: (05609-03-163) Passed CLEAN {RelayedInternal}, ORIGINATING LOCAL [127.0.0.1] /ESMTP <root@ip-172-26-15-121.ec2.internal> -> <root@ip-172-26-15-121.ec2.internal>, (), Message-ID: <4MnBtJ2n9QzB3bD@ip-172-26-15-121.ec2.internal>, mail_id: EkJb0VXMsZLd, b: A-dhE7NBo, Hits: -0.001, size: 835, queued_as: 4MnD8c6jzWz9yxV, Subject: "Cron <root@ip-172-26-11-212> /bin/bash /usr/local/bin/fail2ban_banned_db unban_db", From: <root@ip-172-26-15-121.ec2.internal>, helo=, Tests: [NO_RELAYS=-0.001], autolearn=ham autolearn_force=no, autolearnscore=0, dkim_new=dkim:botike.com.br, 105 ms
Oct 12 00:30:56 ip-172-26-11-212 postfix/amavis/smtp[6120]: 4MnBtJ2n9QzB3bD: to=<root@ip-172-26-15-121.ec2.internal>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10026, conn_use=163, delay=1666075, delays=1665948/127/0/0.11, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 4MnD8c6jzWz9yxV)
Oct 12 00:30:56 ip-172-26-11-212 postfix/qmgr[1836]: 4MnBtJ2n9QzB3bD: removed
Oct 12 00:30:56 ip-172-26-11-212 postfix/qmgr[1836]: 4Mn9Rz5HFPzB7s9: from=<root@ip-172-26-15-121.ec2.internal>, size=823, nrcpt=1 (queue active)
Oct 12 00:30:57 ip-172-26-11-212 postfix/10025/smtpd[2527]: 4MnD8d0PRWzB3bD: client=localhost[127.0.0.1]
Oct 12 00:30:57 ip-172-26-11-212 postfix/cleanup[6071]: 4MnD8d0PRWzB3bD: message-id=<4MnBDB1dy4z9x6n@ip-172-26-15-121.ec2.internal>
Oct 12 00:30:57 ip-172-26-11-212 amavis[5610]: (05610-03-165) Passed CLEAN {RelayedInternal}, ORIGINATING LOCAL [127.0.0.1] /ESMTP <root@ip-172-26-15-121.ec2.internal> -> <root@ip-172-26-15-121.ec2.internal>, (), Message-ID: <4MnBDB1dy4z9x6n@ip-172-26-15-121.ec2.internal>, mail_id: VZk6br-b-M7b, b: A-dhE7NBo, Hits: -0.001, size: 835, queued_as: 4MnD8d0PRWzB3bD, Subject: "Cron <root@ip-172-26-11-212> /bin/bash /usr/local/bin/fail2ban_banned_db unban_db", From: <root@ip-172-26-15-121.ec2.internal>, helo=, Tests: [NO_RELAYS=-0.001], autolearn=ham autolearn_force=no, autolearnscore=0, dkim_new=dkim:botike.com.br, 105 ms
Oct 12 00:30:57 ip-172-26-11-212 postfix/amavis/smtp[6120]: 4MnBDB1dy4z9x6n: to=<root@ip-172-26-15-121.ec2.internal>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10026, conn_use=165, delay=685135, delays=685008/127/0/0.11, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 4MnD8d0PRWzB3bD)
Oct 12 00:30:57 ip-172-26-11-212 postfix/qmgr[1836]: 4MnBDB1dy4z9x6n: removed
Oct 12 00:30:57 ip-172-26-11-212 postfix/qmgr[1836]: 4Mn9815DDYzB75v: from=<root@ip-172-26-15-121.ec2.internal>, size=823, nrcpt=1 (queue active)
Oct 12 00:30:57 ip-172-26-11-212 postfix/10025/smtpd[2519]: 4MnD8d19xbz9x6n: client=localhost[127.0.0.1]
Oct 12 00:30:57 ip-172-26-11-212 postfix/cleanup[6071]: 4MnD8d19xbz9x6n: message-id=<4MnCMM6D8WzB4Yt@ip-172-26-15-121.ec2.internal>
Oct 12 00:30:57 ip-172-26-11-212 amavis[5609]: (05609-03-164) Passed CLEAN {RelayedInternal}, ORIGINATING LOCAL [127.0.0.1] /ESMTP <root@ip-172-26-15-121.ec2.internal> -> <root@ip-172-26-15-121.ec2.internal>, (), Message-ID: <4MnCMM6D8WzB4Yt@ip-172-26-15-121.ec2.internal>, mail_id: XJYX3MtJOXx6, b: A-dhE7NBo, Hits: -0.001, size: 835, queued_as: 4MnD8d19xbz9x6n, Subject: "Cron <root@ip-172-26-11-212> /bin/bash /usr/local/bin/fail2ban_banned_db unban_db", From: <root@ip-172-26-15-121.ec2.internal>, helo=, Tests: [NO_RELAYS=-0.001], autolearn=ham autolearn_force=no, autolearnscore=0, dkim_new=dkim:botike.com.br, 105 ms
Oct 12 00:30:57 ip-172-26-11-212 postfix/amavis/smtp[6120]: 4MnCMM6D8WzB4Yt: to=<root@ip-172-26-15-121.ec2.internal>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10026, conn_use=164, delay=438654, delays=438527/127/0/0.11, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 4MnD8d19xbz9x6n)
Oct 12 00:30:57 ip-172-26-11-212 postfix/qmgr[1836]: 4MnCMM6D8WzB4Yt: removed
Oct 12 00:30:57 ip-172-26-11-212 postfix/qmgr[1836]: 4Mn9MY5rbhzB434: from=<root@ip-172-26-15-121.ec2.internal>, size=823, nrcpt=1 (queue active)
Oct 12 00:30:57 ip-172-26-11-212 postfix/10025/smtpd[2527]: 4MnD8d1yT3zB4Yt: client=localhost[127.0.0.1]
Oct 12 00:30:57 ip-172-26-11-212 postfix/cleanup[6071]: 4MnD8d1yT3zB4Yt: message-id=<4MnB7Y0NWJzBC6C@ip-172-26-15-121.ec2.internal>
Oct 12 00:30:57 ip-172-26-11-212 amavis[5610]: (05610-03-166) Passed CLEAN {RelayedInternal}, ORIGINATING LOCAL [127.0.0.1] /ESMTP <root@ip-172-26-15-121.ec2.internal> -> <root@ip-172-26-15-121.ec2.internal>, (), Message-ID: <4MnB7Y0NWJzBC6C@ip-172-26-15-121.ec2.internal>, mail_id: mrNKKtiHiR7o, b: A-dhE7NBo, Hits: -0.001, size: 835, queued_as: 4MnD8d1yT3zB4Yt, Subject: "Cron <root@ip-172-26-11-212> /bin/bash /usr/local/bin/fail2ban_banned_db unban_db", From: <root@ip-172-26-15-121.ec2.internal>, helo=, Tests: [NO_RELAYS=-0.001], autolearn=ham autolearn_force=no, autolearnscore=0, dkim_new=dkim:botike.com.br, 105 ms
Oct 12 00:30:57 ip-172-26-11-212 postfix/amavis/smtp[6120]: 4MnB7Y0NWJzBC6C: to=<root@ip-172-26-15-121.ec2.internal>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10026, conn_use=166, delay=137514, delays=137387/127/0/0.11, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 4MnD8d1yT3zB4Yt)
Oct 12 00:30:57 ip-172-26-11-212 postfix/qmgr[1836]: 4MnB7Y0NWJzBC6C: removed
Oct 12 00:30:57 ip-172-26-11-212 postfix/qmgr[1836]: 4Mn8jW73KrzB7vf: from=<root@ip-172-26-15-121.ec2.internal>, size=823, nrcpt=1 (queue active)
Oct 12 00:30:57 ip-172-26-11-212 postfix/10025/smtpd[2519]: 4MnD8d2lYZzBBJF: client=localhost[127.0.0.1]
Oct 12 00:30:57 ip-172-26-11-212 postfix/cleanup[6071]: 4MnD8d2lYZzBBJF: message-id=<4MnBC55XTrzB5W0@ip-172-26-15-121.ec2.internal>
Oct 12 00:30:57 ip-172-26-11-212 amavis[5609]: (05609-03-165) Passed CLEAN {RelayedInternal}, ORIGINATING LOCAL [127.0.0.1] /ESMTP <root@ip-172-26-15-121.ec2.internal> -> <root@ip-172-26-15-121.ec2.internal>, (), Message-ID: <4MnBC55XTrzB5W0@ip-172-26-15-121.ec2.internal>, mail_id: pynJLfQNNAim, b: A-dhE7NBo, Hits: -0.001, size: 835, queued_as: 4MnD8d2lYZzBBJF, Subject: "Cron <root@ip-172-26-11-212> /bin/bash /usr/local/bin/fail2ban_banned_db unban_db", From: <root@ip-172-26-15-121.ec2.internal>, helo=, Tests: [NO_RELAYS=-0.001], autolearn=ham autolearn_force=no, autolearnscore=0, dkim_new=dkim:botike.com.br, 106 ms
Oct 12 00:30:57 ip-172-26-11-212 postfix/amavis/smtp[6120]: 4MnBC55XTrzB5W0: to=<root@ip-172-26-15-121.ec2.internal>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10026, conn_use=165, delay=1847396, delays=1847268/127/0/0.11, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 4MnD8d2lYZzBBJF)
Oct 12 00:30:57 ip-172-26-11-212 postfix/qmgr[1836]: 4MnBC55XTrzB5W0: removed
Oct 12 00:30:57 ip-172-26-11-212 postfix/qmgr[1836]: 4Mn8cD6PQwzB2dw: from=<root@ip-172-26-15-121.ec2.internal>, size=823, nrcpt=1 (queue active)
Oct 12 00:30:57 ip-172-26-11-212 postfix/postfix-script[6142]: stopping the Postfix mail system
Oct 12 00:30:57 ip-172-26-11-212 postfix/master[1832]: terminating on signal 15
Oct 12 00:30:57 ip-172-26-11-212 amavis[5610]: (05610-03-167) (!)mail_via_smtp: NOTICE: aborting SMTP session, No response to MAIL (pip), dt: 0.000 s
Oct 12 00:30:57 ip-172-26-11-212 amavis[5610]: (05610-03-167) (!)4iVQR9clA_1j FWD from <root@ip-172-26-15-121.ec2.internal> -> <root@ip-172-26-15-121.ec2.internal>, BODY=7BIT 451 4.5.0 From MTA(smtp:[127.0.0.1]:10025) during fwd-mail-pip (No response to MAIL (pip), dt: 0.000 s): id=05610-03-167
Oct 12 00:30:57 ip-172-26-11-212 amavis[5610]: (05610-03-167) Blocked MTA-BLOCKED {TempFailedInternal}, ORIGINATING LOCAL [127.0.0.1] /ESMTP <root@ip-172-26-15-121.ec2.internal> -> <root@ip-172-26-15-121.ec2.internal>, (), Message-ID: <4MnC8b4wGbzB78n@ip-172-26-15-121.ec2.internal>, mail_id: 4iVQR9clA_1j, b: A-dhE7NBo, Hits: -0.001, size: 835, Subject: "Cron <root@ip-172-26-11-212> /bin/bash /usr/local/bin/fail2ban_banned_db unban_db", From: <root@ip-172-26-15-121.ec2.internal>, helo=, Tests: [NO_RELAYS=-0.001], autolearn=ham autolearn_force=no, autolearnscore=0, dkim_new=dkim:botike.com.br, 138 ms

I didn't understand why it suddely stoped and the error itself: it's about Fail2Ban or something else? Any suggestion will be highly appreciated!

Thanks a lot!

Post's attachments

anotherEmailError.png
anotherEmailError.png 1.3 mb, file has never been downloaded.

You don't have the permssions to download the attachments of this post.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

**ZhangHuangbin** · 2022-10-13 13:44:38

ZhangHuangbin
iRedMail Developers
Offline

Registered: 2009-05-06
Posts: 31,082

Re: [CLOSED] Fail2Ban loses connection with PGSQL and everything crashes

According to the error message in screenshot, it indeed means PostgreSQL was not running.

**LuizC** · 2022-10-13 21:43:24

LuizC
Member
Offline

Registered: 2020-06-07
Posts: 54

Re: [CLOSED] Fail2Ban loses connection with PGSQL and everything crashes

ZhangHuangbin wrote:

According to the error message in screenshot, it indeed means PostgreSQL was not running.

Hi mr. Zang, thanks for your support.

In the images attached, you can see that Postgresql is running.

In the image "mailEvidence.png" you can see the moment I get logged (1), verifying if Postfix and Postgresql are running (2 and 3). Whith less that 5 minutes, the postmaster mail box was getting flooded (4) and I finnally stop postfix to stop the flood (5).

In the other image (beeEvidence.png), I used BeeKeeper to verify if PGSQL is running (it is).

Post's attachments

beeEvidence.png
beeEvidence.png 38.73 kb, file has never been downloaded.

mailEvidence.png 1.3 mb, file has never been downloaded.

You don't have the permssions to download the attachments of this post.

**LuizC** · 2022-10-15 23:36:56

LuizC
Member
Offline

Registered: 2020-06-07
Posts: 54

Re: [CLOSED] Fail2Ban loses connection with PGSQL and everything crashes

And here just another evidence that PGSQL is running!

Post's attachments

anotherEvidence.png 435.76 kb, file has never been downloaded.

You don't have the permssions to download the attachments of this post.

**ZhangHuangbin** · 2022-10-16 10:40:38

ZhangHuangbin
iRedMail Developers
Offline

Registered: 2009-05-06
Posts: 31,082

Re: [CLOSED] Fail2Ban loses connection with PGSQL and everything crashes

- No clue yet, if PGSQL is running, the error reported by cron jobs should be different.
- If your mail server is flooded, please check Postfix log file to figure out the reason and fix it first.

**LuizC** · 2022-10-17 22:10:55

LuizC
Member
Offline

Registered: 2020-06-07
Posts: 54

Re: [CLOSED] Fail2Ban loses connection with PGSQL and everything crashes

ZhangHuangbin wrote:

- No clue yet, if PGSQL is running, the error reported by cron jobs should be different.
- If your mail server is flooded, please check Postfix log file to figure out the reason and fix it first.

If you have no clue, who am I to figure out what's going on? (lol)

I had put maillog above using sudo tail -f /var/log/mail.log, and I couldn't find any clue of what's broken.

Maybe a upgrade could fix it?

**ZhangHuangbin** · 2022-10-20 15:01:54

ZhangHuangbin
iRedMail Developers
Offline

Registered: 2009-05-06
Posts: 31,082

Re: [CLOSED] Fail2Ban loses connection with PGSQL and everything crashes

LuizC wrote:

If you have no clue, who am I to figure out what's going on? (lol)

Hard to figure it out without direct ssh access in this case.
According to the error message, pgsql was not running at the moment.

**Cthulhu** · 2022-10-20 20:27:39

Cthulhu
Member
Offline

Registered: 2019-06-04
Posts: 907

Re: [CLOSED] Fail2Ban loses connection with PGSQL and everything crashes

How much vram do you have? regarding your "it received THOUNSANDS of emails" i don't assume it is a low traffic one, since every mail gets piped to amavis (and there is a reason fail2ban gets triggered anyways), my guess would be that your system is just not able to handle the amount of traffic

**LuizC** · 2022-10-24 03:19:06

LuizC
Member
Offline

Registered: 2020-06-07
Posts: 54

Re: [CLOSED] Fail2Ban loses connection with PGSQL and everything crashes

Fellows,

As it is a test server, I simply reinstaled everything and start over. I'll pay more attention on the server's behaviour.

I'm using a AWS Lightsail machine with 4GB RAM, 2 vCPUs and 80GB storage, it's not a insufficent machine.

Thanks for the care and support!

Aug 5, 2024: iRedMail-1.7.1 has been released.

[ Closed ] [CLOSED] Fail2Ban loses connection with PGSQL and everything crashes

Posts: 9

1 Topic by LuizC 2022-10-12 23:49:51 (edited by LuizC 2022-10-24 03:20:09)

Topic: [CLOSED] Fail2Ban loses connection with PGSQL and everything crashes

2 Reply by ZhangHuangbin 2022-10-13 13:44:38

Re: [CLOSED] Fail2Ban loses connection with PGSQL and everything crashes

3 Reply by LuizC 2022-10-13 21:43:24 (edited by LuizC 2022-10-15 23:29:32)

Re: [CLOSED] Fail2Ban loses connection with PGSQL and everything crashes

4 Reply by LuizC 2022-10-15 23:36:56

Re: [CLOSED] Fail2Ban loses connection with PGSQL and everything crashes

5 Reply by ZhangHuangbin 2022-10-16 10:40:38

Re: [CLOSED] Fail2Ban loses connection with PGSQL and everything crashes

6 Reply by LuizC 2022-10-17 22:10:55

Re: [CLOSED] Fail2Ban loses connection with PGSQL and everything crashes

7 Reply by ZhangHuangbin 2022-10-20 15:01:54

Re: [CLOSED] Fail2Ban loses connection with PGSQL and everything crashes

8 Reply by Cthulhu 2022-10-20 20:27:39

Re: [CLOSED] Fail2Ban loses connection with PGSQL and everything crashes

9 Reply by LuizC 2022-10-24 03:19:06

Re: [CLOSED] Fail2Ban loses connection with PGSQL and everything crashes

Posts: 9