Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 23

Thread: 'Blackhole' e-mails send to non-zimbra accounts?

  1. #11
    Join Date
    Jul 2006
    Location
    Reno, NV, USA
    Posts
    203
    Rep Power
    9

    Default

    Quote Originally Posted by zagman76 View Post
    Here is an update - I added the 550 code, and now the obvious junk is being bounced back upstream.

    However, I am seeing that 3-5 times a day, the mta (i think it's the mta) stops, and the active and deferred queues freeze. So far, I have only been able to resolve this by issuing a zmcontrol stop / start.

    Has anyone else seen this? What is happening here, and how can I resolve this?

    Thanks!
    Is it being 'bounced' or being 'rejected'? There is a BIG difference. Reject simply tells the MTA trying to send the email to go away, you can't deliver the email so you never accept it. For bounce, zimbra postfix actually accepts the email and then turns around and sends it to whomever was the envelope sender of the email (along with any attachments, text, etc). This is obviously bad.

    In my case, I didn't need to change any settings regarding 550. I simply set mynetworks_style = host, and then unknown user emails were 'rejected' rather than 'bounced'.

  2. #12
    Join Date
    Aug 2006
    Posts
    49
    Rep Power
    9

    Default

    Quote Originally Posted by jdell View Post
    Is it being 'bounced' or being 'rejected'? There is a BIG difference. Reject simply tells the MTA trying to send the email to go away, you can't deliver the email so you never accept it. For bounce, zimbra postfix actually accepts the email and then turns around and sends it to whomever was the envelope sender of the email (along with any attachments, text, etc). This is obviously bad.

    In my case, I didn't need to change any settings regarding 550. I simply set mynetworks_style = host, and then unknown user emails were 'rejected' rather than 'bounced'.
    I did both:
    Code:
    unknown_local_recipient_reject_code = 550
    mynetworks_style = host
    but I am no longer seeing the obvious junk mail coming in (jkhsfh9398387@mydomain.com). Now (and this was happening before) the active and deferred queues will seem to stall several times during the day.

  3. #13
    Join Date
    Jul 2006
    Location
    Reno, NV, USA
    Posts
    203
    Rep Power
    9

    Default

    Quote Originally Posted by zagman76 View Post
    I did both:
    Code:
    unknown_local_recipient_reject_code = 550
    mynetworks_style = host
    but I am no longer seeing the obvious junk mail coming in (jkhsfh9398387@mydomain.com). Now (and this was happening before) the active and deferred queues will seem to stall several times during the day.
    Ok, those changes are fine. The default for unknown_local_recipient_reject_code is already 550 so your setting is redundant.

    You can verify this as follows (postconf -d gives defaults):
    Code:
    # postconf -d | grep 'unknown_local_recipient_reject_code'
    I can't imagine that the active and deferred queues would be affected by the mynetworks_style setting as the queues are for email that are already on your zimbra server. The mynetworks_style affects only email trying to be sent to your server.

    Can you post pertinent excerpts from your postfix log file (also as user zimbra, just type 'mailq' to see all mail in queue and basic reason why it is in queue). The /var/log/maillog will have more details as to why emails are stuck in queue.

    Also, 'postqueue -f' will try to flush to queue and attempt delivery immediately rather than waiting the prescribed interval before attempting delivery again.

  4. #14
    Join Date
    Aug 2006
    Posts
    49
    Rep Power
    9

    Default

    Quote Originally Posted by jdell View Post
    Ok, those changes are fine. The default for unknown_local_recipient_reject_code is already 550 so your setting is redundant.

    You can verify this as follows (postconf -d gives defaults):
    Code:
    # postconf -d | grep 'unknown_local_recipient_reject_code'
    I can't imagine that the active and deferred queues would be affected by the mynetworks_style setting as the queues are for email that are already on your zimbra server. The mynetworks_style affects only email trying to be sent to your server.

    Can you post pertinent excerpts from your postfix log file (also as user zimbra, just type 'mailq' to see all mail in queue and basic reason why it is in queue). The /var/log/maillog will have more details as to why emails are stuck in queue.

    Also, 'postqueue -f' will try to flush to queue and attempt delivery immediately rather than waiting the prescribed interval before attempting delivery again.
    I don't believe the stalled queues are due to the changes in the 'mynetworks_style' either, as it was happening before I made that change.

    Here is the 1st error I see when running the 'mailq' command:
    Code:
    297E84A0A4E    42752 Mon Dec 11 17:16:32  VazquezpMorgannanosecond@zdnet.com
    (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=02395-01-2, spam_scan FAILED: timed out (in reply to end of DATA command))
    here is that e-mail from /var/log/zimbra.log
    Code:
    Dec 11 17:16:33 mail4 postfix/smtpd[20156]: 297E84A0A4E: client=c-67-175-200-149.hsd1.il.comcast.net[67.175.200.149]
    Dec 11 17:16:33 mail4 postfix/cleanup[20942]: 297E84A0A4E: message-id=<21c1701c71d72$03262fe0$6400a8c0@VALUEDDC3E02C5>
    Dec 11 17:16:36 mail4 postfix/qmgr[26798]: 297E84A0A4E: from=<VazquezpMorgannanosecond@zdnet.com>, size=42752, nrcpt=1 (queue active)
    Dec 11 17:51:50 mail4 postfix/smtp[1933]: 297E84A0A4E: to=<valid.user@mydomain.com>, relay=127.0.0.1[127.0.0.1], delay=2118, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=02395-01-2, spam_scan FAILED: timed out (in reply to end of DATA command))

  5. #15
    Join Date
    Jul 2006
    Location
    Reno, NV, USA
    Posts
    203
    Rep Power
    9

    Default

    Here is the 1st error I see when running the 'mailq' command:
    Code:
    297E84A0A4E    42752 Mon Dec 11 17:16:32  VazquezpMorgannanosecond@zdnet.com
    (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=02395-01-2, spam_scan FAILED: timed out (in reply to end of DATA command))
    Hmm, I've never seen a spam_scan failed error. Did you check if antispam/antivirus are running in the Admin UI Server Status?

    You can restart those without bouncing zimbra with 'zmamavisdctl'.

    Have you done any customization to spam assassin, clamav or amavisd-new? Does /opt/zimbra/log/clamd.log look ok? Any errors (besides outdated version warning)? Do you see errors in /opt/zimbra/log/zimbra.log relating to spam_scan failure?

  6. #16
    Join Date
    Aug 2006
    Posts
    49
    Rep Power
    9

    Default

    Quote Originally Posted by jdell View Post
    Here is the 1st error I see when running the 'mailq' command:
    Code:
    297E84A0A4E    42752 Mon Dec 11 17:16:32  VazquezpMorgannanosecond@zdnet.com
    (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=02395-01-2, spam_scan FAILED: timed out (in reply to end of DATA command))
    Hmm, I've never seen a spam_scan failed error. Did you check if antispam/antivirus are running in the Admin UI Server Status?

    You can restart those without bouncing zimbra with 'zmamavisdctl'.

    Have you done any customization to spam assassin, clamav or amavisd-new? Does /opt/zimbra/log/clamd.log look ok? Any errors (besides outdated version warning)? Do you see errors in /opt/zimbra/log/zimbra.log relating to spam_scan failure?
    the anti-spam / anti-virus is running - I checked in th UI as well as with 'zmcontrol status'

    Nope - I do not believe there are any SA/clamav/amavisd customizations, and there are no errors in the zimbra.log (well, no reference to spam_scan failure) or the clamd.log.

  7. #17
    Join Date
    Jul 2006
    Location
    Reno, NV, USA
    Posts
    203
    Rep Power
    9

    Default

    Quote Originally Posted by zagman76 View Post
    the anti-spam / anti-virus is running - I checked in th UI as well as with 'zmcontrol status'

    Nope - I do not believe there are any SA/clamav/amavisd customizations, and there are no errors in the zimbra.log (well, no reference to spam_scan failure) or the clamd.log.
    What OS are you on? What version of Zimbra?

    Postfix hands off emails to amavisd-new which then runs them through clamav and spamassassin, so I would turn on debugging in amavisd-new.

    Edit /opt/zimbra/conf/amavisd.conf

    Change:
    Code:
    $syslog_priority = 'info';  # Syslog base (minimal) priority as a string,
               # choose from: emerg, alert, crit, err, warning, notice, info, debug
    To:
    Code:
    $syslog_priority = 'debug';  # Syslog base (minimal) priority as a string,
               # choose from: emerg, alert, crit, err, warning, notice, info, debug
    I believe this should load up /var/log/maillog with lots of extraneous junk, but it may give you an idea why spam_scan is failing.

  8. #18
    Join Date
    Aug 2006
    Posts
    49
    Rep Power
    9

    Default

    Quote Originally Posted by jdell View Post
    What OS are you on? What version of Zimbra?

    Postfix hands off emails to amavisd-new which then runs them through clamav and spamassassin, so I would turn on debugging in amavisd-new.

    Edit /opt/zimbra/conf/amavisd.conf

    Change:
    Code:
    $syslog_priority = 'info';  # Syslog base (minimal) priority as a string,
               # choose from: emerg, alert, crit, err, warning, notice, info, debug
    To:
    Code:
    $syslog_priority = 'debug';  # Syslog base (minimal) priority as a string,
               # choose from: emerg, alert, crit, err, warning, notice, info, debug
    I believe this should load up /var/log/maillog with lots of extraneous junk, but it may give you an idea why spam_scan is failing.
    We're running: FC4 - 2.6.11-1.1369_FC4smp
    Zimbra version: Release 4.0.0_GA_303.FC4_20060829133700 FC4 FOSS edition.

    I will make the changes to the amavisd.conf file, and bounce using 'zmamavisdctl' - I will keep an eye on the maillog and look for the spam_scan error.

  9. #19
    Join Date
    Jul 2006
    Location
    Reno, NV, USA
    Posts
    203
    Rep Power
    9

    Default

    Quote Originally Posted by zagman76 View Post
    We're running: FC4 - 2.6.11-1.1369_FC4smp
    Zimbra version: Release 4.0.0_GA_303.FC4_20060829133700 FC4 FOSS edition.

    I will make the changes to the amavisd.conf file, and bounce using 'zmamavisdctl' - I will keep an eye on the maillog and look for the spam_scan error.
    If you don't see the extra debug noise in the log, you may need to use 'zmcontrol stop/start'

    If at all possible, you should upgrade to 4.0.4.

    You may not exactly see a 'spam_scan' error, but something like that or relating to spam assassin failure amongst the debug noise.

  10. #20
    Join Date
    Aug 2006
    Posts
    49
    Rep Power
    9

    Default

    Quote Originally Posted by jdell View Post
    If you don't see the extra debug noise in the log, you may need to use 'zmcontrol stop/start'

    If at all possible, you should upgrade to 4.0.4.

    You may not exactly see a 'spam_scan' error, but something like that or relating to spam assassin failure amongst the debug noise.

    We can't upgrade until after the new year at the earliest...

    Overnight, the queues stalled again, and there was nothing sticking out in the 'mailq' output. The only errors I saw in the zimbra.log were like this:
    Code:
    2006-12-12 08:45:46,108 ERROR [{RemoteManager: mail4.mydomain.com->zimbra@m
    il4.mydomain.com:22}-zmqstat deferred] [] rmgmt - error scanning com.zimbra
    cs.rmgmt.RemoteMailQueue$QueueHandler@8c858a: /opt/zimbra/postfix-2.2.9/sbin/po
    tconf: /usr/lib/mysql/libmysqlclient.so.14: no version information available (r
    quired by /opt/zimbra/postfix-2.2.9/sbin/postconf)

Similar Threads

  1. zmtlsctl give LDAP error
    By sourcehound in forum Administrators
    Replies: 5
    Last Post: 03-11-2007, 04:48 PM
  2. Replies: 7
    Last Post: 01-24-2007, 11:03 PM
  3. zimbra-core missing
    By kinaole in forum Developers
    Replies: 1
    Last Post: 10-02-2006, 12:59 PM
  4. Services stopped working
    By lilwong in forum Administrators
    Replies: 4
    Last Post: 08-15-2006, 10:19 AM
  5. FC3 Install and no zimbra ?
    By aws in forum Installation
    Replies: 10
    Last Post: 10-09-2005, 05:19 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •