store | blogs | forums | twitter | facebook | wiki | downloads | support portal
Atomic Secure Linux
It is currently Tue Oct 22, 2019 9:32 am

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 28 posts ]  Go to page 1, 2  Next
Author Message
 Post subject: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF problem
Unread postPosted: Mon Jul 25, 2011 1:43 pm 
Offline
Forum User
Forum User

Joined: Mon Aug 30, 2010 1:27 pm
Posts: 13
Hi, first sorry for my english.

The problem is with a new server with migrated domains. I receive complaints from Ossec reports about that. I suspect that some message have problems, and I don't know if are delivered. Next a few log lines to explain the problem.

Jul 25 01:18:03 colossus689 spf filter[19753]: Error code: (26) DNS lookup failure
Jul 25 01:18:03 colossus689 spf filter[19753]: Failed to query MAIL-FROM: Temporary DNS failure for 'solucionesremotas.com.ar'.
Jul 25 01:18:03 colossus689 spf filter[19753]: SPF result: tempfail
Jul 25 01:18:03 colossus689 qmail-queue-handlers[19752]: handlers_stderr: DEFER
Jul 25 01:18:03 colossus689 qmail-queue-handlers[19752]: call_handlers: DEFER during call '/usr/local/psa/handlers/info/10-spf-Hl6Rjd/executable' handler
Jul 25 01:18:03 colossus689 qmail-queue-handlers[19752]: call_handlers: stop call handlers from dir '/usr/local/psa/handlers/before-queue/global'
Jul 25 01:18:03 colossus689 X-Qmail-Scanner-2.08st: [plesk4.enpatagonia.net131156746379819742] Unable to open pipe to /var/qmail/bin/qmail-queue.orig [61] (#4.3.0) -
Jul 25 01:18:03 colossus689 X-Qmail-Scanner-2.08st: [plesk4.enpatagonia.net131156746379819742] Unable to close pipe to /var/qmail/bin/qmail-queue.orig [61] (#4.3.0) - Illegal seek

If I understand well a DNS lookup failure with a mail generate a SPF DEFER exception that result in qmail-queue problem. I don't see mail with domain generating problem at queue, so I suspect that finally message are delivered. I don't saw this behavior before.

Please, I hope somebody can comment about this.

Thanks and best regards...

Gines


Top
 Profile  
Reply with quote  
 Post subject: Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble
Unread postPosted: Mon Jul 25, 2011 2:57 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
User avatar

Joined: Thu Feb 07, 2008 7:49 pm
Posts: 4086
Location: Chantilly, VA
Quote:
Jul 25 01:18:03 colossus689 X-Qmail-Scanner-2.08st: [plesk4.enpatagonia.net131156746379819742] Unable to close pipe to /var/qmail/bin/qmail-queue.orig [61] (#4.3.0) - Illegal seek


Thats a pretty serious error, it generally means mail is not being delivered. I recommend you contact Parallels about this.

_________________
Michael Shinn
Atomicorp - Security For Everyone


Top
 Profile  
Reply with quote  
 Post subject: Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble
Unread postPosted: Mon Jul 25, 2011 6:28 pm 
Offline
Forum User
Forum User

Joined: Mon Aug 30, 2010 1:27 pm
Posts: 13
I think the same. But, if you see log portion posted, only happens with this weird error about DNS for SPF verification. And there is no mail at queue with domains queried when errors are triggered.

Nobody saw this before? Any idea about solution?

Regards...

Gines


Top
 Profile  
Reply with quote  
 Post subject: Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble
Unread postPosted: Mon Jul 25, 2011 6:41 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
User avatar

Joined: Thu Feb 07, 2008 7:49 pm
Posts: 4086
Location: Chantilly, VA
Quote:
Jul 25 01:18:03 colossus689 spf filter[19753]: Error code: (26) DNS lookup failure
Jul 25 01:18:03 colossus689 spf filter[19753]: Failed to query MAIL-FROM: Temporary DNS failure for 'solucionesremotas.com.ar'.
Jul 25 01:18:03 colossus689 spf filter[19753]: SPF result: tempfail


Harmless, just means the domain likely has no SPF record.

Quote:
Jul 25 01:18:03 colossus689 qmail-queue-handlers[19752]: handlers_stderr: DEFER
Jul 25 01:18:03 colossus689 qmail-queue-handlers[19752]: call_handlers: DEFER during call '/usr/local/psa/handlers/info/10-spf-Hl6Rjd/executable' handler
Jul 25 01:18:03 colossus689 qmail-queue-handlers[19752]: call_handlers: stop call handlers from dir '/usr/local/psa/handlers/before-queue/global'


Just means Plesk isnt going to check SPF record.

Quote:
Jul 25 01:18:03 colossus689 X-Qmail-Scanner-2.08st: [plesk4.enpatagonia.net131156746379819742] Unable to open pipe to /var/qmail/bin/qmail-queue.orig [61] (#4.3.0) -
Jul 25 01:18:03 colossus689 X-Qmail-Scanner-2.08st: [plesk4.enpatagonia.net131156746379819742] Unable to close pipe to /var/qmail/bin/qmail-queue.orig [61] (#4.3.0) - Illegal seek


Thats a serious error, it means the mail was not delivered at all and qmail scanner is broken.

_________________
Michael Shinn
Atomicorp - Security For Everyone


Top
 Profile  
Reply with quote  
 Post subject: Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble
Unread postPosted: Mon Jul 25, 2011 8:24 pm 
Offline
Forum User
Forum User

Joined: Mon Aug 30, 2010 1:27 pm
Posts: 13
Because the problem is with qmail-queue.orig, I checked perms and ownership in /var/qmail/bin:
-r-xr-sr-x 1 mhandlers-user popuser 6653 Jul 25 20:23 qmail-queue
-r-xr-sr-x 1 root root 6653 Jul 22 19:57 qmail-queue.backup
-r-s--x--x 1 qmailq qmail 20872 Dec 8 2010 qmail-queue.moved
-rwxr-xr-x 1 qmailq qmail 74344 Dec 8 2010 qmail-queue.orig
-rwsr-xr-x 1 root root 74344 Jul 22 19:57 qmail-queue.orig.backup
-r-x--s--x 1 mhandlers-user popuser 71984 Dec 8 2010 qmail-remote

I changed qmail-queue.orig to this:
-r-xr-sr-x 1 mhandlers-user popuser 74344 Dec 8 2010 qmail-queue.orig

But the problem persist with this kind of mails. May be this file needs other perms?

I tryed uninstalling qmail-scanner and there is no problem. This only happens with qmail-scanner when try to user qmail-queue.orig. May be I need other qmail-scanner.orig file?

Regards...

Gines


Top
 Profile  
Reply with quote  
 Post subject: Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble
Unread postPosted: Mon Jul 25, 2011 9:54 pm 
Offline
Forum User
Forum User

Joined: Mon Aug 30, 2010 1:27 pm
Posts: 13
In order to give more information:

I verified that qmail-queue.orig it's the original qmail-queue from psa-qmail rpm version.

I verified to that qmail-scanner-queue.pl have this configuration line:
my $qmailqueue = '/var/qmail/bin/qmail-queue.orig';

If I think well the problem it's with ownership/perms or this version of qmail-scanner have problems using the original qmail-queue of the actualized version of Plesk 9.5.4 which is:
psa-qmail-1.03-cos5.build95101209.08.x86_64.rpm

There is a patch of Plesk for qmail-smtpd but it's out of this problem.

Regards...

Gines


Top
 Profile  
Reply with quote  
 Post subject: Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble
Unread postPosted: Mon Jul 25, 2011 11:24 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
User avatar

Joined: Thu Feb 07, 2008 7:49 pm
Posts: 4086
Location: Chantilly, VA
I dont think your issue is permissions, as I recall there was a bug in PSAs qmail package. Have you contacted parallels to ask them about this error?

_________________
Michael Shinn
Atomicorp - Security For Everyone


Top
 Profile  
Reply with quote  
 Post subject: Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble
Unread postPosted: Tue Jul 26, 2011 8:40 am 
Offline
Forum User
Forum User

Joined: Mon Aug 30, 2010 1:27 pm
Posts: 13
My hosting provider is Server4You. I asked them now, because when I tried to post a ticket on Parallels they stated that it's a Partner License.

Thanks in advance if somebody have a hint about this.

Regards...

Gines


Top
 Profile  
Reply with quote  
 Post subject: Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble
Unread postPosted: Tue Jul 26, 2011 9:22 am 
Offline
Forum User
Forum User

Joined: Mon Aug 30, 2010 1:27 pm
Posts: 13
Server4you said that they don't support soft not installed by them, because the problem it's with qmail-scanner. Weird.

Any hint will be appreciated.

Regards...

Gines


Top
 Profile  
Reply with quote  
 Post subject: Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble
Unread postPosted: Tue Jul 26, 2011 9:23 am 
Offline
Forum User
Forum User

Joined: Mon Aug 30, 2010 1:27 pm
Posts: 13
The problem isn't with psa qmail, because when I uninstall qmail-scanner there is no problem at all. When I re install error appears again.

Regards...

Gines


Top
 Profile  
Reply with quote  
 Post subject: Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble
Unread postPosted: Tue Jul 26, 2011 9:48 am 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 8329
Location: earth
The illegal seek message is actually coming from the plesk handler, not qmail-scanner. Whats happening is that the handler is not reporting the error message, but does send the error code. That code is picked up and reported by qmail-scanner as an illegal seek.


Top
 Profile  
Reply with quote  
 Post subject: Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble
Unread postPosted: Tue Jul 26, 2011 10:59 am 
Offline
Forum User
Forum User

Joined: Mon Aug 30, 2010 1:27 pm
Posts: 13
There is a way to obtain more information about the error trying to solve the problem? It's fired by qmail-scanner anyway. As I told there is no problem without qmail-scanner.

Regards...

Gines


Top
 Profile  
Reply with quote  
 Post subject: Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble
Unread postPosted: Tue Jul 26, 2011 11:59 am 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 8329
Location: earth
Well I suspect that one (or more) of the plesk handlers is exiting with an error code other than 0. I don't know for sure but I can speculate on the causes there, for example some applications will exit with a code other than 0 or 1 if a DNS lookup fails. If that application is something like SPF that would happen pretty frequently.


Top
 Profile  
Reply with quote  
 Post subject: Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble
Unread postPosted: Tue Jul 26, 2011 2:17 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
User avatar

Joined: Thu Feb 07, 2008 7:49 pm
Posts: 4086
Location: Chantilly, VA
Quote:
Server4you said that they don't support soft not installed by them, because the problem it's with qmail-scanner. Weird.


So what do they want you to do about blocking spam and viruses? Install nothing? :-)

I'd dump them as a hosting company if I were you and find someone that is willing to help you.

_________________
Michael Shinn
Atomicorp - Security For Everyone


Top
 Profile  
Reply with quote  
 Post subject: Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble
Unread postPosted: Tue Jul 26, 2011 5:53 pm 
Offline
Forum User
Forum User

Joined: Mon Aug 30, 2010 1:27 pm
Posts: 13
Scott, I agree with you. But, this SPF problem not abort the queue when qmail-scanner is not installed. May be the problem is with the form used by qmail-scanner to call qmail-queue.orig pipe. By the way, why with this configuration? I never saw this problem with others configurations.

Mike, I suppose they hope I must pay for antivirus/spam licenses installed with Plesk. :-)

Regards...

Gines


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 28 posts ]  Go to page 1, 2  Next

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 4 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group