Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF problem

Forum for getting help with Project Gamera, Spamassassin, Clamav, qmail-scanner and other anti-spam tools.
gines
Forum User
Forum User
Posts: 13
Joined: Mon Aug 30, 2010 1:27 pm

Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble

Unread post by gines »

Nobody saw this before? May be somebody not read logs to see that. This problem lead to lose messages that, by the origin of error may be are spam or bad mails, DNS errors seeking for SPF error, but I don't want to lose a valid mail. My short experience tell me that this exist in a lot of servers with similar configuration.

Only need to seek "Unable" at /usr/local/var/log/maillog. Or as I user excellent rpm of ossec-hids to report at Atomic repo... thanks Scott again.

Regards...

Gines
gines
Forum User
Forum User
Posts: 13
Joined: Mon Aug 30, 2010 1:27 pm

Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble

Unread post by gines »

Scott, you explained that psa handler failed to report to qmail-scanner-queue the error, in this case "DNS Lookup fail". The illegal seek was fired on problem to close pipe, but in previous line of log qmail-scanner can't even open the pipe. May be this is a qmail-scanner problem not handling well an exception.

Sorry if I so wrong, but this error cause problems with some mails and I want to know if exist a solution. This problem can't be only mine.

Regards...

Gines
gines
Forum User
Forum User
Posts: 13
Joined: Mon Aug 30, 2010 1:27 pm

Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble

Unread post by gines »

I post here other portion of logs (of another mail) where spf resolves REJECT, not as previous when not obtain DNS information. qmail-scanner fires an Illegal seek too, but in this case there is no problem to open or close the pipe. If I think well for reject the mail qmail-scanner must use the mail-queue again too.

Jul 27 07:46:40 serverX qmail-queue-handlers[22242]: call_handlers: call exe
cutable = '/usr/local/psa/handlers/info/10-spf-m7If50/executable'
Jul 27 07:46:40 serverX spf filter[22243]: Starting spf filter...
Jul 27 07:46:40 serverX qmail-queue-handlers[22242]: handlers_stderr: REJECT
Jul 27 07:46:40 serverX qmail-queue-handlers[22242]: call_handlers: REJECT d
uring call '/usr/local/psa/handlers/info/10-spf-m7If50/executable' handler
Jul 27 07:46:40 serverX qmail-queue-handlers[22242]: call_handlers: stop cal
l handlers from dir '/usr/local/psa/handlers/before-queue/global'
Jul 27 07:46:40 serverX X-Qmail-Scanner-2.08st: [domainX.net13117
6359879822220] mail server permanently rejected message. (#5.3.0) -
Jul 27 07:46:40 serverX X-Qmail-Scanner-2.08st: [domainX.net131176359879822220] mail server permanently rejected message. (#5.3.0) - Illegal seek

Am I wrong?

Regards...

Gines

PS: Sorry for my english.
gines
Forum User
Forum User
Posts: 13
Joined: Mon Aug 30, 2010 1:27 pm

Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble

Unread post by gines »

I probed manually the spf behaivoir with one of the problematic domains that triggers the DNS Lookup error and obtained that:

/usr/bin/spfquery_static -ip 66.102.13.18 -sender from@m-bgtb.maxmailing.com.ar -rcpt-to to@gmail.com
StartError
Context: Failed to query MAIL-FROM
ErrorCode: (26) DNS lookup failure
Error: Temporary DNS failure for 'm-bgtb.maxmailing.com.ar'.
EndError
(invalid)neutral
Please see http://www.openspf.org/Why?id=from%40m- ... r=spfquery : Reason: default
spfquery: 66.102.13.18 is neither permitted nor denied by domain of m-bgtb.maxmailing.com.ar
Received-SPF: neutral (spfquery: 66.102.13.18 is neither permitted nor denied by domain of m-bgtb.maxmailing.com.ar) client-ip=66.102.13.18; envelope-from=from@m-bgtb.maxmailing.com.ar;

I reproduced here manually, this is the answer that triggers the pipe problem to qmail-scanner, and obtained a delay of 18 seconds at execution time because the problem is with faulty DNS. May be it's a problem with a timeout generating this? Can I manage timeouts on qmail-scanner or qmail-queue?

Regards...

Gines
douglaseggleton
Forum User
Forum User
Posts: 69
Joined: Tue Jul 19, 2011 6:30 am
Location: United Kingdom

Re: Plesk 10 + Centos + qmails-canner

Unread post by douglaseggleton »

Getting hourly emails with a log like the one below:


OSSEC HIDS Notification.
2011 Jul 29 11:38:00

Received From: plesk3->/var/log/psa/maillog
Rule: 1002 fired (level 2) -> "Unknown problem somewhere in the system."
Portion of the log(s):

Jul 29 11:38:00 plesk3 X-Qmail-Scanner-2.08st: [x] Unable to close pipe to /var/qmail/bin/qmail-queue.orig [61] (#4.3.0) - Illegal seek

Been searching the forums and I think this is the closest I could find. Any idea about how to go about fixing this?
douglaseggleton
Forum User
Forum User
Posts: 69
Joined: Tue Jul 19, 2011 6:30 am
Location: United Kingdom

Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble

Unread post by douglaseggleton »

Managed to get mine working. Just had to create the following directory:

/var/qmail/bin/mailnames/.spamassassin with the permissions drwxrwx---

=D No more unable to close pipe errors.
nobody
Forum Regular
Forum Regular
Posts: 349
Joined: Sun Mar 29, 2009 6:52 pm

Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble

Unread post by nobody »

douglaseggleton wrote:Managed to get mine working. Just had to create the following directory:

/var/qmail/bin/mailnames/.spamassassin with the permissions drwxrwx---

=D No more unable to close pipe errors.
So you created directory mailnames and on this dir the file .spamassassin under the /var/qmail/bin ?

Can you send us an ls -la ?

Thanks !
Hello IT.
Phone : Blah Blah ....
Have you tried turning it on and off again ?
Phone : Blah Blah ....
....
I'm sorry, are you from the Past ?!
http://www.youtube.com/watch?v=-E4fm4Wqego
douglaseggleton
Forum User
Forum User
Posts: 69
Joined: Tue Jul 19, 2011 6:30 am
Location: United Kingdom

Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble

Unread post by douglaseggleton »

This only kept it at bay for a while... we are still getting them :(
nobody
Forum Regular
Forum Regular
Posts: 349
Joined: Sun Mar 29, 2009 6:52 pm

Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble

Unread post by nobody »

douglaseggleton wrote:This only kept it at bay for a while... we are still getting them :(
So if we disable the spf protection these errors will stop ?
Hello IT.
Phone : Blah Blah ....
Have you tried turning it on and off again ?
Phone : Blah Blah ....
....
I'm sorry, are you from the Past ?!
http://www.youtube.com/watch?v=-E4fm4Wqego
AntiochInteractive
Forum User
Forum User
Posts: 35
Joined: Thu Jan 08, 2009 4:31 am
Location: Fort Worth, TX
Contact:

Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble

Unread post by AntiochInteractive »

Hey all,

No resolution to this problem was posted -- and in 2015, for the first time ever, I'm having this exact problem on 3 servers with PLESK 12.0.18.

If I disable SPF on all three servers, the error disappears. If I enable SPF and remove qmail-scanner, the error disappears.

As ART-Qmail-Scanner is a solution that is intended to work WITH PLESK - may I be so bold as to suggest that this be resolved?

Scott/ART Team - I can let you guys use one of my servers to test. I know this is an old issue, but perhaps now that I've posted this, others can post their experiences too.
nobody
Forum Regular
Forum Regular
Posts: 349
Joined: Sun Mar 29, 2009 6:52 pm

Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble

Unread post by nobody »

Hello there,

To be honest, i removed qmail. It kinda sucks. I use postfix now and other ways to filter.

Ofcourse if you are using qmail then you have a problem.

Its not the guys fault I believe but the crappy implementation from parallels. They tend to destroy every service they come in touch with ! So then when you add a plugin that was functional on a normal qmail server or some kind of service, it explodes :P

Regards

AntiochInteractive wrote:Hey all,

No resolution to this problem was posted -- and in 2015, for the first time ever, I'm having this exact problem on 3 servers with PLESK 12.0.18.

If I disable SPF on all three servers, the error disappears. If I enable SPF and remove qmail-scanner, the error disappears.

As ART-Qmail-Scanner is a solution that is intended to work WITH PLESK - may I be so bold as to suggest that this be resolved?

Scott/ART Team - I can let you guys use one of my servers to test. I know this is an old issue, but perhaps now that I've posted this, others can post their experiences too.
Hello IT.
Phone : Blah Blah ....
Have you tried turning it on and off again ?
Phone : Blah Blah ....
....
I'm sorry, are you from the Past ?!
http://www.youtube.com/watch?v=-E4fm4Wqego
AntiochInteractive
Forum User
Forum User
Posts: 35
Joined: Thu Jan 08, 2009 4:31 am
Location: Fort Worth, TX
Contact:

Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble

Unread post by AntiochInteractive »

I installed Postfix + Clapf, but had TLS issues for outgoing mail.

I followed many online guides, edited the submission files, etc -- no bueno.

I swapped back because at least qmail worked out of the box and in each step...

I would love to use Postfix though... :|
nobody
Forum Regular
Forum Regular
Posts: 349
Joined: Sun Mar 29, 2009 6:52 pm

Re: Plesk 9.5.4 + Centos + qmails-canner 2.08-5 - SPF proble

Unread post by nobody »

Hello,

In my honest opinion there is only one way to get 99.999% rid of spam.
Try Spamexperts. After you set it up you are done. Plus you get to uninstall anykind of filter from the server and not bother with it. Plus it has a web gui ! :P

Its not the cheapest product though ...

A cheaper solution for you would also be magicspam. Ofcourse its not even close to as good as spamexperts solution is, but it can be way cheaper if you have many domains.

And on Plesk 12 Parallels finally inserted a way to limit outgoing emails for free. So this should pretty much give a better and easier to implement solution.

I hope I helped.


AntiochInteractive wrote:I installed Postfix + Clapf, but had TLS issues for outgoing mail.

I followed many online guides, edited the submission files, etc -- no bueno.

I swapped back because at least qmail worked out of the box and in each step...

I would love to use Postfix though... :|
Hello IT.
Phone : Blah Blah ....
Have you tried turning it on and off again ?
Phone : Blah Blah ....
....
I'm sorry, are you from the Past ?!
http://www.youtube.com/watch?v=-E4fm4Wqego
Post Reply