Zimbra

rmvg · #1 (**permalink**) 07-19-2007, 11:56 PM

when i send myself a message it seems to get stuck and the number of mails in the queue is growing i do not think anything is being delivered i have tried to flush the queue again no mails are delivered. the only thing i have changed was a seemingly unrelated server hostname on another machine.

I changed the hostname from new.computerking.ca to computerking.ca. Could this have an effect on the main mail server shoemasters.com which serves mail for computerking.ca which also has a simple postfix mail server on it.

here are the mx records of the computerking domain they are the same for all my domains

;------------------------------------------------------------------------------
; MAIL EXCHANGERS
;------------------------------------------------------------------------------
computerking.ca. IN MX 10 shoemasters.com.
computerking.ca. IN MX 20 mx1.canmail.org.
computerking.ca. IN MX 30 mail1.computerking.ca.

mail1.computerking.ca. IN A 68.146.1.51

I am running zimbra version

Release 3.1.4_GA_518.FC3_20060626143230 FC3 FOSS edition

because i think it is last version that works with

Linux shoemasters.com 2.6.12-1.1381_FC3 #1 Fri Oct 21 03:46:55 EDT 2005 i686 i686 i386 GNU/Linux

here are some log outputs please help

Jul 19 23:46:47 shoemasters postfix/smtpd[5491]: connect from web37903.mail.mud.yahoo.com[209.191.91.165]
Jul 19 23:46:47 shoemasters postfix/smtpd[5491]: A979B7C46CC: client=web37903.mail.mud.yahoo.com[209.191.91.165]
Jul 19 23:46:48 shoemasters postfix/cleanup[5995]: A979B7C46CC: message-id=<395988.57625.qm@web37903.mail.mud.yahoo.com>
Jul 19 23:46:48 shoemasters postfix/qmgr[1668]: A979B7C46CC: from=<vanginnekenr@yahoo.com>, size=2484, nrcpt=1 (queue active)
Jul 19 23:46:48 shoemasters postfix/smtpd[5491]: disconnect from web37903.mail.mud.yahoo.com[209.191.91.165]

or this

Jul 19 23:48:56 shoemasters postfix/qmgr[1668]: 2D5427C46B0: to=<luck@computerking.ca>, relay=none, delay=0, status=deferred (delivery temporarily suspended: conversation with 127.0.0.1[127.0.0.1] timed out while sending end of data -- message may be sent more than once)
Jul 19 23:48:56 shoemasters postfix/qmgr[1668]: 2D5427C46B0: to=<luck@computerking.ca>, orig_to=<maillist@computerking.ca>, relay=none, delay=0, status=deferred (delivery temporarily suspended: conversation with 127.0.0.1[127.0.0.1] timed out while sending end of data -- message may be sent more than once)

phoenix · #2 (**permalink**) 07-20-2007, 12:19 AM

Quote:

Originally Posted by rmvg

I changed the hostname from new.computerking.ca to computerking.ca. Could this have an effect on the main mail server shoemasters.com which serves mail for computerking.ca which also has a simple postfix mail server on it.

Yes, that's quite likely to be the problem. You should have a Split Domain set-up if you have two mailservers in your domain.

rmvg · #3 (**permalink**) 07-20-2007, 01:57 PM

I read and reread the split domain setup you mentioned in your last post. I am a bit confused as to what is suggested there. While i was reading the wiki page i decieded to revise my dns for the computerking.ca domain it was a bit messy so i deleted all the uneeded records and now i am recieving mails again whew just in time one was for an upcoming job interview.

I understand the security flaws involved in with the backup mx stuff and am very intrested in setting up the split domain config for a backup server. However I do not quite understand how to do so i must mention that on the secondary server computerking.ca (running FreeBSD) there is no Zimbra only a basic postfix server.

I have the postfix server hostname set to mail1.computerking.ca because this is the name of a backup mx in my dns records for all domains that i host. This seems to work fine as when i send a mail to luck@computerking.ca postfix does not try to accept it but instead sends it on to the shoemasters.com Zimbra server as it should due to the mx records for the computerking.ca domain

;------------------------------------------------------------------------------
; MAIL EXCHANGERS
;------------------------------------------------------------------------------
computerking.ca. IN MX 10 shoemasters.com.
computerking.ca. IN MX 20 mx1.canmail.org.
computerking.ca. IN MX 30 mail1.computerking.ca.

here is the output of the postfix server log on computerking.ca

Code:

Jul 20 12:07:40 computerking postfix/pickup[34733]: 9F0C65CD7: uid=0 from=<root>
Jul 20 12:07:40 computerking postfix/cleanup[36754]: 9F0C65CD7: message-id=<20070720190740.9F0C65CD7@mail1.computerking.ca>
Jul 20 12:07:40 computerking postfix/qmgr[2159]: 9F0C65CD7: from=<root@mail1.computerking.ca>, size=350, nrcpt=1 (queue active)
Jul 20 12:07:42 computerking postfix/smtp[36756]: 9F0C65CD7: to=<luck@computerking.ca>, relay=shoemasters.com[68.144.188.169]:25, delay=1.9, delays=0.08/0.04/1.8/0.07, dsn=2.0.0, status=sent (250 Ok: queued as B52B17C46A5)
Jul 20 12:07:42 computerking postfix/qmgr[2159]: 9F0C65CD7: removed

Here is the incoming mail from computerking.ca to shoemasters.com i think there is a couple messages hitting the server at once here so i pasted the whole thing as there are some errors about tls and the like

Code:

Jul 20 13:14:54 shoemasters postfix/smtpd[693]: initializing the server-side TLS engine
Jul 20 13:14:54 shoemasters postfix/smtpd[693]: warning: cannot get private key from file /opt/zimbra/conf/smtpd.key
Jul 20 13:14:54 shoemasters postfix/smtpd[693]: warning: TLS library problem: 693:error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch:x509_cmp.c:389:
Jul 20 13:14:54 shoemasters postfix/smtpd[693]: cannot load RSA certificate and key data
Jul 20 13:14:54 shoemasters postfix/smtpd[693]: connect from mail1-4.protusfax.com[209.5.242.14]
Jul 20 13:14:55 shoemasters postfix/trivial-rewrite[32005]: warning: do not list domain shoemasters.com in BOTH mydestination and virtual_mailbox_domains
Jul 20 13:14:55 shoemasters postfix/smtpd[693]: 0F0297C46A4: client=mail1-4.protusfax.com[209.5.242.14]
Jul 20 13:14:55 shoemasters postfix/cleanup[315]: 0F0297C46A4: message-id=<200772054451_MabryMail_64011843@protus.com>
Jul 20 13:14:55 shoemasters postfix/qmgr[1668]: 0F0297C46A4: from=<noreply.ipfax@telus.net>, size=126890, nrcpt=1 (queue active)
Jul 20 13:14:55 shoemasters amavis[17064]: (17064-09) ESMTP::10024 /opt/zimbra/amavisd/tmp/amavis-20070720T115520-17064: <noreply.ipfax@telus.net> -> <hill@shoemasters.com> Received: SIZE=126890 from shoemasters.com ([127.0.0.1]) by localhost (shoemasters.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 17064-09 for <hill@shoemasters.com>; Fri, 20 Jul 2007 13:14:55 -0700 (MST)
Jul 20 13:14:55 shoemasters postfix/smtpd[314]: connect from computerking.ca[68.144.1.51]
Jul 20 13:14:55 shoemasters postfix/smtpd[693]: disconnect from mail1-4.protusfax.com[209.5.242.14]
Jul 20 13:14:55 shoemasters postfix/smtpd[314]: B52B17C46A5: client=computerking.ca[68.144.1.51]
Jul 20 13:14:55 shoemasters amavis[17064]: (17064-09) Checking: 65tkTJp7S-rU [209.5.242.14] <noreply.ipfax@telus.net> -> <hill@shoemasters.com>
Jul 20 13:14:55 shoemasters postfix/cleanup[315]: B52B17C46A5: message-id=<20070720190740.9F0C65CD7@mail1.computerking.ca>
Jul 20 13:14:55 shoemasters postfix/qmgr[1668]: B52B17C46A5: from=<root@mail1.computerking.ca>, size=545, nrcpt=1 (queue active)
Jul 20 13:14:55 shoemasters postfix/smtpd[314]: disconnect from computerking.ca[68.144.1.51]
Jul 20 13:14:55 shoemasters amavis[18941]: (18941-09) ESMTP::10024 /opt/zimbra/amavisd/tmp/amavis-20070720T120321-18941: <root@mail1.computerking.ca> -> <luck@computerking.ca> Received: SIZE=545 from shoemasters.com ([127.0.0.1]) by localhost (shoemasters.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 18941-09 for <luck@computerking.ca>; Fri, 20 Jul 2007 13:14:55 -0700 (MST)
Jul 20 13:14:55 shoemasters amavis[18941]: (18941-09) Checking: jOP6y9Yl5Mkc [68.144.1.51] <root@mail1.computerking.ca> -> <luck@computerking.ca>
Jul 20 13:14:55 shoemasters amavis[17064]: (17064-09) spam_scan: not wasting time on SA, message longer than 65536 bytes: 687+124530
Jul 20 13:14:55 shoemasters postfix/smtpd[699]: initializing the server-side TLS engine
Jul 20 13:14:55 shoemasters postfix/smtpd[699]: warning: cannot get private key from file /opt/zimbra/conf/smtpd.key
Jul 20 13:14:55 shoemasters postfix/smtpd[699]: warning: TLS library problem: 699:error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch:x509_cmp.c:389:
Jul 20 13:14:55 shoemasters postfix/smtpd[699]: cannot load RSA certificate and key data
Jul 20 13:14:55 shoemasters postfix/smtpd[699]: connect from localhost.localdomain[127.0.0.1]
Jul 20 13:14:55 shoemasters postfix/trivial-rewrite[32005]: warning: do not list domain shoemasters.com in BOTH mydestination and virtual_mailbox_domains
Jul 20 13:14:55 shoemasters postfix/smtpd[699]: E31237C46A7: client=localhost.localdomain[127.0.0.1]
Jul 20 13:14:55 shoemasters postfix/cleanup[315]: E31237C46A7: message-id=<200772054451_MabryMail_64011843@protus.com>
Jul 20 13:14:55 shoemasters postfix/qmgr[1668]: E31237C46A7: from=<noreply.ipfax@telus.net>, size=127321, nrcpt=1 (queue active)
Jul 20 13:14:55 shoemasters amavis[17064]: (17064-09) FWD via SMTP: <noreply.ipfax@telus.net> -> <hill@shoemasters.com>, 250 2.6.0 Ok, id=17064-09, from MTA([127.0.0.1]:10025): 250 Ok: queued as E31237C46A7
Jul 20 13:14:55 shoemasters amavis[17064]: (17064-09) Passed CLEAN, [209.5.242.14] [209.5.242.14] <noreply.ipfax@telus.net> -> <hill@shoemasters.com>, Message-ID: <200772054451_MabryMail_64011843@protus.com>, mail_id: 65tkTJp7S-rU, Hits: -, 315 ms
Jul 20 13:14:55 shoemasters amavis[17064]: (17064-09) extra modules loaded: Net/LDAP/Bind.pm
Jul 20 13:14:55 shoemasters postfix/smtp[316]: 0F0297C46A4: to=<hill@shoemasters.com>, orig_to=<info@shoemasters.com>, relay=127.0.0.1[127.0.0.1], delay=1, status=sent (250 2.6.0 Ok, id=17064-09, from MTA([127.0.0.1]:10025): 250 Ok: queued as E31237C46A7)
Jul 20 13:14:55 shoemasters postfix/smtpd[699]: disconnect from localhost.localdomain[127.0.0.1]
Jul 20 13:14:55 shoemasters postfix/qmgr[1668]: 0F0297C46A4: removed
Jul 20 13:14:56 shoemasters postfix/lmtp[701]: E31237C46A7: to=<hill@shoemasters.com>, relay=shoemasters.com[68.144.188.169], delay=1, status=sent (250 2.1.5 OK)
Jul 20 13:14:56 shoemasters postfix/qmgr[1668]: E31237C46A7: removed
Jul 20 13:14:56 shoemasters postfix/smtpd[699]: connect from localhost.localdomain[127.0.0.1]
Jul 20 13:14:56 shoemasters postfix/smtpd[699]: 62C347C46A4: client=localhost.localdomain[127.0.0.1]
Jul 20 13:14:56 shoemasters postfix/cleanup[315]: 62C347C46A4: message-id=<20070720190740.9F0C65CD7@mail1.computerking.ca>
Jul 20 13:14:56 shoemasters postfix/qmgr[1668]: 62C347C46A4: from=<root@mail1.computerking.ca>, size=1354, nrcpt=1 (queue active)
Jul 20 13:14:56 shoemasters postfix/smtpd[699]: disconnect from localhost.localdomain[127.0.0.1]
Jul 20 13:14:56 shoemasters amavis[18941]: (18941-09) FWD via SMTP: <root@mail1.computerking.ca> -> <luck@computerking.ca>, 250 2.6.0 Ok, id=18941-09, from MTA([127.0.0.1]:10025): 250 Ok: queued as 62C347C46A4
Jul 20 13:14:56 shoemasters amavis[18941]: (18941-09) Passed CLEAN, [68.144.1.51] [68.144.1.51] <root@mail1.computerking.ca> -> <luck@computerking.ca>, Message-ID: <20070720190740.9F0C65CD7@mail1.computerking.ca>, mail_id: jOP6y9Yl5Mkc, Hits: -4.108, 636 ms
Jul 20 13:14:56 shoemasters amavis[18941]: (18941-09) extra modules loaded: Net/LDAP/Bind.pm
Jul 20 13:14:56 shoemasters postfix/smtp[694]: B52B17C46A5: to=<luck@computerking.ca>, relay=127.0.0.1[127.0.0.1], delay=1, status=sent (250 2.6.0 Ok, id=18941-09, from MTA([127.0.0.1]:10025): 250 Ok: queued as 62C347C46A4)
Jul 20 13:14:56 shoemasters postfix/qmgr[1668]: B52B17C46A5: removed
Jul 20 13:14:56 shoemasters postfix/lmtp[701]: 62C347C46A4: to=<luck@computerking.ca>, relay=shoemasters.com[68.144.188.169], delay=0, status=sent (250 2.1.5 OK)
Jul 20 13:14:56 shoemasters postfix/qmgr[1668]: 62C347C46A4: removed

Also i am getting all sorts of wierd traffic trying to use the server at computerking.ca like this

Code:

Jul 20 12:07:40 computerking postfix/pickup[34733]: 9F0C65CD7: uid=0 from=<root>
Jul 20 12:07:40 computerking postfix/cleanup[36754]: 9F0C65CD7: message-id=<20070720190740.9F0C65CD7@mail1.computerking.ca>
Jul 20 12:07:40 computerking postfix/qmgr[2159]: 9F0C65CD7: from=<root@mail1.computerking.ca>, size=350, nrcpt=1 (queue active)
Jul 20 12:07:42 computerking postfix/smtp[36756]: 9F0C65CD7: to=<luck@computerking.ca>, relay=shoemasters.com[68.144.188.169]:25, delay=1.9, delays=0.08/0.04/1.8/0.07, dsn=2.0.0, status=sent (250 Ok: queued as B52B17C46A5)
Jul 20 12:07:42 computerking postfix/qmgr[2159]: 9F0C65CD7: removed
^C
[c0mputerking@computerking ~]$ tail -f /var/log/maillog
Jul 20 12:18:35 computerking postfix/smtpd[37148]: lost connection after RCPT from unknown[200.114.19.140]
Jul 20 12:18:35 computerking postfix/smtpd[37148]: disconnect from unknown[200.114.19.140]
Jul 20 12:19:27 computerking postfix/smtpd[37148]: connect from unknown[200.114.19.140]
Jul 20 12:19:30 computerking postfix/smtpd[37148]: NOQUEUE: reject: RCPT from unknown[200.114.19.140]: 554 5.7.1 <quyen@shoemasters.com>: Relay access denied; from=<ychronography@denshirenji.jp> to=<quyen@shoemasters.com> proto=SMTP helo=<denshirenji.jp>
Jul 20 12:19:31 computerking postfix/smtpd[37148]: lost connection after RCPT from unknown[200.114.19.140]
Jul 20 12:19:31 computerking postfix/smtpd[37148]: disconnect from unknown[200.114.19.140]
Jul 20 12:22:51 computerking postfix/anvil[37150]: statistics: max connection rate 2/60s for (smtp:200.114.19.140) at Jul 20 12:19:27
Jul 20 12:22:51 computerking postfix/anvil[37150]: statistics: max connection count 1 for (smtp:200.114.19.140) at Jul 20 12:18:34
Jul 20 12:22:51 computerking postfix/anvil[37150]: statistics: max cache size 1 at Jul 20 12:18:34
Jul 20 12:46:22 computerking postfix/smtpd[38315]: connect from pc-189-24-214-201.cm.vtr.net[201.214.24.189]
Jul 20 12:50:15 computerking postfix/smtpd[38320]: connect from host86-132-157-8.range86-132.btcentralplus.com[86.132.157.8]
Jul 20 12:50:15 computerking postfix/smtpd[38320]: lost connection after CONNECT from host86-132-157-8.range86-132.btcentralplus.com[86.132.157.8]
Jul 20 12:50:15 computerking postfix/smtpd[38320]: disconnect from host86-132-157-8.range86-132.btcentralplus.com[86.132.157.8]
Jul 20 12:51:38 computerking postfix/smtpd[38315]: NOQUEUE: reject: RCPT from pc-189-24-214-201.cm.vtr.net[201.214.24.189]: 554 5.7.1 <king@canmail.org>: Relay access denied; from=<richard@quitsmokeless.biz> to=<king@canmail.org> proto=ESMTP helo=<friend>

I am afraid to begin accepting email for the backup domains as i am already recieving mail for stuff that is the second or third mx record for the domain the spammers are sending to. The split server setup seem to look more secure i hope i can figure it out.

Zimbra

Downloads

Product Information

Toolbox

Why Join?