Hi Thomas, Thank you for the very in depth responses. You're a star as always. I'll give them a proper review later.
My first thought is that the monitoring script that I use only checks that it can open a connection. It doesn't authenticate and doesn't attempt to do anything with the connection. I wouldn't have thought that an unauthenticated connection would be able to have any impact on the configuration as that seems like a significant security issue. The monitoring script runs every 60s not five minutes, I did previously look at SNMP but couldn't get any results so I'll add that to the high priority list. I use that script as it has other monitors in such as queue length, MTA monitoring and some system admin tasks. We will definitely stop using the root login though. Strange how we haven't seen any issues at all until last week. All the best, Colin Waring On 10 Mar 2015 10:38, Thomas Eckardt <thomas.ecka...@thockar.com> wrote: Colin - I find it hard to believe. You brought home the bacon. :):):) NEVER EVER use the web listerner 55555 to monitor assp - this can lead in to unexpected config changes or config reloads - in worth case you can lose parts or the complete configuration. These are very BASIC IT rules - and they also applies to assp: Don't login to assp as 'root'. Use 'root' only, if you need to access restricted configuration parameters. NEVER forget to use the 'logout' button in the GUI - especially NOT if root is logged on! >2015-03-09 09:38:34 [Main_Thread] Option list file: '/usr/local/assp/files/localdomains.txt' reloaded (localDomains) with 106 records >2015-03-09 09:43:33 [Main_Thread] Adminupdate: [root 192.168.11.13] file '/usr/local/assp/files/localdomains.txt' for config 'localDomains' >2015-03-09 21:37:10 [Main_Thread] Option list file: '/usr/local/assp/files/localdomains.txt' reloaded (localDomains) with 104 records >2015-03-09 21:42:11 [Main_Thread] Adminupdate: [root 192.168.11.13] file '/usr/local/assp/files/localdomains.txt' for config 'localDomains' exactly 5 minutes difference - Colin, can you remember about this 5 minutes - is it an accidental circumstance, that the monitor to port 55555 is running every 5 minutes ?? But - it is NOT a accidental circumstance, that the last root web-session was not logged out! all has been said >2015-03-09 00:04:33 [Main_Thread] Info: added schedule : BlockReport - for : *@domain.tld=>*=>1=> - at : 0 0,4,8,12,16,20 * * * - next run is at : 2015-03-09 04:00:00 this is normal - the MaintThread has changed the file after the blockreport is done >2015-03-09 02:42:11 [Main_Thread] Option list file: '/usr/local/assp/files/droplist.txt' reloaded (droplist) with 658 records this is normal - the MaintThread has download the file >This is a huge problem, as localdomains errors cause mail to be incorrectly rejected and leads to serious complaints. If I can't resolve this within the next few days I'm likely to have to switch to a different product which I really don't want to do. good luck Thomas Von: Colin Waring <co...@dolphinict.co.uk> An: ASSP development mailing list <assp-test@lists.sourceforge.net> Datum: 10.03.2015 10:05 Betreff: Re: [Assp-test] Localdomains stopping working Hi again, This looks to be a more serious issue now affecting other config files. It appears that ASSP reloads the flat files and gets the entries wrong. 192.168.11.X is my home office subnet that is allowed access to the admin interface via VPN. This brings up two things. 1) At first glance it looks like ASSP is incorrectly and sometimes partially reloading the localdomains file whenever a setting is changed via the admin interface. Localdomains.txt did not change at all yesterday yet we have differing numbers of entries indicating the file was only partially loaded. 2) The first entry at 00:34:50 is impossible. The router for 192.168.11.X was turned off at approximately 22:30 and not turned back on until 07:00 therefore there could not have been any admin update from the 192.168.11.X subnet. 3) None of these coincide with actual connections to the admin interface. There are no logs preceding that say "IP 192.168.11.X matches allAdminConnectionsFrom". The only admin connections to this instance were at 2015-03-08 14:42:01 from .11 and 2015-03-09 08:02:14 from .13 2015-03-09 00:34:50 [Main_Thread] Adminupdate: [root 192.168.11.11] file '/usr/local/assp/files/localdomains.txt' for config 'localDomains' was changed 2015-03-09 00:34:50 [Main_Thread] Option list file: '/usr/local/assp/files/localdomains.txt' reloaded (localDomains) with 139 records 2015-03-09 09:38:34 [Main_Thread] Adminupdate: [root 192.168.11.13] file '/usr/local/assp/files/localdomains.txt' for config 'localDomains' was changed 2015-03-09 09:38:34 [Main_Thread] Option list file: '/usr/local/assp/files/localdomains.txt' reloaded (localDomains) with 106 records 2015-03-09 09:43:33 [Main_Thread] Adminupdate: [root 192.168.11.13] file '/usr/local/assp/files/localdomains.txt' for config 'localDomains' was changed 2015-03-09 09:43:33 [Main_Thread] Option list file: '/usr/local/assp/files/localdomains.txt' reloaded (localDomains) with 139 records 2015-03-09 16:04:02 [Main_Thread] Adminupdate: [root 192.168.11.13] file '/usr/local/assp/files/localdomains.txt' for config 'localDomains' was changed 2015-03-09 16:04:02 [Main_Thread] Option list file: '/usr/local/assp/files/localdomains.txt' reloaded (localDomains) with 139 records 2015-03-09 21:37:10 [Main_Thread] Adminupdate: [root 192.168.11.13] file '/usr/local/assp/files/localdomains.txt' for config 'localDomains' was changed 2015-03-09 21:37:10 [Main_Thread] Option list file: '/usr/local/assp/files/localdomains.txt' reloaded (localDomains) with 104 records 2015-03-09 21:42:11 [Main_Thread] Adminupdate: [root 192.168.11.13] file '/usr/local/assp/files/localdomains.txt' for config 'localDomains' was changed 2015-03-09 21:42:11 [Main_Thread] Option list file: '/usr/local/assp/files/localdomains.txt' reloaded (localDomains) with 139 records Digging more into the first entry I get: 2015-03-09 00:34:50 [Main_Thread] Saving config 2015-03-09 00:34:50 [Main_Thread] Info: no configuration changes detected - nothing to save - file /usr/local/assp/assp.cfg is unchanged 2015-03-09 00:34:50 [Main_Thread] Adminupdate: [root 192.168.11.11] file '/usr/local/assp/files/localdomains.txt' for config 'localDomains' was changed 2015-03-09 00:34:50 [Main_Thread] Option list file: '/usr/local/assp/files/localdomains.txt' reloaded (localDomains) with 139 records I also see the following indicating that the same problem may be affecting other config files. The block report file, like the localdomains file has not changed at all for days (and certainly wouldn't have been changed at midnight) yet there is an entry indicating the addition of a line that has been there for years. 2015-03-09 00:04:33 [Main_Thread] Saving config 2015-03-09 00:04:33 [Main_Thread] Info: no configuration changes detected - nothing to save - file /usr/local/assp/assp.cfg is unchanged 2015-03-09 00:04:33 [Main_Thread] Adminupdate: [root 192.168.11.11] file '/usr/local/assp/files/blockreportuser.txt' for config 'BlockReportFile' was changed 2015-03-09 00:04:33 [Main_Thread] Info: added schedule : BlockReport - for : *@domain.tld=>*=>1=> - at : 0 0,4,8,12,16,20 * * * - next run is at : 2015-03-09 04:00:00 2015-03-09 02:42:11 [Main_Thread] Saving config 2015-03-09 02:42:11 [Main_Thread] Info: no configuration changes detected - nothing to save - file /usr/local/assp/assp.cfg is unchanged 2015-03-09 02:42:11 [Main_Thread] Adminupdate: [root 192.168.11.11] file '/usr/local/assp/files/droplist.txt' for config 'droplist' was changed 2015-03-09 02:42:11 [Main_Thread] Option list file: '/usr/local/assp/files/droplist.txt' reloaded (droplist) with 658 records I can only presume that the IP address being listed is simply the last address logged as connecting to the web admin interface rather than the real reason that triggered the reload. This is a huge problem, as localdomains errors cause mail to be incorrectly rejected and leads to serious complaints. If I can't resolve this within the next few days I'm likely to have to switch to a different product which I really don't want to do. All the best, Colin Waring. -----Original Message----- From: Colin [mailto:colin.war...@gmail.com] Sent: 03 March 2015 17:44 To: ASSP development mailing list Subject: [Assp-test] Localdomains stopping working Howdy, We've had this a couple of times in the last week or so: 2015-03-03 15:17:15 [Main_Thread] Saving config 2015-03-03 15:17:15 [Main_Thread] Info: no configuration changes detected - nothing to save - file /usr/local/assp/assp.cfg is unchanged 2015-03-03 15:17:15 [Main_Thread] Adminupdate: [root ] file '/usr/local/assp/files/localdomains.txt' for config 'localDomains' was changed 2015-03-03 15:17:15 [Main_Thread] Option list file: '/usr/local/assp/files/localdomains.txt' reloaded (localDomains) with 104 records On the face of it, looks fine as it loads all the entries but after this point ASSP acts as though the file is empty. All inbound mail gets bounced with: [SMTP Error] 530 Relaying not allowed (enable smtp authentication on your email client) I've verified with the MTA that this isn't an MTA error, ASSP is generating this before passing the connection on to it. The localdomains.txt file is updated automatically by a script so that could be the trigger for the reload. Any thoughts? ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test DISCLAIMER: ******************************************************* This email and any files transmitted with it may be confidential, legally privileged and protected in law and are intended solely for the use of the individual to whom it is addressed. This email was multiple times scanned for viruses. There should be no known virus in this email! ******************************************************* ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test
