Hallo,
ich habe ein Problem mit Postfix auf einem root-Server. Ich gehe mal
davon aus, dass sich da jemand Zugang verschafft hat und den nun asl
Spamschleuder verwendet. Deswegen habe ich ihn nun erst mal gestoppt,
aber d.h., dass Mails nicht ankommen, die ankommen müssten. Das Problem
muss also so schnell wie möglich behoben werden.
Die Fehlermeldungen aus /var/log/mailman/error
Mar 04 16:48:41 2008 (8640) Warning: Possible malformed path attack.
Mar 04 16:48:56 2008 (8642) Warning: Possible malformed path attack.
scheint mir das, was ich beobachte noch am besten wiederzugeben.
Ich sende Mails an eine Email-Adresse, die auf dem Server existiert,
aber die Mails kommen nicht an.
Ich fordere von Mailman ein Passwort an und er behautet es geschickt zu
haben und nix passiert.
Ich sende Nachrichten an die Mailingliste und sie kommen nicht an .
Der Mailserver ist exact nacch dem HOWTO auf
http://workaround.org/articles/ispmail-etch/
aufgesetzt und konfiguriert.
Im home-Verzeichnis von vmail waren zwei verzeichnisse für user
angelegt, die es garnicht gibt.
Wie am Besten vorgehen um den Mailserver wieder flott zu machen und den
Fehler zu finden?
Einen kleinen Auszug aus mail.log hänge ich an..
Viele Grüße ..
Wolfgang
Mar 6 06:38:58 server postfix/smtp[32631]: 42ACA40C8D0: to=<[EMAIL PROTECTED]>, relay=127.0.0.1[127.0.0.1]:10024, delay=56519, delays=3.9/56193/0.01/322, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=00355-06, virus_scan FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: Datei oder Verzeichnis nicht gefunden) at (eval 48) line 268.; ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 48) line 462. (in reply to end of DATA command))
Mar 6 06:38:59 server amavis[355]: (00355-07) (!) ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: Datei oder Verzeichnis nicht gefunden, retrying (2)
Mar 6 06:39:05 server amavis[355]: (00355-07) (!!) ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: Datei oder Verzeichnis nicht gefunden) at (eval 48) line 268.
Mar 6 06:39:05 server amavis[355]: (00355-07) (!!) WARN: all primary virus scanners failed, considering backups
Mar 6 06:39:19 server amavis[682]: (00682-01) (!) /usr/bin/clamscan is taking longer than 315 s and will be killed
Mar 6 06:39:19 server amavis[682]: (00682-01) (!) killing process [684] running /usr/bin/clamscan
Mar 6 06:39:19 server amavis[682]: (00682-01) (!) run_av: timed out
Mar 6 06:39:19 server amavis[682]: (00682-01) (!!) ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 48) line 462.
Mar 6 06:39:19 server amavis[682]: (00682-01) (!!) TROUBLE in check_mail: virus_scan FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: Datei oder Verzeichnis nicht gefunden) at (eval 48) line 268.; ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 48) line 462.
Mar 6 06:39:19 server amavis[682]: (00682-01) (!) PRESERVING EVIDENCE in /var/lib/amavis/tmp/amavis-20080306T063356-00682
Mar 6 06:39:19 server postfix/smtp[415]: 1FA1E40C8D1: to=<[EMAIL PROTECTED]>, relay=127.0.0.1[127.0.0.1]:10024, delay=56136, delays=71/55742/0.22/322, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=00682-01, virus_scan FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: Datei oder Verzeichnis nicht gefunden) at (eval 48) line 268.; ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 48) line 462. (in reply to end of DATA command))
Mar 6 06:39:20 server amavis[682]: (00682-02) (!) ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: Datei oder Verzeichnis nicht gefunden, retrying (2)
Mar 6 06:39:26 server amavis[682]: (00682-02) (!!) ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: Datei oder Verzeichnis nicht gefunden) at (eval 48) line 268.
Mar 6 06:39:26 server amavis[682]: (00682-02) (!!) WARN: all primary virus scanners failed, considering backups
Mar 6 06:43:23 server postfix/qmgr[27582]: 753C840C897: from=<>, size=9663, nrcpt=1 (queue active)
Mar 6 06:43:23 server postfix/qmgr[27582]: 8257940C80D: from=<[EMAIL PROTECTED]>, size=1214, nrcpt=1 (queue active)
Mar 6 06:43:23 server postfix/qmgr[27582]: 9602240C3B2: from=<>, size=5052, nrcpt=1 (queue active)
Mar 6 06:43:23 server postfix/qmgr[27582]: 9393240C80A: from=<[EMAIL PROTECTED]>, size=4298, nrcpt=1 (queue active)
Mar 6 06:43:23 server postfix/qmgr[27582]: 9444740C565: from=<[EMAIL PROTECTED]>, size=1996, nrcpt=1 (queue active)
Mar 6 06:43:23 server postfix/qmgr[27582]: 0454040C922: from=<>, size=7982, nrcpt=1 (queue active)
Mar 6 06:43:23 server postfix/qmgr[27582]: 6290340C946: from=<>, size=10662, nrcpt=1 (queue active)
Mar 6 06:43:23 server postfix/smtp[713]: warning: numeric domain name in resource data of MX record for myfirstmail.com: 68.178.232.100
Mar 6 06:43:23 server postfix/qmgr[27582]: 6664C40C156: from=<[EMAIL PROTECTED]>, size=7644, nrcpt=1 (queue active)
Mar 6 06:43:23 server postfix/qmgr[27582]: 52F5B40C068: from=<[EMAIL PROTECTED]>, size=1168, nrcpt=1 (queue active)
Mar 6 06:43:23 server postfix/smtp[716]: 6290340C946: host gateway-f2.isp.att.net[207.115.11.16] refused to talk to me: 550-81.169.153.234 blocked by ldap:ou=rblmx,dc=bellsouth,dc=net 550 Blocked for abuse. See http://www.att.net/bls_rbl/ for information.
Mar 6 06:43:24 server postfix/smtp[716]: 6290340C946: to=<[EMAIL PROTECTED]>, relay=gateway-f1.isp.att.net[204.127.217.16]:25, delay=112803, delays=112802/0.04/0.67/0, dsn=4.0.0, status=deferred (host gateway-f1.isp.att.net[204.127.217.16] refused to talk to me: 550-81.169.153.234 blocked by ldap:ou=rblmx,dc=bellsouth,dc=net 550 Blocked for abuse. See http://www.att.net/bls_rbl/ for information.)
Mar 6 06:43:26 server postfix/smtp[715]: connect to mail.escsc.com.cn[124.193.126.26]: Connection refused (port 25)
Mar 6 06:43:26 server postfix/smtp[715]: 0454040C922: to=<[EMAIL PROTECTED]>, relay=none, delay=182755, delays=182753/0.07/2.5/0, dsn=4.4.1, status=deferred (connect to mail.escsc.com.cn[124.193.126.26]: Connection refused)
Mar 6 06:43:53 server postfix/smtp[713]: connect to 68.178.232.100[68.178.232.100]: Connection timed out (port 25)
Mar 6 06:43:53 server postfix/smtp[714]: connect to pinkponk.com[213.229.249.143]: Connection timed out (port 25)
Mar 6 06:43:53 server postfix/smtp[714]: 9602240C3B2: to=<[EMAIL PROTECTED]>, relay=none, delay=47758, delays=47728/0.04/30/0, dsn=4.4.1, status=deferred (connect to pinkponk.com[213.229.249.143]: Connection timed out)
Mar 6 06:44:20 server amavis[355]: (00355-07) (!) /usr/bin/clamscan is taking longer than 315 s and will be killed
Mar 6 06:44:20 server amavis[355]: (00355-07) (!) killing process [708] running /usr/bin/clamscan
Mar 6 06:44:20 server amavis[355]: (00355-07) (!) run_av: timed out
Mar 6 06:44:20 server amavis[355]: (00355-07) (!!) ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 48) line 462.
Mar 6 06:44:20 server amavis[355]: (00355-07) (!!) TROUBLE in check_mail: virus_scan FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: Datei oder Verzeichnis nicht gefunden) at (eval 48) line 268.; ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 48) line 462.
Mar 6 06:44:20 server amavis[355]: (00355-07) (!) PRESERVING EVIDENCE in /var/lib/amavis/tmp/amavis-20080306T063858-00355
--
Linux mailing list [email protected]
subscribe/unsubscribe: http://lug-owl.de/mailman/listinfo/linux
Hinweise zur Nutzung: http://www.lug-owl.de/Mailingliste/hints.epo
