It turns out I have to apply the changes suggested by Alex:
# cd /var/qmail/bin # rm -f qmail-queue; ln -s qmail-queue.orig qmail-queue Some users reported that they can't receive email from gmail. It's a strange situation. I tried to send from gmail to myself, it works. But if I send to my another ID (this ID will always forward email to my current ID), then it will bounce back with error with "*554 mail server permanently rejected message (#5.3.0)"* even though I've turned off spf checking. So may be the qmail-dk problem also related to my previous problem (status 256 error). Best regards, Bill On 12/13/06, Bill Kwok <[EMAIL PROTECTED]> wrote:
On 12/13/06, Eric Shubes <[EMAIL PROTECTED]> wrote: > > Bill Kwok wrote: > > Hi Eric, > > > > My situation was strange. Let me give you detail on my server: > > > <snip> > > > > All of them are the current version of qt, except I've also installed > > Espinoza's qmail-toaster-1.03-1.3.8 so that I can use submission port. > > > > All processes were running fine. When I receive complaints from > users, > > I couldn't find any hint. The only thing looked abnormal is large > > number of status 256 error logged at smtp log. > > I've noticed some 256 errors too that I can't explain. Been wondering > about > them, but I haven't noticed any email not being received, so I haven't > been > able to track them down. I just figured they were spam. > > > To make sure they are not blocked by spamassassin or RBL, I added > > certain IP, which I trusted, to my tcp.smtp( > > <IP>:allow,RBLSMTPD="",RELAYCLIENT=""), but the situation didn't > changed. > > Good move. > You remembered to rebuild the cdb file, I presume. Yes, I did. > To minimize the chance of timeout issue, my blacklists was changed to > > include only one entry: > > # cat blacklists > > -r sbl-xbl.spamhaus.org > > The RBLSMTPD="" above should have taken care of turning off RBL > checking. > You remembered to restart qmail after this change, I hope. Yes, I did that too. > In the beginning, I also thought that the status 256 should be sort of > > timeout stuff. After further studying my smtp log, I found status 256 > > > in different situations: > > > > 1. The smtp log only showed a connection, but the process ended > very > > soon: > > Nov30 18:19:43 tcpserver: status: 1/100 > > Nov30 18:19:43 tcpserver: pid 8856 from [sender IP] > > Nov30 18:19:43 tcpserver: ok 8856 [mydomain]:[my IP]:25 :[sender > > IP]::47596 > > Nov30 18:19:43 tcpserver: end 8856 status 256 > > Nov30 18:19:43 tcpserver: status: 0/100 > > Weird. Was this from the 'trusted' IP? Yes, actually, that's from our company's email server which is in another country. By the way, that server is also a qmail server, although not qt. We have large amount of email, such as emails forwarding from one domain name to another for the same user, from this server. > 2. It logged CHKUSER has accepted sender and rcpt, but no email > > delivered to user's mail box and nothing logged at send log: > > Nov30 18:36:21 tcpserver: pid 9984 from [sender IP] > > Nov30 18:36:21 tcpserver: ok 9984 [mydomain]:[my IP]:25 :[sender > > IP]::53431 > > Nov30 18:36:21 CHKUSER accepted sender: from <[sender] > > <mailto:[EMAIL PROTECTED]> ::> remote <[sender server]:unknown:[sender > IP]> > > rcpt <> : sender accepted > > Nov30 18:36:21 CHKUSER accepted rcpt: from <[sender] > > <mailto:[EMAIL PROTECTED]>::> remote <[sender domain]:unknown:[sender > IP]> > > rcpt <[rcpt] <mailto:[EMAIL PROTECTED]> > : found existing recipient > > > Nov30 18:36:21 tcpserver: end 9984 status 256 > > Weird. Was this from a non-trusted IP? It's from the same server as mentioned above. Email ID and domain name are correct here. I just used my Perl script to reformat the log, That's why it won't show full address / domain name. > 3. Some, but not all, CHKUSER rejected may show status 256 too: > > Nov30 22:57:25 tcpserver: status: 1/100 > > Nov30 22:57:25 tcpserver: pid 24256 from 89.138.229.34 > > <http://89.138.229.34> > > Nov30 22:57:25 tcpserver: ok 24256 [my domain]:[my local IP]:25 > > :89.138.229.34::62008 > > Nov30 22:57:30 CHKUSER rejected sender: from < [EMAIL PROTECTED] > > <mailto:[EMAIL PROTECTED] >::> remote > > <89-138-229-34.bb.netvision.net.il:unknown:89.138.229.34> rcpt > <> > > : invalid sender MX domain > > Nov30 22:57:31 tcpserver: end 24256 status 256 > > Nov30 22:57:31 tcpserver: status: 0/100 > > > > As you've mentioned, we should not use such a high setting for the > smtp > > softlimit in normal case. But in my case, I really need to. One more > > thing to mention: my server need to support multi-language. > > > > Best regards, > > Bill > > > > I'm wondering if the DomainKeys bug might be the culprit. Have you > disabled > DK according to Alexey's instructions? > # cd /var/qmail/bin > # rm -f qmail-queue; ln -s qmail-queue.orig qmail-queue That's the first thing I tried. But then since the error still exist and I don't want to complicate the situation, I reinstall qmail-toaster-1.03-1.3.8 I also tried to disable spf checking by putting a '0' to the spfbehavior but it made no difference. I was thinking of installing the spf logging patch (http://www.mail-archive.com/[email protected]/msg09582.html). Since my server is working now, I think I will leave it right now and wait for such patch to be included in the stable version of qt. -- > -Eric 'shubes' > > --------------------------------------------------------------------- > QmailToaster hosted by: VR Hosted < http://www.vr.org> > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
