OK. I looked up the IP of the MX record for that domain. I still
haven't been able to find it in the smtp logs. But I have added it to
the /etc/rcprules.d/tcp.smpt file, as instructed in another message,
along with adding the address in question to the simcontrol file.
Hopefully, that will help.
I've also rebooted the server. And I did install qmailtoaster-plus.
Thanks. I am going to try to wait on doing the upgrade, until I can
figure out, with help, how to get the domainkeys thing done right for
my servers and domains.
To explain, in general, my situation:
Company currently has 3 external servers.
Server A is the main webserver, hosting a dozen different websites
for
the company and its publications, as well as some development work.
This is (now) a CentOS 4.4 box, thanks to having to rebuild it due to
hacking during the week between Christmas and New Years.
Server B is a secondary webserver, hosting some DB-intensive
functions
to maintain mailing lists, magazine subscriptions, and our webstore.
One of the functions of this server is that, twice a week, this
server
sends out a massive blast of e-mails to individuals subscribed to our
mailing lists: around 40,000 on one list, 25,000 on the other.
Currently, this box is an FC3 box, with XAMPP 1.4.7 installed (Apache
2.052, MySQL 4.1+, PHP 4 and 5, etc). This box also has a reverse PTR
record in place, and is listed as our secondary mail server in DNS.
Server C is our mailserver. That's it. All it does. It's a CentOS4.4
box with qmail-toaster. It's our primary MX record for all of our
domains. Running:
vpopmail-toaster-5.4.13-1.3.1
ezmlm-toaster-0.53.324-1.3.1
squirrelmail-toaster-1.4.6-1.3.1
courier-imap-toaster-4.1.1-1.3.2
maildrop-toaster-devel-2.0.2-1.3.1
daemontools-toaster-0.76-1.3.1
qmail-toaster-1.03-1.3.3
autorespond-toaster-2.0.4-1.3.1
qmailadmin-toaster-1.2.9-1.3.1
isoqlog-toaster-2.1-1.3.1
clamav-toaster-0.88.2-1.3.1
qmailtoaster-plus-0.2.5-1.3.7
ucspi-tcp-toaster-0.88-1.3.1
qmail-pop3d-toaster-1.03-1.3.3
control-panel-toaster-0.5-1.3.1
qmailmrtg-toaster-4.2-1.3.1
vqadmin-toaster-2.3.4-1.3.1
ripmime-toaster-1.4.0.6-1.3.1
courier-authlib-toaster-0.58-1.3.1
maildrop-toaster-2.0.2-1.3.1
simscan-toaster-1.2-1.3.1
libdomainkeys-toaster-0.68-1.3.1
ezmlm-cgi-toaster-0.53.324-1.3.1
spamassassin-toaster-3.1.3-1.3.1
My challenge: I need to be able to DomainKey my mail server,
obviously. But I also need to domain key the others as well, and I'm
running multiple domains/domain names on every machine. I just
haven't
been able to figure out how to pull all of that off. Any guidance
would be appreciated.
Roxanne, still hunting for the rejection of those emails.
On 1/10/07, Eric Shubes <[EMAIL PROTECTED]> wrote:
Roxanne Sandesara wrote:
Well, let's see.
1) qmlog doesn't work on my system. I'm going to go out on a
limb and
assume that to be because I don't have the latest Toaster
installed. I
installed back in early June, and have not updated. I've had other
projects on my plate and in my way, and I've been terrified to
bring
down the server to upgrade it. Yes. That makes me a useless coward.
But ... until now, I've been fine. *sigh*
I should have mentioned - qmlog is part of the qmailtoaster-plus
package.
It's trivial to install:
# rpm -ivh
http://svn.shubes.net/qtp/releases/qmailtoaster-
plus-0.2.5-1.3.7.noarch.rpm
(all in 1 command)
qmailtoaster-plus also includes qtp-newmodel, an easy-to-use
script for
upgrading your toaster to a new model. The script does everything
for
you,
including bringing down qmail and bringing it back up again. Your
down
time
should be less than 10 minutes (depends on the packages you're
updating and
your CPU). See http://wiki.qmailtoaster.com/index.php/Upgrading
2) I tried hunting through the smtp logs in /var/log/qmail/smtp for
instances of the IP of the sender. I haven't found anything. I
need to
keep trying that.
Make sure you're looking for the sending domain's MX server
(could be
different from their web server).
3) I don't have SPF/DomainKeys running, because I couldn't
figure out
how to make it work in my installation properly, and I gave up.
It was
more important to have a working mailserver than to have a perfect
mailserver. Y'know ... until that bites me in the rump. Like now.
To disable DK entirely, be sure to follow Alexey's instructions:
# cd /var/qmail/bin
# rm -f qmail-queue; ln -s qmail-queue.orig qmail-queue
Otherwise you could still run into problems.
So ... thus far, I haven't found much of anything useful to report.
But I thought I should say /something/, and thank you for the
suggestions.
Keep at it!
Roxanne
On 1/10/07, Eric Shubes <[EMAIL PROTECTED]> wrote:
Roxanne Sandesara wrote:
I need some help trying to troubleshoot a very serious problem
that has
cropped up. The last two days, the amount of email coming through
to my
user accounts on my server has dropped dramatically. I have not
changed
a single setting on the server. Accounts that were previously
receiving
on the order of 200+ emails a day are now receiving only 10-15
external
emails per day. And I have confirmed that several important
emails from
outside have not been delivered.
How do I go about trying to find out what is going on? I have
found how
to flush/force the queue in regards to SMTP - sending mail.
But how
do I
check the status of mail arriving, and being delivered? How do I
flush/force those deliveries?
Need help ASAP.
Roxanne
Hey Roxanne,
They're probably being rejected up front in the smtp (incoming)
session.
Check the smtp logs for messages pertinent to the missing
sender (grep
for
the sender domain's IP address, then browse the log in that area).
qmlog is
handy for doing that:
# qmlog -lc ip.address.of.sender smtp
My first guess would be that the sender's IP has been
blacklisted. The
log
will show you if that's the case, and which blacklist is rejecting
them.
My second guess would be a SPF or DomainKeys problem.
Unfortunately, the
current stable toaster doesn't log these rejections. Good news
is, the
qmail-toaster package in devel *does* (thanks to Alexey and EE).
Please let us know what you find.
--
-Eric 'shubes'
--
-Eric 'shubes'
