Re: [qmailtoaster] qq soft reject with Centos 7

[Eric Broch]

Actually this error is coming from simscan (32).

Basically, simscan creates a fork and calls qmail-queue and tries to 
pipe the email message to it. For some reason qmail-queue doesn't seem 
to be running or is not accepting a message from the pipe. You may want 
to check the permissions on this file.


Here's the source anyway, though: 
ftp://ftp.whitehorsetc.com/pub/repo/qmt/CentOS/7/current/SRPMS/qmail-1.03-2.qt.src.rpm



On 5/6/2017 10:12 PM, Jeff Koch wrote:

Hi Eric:

Would you happen to know where I can get the source code for the 
qmail-queue.orig. I'd like to see what error code 32 means.


Jeff

On 5/6/2017 8:13 PM, Eric Broch wrote:


What about drive space?


On 5/6/2017 5:33 PM, Jeff Koch wrote:

Hi Eric:

I reinstalled simscan but unfortunately that didn't help. We're 
still seeing the 451 soft rejects when simscan tries to exec 
qmail-queue after having clamav analyze attachments. We're also 
seeing the 'no envelope' deferrals. I assume you don't have these 
issues on your qmail toaster.


We tried to see if there was any pattern that distinguished emails 
with attachments that went through simscan and executed qmail-queue 
successfully and those that had an error writing to qmail-queue and 
exited with code 71. But we see no pattern.


We've removed simscan from the process until we figure this out.

Anyone know what qmail-queue error code 32 means? As in 'error 
writing msg to qmail-queue error: 32'


Let me know if anyone has ideas.

Thanks for your help

Jeff

On 5/6/2017 10:21 AM, Eric Broch wrote:


[root]#ls -ld /var/qmail/simscan
drwxr-x--- 4 clamav root 64 Apr 20 14:18 /var/qmail/simscan

[root]# ls -ld /var/qmail/simscan/*
drwxr-x--- 2 clamav root 39 Dec 23 01:26 
/var/qmail/simscan/1482481568.945036.3336
drwxr-x--- 2 clamav root 73 Dec 23 01:34 
/var/qmail/simscan/1482482077.257292.3618


yum reinstall simscan



On 5/5/2017 12:16 PM, Jeff Koch wrote:

Hi Eric:

What do your permissions look like for /var/qmail/simscan and it's 
subdirectories ?


Also, we installed everthing from the QMT install script. What's 
the procedure for removing and reinstalling simscan?


Thanks for your help.

Jeff

On 5/5/2017 1:42 PM, Eric Broch wrote:


It does look like a permission's issue. Try these steps with 
restart and reload of qmail between each step


1) Check permissions on your queue, visibly (mine below perms>).


2) Check /var/qmail/bin permissions (mine below ).

3) Remove and reinstall simscan

4) Try running one of the good queue repair tools like qfixq, 
qmail_repair.py. With these make absolutely sure qmail is OFF, 
and that there are NO straggling send processes.




[root]# ls -ld /var/qmail/queue
drwxr-x--- 11 qmailq qmail 109 Apr 20 09:49 /var/qmail/queue

[root]# ls -l /var/qmail/q*
total 16
drwx--  2 qmails qmail6 Apr 20 09:49 bounce
drwx-- 25 qmails qmail 4096 Apr 20 09:49 info
drwx--  2 qmailq qmail6 May  5 08:34 intd
drwx-- 25 qmails qmail 4096 Apr 20 09:49 local
drwxr-x---  2 qmailq qmail   48 Apr 20 12:58 lock
drwxr-x--- 25 qmailq qmail 4096 Apr 20 09:49 mess
drwx--  2 qmailq qmail6 May  5 08:34 pid
drwx-- 25 qmails qmail 4096 Apr 20 09:49 remote
drwxr-x---  2 qmailq qmail6 May  5 08:34 todo

[root]# ls -l /var/qmail/q*/*
/var/qmail/queue/bounce:
total 0

/var/qmail/queue/info:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 May  3 04:52 18
drwx-- 2 qmails qmail 6 May  5 08:34 19
drwx-- 2 qmails qmail 6 May  1 03:42 2
drwx-- 2 qmails qmail 6 May  4 03:47 20
drwx-- 2 qmails qmail 6 Apr 20 09:49 21
drwx-- 2 qmails qmail 6 Apr 20 09:49 22
drwx-- 2 qmails qmail 6 May  4 03:47 3
drwx-- 2 qmails qmail 6 May  5 08:34 4
drwx-- 2 qmails qmail 6 May  2 04:49 5
drwx-- 2 qmails qmail 6 May  1 07:21 6
drwx-- 2 qmails qmail 6 Apr 23 03:23 7
drwx-- 2 qmails qmail 6 May  2 04:49 8
drwx-- 2 qmails qmail 6 Apr 20 13:02 9

/var/qmail/queue/intd:
total 0

/var/qmail/queue/local:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 May  3 04:52 18
drwx-- 2 qmails qmail 6 May  5 08:34 19
drwx-- 2 qmails qmail 6 May  1 03:42 2
drwx-- 2 qmails qmail 6 May  4 

Re: [qmailtoaster] qq soft reject with Centos 7

[Jeff Koch]

Hi Eric:

Standby - I may have found the solution. So far simscan has been running 
for two hours without qq soft reject or envelope issue. I'll wait 
another two hours and let you know.  :)


Jeff

On 5/7/2017 7:25 PM, Eric Broch wrote:


ftp://ftp.whitehorsetc.com/pub/qmail/CentOS7/qmt/srpms/simscan-1.4.0-0.qt.src.rpm


On 5/7/2017 3:27 PM, Jeff Koch wrote:

Hi Eric:

I'm pretty sure there's something wrong with my simscan and the way 
it interacts with my server. (I did start with a CentOS 7 minimal 
install). Doesn't make sense that it would lose the envelope 
information. That info is supposed to be written to a temporary file 
in /var/qmail/simscan. I don't think the setup would even accept an 
email without mailfrom and mailto info.


So, I'd like to try recompiling simscan from source. I found source 
code for version 1.4.0 at https://sourceforge.net/projects/simscan/ 
but it could be a little stale since it was last modified 10/29/2007. 
Is that the version you use? do you have a later patched version?


Also, I'd need the configure script.

Thanks, Jeff Koch


On 5/6/2017 11:06 AM, Eric Broch wrote:


Hmm... not sure.

Not sure if you a 'c' programmer but here's the code:

  if ( MailFrom[0] == 0 && RcptTo[0][0] == 0 ) {
if ( DebugFlag > 0 ) {
  fprintf(stderr, "simscan: no envelope information, deferred 
exit\n");

}
exit_clean(EXIT_454);
  }

Looks like the 'mail from' and 'rcpt to' variables are empty.


On 5/6/2017 8:58 AM, Jeff Koch wrote:

Hi Eric:

One other thing. What does it mean when we see  'simscan: no 
envelope information, deferred exit'? As in the following:



2017-05-06 09:45:11.691723500 simscan: checking attachment 
image003.png against .bat
2017-05-06 09:45:11.691723500 simscan: checking attachment 
image003.png against .pif

2017-05-06 09:45:11.691724500 simscan: cdb looking up version attach
2017-05-06 09:45:11.691724500 simscan: runned_scanners is attach: 1.4.0
2017-05-06 09:45:11.691725500 simscan: found 1.4.0
2017-05-06 09:45:11.691725500 simscan: calling clamdscan
2017-05-06 09:45:11.728577500 simscan: clamdscan: 
/var/qmail/simscan/1494081910.545549.2165: OK

2017-05-06 09:45:11.728632500 simscan: clamdscan:
2017-05-06 09:45:11.728633500 simscan: clamdscan: --- SCAN 
SUMMARY ---

2017-05-06 09:45:11.728672500 simscan: clamdscan: Infected files: 0
2017-05-06 09:45:11.728684500 simscan: clamdscan: Time: 0.034 sec 
(0 m 0 s)

2017-05-06 09:45:11.728961500 simscan: cdb looking up version clamav
2017-05-06 09:45:11.728975500 simscan: runned_scanners is attach: 
1.4.0 clamav: 0.99.2/m:

2017-05-06 09:45:11.728976500 simscan: found 0.99.2/m:
2017-05-06 09:45:11.728977500 simscan: normal clamdscan return code: 0
2017-05-06 09:45:11.728998500 simscan: done, execing qmail-queue
2017-05-06 09:45:11.758794500 simscan: qmail-queue exited 0
2017-05-06 09:45:12.076061500 simscan: no envelope information, 
deferred exit

2017-05-06 09:45:12.076219500 simscan: exit error code: 54

Jeff

On 5/6/2017 10:21 AM, Eric Broch wrote:


[root]#ls -ld /var/qmail/simscan
drwxr-x--- 4 clamav root 64 Apr 20 14:18 /var/qmail/simscan

[root]# ls -ld /var/qmail/simscan/*
drwxr-x--- 2 clamav root 39 Dec 23 01:26 
/var/qmail/simscan/1482481568.945036.3336
drwxr-x--- 2 clamav root 73 Dec 23 01:34 
/var/qmail/simscan/1482482077.257292.3618


yum reinstall simscan



On 5/5/2017 12:16 PM, Jeff Koch wrote:

Hi Eric:

What do your permissions look like for /var/qmail/simscan and 
it's subdirectories ?


Also, we installed everthing from the QMT install script. What's 
the procedure for removing and reinstalling simscan?


Thanks for your help.

Jeff

On 5/5/2017 1:42 PM, Eric Broch wrote:


It does look like a permission's issue. Try these steps with 
restart and reload of qmail between each step


1) Check permissions on your queue, visibly (mine below perms>).


2) Check /var/qmail/bin permissions (mine below ).

3) Remove and reinstall simscan

4) Try running one of the good queue repair tools like qfixq, 
qmail_repair.py. With these make absolutely sure qmail is OFF, 
and that there are NO straggling send processes.




[root]# ls -ld /var/qmail/queue
drwxr-x--- 11 qmailq qmail 109 Apr 20 09:49 /var/qmail/queue

[root]# ls -l /var/qmail/q*
total 16
drwx--  2 qmails qmail6 Apr 20 09:49 bounce
drwx-- 25 qmails qmail 4096 Apr 20 09:49 info
drwx--  2 qmailq qmail6 May  5 08:34 intd
drwx-- 25 qmails qmail 4096 Apr 20 09:49 local
drwxr-x---  2 qmailq qmail   48 Apr 20 12:58 lock
drwxr-x--- 25 qmailq qmail 4096 Apr 20 09:49 mess
drwx--  2 qmailq qmail6 May  5 08:34 pid
drwx-- 25 qmails qmail 4096 Apr 20 09:49 remote
drwxr-x---  2 qmailq qmail6 May  5 08:34 todo

[root]# ls -l /var/qmail/q*/*
/var/qmail/queue/bounce:
total 0

/var/qmail/queue/info:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 

Re: [qmailtoaster] qq soft reject with Centos 7

[Eric Broch]

ftp://ftp.whitehorsetc.com/pub/qmail/CentOS7/qmt/srpms/simscan-1.4.0-0.qt.src.rpm


On 5/7/2017 3:27 PM, Jeff Koch wrote:

Hi Eric:

I'm pretty sure there's something wrong with my simscan and the way it 
interacts with my server. (I did start with a CentOS 7 minimal 
install). Doesn't make sense that it would lose the envelope 
information. That info is supposed to be written to a temporary file 
in /var/qmail/simscan. I don't think the setup would even accept an 
email without mailfrom and mailto info.


So, I'd like to try recompiling simscan from source. I found source 
code for version 1.4.0 at https://sourceforge.net/projects/simscan/ 
but it could be a little stale since it was last modified 10/29/2007. 
Is that the version you use? do you have a later patched version?


Also, I'd need the configure script.

Thanks, Jeff Koch


On 5/6/2017 11:06 AM, Eric Broch wrote:


Hmm... not sure.

Not sure if you a 'c' programmer but here's the code:

  if ( MailFrom[0] == 0 && RcptTo[0][0] == 0 ) {
if ( DebugFlag > 0 ) {
  fprintf(stderr, "simscan: no envelope information, deferred 
exit\n");

}
exit_clean(EXIT_454);
  }

Looks like the 'mail from' and 'rcpt to' variables are empty.


On 5/6/2017 8:58 AM, Jeff Koch wrote:

Hi Eric:

One other thing. What does it mean when we see  'simscan: no 
envelope information, deferred exit'? As in the following:



2017-05-06 09:45:11.691723500 simscan: checking attachment 
image003.png against .bat
2017-05-06 09:45:11.691723500 simscan: checking attachment 
image003.png against .pif

2017-05-06 09:45:11.691724500 simscan: cdb looking up version attach
2017-05-06 09:45:11.691724500 simscan: runned_scanners is attach: 1.4.0
2017-05-06 09:45:11.691725500 simscan: found 1.4.0
2017-05-06 09:45:11.691725500 simscan: calling clamdscan
2017-05-06 09:45:11.728577500 simscan: clamdscan: 
/var/qmail/simscan/1494081910.545549.2165: OK

2017-05-06 09:45:11.728632500 simscan: clamdscan:
2017-05-06 09:45:11.728633500 simscan: clamdscan: --- SCAN 
SUMMARY ---

2017-05-06 09:45:11.728672500 simscan: clamdscan: Infected files: 0
2017-05-06 09:45:11.728684500 simscan: clamdscan: Time: 0.034 sec (0 
m 0 s)

2017-05-06 09:45:11.728961500 simscan: cdb looking up version clamav
2017-05-06 09:45:11.728975500 simscan: runned_scanners is attach: 
1.4.0 clamav: 0.99.2/m:

2017-05-06 09:45:11.728976500 simscan: found 0.99.2/m:
2017-05-06 09:45:11.728977500 simscan: normal clamdscan return code: 0
2017-05-06 09:45:11.728998500 simscan: done, execing qmail-queue
2017-05-06 09:45:11.758794500 simscan: qmail-queue exited 0
2017-05-06 09:45:12.076061500 simscan: no envelope information, 
deferred exit

2017-05-06 09:45:12.076219500 simscan: exit error code: 54

Jeff

On 5/6/2017 10:21 AM, Eric Broch wrote:


[root]#ls -ld /var/qmail/simscan
drwxr-x--- 4 clamav root 64 Apr 20 14:18 /var/qmail/simscan

[root]# ls -ld /var/qmail/simscan/*
drwxr-x--- 2 clamav root 39 Dec 23 01:26 
/var/qmail/simscan/1482481568.945036.3336
drwxr-x--- 2 clamav root 73 Dec 23 01:34 
/var/qmail/simscan/1482482077.257292.3618


yum reinstall simscan



On 5/5/2017 12:16 PM, Jeff Koch wrote:

Hi Eric:

What do your permissions look like for /var/qmail/simscan and it's 
subdirectories ?


Also, we installed everthing from the QMT install script. What's 
the procedure for removing and reinstalling simscan?


Thanks for your help.

Jeff

On 5/5/2017 1:42 PM, Eric Broch wrote:


It does look like a permission's issue. Try these steps with 
restart and reload of qmail between each step


1) Check permissions on your queue, visibly (mine below perms>).


2) Check /var/qmail/bin permissions (mine below ).

3) Remove and reinstall simscan

4) Try running one of the good queue repair tools like qfixq, 
qmail_repair.py. With these make absolutely sure qmail is OFF, 
and that there are NO straggling send processes.




[root]# ls -ld /var/qmail/queue
drwxr-x--- 11 qmailq qmail 109 Apr 20 09:49 /var/qmail/queue

[root]# ls -l /var/qmail/q*
total 16
drwx--  2 qmails qmail6 Apr 20 09:49 bounce
drwx-- 25 qmails qmail 4096 Apr 20 09:49 info
drwx--  2 qmailq qmail6 May  5 08:34 intd
drwx-- 25 qmails qmail 4096 Apr 20 09:49 local
drwxr-x---  2 qmailq qmail   48 Apr 20 12:58 lock
drwxr-x--- 25 qmailq qmail 4096 Apr 20 09:49 mess
drwx--  2 qmailq qmail6 May  5 08:34 pid
drwx-- 25 qmails qmail 4096 Apr 20 09:49 remote
drwxr-x---  2 qmailq qmail6 May  5 08:34 todo

[root]# ls -l /var/qmail/q*/*
/var/qmail/queue/bounce:
total 0

/var/qmail/queue/info:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 

Re: [qmailtoaster] qq soft reject with Centos 7

[Jeff Koch]

Hi Eric:

I'm pretty sure there's something wrong with my simscan and the way it 
interacts with my server. (I did start with a CentOS 7 minimal install). 
Doesn't make sense that it would lose the envelope information. That 
info is supposed to be written to a temporary file in 
/var/qmail/simscan. I don't think the setup would even accept an email 
without mailfrom and mailto info.


So, I'd like to try recompiling simscan from source. I found source code 
for version 1.4.0 at https://sourceforge.net/projects/simscan/ but it 
could be a little stale since it was last modified 10/29/2007. Is that 
the version you use? do you have a later patched version?


Also, I'd need the configure script.

Thanks, Jeff Koch


On 5/6/2017 11:06 AM, Eric Broch wrote:


Hmm... not sure.

Not sure if you a 'c' programmer but here's the code:

  if ( MailFrom[0] == 0 && RcptTo[0][0] == 0 ) {
if ( DebugFlag > 0 ) {
  fprintf(stderr, "simscan: no envelope information, deferred 
exit\n");

}
exit_clean(EXIT_454);
  }

Looks like the 'mail from' and 'rcpt to' variables are empty.


On 5/6/2017 8:58 AM, Jeff Koch wrote:

Hi Eric:

One other thing. What does it mean when we see  'simscan: no envelope 
information, deferred exit'? As in the following:



2017-05-06 09:45:11.691723500 simscan: checking attachment 
image003.png against .bat
2017-05-06 09:45:11.691723500 simscan: checking attachment 
image003.png against .pif

2017-05-06 09:45:11.691724500 simscan: cdb looking up version attach
2017-05-06 09:45:11.691724500 simscan: runned_scanners is attach: 1.4.0
2017-05-06 09:45:11.691725500 simscan: found 1.4.0
2017-05-06 09:45:11.691725500 simscan: calling clamdscan
2017-05-06 09:45:11.728577500 simscan: clamdscan: 
/var/qmail/simscan/1494081910.545549.2165: OK

2017-05-06 09:45:11.728632500 simscan: clamdscan:
2017-05-06 09:45:11.728633500 simscan: clamdscan: --- SCAN 
SUMMARY ---

2017-05-06 09:45:11.728672500 simscan: clamdscan: Infected files: 0
2017-05-06 09:45:11.728684500 simscan: clamdscan: Time: 0.034 sec (0 
m 0 s)

2017-05-06 09:45:11.728961500 simscan: cdb looking up version clamav
2017-05-06 09:45:11.728975500 simscan: runned_scanners is attach: 
1.4.0 clamav: 0.99.2/m:

2017-05-06 09:45:11.728976500 simscan: found 0.99.2/m:
2017-05-06 09:45:11.728977500 simscan: normal clamdscan return code: 0
2017-05-06 09:45:11.728998500 simscan: done, execing qmail-queue
2017-05-06 09:45:11.758794500 simscan: qmail-queue exited 0
2017-05-06 09:45:12.076061500 simscan: no envelope information, 
deferred exit

2017-05-06 09:45:12.076219500 simscan: exit error code: 54

Jeff

On 5/6/2017 10:21 AM, Eric Broch wrote:


[root]#ls -ld /var/qmail/simscan
drwxr-x--- 4 clamav root 64 Apr 20 14:18 /var/qmail/simscan

[root]# ls -ld /var/qmail/simscan/*
drwxr-x--- 2 clamav root 39 Dec 23 01:26 
/var/qmail/simscan/1482481568.945036.3336
drwxr-x--- 2 clamav root 73 Dec 23 01:34 
/var/qmail/simscan/1482482077.257292.3618


yum reinstall simscan



On 5/5/2017 12:16 PM, Jeff Koch wrote:

Hi Eric:

What do your permissions look like for /var/qmail/simscan and it's 
subdirectories ?


Also, we installed everthing from the QMT install script. What's 
the procedure for removing and reinstalling simscan?


Thanks for your help.

Jeff

On 5/5/2017 1:42 PM, Eric Broch wrote:


It does look like a permission's issue. Try these steps with 
restart and reload of qmail between each step


1) Check permissions on your queue, visibly (mine below perms>).


2) Check /var/qmail/bin permissions (mine below ).

3) Remove and reinstall simscan

4) Try running one of the good queue repair tools like qfixq, 
qmail_repair.py. With these make absolutely sure qmail is OFF, and 
that there are NO straggling send processes.




[root]# ls -ld /var/qmail/queue
drwxr-x--- 11 qmailq qmail 109 Apr 20 09:49 /var/qmail/queue

[root]# ls -l /var/qmail/q*
total 16
drwx--  2 qmails qmail6 Apr 20 09:49 bounce
drwx-- 25 qmails qmail 4096 Apr 20 09:49 info
drwx--  2 qmailq qmail6 May  5 08:34 intd
drwx-- 25 qmails qmail 4096 Apr 20 09:49 local
drwxr-x---  2 qmailq qmail   48 Apr 20 12:58 lock
drwxr-x--- 25 qmailq qmail 4096 Apr 20 09:49 mess
drwx--  2 qmailq qmail6 May  5 08:34 pid
drwx-- 25 qmails qmail 4096 Apr 20 09:49 remote
drwxr-x---  2 qmailq qmail6 May  5 08:34 todo

[root]# ls -l /var/qmail/q*/*
/var/qmail/queue/bounce:
total 0

/var/qmail/queue/info:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 May  3 04:52 18
drwx-- 2 qmails qmail 6 May  5 08:34 19
drwx-- 2 qmails 

Re: [qmailtoaster] qq soft reject with Centos 7

[Jeff Koch]

Hi Eric:

Would you happen to know where I can get the source code for the 
qmail-queue.orig. I'd like to see what error code 32 means.


Jeff

On 5/6/2017 8:13 PM, Eric Broch wrote:


What about drive space?


On 5/6/2017 5:33 PM, Jeff Koch wrote:

Hi Eric:

I reinstalled simscan but unfortunately that didn't help. We're still 
seeing the 451 soft rejects when simscan tries to exec qmail-queue 
after having clamav analyze attachments. We're also seeing the 'no 
envelope' deferrals. I assume you don't have these issues on your 
qmail toaster.


We tried to see if there was any pattern that distinguished emails 
with attachments that went through simscan and executed qmail-queue 
successfully and those that had an error writing to qmail-queue and 
exited with code 71. But we see no pattern.


We've removed simscan from the process until we figure this out.

Anyone know what qmail-queue error code 32 means? As in 'error 
writing msg to qmail-queue error: 32'


Let me know if anyone has ideas.

Thanks for your help

Jeff

On 5/6/2017 10:21 AM, Eric Broch wrote:


[root]#ls -ld /var/qmail/simscan
drwxr-x--- 4 clamav root 64 Apr 20 14:18 /var/qmail/simscan

[root]# ls -ld /var/qmail/simscan/*
drwxr-x--- 2 clamav root 39 Dec 23 01:26 
/var/qmail/simscan/1482481568.945036.3336
drwxr-x--- 2 clamav root 73 Dec 23 01:34 
/var/qmail/simscan/1482482077.257292.3618


yum reinstall simscan



On 5/5/2017 12:16 PM, Jeff Koch wrote:

Hi Eric:

What do your permissions look like for /var/qmail/simscan and it's 
subdirectories ?


Also, we installed everthing from the QMT install script. What's 
the procedure for removing and reinstalling simscan?


Thanks for your help.

Jeff

On 5/5/2017 1:42 PM, Eric Broch wrote:


It does look like a permission's issue. Try these steps with 
restart and reload of qmail between each step


1) Check permissions on your queue, visibly (mine below perms>).


2) Check /var/qmail/bin permissions (mine below ).

3) Remove and reinstall simscan

4) Try running one of the good queue repair tools like qfixq, 
qmail_repair.py. With these make absolutely sure qmail is OFF, and 
that there are NO straggling send processes.




[root]# ls -ld /var/qmail/queue
drwxr-x--- 11 qmailq qmail 109 Apr 20 09:49 /var/qmail/queue

[root]# ls -l /var/qmail/q*
total 16
drwx--  2 qmails qmail6 Apr 20 09:49 bounce
drwx-- 25 qmails qmail 4096 Apr 20 09:49 info
drwx--  2 qmailq qmail6 May  5 08:34 intd
drwx-- 25 qmails qmail 4096 Apr 20 09:49 local
drwxr-x---  2 qmailq qmail   48 Apr 20 12:58 lock
drwxr-x--- 25 qmailq qmail 4096 Apr 20 09:49 mess
drwx--  2 qmailq qmail6 May  5 08:34 pid
drwx-- 25 qmails qmail 4096 Apr 20 09:49 remote
drwxr-x---  2 qmailq qmail6 May  5 08:34 todo

[root]# ls -l /var/qmail/q*/*
/var/qmail/queue/bounce:
total 0

/var/qmail/queue/info:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 May  3 04:52 18
drwx-- 2 qmails qmail 6 May  5 08:34 19
drwx-- 2 qmails qmail 6 May  1 03:42 2
drwx-- 2 qmails qmail 6 May  4 03:47 20
drwx-- 2 qmails qmail 6 Apr 20 09:49 21
drwx-- 2 qmails qmail 6 Apr 20 09:49 22
drwx-- 2 qmails qmail 6 May  4 03:47 3
drwx-- 2 qmails qmail 6 May  5 08:34 4
drwx-- 2 qmails qmail 6 May  2 04:49 5
drwx-- 2 qmails qmail 6 May  1 07:21 6
drwx-- 2 qmails qmail 6 Apr 23 03:23 7
drwx-- 2 qmails qmail 6 May  2 04:49 8
drwx-- 2 qmails qmail 6 Apr 20 13:02 9

/var/qmail/queue/intd:
total 0

/var/qmail/queue/local:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 May  3 04:52 18
drwx-- 2 qmails qmail 6 May  5 08:34 19
drwx-- 2 qmails qmail 6 May  1 03:42 2
drwx-- 2 qmails qmail 6 May  4 03:47 20
drwx-- 2 qmails qmail 6 Apr 20 09:49 21
drwx-- 2 qmails qmail 6 Apr 20 09:49 22
drwx-- 2 qmails qmail 6 May  4 03:47 3
drwx-- 2 qmails qmail 6 May  5 08:34 4
drwx-- 2 qmails qmail 6 May  2 04:49 5
drwx-- 2 qmails qmail 6 May  1 07:21 6
drwx-- 2 qmails qmail 6 Apr 23 03:23 7
drwx-- 2 qmails qmail 6 May  2 04:49 8
drwx-- 2 qmails qmail 6 Apr 20 09:49 9

/var/qmail/queue/lock:
total 4
-rw--- 1 qmails qmail0 Apr 20 09:49 

Re: [qmailtoaster] qq soft reject with Centos 7

[Jeff Koch]

Hi Eric:

Drive space is fine - using less than half of the main disk and small 
percents of the ram disks


On 5/6/2017 8:13 PM, Eric Broch wrote:


What about drive space?


On 5/6/2017 5:33 PM, Jeff Koch wrote:

Hi Eric:

I reinstalled simscan but unfortunately that didn't help. We're still 
seeing the 451 soft rejects when simscan tries to exec qmail-queue 
after having clamav analyze attachments. We're also seeing the 'no 
envelope' deferrals. I assume you don't have these issues on your 
qmail toaster.


We tried to see if there was any pattern that distinguished emails 
with attachments that went through simscan and executed qmail-queue 
successfully and those that had an error writing to qmail-queue and 
exited with code 71. But we see no pattern.


We've removed simscan from the process until we figure this out.

Anyone know what qmail-queue error code 32 means? As in 'error 
writing msg to qmail-queue error: 32'


Let me know if anyone has ideas.

Thanks for your help

Jeff

On 5/6/2017 10:21 AM, Eric Broch wrote:


[root]#ls -ld /var/qmail/simscan
drwxr-x--- 4 clamav root 64 Apr 20 14:18 /var/qmail/simscan

[root]# ls -ld /var/qmail/simscan/*
drwxr-x--- 2 clamav root 39 Dec 23 01:26 
/var/qmail/simscan/1482481568.945036.3336
drwxr-x--- 2 clamav root 73 Dec 23 01:34 
/var/qmail/simscan/1482482077.257292.3618


yum reinstall simscan



On 5/5/2017 12:16 PM, Jeff Koch wrote:

Hi Eric:

What do your permissions look like for /var/qmail/simscan and it's 
subdirectories ?


Also, we installed everthing from the QMT install script. What's 
the procedure for removing and reinstalling simscan?


Thanks for your help.

Jeff

On 5/5/2017 1:42 PM, Eric Broch wrote:


It does look like a permission's issue. Try these steps with 
restart and reload of qmail between each step


1) Check permissions on your queue, visibly (mine below perms>).


2) Check /var/qmail/bin permissions (mine below ).

3) Remove and reinstall simscan

4) Try running one of the good queue repair tools like qfixq, 
qmail_repair.py. With these make absolutely sure qmail is OFF, and 
that there are NO straggling send processes.




[root]# ls -ld /var/qmail/queue
drwxr-x--- 11 qmailq qmail 109 Apr 20 09:49 /var/qmail/queue

[root]# ls -l /var/qmail/q*
total 16
drwx--  2 qmails qmail6 Apr 20 09:49 bounce
drwx-- 25 qmails qmail 4096 Apr 20 09:49 info
drwx--  2 qmailq qmail6 May  5 08:34 intd
drwx-- 25 qmails qmail 4096 Apr 20 09:49 local
drwxr-x---  2 qmailq qmail   48 Apr 20 12:58 lock
drwxr-x--- 25 qmailq qmail 4096 Apr 20 09:49 mess
drwx--  2 qmailq qmail6 May  5 08:34 pid
drwx-- 25 qmails qmail 4096 Apr 20 09:49 remote
drwxr-x---  2 qmailq qmail6 May  5 08:34 todo

[root]# ls -l /var/qmail/q*/*
/var/qmail/queue/bounce:
total 0

/var/qmail/queue/info:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 May  3 04:52 18
drwx-- 2 qmails qmail 6 May  5 08:34 19
drwx-- 2 qmails qmail 6 May  1 03:42 2
drwx-- 2 qmails qmail 6 May  4 03:47 20
drwx-- 2 qmails qmail 6 Apr 20 09:49 21
drwx-- 2 qmails qmail 6 Apr 20 09:49 22
drwx-- 2 qmails qmail 6 May  4 03:47 3
drwx-- 2 qmails qmail 6 May  5 08:34 4
drwx-- 2 qmails qmail 6 May  2 04:49 5
drwx-- 2 qmails qmail 6 May  1 07:21 6
drwx-- 2 qmails qmail 6 Apr 23 03:23 7
drwx-- 2 qmails qmail 6 May  2 04:49 8
drwx-- 2 qmails qmail 6 Apr 20 13:02 9

/var/qmail/queue/intd:
total 0

/var/qmail/queue/local:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 May  3 04:52 18
drwx-- 2 qmails qmail 6 May  5 08:34 19
drwx-- 2 qmails qmail 6 May  1 03:42 2
drwx-- 2 qmails qmail 6 May  4 03:47 20
drwx-- 2 qmails qmail 6 Apr 20 09:49 21
drwx-- 2 qmails qmail 6 Apr 20 09:49 22
drwx-- 2 qmails qmail 6 May  4 03:47 3
drwx-- 2 qmails qmail 6 May  5 08:34 4
drwx-- 2 qmails qmail 6 May  2 04:49 5
drwx-- 2 qmails qmail 6 May  1 07:21 6
drwx-- 2 qmails qmail 6 Apr 23 03:23 7
drwx-- 2 qmails qmail 6 May  2 04:49 8
drwx-- 2 qmails qmail 6 Apr 20 09:49 9

/var/qmail/queue/lock:
total 4
-rw--- 1 qmails qmail0 Apr 20 09:49 sendmutex
-rw-r--r-- 1 qmailr 

Re: [qmailtoaster] qq soft reject with Centos 7

[Eric Broch]

What about drive space?


On 5/6/2017 5:33 PM, Jeff Koch wrote:

Hi Eric:

I reinstalled simscan but unfortunately that didn't help. We're still 
seeing the 451 soft rejects when simscan tries to exec qmail-queue 
after having clamav analyze attachments. We're also seeing the 'no 
envelope' deferrals. I assume you don't have these issues on your 
qmail toaster.


We tried to see if there was any pattern that distinguished emails 
with attachments that went through simscan and executed qmail-queue 
successfully and those that had an error writing to qmail-queue and 
exited with code 71. But we see no pattern.


We've removed simscan from the process until we figure this out.

Anyone know what qmail-queue error code 32 means? As in 'error writing 
msg to qmail-queue error: 32'


Let me know if anyone has ideas.

Thanks for your help

Jeff

On 5/6/2017 10:21 AM, Eric Broch wrote:


[root]#ls -ld /var/qmail/simscan
drwxr-x--- 4 clamav root 64 Apr 20 14:18 /var/qmail/simscan

[root]# ls -ld /var/qmail/simscan/*
drwxr-x--- 2 clamav root 39 Dec 23 01:26 
/var/qmail/simscan/1482481568.945036.3336
drwxr-x--- 2 clamav root 73 Dec 23 01:34 
/var/qmail/simscan/1482482077.257292.3618


yum reinstall simscan



On 5/5/2017 12:16 PM, Jeff Koch wrote:

Hi Eric:

What do your permissions look like for /var/qmail/simscan and it's 
subdirectories ?


Also, we installed everthing from the QMT install script. What's the 
procedure for removing and reinstalling simscan?


Thanks for your help.

Jeff

On 5/5/2017 1:42 PM, Eric Broch wrote:


It does look like a permission's issue. Try these steps with 
restart and reload of qmail between each step


1) Check permissions on your queue, visibly (mine below ).

2) Check /var/qmail/bin permissions (mine below ).

3) Remove and reinstall simscan

4) Try running one of the good queue repair tools like qfixq, 
qmail_repair.py. With these make absolutely sure qmail is OFF, and 
that there are NO straggling send processes.




[root]# ls -ld /var/qmail/queue
drwxr-x--- 11 qmailq qmail 109 Apr 20 09:49 /var/qmail/queue

[root]# ls -l /var/qmail/q*
total 16
drwx--  2 qmails qmail6 Apr 20 09:49 bounce
drwx-- 25 qmails qmail 4096 Apr 20 09:49 info
drwx--  2 qmailq qmail6 May  5 08:34 intd
drwx-- 25 qmails qmail 4096 Apr 20 09:49 local
drwxr-x---  2 qmailq qmail   48 Apr 20 12:58 lock
drwxr-x--- 25 qmailq qmail 4096 Apr 20 09:49 mess
drwx--  2 qmailq qmail6 May  5 08:34 pid
drwx-- 25 qmails qmail 4096 Apr 20 09:49 remote
drwxr-x---  2 qmailq qmail6 May  5 08:34 todo

[root]# ls -l /var/qmail/q*/*
/var/qmail/queue/bounce:
total 0

/var/qmail/queue/info:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 May  3 04:52 18
drwx-- 2 qmails qmail 6 May  5 08:34 19
drwx-- 2 qmails qmail 6 May  1 03:42 2
drwx-- 2 qmails qmail 6 May  4 03:47 20
drwx-- 2 qmails qmail 6 Apr 20 09:49 21
drwx-- 2 qmails qmail 6 Apr 20 09:49 22
drwx-- 2 qmails qmail 6 May  4 03:47 3
drwx-- 2 qmails qmail 6 May  5 08:34 4
drwx-- 2 qmails qmail 6 May  2 04:49 5
drwx-- 2 qmails qmail 6 May  1 07:21 6
drwx-- 2 qmails qmail 6 Apr 23 03:23 7
drwx-- 2 qmails qmail 6 May  2 04:49 8
drwx-- 2 qmails qmail 6 Apr 20 13:02 9

/var/qmail/queue/intd:
total 0

/var/qmail/queue/local:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 May  3 04:52 18
drwx-- 2 qmails qmail 6 May  5 08:34 19
drwx-- 2 qmails qmail 6 May  1 03:42 2
drwx-- 2 qmails qmail 6 May  4 03:47 20
drwx-- 2 qmails qmail 6 Apr 20 09:49 21
drwx-- 2 qmails qmail 6 Apr 20 09:49 22
drwx-- 2 qmails qmail 6 May  4 03:47 3
drwx-- 2 qmails qmail 6 May  5 08:34 4
drwx-- 2 qmails qmail 6 May  2 04:49 5
drwx-- 2 qmails qmail 6 May  1 07:21 6
drwx-- 2 qmails qmail 6 Apr 23 03:23 7
drwx-- 2 qmails qmail 6 May  2 04:49 8
drwx-- 2 qmails qmail 6 Apr 20 09:49 9

/var/qmail/queue/lock:
total 4
-rw--- 1 qmails qmail0 Apr 20 09:49 sendmutex
-rw-r--r-- 1 qmailr qmail 1024 Apr 27 06:08 tcpto
prw--w--w- 1 qmails qmail0 May  5 08:34 trigger

/var/qmail/queue/mess:
total 0
drwxr-x--- 2 qmailq qmail 6 May  3 03:21 0

Re: [qmailtoaster] qq soft reject with Centos 7

[Jeff Koch]

Hi Eric:

I reinstalled simscan but unfortunately that didn't help. We're still 
seeing the 451 soft rejects when simscan tries to exec qmail-queue after 
having clamav analyze attachments. We're also seeing the 'no envelope' 
deferrals. I assume you don't have these issues on your qmail toaster.


We tried to see if there was any pattern that distinguished emails with 
attachments that went through simscan and executed qmail-queue 
successfully and those that had an error writing to qmail-queue and 
exited with code 71. But we see no pattern.


We've removed simscan from the process until we figure this out.

Anyone know what qmail-queue error code 32 means? As in 'error writing 
msg to qmail-queue error: 32'


Let me know if anyone has ideas.

Thanks for your help

Jeff

On 5/6/2017 10:21 AM, Eric Broch wrote:


[root]#ls -ld /var/qmail/simscan
drwxr-x--- 4 clamav root 64 Apr 20 14:18 /var/qmail/simscan

[root]# ls -ld /var/qmail/simscan/*
drwxr-x--- 2 clamav root 39 Dec 23 01:26 
/var/qmail/simscan/1482481568.945036.3336
drwxr-x--- 2 clamav root 73 Dec 23 01:34 
/var/qmail/simscan/1482482077.257292.3618


yum reinstall simscan



On 5/5/2017 12:16 PM, Jeff Koch wrote:

Hi Eric:

What do your permissions look like for /var/qmail/simscan and it's 
subdirectories ?


Also, we installed everthing from the QMT install script. What's the 
procedure for removing and reinstalling simscan?


Thanks for your help.

Jeff

On 5/5/2017 1:42 PM, Eric Broch wrote:


It does look like a permission's issue. Try these steps with restart 
and reload of qmail between each step


1) Check permissions on your queue, visibly (mine below ).

2) Check /var/qmail/bin permissions (mine below ).

3) Remove and reinstall simscan

4) Try running one of the good queue repair tools like qfixq, 
qmail_repair.py. With these make absolutely sure qmail is OFF, and 
that there are NO straggling send processes.




[root]# ls -ld /var/qmail/queue
drwxr-x--- 11 qmailq qmail 109 Apr 20 09:49 /var/qmail/queue

[root]# ls -l /var/qmail/q*
total 16
drwx--  2 qmails qmail6 Apr 20 09:49 bounce
drwx-- 25 qmails qmail 4096 Apr 20 09:49 info
drwx--  2 qmailq qmail6 May  5 08:34 intd
drwx-- 25 qmails qmail 4096 Apr 20 09:49 local
drwxr-x---  2 qmailq qmail   48 Apr 20 12:58 lock
drwxr-x--- 25 qmailq qmail 4096 Apr 20 09:49 mess
drwx--  2 qmailq qmail6 May  5 08:34 pid
drwx-- 25 qmails qmail 4096 Apr 20 09:49 remote
drwxr-x---  2 qmailq qmail6 May  5 08:34 todo

[root]# ls -l /var/qmail/q*/*
/var/qmail/queue/bounce:
total 0

/var/qmail/queue/info:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 May  3 04:52 18
drwx-- 2 qmails qmail 6 May  5 08:34 19
drwx-- 2 qmails qmail 6 May  1 03:42 2
drwx-- 2 qmails qmail 6 May  4 03:47 20
drwx-- 2 qmails qmail 6 Apr 20 09:49 21
drwx-- 2 qmails qmail 6 Apr 20 09:49 22
drwx-- 2 qmails qmail 6 May  4 03:47 3
drwx-- 2 qmails qmail 6 May  5 08:34 4
drwx-- 2 qmails qmail 6 May  2 04:49 5
drwx-- 2 qmails qmail 6 May  1 07:21 6
drwx-- 2 qmails qmail 6 Apr 23 03:23 7
drwx-- 2 qmails qmail 6 May  2 04:49 8
drwx-- 2 qmails qmail 6 Apr 20 13:02 9

/var/qmail/queue/intd:
total 0

/var/qmail/queue/local:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 May  3 04:52 18
drwx-- 2 qmails qmail 6 May  5 08:34 19
drwx-- 2 qmails qmail 6 May  1 03:42 2
drwx-- 2 qmails qmail 6 May  4 03:47 20
drwx-- 2 qmails qmail 6 Apr 20 09:49 21
drwx-- 2 qmails qmail 6 Apr 20 09:49 22
drwx-- 2 qmails qmail 6 May  4 03:47 3
drwx-- 2 qmails qmail 6 May  5 08:34 4
drwx-- 2 qmails qmail 6 May  2 04:49 5
drwx-- 2 qmails qmail 6 May  1 07:21 6
drwx-- 2 qmails qmail 6 Apr 23 03:23 7
drwx-- 2 qmails qmail 6 May  2 04:49 8
drwx-- 2 qmails qmail 6 Apr 20 09:49 9

/var/qmail/queue/lock:
total 4
-rw--- 1 qmails qmail0 Apr 20 09:49 sendmutex
-rw-r--r-- 1 qmailr qmail 1024 Apr 27 06:08 tcpto
prw--w--w- 1 qmails qmail0 May  5 08:34 trigger

/var/qmail/queue/mess:
total 0
drwxr-x--- 2 qmailq qmail 6 May  3 03:21 0
drwxr-x--- 2 qmailq qmail 6 May  3 04:52 1
drwxr-x--- 2 qmailq qmail 6 

Re: [qmailtoaster] qq soft reject with Centos 7

[Eric Broch]

Hmm... not sure.

Not sure if you a 'c' programmer but here's the code:

  if ( MailFrom[0] == 0 && RcptTo[0][0] == 0 ) {
if ( DebugFlag > 0 ) {
  fprintf(stderr, "simscan: no envelope information, deferred exit\n");
}
exit_clean(EXIT_454);
  }

Looks like the 'mail from' and 'rcpt to' variables are empty.


On 5/6/2017 8:58 AM, Jeff Koch wrote:

Hi Eric:

One other thing. What does it mean when we see  'simscan: no envelope 
information, deferred exit'? As in the following:



2017-05-06 09:45:11.691723500 simscan: checking attachment 
image003.png against .bat
2017-05-06 09:45:11.691723500 simscan: checking attachment 
image003.png against .pif

2017-05-06 09:45:11.691724500 simscan: cdb looking up version attach
2017-05-06 09:45:11.691724500 simscan: runned_scanners is attach: 1.4.0
2017-05-06 09:45:11.691725500 simscan: found 1.4.0
2017-05-06 09:45:11.691725500 simscan: calling clamdscan
2017-05-06 09:45:11.728577500 simscan: clamdscan: 
/var/qmail/simscan/1494081910.545549.2165: OK

2017-05-06 09:45:11.728632500 simscan: clamdscan:
2017-05-06 09:45:11.728633500 simscan: clamdscan: --- SCAN 
SUMMARY ---

2017-05-06 09:45:11.728672500 simscan: clamdscan: Infected files: 0
2017-05-06 09:45:11.728684500 simscan: clamdscan: Time: 0.034 sec (0 m 
0 s)

2017-05-06 09:45:11.728961500 simscan: cdb looking up version clamav
2017-05-06 09:45:11.728975500 simscan: runned_scanners is attach: 
1.4.0 clamav: 0.99.2/m:

2017-05-06 09:45:11.728976500 simscan: found 0.99.2/m:
2017-05-06 09:45:11.728977500 simscan: normal clamdscan return code: 0
2017-05-06 09:45:11.728998500 simscan: done, execing qmail-queue
2017-05-06 09:45:11.758794500 simscan: qmail-queue exited 0
2017-05-06 09:45:12.076061500 simscan: no envelope information, 
deferred exit

2017-05-06 09:45:12.076219500 simscan: exit error code: 54

Jeff

On 5/6/2017 10:21 AM, Eric Broch wrote:


[root]#ls -ld /var/qmail/simscan
drwxr-x--- 4 clamav root 64 Apr 20 14:18 /var/qmail/simscan

[root]# ls -ld /var/qmail/simscan/*
drwxr-x--- 2 clamav root 39 Dec 23 01:26 
/var/qmail/simscan/1482481568.945036.3336
drwxr-x--- 2 clamav root 73 Dec 23 01:34 
/var/qmail/simscan/1482482077.257292.3618


yum reinstall simscan



On 5/5/2017 12:16 PM, Jeff Koch wrote:

Hi Eric:

What do your permissions look like for /var/qmail/simscan and it's 
subdirectories ?


Also, we installed everthing from the QMT install script. What's the 
procedure for removing and reinstalling simscan?


Thanks for your help.

Jeff

On 5/5/2017 1:42 PM, Eric Broch wrote:


It does look like a permission's issue. Try these steps with 
restart and reload of qmail between each step


1) Check permissions on your queue, visibly (mine below ).

2) Check /var/qmail/bin permissions (mine below ).

3) Remove and reinstall simscan

4) Try running one of the good queue repair tools like qfixq, 
qmail_repair.py. With these make absolutely sure qmail is OFF, and 
that there are NO straggling send processes.




[root]# ls -ld /var/qmail/queue
drwxr-x--- 11 qmailq qmail 109 Apr 20 09:49 /var/qmail/queue

[root]# ls -l /var/qmail/q*
total 16
drwx--  2 qmails qmail6 Apr 20 09:49 bounce
drwx-- 25 qmails qmail 4096 Apr 20 09:49 info
drwx--  2 qmailq qmail6 May  5 08:34 intd
drwx-- 25 qmails qmail 4096 Apr 20 09:49 local
drwxr-x---  2 qmailq qmail   48 Apr 20 12:58 lock
drwxr-x--- 25 qmailq qmail 4096 Apr 20 09:49 mess
drwx--  2 qmailq qmail6 May  5 08:34 pid
drwx-- 25 qmails qmail 4096 Apr 20 09:49 remote
drwxr-x---  2 qmailq qmail6 May  5 08:34 todo

[root]# ls -l /var/qmail/q*/*
/var/qmail/queue/bounce:
total 0

/var/qmail/queue/info:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 May  3 04:52 18
drwx-- 2 qmails qmail 6 May  5 08:34 19
drwx-- 2 qmails qmail 6 May  1 03:42 2
drwx-- 2 qmails qmail 6 May  4 03:47 20
drwx-- 2 qmails qmail 6 Apr 20 09:49 21
drwx-- 2 qmails qmail 6 Apr 20 09:49 22
drwx-- 2 qmails qmail 6 May  4 03:47 3
drwx-- 2 qmails qmail 6 May  5 08:34 4
drwx-- 2 qmails qmail 6 May  2 04:49 5
drwx-- 2 qmails qmail 6 May  1 07:21 6
drwx-- 2 qmails qmail 6 Apr 23 03:23 7
drwx-- 2 qmails qmail 6 May  2 04:49 8
drwx-- 2 qmails qmail 6 Apr 20 13:02 9

/var/qmail/queue/intd:
total 0

/var/qmail/queue/local:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 

Re: [qmailtoaster] qq soft reject with Centos 7

[Jeff Koch]

Hi Eric:

One other thing. What does it mean when we see  'simscan: no envelope 
information, deferred exit'? As in the following:



2017-05-06 09:45:11.691723500 simscan: checking attachment image003.png 
against .bat
2017-05-06 09:45:11.691723500 simscan: checking attachment image003.png 
against .pif

2017-05-06 09:45:11.691724500 simscan: cdb looking up version attach
2017-05-06 09:45:11.691724500 simscan: runned_scanners is  attach: 1.4.0
2017-05-06 09:45:11.691725500 simscan: found 1.4.0
2017-05-06 09:45:11.691725500 simscan: calling clamdscan
2017-05-06 09:45:11.728577500 simscan: clamdscan: 
/var/qmail/simscan/1494081910.545549.2165: OK

2017-05-06 09:45:11.728632500 simscan: clamdscan:
2017-05-06 09:45:11.728633500 simscan: clamdscan: --- SCAN 
SUMMARY ---

2017-05-06 09:45:11.728672500 simscan: clamdscan: Infected files: 0
2017-05-06 09:45:11.728684500 simscan: clamdscan: Time: 0.034 sec (0 m 0 s)
2017-05-06 09:45:11.728961500 simscan: cdb looking up version clamav
2017-05-06 09:45:11.728975500 simscan: runned_scanners is  attach: 1.4.0 
clamav: 0.99.2/m:

2017-05-06 09:45:11.728976500 simscan: found 0.99.2/m:
2017-05-06 09:45:11.728977500 simscan: normal clamdscan return code: 0
2017-05-06 09:45:11.728998500 simscan: done, execing qmail-queue
2017-05-06 09:45:11.758794500 simscan: qmail-queue exited 0
2017-05-06 09:45:12.076061500 simscan: no envelope information, deferred 
exit

2017-05-06 09:45:12.076219500 simscan: exit error code: 54

Jeff

On 5/6/2017 10:21 AM, Eric Broch wrote:


[root]#ls -ld /var/qmail/simscan
drwxr-x--- 4 clamav root 64 Apr 20 14:18 /var/qmail/simscan

[root]# ls -ld /var/qmail/simscan/*
drwxr-x--- 2 clamav root 39 Dec 23 01:26 
/var/qmail/simscan/1482481568.945036.3336
drwxr-x--- 2 clamav root 73 Dec 23 01:34 
/var/qmail/simscan/1482482077.257292.3618


yum reinstall simscan



On 5/5/2017 12:16 PM, Jeff Koch wrote:

Hi Eric:

What do your permissions look like for /var/qmail/simscan and it's 
subdirectories ?


Also, we installed everthing from the QMT install script. What's the 
procedure for removing and reinstalling simscan?


Thanks for your help.

Jeff

On 5/5/2017 1:42 PM, Eric Broch wrote:


It does look like a permission's issue. Try these steps with restart 
and reload of qmail between each step


1) Check permissions on your queue, visibly (mine below ).

2) Check /var/qmail/bin permissions (mine below ).

3) Remove and reinstall simscan

4) Try running one of the good queue repair tools like qfixq, 
qmail_repair.py. With these make absolutely sure qmail is OFF, and 
that there are NO straggling send processes.




[root]# ls -ld /var/qmail/queue
drwxr-x--- 11 qmailq qmail 109 Apr 20 09:49 /var/qmail/queue

[root]# ls -l /var/qmail/q*
total 16
drwx--  2 qmails qmail6 Apr 20 09:49 bounce
drwx-- 25 qmails qmail 4096 Apr 20 09:49 info
drwx--  2 qmailq qmail6 May  5 08:34 intd
drwx-- 25 qmails qmail 4096 Apr 20 09:49 local
drwxr-x---  2 qmailq qmail   48 Apr 20 12:58 lock
drwxr-x--- 25 qmailq qmail 4096 Apr 20 09:49 mess
drwx--  2 qmailq qmail6 May  5 08:34 pid
drwx-- 25 qmails qmail 4096 Apr 20 09:49 remote
drwxr-x---  2 qmailq qmail6 May  5 08:34 todo

[root]# ls -l /var/qmail/q*/*
/var/qmail/queue/bounce:
total 0

/var/qmail/queue/info:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 May  3 04:52 18
drwx-- 2 qmails qmail 6 May  5 08:34 19
drwx-- 2 qmails qmail 6 May  1 03:42 2
drwx-- 2 qmails qmail 6 May  4 03:47 20
drwx-- 2 qmails qmail 6 Apr 20 09:49 21
drwx-- 2 qmails qmail 6 Apr 20 09:49 22
drwx-- 2 qmails qmail 6 May  4 03:47 3
drwx-- 2 qmails qmail 6 May  5 08:34 4
drwx-- 2 qmails qmail 6 May  2 04:49 5
drwx-- 2 qmails qmail 6 May  1 07:21 6
drwx-- 2 qmails qmail 6 Apr 23 03:23 7
drwx-- 2 qmails qmail 6 May  2 04:49 8
drwx-- 2 qmails qmail 6 Apr 20 13:02 9

/var/qmail/queue/intd:
total 0

/var/qmail/queue/local:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 May  3 04:52 18
drwx-- 2 qmails qmail 6 May  5 08:34 19
drwx-- 2 qmails qmail 6 May  1 03:42 2
drwx-- 2 qmails qmail 6 May  4 03:47 20

Re: [qmailtoaster] qq soft reject with Centos 7

[Jeff Koch]

Eric - thanks - Jeff

On 5/6/2017 10:21 AM, Eric Broch wrote:


[root]#ls -ld /var/qmail/simscan
drwxr-x--- 4 clamav root 64 Apr 20 14:18 /var/qmail/simscan

[root]# ls -ld /var/qmail/simscan/*
drwxr-x--- 2 clamav root 39 Dec 23 01:26 
/var/qmail/simscan/1482481568.945036.3336
drwxr-x--- 2 clamav root 73 Dec 23 01:34 
/var/qmail/simscan/1482482077.257292.3618


yum reinstall simscan



On 5/5/2017 12:16 PM, Jeff Koch wrote:

Hi Eric:

What do your permissions look like for /var/qmail/simscan and it's 
subdirectories ?


Also, we installed everthing from the QMT install script. What's the 
procedure for removing and reinstalling simscan?


Thanks for your help.

Jeff

On 5/5/2017 1:42 PM, Eric Broch wrote:


It does look like a permission's issue. Try these steps with restart 
and reload of qmail between each step


1) Check permissions on your queue, visibly (mine below ).

2) Check /var/qmail/bin permissions (mine below ).

3) Remove and reinstall simscan

4) Try running one of the good queue repair tools like qfixq, 
qmail_repair.py. With these make absolutely sure qmail is OFF, and 
that there are NO straggling send processes.




[root]# ls -ld /var/qmail/queue
drwxr-x--- 11 qmailq qmail 109 Apr 20 09:49 /var/qmail/queue

[root]# ls -l /var/qmail/q*
total 16
drwx--  2 qmails qmail6 Apr 20 09:49 bounce
drwx-- 25 qmails qmail 4096 Apr 20 09:49 info
drwx--  2 qmailq qmail6 May  5 08:34 intd
drwx-- 25 qmails qmail 4096 Apr 20 09:49 local
drwxr-x---  2 qmailq qmail   48 Apr 20 12:58 lock
drwxr-x--- 25 qmailq qmail 4096 Apr 20 09:49 mess
drwx--  2 qmailq qmail6 May  5 08:34 pid
drwx-- 25 qmails qmail 4096 Apr 20 09:49 remote
drwxr-x---  2 qmailq qmail6 May  5 08:34 todo

[root]# ls -l /var/qmail/q*/*
/var/qmail/queue/bounce:
total 0

/var/qmail/queue/info:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 May  3 04:52 18
drwx-- 2 qmails qmail 6 May  5 08:34 19
drwx-- 2 qmails qmail 6 May  1 03:42 2
drwx-- 2 qmails qmail 6 May  4 03:47 20
drwx-- 2 qmails qmail 6 Apr 20 09:49 21
drwx-- 2 qmails qmail 6 Apr 20 09:49 22
drwx-- 2 qmails qmail 6 May  4 03:47 3
drwx-- 2 qmails qmail 6 May  5 08:34 4
drwx-- 2 qmails qmail 6 May  2 04:49 5
drwx-- 2 qmails qmail 6 May  1 07:21 6
drwx-- 2 qmails qmail 6 Apr 23 03:23 7
drwx-- 2 qmails qmail 6 May  2 04:49 8
drwx-- 2 qmails qmail 6 Apr 20 13:02 9

/var/qmail/queue/intd:
total 0

/var/qmail/queue/local:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 May  3 04:52 18
drwx-- 2 qmails qmail 6 May  5 08:34 19
drwx-- 2 qmails qmail 6 May  1 03:42 2
drwx-- 2 qmails qmail 6 May  4 03:47 20
drwx-- 2 qmails qmail 6 Apr 20 09:49 21
drwx-- 2 qmails qmail 6 Apr 20 09:49 22
drwx-- 2 qmails qmail 6 May  4 03:47 3
drwx-- 2 qmails qmail 6 May  5 08:34 4
drwx-- 2 qmails qmail 6 May  2 04:49 5
drwx-- 2 qmails qmail 6 May  1 07:21 6
drwx-- 2 qmails qmail 6 Apr 23 03:23 7
drwx-- 2 qmails qmail 6 May  2 04:49 8
drwx-- 2 qmails qmail 6 Apr 20 09:49 9

/var/qmail/queue/lock:
total 4
-rw--- 1 qmails qmail0 Apr 20 09:49 sendmutex
-rw-r--r-- 1 qmailr qmail 1024 Apr 27 06:08 tcpto
prw--w--w- 1 qmails qmail0 May  5 08:34 trigger

/var/qmail/queue/mess:
total 0
drwxr-x--- 2 qmailq qmail 6 May  3 03:21 0
drwxr-x--- 2 qmailq qmail 6 May  3 04:52 1
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 10
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 11
drwxr-x--- 2 qmailq qmail 6 Apr 21 06:06 12
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 13
drwxr-x--- 2 qmailq qmail 6 May  5 03:31 14
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 15
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 16
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 17
drwxr-x--- 2 qmailq qmail 6 May  3 04:52 18
drwxr-x--- 2 qmailq qmail 6 May  5 08:34 19
drwxr-x--- 2 qmailq qmail 6 May  1 03:42 2
drwxr-x--- 2 qmailq qmail 6 May  4 03:47 20
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 21
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 22
drwxr-x--- 2 qmailq qmail 6 May  4 03:47 3
drwxr-x--- 2 qmailq qmail 6 May  5 08:34 4
drwxr-x--- 2 qmailq qmail 6 May  2 04:49 5
drwxr-x--- 2 qmailq qmail 6 May  1 07:21 6

Re: [qmailtoaster] qq soft reject with Centos 7

[Eric Broch]

[root]#ls -ld /var/qmail/simscan
drwxr-x--- 4 clamav root 64 Apr 20 14:18 /var/qmail/simscan

[root]# ls -ld /var/qmail/simscan/*
drwxr-x--- 2 clamav root 39 Dec 23 01:26 
/var/qmail/simscan/1482481568.945036.3336
drwxr-x--- 2 clamav root 73 Dec 23 01:34 
/var/qmail/simscan/1482482077.257292.3618


yum reinstall simscan



On 5/5/2017 12:16 PM, Jeff Koch wrote:

Hi Eric:

What do your permissions look like for /var/qmail/simscan and it's 
subdirectories ?


Also, we installed everthing from the QMT install script. What's the 
procedure for removing and reinstalling simscan?


Thanks for your help.

Jeff

On 5/5/2017 1:42 PM, Eric Broch wrote:


It does look like a permission's issue. Try these steps with restart 
and reload of qmail between each step


1) Check permissions on your queue, visibly (mine below ).

2) Check /var/qmail/bin permissions (mine below ).

3) Remove and reinstall simscan

4) Try running one of the good queue repair tools like qfixq, 
qmail_repair.py. With these make absolutely sure qmail is OFF, and 
that there are NO straggling send processes.




[root]# ls -ld /var/qmail/queue
drwxr-x--- 11 qmailq qmail 109 Apr 20 09:49 /var/qmail/queue

[root]# ls -l /var/qmail/q*
total 16
drwx--  2 qmails qmail6 Apr 20 09:49 bounce
drwx-- 25 qmails qmail 4096 Apr 20 09:49 info
drwx--  2 qmailq qmail6 May  5 08:34 intd
drwx-- 25 qmails qmail 4096 Apr 20 09:49 local
drwxr-x---  2 qmailq qmail   48 Apr 20 12:58 lock
drwxr-x--- 25 qmailq qmail 4096 Apr 20 09:49 mess
drwx--  2 qmailq qmail6 May  5 08:34 pid
drwx-- 25 qmails qmail 4096 Apr 20 09:49 remote
drwxr-x---  2 qmailq qmail6 May  5 08:34 todo

[root]# ls -l /var/qmail/q*/*
/var/qmail/queue/bounce:
total 0

/var/qmail/queue/info:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 May  3 04:52 18
drwx-- 2 qmails qmail 6 May  5 08:34 19
drwx-- 2 qmails qmail 6 May  1 03:42 2
drwx-- 2 qmails qmail 6 May  4 03:47 20
drwx-- 2 qmails qmail 6 Apr 20 09:49 21
drwx-- 2 qmails qmail 6 Apr 20 09:49 22
drwx-- 2 qmails qmail 6 May  4 03:47 3
drwx-- 2 qmails qmail 6 May  5 08:34 4
drwx-- 2 qmails qmail 6 May  2 04:49 5
drwx-- 2 qmails qmail 6 May  1 07:21 6
drwx-- 2 qmails qmail 6 Apr 23 03:23 7
drwx-- 2 qmails qmail 6 May  2 04:49 8
drwx-- 2 qmails qmail 6 Apr 20 13:02 9

/var/qmail/queue/intd:
total 0

/var/qmail/queue/local:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 May  3 04:52 18
drwx-- 2 qmails qmail 6 May  5 08:34 19
drwx-- 2 qmails qmail 6 May  1 03:42 2
drwx-- 2 qmails qmail 6 May  4 03:47 20
drwx-- 2 qmails qmail 6 Apr 20 09:49 21
drwx-- 2 qmails qmail 6 Apr 20 09:49 22
drwx-- 2 qmails qmail 6 May  4 03:47 3
drwx-- 2 qmails qmail 6 May  5 08:34 4
drwx-- 2 qmails qmail 6 May  2 04:49 5
drwx-- 2 qmails qmail 6 May  1 07:21 6
drwx-- 2 qmails qmail 6 Apr 23 03:23 7
drwx-- 2 qmails qmail 6 May  2 04:49 8
drwx-- 2 qmails qmail 6 Apr 20 09:49 9

/var/qmail/queue/lock:
total 4
-rw--- 1 qmails qmail0 Apr 20 09:49 sendmutex
-rw-r--r-- 1 qmailr qmail 1024 Apr 27 06:08 tcpto
prw--w--w- 1 qmails qmail0 May  5 08:34 trigger

/var/qmail/queue/mess:
total 0
drwxr-x--- 2 qmailq qmail 6 May  3 03:21 0
drwxr-x--- 2 qmailq qmail 6 May  3 04:52 1
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 10
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 11
drwxr-x--- 2 qmailq qmail 6 Apr 21 06:06 12
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 13
drwxr-x--- 2 qmailq qmail 6 May  5 03:31 14
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 15
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 16
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 17
drwxr-x--- 2 qmailq qmail 6 May  3 04:52 18
drwxr-x--- 2 qmailq qmail 6 May  5 08:34 19
drwxr-x--- 2 qmailq qmail 6 May  1 03:42 2
drwxr-x--- 2 qmailq qmail 6 May  4 03:47 20
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 21
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 22
drwxr-x--- 2 qmailq qmail 6 May  4 03:47 3
drwxr-x--- 2 qmailq qmail 6 May  5 08:34 4
drwxr-x--- 2 qmailq qmail 6 May  2 04:49 5
drwxr-x--- 2 qmailq qmail 6 May  1 07:21 6
drwxr-x--- 2 qmailq qmail 6 Apr 23 03:23 7
drwxr-x--- 2 qmailq 

Re: [qmailtoaster] qq soft reject with Centos 7

[Jeff Koch]

Hi Eric:

What do your permissions look like for /var/qmail/simscan and it's 
subdirectories ?


Also, we installed everthing from the QMT install script. What's the 
procedure for removing and reinstalling simscan?


Thanks for your help.

Jeff

On 5/5/2017 1:42 PM, Eric Broch wrote:


It does look like a permission's issue. Try these steps with restart 
and reload of qmail between each step


1) Check permissions on your queue, visibly (mine below ).

2) Check /var/qmail/bin permissions (mine below ).

3) Remove and reinstall simscan

4) Try running one of the good queue repair tools like qfixq, 
qmail_repair.py. With these make absolutely sure qmail is OFF, and 
that there are NO straggling send processes.




[root]# ls -ld /var/qmail/queue
drwxr-x--- 11 qmailq qmail 109 Apr 20 09:49 /var/qmail/queue

[root]# ls -l /var/qmail/q*
total 16
drwx--  2 qmails qmail6 Apr 20 09:49 bounce
drwx-- 25 qmails qmail 4096 Apr 20 09:49 info
drwx--  2 qmailq qmail6 May  5 08:34 intd
drwx-- 25 qmails qmail 4096 Apr 20 09:49 local
drwxr-x---  2 qmailq qmail   48 Apr 20 12:58 lock
drwxr-x--- 25 qmailq qmail 4096 Apr 20 09:49 mess
drwx--  2 qmailq qmail6 May  5 08:34 pid
drwx-- 25 qmails qmail 4096 Apr 20 09:49 remote
drwxr-x---  2 qmailq qmail6 May  5 08:34 todo

[root]# ls -l /var/qmail/q*/*
/var/qmail/queue/bounce:
total 0

/var/qmail/queue/info:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 May  3 04:52 18
drwx-- 2 qmails qmail 6 May  5 08:34 19
drwx-- 2 qmails qmail 6 May  1 03:42 2
drwx-- 2 qmails qmail 6 May  4 03:47 20
drwx-- 2 qmails qmail 6 Apr 20 09:49 21
drwx-- 2 qmails qmail 6 Apr 20 09:49 22
drwx-- 2 qmails qmail 6 May  4 03:47 3
drwx-- 2 qmails qmail 6 May  5 08:34 4
drwx-- 2 qmails qmail 6 May  2 04:49 5
drwx-- 2 qmails qmail 6 May  1 07:21 6
drwx-- 2 qmails qmail 6 Apr 23 03:23 7
drwx-- 2 qmails qmail 6 May  2 04:49 8
drwx-- 2 qmails qmail 6 Apr 20 13:02 9

/var/qmail/queue/intd:
total 0

/var/qmail/queue/local:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 May  3 04:52 18
drwx-- 2 qmails qmail 6 May  5 08:34 19
drwx-- 2 qmails qmail 6 May  1 03:42 2
drwx-- 2 qmails qmail 6 May  4 03:47 20
drwx-- 2 qmails qmail 6 Apr 20 09:49 21
drwx-- 2 qmails qmail 6 Apr 20 09:49 22
drwx-- 2 qmails qmail 6 May  4 03:47 3
drwx-- 2 qmails qmail 6 May  5 08:34 4
drwx-- 2 qmails qmail 6 May  2 04:49 5
drwx-- 2 qmails qmail 6 May  1 07:21 6
drwx-- 2 qmails qmail 6 Apr 23 03:23 7
drwx-- 2 qmails qmail 6 May  2 04:49 8
drwx-- 2 qmails qmail 6 Apr 20 09:49 9

/var/qmail/queue/lock:
total 4
-rw--- 1 qmails qmail0 Apr 20 09:49 sendmutex
-rw-r--r-- 1 qmailr qmail 1024 Apr 27 06:08 tcpto
prw--w--w- 1 qmails qmail0 May  5 08:34 trigger

/var/qmail/queue/mess:
total 0
drwxr-x--- 2 qmailq qmail 6 May  3 03:21 0
drwxr-x--- 2 qmailq qmail 6 May  3 04:52 1
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 10
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 11
drwxr-x--- 2 qmailq qmail 6 Apr 21 06:06 12
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 13
drwxr-x--- 2 qmailq qmail 6 May  5 03:31 14
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 15
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 16
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 17
drwxr-x--- 2 qmailq qmail 6 May  3 04:52 18
drwxr-x--- 2 qmailq qmail 6 May  5 08:34 19
drwxr-x--- 2 qmailq qmail 6 May  1 03:42 2
drwxr-x--- 2 qmailq qmail 6 May  4 03:47 20
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 21
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 22
drwxr-x--- 2 qmailq qmail 6 May  4 03:47 3
drwxr-x--- 2 qmailq qmail 6 May  5 08:34 4
drwxr-x--- 2 qmailq qmail 6 May  2 04:49 5
drwxr-x--- 2 qmailq qmail 6 May  1 07:21 6
drwxr-x--- 2 qmailq qmail 6 Apr 23 03:23 7
drwxr-x--- 2 qmailq qmail 6 May  2 04:49 8
drwxr-x--- 2 qmailq qmail 6 Apr 20 13:02 9

/var/qmail/queue/pid:
total 0

/var/qmail/queue/remote:
total 0
drwx-- 2 qmails qmail 6 Apr 20 09:49 0
drwx-- 2 qmails qmail 6 Apr 20 09:49 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 20 09:49 12
drwx-- 2 qmails 

Re: [qmailtoaster] qq soft reject with Centos 7

[Eric Broch]

It does look like a permission's issue. Try these steps with restart and 
reload of qmail between each step


1) Check permissions on your queue, visibly (mine below ).

2) Check /var/qmail/bin permissions (mine below ).

3) Remove and reinstall simscan

4) Try running one of the good queue repair tools like qfixq, 
qmail_repair.py. With these make absolutely sure qmail is OFF, and that 
there are NO straggling send processes.




[root]# ls -ld /var/qmail/queue
drwxr-x--- 11 qmailq qmail 109 Apr 20 09:49 /var/qmail/queue

[root]# ls -l /var/qmail/q*
total 16
drwx--  2 qmails qmail6 Apr 20 09:49 bounce
drwx-- 25 qmails qmail 4096 Apr 20 09:49 info
drwx--  2 qmailq qmail6 May  5 08:34 intd
drwx-- 25 qmails qmail 4096 Apr 20 09:49 local
drwxr-x---  2 qmailq qmail   48 Apr 20 12:58 lock
drwxr-x--- 25 qmailq qmail 4096 Apr 20 09:49 mess
drwx--  2 qmailq qmail6 May  5 08:34 pid
drwx-- 25 qmails qmail 4096 Apr 20 09:49 remote
drwxr-x---  2 qmailq qmail6 May  5 08:34 todo

[root]# ls -l /var/qmail/q*/*
/var/qmail/queue/bounce:
total 0

/var/qmail/queue/info:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 May  3 04:52 18
drwx-- 2 qmails qmail 6 May  5 08:34 19
drwx-- 2 qmails qmail 6 May  1 03:42 2
drwx-- 2 qmails qmail 6 May  4 03:47 20
drwx-- 2 qmails qmail 6 Apr 20 09:49 21
drwx-- 2 qmails qmail 6 Apr 20 09:49 22
drwx-- 2 qmails qmail 6 May  4 03:47 3
drwx-- 2 qmails qmail 6 May  5 08:34 4
drwx-- 2 qmails qmail 6 May  2 04:49 5
drwx-- 2 qmails qmail 6 May  1 07:21 6
drwx-- 2 qmails qmail 6 Apr 23 03:23 7
drwx-- 2 qmails qmail 6 May  2 04:49 8
drwx-- 2 qmails qmail 6 Apr 20 13:02 9

/var/qmail/queue/intd:
total 0

/var/qmail/queue/local:
total 0
drwx-- 2 qmails qmail 6 May  3 03:21 0
drwx-- 2 qmails qmail 6 May  3 04:52 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 21 06:06 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 May  5 03:31 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 May  3 04:52 18
drwx-- 2 qmails qmail 6 May  5 08:34 19
drwx-- 2 qmails qmail 6 May  1 03:42 2
drwx-- 2 qmails qmail 6 May  4 03:47 20
drwx-- 2 qmails qmail 6 Apr 20 09:49 21
drwx-- 2 qmails qmail 6 Apr 20 09:49 22
drwx-- 2 qmails qmail 6 May  4 03:47 3
drwx-- 2 qmails qmail 6 May  5 08:34 4
drwx-- 2 qmails qmail 6 May  2 04:49 5
drwx-- 2 qmails qmail 6 May  1 07:21 6
drwx-- 2 qmails qmail 6 Apr 23 03:23 7
drwx-- 2 qmails qmail 6 May  2 04:49 8
drwx-- 2 qmails qmail 6 Apr 20 09:49 9

/var/qmail/queue/lock:
total 4
-rw--- 1 qmails qmail0 Apr 20 09:49 sendmutex
-rw-r--r-- 1 qmailr qmail 1024 Apr 27 06:08 tcpto
prw--w--w- 1 qmails qmail0 May  5 08:34 trigger

/var/qmail/queue/mess:
total 0
drwxr-x--- 2 qmailq qmail 6 May  3 03:21 0
drwxr-x--- 2 qmailq qmail 6 May  3 04:52 1
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 10
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 11
drwxr-x--- 2 qmailq qmail 6 Apr 21 06:06 12
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 13
drwxr-x--- 2 qmailq qmail 6 May  5 03:31 14
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 15
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 16
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 17
drwxr-x--- 2 qmailq qmail 6 May  3 04:52 18
drwxr-x--- 2 qmailq qmail 6 May  5 08:34 19
drwxr-x--- 2 qmailq qmail 6 May  1 03:42 2
drwxr-x--- 2 qmailq qmail 6 May  4 03:47 20
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 21
drwxr-x--- 2 qmailq qmail 6 Apr 20 09:49 22
drwxr-x--- 2 qmailq qmail 6 May  4 03:47 3
drwxr-x--- 2 qmailq qmail 6 May  5 08:34 4
drwxr-x--- 2 qmailq qmail 6 May  2 04:49 5
drwxr-x--- 2 qmailq qmail 6 May  1 07:21 6
drwxr-x--- 2 qmailq qmail 6 Apr 23 03:23 7
drwxr-x--- 2 qmailq qmail 6 May  2 04:49 8
drwxr-x--- 2 qmailq qmail 6 Apr 20 13:02 9

/var/qmail/queue/pid:
total 0

/var/qmail/queue/remote:
total 0
drwx-- 2 qmails qmail 6 Apr 20 09:49 0
drwx-- 2 qmails qmail 6 Apr 20 09:49 1
drwx-- 2 qmails qmail 6 Apr 20 09:49 10
drwx-- 2 qmails qmail 6 Apr 20 09:49 11
drwx-- 2 qmails qmail 6 Apr 20 09:49 12
drwx-- 2 qmails qmail 6 Apr 20 09:49 13
drwx-- 2 qmails qmail 6 Apr 20 09:49 14
drwx-- 2 qmails qmail 6 Apr 20 09:49 15
drwx-- 2 qmails qmail 6 Apr 20 09:49 16
drwx-- 2 qmails qmail 6 Apr 20 09:49 17
drwx-- 2 qmails qmail 6 Apr 20 09:49 18
drwx-- 2 qmails qmail 6 Apr 20 13:10 19

Re: [qmailtoaster] qq soft reject with Centos 7

[Jeff Koch]

Hi Eric:

simscan debugging log seems to be showing the problem but I'll need your 
help figuring out what to do about it. Here's a copy of simscan log 
entries showing the 451 'qq soft reject' errors. I have clamav disabled 
in simscan but you can see that simscan is still taking apart the 
attachments.


Keep in mind that not all emails with attachments are having the soft 
reject issue. Here are two examples where attachments generated a soft 
reject and one example where it didn't.


I googled 'exit error code: 71' and found some references going back to 
2006-7 discussing group permissions on /var/qmail/simscan and umask 
issues and the simscan-1.4.0-umask.patch that was supposed to correct 
this problem.


Any idea what I should do to fix this problem on my server?

Thanks, Jeff Koch

Example One - showing 451 qq soft reject

2017-05-05 11:08:35.407367500 simscan: checking attachment textfile1 
against .pif
2017-05-05 11:08:35.407368500 simscan: checking attachment textfile2 
against .mp3
2017-05-05 11:08:35.407374500 simscan: checking attachment textfile2 
against .src
2017-05-05 11:08:35.407375500 simscan: checking attachment textfile2 
against .bat
2017-05-05 11:08:35.407375500 simscan: checking attachment textfile2 
against .pif

2017-05-05 11:08:35.407376500 simscan: cdb looking up version attach
2017-05-05 11:08:35.407376500 simscan: runned_scanners is  attach: 1.4.0
2017-05-05 11:08:35.407377500 simscan: found 1.4.0
2017-05-05 11:08:35.407377500 simscan: clamdscan disabled
2017-05-05 11:08:35.407378500 simscan: done, execing qmail-queue
2017-05-05 11:08:35.408635500 simscan: error writing msg to qmail-queue 
error: 32

2017-05-05 11:08:35.408812500 simscan: exit error code: 71
2017-05-05 11:08:35.408991500 qmail-smtpd: qq soft reject (mail server 
temporarily rejected message (#4.3.0)): 
MAILFROM: 
RCPTTO:jere...@stinternational.com


Example Two - showing 451 qq soft reject

2017-05-05 11:08:45.623775500 simscan: checking attachment ficha de 
inscripcion logistica de .xlsx against .bat
2017-05-05 11:08:45.623776500 simscan: checking attachment ficha de 
inscripcion logistica de .xlsx against .pif
2017-05-05 11:08:45.623778500 simscan: checking attachment FICHA DE 
.xlsx against .mp3
2017-05-05 11:08:45.623779500 simscan: checking attachment ficha de 
i.xlsx against .src
2017-05-05 11:08:45.623779500 simscan: checking attachment ficha de 
.xlsx against .bat
2017-05-05 11:08:45.623780500 simscan: checking attachment ficha de 
.xlsx against .pif

2017-05-05 11:08:45.623780500 simscan: cdb looking up version attach
2017-05-05 11:08:45.623785500 simscan: runned_scanners is  attach: 1.4.0
2017-05-05 11:08:45.623785500 simscan: found 1.4.0
2017-05-05 11:08:45.623786500 simscan: clamdscan disabled
2017-05-05 11:08:45.623807500 simscan: done, execing qmail-queue
2017-05-05 11:08:45.625205500 simscan: error writing msg to qmail-queue 
error: 32

2017-05-05 11:08:45.625526500 simscan: exit error code: 71
2017-05-05 11:08:45.625718500 qmail-smtpd: qq soft reject (mail server 
temporarily rejected message (#4.3.0)): 
MAILFROM:<77-return-9-mantenimiento=crsf.com...@seminarioxxx.com> 
RCPTTO:mant...@.com.ec


Example Three - attachments but no error

2017-05-05 11:08:53.901311500 simscan: checking attachment textfile2 
against .bat
2017-05-05 11:08:53.901312500 simscan: checking attachment textfile2 
against .pif
2017-05-05 11:08:53.901312500 simscan: checking attachment textfile3 
against .mp3
2017-05-05 11:08:53.901313500 simscan: checking attachment textfile3 
against .src
2017-05-05 11:08:53.901313500 simscan: checking attachment textfile3 
against .bat
2017-05-05 11:08:53.901314500 simscan: checking attachment textfile3 
against .pif

2017-05-05 11:08:53.901316500 simscan: cdb looking up version attach
2017-05-05 11:08:53.901317500 simscan: runned_scanners is  attach: 1.4.0
2017-05-05 11:08:53.901317500 simscan: found 1.4.0
2017-05-05 11:08:53.901318500 simscan: clamdscan disabled
2017-05-05 11:08:53.901339500 simscan: done, execing qmail-queue
2017-05-05 11:08:53.918481500 simscan: qmail-queue exited 0











On 5/4/2017 1:35 AM, Eric Broch wrote:


Spamdyke was not interfering with my logging when I tested, but then 
again I wasn't getting any errors.


It's interesting that you see a spamd connection and spamc (spam=no) 
is turned off with simcontrol.


Also, did you check /var/log/qmail/smtp/current? This is where you 
should see simscan logging.



On 5/3/2017 9:38 PM, Jeff Koch wrote:

HI Eric:

Here's what I have in tcp.smtp:

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="100",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1",QMAILQUEUE="/var/qmail/bin/simscan",DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail/control/domainkeys/%/private"

and here's what I have in /var/qmai/control/simcontrol

:clam=yes,spam=no,spam_hits=12,attach=.mp3:.src:.bat:.pif

and I know simscan is working 

Re: [qmailtoaster] qq soft reject with Centos 7

[Jeff Koch]

Ah - ha - so that's where the simscan logging is. I see it now. I'll 
check the log against the 451 qq soft rejects and see what it says. 
(Funny it wasn't showing there before - maybe I didn't wait long enough 
for the simscan logging to start or I screwed up in some other way.)


Also, spamd shows up because we have SA running in a maildrop filter.

I'll let you know what I find.

Thanks - Jeff


On 5/4/2017 1:35 AM, Eric Broch wrote:


Spamdyke was not interfering with my logging when I tested, but then 
again I wasn't getting any errors.


It's interesting that you see a spamd connection and spamc (spam=no) 
is turned off with simcontrol.


Also, did you check /var/log/qmail/smtp/current? This is where you 
should see simscan logging.



On 5/3/2017 9:38 PM, Jeff Koch wrote:

HI Eric:

Here's what I have in tcp.smtp:

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="100",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1",QMAILQUEUE="/var/qmail/bin/simscan",DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail/control/domainkeys/%/private"

and here's what I have in /var/qmai/control/simcontrol

:clam=yes,spam=no,spam_hits=12,attach=.mp3:.src:.bat:.pif

and I know simscan is working because I see the clamav entries in 
/var/log/maillog. Note: we need to have clamav running because the 
email is going to real people. But when clamav was turned off there 
no simscan logging either.


Here's what I have in /var/qmail/supervise/smtp/run

#!/bin/sh
SIMSCAN_DEBUG=5
export SIMSCAN_DEBUG
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
SPAMDYKE="/usr/bin/spamdyke"
SPAMDYKE_CONF="/etc/spamdyke/spamdyke.conf"
SMTPD="/var/qmail/bin/qmail-smtpd"
TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb"
HOSTNAME=`hostname`
VCHKPW="/home/vpopmail/bin/vchkpw"
REQUIRE_AUTH=0

exec /usr/bin/softlimit -m 12800 \
 /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c 
"$MAXSMTPD" \

 -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
 $SPAMDYKE --config-file $SPAMDYKE_CONF \
 $SMTPD $VCHKPW /bin/true 2>&1

and I ran qmailctl - stop - cdb - start  (Note: The HOSTNAME entry is 
exactly as shown 'hostname' - we did not change it to the actual hostname


In the /var/log/maillog we see no entries that reference 'simscan' - 
is that the log that the debug logging should appear in?


In this log we see entries referencing 'spamdyke', spamd, clamd, 
vpopmail (vchkpw-smtp) but none that says 'simscan' ** remember we 
have clamav running:


May  3 22:28:47 server spamdyke[26952]: ALLOWED from:...
May  3 22:31:40 server spamd[2772]: spamd: connection..
May  3 22:31:52 server clamd[661]: 
/var/qmail.
May  3 22:25:55 server vpopmail[26673]: vchkpw-smtp: vpopmail 
user.


and were are still seeing DENIED_OTHER 451 rejects like this:

May  3 22:32:20 server spamdyke[27401]: DENIED_OTHER from: 
3294909110062131b4b02-b17122-5f62f91568cf4aa2ad5adb71f8f94...@mg.expediaxxx.com 
to: jsux...@sinpxxx.com origin_ip: 135.84.xxx.10 origin_rdns: 
gears217-10.expediaxxx.com auth: (unknown) encryption: TLS reason: 
451_mail_server_temporarily_rejected_message_(#4.3.0)


As you can see we do have spamdyke running. Could that be interfering 
with the logging?


Jeff



On 5/3/2017 10:09 AM, Eric Broch wrote:


Did you turn simscan on in tcp.smtp:

QMAILQUEUE=/var/qmail/bin/simscan

and stop/cdb/start qmail?

On 5/2/2017 9:08 PM, Jeff Koch wrote:

HI Eric:

I turned on simscan debugging but I don't see any 'simscan' logging 
in /var/log/maillog or /var/log/qmail/smtp


Jeff

On 5/2/2017 12:27 AM, Eric Broch wrote:


I wonder if you have a permissions issue somewhere?

You could now change /var/qmail/supervise/smtp/run script to debug 
simscan by adding the following settings


SIMSCAN_DEBUG=5
export SIMSCAN_DEBUG

and in tcp.smtp change

QMAILQUEUE=/var/qmail/bin/simscan

and in simcontrol change to

:clam=no, spam=no

and qmailctl stop/cdb/start

and see what the log produces.

You should (hopefully) see the reason for the failure.


On 5/1/2017 8:59 PM, Jeff Koch wrote:

Hi Eric:

Here are the results of this tests. See below:

On 4/30/2017 1:08 AM, Eric Broch wrote:


Also,

My plan was that you would change things a step at a time (and 
check between steps whether qq soft rejects persisted) in this 
order:


Step 1) Increase softlimit in smtp run file (stop/start/cdb 
qmail) to 12800


No effect - still seeing spamdyke DENIED_OTHER - 
451_mail_server_temporarily_rejected_message_(#4.3.0)


Step 2) Change /var/qmail/control/simcontrol settings from

:clam=yes,spam=yes,spam_hits=12,attach=.mp3:.src:.bat:.pif

to

:clam=no,spam=no

this stops clamd, spamc, and ripmime.

stop/start/cdb qmail.


No effect - 451_mail_server_temporarily_rejected_message_(#4.3.0)


Step 3) Revert /var/qmail/control/simcontrol settings and change 
/etc/tcprules.d/tcp.smtp


QMAILQUEUE="/var/qmail/bin/simscan"

Re: [qmailtoaster] qq soft reject with Centos 7

[Eric Broch]

Spamdyke was not interfering with my logging when I tested, but then 
again I wasn't getting any errors.


It's interesting that you see a spamd connection and spamc (spam=no) is 
turned off with simcontrol.


Also, did you check /var/log/qmail/smtp/current? This is where you 
should see simscan logging.



On 5/3/2017 9:38 PM, Jeff Koch wrote:

HI Eric:

Here's what I have in tcp.smtp:

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="100",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1",QMAILQUEUE="/var/qmail/bin/simscan",DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail/control/domainkeys/%/private"

and here's what I have in /var/qmai/control/simcontrol

:clam=yes,spam=no,spam_hits=12,attach=.mp3:.src:.bat:.pif

and I know simscan is working because I see the clamav entries in 
/var/log/maillog. Note: we need to have clamav running because the 
email is going to real people. But when clamav was turned off there no 
simscan logging either.


Here's what I have in /var/qmail/supervise/smtp/run

#!/bin/sh
SIMSCAN_DEBUG=5
export SIMSCAN_DEBUG
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
SPAMDYKE="/usr/bin/spamdyke"
SPAMDYKE_CONF="/etc/spamdyke/spamdyke.conf"
SMTPD="/var/qmail/bin/qmail-smtpd"
TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb"
HOSTNAME=`hostname`
VCHKPW="/home/vpopmail/bin/vchkpw"
REQUIRE_AUTH=0

exec /usr/bin/softlimit -m 12800 \
 /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \
 -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
 $SPAMDYKE --config-file $SPAMDYKE_CONF \
 $SMTPD $VCHKPW /bin/true 2>&1

and I ran qmailctl - stop - cdb - start  (Note: The HOSTNAME entry is 
exactly as shown 'hostname' - we did not change it to the actual hostname


In the /var/log/maillog we see no entries that reference 'simscan' - 
is that the log that the debug logging should appear in?


In this log we see entries referencing 'spamdyke', spamd, clamd, 
vpopmail (vchkpw-smtp) but none that says 'simscan' ** remember we 
have clamav running:


May  3 22:28:47 server spamdyke[26952]: ALLOWED from:...
May  3 22:31:40 server spamd[2772]: spamd: connection..
May  3 22:31:52 server clamd[661]: /var/qmail.
May  3 22:25:55 server vpopmail[26673]: vchkpw-smtp: vpopmail 
user.


and were are still seeing DENIED_OTHER 451 rejects like this:

May  3 22:32:20 server spamdyke[27401]: DENIED_OTHER from: 
3294909110062131b4b02-b17122-5f62f91568cf4aa2ad5adb71f8f94...@mg.expediaxxx.com 
to: jsux...@sinpxxx.com origin_ip: 135.84.xxx.10 origin_rdns: 
gears217-10.expediaxxx.com auth: (unknown) encryption: TLS reason: 
451_mail_server_temporarily_rejected_message_(#4.3.0)


As you can see we do have spamdyke running. Could that be interfering 
with the logging?


Jeff



On 5/3/2017 10:09 AM, Eric Broch wrote:


Did you turn simscan on in tcp.smtp:

QMAILQUEUE=/var/qmail/bin/simscan

and stop/cdb/start qmail?

On 5/2/2017 9:08 PM, Jeff Koch wrote:

HI Eric:

I turned on simscan debugging but I don't see any 'simscan' logging 
in /var/log/maillog or /var/log/qmail/smtp


Jeff

On 5/2/2017 12:27 AM, Eric Broch wrote:


I wonder if you have a permissions issue somewhere?

You could now change /var/qmail/supervise/smtp/run script to debug 
simscan by adding the following settings


SIMSCAN_DEBUG=5
export SIMSCAN_DEBUG

and in tcp.smtp change

QMAILQUEUE=/var/qmail/bin/simscan

and in simcontrol change to

:clam=no, spam=no

and qmailctl stop/cdb/start

and see what the log produces.

You should (hopefully) see the reason for the failure.


On 5/1/2017 8:59 PM, Jeff Koch wrote:

Hi Eric:

Here are the results of this tests. See below:

On 4/30/2017 1:08 AM, Eric Broch wrote:


Also,

My plan was that you would change things a step at a time (and 
check between steps whether qq soft rejects persisted) in this order:


Step 1) Increase softlimit in smtp run file (stop/start/cdb 
qmail) to 12800


No effect - still seeing spamdyke DENIED_OTHER - 
451_mail_server_temporarily_rejected_message_(#4.3.0)


Step 2) Change /var/qmail/control/simcontrol settings from

:clam=yes,spam=yes,spam_hits=12,attach=.mp3:.src:.bat:.pif

to

:clam=no,spam=no

this stops clamd, spamc, and ripmime.

stop/start/cdb qmail.


No effect - 451_mail_server_temporarily_rejected_message_(#4.3.0)


Step 3) Revert /var/qmail/control/simcontrol settings and change 
/etc/tcprules.d/tcp.smtp


QMAILQUEUE="/var/qmail/bin/simscan"

to

QMAILQUEUE="/var/qmail/bin/qmail-queue.orig"

stop/start/cdb qmail.

So far it looks good. I've let the server run for 20 minutes and I 
don't see any 'DENIED_OTHER' or 451's nor do we see any qq soft 
rejects in /var/qmail/log/smtp/current.


It is interesting that spamd seems to be running. That is probably 
because we use 'spamc' in a maildrop filter that also develops a 
spamassassin score prior to dropping the message into the user's 

Re: [qmailtoaster] qq soft reject with Centos 7

[Jeff Koch]

HI Eric:

Here's what I have in tcp.smtp:

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="100",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1",QMAILQUEUE="/var/qmail/bin/simscan",DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail/control/domainkeys/%/private"

and here's what I have in /var/qmai/control/simcontrol

:clam=yes,spam=no,spam_hits=12,attach=.mp3:.src:.bat:.pif

and I know simscan is working because I see the clamav entries in 
/var/log/maillog. Note: we need to have clamav running because the email 
is going to real people. But when clamav was turned off there no simscan 
logging either.


Here's what I have in /var/qmail/supervise/smtp/run

#!/bin/sh
SIMSCAN_DEBUG=5
export SIMSCAN_DEBUG
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
SPAMDYKE="/usr/bin/spamdyke"
SPAMDYKE_CONF="/etc/spamdyke/spamdyke.conf"
SMTPD="/var/qmail/bin/qmail-smtpd"
TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb"
HOSTNAME=`hostname`
VCHKPW="/home/vpopmail/bin/vchkpw"
REQUIRE_AUTH=0

exec /usr/bin/softlimit -m 12800 \
 /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \
 -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
 $SPAMDYKE --config-file $SPAMDYKE_CONF \
 $SMTPD $VCHKPW /bin/true 2>&1

and I ran qmailctl - stop - cdb - start  (Note: The HOSTNAME entry is 
exactly as shown 'hostname' - we did not change it to the actual hostname


In the /var/log/maillog we see no entries that reference 'simscan' - is 
that the log that the debug logging should appear in?


In this log we see entries referencing 'spamdyke', spamd, clamd, 
vpopmail (vchkpw-smtp) but none that says 'simscan' ** remember we have 
clamav running:


May  3 22:28:47 server spamdyke[26952]: ALLOWED from:...
May  3 22:31:40 server spamd[2772]: spamd: connection..
May  3 22:31:52 server clamd[661]: /var/qmail.
May  3 22:25:55 server vpopmail[26673]: vchkpw-smtp: vpopmail 
user.


and were are still seeing DENIED_OTHER 451 rejects like this:

May  3 22:32:20 server spamdyke[27401]: DENIED_OTHER from: 
3294909110062131b4b02-b17122-5f62f91568cf4aa2ad5adb71f8f94...@mg.expediaxxx.com 
to: jsux...@sinpxxx.com origin_ip: 135.84.xxx.10 origin_rdns: 
gears217-10.expediaxxx.com auth: (unknown) encryption: TLS reason: 
451_mail_server_temporarily_rejected_message_(#4.3.0)


As you can see we do have spamdyke running. Could that be interfering 
with the logging?


Jeff



On 5/3/2017 10:09 AM, Eric Broch wrote:


Did you turn simscan on in tcp.smtp:

QMAILQUEUE=/var/qmail/bin/simscan

and stop/cdb/start qmail?

On 5/2/2017 9:08 PM, Jeff Koch wrote:

HI Eric:

I turned on simscan debugging but I don't see any 'simscan' logging 
in /var/log/maillog or /var/log/qmail/smtp


Jeff

On 5/2/2017 12:27 AM, Eric Broch wrote:


I wonder if you have a permissions issue somewhere?

You could now change /var/qmail/supervise/smtp/run script to debug 
simscan by adding the following settings


SIMSCAN_DEBUG=5
export SIMSCAN_DEBUG

and in tcp.smtp change

QMAILQUEUE=/var/qmail/bin/simscan

and in simcontrol change to

:clam=no, spam=no

and qmailctl stop/cdb/start

and see what the log produces.

You should (hopefully) see the reason for the failure.


On 5/1/2017 8:59 PM, Jeff Koch wrote:

Hi Eric:

Here are the results of this tests. See below:

On 4/30/2017 1:08 AM, Eric Broch wrote:


Also,

My plan was that you would change things a step at a time (and 
check between steps whether qq soft rejects persisted) in this order:


Step 1) Increase softlimit in smtp run file (stop/start/cdb qmail) 
to 12800


No effect - still seeing spamdyke DENIED_OTHER - 
451_mail_server_temporarily_rejected_message_(#4.3.0)


Step 2) Change /var/qmail/control/simcontrol settings from

:clam=yes,spam=yes,spam_hits=12,attach=.mp3:.src:.bat:.pif

to

:clam=no,spam=no

this stops clamd, spamc, and ripmime.

stop/start/cdb qmail.


No effect - 451_mail_server_temporarily_rejected_message_(#4.3.0)


Step 3) Revert /var/qmail/control/simcontrol settings and change 
/etc/tcprules.d/tcp.smtp


QMAILQUEUE="/var/qmail/bin/simscan"

to

QMAILQUEUE="/var/qmail/bin/qmail-queue.orig"

stop/start/cdb qmail.

So far it looks good. I've let the server run for 20 minutes and I 
don't see any 'DENIED_OTHER' or 451's nor do we see any qq soft 
rejects in /var/qmail/log/smtp/current.


It is interesting that spamd seems to be running. That is probably 
because we use 'spamc' in a maildrop filter that also develops a 
spamassassin score prior to dropping the message into the user's 
mailbox. If the score is over the threshold the filter diverts the 
message to the domain's spam user's mailbox. I'm also now getting 
detailed spam analysis information in the /var/log/maillog. I 
wasn't seeing that before.


I should point out that this is the same procedure and setup we've 
used successfully for almost ten years with Bill's 

Re: [qmailtoaster] qq soft reject with Centos 7

[Jeff Koch]

HI Eric:

I turned on simscan debugging but I don't see any 'simscan' logging in 
/var/log/maillog or /var/log/qmail/smtp


Jeff

On 5/2/2017 12:27 AM, Eric Broch wrote:


I wonder if you have a permissions issue somewhere?

You could now change /var/qmail/supervise/smtp/run script to debug 
simscan by adding the following settings


SIMSCAN_DEBUG=5
export SIMSCAN_DEBUG

and in tcp.smtp change

QMAILQUEUE=/var/qmail/bin/simscan

and in simcontrol change to

:clam=no, spam=no

and qmailctl stop/cdb/start

and see what the log produces.

You should (hopefully) see the reason for the failure.


On 5/1/2017 8:59 PM, Jeff Koch wrote:

Hi Eric:

Here are the results of this tests. See below:

On 4/30/2017 1:08 AM, Eric Broch wrote:


Also,

My plan was that you would change things a step at a time (and check 
between steps whether qq soft rejects persisted) in this order:


Step 1) Increase softlimit in smtp run file (stop/start/cdb qmail) 
to 12800


No effect - still seeing spamdyke DENIED_OTHER - 
451_mail_server_temporarily_rejected_message_(#4.3.0)


Step 2) Change /var/qmail/control/simcontrol settings from

:clam=yes,spam=yes,spam_hits=12,attach=.mp3:.src:.bat:.pif

to

:clam=no,spam=no

this stops clamd, spamc, and ripmime.

stop/start/cdb qmail.


No effect - 451_mail_server_temporarily_rejected_message_(#4.3.0)


Step 3) Revert /var/qmail/control/simcontrol settings and change 
/etc/tcprules.d/tcp.smtp


QMAILQUEUE="/var/qmail/bin/simscan"

to

QMAILQUEUE="/var/qmail/bin/qmail-queue.orig"

stop/start/cdb qmail.

So far it looks good. I've let the server run for 20 minutes and I 
don't see any 'DENIED_OTHER' or 451's nor do we see any qq soft 
rejects in /var/qmail/log/smtp/current.


It is interesting that spamd seems to be running. That is probably 
because we use 'spamc' in a maildrop filter that also develops a 
spamassassin score prior to dropping the message into the user's 
mailbox. If the score is over the threshold the filter diverts the 
message to the domain's spam user's mailbox. I'm also now getting 
detailed spam analysis information in the /var/log/maillog. I wasn't 
seeing that before.


I should point out that this is the same procedure and setup we've 
used successfully for almost ten years with Bill's Toaster. With the 
Bill's Toaster setup the spamassassin logs were logged separately at 
/var/log/spamd/. Is it possible that two instances of spamassassin 
are conflicting with each other


The issue does seem to be related to simscan - even with spam and 
clam disabled in simscan we were getting 451 rejects / DENIED_OTHER


Please let me know what you think.

Jeff


Once we get this stop we can start adding things in one at a time 
with simscan in debug mode to find out where the problem is.


Eric




On 4/29/2017 10:26 PM, Eric Broch wrote:


Sorry, Jeff,

change

QMAILQUEUE="/var/qmail/bin/qmail-queue


QMAILQUEUE="/var/qmail/bin/qmail-queue.orig


qmail-queue is a link to qmail-dk so use qmail-queue.orig

Eric


On 4/29/2017 10:01 PM, Jeff Koch wrote:

Hi Eric:

no indication of segfaults in /var/log/messages or dmesg
softlimit is set at 1  (100MB)

changed clam and spam to 'no' and did qmailctl stop, cdb, start
changed

This was the contents of tcp.smtp:

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="100",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1",QMAILQUEUE="/var/qmail/bin/simscan",DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail/control/domainkeys/%/private"

changed to:

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="100",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1",QMAILQUEUE="/var/qmail/bin/qmail-queue",DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail/control/domainkeys/%/private"

and then did qmailctl stop, cdb, start

Now the /var/log/maillog is showing many:

DENIED_OTHER from: 
cap21-return-27-contabilidad=idfimportadora@cape.info to: 
contabxx...@idfimpo.com origin_ip: 98.130.1.xx8 origin_rdns: 
mail1103.opentransfer.com auth: (unknown) encryption: (none) 
reason: 
554_qmail-dk:_Cannot_sign_message_due_to_invalid_message_syntax._(#5.3.0)


and /var/log/qmail/smtp

qmail-smtpd: qq hard reject (qmail-dk: Cannot sign message due to 
invalid message syntax. (#5.3.0)): 
MAILFROM:<323792861003aa0d40b02-b17119-1eec421bc9e947029e3ec865f716e...@mg.mailer.ctickets.com> 
RCPTTO:rodx...@brxxx.com.ec


This seems weird. Not sure why the server would be trying to sign 
a message that is coming to a local recipient. I could see it 
signing a message being sent or relayed but not received for a 
local recipient


Jeff


On 4/29/2017 2:02 PM, Eric Broch wrote:


Jeff,

In summary...

DENIED_OTHER: The connection was rejected by qmail (or another 
downstream filter), not spamdyke.|REASON| will contain the 
rejection message given by qmail (or other downstream filter).


REASON: 451_mail_server_temporarily_rejected_message_(#4.3.0).

Check /var/log/messages for segfault

Re: [qmailtoaster] qq soft reject with Centos 7

[Jeff Koch]

Hi Eric:

- The simscan SA pass operates as an initial filter deleting all emails 
with a score higher than 12 ( the assumption is that with a threshold 
that high it would be unlikely to have a false negative). In the case 
where one message might be forwarded to several email accounts this 
would be more efficient then having maildrop run SA separately for each 
account.


- For messages with a score less than 12 then we let maildrop calculate 
the score and compare to each email account's custom threshold, custom 
white and black list and determine if the message should be transferred 
to the 'spam' account.


There's probably a better way to do this.

Jeff


On 5/2/2017 12:32 AM, Eric Broch wrote:


Also,

If SA scans on messages in simscan why are they also being scanned in 
maildrop?





On 5/1/2017 10:27 PM, Eric Broch wrote:


I wonder if you have a permissions issue somewhere?

You could now change /var/qmail/supervise/smtp/run script to debug 
simscan by adding the following settings


SIMSCAN_DEBUG=5
export SIMSCAN_DEBUG

and in tcp.smtp change

QMAILQUEUE=/var/qmail/bin/simscan

and in simcontrol change to

:clam=no, spam=no

and qmailctl stop/cdb/start

and see what the log produces.

You should (hopefully) see the reason for the failure.


On 5/1/2017 8:59 PM, Jeff Koch wrote:

Hi Eric:

Here are the results of this tests. See below:

On 4/30/2017 1:08 AM, Eric Broch wrote:


Also,

My plan was that you would change things a step at a time (and 
check between steps whether qq soft rejects persisted) in this order:


Step 1) Increase softlimit in smtp run file (stop/start/cdb qmail) 
to 12800


No effect - still seeing spamdyke DENIED_OTHER - 
451_mail_server_temporarily_rejected_message_(#4.3.0)


Step 2) Change /var/qmail/control/simcontrol settings from

:clam=yes,spam=yes,spam_hits=12,attach=.mp3:.src:.bat:.pif

to

:clam=no,spam=no

this stops clamd, spamc, and ripmime.

stop/start/cdb qmail.


No effect - 451_mail_server_temporarily_rejected_message_(#4.3.0)


Step 3) Revert /var/qmail/control/simcontrol settings and change 
/etc/tcprules.d/tcp.smtp


QMAILQUEUE="/var/qmail/bin/simscan"

to

QMAILQUEUE="/var/qmail/bin/qmail-queue.orig"

stop/start/cdb qmail.

So far it looks good. I've let the server run for 20 minutes and I 
don't see any 'DENIED_OTHER' or 451's nor do we see any qq soft 
rejects in /var/qmail/log/smtp/current.


It is interesting that spamd seems to be running. That is probably 
because we use 'spamc' in a maildrop filter that also develops a 
spamassassin score prior to dropping the message into the user's 
mailbox. If the score is over the threshold the filter diverts the 
message to the domain's spam user's mailbox. I'm also now getting 
detailed spam analysis information in the /var/log/maillog. I wasn't 
seeing that before.


I should point out that this is the same procedure and setup we've 
used successfully for almost ten years with Bill's Toaster. With the 
Bill's Toaster setup the spamassassin logs were logged separately at 
/var/log/spamd/. Is it possible that two instances of spamassassin 
are conflicting with each other


The issue does seem to be related to simscan - even with spam and 
clam disabled in simscan we were getting 451 rejects / DENIED_OTHER


Please let me know what you think.

Jeff


Once we get this stop we can start adding things in one at a time 
with simscan in debug mode to find out where the problem is.


Eric




On 4/29/2017 10:26 PM, Eric Broch wrote:


Sorry, Jeff,

change

QMAILQUEUE="/var/qmail/bin/qmail-queue


QMAILQUEUE="/var/qmail/bin/qmail-queue.orig


qmail-queue is a link to qmail-dk so use qmail-queue.orig

Eric


On 4/29/2017 10:01 PM, Jeff Koch wrote:

Hi Eric:

no indication of segfaults in /var/log/messages or dmesg
softlimit is set at 1  (100MB)

changed clam and spam to 'no' and did qmailctl stop, cdb, start
changed

This was the contents of tcp.smtp:

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="100",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1",QMAILQUEUE="/var/qmail/bin/simscan",DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail/control/domainkeys/%/private"

changed to:

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="100",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1",QMAILQUEUE="/var/qmail/bin/qmail-queue",DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail/control/domainkeys/%/private"

and then did qmailctl stop, cdb, start

Now the /var/log/maillog is showing many:

DENIED_OTHER from: 
cap21-return-27-contabilidad=idfimportadora@cape.info to: 
contabxx...@idfimpo.com origin_ip: 98.130.1.xx8 origin_rdns: 
mail1103.opentransfer.com auth: (unknown) encryption: (none) 
reason: 
554_qmail-dk:_Cannot_sign_message_due_to_invalid_message_syntax._(#5.3.0)


and /var/log/qmail/smtp

qmail-smtpd: qq hard reject (qmail-dk: Cannot sign message due to 
invalid message syntax. (#5.3.0)): 

Re: [qmailtoaster] qq soft reject with Centos 7

[Eric Broch]

Also,

If SA scans on messages in simscan why are they also being scanned in 
maildrop?





On 5/1/2017 10:27 PM, Eric Broch wrote:


I wonder if you have a permissions issue somewhere?

You could now change /var/qmail/supervise/smtp/run script to debug 
simscan by adding the following settings


SIMSCAN_DEBUG=5
export SIMSCAN_DEBUG

and in tcp.smtp change

QMAILQUEUE=/var/qmail/bin/simscan

and in simcontrol change to

:clam=no, spam=no

and qmailctl stop/cdb/start

and see what the log produces.

You should (hopefully) see the reason for the failure.


On 5/1/2017 8:59 PM, Jeff Koch wrote:

Hi Eric:

Here are the results of this tests. See below:

On 4/30/2017 1:08 AM, Eric Broch wrote:


Also,

My plan was that you would change things a step at a time (and check 
between steps whether qq soft rejects persisted) in this order:


Step 1) Increase softlimit in smtp run file (stop/start/cdb qmail) 
to 12800


No effect - still seeing spamdyke DENIED_OTHER - 
451_mail_server_temporarily_rejected_message_(#4.3.0)


Step 2) Change /var/qmail/control/simcontrol settings from

:clam=yes,spam=yes,spam_hits=12,attach=.mp3:.src:.bat:.pif

to

:clam=no,spam=no

this stops clamd, spamc, and ripmime.

stop/start/cdb qmail.


No effect - 451_mail_server_temporarily_rejected_message_(#4.3.0)


Step 3) Revert /var/qmail/control/simcontrol settings and change 
/etc/tcprules.d/tcp.smtp


QMAILQUEUE="/var/qmail/bin/simscan"

to

QMAILQUEUE="/var/qmail/bin/qmail-queue.orig"

stop/start/cdb qmail.

So far it looks good. I've let the server run for 20 minutes and I 
don't see any 'DENIED_OTHER' or 451's nor do we see any qq soft 
rejects in /var/qmail/log/smtp/current.


It is interesting that spamd seems to be running. That is probably 
because we use 'spamc' in a maildrop filter that also develops a 
spamassassin score prior to dropping the message into the user's 
mailbox. If the score is over the threshold the filter diverts the 
message to the domain's spam user's mailbox. I'm also now getting 
detailed spam analysis information in the /var/log/maillog. I wasn't 
seeing that before.


I should point out that this is the same procedure and setup we've 
used successfully for almost ten years with Bill's Toaster. With the 
Bill's Toaster setup the spamassassin logs were logged separately at 
/var/log/spamd/. Is it possible that two instances of spamassassin 
are conflicting with each other


The issue does seem to be related to simscan - even with spam and 
clam disabled in simscan we were getting 451 rejects / DENIED_OTHER


Please let me know what you think.

Jeff


Once we get this stop we can start adding things in one at a time 
with simscan in debug mode to find out where the problem is.


Eric




On 4/29/2017 10:26 PM, Eric Broch wrote:


Sorry, Jeff,

change

QMAILQUEUE="/var/qmail/bin/qmail-queue


QMAILQUEUE="/var/qmail/bin/qmail-queue.orig


qmail-queue is a link to qmail-dk so use qmail-queue.orig

Eric


On 4/29/2017 10:01 PM, Jeff Koch wrote:

Hi Eric:

no indication of segfaults in /var/log/messages or dmesg
softlimit is set at 1  (100MB)

changed clam and spam to 'no' and did qmailctl stop, cdb, start
changed

This was the contents of tcp.smtp:

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="100",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1",QMAILQUEUE="/var/qmail/bin/simscan",DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail/control/domainkeys/%/private"

changed to:

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="100",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1",QMAILQUEUE="/var/qmail/bin/qmail-queue",DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail/control/domainkeys/%/private"

and then did qmailctl stop, cdb, start

Now the /var/log/maillog is showing many:

DENIED_OTHER from: 
cap21-return-27-contabilidad=idfimportadora@cape.info to: 
contabxx...@idfimpo.com origin_ip: 98.130.1.xx8 origin_rdns: 
mail1103.opentransfer.com auth: (unknown) encryption: (none) 
reason: 
554_qmail-dk:_Cannot_sign_message_due_to_invalid_message_syntax._(#5.3.0)


and /var/log/qmail/smtp

qmail-smtpd: qq hard reject (qmail-dk: Cannot sign message due to 
invalid message syntax. (#5.3.0)): 
MAILFROM:<323792861003aa0d40b02-b17119-1eec421bc9e947029e3ec865f716e...@mg.mailer.ctickets.com> 
RCPTTO:rodx...@brxxx.com.ec


This seems weird. Not sure why the server would be trying to sign 
a message that is coming to a local recipient. I could see it 
signing a message being sent or relayed but not received for a 
local recipient


Jeff


On 4/29/2017 2:02 PM, Eric Broch wrote:


Jeff,

In summary...

DENIED_OTHER: The connection was rejected by qmail (or another 
downstream filter), not spamdyke.|REASON| will contain the 
rejection message given by qmail (or other downstream filter).


REASON: 451_mail_server_temporarily_rejected_message_(#4.3.0).

Check /var/log/messages for segfault

Check /var/qmail/supervise/smtp/run 

Re: [qmailtoaster] qq soft reject with Centos 7

[Jeff Koch]

Hi Eric:

Not yet - we had some data center issues. Will get back to it this 
afternoon after business hours. I really appreciate your help on this.


Regards, Jeff Koch


On 5/1/2017 11:26 AM, Eric Broch wrote:


Jeff,

What's the status of this...any resolution?

Eric


On 4/29/2017 10:01 PM, Jeff Koch wrote:

Hi Eric:

no indication of segfaults in /var/log/messages or dmesg
softlimit is set at 1  (100MB)

changed clam and spam to 'no' and did qmailctl stop, cdb, start
changed

This was the contents of tcp.smtp:

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="100",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1",QMAILQUEUE="/var/qmail/bin/simscan",DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail/control/domainkeys/%/private"

changed to:

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="100",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1",QMAILQUEUE="/var/qmail/bin/qmail-queue",DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail/control/domainkeys/%/private"

and then did qmailctl stop, cdb, start

Now the /var/log/maillog is showing many:

DENIED_OTHER from: 
cap21-return-27-contabilidad=idfimportadora@cape.info to: 
contabxx...@idfimpo.com origin_ip: 98.130.1.xx8 origin_rdns: 
mail1103.opentransfer.com auth: (unknown) encryption: (none) reason: 
554_qmail-dk:_Cannot_sign_message_due_to_invalid_message_syntax._(#5.3.0)


and /var/log/qmail/smtp

qmail-smtpd: qq hard reject (qmail-dk: Cannot sign message due to 
invalid message syntax. (#5.3.0)): 
MAILFROM:<323792861003aa0d40b02-b17119-1eec421bc9e947029e3ec865f716e...@mg.mailer.ctickets.com> 
RCPTTO:rodx...@brxxx.com.ec


This seems weird. Not sure why the server would be trying to sign a 
message that is coming to a local recipient. I could see it signing a 
message being sent or relayed but not received for a local recipient


Jeff


On 4/29/2017 2:02 PM, Eric Broch wrote:


Jeff,

In summary...

DENIED_OTHER: The connection was rejected by qmail (or another 
downstream filter), not spamdyke.|REASON| will contain the rejection 
message given by qmail (or other downstream filter).


REASON: 451_mail_server_temporarily_rejected_message_(#4.3.0).

Check /var/log/messages for segfault

Check /var/qmail/supervise/smtp/run softlimit

Try this:

Edit /var/qmail/control/simcontrol and set the following to 'no'

:clam=no,spam=no

# qmailctl stop

# qmailctl cdb

# qmailctl start

Let me know.

If that doesn't work edit /etc/tcprules.d/tcp.smtp

change

QMAILQUEUE="/var/qmail/bin/simscan"

to

QMAILQUEUE="/var/qmail/bin/qmail-queue"


Eric



On 4/29/2017 11:23 AM, Jeff Koch wrote:

Hi Erin:

Thanks, we found the tcp.smtp file at /etc/trcrules.d and pointed 
spamdyke there. So that's fixed.


We also pointed the certificate file to 
/var/qmail/control/servercert.pem and cleared those errors.


However, we are still seeing qq soft rejects in 
/var/log/qmail/smtp/current. They seem to be related to the 
matching spamdyke log entries in /var/log/maillog. Example:


Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/msg.1493481946.217350.3912:

OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/addr.1493481946.217350.3912:

 OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/textfile1: OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/2c7fdfebf8050265e8b51bd3c2ea

58f0: OK
Apr 29 11:05:46 server spamdyke[3905]: DENIED_OTHER from: 
@pokemailing.com to: .yyy@idfim
portadora.com origin_ip: 67.211.215.94 origin_rdns: 
km61.pokemailing.com auth: (unknown) encryption: (no

ne) reason: 451_mail_server_temporarily_rejected_message_(#4.3.0)

I put the clamd log entries above so you could that clamd passed 
the message OK.  However does anybody know what 'DENIED OTHER" 
means or figure out from the message why spamdyke rejected the message?



Jeff Koch


On 4/29/2017 1:18 AM, Eric Broch wrote:

Hi Jeff,

Do you know why spamdyke would be looking in /home/vpopmail/etc 
for anything ? I've never heard of this before.


Spamdyke's configuration directory is a link in /etc: 
/etc/spamdyke -> ../opt/spamdyke/etc.


Here's my spamdyke configuration: 'cat /etc/spamdyke/spamdyke.conf'



#dns-blacklist-entry=zombie.dnsbl.sorbs.net
#dns-blacklist-entry=dul.dnsbl.sorbs.net
#dns-blacklist-entry=bogons.cymru.com
dns-blacklist-entry=zen.spamhaus.org
dns-blacklist-entry=bl.spamcop.net
graylist-dir=/var/spamdyke/graylist
graylist-level=none
graylist-max-secs=2678400
graylist-min-secs=180
greeting-delay-secs=2
header-blacklist-entry=From:*>,*<*
idle-timeout-secs=60
ip-blacklist-file=/etc/spamdyke/blacklist_ip
ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords
ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords
ip-whitelist-file=/etc/spamdyke/whitelist_ip
qmail-rcpthosts-file=/var/qmail/control/rcpthosts

Re: [qmailtoaster] qq soft reject with Centos 7

[Eric Broch]

Jeff,

What's the status of this...any resolution?

Eric


On 4/29/2017 10:01 PM, Jeff Koch wrote:

Hi Eric:

no indication of segfaults in /var/log/messages or dmesg
softlimit is set at 1  (100MB)

changed clam and spam to 'no' and did qmailctl stop, cdb, start
changed

This was the contents of tcp.smtp:

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="100",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1",QMAILQUEUE="/var/qmail/bin/simscan",DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail/control/domainkeys/%/private"

changed to:

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="100",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1",QMAILQUEUE="/var/qmail/bin/qmail-queue",DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail/control/domainkeys/%/private"

and then did qmailctl stop, cdb, start

Now the /var/log/maillog is showing many:

DENIED_OTHER from: 
cap21-return-27-contabilidad=idfimportadora@cape.info to: 
contabxx...@idfimpo.com origin_ip: 98.130.1.xx8 origin_rdns: 
mail1103.opentransfer.com auth: (unknown) encryption: (none) reason: 
554_qmail-dk:_Cannot_sign_message_due_to_invalid_message_syntax._(#5.3.0)


and /var/log/qmail/smtp

qmail-smtpd: qq hard reject (qmail-dk: Cannot sign message due to 
invalid message syntax. (#5.3.0)): 
MAILFROM:<323792861003aa0d40b02-b17119-1eec421bc9e947029e3ec865f716e...@mg.mailer.ctickets.com> 
RCPTTO:rodx...@brxxx.com.ec


This seems weird. Not sure why the server would be trying to sign a 
message that is coming to a local recipient. I could see it signing a 
message being sent or relayed but not received for a local recipient


Jeff


On 4/29/2017 2:02 PM, Eric Broch wrote:


Jeff,

In summary...

DENIED_OTHER: The connection was rejected by qmail (or another 
downstream filter), not spamdyke.|REASON| will contain the rejection 
message given by qmail (or other downstream filter).


REASON: 451_mail_server_temporarily_rejected_message_(#4.3.0).

Check /var/log/messages for segfault

Check /var/qmail/supervise/smtp/run softlimit

Try this:

Edit /var/qmail/control/simcontrol and set the following to 'no'

:clam=no,spam=no

# qmailctl stop

# qmailctl cdb

# qmailctl start

Let me know.

If that doesn't work edit /etc/tcprules.d/tcp.smtp

change

QMAILQUEUE="/var/qmail/bin/simscan"

to

QMAILQUEUE="/var/qmail/bin/qmail-queue"


Eric



On 4/29/2017 11:23 AM, Jeff Koch wrote:

Hi Erin:

Thanks, we found the tcp.smtp file at /etc/trcrules.d and pointed 
spamdyke there. So that's fixed.


We also pointed the certificate file to 
/var/qmail/control/servercert.pem and cleared those errors.


However, we are still seeing qq soft rejects in 
/var/log/qmail/smtp/current. They seem to be related to the matching 
spamdyke log entries in /var/log/maillog. Example:


Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/msg.1493481946.217350.3912:

OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/addr.1493481946.217350.3912:

 OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/textfile1: OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/2c7fdfebf8050265e8b51bd3c2ea

58f0: OK
Apr 29 11:05:46 server spamdyke[3905]: DENIED_OTHER from: 
@pokemailing.com to: .yyy@idfim
portadora.com origin_ip: 67.211.215.94 origin_rdns: 
km61.pokemailing.com auth: (unknown) encryption: (no

ne) reason: 451_mail_server_temporarily_rejected_message_(#4.3.0)

I put the clamd log entries above so you could that clamd passed the 
message OK.  However does anybody know what 'DENIED OTHER" means or 
figure out from the message why spamdyke rejected the message?



Jeff Koch


On 4/29/2017 1:18 AM, Eric Broch wrote:

Hi Jeff,

Do you know why spamdyke would be looking in /home/vpopmail/etc for 
anything ? I've never heard of this before.


Spamdyke's configuration directory is a link in /etc: /etc/spamdyke 
-> ../opt/spamdyke/etc.


Here's my spamdyke configuration: 'cat /etc/spamdyke/spamdyke.conf'



#dns-blacklist-entry=zombie.dnsbl.sorbs.net
#dns-blacklist-entry=dul.dnsbl.sorbs.net
#dns-blacklist-entry=bogons.cymru.com
dns-blacklist-entry=zen.spamhaus.org
dns-blacklist-entry=bl.spamcop.net
graylist-dir=/var/spamdyke/graylist
graylist-level=none
graylist-max-secs=2678400
graylist-min-secs=180
greeting-delay-secs=2
header-blacklist-entry=From:*>,*<*
idle-timeout-secs=60
ip-blacklist-file=/etc/spamdyke/blacklist_ip
ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords
ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords
ip-whitelist-file=/etc/spamdyke/whitelist_ip
qmail-rcpthosts-file=/var/qmail/control/rcpthosts
#qmail-rcpthosts-file=/var/qmail/control/qmail-morercpthosts-cdb
log-level=info
max-recipients=50
#policy-url=http://my.policy.explanation.url/
rdns-blacklist-file=/etc/spamdyke/blacklist_rdns
rdns-whitelist-file=/etc/spamdyke/whitelist_rdns

Re: [qmailtoaster] qq soft reject with Centos 7

[Eric Broch]

Sorry, Jeff,

change

QMAILQUEUE="/var/qmail/bin/qmail-queue


QMAILQUEUE="/var/qmail/bin/qmail-queue.orig


qmail-queue is a link to qmail-dk so use qmail-queue.orig

Eric


On 4/29/2017 10:01 PM, Jeff Koch wrote:

Hi Eric:

no indication of segfaults in /var/log/messages or dmesg
softlimit is set at 1  (100MB)

changed clam and spam to 'no' and did qmailctl stop, cdb, start
changed

This was the contents of tcp.smtp:

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="100",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1",QMAILQUEUE="/var/qmail/bin/simscan",DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail/control/domainkeys/%/private"

changed to:

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="100",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1",QMAILQUEUE="/var/qmail/bin/qmail-queue",DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail/control/domainkeys/%/private"

and then did qmailctl stop, cdb, start

Now the /var/log/maillog is showing many:

DENIED_OTHER from: 
cap21-return-27-contabilidad=idfimportadora@cape.info to: 
contabxx...@idfimpo.com origin_ip: 98.130.1.xx8 origin_rdns: 
mail1103.opentransfer.com auth: (unknown) encryption: (none) reason: 
554_qmail-dk:_Cannot_sign_message_due_to_invalid_message_syntax._(#5.3.0)


and /var/log/qmail/smtp

qmail-smtpd: qq hard reject (qmail-dk: Cannot sign message due to 
invalid message syntax. (#5.3.0)): 
MAILFROM:<323792861003aa0d40b02-b17119-1eec421bc9e947029e3ec865f716e...@mg.mailer.ctickets.com> 
RCPTTO:rodx...@brxxx.com.ec


This seems weird. Not sure why the server would be trying to sign a 
message that is coming to a local recipient. I could see it signing a 
message being sent or relayed but not received for a local recipient


Jeff


On 4/29/2017 2:02 PM, Eric Broch wrote:


Jeff,

In summary...

DENIED_OTHER: The connection was rejected by qmail (or another 
downstream filter), not spamdyke.|REASON| will contain the rejection 
message given by qmail (or other downstream filter).


REASON: 451_mail_server_temporarily_rejected_message_(#4.3.0).

Check /var/log/messages for segfault

Check /var/qmail/supervise/smtp/run softlimit

Try this:

Edit /var/qmail/control/simcontrol and set the following to 'no'

:clam=no,spam=no

# qmailctl stop

# qmailctl cdb

# qmailctl start

Let me know.

If that doesn't work edit /etc/tcprules.d/tcp.smtp

change

QMAILQUEUE="/var/qmail/bin/simscan"

to

QMAILQUEUE="/var/qmail/bin/qmail-queue"


Eric



On 4/29/2017 11:23 AM, Jeff Koch wrote:

Hi Erin:

Thanks, we found the tcp.smtp file at /etc/trcrules.d and pointed 
spamdyke there. So that's fixed.


We also pointed the certificate file to 
/var/qmail/control/servercert.pem and cleared those errors.


However, we are still seeing qq soft rejects in 
/var/log/qmail/smtp/current. They seem to be related to the matching 
spamdyke log entries in /var/log/maillog. Example:


Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/msg.1493481946.217350.3912:

OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/addr.1493481946.217350.3912:

 OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/textfile1: OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/2c7fdfebf8050265e8b51bd3c2ea

58f0: OK
Apr 29 11:05:46 server spamdyke[3905]: DENIED_OTHER from: 
@pokemailing.com to: .yyy@idfim
portadora.com origin_ip: 67.211.215.94 origin_rdns: 
km61.pokemailing.com auth: (unknown) encryption: (no

ne) reason: 451_mail_server_temporarily_rejected_message_(#4.3.0)

I put the clamd log entries above so you could that clamd passed the 
message OK.  However does anybody know what 'DENIED OTHER" means or 
figure out from the message why spamdyke rejected the message?



Jeff Koch


On 4/29/2017 1:18 AM, Eric Broch wrote:

Hi Jeff,

Do you know why spamdyke would be looking in /home/vpopmail/etc for 
anything ? I've never heard of this before.


Spamdyke's configuration directory is a link in /etc: /etc/spamdyke 
-> ../opt/spamdyke/etc.


Here's my spamdyke configuration: 'cat /etc/spamdyke/spamdyke.conf'



#dns-blacklist-entry=zombie.dnsbl.sorbs.net
#dns-blacklist-entry=dul.dnsbl.sorbs.net
#dns-blacklist-entry=bogons.cymru.com
dns-blacklist-entry=zen.spamhaus.org
dns-blacklist-entry=bl.spamcop.net
graylist-dir=/var/spamdyke/graylist
graylist-level=none
graylist-max-secs=2678400
graylist-min-secs=180
greeting-delay-secs=2
header-blacklist-entry=From:*>,*<*
idle-timeout-secs=60
ip-blacklist-file=/etc/spamdyke/blacklist_ip
ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords
ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords
ip-whitelist-file=/etc/spamdyke/whitelist_ip
qmail-rcpthosts-file=/var/qmail/control/rcpthosts
#qmail-rcpthosts-file=/var/qmail/control/qmail-morercpthosts-cdb
log-level=info
max-recipients=50

Re: [qmailtoaster] qq soft reject with Centos 7

[Eric Broch]

you can also turn off clam and spam scanning per domain (below) in the 
simcontrol file:


whitehorsetc.com:clam=no,spam=no


On 4/29/2017 1:22 PM, Jeff Koch wrote:

Eric - thanks - I'll give it a try - jeff

On 4/29/2017 2:02 PM, Eric Broch wrote:


Jeff,

In summary...

DENIED_OTHER: The connection was rejected by qmail (or another 
downstream filter), not spamdyke.|REASON| will contain the rejection 
message given by qmail (or other downstream filter).


REASON: 451_mail_server_temporarily_rejected_message_(#4.3.0).

Check /var/log/messages for segfault

Check /var/qmail/supervise/smtp/run softlimit

Try this:

Edit /var/qmail/control/simcontrol and set the following to 'no'

:clam=no,spam=no

# qmailctl stop

# qmailctl cdb

# qmailctl start

Let me know.

If that doesn't work edit /etc/tcprules.d/tcp.smtp

change

QMAILQUEUE="/var/qmail/bin/simscan"

to

QMAILQUEUE="/var/qmail/bin/qmail-queue"


Eric



On 4/29/2017 11:23 AM, Jeff Koch wrote:

Hi Erin:

Thanks, we found the tcp.smtp file at /etc/trcrules.d and pointed 
spamdyke there. So that's fixed.


We also pointed the certificate file to 
/var/qmail/control/servercert.pem and cleared those errors.


However, we are still seeing qq soft rejects in 
/var/log/qmail/smtp/current. They seem to be related to the matching 
spamdyke log entries in /var/log/maillog. Example:


Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/msg.1493481946.217350.3912:

OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/addr.1493481946.217350.3912:

 OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/textfile1: OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/2c7fdfebf8050265e8b51bd3c2ea

58f0: OK
Apr 29 11:05:46 server spamdyke[3905]: DENIED_OTHER from: 
@pokemailing.com to: .yyy@idfim
portadora.com origin_ip: 67.211.215.94 origin_rdns: 
km61.pokemailing.com auth: (unknown) encryption: (no

ne) reason: 451_mail_server_temporarily_rejected_message_(#4.3.0)

I put the clamd log entries above so you could that clamd passed the 
message OK.  However does anybody know what 'DENIED OTHER" means or 
figure out from the message why spamdyke rejected the message?



Jeff Koch


On 4/29/2017 1:18 AM, Eric Broch wrote:

Hi Jeff,

Do you know why spamdyke would be looking in /home/vpopmail/etc for 
anything ? I've never heard of this before.


Spamdyke's configuration directory is a link in /etc: /etc/spamdyke 
-> ../opt/spamdyke/etc.


Here's my spamdyke configuration: 'cat /etc/spamdyke/spamdyke.conf'



#dns-blacklist-entry=zombie.dnsbl.sorbs.net
#dns-blacklist-entry=dul.dnsbl.sorbs.net
#dns-blacklist-entry=bogons.cymru.com
dns-blacklist-entry=zen.spamhaus.org
dns-blacklist-entry=bl.spamcop.net
graylist-dir=/var/spamdyke/graylist
graylist-level=none
graylist-max-secs=2678400
graylist-min-secs=180
greeting-delay-secs=2
header-blacklist-entry=From:*>,*<*
idle-timeout-secs=60
ip-blacklist-file=/etc/spamdyke/blacklist_ip
ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords
ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords
ip-whitelist-file=/etc/spamdyke/whitelist_ip
qmail-rcpthosts-file=/var/qmail/control/rcpthosts
#qmail-rcpthosts-file=/var/qmail/control/qmail-morercpthosts-cdb
log-level=info
max-recipients=50
#policy-url=http://my.policy.explanation.url/
rdns-blacklist-file=/etc/spamdyke/blacklist_rdns
rdns-whitelist-file=/etc/spamdyke/whitelist_rdns
recipient-blacklist-file=/etc/spamdyke/blacklist_recipients
recipient-whitelist-file=/etc/spamdyke/whitelist_recipients
reject-empty-rdns
#reject-ip-in-cc-rdns
reject-sender=no-mx
reject-unresolvable-rdns
sender-blacklist-file=/etc/spamdyke/blacklist_senders
sender-whitelist-file=/etc/spamdyke/whitelist_senders
tls-certificate-file=/var/qmail/control/servercert.pem
tls-level=smtp



And, how did you make your certificate and where did you put it?

Let me know if that helps.

Eric


On 4/28/2017 6:26 PM, Jeff Koch wrote:
Apr 28 09:52:29 server spamdyke[20476]: ERROR: unable to open file 
for searching /home/vpopmail/etc/open-smtp: No such file or directory
Apr 28 09:52:32 server spamdyke[20476]: ERROR: unable to load or 
decrypt SSL/TLS private key from file: 
/home/vpopmail/spamdyke/server_domain_net.key : A protocol or 
library failure occurred, 
error:0B080074:lib(11):func(128):reason(116)
Apr 28 09:52:32 server spamdyke[20476]: ERROR: incorrect SSL/TLS 
private key password or SSL/TLS certificate/privatekey 
mismatch/home/vpopmail/spamdyke/server_domain_net.key : A protocol 
or library failure occurred, 
error:140A80B1:lib(20):func(168):reason(177)






--
Eric Broch
White Horse Technical Consulting (WHTC)




--
Eric Broch
White Horse Technical Consulting (WHTC)

Re: [qmailtoaster] qq soft reject with Centos 7

[Eric Broch]

Hi Jeff,

You can also debug simscan.

In /var/qmail/supervise/smtp/run add the following:

SIMSCAN_DEBUG=5
export SIMSCAN_DEBUG

so your file looks like this:

#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
SPAMDYKE="/usr/bin/spamdyke"
SPAMDYKE_CONF="/etc/spamdyke/spamdyke.conf"
SMTPD="/var/qmail/bin/qmail-smtpd"
TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb"
HOSTNAME=`hostname`
VCHKPW="/home/vpopmail/bin/vchkpw"
REQUIRE_AUTH=0
SIMSCAN_DEBUG=5
export SIMSCAN_DEBUG

exec /usr/bin/softlimit -m 6400 \
 /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \
 -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
 $SPAMDYKE --config-file $SPAMDYKE_CONF \
 $SMTPD $VCHKPW /bin/true 2>&1


Then check your  /var/log/qmail/smtp/current log for output.

Eric


On 4/29/2017 1:22 PM, Jeff Koch wrote:

Eric - thanks - I'll give it a try - jeff

On 4/29/2017 2:02 PM, Eric Broch wrote:


Jeff,

In summary...

DENIED_OTHER: The connection was rejected by qmail (or another 
downstream filter), not spamdyke.|REASON| will contain the rejection 
message given by qmail (or other downstream filter).


REASON: 451_mail_server_temporarily_rejected_message_(#4.3.0).

Check /var/log/messages for segfault

Check /var/qmail/supervise/smtp/run softlimit

Try this:

Edit /var/qmail/control/simcontrol and set the following to 'no'

:clam=no,spam=no

# qmailctl stop

# qmailctl cdb

# qmailctl start

Let me know.

If that doesn't work edit /etc/tcprules.d/tcp.smtp

change

QMAILQUEUE="/var/qmail/bin/simscan"

to

QMAILQUEUE="/var/qmail/bin/qmail-queue"


Eric



On 4/29/2017 11:23 AM, Jeff Koch wrote:

Hi Erin:

Thanks, we found the tcp.smtp file at /etc/trcrules.d and pointed 
spamdyke there. So that's fixed.


We also pointed the certificate file to 
/var/qmail/control/servercert.pem and cleared those errors.


However, we are still seeing qq soft rejects in 
/var/log/qmail/smtp/current. They seem to be related to the matching 
spamdyke log entries in /var/log/maillog. Example:


Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/msg.1493481946.217350.3912:

OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/addr.1493481946.217350.3912:

 OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/textfile1: OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/2c7fdfebf8050265e8b51bd3c2ea

58f0: OK
Apr 29 11:05:46 server spamdyke[3905]: DENIED_OTHER from: 
@pokemailing.com to: .yyy@idfim
portadora.com origin_ip: 67.211.215.94 origin_rdns: 
km61.pokemailing.com auth: (unknown) encryption: (no

ne) reason: 451_mail_server_temporarily_rejected_message_(#4.3.0)

I put the clamd log entries above so you could that clamd passed the 
message OK.  However does anybody know what 'DENIED OTHER" means or 
figure out from the message why spamdyke rejected the message?



Jeff Koch


On 4/29/2017 1:18 AM, Eric Broch wrote:

Hi Jeff,

Do you know why spamdyke would be looking in /home/vpopmail/etc for 
anything ? I've never heard of this before.


Spamdyke's configuration directory is a link in /etc: /etc/spamdyke 
-> ../opt/spamdyke/etc.


Here's my spamdyke configuration: 'cat /etc/spamdyke/spamdyke.conf'



#dns-blacklist-entry=zombie.dnsbl.sorbs.net
#dns-blacklist-entry=dul.dnsbl.sorbs.net
#dns-blacklist-entry=bogons.cymru.com
dns-blacklist-entry=zen.spamhaus.org
dns-blacklist-entry=bl.spamcop.net
graylist-dir=/var/spamdyke/graylist
graylist-level=none
graylist-max-secs=2678400
graylist-min-secs=180
greeting-delay-secs=2
header-blacklist-entry=From:*>,*<*
idle-timeout-secs=60
ip-blacklist-file=/etc/spamdyke/blacklist_ip
ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords
ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords
ip-whitelist-file=/etc/spamdyke/whitelist_ip
qmail-rcpthosts-file=/var/qmail/control/rcpthosts
#qmail-rcpthosts-file=/var/qmail/control/qmail-morercpthosts-cdb
log-level=info
max-recipients=50
#policy-url=http://my.policy.explanation.url/
rdns-blacklist-file=/etc/spamdyke/blacklist_rdns
rdns-whitelist-file=/etc/spamdyke/whitelist_rdns
recipient-blacklist-file=/etc/spamdyke/blacklist_recipients
recipient-whitelist-file=/etc/spamdyke/whitelist_recipients
reject-empty-rdns
#reject-ip-in-cc-rdns
reject-sender=no-mx
reject-unresolvable-rdns
sender-blacklist-file=/etc/spamdyke/blacklist_senders
sender-whitelist-file=/etc/spamdyke/whitelist_senders
tls-certificate-file=/var/qmail/control/servercert.pem
tls-level=smtp



And, how did you make your certificate and where did you put it?

Let me know if that helps.

Eric


On 4/28/2017 6:26 PM, Jeff Koch wrote:
Apr 28 09:52:29 server spamdyke[20476]: ERROR: unable to open file 
for searching /home/vpopmail/etc/open-smtp: No such file or directory
Apr 28 09:52:32 server spamdyke[20476]: ERROR: unable to load or 
decrypt SSL/TLS private key from file: 

Re: [qmailtoaster] qq soft reject with Centos 7

[Jeff Koch]

Eric - thanks - I'll give it a try - jeff

On 4/29/2017 2:02 PM, Eric Broch wrote:


Jeff,

In summary...

DENIED_OTHER: The connection was rejected by qmail (or another 
downstream filter), not spamdyke.|REASON| will contain the rejection 
message given by qmail (or other downstream filter).


REASON: 451_mail_server_temporarily_rejected_message_(#4.3.0).

Check /var/log/messages for segfault

Check /var/qmail/supervise/smtp/run softlimit

Try this:

Edit /var/qmail/control/simcontrol and set the following to 'no'

:clam=no,spam=no

# qmailctl stop

# qmailctl cdb

# qmailctl start

Let me know.

If that doesn't work edit /etc/tcprules.d/tcp.smtp

change

QMAILQUEUE="/var/qmail/bin/simscan"

to

QMAILQUEUE="/var/qmail/bin/qmail-queue"


Eric



On 4/29/2017 11:23 AM, Jeff Koch wrote:

Hi Erin:

Thanks, we found the tcp.smtp file at /etc/trcrules.d and pointed 
spamdyke there. So that's fixed.


We also pointed the certificate file to 
/var/qmail/control/servercert.pem and cleared those errors.


However, we are still seeing qq soft rejects in 
/var/log/qmail/smtp/current. They seem to be related to the matching 
spamdyke log entries in /var/log/maillog. Example:


Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/msg.1493481946.217350.3912:

OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/addr.1493481946.217350.3912:

 OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/textfile1: OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/2c7fdfebf8050265e8b51bd3c2ea

58f0: OK
Apr 29 11:05:46 server spamdyke[3905]: DENIED_OTHER from: 
@pokemailing.com to: .yyy@idfim
portadora.com origin_ip: 67.211.215.94 origin_rdns: 
km61.pokemailing.com auth: (unknown) encryption: (no

ne) reason: 451_mail_server_temporarily_rejected_message_(#4.3.0)

I put the clamd log entries above so you could that clamd passed the 
message OK.  However does anybody know what 'DENIED OTHER" means or 
figure out from the message why spamdyke rejected the message?



Jeff Koch


On 4/29/2017 1:18 AM, Eric Broch wrote:

Hi Jeff,

Do you know why spamdyke would be looking in /home/vpopmail/etc for 
anything ? I've never heard of this before.


Spamdyke's configuration directory is a link in /etc: /etc/spamdyke 
-> ../opt/spamdyke/etc.


Here's my spamdyke configuration: 'cat /etc/spamdyke/spamdyke.conf'



#dns-blacklist-entry=zombie.dnsbl.sorbs.net
#dns-blacklist-entry=dul.dnsbl.sorbs.net
#dns-blacklist-entry=bogons.cymru.com
dns-blacklist-entry=zen.spamhaus.org
dns-blacklist-entry=bl.spamcop.net
graylist-dir=/var/spamdyke/graylist
graylist-level=none
graylist-max-secs=2678400
graylist-min-secs=180
greeting-delay-secs=2
header-blacklist-entry=From:*>,*<*
idle-timeout-secs=60
ip-blacklist-file=/etc/spamdyke/blacklist_ip
ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords
ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords
ip-whitelist-file=/etc/spamdyke/whitelist_ip
qmail-rcpthosts-file=/var/qmail/control/rcpthosts
#qmail-rcpthosts-file=/var/qmail/control/qmail-morercpthosts-cdb
log-level=info
max-recipients=50
#policy-url=http://my.policy.explanation.url/
rdns-blacklist-file=/etc/spamdyke/blacklist_rdns
rdns-whitelist-file=/etc/spamdyke/whitelist_rdns
recipient-blacklist-file=/etc/spamdyke/blacklist_recipients
recipient-whitelist-file=/etc/spamdyke/whitelist_recipients
reject-empty-rdns
#reject-ip-in-cc-rdns
reject-sender=no-mx
reject-unresolvable-rdns
sender-blacklist-file=/etc/spamdyke/blacklist_senders
sender-whitelist-file=/etc/spamdyke/whitelist_senders
tls-certificate-file=/var/qmail/control/servercert.pem
tls-level=smtp



And, how did you make your certificate and where did you put it?

Let me know if that helps.

Eric


On 4/28/2017 6:26 PM, Jeff Koch wrote:
Apr 28 09:52:29 server spamdyke[20476]: ERROR: unable to open file 
for searching /home/vpopmail/etc/open-smtp: No such file or directory
Apr 28 09:52:32 server spamdyke[20476]: ERROR: unable to load or 
decrypt SSL/TLS private key from file: 
/home/vpopmail/spamdyke/server_domain_net.key : A protocol or 
library failure occurred, error:0B080074:lib(11):func(128):reason(116)
Apr 28 09:52:32 server spamdyke[20476]: ERROR: incorrect SSL/TLS 
private key password or SSL/TLS certificate/privatekey 
mismatch/home/vpopmail/spamdyke/server_domain_net.key : A protocol 
or library failure occurred, 
error:140A80B1:lib(20):func(168):reason(177)






--
Eric Broch
White Horse Technical Consulting (WHTC)

Re: [qmailtoaster] qq soft reject with Centos 7

[Eric Broch]

Jeff,

In summary...

DENIED_OTHER: The connection was rejected by qmail (or another 
downstream filter), not spamdyke.|REASON| will contain the rejection 
message given by qmail (or other downstream filter).


REASON: 451_mail_server_temporarily_rejected_message_(#4.3.0).

Check /var/log/messages for segfault

Check /var/qmail/supervise/smtp/run softlimit

Try this:

Edit /var/qmail/control/simcontrol and set the following to 'no'

:clam=no,spam=no

# qmailctl stop

# qmailctl cdb

# qmailctl start

Let me know.

If that doesn't work edit /etc/tcprules.d/tcp.smtp

change

QMAILQUEUE="/var/qmail/bin/simscan"

to

QMAILQUEUE="/var/qmail/bin/qmail-queue"


Eric



On 4/29/2017 11:23 AM, Jeff Koch wrote:

Hi Erin:

Thanks, we found the tcp.smtp file at /etc/trcrules.d and pointed 
spamdyke there. So that's fixed.


We also pointed the certificate file to 
/var/qmail/control/servercert.pem and cleared those errors.


However, we are still seeing qq soft rejects in 
/var/log/qmail/smtp/current. They seem to be related to the matching 
spamdyke log entries in /var/log/maillog. Example:


Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/msg.1493481946.217350.3912:

OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/addr.1493481946.217350.3912:

 OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/textfile1: OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/2c7fdfebf8050265e8b51bd3c2ea

58f0: OK
Apr 29 11:05:46 server spamdyke[3905]: DENIED_OTHER from: 
@pokemailing.com to: .yyy@idfim
portadora.com origin_ip: 67.211.215.94 origin_rdns: 
km61.pokemailing.com auth: (unknown) encryption: (no

ne) reason: 451_mail_server_temporarily_rejected_message_(#4.3.0)

I put the clamd log entries above so you could that clamd passed the 
message OK.  However does anybody know what 'DENIED OTHER" means or 
figure out from the message why spamdyke rejected the message?



Jeff Koch


On 4/29/2017 1:18 AM, Eric Broch wrote:

Hi Jeff,

Do you know why spamdyke would be looking in /home/vpopmail/etc for 
anything ? I've never heard of this before.


Spamdyke's configuration directory is a link in /etc: /etc/spamdyke 
-> ../opt/spamdyke/etc.


Here's my spamdyke configuration: 'cat /etc/spamdyke/spamdyke.conf'



#dns-blacklist-entry=zombie.dnsbl.sorbs.net
#dns-blacklist-entry=dul.dnsbl.sorbs.net
#dns-blacklist-entry=bogons.cymru.com
dns-blacklist-entry=zen.spamhaus.org
dns-blacklist-entry=bl.spamcop.net
graylist-dir=/var/spamdyke/graylist
graylist-level=none
graylist-max-secs=2678400
graylist-min-secs=180
greeting-delay-secs=2
header-blacklist-entry=From:*>,*<*
idle-timeout-secs=60
ip-blacklist-file=/etc/spamdyke/blacklist_ip
ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords
ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords
ip-whitelist-file=/etc/spamdyke/whitelist_ip
qmail-rcpthosts-file=/var/qmail/control/rcpthosts
#qmail-rcpthosts-file=/var/qmail/control/qmail-morercpthosts-cdb
log-level=info
max-recipients=50
#policy-url=http://my.policy.explanation.url/
rdns-blacklist-file=/etc/spamdyke/blacklist_rdns
rdns-whitelist-file=/etc/spamdyke/whitelist_rdns
recipient-blacklist-file=/etc/spamdyke/blacklist_recipients
recipient-whitelist-file=/etc/spamdyke/whitelist_recipients
reject-empty-rdns
#reject-ip-in-cc-rdns
reject-sender=no-mx
reject-unresolvable-rdns
sender-blacklist-file=/etc/spamdyke/blacklist_senders
sender-whitelist-file=/etc/spamdyke/whitelist_senders
tls-certificate-file=/var/qmail/control/servercert.pem
tls-level=smtp



And, how did you make your certificate and where did you put it?

Let me know if that helps.

Eric


On 4/28/2017 6:26 PM, Jeff Koch wrote:
Apr 28 09:52:29 server spamdyke[20476]: ERROR: unable to open file 
for searching /home/vpopmail/etc/open-smtp: No such file or directory
Apr 28 09:52:32 server spamdyke[20476]: ERROR: unable to load or 
decrypt SSL/TLS private key from file: 
/home/vpopmail/spamdyke/server_domain_net.key : A protocol or 
library failure occurred, error:0B080074:lib(11):func(128):reason(116)
Apr 28 09:52:32 server spamdyke[20476]: ERROR: incorrect SSL/TLS 
private key password or SSL/TLS certificate/privatekey 
mismatch/home/vpopmail/spamdyke/server_domain_net.key : A protocol 
or library failure occurred, 
error:140A80B1:lib(20):func(168):reason(177)






--
Eric Broch
White Horse Technical Consulting (WHTC)

Re: [qmailtoaster] qq soft reject with Centos 7

[Jeff Koch]

Hi Erin:

Thanks, we found the tcp.smtp file at /etc/trcrules.d and pointed 
spamdyke there. So that's fixed.


We also pointed the certificate file to 
/var/qmail/control/servercert.pem and cleared those errors.


However, we are still seeing qq soft rejects in 
/var/log/qmail/smtp/current. They seem to be related to the matching 
spamdyke log entries in /var/log/maillog. Example:


Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/msg.1493481946.217350.3912:

OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/addr.1493481946.217350.3912:

 OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/textfile1: OK
Apr 29 11:05:46 server clamd[661]: 
/var/qmail/simscan/1493481946.217350.3912/2c7fdfebf8050265e8b51bd3c2ea

58f0: OK
Apr 29 11:05:46 server spamdyke[3905]: DENIED_OTHER from: 
@pokemailing.com to: .yyy@idfim
portadora.com origin_ip: 67.211.215.94 origin_rdns: km61.pokemailing.com 
auth: (unknown) encryption: (no

ne) reason: 451_mail_server_temporarily_rejected_message_(#4.3.0)

I put the clamd log entries above so you could that clamd passed the 
message OK.  However does anybody know what 'DENIED OTHER" means or 
figure out from the message why spamdyke rejected the message?



Jeff Koch


On 4/29/2017 1:18 AM, Eric Broch wrote:

Hi Jeff,

Do you know why spamdyke would be looking in /home/vpopmail/etc for 
anything ? I've never heard of this before.


Spamdyke's configuration directory is a link in /etc: /etc/spamdyke -> 
../opt/spamdyke/etc.


Here's my spamdyke configuration: 'cat /etc/spamdyke/spamdyke.conf'



#dns-blacklist-entry=zombie.dnsbl.sorbs.net
#dns-blacklist-entry=dul.dnsbl.sorbs.net
#dns-blacklist-entry=bogons.cymru.com
dns-blacklist-entry=zen.spamhaus.org
dns-blacklist-entry=bl.spamcop.net
graylist-dir=/var/spamdyke/graylist
graylist-level=none
graylist-max-secs=2678400
graylist-min-secs=180
greeting-delay-secs=2
header-blacklist-entry=From:*>,*<*
idle-timeout-secs=60
ip-blacklist-file=/etc/spamdyke/blacklist_ip
ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords
ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords
ip-whitelist-file=/etc/spamdyke/whitelist_ip
qmail-rcpthosts-file=/var/qmail/control/rcpthosts
#qmail-rcpthosts-file=/var/qmail/control/qmail-morercpthosts-cdb
log-level=info
max-recipients=50
#policy-url=http://my.policy.explanation.url/
rdns-blacklist-file=/etc/spamdyke/blacklist_rdns
rdns-whitelist-file=/etc/spamdyke/whitelist_rdns
recipient-blacklist-file=/etc/spamdyke/blacklist_recipients
recipient-whitelist-file=/etc/spamdyke/whitelist_recipients
reject-empty-rdns
#reject-ip-in-cc-rdns
reject-sender=no-mx
reject-unresolvable-rdns
sender-blacklist-file=/etc/spamdyke/blacklist_senders
sender-whitelist-file=/etc/spamdyke/whitelist_senders
tls-certificate-file=/var/qmail/control/servercert.pem
tls-level=smtp



And, how did you make your certificate and where did you put it?

Let me know if that helps.

Eric


On 4/28/2017 6:26 PM, Jeff Koch wrote:
Apr 28 09:52:29 server spamdyke[20476]: ERROR: unable to open file 
for searching /home/vpopmail/etc/open-smtp: No such file or directory
Apr 28 09:52:32 server spamdyke[20476]: ERROR: unable to load or 
decrypt SSL/TLS private key from file: 
/home/vpopmail/spamdyke/server_domain_net.key : A protocol or library 
failure occurred, error:0B080074:lib(11):func(128):reason(116)
Apr 28 09:52:32 server spamdyke[20476]: ERROR: incorrect SSL/TLS 
private key password or SSL/TLS certificate/privatekey 
mismatch/home/vpopmail/spamdyke/server_domain_net.key : A protocol or 
library failure occurred, error:140A80B1:lib(20):func(168):reason(177)

Re: [qmailtoaster] qq soft reject with Centos 7

[Jeff Koch]

Hi Sean:

I did not remove it but I changed Yes to No for ClamAV in simscan and 
did run qmailctl cdb. In doing the research it appears that the ClamAV 
'qq soft reject' issue was only related to earlier versions of ClamAV 
and I think only on CentOS 5. But I thought I'd try removing it anyway.


Jeff

On 4/28/2017 11:47 PM, Sean P. Murphy wrote:

Hi Jeff,

To answer your first question, the tcp.smtp file and related files now 
reside in /etc/tcprules.d.  As far as your second question goes, I 
haven't used spamdyke so I can't speak to anything regarding that. 
 Perhaps Eric or someone with some more experience can help you there.


When you turned off ClamAV, did you also remove it from simscan and 
run "qmailctl cdb" after doing so?


-Sean

On Apr 28, 2017, at 8:26 PM, Jeff Koch > wrote:




Hi - we're running a new qmailtoaster (installed in March 2017) on a 
new CentOS 7 server. We're seeing  a large number of soft rejects in 
the /var/log/qmail/smtp log that look like this:


qmail-smtpd: qq soft reject (mail server temporarily rejected message 
(#4.3.0)):


We tried turning off ClamAV to see if that helped but it didn't. 
However, these rejects seem to be accompanied by the following 
spamdyke errors in the /var/log/maillog:


Apr 28 09:52:29 server spamdyke[20476]: ERROR: unable to open file 
for searching /home/vpopmail/etc/tcp.s

mtp: No such file or directory
Apr 28 09:52:29 server spamdyke[20476]: ERROR: unable to open file 
for searching /home/vpopmail/etc/open-smtp: No such file or directory
Apr 28 09:52:32 server spamdyke[20476]: ERROR: unable to load or 
decrypt SSL/TLS private key from file: 
/home/vpopmail/spamdyke/server_domain_net.key : A protocol or library 
failure occurred, error:0B080074:lib(11):func(128):reason(116)
Apr 28 09:52:32 server spamdyke[20476]: ERROR: incorrect SSL/TLS 
private key password or SSL/TLS certificate/privatekey 
mismatch/home/vpopmail/spamdyke/server_domain_net.key : A protocol or 
library failure occurred, error:140A80B1:lib(20):func(168):reason(177)
Apr 28 09:52:32 server spamdyke[20476]: ERROR: unable to initialize 
SSL/TLS library
Apr 28 09:52:32 server spamdyke[20476]: TLS_ENCRYPTED from: (unknown) 
to: (unknown) origin_ip: 200.xx.xx.10 origin_rdns: ns.blah-blah.net 
 auth: (unknown) encryption: TLS_PASSTHROUGH 
reason: (empty)


First Question - where did tcp.smtp go that used to reside in 
/home/vpopmail/etc in the old toasters?


Second Question - /home/vpopmail/spamdyke/server_domain_net.key does 
exist so what could be the reason why spamdyke is unable to decrypt 
the private key?


Thanks for any insights you guys might have.

Jeff Koch

Re: [qmailtoaster] qq soft reject with Centos 7

[Eric Broch]

Hi Jeff,

Do you know why spamdyke would be looking in /home/vpopmail/etc for 
anything ? I've never heard of this before.


Spamdyke's configuration directory is a link in /etc: /etc/spamdyke -> 
../opt/spamdyke/etc.


Here's my spamdyke configuration: 'cat /etc/spamdyke/spamdyke.conf'



#dns-blacklist-entry=zombie.dnsbl.sorbs.net
#dns-blacklist-entry=dul.dnsbl.sorbs.net
#dns-blacklist-entry=bogons.cymru.com
dns-blacklist-entry=zen.spamhaus.org
dns-blacklist-entry=bl.spamcop.net
graylist-dir=/var/spamdyke/graylist
graylist-level=none
graylist-max-secs=2678400
graylist-min-secs=180
greeting-delay-secs=2
header-blacklist-entry=From:*>,*<*
idle-timeout-secs=60
ip-blacklist-file=/etc/spamdyke/blacklist_ip
ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords
ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords
ip-whitelist-file=/etc/spamdyke/whitelist_ip
qmail-rcpthosts-file=/var/qmail/control/rcpthosts
#qmail-rcpthosts-file=/var/qmail/control/qmail-morercpthosts-cdb
log-level=info
max-recipients=50
#policy-url=http://my.policy.explanation.url/
rdns-blacklist-file=/etc/spamdyke/blacklist_rdns
rdns-whitelist-file=/etc/spamdyke/whitelist_rdns
recipient-blacklist-file=/etc/spamdyke/blacklist_recipients
recipient-whitelist-file=/etc/spamdyke/whitelist_recipients
reject-empty-rdns
#reject-ip-in-cc-rdns
reject-sender=no-mx
reject-unresolvable-rdns
sender-blacklist-file=/etc/spamdyke/blacklist_senders
sender-whitelist-file=/etc/spamdyke/whitelist_senders
tls-certificate-file=/var/qmail/control/servercert.pem
tls-level=smtp



And, how did you make your certificate and where did you put it?

Let me know if that helps.

Eric


On 4/28/2017 6:26 PM, Jeff Koch wrote:
Apr 28 09:52:29 server spamdyke[20476]: ERROR: unable to open file for 
searching /home/vpopmail/etc/open-smtp: No such file or directory
Apr 28 09:52:32 server spamdyke[20476]: ERROR: unable to load or 
decrypt SSL/TLS private key from file: 
/home/vpopmail/spamdyke/server_domain_net.key : A protocol or library 
failure occurred, error:0B080074:lib(11):func(128):reason(116)
Apr 28 09:52:32 server spamdyke[20476]: ERROR: incorrect SSL/TLS 
private key password or SSL/TLS certificate/privatekey 
mismatch/home/vpopmail/spamdyke/server_domain_net.key : A protocol or 
library failure occurred, error:140A80B1:lib(20):func(168):reason(177)


--
Eric Broch
White Horse Technical Consulting (WHTC)


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] qq soft reject with Centos 7

[Noriyuki Hayashi]

Hi Jeff,

In addtion,
1. Check the spamassassin.
# spamassassin --lint
2. Also check the environment spamassassin.
spamassassin -D --lint
3. You also need restart qmail.
# systemctl stop qmail
check by ps ax
# systemctl start qmail

Kind regards,
Nori

On Fri, 28 Apr 2017 20:26:33 -0400
Jeff Koch  wrote:

> 
> Hi - we're running a new qmailtoaster (installed in March 2017) on a new 
> CentOS 7 server. We're seeing  a large number of soft rejects in the 
> /var/log/qmail/smtp log that look like this:
> 
> qmail-smtpd: qq soft reject (mail server temporarily rejected message 
> (#4.3.0)):
> 
> We tried turning off ClamAV to see if that helped but it didn't. However, 
> these rejects seem to be accompanied by the following spamdyke errors in the 
> /var/log/maillog:
> 
> Apr 28 09:52:29 server spamdyke[20476]: ERROR: unable to open file for 
> searching /home/vpopmail/etc/tcp.s
> mtp: No such file or directory
> Apr 28 09:52:29 server spamdyke[20476]: ERROR: unable to open file for 
> searching /home/vpopmail/etc/open-smtp: No such file or directory
> Apr 28 09:52:32 server spamdyke[20476]: ERROR: unable to load or decrypt 
> SSL/TLS private key from file: /home/vpopmail/spamdyke/server_domain_net.key 
> : A protocol or library failure occurred, 
> error:0B080074:lib(11):func(128):reason(116)
> Apr 28 09:52:32 server spamdyke[20476]: ERROR: incorrect SSL/TLS private key 
> password or SSL/TLS certificate/privatekey 
> mismatch/home/vpopmail/spamdyke/server_domain_net.key : A protocol or library 
> failure occurred, error:140A80B1:lib(20):func(168):reason(177)
> Apr 28 09:52:32 server spamdyke[20476]: ERROR: unable to initialize SSL/TLS 
> library
> Apr 28 09:52:32 server spamdyke[20476]: TLS_ENCRYPTED from: (unknown) to: 
> (unknown) origin_ip: 200.xx.xx.10 origin_rdns: ns.blah-blah.net auth: 
> (unknown) encryption: TLS_PASSTHROUGH reason: (empty)
> 
> First Question - where did tcp.smtp go that used to reside in 
> /home/vpopmail/etc in the old toasters?
> 
> Second Question - /home/vpopmail/spamdyke/server_domain_net.key does exist so 
> what could be the reason why spamdyke is unable to decrypt the private key?
> 
> Thanks for any insights you guys might have.
> 
> Jeff Koch

/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/

Telecommunications Association License No. A-18-9191
Government Resell  License No. 301039703002
  WATS CO.,LTD.   
  Kawana Bldg, 5F  Kamata
Ota-ku Tokyo, 144-0052 JAPAN
   Phone 81-50-5830-5940　
   Ext：201 VoiceMailDirect：201*1
   FAX   81-50-5830-5941
http://wats.gr.jp
  Mail： wats @ wats.gr.jp
Please remove the space between @ as double side

Key fingerprint = B53D FF2F BFEA FDA8 1439  38AA 8281 9A3E C9B6 2FC9

/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] qq soft reject with Centos 7

[Noriyuki Hayashi]

Hi Jeff,

Hope you are good.
I am using CentOS-7.2.1511 for qt.
Memory 16GB 4CPU on the KVM.

1. You can check clamdscan as below.

# clamdscan  -V
ClamAV 0.99.2/23331/Wed Apr 26 13:58:22 2017

It should no error like above.

2. Check the softlimit /var/qmail/supervise/smtp/run
I am setting 12800.

#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
SPAMDYKE="/usr/bin/spamdyke"
SPAMDYKE_CONF="/etc/spamdyke/spamdyke.conf"
SMTPD="/var/qmail/bin/qmail-smtpd"
TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb"
HOSTNAME=`hostname`
VCHKPW="/home/vpopmail/bin/vchkpw"
REQUIRE_AUTH=0

exec /usr/bin/softlimit -m 12800 \
 /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \
 -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
 $SPAMDYKE --config-file $SPAMDYKE_CONF \
 $SMTPD $VCHKPW /bin/true 2>&1

3. You can set the DEBUG mode on simscan like below.
/etc/tcprules.d/tcp.smtp
:allow,SIMSCAN_DEBUG="3",BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",QMAILQUEUE="/var/qmail/bin/simscan",NOP0FCHECK="1"

Do not forget 
# tcprules /etc/tcprules.d/tcp.smtp.cdb /etc/tcprules.d/tcp.smtp.tmp <
/etc/tcprules.d/tcp.smtp

4. You will restart /etc/rc.d/init.d/spamd
Then you can check the every log.

Kind regards,
Nori

On Fri, 28 Apr 2017 20:26:33 -0400
Jeff Koch  wrote:

> 
> Hi - we're running a new qmailtoaster (installed in March 2017) on a new 
> CentOS 7 server. We're seeing  a large number of soft rejects in the 
> /var/log/qmail/smtp log that look like this:
> 
> qmail-smtpd: qq soft reject (mail server temporarily rejected message 
> (#4.3.0)):
> 
> We tried turning off ClamAV to see if that helped but it didn't. However, 
> these rejects seem to be accompanied by the following spamdyke errors in the 
> /var/log/maillog:
> 
> Apr 28 09:52:29 server spamdyke[20476]: ERROR: unable to open file for 
> searching /home/vpopmail/etc/tcp.s
> mtp: No such file or directory
> Apr 28 09:52:29 server spamdyke[20476]: ERROR: unable to open file for 
> searching /home/vpopmail/etc/open-smtp: No such file or directory
> Apr 28 09:52:32 server spamdyke[20476]: ERROR: unable to load or decrypt 
> SSL/TLS private key from file: /home/vpopmail/spamdyke/server_domain_net.key 
> : A protocol or library failure occurred, 
> error:0B080074:lib(11):func(128):reason(116)
> Apr 28 09:52:32 server spamdyke[20476]: ERROR: incorrect SSL/TLS private key 
> password or SSL/TLS certificate/privatekey 
> mismatch/home/vpopmail/spamdyke/server_domain_net.key : A protocol or library 
> failure occurred, error:140A80B1:lib(20):func(168):reason(177)
> Apr 28 09:52:32 server spamdyke[20476]: ERROR: unable to initialize SSL/TLS 
> library
> Apr 28 09:52:32 server spamdyke[20476]: TLS_ENCRYPTED from: (unknown) to: 
> (unknown) origin_ip: 200.xx.xx.10 origin_rdns: ns.blah-blah.net auth: 
> (unknown) encryption: TLS_PASSTHROUGH reason: (empty)
> 
> First Question - where did tcp.smtp go that used to reside in 
> /home/vpopmail/etc in the old toasters?
> 
> Second Question - /home/vpopmail/spamdyke/server_domain_net.key does exist so 
> what could be the reason why spamdyke is unable to decrypt the private key?
> 
> Thanks for any insights you guys might have.
> 
> Jeff Koch

/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/

Telecommunications Association License No. A-18-9191
Government Resell  License No. 301039703002
  WATS CO.,LTD.   
  Kawana Bldg, 5F  Kamata
Ota-ku Tokyo, 144-0052 JAPAN
   Phone 81-50-5830-5940　
   Ext：201 VoiceMailDirect：201*1
   FAX   81-50-5830-5941
http://wats.gr.jp
  Mail： wats @ wats.gr.jp
Please remove the space between @ as double side

Key fingerprint = B53D FF2F BFEA FDA8 1439  38AA 8281 9A3E C9B6 2FC9

/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] qq soft reject with Centos 7

[Sean P. Murphy]

Hi Jeff,

To answer your first question, the tcp.smtp file and related files now reside 
in /etc/tcprules.d.  As far as your second question goes, I haven't used 
spamdyke so I can't speak to anything regarding that.  Perhaps Eric or someone 
with some more experience can help you there.

When you turned off ClamAV, did you also remove it from simscan and run 
"qmailctl cdb" after doing so?

-Sean

> On Apr 28, 2017, at 8:26 PM, Jeff Koch  wrote:
> 
> 
> Hi - we're running a new qmailtoaster (installed in March 2017) on a new 
> CentOS 7 server. We're seeing  a large number of soft rejects in the 
> /var/log/qmail/smtp log that look like this:
> 
> qmail-smtpd: qq soft reject (mail server temporarily rejected message 
> (#4.3.0)):
> 
> We tried turning off ClamAV to see if that helped but it didn't. However, 
> these rejects seem to be accompanied by the following spamdyke errors in the 
> /var/log/maillog:
> 
> Apr 28 09:52:29 server spamdyke[20476]: ERROR: unable to open file for 
> searching /home/vpopmail/etc/tcp.s
> mtp: No such file or directory
> Apr 28 09:52:29 server spamdyke[20476]: ERROR: unable to open file for 
> searching /home/vpopmail/etc/open-smtp: No such file or directory
> Apr 28 09:52:32 server spamdyke[20476]: ERROR: unable to load or decrypt 
> SSL/TLS private key from file: /home/vpopmail/spamdyke/server_domain_net.key 
> : A protocol or library failure occurred, 
> error:0B080074:lib(11):func(128):reason(116)
> Apr 28 09:52:32 server spamdyke[20476]: ERROR: incorrect SSL/TLS private key 
> password or SSL/TLS certificate/privatekey 
> mismatch/home/vpopmail/spamdyke/server_domain_net.key : A protocol or library 
> failure occurred, error:140A80B1:lib(20):func(168):reason(177)
> Apr 28 09:52:32 server spamdyke[20476]: ERROR: unable to initialize SSL/TLS 
> library
> Apr 28 09:52:32 server spamdyke[20476]: TLS_ENCRYPTED from: (unknown) to: 
> (unknown) origin_ip: 200.xx.xx.10 origin_rdns: ns.blah-blah.net auth: 
> (unknown) encryption: TLS_PASSTHROUGH reason: (empty)
> 
> First Question - where did tcp.smtp go that used to reside in 
> /home/vpopmail/etc in the old toasters?
> 
> Second Question - /home/vpopmail/spamdyke/server_domain_net.key does exist so 
> what could be the reason why spamdyke is unable to decrypt the private key?
> 
> Thanks for any insights you guys might have.
> 
> Jeff Koch