Sorry for the acronyms: QMT is QmailToaster -- a precompiled Linux distribution that includes a working qmail installation. LwQ is Life With Qmail -- a popular guide for compiling qmail from source and configuring it to work correctly. Both of these methods include a command that limits the amount of RAM qmail can use (and thus also limits spamdyke); when that limit is set too low, strange errors occur (not the "out of memory" errors you might expect). Since you're using Plesk, that consideration doesn't apply.
SELinux is Security Enhanced Linux -- a loadable module that adds a ton of security-related "features" to the Linux kernel but usually only causes problems. SELinux is one of the first things most sysadmins disable or uninstall when they build a new server. I'm glad it started working, though it would have been nice to find a rational explanation. A couple more ideas occur to me. Is your graylist folder stored on a local filesystem or is it mounted from another server (e.g. NFS, AFS, CODA)? If it is stored remotely, is it possible there the qmail server's and the file server's clocks are out of sync? After all, everything about spamdyke's graylist-min-secs option relies on reading the timestamp on the file -- if that fails for some reason or returns a date within graylist-min-secs, incoming messages could remain graylisted forever. Is it possible your server's time was adjusted/updated recently (around the time you witnessed it suddenly working)? For that matter, what OS and version are you running? What filesystem type (e.g. ext3, reiserfs, XFS) are you using for the graylist folder? Have you run a filesystem check to make sure there are no disk errors lurking? -- Sam Clippinger On 12/15/10 4:11 PM, Roland Moelle wrote: > Sam, > > Concerning your questions: Yes, the messages are beeing greylisted forever > (for this address only). The log file contains "DENIED_GRAYLISTED from: > [email protected]". The EXISTING info file in > /var/qmail/spamdyke/greylist/moelle.biz/roland.moelle/redcoon.de was not > touched repeatedly at all. It was created at first attempt when it was not > existing with a size of zero and then it wasn't touched anymore during the > following attempts. The file for [email protected] in the same directory > was updated as desired. > > The available disk space is used for less than 3%, RAM for 10% and the > CPU-load is constantly below 3%, so I'd say the machine gets rather bored > than stressed. > I don't even have the foggiest notion of "QMT or LwQ" and also "SELinux", so > I can't comment these issues. > > I also don't know how the /var/qmail/spamdyke/conf.s entry came to my > spamdyke.conf file (I guess uninteded duplication of a line using vi - shame > on me), but I corrected this entry in a first step (change #1), but did not > reinitialize qmail or spamdyke at that point. > > - Then I renamed the existing info-file (as I already did yesterday, too) > (change #2) and > - I triggered a new message to make sure the problem persists: > The message was rejected twice with "DENIED_GRAYLISTED" but the minimum time > for greylisting was not past yet, so I had to wait for the third attempt. > - Meanwhile I prepared the new spamdyke.conf containing "full-log-dir", but > did not save it, yet. > > And guess what happened: The third attempt suddenly was accepted (ALLOWED), > the info file was updated. > Don't know wheater to cry or laugh right now. > > So I discarded the "full-log-dir" option. > Since change #2 didn't show any effect yesterday, I reversed the remaining > change #1 to see if this was the key ... and of course it was not. > > So I moved the renamed info file back in place, deleted the contents an gave > it a try ... and of course it worked fine now and the message was accepted > in third attempt. > In the end I checked my log files to see if it was really permanently > rejected with "DENIED_GRAYLISTED" yesterday and it was. > > I don't know what was happening and I'm not able to reproduce the problem > anymore. Magic! > I'm sorry for your inconvenience and I would like to say thanks to you and > Eric for your assistance! > > Roland > > > > -----Ursprüngliche Nachricht----- > Von: [email protected] > [mailto:[email protected]] Im Auftrag von Sam Clippinger > Gesendet: Dienstag, 14. Dezember 2010 22:07 > An: spamdyke users > Betreff: Re: [spamdyke-users] Greylisting entries won't update > > You're seeing the error about /var/qmail/spamdyke/conf.s because there is a > line in your configuration file giving that folder as a value for > "config-dir". But that's not what's causing the problem. > > What messages are you seeing in your log file for these rejected > connections? Are they being graylisted forever or rejected for some other > reason? Also, can you enable full logging (with "full-log-dir") and trigger > one of these messages, then post (or privately email) the log file from that > connection? > > Offhand, this looks like something else is going on here -- in a QMT or LwQ > setup I would suggest increasing qmail's memory limit. Have you checked > your filesystem to make sure it's not out of disk space and/or inodes? Is > SELinux enabled? > > -- Sam Clippinger > > On 12/14/10 2:12 PM, Roland Moelle wrote: > >> Thanks Eric! >> >> Though it was hard for me to understand and pimp the commands for my >> Plesk installation, I think that I managed (more or less) to run the >> > config-test. > >> But now I need help in reading the results (see below). What looks >> strange to me is: >> "ERROR: unable to stat() path /var/qmail/spamdyke/conf.s" >> There is a directory /var/qmail/spamdyke/conf.d but nothing like >> conf.s or what does this mean? >> Also I found that the files in /var/qmail/spamdyke/greylist are beeing >> updated when messages arrive (first with the size of zero, when they >> get passed with IP and RDNS-name), but not for this special mail from >> [email protected]. >> >> Once you have an account there, you get an email-message everytime you >> type your password wrong, so I could test it for a while. The message >> is rejected, a file info (with size 0) is created, but it keeps on >> rejecting any further attempt to deliver the same message. Once I do >> the entries in /var/qmail/spamdyke/greylist/.../info manually, the >> > messages get past. > >> So far, this seems to be the only message (sender, ip, rdns) that >> won't work out, but I saw this by hazard and I'm afraid there might be >> more messages that are permanently beeing rejected. Whitelisting works >> of course. Also every other mail, but not this special one. Magic? >> Any further hints are appreciated! >> >> Regards, >> Roland >> >> My test-commands and the results: >> >> r...@mail:/usr/local/bin# PROTO=TCP export TCPLOCALHOST=$(hostname >> --fqdn) export TCPLOCALIP=127.0.0.1 export TCPLOCALPORT=25025 >> r...@mail:/usr/local/bin# spamdyke --config-file /etc/spamdyke.conf >> --config-test --run-as-user vpopmail:vchkpw /var/qmail/bin/qmail-smtpd >> /var/qmail/bin/smtp_auth /var/qmail/bin/true >> /var/qmail/bin/cmd5checkpw /var/qmail/bin/true 2>&1 spamdyke >> 4.1.0+TLS+CONFIGTEST+DEBUG (C)2010 Sam Clippinger, samc (at) silence >> (dot) org http://www.spamdyke.org/ >> >> Use -h for an option summary or see README.html for complete option >> > details. > >> WARNING: Running tests as superuser root(0), group root(0). These test >> results may not be valid if the mail server runs as another user. >> SUCCESS(binary-check): File is executable: /usr/local/bin/spamdyke >> SUCCESS: /var/qmail/bin/qmail-smtpd appears to offer TLS support but >> spamdyke will intercept and decrypt the TLS traffic so all of its >> filters can operate. >> ERROR: /var/qmail/bin/qmail-smtpd appears to offer SMTP AUTH support. >> spamdyke will observe any authentication and trust its response but >> spamdyke cannot process responses itself because one or more of the >> following options was not given: "access-file", "local-domains-file" or >> > "smtp-auth-command" > >> SUCCESS(ip-blacklist-file): Opened for reading: >> /var/qmail/spamdyke/blacklist_ip_moelle_biz >> SUCCESS(ip-in-rdns-keyword-blacklist-file): Opened for reading: >> /var/qmail/spamdyke/blacklist_keywords_moelle_biz >> SUCCESS(ip-whitelist-file): Opened for reading: >> /var/qmail/spamdyke/whitelist_ip_moelle_biz >> SUCCESS(rdns-blacklist-file): Opened for reading: >> /var/qmail/spamdyke/blacklist_rdns_moelle_biz >> SUCCESS(rdns-whitelist-file): Opened for reading: >> /var/qmail/spamdyke/whitelist_rdns_moelle_biz >> SUCCESS(recipient-blacklist-file): Opened for reading: >> /var/qmail/spamdyke/blacklist_recipient_moelle_biz >> SUCCESS(recipient-whitelist-file): Opened for reading: >> /var/qmail/spamdyke/whitelist_recipient_moelle_biz >> SUCCESS(sender-blacklist-file): Opened for reading: >> /var/qmail/spamdyke/blacklist_senders_moelle_biz >> SUCCESS(sender-whitelist-file): Opened for reading: >> /var/qmail/spamdyke/whitelist_senders_moelle_biz >> SUCCESS(ip-blacklist-file): Opened for reading: >> /var/qmail/spamdyke/blacklist_ip_skala-net_de >> SUCCESS(ip-in-rdns-keyword-blacklist-file): Opened for reading: >> /var/qmail/spamdyke/blacklist_keywords_skala-net_de >> SUCCESS(ip-whitelist-file): Opened for reading: >> /var/qmail/spamdyke/whitelist_ip_skala-net_de >> SUCCESS(rdns-blacklist-file): Opened for reading: >> /var/qmail/spamdyke/blacklist_rdns_skala-net_de >> SUCCESS(rdns-whitelist-file): Opened for reading: >> /var/qmail/spamdyke/whitelist_rdns_skala-net_de >> SUCCESS(recipient-blacklist-file): Opened for reading: >> /var/qmail/spamdyke/blacklist_recipient_skala-net_de >> SUCCESS(recipient-whitelist-file): Opened for reading: >> /var/qmail/spamdyke/whitelist_recipient_skala-net_de >> SUCCESS(sender-blacklist-file): Opened for reading: >> /var/qmail/spamdyke/blacklist_senders_skala-net_de >> SUCCESS(sender-whitelist-file): Opened for reading: >> /var/qmail/spamdyke/whitelist_senders_skala-net_de >> ERROR: unable to stat() path /var/qmail/spamdyke/conf.s >> SUCCESS(config-file): Opened for reading: /etc/spamdyke.conf >> SUCCESS(dns-resolv-conf): Opened for reading: /etc/resolv.conf >> INFO(graylist-level): Local domain has no domain directory; no >> graylisting will take place for the domain: skala-net.com >> INFO(graylist-level): Local domain has no domain directory; no >> graylisting will take place for the domain: mail.moelle.biz >> SUCCESS(graylist-level): Graylist directory tests succeeded: >> /var/qmail/spamdyke/greylist >> SUCCESS(hostname-file): Opened for reading: /var/qmail/control/me >> SUCCESS(ip-blacklist-file): Opened for reading: >> /var/qmail/spamdyke/blacklist_ip >> SUCCESS(ip-in-rdns-keyword-blacklist-file): Opened for reading: >> /var/qmail/spamdyke/blacklist_keywords >> SUCCESS(ip-whitelist-file): Opened for reading: >> /var/qmail/spamdyke/whitelist_ip >> SUCCESS(local-domains-file): Opened for reading: >> /var/qmail/control/rcpthosts >> SUCCESS(rdns-whitelist-file): Opened for reading: >> /var/qmail/spamdyke/whitelist_rdns >> SUCCESS(recipient-blacklist-file): Opened for reading: >> /var/qmail/spamdyke/blacklist_recipients >> SUCCESS(sender-blacklist-file): Opened for reading: >> /var/qmail/spamdyke/blacklist_senders >> SUCCESS(sender-whitelist-file): Opened for reading: >> /var/qmail/spamdyke/whitelist_senders >> SUCCESS(smtp-auth-level): File is executable: >> /var/qmail/bin/qmail-smtpd >> WARNING(smtp-auth-level): Authentication command is owned by root but >> not setuid. Some require being setuid root to read system passwords: >> /var/qmail/bin/qmail-smtpd >> SUCCESS(tls-certificate-file): Opened for reading: >> /var/qmail/control/servercert.pem >> SUCCESS(tls-certificate-file): Certificate and key loaded; SSL/TLS >> library successfully initialized >> ERROR: Tests complete. Errors detected. >> >> >> >> _______________________________________________ >> spamdyke-users mailing list >> [email protected] >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> >> > _______________________________________________ > spamdyke-users mailing list > [email protected] > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > > _______________________________________________ > spamdyke-users mailing list > [email protected] > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > _______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
