smtpd questions

Ruthiness · Postby **Ruthiness** » Fri Feb 01, 2008 12:59 pm

I did an lsof -i:25 and got this output - problem with the last connection? Also why do I have the second interface (10.48.x.x) on this box listening on port 25? And what is the last line from???? should I have uncommented SUBMIT=ON?

[root@mailpa scripts]# lsof -i:25
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
sendmail 349 root 4u IPv4 1066048 TCP localhost.localdomain:smtp (LISTEN)
omsmtpd 16993 root 4u IPv4 39614100 TCP mailpa.maindomain.com:smtp (LISTEN)
omsmtpd 16993 root 5u IPv4 39614101 TCP backup.maindomain.com:smtp (LISTEN)
omsmtpd 16993 root 15u IPv4 39614750 TCP

mailpa.maindomian.com:smtp->240.sub-75-201-20.myvzw.com:49186 (ESTABLISHED)

[root@mailpa scripts]# more /etc/hosts

# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
10.49.1.xxx mailpa.maindomaincom mailpa
10.48.1.xxx backup.maindomain.com backup

The smtpd.cfg file:

EXTENSIONS=AUTH,DSN,8BITMIME
GREETING=SMTPd

# Uncomment the following lines to enable the Submission and LMTP listeners
#SUBMIT=ON
#LMTP=ON

DEBUG_LOG=FALSE

# NB Authenticated RELAYs are always allowed
SMTPFILTER=TRUE
RELAY accept 127.0.0.1
RELAY accept .maindomain.com
AUTH_SUCCESS Accept ALL
AUTH_MISMATCH Log_Reject ALL
RELAY Log_Reject ALL

# extra rules added to prevent open relay usage
RECIPIENT Log_Reject *@*@*
RECIPIENT Log_Reject *%*
RECIPIENT Log_Reject *!*
RECIPIENT Log_Reject *#*@*

# The following group sets the configuration for the submission listener
# This listener is only active if SUBMIT=ON is above
# By default it binds to port 587
[SUBMIT]

CATCH @maindomain.com catchall@maindomain.com
CATCH @olddomain.com catchall@maindomain.com
#LISTEN=localhost:587
# Reject all anonymous connections
ANONYMOUS Log_Reject ALL

# The following group sets the configuration for the lmtp listener
# This listener is only active if LMTP=ON is above
[LMTP]
LISTEN=localhost:24
# Use the following line to listen on a unix domain socket
#LISTEN=~/tmp/lmtp.unix

We are also having slowness when sending mail through Scalix as outgoing server.

I need to be sure I have smtpd setup correctly, that it is not an open relay and it is not a bottleneck for users to send mail out via the Internet. We want them to have to authenticate as valid users to use it as a relay.

mikevl · Postby **mikevl** » Sat Feb 02, 2008 5:05 am

Hi

Hmmmm
omsmtpd 16993 root 4u IPv4 39614100 TCP mailpa.maindomain.com:smtp (LISTEN)
omsmtpd 16993 root 5u IPv4 39614101 TCP backup.maindomain.com:smtp (LISTEN)
this is an issue
There only should be two listeners on your server
1 Sendmail listens to 12.0.0.1 to the unix.out process to send mails out of the server
2 omsmtpd listens to port 25 on your server for incomming mails
this is the one that give the Scalix greeting when you telnet into the server

Look in your sendmail.mc for the line
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl

make sure there are no other entries which specify your server ip

Mike

Ruthiness · Postby **Ruthiness** » Mon Feb 04, 2008 9:04 pm

I have that exact DAEMON_OPTIONS line in sendmail.mc and also these:

MAILER(smtp)dnl
MAILER(procmail)dnl
MAILER(scalix)dnl

INPUT_MAIL_FILTER(`clmilter',`S=local:/var/run/clamav/clamav-milter.sock,F=, T=S:4m;R:4m')dnl
define(`confINPUT_MAIL_FILTERS', `clmilter')dnl

INPUT_MAIL_FILTER(`spamassassin',`S=local:/var/run/spamass-milter/spamass-milter.sock, F=, T=C:15m;S:4m;R:4m;E:
10m')dnl

So how is the other interface (backup) listening on port 25 do you think?

mikevl · Postby **mikevl** » Mon Feb 04, 2008 9:27 pm

Hi

Had the same issue just two days ago

[root@mailpa scripts]# lsof -i:25
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
sendmail 349 root 4u IPv4 1066048 TCP localhost.localdomain:smtp (LISTEN)
omsmtpd 16993 root 4u IPv4 39614100 TCP mailpa.maindomain.com:smtp (LISTEN)
omsmtpd 16993 root 5u IPv4 39614101 TCP backup.maindomain.com:smtp (LISTEN)
omsmtpd 16993 root 15u IPv4 39614750 TCP

kill - 9 16993
omoff -d 0 smtd
omon smtpd

A few unterminated processes for SWA I suspected at the time

Can you post the output of
more /etc/hosts

Mike

mikevl · Postby **mikevl** » Mon Feb 04, 2008 9:31 pm

Hi

Sorry you need to delete the backup entry from /etc/hosts. Unless this is a clustered config. But it hosts does not have enough entries in it for that.

Is there a reason for the backup entry?

Mike

Ruthiness · Postby **Ruthiness** » Mon Feb 04, 2008 10:17 pm

Well I added the backup entry to define the second interface that is used for backups. I will remove it and see if it causes a problem with the nfs mount to the NAS box. Probably not.

Ruthiness · Postby **Ruthiness** » Mon Feb 04, 2008 10:19 pm

The thing is - Scalix should not bind to interfaces except for the main one which is the 10.49.x.x interface. The backup entry in /etc/hosts is on 10.48.x.x. I can remove it - but the bigger question I have is - how can I get Scalix to just listen on localhost for 10.49.x.x subnet?

Ruthiness · Postby **Ruthiness** » Mon Feb 04, 2008 10:23 pm

I removed the host entry in /etc/hosts for the backup host on 10.48.x.x and now with lsof -i:25 I get it bound to the 10.48.x.x IP address after a long delay...

So removing from /etc/hosts did not prevent it from listening on, essentially, eth1. I want it to only listen on eth0...

Any ideas?

mikevl · Postby **mikevl** » Mon Feb 04, 2008 10:41 pm

Hi

If you play with the hosts then you may need to be carefull and do
lsof -i : 25

Kill processes which are not sendmail bound to 127.0.0.1
then
omoff -d 0 smtpd
omon smtpd

lsof -i :25

To be sure of each step is creating the desired result

Mike

Ruthiness · Postby **Ruthiness** » Mon Feb 04, 2008 10:46 pm

umm.. this looks not good - output of lsof -i:25

omsmtpd 25024 root 4u IPv4 42581710 TCP mailpa.ourdomain.com:smtp (LISTEN)
omsmtpd 25024 root 5u IPv4 42581711 TCP 10.48.xx.xx:smtp (LISTEN)
omsmtpd 25024 root 6u IPv4 42586767 TCP mailpa.ourdomain.com:smtp->58.39.47.80:49782 (ESTABLISHED)
omsmtpd 25024 root 10u IPv4 42586771 TCP mailpa.ourdomain.com:smtp->ppp89-110-22-54.pppoe.avangarddsl.ru:31334 (ESTABLISHED)

I killed pid 25024 and restarted.. omsmtpd is till binding to eth1 which is 10.48.x.x

eth0 is the one that maps to our external domain through the firewall.

We do NOT want eth1 involved with Scalix or sendmail at all...

How to fix?

mikevl · Postby **mikevl** » Mon Feb 04, 2008 11:02 pm

Hi

Ok for testing purposes take eth1 down

ifconfig eth1 down

then
omoff -d 0 smtpd
omon smtpd
lsof -i :25

Try this

Mike

Ruthiness · Postby **Ruthiness** » Mon Feb 04, 2008 11:09 pm

I am betting it will not bind to eth1 if it is "down" however, what about if the machine is rebooted, it will once again bind to eth1.

I need to prevent it from doing that without tricks. I will try it.... but perhaps it will bind to eth1 again once I bring it up.

Ruthiness · Postby **Ruthiness** » Mon Feb 04, 2008 11:15 pm

As I would expect, with eth1 down, smtpd does not bind to eth1 and it does not bind to it even after I bring it up again..

So what does this tell us? If eth1 is up it will bind to it with omstpd. How do I get it to not do that?

mikevl · Postby **mikevl** » Mon Feb 04, 2008 11:50 pm

Hi

I wonder if we have lost the plot here.
OK SMTPD is binding to both NICS but is that in itself causing the service to stop?
Was the origional issue that a few extr processes were running causing the service to stop. We cleared the rogue processes and restarted SMTPD.

IS SMTPD stiill stoping of its own accord?

It would hopefully never recieve messages on the backup nic!

Mike

mikevl · Postby **mikevl** » Tue Feb 05, 2008 12:41 am

Hi

One thought. If you wanted you could write a small firewall rule to block port 25 from eth1

Mike

Scalix Forums

smtpd questions

smtpd questions

Who is online