I'm having an issue sending email from my server. Linux Redhat 9. 2.4 kernel. Qmail. I have vBulletin insalled, from vBulletin's diagnosis section in the admincp, if I send a test email to my @comcast.net account I never get the email. If I send another test email to my @yahoo.com account I get it fine. If I telnet localhost 25 while sshd into my server I can

<Test Sending to @yahoo.com>
[chad@<mydomain> chad]$ telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 localhost.localdomain ESMTP
helo <mydomain>
250 localhost.localdomain
mail from: me@yahoo.com
250 ok
rcpt to: me@yahoo.com
250 ok
data
354 go ahead
To: me@yahoo.com
From: me@yahoo.com
Subject Test Email
this is some email

.
250 ok 1092874965 qp 28551
quit
221 localhost.localdomain
Connection closed by foreign host.

<Test Sending to @comcast.net>
[chad@<mydomain> chad]$ telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 localhost.localdomain ESMTP
helo <mydomain>
250 localhost.localdomain
mail from: me@yahoo.com
250 ok
rcpt to: me@comcast.net
250 ok
data
354 go ahead
To: daltonch@comcast.net
From: white_2kgt@yahoo.com
Subject: Test
this is some test email

.
250 ok 1092875088 qp 28576
quit
221 localhost.localdomain
Connection closed by foreign host.
[chad@<mydomain> chad]$

I receive BOTH emails one to my @yahoo.com and one to my @comcast.net account. How does one explain this or better yet resolve it? I can't for the life of me understand this problem. I've also tried this with a .gov and a .speakeasy.net email domain. None of those domains receive email when sent via the vB software but fine if I just send it via the telnet?

Please help, I'm at my wits end.

thanks,
-c

Originally posted by white_2kgt
[B][chad@<mydomain> chad]$ telnet localhost 25
<snip>
rcpt to: me@yahoo.com
250 ok


your email server is acting as an open relay it seems, do you have port 25 firewalled or somewhat configured to only accept connections from localhost? if you dont i suggest you fix it asap and shut it down while you fix it.

An open relay means anyone can connect to your smtpd and have it send emails, this would cause the ip to be blacklisted so I suggest you kill the smtpd before someone managed to spam thru it.

Originally posted by Noam
your email server is acting as an open relay it seems, do you have port 25 firewalled or somewhat configured to only accept connections from localhost? if you dont i suggest you fix it asap and shut it down while you fix it.

An open relay means anyone can connect to your smtpd and have it send emails, this would cause the ip to be blacklisted so I suggest you kill the smtpd before someone managed to spam thru it.

yes, I'm sure it is. I have it as open as a $2.00 good time in Vegas, at least until I get this email problem solved. Suggestions?

-c

Actually, he is sending mail from localhost (the local machine). So this is not an open relay; localhost should be able to send mail anywhere. Only remote users need to authenticate first. If you can do the same by connecting to port 25 remotedly, then it is an open relay.

Back on track...

Check the qmail log: /var/log/maillog (could be different). Look what happened to the message that you are not receiving. If it is passed to comcast successfully, then it is not a problem on your end; it could be that comcast decided to junk is based on the content...

Log Example:
Aug 18 23:18:19 server qmail: 1092896299.162897 new msg 2910982
Aug 18 23:18:19 server qmail: 1092896299.162951 info msg 2910982: bytes 4102 from <someone@somewhere.com> qp 4250 uid 101
Aug 18 23:18:19 server qmail: 1092896299.167505 starting delivery 1097931: msg 2910982 to remote someone@somewhere.com
Aug 18 23:18:19 server qmail: 1092896299.969485 delivery 1097931: success: 1.1.1.1_accepted_message./Remote_host_said:_250_ok_1092896299_qp_4951/
Aug 18 23:18:19 server qmail: 1092896299.969540 status: local 0/10 remote 1/20
Aug 18 23:18:19 server qmail: 1092896299.969557 end msg 2910982

Yea, that would be another question. How do I enable the maillog? In /var/log I have 5 files maillog, maillog.1, etc. They are all empty.

thanks,
-c

I have this same issue. I have been looking all over the internet and every post I look at gets this far and no one answers.

I am not getting email sent through my server.

my maillogs are also empty.

I am using plesk 7 reloaded as well. but I prefer if someone would help me do this from the command line.

Greetings:

Plesk doesn't keep the maillog in /var/log

Check /etc/syslog.conf for where maillog is located on your server.

You may then want to create a symbolic link from the real location to /var/log/maillog so that you don't have one of those "doh" moments (I had one on my first Plesk server).

Thank you.

Ok what does this error mean? I'm not sure if it has anything to do with my current problem but I do get a lot of bounces from yahoo.

Sep 30 11:53:52 aspen qmail: 1096566832.209571 delivery 541: deferral: 67.28.113.11_failed_after_I_sent_the_message./Remote_host_said:_421_mta194.mail.re2.yahoo.com_Resources_temporarily_unavailable._Please_try_again_later_[#4.16.3]./

Here is the log pertaining to the send itself. I am really new to this can someone help me translate this?

Sep 30 12:05:57 aspen qmail-queue: dwlib[14528]: scan: the message(drweb.tmp.TFAvMC) sent by admin@opportunityone.net to gunther@residualenterprises.com should be passed without checks, because contains uncheckable addresses
Sep 30 12:05:57 aspen qmail: 1096567557.248423 new msg 4326438
Sep 30 12:05:57 aspen qmail: 1096567557.248501 info msg 4326438: bytes 5613 from <admin@opportunityone.net> qp 14529 uid 2020
Sep 30 12:08:04 aspen qmail: 1096567684.225469 delivery 516: deferral: Connected_to_67.28.114.35_but_connection_died._(#4.4.2)/
Sep 30 12:08:04 aspen qmail: 1096567684.225542 status: local 0/10 remote 19/20
Sep 30 12:08:04 aspen qmail: 1096567684.256093 starting delivery 624: msg 4357754 to remote racer1109@yahoo.com
Sep 30 12:08:04 aspen qmail: 1096567684.256115 status: local 0/10 remote 20/20
Sep 30 12:08:15 aspen pop3d: Connection, ip=[24.119.184.67]

In my experience, the "...but connection died" usually means the receiving server is blacklisting, either your IP, the sender's address/domain, or the recipient address.

Can you telnet to the Yahoo! server on port 25 and go through a SMTP session sending an email from yourself to the address you're trying to reach? It might show you where the connection is being dropped - before the HELO, after the HELO, after the MAIL FROM, after the RCPT TO, et al.

I suppose it's possible Yahoo doesn't like your conflicting hostname/PTR record (mail.opportunityone.net / aspen.viviotech.net / poplar.viviotech.net)... AOL has blocked servers for less, so why not Yahoo? :)

I hate to sound stupid but I know how to telnet but how do I the SMTP session part of that test?

Also what do you think about the part above where I sent an email to gunther@residualenterprises.com. This is another domain owned by me but it is on a totally different server and Hoster and all? Did it just get queued?

I really want to know why that one never came through.

Originally posted by gwill23
I hate to sound stupid but I know how to telnet but how do I the SMTP session part of that test?


telnet mail.server.tld 25 <cr>
ehlo my.server.name<cr>
mail from: me@my.domain.tld<cr>
rcpt to: recipient@local.domain.tld<cr>
data<cr>
Subject: whatever you want<cr>
<cr>
Text goes here - "test" is always good. :)<cr>
.<cr> (a period on it's own line)
quit<cr>

You should get "ok" messages at most steps... if not, it may indicate where the problem is.


Also what do you think about the part above where I sent an email to gunther@residualenterprises.com. This is another domain owned by me but it is on a totally different server and Hoster and all? Did it just get queued?


Maybe. You didn't post enough of the log to say for sure. There's a lot going on there:


Sep 30 12:05:57 aspen qmail: 1096567557.248423 new msg 4326438
Sep 30 12:05:57 aspen qmail: 1096567557.248501 info msg 4326438: bytes 5613 from <admin@opportunityone.net> qp 14529 uid 2020


Here's a 5kb message being received by your server from the admin address.


Sep 30 12:08:04 aspen qmail: 1096567684.225469 delivery 516: deferral: Connected_to_67.28.114.35_but_connection_died._(#4.4.2)/
Sep 30 12:08:04 aspen qmail: 1096567684.225542 status: local 0/10 remote 19/20


Here's a seemingly unrelated message attempting to be delivered to Yahoo... and failing.


Sep 30 12:08:04 aspen qmail: 1096567684.256093 starting delivery 624: msg 4357754 to remote racer1109@yahoo.com
Sep 30 12:08:04 aspen qmail: 1096567684.256115 status: local 0/10 remote 20/20


Here's your server starting another delivery to a Yahoo! address, and one of several qmail status messages.


Sep 30 12:08:15 aspen pop3d: Connection, ip=[24.119.184.67]


And here's a completely unrelated logline of someone connecting to check their POP3 box. :)


I really want to know why that one never came through.

Search for the message ID in the qmail logs; grep 4326438 /var/log/maillog (or wherever your mail log is) and post the results.

As an aside, you might want to bump up qmail's remote concurrency limit, if it's pegged at twenty connections a lot.

Also, I'm not sure what the dblib / qmail-queue thing is (outgoing mail scanner?), but if that's a recent addition to your server, you might want to look there for your problem.

you should try to telnet port 25 to the mail server having problem receiving emails from your server from your server

and its actually your windows desktop connects to the sshd at port 22 on your server and the sshd connects to port 25 also on your server, its you -> your server then your server->your server, it accepts relay from any email address to any email address

also include a valid return-path: so that you can get any error messages(if any) either from your server or the destinated server

This is what I got on telnet from ssh:

[root@aspen admin]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 aspen.viviotech.net ESMTP
ehlo mail.opportunityone.net
250-aspen.viviotech.net
250-STARTTLS
250-PIPELINING
250 8BITMIME
mail from:admin@opportunityone.net
250 ok
rcpt to:gunther@residualenterprises.com
250 ok
Subject:test 10
502 unimplemented (#5.5.1)
test 10
502 unimplemented (#5.5.1)
.
502 unimplemented (#5.5.1)
quit
221 aspen.viviotech.net
Connection closed by foreign host.

This is the part of log file you asked for:
[root@aspen admin]# grep 4326438 /usr/local/psa/var/log/maillog
Sep 30 10:11:18 aspen qmail: 1096560678.453601 starting delivery 43: msg 4326438 to remote cvthrivida15@yahoo.com
Sep 30 10:11:24 aspen qmail: 1096560684.402734 end msg 4326438
Sep 30 11:34:37 aspen qmail: 1096565677.337233 new msg 4326438
Sep 30 11:34:37 aspen qmail: 1096565677.337531 info msg 4326438: bytes 4804 from <bounce@opportunityone.net> qp 10565 uid 48
Sep 30 11:34:37 aspen qmail: 1096565677.343461 starting delivery 462: msg 4326438 to local 8-admin@opportunityone.net
Sep 30 11:34:37 aspen qmail: 1096565677.378908 end msg 4326438
Sep 30 11:40:11 aspen qmail: 1096566011.465128 new msg 4326438
Sep 30 11:40:11 aspen qmail: 1096566011.465203 info msg 4326438: bytes 13116 from <brochure0@xtra.co.nz> qp 11533 uid 2020
Sep 30 11:40:11 aspen qmail: 1096566011.470369 starting delivery 499: msg 4326438 to local 6-gunther@guntherwilliams.com
Sep 30 11:40:11 aspen qmail: 1096566011.526889 end msg 4326438
Sep 30 11:48:04 aspen qmail: 1096566484.045565 new msg 4326438
Sep 30 11:48:04 aspen qmail: 1096566484.045744 info msg 4326438: bytes 6537 from <> qp 12381 uid 2522
Sep 30 11:48:04 aspen qmail: 1096566484.049420 starting delivery 517: msg 4326438 to local 8-bounce@opportunityone.net
Sep 30 11:48:04 aspen qmail: 1096566484.370633 end msg 4326438
Sep 30 11:54:47 aspen qmail: 1096566887.654268 new msg 4326438
Sep 30 11:54:47 aspen qmail: 1096566887.654600 info msg 4326438: bytes 6535 from <> qp 12958 uid 2522
Sep 30 11:54:47 aspen qmail: 1096566887.659044 starting delivery 546: msg 4326438 to local 8-bounce@opportunityone.net
Sep 30 11:54:49 aspen qmail: 1096566889.630959 end msg 4326438
Sep 30 11:56:47 aspen qmail: 1096567007.982001 new msg 4326438
Sep 30 11:56:47 aspen qmail: 1096567007.982165 info msg 4326438: bytes 6571 from <> qp 13450 uid 2522
Sep 30 11:56:47 aspen qmail: 1096567007.998677 starting delivery 576: msg 4326438 to local 8-bounce@opportunityone.net
Sep 30 11:56:48 aspen qmail: 1096567008.275894 end msg 4326438
Sep 30 11:57:03 aspen qmail: 1096567023.913738 new msg 4326438
Sep 30 11:57:03 aspen qmail: 1096567023.913887 info msg 4326438: bytes 6537 from <> qp 13469 uid 2522
Sep 30 11:57:03 aspen qmail: 1096567023.933951 starting delivery 585: msg 4326438 to local 8-bounce@opportunityone.net
Sep 30 11:57:04 aspen qmail: 1096567024.273548 end msg 4326438
Sep 30 12:00:34 aspen qmail: 1096567234.835688 new msg 4326438
Sep 30 12:00:34 aspen qmail: 1096567234.835767 info msg 4326438: bytes 41284 from <4c.2c130a36.2dd76950@aol.com> qp 13999 uid 2020
Sep 30 12:00:34 aspen qmail: 1096567234.840492 starting delivery 613: msg 4326438 to local 8-bounce@opportunityone.net
Sep 30 12:00:35 aspen qmail: 1096567235.005768 end msg 4326438
Sep 30 12:00:51 aspen qmail: 1096567251.151769 new msg 4326438
Sep 30 12:00:51 aspen qmail: 1096567251.151843 info msg 4326438: bytes 41942 from <3dangela.gaus@deancare.com> qp 14013 uid 2020
Sep 30 12:00:51 aspen qmail: 1096567251.157584 starting delivery 615: msg 4326438 to local 8-bounce@opportunityone.net
Sep 30 12:00:51 aspen qmail: 1096567251.309389 end msg 4326438
Sep 30 12:03:58 aspen qmail: 1096567438.198289 new msg 4326438
Sep 30 12:03:58 aspen qmail: 1096567438.198396 info msg 4326438: bytes 6551 from <> qp 14061 uid 2522
Sep 30 12:03:58 aspen qmail: 1096567438.222554 starting delivery 619: msg 4326438 to local 8-bounce@opportunityone.net
Sep 30 12:03:58 aspen qmail: 1096567438.627968 end msg 4326438
Sep 30 12:05:57 aspen qmail: 1096567557.248423 new msg 4326438
Sep 30 12:05:57 aspen qmail: 1096567557.248501 info msg 4326438: bytes 5613 from <admin@opportunityone.net> qp 14529 uid 2020

one more thing. I tried to find the config file you talked about that sets the connection limit and I don't know where it is. any ideas?

Also, I have browsed through my queues and some of them are pages and pages of numbers in each folder (ie. 0 1 2 3 etc).

Originally posted by gwill23
This is what I got on telnet from ssh:

[root@aspen admin]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 aspen.viviotech.net ESMTP
ehlo mail.opportunityone.net
250-aspen.viviotech.net
250-STARTTLS
250-PIPELINING
250 8BITMIME
mail from:admin@opportunityone.net
250 ok
rcpt to:gunther@residualenterprises.com
250 ok
Subject:test 10
502 unimplemented (#5.5.1)
test 10
502 unimplemented (#5.5.1)
.
502 unimplemented (#5.5.1)
quit
221 aspen.viviotech.net
Connection closed by foreign host.


You missed "data" before mail from: .


This is the part of log file you asked for:


Hmmn... I'm not real sure what to make of that; the ID number seems to keep getting reused. Qmail does that sometimes; not sure why.

As to the connection limits, it's (for a default install) /var/qmail/control/concurrencyremote . If it doesn't exist, create it in vi or pico with a single line containing the number of concurrent remote processes you'd like to have qmail run at once. We usually use a setting of 50, but YMMV.

The queues are arranged as numbered folders; each contains files with the names of id's of messages in the queue, either remote or local (rare, but it happens). If I recall correctly, /mess contains the body, while /remote contains the recipient headers, but don't quote me on that. :) I'm unaware of the significance of the numbering of the folders, except that qmail seems to work through them in order - it'll queue a message in /0, then /1, /2, /3, and so on, up to /22 or whatever it is.

I just tried to connect to the mailserver in question, and was able to deliver a message just fine, which leads me to believe that they are refusing mail from your domain/server for some reason. Could be wrong, but that's my guess.

Are you having problems delivering mail to everyone, or is it just a few servers? How many messages are in your queue? (run /var/qmail/bin/qmail-qstat to find out).

new telnet test output. I am sending an email from an account on that mail server to another domain hosted at a totally different hosting company. It is my domain and mail usually comes through without a problem. Should have have seen the test mail at gunther@residualenterprises.com?

[root@aspen etrainerco.com]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.opportunityone.net ESMTP
ehlo mail.opportunityone.net
250-mail.opportunityone.net
250-STARTTLS
250-PIPELINING
250 8BITMIME
mail from admin@opportunityone.net
250 ok
rcpt to:gunther@residualenterprises.com
250 ok
data
354 go ahead
Subject: test 10

Test 10
.
250 ok 1096614351 qp 22580
quit
221 mail.opportunityone.net
Connection closed by foreign host.

I don't mind if yahoo is blocking me I can fix that later but I think I should be able to get mail to the address above.

increasing the concurrencyremote nubmber increased the number of qmail-remote processes running.

ok this is a big problem I am sure and probably what is wrong.
[root@aspen control]# /var/qmail/bin/qmail-qstat
messages in queue: 97606
messages in queue but not yet preprocessed: 0

messages in queue is outgoing or incomming? any idea?

The messages in the queue are probably outgoing. Are you receiving mail on that machine OK?

97K messages queued boggles the mind. Server been sluggish lately? :) Is that a realistic volume of email for this server for a short period of time? (That's about four-five days' worth for our busiest mailserver) If not... I don't really know. Bounces from a lot of dictionary attacks?

If your emails are making it to the mailserver for residualenterprises, which they seem to be, then I'd guess the problem lies with the mailserver there. Or a combination of the two.

I really don't know what else to say... I've never had a problem quite like this. When in doubt, recompile qmail, kill it, and restart it. :D

Thanks for your help thus far. Can you clear the queues or look at the queue files to see what the headers are?

qmail-clean seems to be doing the trick. I know the mail won't be delivered but I need to figure this out it is more important. I am sure this is a backlog of email over some time and the large number of bounces I get from yahoo are probably not helping.

Question: shouldn't the value of the 'local' config file be more than localhost? shouldn't it have all the domains hosted on this server?

As far as blacklisting goes I belong to a blacklist service but how does one tell if they are blacklisted at yahoo, aol, msn and such? It seems that once I find out weather qmail is even working to hosts I control that will be the next thing to find out.

is this a good log message or bad. I didn't get it in the mailbox. I can do the telnet thing and it will arrive but this way it doesn't seem to deliver.

Oct 1 09:38:28 aspen qmail: 1096645108.623049 delivery 18: success: 67.28.113.10_accepted_message./Remote_host_said:_250_ok_dirdel/

By the way i got the queues all cleared and I have suspended mailing until I figure this out.

Does qmail hold things in queue if there is no response by the server or a bounce? Does it try multiple times on a bounce?

You said that 97k in queue was 5 days worth of email for your largest server.

How many email, assuming all connections are good, should a server be able to send in a 24 hr period? I send between 18k and 30k per day. At times when I send to my entire list is is 130k.