Sendmail still running behind mailscanner?
kfliong
kfliong at WOFS.COM
Wed Apr 7 07:34:06 IST 2004
Hi,
I am using sendmail as the MTA for MailScanner. I always had problem of
mails being received that Mailscanner didn't go through. I then tried a lot
of things which I have forgotten what. One thing I did notice is this
problem almost went away after I upgraded my Ensim to Ensim Pro and when I
updated mailscanner+spamassassin+clamAV. Now I am running MailScanner
4.29.3-1, SA 2.61 and clamAV 0.70.
I always knew there are still some mails going back of MailScanner when I
have to kill sendmail process whenever I stop MailScanner.
Here is one example sendmail I found even after I stopped MailScanner.
# service MailScanner stop
Shutting down MailScanner daemons:
MailScanner: [ OK ]
incoming sendmail: [ OK ]
outgoing sendmail: [ OK ]
after stopping a few times,
# service MailScanner status
Checking MailScanner daemons:
MailScanner: [FAILED]
incoming sendmail: [FAILED]
outgoing sendmail: [FAILED]
# ps -aux | grep sendmail
root 15454 0.0 0.4 5356 2096 ? S 12:56 0:00 sendmail: server
root 15485 0.0 0.4 5624 2104 ? S 12:56 0:00 sendmail:
./i37Gu
root 8023 0.0 0.4 5356 2096 ? S 13:51 0:00 sendmail: server
root 8055 0.0 0.4 5624 2132 ? S 13:51 0:00 sendmail:
./i37Hp
root 10895 0.0 0.4 5356 2096 ? S 13:58 0:00 sendmail: server
root 11493 0.0 0.4 5288 2096 ? S 14:00 0:00 sendmail: server
root 11501 0.0 0.4 5556 2104 ? S 14:00 0:00 sendmail:
./i37I0
root 17556 0.0 0.4 5356 2084 ? S 14:15 0:00 sendmail: server
root 20031 0.0 0.4 5356 2096 ? S 14:21 0:00 sendmail: server
root 20149 0.0 0.4 5356 2096 ? S 14:21 0:00 sendmail: server
root 20150 0.0 0.4 5356 2096 ? S 14:21 0:00 sendmail: server
root 20445 0.0 0.4 5356 2096 ? S 14:22 0:00 sendmail: server
root 29028 0.0 0.4 5356 2464 ? S 14:45 0:00 sendmail: server
root 29030 0.0 0.4 5356 2464 ? S 14:45 0:00 sendmail: server
root 29735 0.0 0.5 5624 2616 ? S 14:46 0:00 sendmail:
./i37Ik
root 29738 0.0 0.4 5624 2448 ? S 14:46 0:00 sendmail:
./i37Ik
root 31663 0.0 0.4 5356 2472 ? S 14:52 0:00 sendmail: server
root 31790 0.0 0.5 5624 2672 ? S 14:52 0:00 sendmail:
./i37Iq
root 32141 0.0 0.5 5092 2624 ? S 14:53 0:00 sendmail:
./i35G1
I have to then killall these sendmail processes.
Today, my user complain about having a lot of spams from this same sender.
Here is the header.
>----- Original Message Header -----
>Received: by mail44-haw (MessageSwitch) id 1081306792170200_10902; Wed, 7
>Apr 2004 02:59:52 +0000 (UCT)
>Received: from corp.cirrus.com (unknown [219.95.14.34])
> by mail44-haw.bigfish.com (Postfix) with ESMTP id 311622DA46B
> for <dcom-support at corp.cirrus.com>; Wed, 7 Apr 2004 02:59:43 +0000 (UCT)
>From: enquiries at wofs.com
>To: dcom-support at corp.cirrus.com
>Subject: Re: Your document
>Date: Wed, 7 Apr 2004 10:59:56 +0800
>MIME-Version: 1.0
>Content-Type: multipart/mixed;
> boundary="----=_NextPart_000_0016----=_NextPart_000_0016"
>X-Priority: 3
>X-MSMail-Priority: Normal
>Message-Id: <20040407025943.311622DA46B at mail44-haw.bigfish.com>
But I have checked for mails that comes from this sender and all I get are
mails that are tagged as spam and already filtered out. So, the user
shouldn't be receiving any of these mails. But he is still getting those
mails. Even as I type this mail. Therefore I can conclude that the mails
actually didn't go through mailscanner.
I tried looking at the maillogs but I don't know what exactly to look for.
I even blacklisted that email address in MailScanner.conf. But still their
mails keep on flooding in like 1 every minute.
Any ideas??
Thanks in advance.
More information about the MailScanner
mailing list