Emails on HOLD not processed and delivered Still!

Glenn Steen glenn.steen at gmail.com
Thu Dec 4 12:05:07 GMT 2008 

2008/12/3 Arthur Stephens <astephens at ptera.net>:
> OK I am about to shut off MailScanner -
Please don't.... I'm sure we can get this working for you...:).

> Before it was a customers emails that were disappearing. There are a lot of
> these in my logs. :-(
> Now emails to support at ptera.net - which I understandably NEED to get are
> disappearing also.
> Here is the trace in the logs showing that the email is received ( I sent
> this one myself) and put on hold and that is the last we see of it.
And it doesn't somehow end up in the quarantine or somesuch?
Is A4B9B6FB140 still in the hold queue?
>
> [root at mailgate ~]# grep A4B9B6FB140: /var/log/maillog
> Dec  3 12:53:59 mailgate postfix/smtpd[10424]: A4B9B6FB140:
> client=daffy.ptera.net[69.28.32.8]
> Dec  3 12:53:59 mailgate postfix/cleanup[12082]: A4B9B6FB140: hold: header
> Received: from daffy.ptera.net (daffy.ptera.net [69.28.32.8])??by
> mailgate.ptera.net (Postfix) with ESMTP id A4B9B6FB140??for
> <support at ptera.net>; Wed,  3 Dec 2008 12:53:59 -0800 (PST) from
> daffy.ptera.net[69.28.32.8]; from=<astephens at ptera.net>
> to=<support at ptera.net> proto=ESMTP helo=<daffy.ptera.net>
> Dec  3 12:53:59 mailgate postfix/cleanup[12082]: A4B9B6FB140:
> message-id=<4936F88F.9070105 at ptera.net>
> [root at mailgate ~]#
>
> I have upgraded MailScanner to
> This is MailScanner version 4.72.5
This version has a know bug. Do you see any MailScanner process(es)
eating 100% CPU, and ... staying there? If so, you need upgrade to the
latest beta, or find/use the fixed Message.pm file Jules posted rather
recently.

I suspect that bug would _not_ affect whatever is making things ...
not work... for you.
(snip)
> Optional module versions are:
> missing Archive::Tar
> 0.21    bignum
> missing Business::ISBN
> missing Business::ISBN::Data
> missing Data::Dump
> 1.814   DB_File
> 1.13    DBD::SQLite
> 1.56    DBI
> 1.14    Digest
> 1.01    Digest::HMAC
> 2.36    Digest::MD5
> 2.11    Digest::SHA1
> missing Encode::Detect
> missing Error
> missing ExtUtils::CBuilder
> missing ExtUtils::ParseXS
> 2.36    Getopt::Long
> missing Inline
> missing IO::String
> missing IO::Zlib
> missing IP::Country
> missing Mail::ClamAV
> 3.001000        Mail::SpamAssassin
> missing Mail::SPF
> missing Mail::SPF::Query
> missing Module::Build
> missing Net::CIDR::Lite
> 0.63    Net::DNS
> missing Net::DNS::Resolver::Programmable
> missing Net::LDAP
> missing NetAddr::IP
> missing Parse::RecDescent
> missing SAVI
> 2.56    Test::Harness
> missing Test::Manifest
> 1.95    Text::Balanced
> 1.35    URI
> missing version
> missing YAML
>
I usually make sure all tge optional (except SAVI, since I don't use
that) modules are there too, just in case they weren't as optional as
they seem:-).
Might be worth doing for you too.

> I went over the config files again, trying to find stuff not configured etc.
>
> My postfix is version Postfix version 2.3.8
> with this config...
> command_directory = /usr/sbin
> daemon_directory = /usr/libexec/postfix
> inet_interfaces = localhost, 69.28.32.25
> mydestination = mailgate.ptera.net
> myorigin = localhost
Ok... not "ptera.net" then?

> smtpd_banner = mailgate.ptera.net NO UCE ESMTP
> unknown_local_recipient_reject_code = 550
> relay_domains = ptera.net, tylite.com, pdi-inc.com, avistaadvantage.com,
> 134.39.173.11
> transport_maps = hash:/etc/postfix/transport
> alias_maps = hash:/etc/aliases
> alias_database = hash:/etc/aliases
> header_checks = regexp:/etc/postfix/header_checks
> debug_peer_level = 2
> debugger_command =
>    PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
>    xxgdb $daemon_directory/$process_name $process_id & sleep 5
> sendmail_path = /usr/sbin/sendmail.postfix
> newaliases_path = /usr/bin/newaliases.postfix
> mailq_path = /usr/bin/mailq.postfix
> setgid_group = postdrop
> html_directory = /usr/share/doc/postfix-2.3.8-documentation/html
> manpage_directory = /usr/share/man
> sample_directory = /usr/share/doc/postfix-2.2.8/samples
> readme_directory = /usr/share/doc/postfix-2.3.8-documentation/readme
> smtpd_recipient_restrictions =
> reject_invalid_hostname,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_sender_domain,reject_unknown_recipient_domain,reject_unauth_pipelining,reject_rbl_client
> domain-name,reject_unauth_destination,check_policy_service
> inet:127.0.0.1:2501
> receive_override_options = no_address_mappings
> message_size_limit = 46080000
> maximal_queue_lifetime = 1d
> bounce_queue_lifetime = 1d
> smtpd_helo_required = yes
> smtpd_helo_restrictions = permit_mynetworks, permit
> luser_relay = address_mapped_to_dev_null
> disable_vrfy_command = yes
> biff = no
> smtpd_delay_reject = yes
> strict_rfc821_envelopes = yes
> queue_directory = /var/spool/postfix
> mail_owner = postfix
>
You could do some helo checks and possibly a few other things, and I
wonder about the luser relay... Shouldn't be a problem, but...:-). Try
make that an actual local mailbox and see what lands there... If
anything.

Gut feeling, this is something very local to your setup/machines, but
probably relatively insidous....:-).
If you look beyond the mail, do you have anything suspicious in your
syslog? And BTW, greping the log for a specific queue ID isn't really
enough when it comes to PF and MS. You likely need read the complete
log rather thoroughly. Also, If you do split logs, don't just look at
the info part, but also look at the warnings and error logs (syslog
usually carry it all). If you try follow the flow of one message
through the log, via queue ID and PIDs etc, do you see anything ... of
interrest?

Cheers
-- 
-- Glenn
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se

More information about the MailScanner mailing list