Facebook
Twitter
I
ichthy
Guest
I've been running Plesk with no problems on my server for about a year.
Today I found out that all email forwarding on the server is not working. Email "mailboxes" work fine, but email that's supposed to be redirected never gets delivered.
I did the most obvious stuff like rebooting/checking disk space/etc. Here's what I see in the maillog for a vanishing email...
Email sent
From [email protected]
To [email protected]
Plesk set to forward to [email protected]
May 24 14:58:46 myserver qmail-queue: dwlib[1756]: mail: all addreses are uncheckable - need to skip scanning (by deny mode)
May 24 14:58:46 myserver qmail-queue: dwlib[1756]: scan: the message(drweb.tmp.UGFpBg) sent by [email protected] to [email protected] should be passed without checks, beca
use contains uncheckable addresses
May 24 14:58:46 myserver qmail: 1148507926.589064 new msg 6111802
May 24 14:58:46 myserver qmail: 1148507926.589110 info msg 6111802: bytes 1310 from <[email protected]> qp 1757 uid 2020
May 24 14:58:46 myserver qmail: 1148507926.626533 starting delivery 54: msg 6111802 to local [email protected]
May 24 14:58:46 myserver qmail: 1148507926.626580 status: local 1/10 remote 20/20
May 24 14:58:46 myserver qmail-queue: dwlib[1761]: mail: all addreses are uncheckable - need to skip scanning (by deny mode)
May 24 14:58:46 myserver qmail-queue: dwlib[1761]: scan: the message(drweb.tmp.rTCXuN) sent by [email protected] to [email protected] should be passed without checks, because contains uncheckable addresses
May 24 14:58:46 myserver qmail: 1148507926.991796 new msg 6114893
May 24 14:58:46 myserver qmail: 1148507926.991843 info msg 6114893: bytes 1418 from <[email protected]> qp 1762 uid 110
May 24 14:58:47 myserver qmail: 1148507927.020128 delivery 54: success: did_1+1+1/qp_1761/
May 24 14:58:47 myserver qmail: 1148507927.020171 status: local 0/10 remote 20/20
May 24 14:58:47 myserver qmail: 1148507927.020181 end msg 6111802
Any ideas?
Furthermore, this is what I see when I run the following command... ps -ax |grep 'qmail'
I know thousands of spam emails are being sent to the many email addresses on the server, but does this mean our server is being used to send spam?
[root@asdf log]# ps -ax |grep 'qmail'
11073 ? S 0:00 qmail-send
11074 ? S 0:00 splogger qmail
11075 ? S 0:00 qmail-lspawn ./Maildir/
11077 ? S 0:00 qmail-rspawn
11078 ? S 0:00 qmail-clean
14710 ? S 0:00 qmail-remote meet.datingland.co.uk [email protected]
14800 ? S 0:00 qmail-remote meet.love.clubnx.com [email protected]
15100 ? S 0:00 qmail-remote itsower.com [email protected]
15270 ? S 0:00 qmail-remote my.contactos.mibrujula.com [email protected]
15596 ? S 0:00 qmail-remote matrixservice.com [email protected] [email protected]
16041 ? S 0:00 qmail-remote cheating-spouse-software.com [email protected]
16042 ? S 0:00 qmail-remote 00inkjets.com [email protected]
16051 ? S 0:00 qmail-remote lhuh.com [email protected]
16052 ? S 0:00 qmail-remote myglobalnet.net [email protected]
16057 ? S 0:00 qmail-remote 01shoes.com [email protected]
16096 ? S 0:00 qmail-remote netbird.com [email protected]
16117 ? S 0:00 qmail-remote claudiasmail.com [email protected]
16137 ? S 0:00 qmail-remote 00inkjets.com [email protected]
16151 ? S 0:00 qmail-remote cleartouch.com [email protected]
16152 ? S 0:00 qmail-remote lucymail.com [email protected]
16162 ? S 0:00 qmail-remote 1-way.com [email protected]
16169 ? S 0:00 /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true
16178 ? S 0:00 qmail-remote 1-way.com [email protected]
16186 ? S 0:00 qmail-remote wimol.ksc.co.th [email protected]
16204 ? S 0:00 bin/qmail-queue
16217 ? S 0:00 qmail-remote cumbriamail.com [email protected]
16230 ? S 0:00 qmail-remote donau.in-ulm.de [email protected]
16252 pts/0 S 0:00 grep qmail
Today I found out that all email forwarding on the server is not working. Email "mailboxes" work fine, but email that's supposed to be redirected never gets delivered.
I did the most obvious stuff like rebooting/checking disk space/etc. Here's what I see in the maillog for a vanishing email...
Email sent
From [email protected]
To [email protected]
Plesk set to forward to [email protected]
May 24 14:58:46 myserver qmail-queue: dwlib[1756]: mail: all addreses are uncheckable - need to skip scanning (by deny mode)
May 24 14:58:46 myserver qmail-queue: dwlib[1756]: scan: the message(drweb.tmp.UGFpBg) sent by [email protected] to [email protected] should be passed without checks, beca
use contains uncheckable addresses
May 24 14:58:46 myserver qmail: 1148507926.589064 new msg 6111802
May 24 14:58:46 myserver qmail: 1148507926.589110 info msg 6111802: bytes 1310 from <[email protected]> qp 1757 uid 2020
May 24 14:58:46 myserver qmail: 1148507926.626533 starting delivery 54: msg 6111802 to local [email protected]
May 24 14:58:46 myserver qmail: 1148507926.626580 status: local 1/10 remote 20/20
May 24 14:58:46 myserver qmail-queue: dwlib[1761]: mail: all addreses are uncheckable - need to skip scanning (by deny mode)
May 24 14:58:46 myserver qmail-queue: dwlib[1761]: scan: the message(drweb.tmp.rTCXuN) sent by [email protected] to [email protected] should be passed without checks, because contains uncheckable addresses
May 24 14:58:46 myserver qmail: 1148507926.991796 new msg 6114893
May 24 14:58:46 myserver qmail: 1148507926.991843 info msg 6114893: bytes 1418 from <[email protected]> qp 1762 uid 110
May 24 14:58:47 myserver qmail: 1148507927.020128 delivery 54: success: did_1+1+1/qp_1761/
May 24 14:58:47 myserver qmail: 1148507927.020171 status: local 0/10 remote 20/20
May 24 14:58:47 myserver qmail: 1148507927.020181 end msg 6111802
Any ideas?
Furthermore, this is what I see when I run the following command... ps -ax |grep 'qmail'
I know thousands of spam emails are being sent to the many email addresses on the server, but does this mean our server is being used to send spam?
[root@asdf log]# ps -ax |grep 'qmail'
11073 ? S 0:00 qmail-send
11074 ? S 0:00 splogger qmail
11075 ? S 0:00 qmail-lspawn ./Maildir/
11077 ? S 0:00 qmail-rspawn
11078 ? S 0:00 qmail-clean
14710 ? S 0:00 qmail-remote meet.datingland.co.uk [email protected]
14800 ? S 0:00 qmail-remote meet.love.clubnx.com [email protected]
15100 ? S 0:00 qmail-remote itsower.com [email protected]
15270 ? S 0:00 qmail-remote my.contactos.mibrujula.com [email protected]
15596 ? S 0:00 qmail-remote matrixservice.com [email protected] [email protected]
16041 ? S 0:00 qmail-remote cheating-spouse-software.com [email protected]
16042 ? S 0:00 qmail-remote 00inkjets.com [email protected]
16051 ? S 0:00 qmail-remote lhuh.com [email protected]
16052 ? S 0:00 qmail-remote myglobalnet.net [email protected]
16057 ? S 0:00 qmail-remote 01shoes.com [email protected]
16096 ? S 0:00 qmail-remote netbird.com [email protected]
16117 ? S 0:00 qmail-remote claudiasmail.com [email protected]
16137 ? S 0:00 qmail-remote 00inkjets.com [email protected]
16151 ? S 0:00 qmail-remote cleartouch.com [email protected]
16152 ? S 0:00 qmail-remote lucymail.com [email protected]
16162 ? S 0:00 qmail-remote 1-way.com [email protected]
16169 ? S 0:00 /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true
16178 ? S 0:00 qmail-remote 1-way.com [email protected]
16186 ? S 0:00 qmail-remote wimol.ksc.co.th [email protected]
16204 ? S 0:00 bin/qmail-queue
16217 ? S 0:00 qmail-remote cumbriamail.com [email protected]
16230 ? S 0:00 qmail-remote donau.in-ulm.de [email protected]
16252 pts/0 S 0:00 grep qmail
