• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Multiple Email

S

Swakoo

Guest
Hi guys,

some of my users complain of multiple mails...

i have not got this problem myself....

u guys know of anything that will cause multiple emails? what should i check to get more info?
 
Look through the mail logs for any indications of errors or problems (I know the log is messy)

/usr/local/psa/var/logs/maillog

If you can track down a date/time (even a close one) and email name or address affected, it makes it much easier to search the log file(s)
 
the same box is giving problem again with multiple emails. My users (a handful only) are complaining that some emails they are sending out are being repeated at the recipients end.

I have re-sync the database, and have told them to note the recipient email address and time sent next time this occur so I can check the log as advised earlier, but what could be the reason?

The only major thing I did to the server was that I upgraded the ram (512->2GB)
 
I check the log

Jun 12 17:00:09 ns3 qmail: 1150102809.609852 starting delivery 4905979: msg 4669494 to remote email address
Jun 12 17:00:09 ns3 qmail: 1150102809.620699 status: local 0/10 remote 149/250
Jun 12 17:00:09 ns3 qmail: 1150102809.623652 warning: trouble opening remote/17/4669523; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.626952 warning: trouble opening remote/13/4669703; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.629957 warning: trouble opening remote/0/4669506; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.633090 warning: trouble opening remote/11/4671978; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.636071 warning: trouble opening remote/13/4669910; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.639068 warning: trouble opening remote/22/4670655; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.642074 warning: trouble opening remote/6/4669535; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.648357 warning: trouble opening remote/6/4669535; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.654472 warning: trouble opening remote/20/4669871; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.658731 warning: trouble opening remote/14/4669474; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.667459 warning: trouble opening remote/12/4672393; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.674923 warning: trouble opening remote/21/4670217; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.678036 warning: trouble opening remote/16/4669453; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.682630 warning: trouble opening remote/1/4670243; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.686688 warning: trouble opening remote/10/4670758; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.689747 warning: trouble opening remote/3/4670107; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.692925 warning: trouble opening remote/6/4670179; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.696007 warning: trouble opening remote/21/4670493; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.699274 warning: trouble opening remote/5/4673766; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.702331 warning: trouble opening remote/16/4669568; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.705319 warning: trouble opening remote/15/4669567; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.708629 warning: trouble opening remote/20/4672539; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.714985 warning: trouble opening remote/2/4672130; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.717975 warning: trouble opening remote/14/4669451; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.720971 warning: trouble opening remote/3/4669532; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.724293 warning: trouble opening remote/9/4669584; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.727273 warning: trouble opening remote/20/4671734; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.730261 warning: trouble opening remote/1/4672083; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.733578 warning: trouble opening remote/17/4669661; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.736546 warning: trouble opening remote/14/4669474; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.739654 warning: trouble opening remote/0/4669506; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.742927 warning: trouble opening remote/14/4671268; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.746625 warning: trouble opening remote/0/4669736; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.753927 warning: trouble opening remote/4/4671994; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.757008 warning: trouble opening remote/16/4669798; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.760062 warning: trouble opening remote/1/4670910; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.763095 warning: trouble opening remote/16/4671017; will try again later
Jun 12 17:00:09 ns3 qmail: 1150102809.766255 starting delivery 4905980: msg 4669494 to remote email address
Click to expand...

If you notice, the email address (masked for privacy reason) is repeated. it repeats many more times down the log

same msg <id>, so i suppose this is the one that was repeated... what's wrong?

a few of my users are having this problem, and their recipients/clients are complaining about the multiple emails.

a check in the log do show the emails being sent out repeatedly..

Update: a few members are now receiving the multiple emails... and at the same time there are cases where they use their gmail account and mail to their account in my PLESK box. they receive ok. but after a while they receive a bounce mail on the gmail account from the PLESK box saying [email protected] is not valid.

Interestingly, they didn't send to such a domain at all.

Getting queer, getting out of hand man... :(

Anyone?
 
Have you checked the perms and ownership of the message files in the /var/qmail/queue/remote directories (the ones listed in the logs) ?

It may be queue corruption, may possibly be temporary and clear itself (or not).

Per Qmail docs:
trouble opening ...
qmail-send was unable to open the list of local or
remote recipients for a message. It will try again
later.
Click to expand...
Also see: this link for more possible causes.
 
Jun 13 13:55:39 ns3 qmail: 1150178139.299254 warning: trouble opening remote/17/4671202; will try again later
Jun 13 13:55:39 ns3 qmail: 1150178139.302241 warning: trouble opening remote/8/4671745; will try again later
Jun 13 13:55:39 ns3 qmail: 1150178139.305603 warning: trouble opening remote/18/4673687; will try again later
Jun 13 13:55:39 ns3 qmail: 1150178139.308627 warning: trouble opening remote/8/4670296; will try again later
Jun 13 13:55:39 ns3 qmail: 1150178139.312762 warning: trouble opening remote/7/4671399; will try again later
Jun 13 13:55:39 ns3 qmail: 1150178139.327260 warning: trouble opening remote/17/4669799; will try again later
Jun 13 13:55:39 ns3 qmail: 1150178139.332798 starting delivery 716706: msg 4669583 to remote [email protected]
Jun 13 13:55:39 ns3 qmail: 1150178139.335777 status: local 0/10 remote 87/250
Jun 13 13:55:39 ns3 qmail: 1150178139.338764 starting delivery 716707: msg 4669583 to remote [email protected]
Jun 13 13:55:39 ns3 qmail: 1150178139.341732 status: local 0/10 remote 88/250
Jun 13 13:55:39 ns3 qmail: 1150178139.344806 warning: trouble opening remote/12/4669840; will try again later
Jun 13 13:55:39 ns3 qmail: 1150178139.347803 starting delivery 716708: msg 4669633 to remote [email protected]
Jun 13 13:55:39 ns3 qmail: 1150178139.350790 status: local 0/10 remote 89/250
Jun 13 13:55:39 ns3 qmail: 1150178139.353762 starting delivery 716709: msg 4669674 to remote [email protected]
Jun 13 13:55:39 ns3 qmail: 1150178139.356861 status: local 0/10 remote 90/250
Jun 13 13:55:39 ns3 qmail: 1150178139.359877 starting delivery 716710: msg 4669583 to remote [email protected]
Jun 13 13:55:39 ns3 qmail: 1150178139.362862 status: local 0/10 remote 91/250
Jun 13 13:55:39 ns3 qmail: 1150178139.365831 starting delivery 716711: msg 4669633 to remote [email protected]
Jun 13 13:55:39 ns3 qmail: 1150178139.368947 status: local 0/10 remote 92/250
Jun 13 13:55:39 ns3 qmail: 1150178139.371928 starting delivery 716712: msg 4669633 to remote [email protected]
Jun 13 13:55:39 ns3 qmail: 1150178139.374891 status: local 0/10 remote 93/250
Jun 13 13:55:39 ns3 qmail: 1150178139.377874 warning: trouble opening remote/17/4669799; will try again later
Jun 13 13:55:39 ns3 qmail: 1150178139.380872 warning: trouble opening remote/17/4669799; will try again later
Jun 13 13:55:39 ns3 qmail: 1150178139.384006 warning: trouble opening remote/6/4671467; will try again later
Jun 13 13:55:39 ns3 qmail: 1150178139.386995 warning: trouble opening remote/11/4674508; will try again later
Jun 13 13:55:39 ns3 qmail: 1150178139.389977 warning: trouble opening remote/22/4674542; will try again later
Jun 13 13:55:39 ns3 qmail: 1150178139.392966 warning: trouble opening remote/15/4671177; will try again later
Click to expand...

even saw one line that said this!
Jun 12 17:00:25 ns3 qmail: 1150102825.527351 warning: trouble marking remote/0/4669483; message will be delivered twice!
Click to expand...

checked the log and the directory, but don even see the message file, probably because it got sent out successfully. But otherwise those that I see there all belonged to qmails:qmail.

This problem has been around since last friday.

Read the link at WHT but my server didn't crashed recently. I just down it to upgrade the ram. proper shutdown. could that be a cause too? But the load on my server, even after upgrading the ram, averages around 2.5 consistently

before that it could hit up to 5!

And as mentioned, the other weird thing we realised is that sometimes, when people send to email accounts on the PLESK machine, sometimes only, the mail sent do get successfuly recevied by the user (PLESK). But after a while, the person who sent it will get a bounce message from PLESK machine saying that the email [email protected] is not valid, when the user didn't even send to that address....

weird...
 
anyone with the same problem and a solution?

Been googling, not much people listed this problem and even so, no solutions...

hmm perplexing indeed...
 
Since it only started after upgrading RAM, what about the possibility of bad RAM modules? I know it's not very likely, but you should consider the possibility
And as mentioned, the other weird thing we realised is that sometimes, when people send to email accounts on the PLESK machine, sometimes only, the mail sent do get successfuly recevied by the user (PLESK). But after a while, the person who sent it will get a bounce message from PLESK machine saying that the email [email protected] is not valid, when the user didn't even send to that address....
Click to expand...
This might support the theory of Qmail queue corruption of some sort
 
Right now.. I am checking the logs real hard...

so far... only 1 user is complaining that the emails they send out are being repeated at the recipients end.

4 others are complaining that they are receiving multiple emails. interestingly, all 4 don have POP accounts in my PLESK box. Rather their account in the PLESK is only a forwarding account, which goes to GMail.

Any link?

Anyway I need help intepreting log.

Because I am armed with all the repeated emails: I got their recipients, sender, subject and date/time stamp of the email

But the log only shows delivery id, message id, and recipient address.. and sender

by ID number only, sometime abit hard to track the multiple email properly.... or am i not appreciating the log enough?

and i realise smtp authentication is not working despite it being on
http://forum.swsoft.com/showthread.php?s=&threadid=34324

anyone?

Update: again repeated mail and i saw it in the log....
I first trace by recipient email address (external domain), then I trace the messageid and true enough it repeats itself consisitently... but in between i don see any entries mentioning that message ID... just alot of the below quoted entries
Jun 15 11:51:02 ns3 qmail: 1150343462.365211 warning: trouble opening local/5/4669764; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.376736 warning: trouble opening remote/14/4670509; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.383665 warning: trouble opening local/18/4670007; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.387431 warning: trouble opening remote/17/4670328; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.391041 warning: trouble opening local/4/4669671; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.394247 warning: trouble opening remote/22/4670103; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.397281 warning: trouble opening local/16/4670074; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.400514 warning: trouble opening remote/11/4669655; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.406301 warning: trouble opening local/19/4670238; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.409295 warning: trouble opening remote/5/4669971; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.412294 warning: trouble opening local/21/4670700; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.415438 warning: trouble opening remote/4/4673006; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.418494 warning: trouble opening local/6/4669466; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.421524 warning: trouble opening remote/6/4672824; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.424533 warning: trouble opening local/21/4671137; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.427667 warning: trouble opening remote/11/4669655; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.430859 warning: trouble opening local/10/4669792; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.435112 warning: trouble opening remote/6/4672548; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.438535 warning: trouble opening local/19/4670606; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.441758 warning: trouble opening remote/6/4672686; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.444848 warning: trouble opening local/19/4670008; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.447982 warning: trouble opening remote/9/4669906; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.451160 warning: trouble opening local/21/4670700; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.454862 warning: trouble opening remote/6/4670708; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.457947 warning: trouble opening local/15/4669452; will try again later
Jun 15 11:51:02 ns3 qmail: 1150343462.461057 warning: trouble opening remote/6/4672732; will try again later
Click to expand...

Towards the end, there is an entry in the log with the problem email message id
Jun 15 11:52:31 ns3 qmail: 1150343551.109378 warning: trouble opening local/10/4670022; will try again later
Click to expand...

It then attempted to send one more time (but to one less recipient)

then it finally ended

Jun 15 11:53:08 ns3 qmail: 1150343588.915191 end msg 4670022
Click to expand...

And I realise my email servers is sending alot of mail to @netzero.com
i sometimes get bounced email that there are no such recipients on the other end... but i didn't send... am i getting screwed or what man...

thanks guys!
 
@Swakoo
I am in the same boat you are. As such, I am carefully watching this thread. So, thank you for that. And thanks to all those assisting.
 
oh man, that sucks.. yeah.. i hope we can solve this too

anyway i just have another case of a mail send out by my user... the recipient got no less than 20 copies of it.. (some 75!)its more clear here...
this is the start, mail received and starting delivery
Jun 16 10:22:35 ns3 qmail: 1150424555.332485 starting delivery 2694761: msg 4669486 to remote [email protected]
Jun 16 10:22:35 ns3 qmail: 1150424555.335517 status: local 0/10 remote 129/250
Jun 16 10:22:35 ns3 qmail: 1150424555.338515 delivery 2694760: deferral: Connected_to_64.136.28.83_but_greeting_failed./Remote_host_said:_550_Access_denied...4370514115218de1652539393834250404c18029ad60c19dd99d05d5d960bd05a10d.../
Jun 16 10:22:35 ns3 qmail: 1150424555.341523 status: local 0/10 remote 128/250
Click to expand...

Then as you guys can see... it is repeating but with no other message for the same message id: one page full of log
Jun 16 10:22:35 ns3 qmail: 1150424555.778295 status: local 0/10 remote 129/250
Jun 16 10:22:35 ns3 qmail: 1150424555.781635 starting delivery 2694763: msg 4669486 to remote [email protected]
Jun 16 10:22:35 ns3 qmail: 1150424555.784644 status: local 0/10 remote 130/250
Jun 16 10:22:35 ns3 qmail: 1150424555.787629 warning: trouble opening remote/1/4669668; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.790948 warning: trouble opening remote/9/4669745; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.793941 starting delivery 2694764: msg 4669486 to remote [email protected]
Jun 16 10:22:35 ns3 qmail: 1150424555.796928 status: local 0/10 remote 131/250
Jun 16 10:22:35 ns3 qmail: 1150424555.800240 warning: trouble opening remote/14/4671889; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.803465 warning: trouble opening remote/15/4669659; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.806778 warning: trouble opening remote/12/4670001; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.809864 starting delivery 2694765: msg 4669486 to remote [email protected]
Jun 16 10:22:35 ns3 qmail: 1150424555.812946 status: local 0/10 remote 132/250
Jun 16 10:22:35 ns3 qmail: 1150424555.816124 warning: trouble opening remote/21/4669619; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.819145 warning: trouble opening remote/10/4673725; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.822124 warning: trouble opening remote/0/4672841; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.825265 warning: trouble opening remote/11/4672024; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.828423 starting delivery 2694766: msg 4669486 to remote [email protected]
Jun 16 10:22:35 ns3 qmail: 1150424555.831634 status: local 0/10 remote 133/250
Jun 16 10:22:35 ns3 qmail: 1150424555.837649 warning: trouble opening remote/10/4670091; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.841038 warning: trouble opening remote/5/4669672; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.844686 warning: trouble opening remote/1/4669668; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.847703 warning: trouble opening remote/12/4671864; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.850970 warning: trouble opening remote/16/4670097; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.854061 warning: trouble opening remote/10/4669654; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.857095 warning: trouble opening remote/12/4669863; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.860092 warning: trouble opening remote/5/4669672; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.863099 warning: trouble opening remote/13/4669565; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.866119 warning: trouble opening remote/13/4669565; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.869285 warning: trouble opening remote/14/4676282; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.874466 warning: trouble opening remote/12/4669564; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.879129 warning: trouble opening remote/4/4670798; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.882683 warning: trouble opening remote/10/4669654; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.885670 warning: trouble opening remote/10/4670574; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.888662 starting delivery 2694767: msg 4669486 to remote [email protected]
Jun 16 10:22:35 ns3 qmail: 1150424555.892013 status: local 0/10 remote 134/250
Jun 16 10:22:35 ns3 qmail: 1150424555.895122 warning: trouble opening remote/8/4672067; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.898369 warning: trouble opening remote/13/4669565; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.901351 starting delivery 2694768: msg 4669486 to remote [email protected]
Jun 16 10:22:35 ns3 qmail: 1150424555.904349 status: local 0/10 remote 135/250
Jun 16 10:22:35 ns3 qmail: 1150424555.907827 warning: trouble opening remote/17/4669822; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.910850 starting delivery 2694769: msg 4669486 to remote [email protected]
Jun 16 10:22:35 ns3 qmail: 1150424555.913845 status: local 0/10 remote 136/250
Jun 16 10:22:35 ns3 qmail: 1150424555.916985 warning: trouble opening remote/14/4669612; will try again later
Click to expand...

It finally ends...
Jun 16 10:22:35 ns3 qmail: 1150424555.822124 warning: trouble opening remote/0/4672841; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.825265 warning: trouble opening remote/11/4672024; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.828423 starting delivery 2694766: msg 4669486 to remote [email protected]
Jun 16 10:22:35 ns3 qmail: 1150424555.831634 status: local 0/10 remote 133/250
Jun 16 10:22:35 ns3 qmail: 1150424555.837649 warning: trouble opening remote/10/4670091; will try again later
Jun 16 10:22:35 ns3 qmail: 1150424555.841038 warning: trouble opening remote/5/4669672; will try again later
Jun 16 10:22:37 ns3 qmail: 1150424557.032240 warning: trouble opening remote/9/4669745; will try again later
Jun 16 10:22:37 ns3 qmail: 1150424557.035946 warning: trouble opening remote/3/4669693; will try again later
Jun 16 10:22:37 ns3 qmail: 1150424557.039055 warning: trouble opening remote/13/4669703; will try again later
Jun 16 10:22:37 ns3 qmail: 1150424557.042573 warning: trouble opening remote/9/4669745; will try again later
Jun 16 10:22:37 ns3 qmail: 1150424557.045693 warning: trouble opening remote/11/4669839; will try again later
Jun 16 10:22:37 ns3 qmail: 1150424557.049614 warning: trouble opening remote/13/4670301; will try again later
Jun 16 10:22:37 ns3 qmail: 1150424557.057349 warning: trouble opening remote/20/4674402; will try again later
Jun 16 10:22:38 ns3 qmail: 1150424558.707827 warning: trouble opening remote/13/4673544; will try again later
Jun 16 10:22:38 ns3 qmail: 1150424558.710854 warning: trouble opening remote/22/4669758; will try again later
Jun 16 10:22:38 ns3 qmail: 1150424558.713977 warning: trouble opening remote/10/4673886; will try again later
Jun 16 10:22:38 ns3 qmail: 1150424558.717155 warning: trouble opening remote/22/4669459; will try again later
Jun 16 10:22:38 ns3 qmail: 1150424558.720516 warning: trouble opening remote/18/4669616; will try again later
Jun 16 10:22:38 ns3 qmail: 1150424558.723608 warning: trouble opening remote/7/4676068; will try again later
Jun 16 10:22:38 ns3 qmail: 1150424558.726748 warning: trouble opening remote/1/4669691; will try again later
Jun 16 10:22:38 ns3 qmail: 1150424558.729818 warning: trouble opening remote/6/4673537; will try again later
Jun 16 10:22:38 ns3 qmail: 1150424558.732878 warning: trouble opening remote/3/4669601; will try again later
Jun 16 10:22:38 ns3 qmail: 1150424558.735938 warning: trouble opening remote/7/4670709; will try again later
Jun 16 10:22:38 ns3 qmail: 1150424558.739193 starting delivery 2694800: msg 4669476 to remote [email protected] --> alot of this domain, spam?
Jun 16 10:22:38 ns3 qmail: 1150424558.742396 status: local 0/10 remote 158/250
Jun 16 10:22:38 ns3 qmail: 1150424558.745464 delivery 2694793: deferral: Connected_to_64.136.20.83_but_greeting_failed./Remote_host_said:_550_Access_denied...27f595a9b1a93dad603565a435b499b49954ddb5c121f46d406d415d40214541c47d.../
Jun 16 10:22:38 ns3 qmail: 1150424558.748526 status: local 0/10 remote 157/250
Jun 16 10:22:38 ns3 qmail: 1150424558.751776 delivery 2694791: deferral: Connected_to_64.136.28.83_but_greeting_failed./Remote_host_said:_550_Access_denied...555feba7e33e8e6b1b335a5a9bbbbb777e37af4a93aa9f7e137eabdf13aad3ab5e1a.../
Jun 16 10:22:38 ns3 qmail: 1150424558.754784 status: local 0/10 remote 156/250
Jun 16 10:22:38 ns3 qmail: 1150424558.757835 delivery 2694766: success: 203.127.255.1_accepted_message./Remote_host_said:_250_2.0.0_k5G2a8eR024751_Message_accepted_for_delivery/
Jun 16 10:22:38 ns3 qmail: 1150424558.760829 status: local 0/10 remote 155/250
Jun 16 10:22:38 ns3 qmail: 1150424558.763896 end msg 4669486 --> finally it ends!
Click to expand...

headche....

i also realise its more of emails with attachment... some kind of bug?
 
I ran chkrootkit

only one suspicious thing:

Checking `bindshell'... INFECTED (PORTS: 465)

problem?
 
Guys... just to update:

I inserted the following control files into /var/qmail/control

timeoutremote - 1200
timeoutsmtpd - 1200
timeoutconnect - 60

Switched off Spamassasin and DrWeb earlier too (it didn't affect the load, but i am not using it anyway)

The load on my server went drastically down!
0.10 on average.. where it used to be 2.5-3.5 average ..

and no more multiple emails... not sure if it is the cause to celebrate... but am still observing...
 
Most likely it's the well known 'false positive' which chkrootkit is known for. You should make sure there is actually nothing valid listening on port 465.

Also use RKHunter to scan.

Have you protected your server with either Atomic Secured Linux or at least mod_security? (www.atomicrocketturtle.com)

You should uninstall DrWeb and use clamav/clamd or f-prot instead!
 
If SA is causing too much load, then you need to figure out why:

1. Hardware issue (celeron instead of P4 or Xeon)

2. SA configuration issue

3. Too much spam hitting the server (hardware upgrade needed?)
Remote_host_said:_550_Access_denied
Click to expand...
Have you possibly been blacklisted?
 
james,

i used rkhunter but it had permissioning problem... first time occur such issue. but otherwise nothing much on it

I stop both drweb and spamassasin as i didn't use select the email to be scan by drweb...

and without the spam assasin control panel, i didn't link my mail to be checked...

SA is not causing too much load since its not running on any email accounts... but ever since i set the timeout... the multiple emails have stopped, spam has been cut down alot, and my server load... is LOW! sweet... but any idea why?

blacklisted!? i hope not man.. but i will try those that you mention.. i haven't done any of them.. will give it a look.. and check back here again
 
You didn't post what those timeout values were before you changed them, so I can only speculate endlessly...

Did you resolve the permissions problems? If not, then the RKHunter results may be incomplete or inconclusive.
 
You must log in or register to reply here.

Similar threads

A
Resolved Some emails don't go through
Replies
5
Views
333
andrecab93
A
J
Issue Forwarded Email marked as SPAM by GMAIL
Replies
3
Views
731
jenjohn
J
A
Question Receiving my Forms email from 238237654.t-sender-sib instead of via sendinblue?
Replies
1
Views
2K
ckent701
C
A
Resolved Emails getting put in spam folder or blocked
Replies
6
Views
483
Andye
A
M
Question Issue with plesk backup manager and backups are taking long and not completing
Replies
0
Views
92
maximus99
M
Back
Top