Mail stopped arriving in pop box after package upgrade

DoubleSpeed · May 22, 2012, 3:57pm

Ran a series of package upgrades on the server and since mail has stopped arriving in pop accounts how do I troubleshoot this issue?

In /vat/log/maillog

I can see the mail hitting the server see…

May 22 16:50:12 servername postfix/local[18134]: B2D6754EA1: to=sales.btw@domain.co.uk, orig_to=sales@domain.co.uk, relay=local, delay=3.8, delays=0.04/0.01/0/3.8, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME)
May 22 16:50:12 servername postfix/qmgr[1207]: B2D6754EA1: removed
May 22 16:50:12 servername spamd[1146]: prefork: child states: II

However I don’t think it’s getting into the pop box?

Eric · May 22, 2012, 4:36pm

Howdy,

That part looks good – the next step would be to review the procmail logs to see where it was actually delivered.

You can do that by looking in /var/log/procmail.log.

-Eric

DoubleSpeed · May 22, 2012, 6:16pm

Folder: /var/mail/sales.btw 1977
Time:1337700731 From:sales@domain.co.uk To:sales@domain.co.uk User:sales.btw Size:1977 Dest:/var/mail/sales.btw Mode:None
From Chris@sender.co.uk Tue May 22 16:50:08 2012
Subject: test
Folder: /var/mail/sales.btw 10655
Time:1337701812 From:Chris@sender.co.uk To:sales@domain.co.uk User:sales.btw Size:10655 Dest:/var/mail/sales.btw Mode:None

Eric · May 22, 2012, 9:40pm

Hmm, that may be a problem with the procmailrc… can you paste in the contents of your /etc/procmailrc file? Thanks!

-Eric

DoubleSpeed · May 22, 2012, 9:50pm

LOGFILE=/var/log/procmail.log
TRAP=/etc/webmin/virtual-server/procmail-logger.pl
:0wi
VIRTUALMIN=|/etc/webmin/virtual-server/lookup-domain.pl $LOGNAME
EXITCODE=$?
:0

?/usr/bin/test “$EXITCODE” = “73”
/dev/null
EXITCODE=0
:0
?/usr/bin/test “$VIRTUALMIN” != “”
{
INCLUDERC=/etc/webmin/virtual-server/procmail/$VIRTUALMIN
}
ORGMAIL=/var/mail/$LOGNAME
DEFAULT=/var/mail/$LOGNAME
DROPPRIVS=yes
:0
$DEFAULT
:0
$DEFAULT

Eric · May 22, 2012, 10:01pm

Ah, yeah, those ORGMAIL and DEFAULT paths are incorrect. You can get that fixed up by setting them like this:


ORGMAIL=$HOME/Maildir/
DEFAULT=$HOME/Maildir/

DoubleSpeed · May 23, 2012, 4:07pm

Thanks for this, now looking back I realise that I’ve had this exact same issue before, what can I do to stop this from happening again?

Eric · May 23, 2012, 5:19pm

Well, that shouldn’t normally happen – I hadn’t ever had that occur on one of my servers. So I’m not sure what might be causing that.

Do you happen to have a list of what packages updates were recently performed?

Also, which distribution/version are you using?

And do you have any third party repositories enabled?

-Eric

DoubleSpeed · May 23, 2012, 5:24pm

Is there a package update log that will tell me which have been updated?

Eric · May 23, 2012, 6:01pm

Yup! But where it is depends on the questions I asked above (in particular, your distro/version, but also knowing whether you have third party repositories enabled would really help)

-Eric

DoubleSpeed · May 23, 2012, 6:14pm

Sorry I’ve only added one extra repository as far as I know which is the bleeding edge one…

Operating system CentOS Linux 5.6
Webmin version 1.585
Virtualmin version 3.92.gpl GPL

Eric · May 23, 2012, 7:34pm

Aha, perfect!

You can determine what packages were recently installed by reviewing “/var/log/yum.log”.

Also, what output do you receive if you type this command:

ls /etc/yum.repos.d/*.repo

DoubleSpeed · May 23, 2012, 7:39pm

ls /etc/yum.repos.d/*.repo

Gives…

/etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Vault.repo
/etc/yum.repos.d/CentOS-Debuginfo.repo /etc/yum.repos.d/virtualmin-bleed.repo
/etc/yum.repos.d/CentOS-Media.repo /etc/yum.repos.d/virtualmin.repo

/var/log/yum.log =
May 21 09:56:11 Updated: 30:bind-libs-9.3.6-20.P1.el5.x86_64 May 21 09:56:11 Updated: 30:bind-9.3.6-20.P1.el5.x86_64 May 21 09:56:11 Updated: 30:caching-nameserver-9.3.6-20.P1.el5.x86_64 May 21 09:56:12 Updated: 30:bind-utils-9.3.6-20.P1.el5.x86_64 May 21 09:56:33 Updated: clamav-filesystem-0.97.3-1.vm.el5.centos.x86_64 May 21 09:56:33 Updated: clamav-data-0.97.3-1.vm.el5.centos.x86_64 May 21 09:56:34 Updated: clamav-lib-0.97.3-1.vm.el5.centos.x86_64 May 21 09:56:34 Updated: clamav-update-0.97.3-1.vm.el5.centos.x86_64 May 21 09:56:34 Updated: clamav-0.97.3-1.vm.el5.centos.x86_64 May 21 09:56:34 Updated: clamav-server-0.97.3-1.vm.el5.centos.x86_64 May 21 09:56:34 Updated: clamav-server-sysv-0.97.3-1.vm.el5.centos.x86_64 May 21 09:56:42 Updated: 1:httpd-2.2.3-63.1.vm.x86_64 May 21 09:56:42 Updated: 2:mod_ssl-2.2.3-63.1.vm.x86_64 May 21 09:56:54 Updated: 1:httpd-2.2.3-63.1.vm.x86_64 May 21 09:57:00 Updated: mysql-5.0.95-1.el5_7.1.x86_64 May 21 09:57:00 Updated: mysql-5.0.95-1.el5_7.1.i386 May 21 09:57:00 Updated: mysql-devel-5.0.95-1.el5_7.1.i386 May 21 09:57:00 Updated: mysql-devel-5.0.95-1.el5_7.1.x86_64 May 21 09:57:01 Updated: mysql-server-5.0.95-1.el5_7.1.x86_64 May 21 09:57:16 Updated: openssl-0.9.8e-22.el5_8.3.x86_64 May 21 09:57:16 Updated: openssl-0.9.8e-22.el5_8.3.i686 May 21 09:57:16 Updated: openssl-devel-0.9.8e-22.el5_8.3.x86_64 May 21 09:57:26 Updated: 4:perl-5.8.8-38.el5.x86_64 May 21 09:57:28 Updated: 4:perl-5.8.8-32.el5_7.6.i386 May 21 09:57:32 Updated: postgresql-8.1.23-1.el5_7.3.x86_64 May 21 09:57:33 Updated: postgresql-server-8.1.23-1.el5_7.3.x86_64 May 21 09:57:37 Updated: postgrey-1.34-1.noarch May 21 09:57:42 Updated: python-libs-2.4.3-46.el5.x86_64 May 21 09:57:42 Updated: python-2.4.3-46.el5.x86_64 May 21 09:57:47 Updated: ruby-libs-1.8.5-24.el5.x86_64 May 21 09:57:47 Updated: ruby-1.8.5-24.el5.x86_64 May 21 09:57:48 Updated: ruby-libs-1.8.5-24.el5.i386 May 21 09:57:48 Updated: ruby-irb-1.8.5-24.el5.x86_64 May 21 09:57:48 Updated: ruby-devel-1.8.5-24.el5.i386 May 21 09:57:48 Updated: ruby-rdoc-1.8.5-24.el5.x86_64 May 21 09:57:48 Updated: ruby-devel-1.8.5-24.el5.x86_64 May 21 09:57:53 Updated: subversion-1.6.11-10.el5_8.x86_64 May 21 09:57:53 Updated: subversion-1.6.11-10.el5_8.i386 May 21 09:57:53 Updated: mod_dav_svn-1.6.11-10.el5_8.x86_64 May 21 09:58:15 Updated: usermin-1.505-1.noarch May 21 09:58:20 Updated: 2:wbm-security-updates-4.4-1.noarch May 21 09:59:17 Updated: wbm-virtual-server-3.92.gpl-2.noarch May 21 09:59:21 Updated: 2:wbm-virtualmin-awstats-4.7-1.noarch May 21 09:59:25 Updated: 2:wbm-virtualmin-init-2.3-1.noarch May 21 09:59:29 Updated: 2:wbm-virtualmin-registrar-2.1-1.noarch May 21 09:59:35 Updated: 2:wbt-virtual-server-theme-8.4-1.noarch May 21 10:00:26 Updated: webmin-1.585-1.noarch

Eric · May 23, 2012, 8:21pm

Hmm, none of those apps are email related – so in theory, the culprit shouldn’t be any of those.

And as you had mentioned, I don’t see any unusual repositories enabled.

ATM, it seems to be a mystery

-Eric