Ran a series of package upgrades on the server and since mail has stopped arriving in pop accounts how do I troubleshoot this issue?
In /vat/log/maillog
I can see the mail hitting the server see…
May 22 16:50:12 servername postfix/local[18134]: B2D6754EA1: to=sales.btw@domain.co.uk , orig_to=sales@domain.co.uk , relay=local, delay=3.8, delays=0.04/0.01/0/3.8, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME)
May 22 16:50:12 servername postfix/qmgr[1207]: B2D6754EA1: removed
May 22 16:50:12 servername spamd[1146]: prefork: child states: II
However I don’t think it’s getting into the pop box?
Eric
May 22, 2012, 4:36pm
2
Howdy,
That part looks good – the next step would be to review the procmail logs to see where it was actually delivered.
You can do that by looking in /var/log/procmail.log.
-Eric
Folder: /var/mail/sales.btw 1977
Time:1337700731 From:sales@domain.co.uk To:sales@domain.co.uk User:sales.btw Size:1977 Dest:/var/mail/sales.btw Mode:None
From Chris@sender.co.uk Tue May 22 16:50:08 2012
Subject: test
Folder: /var/mail/sales.btw 10655
Time:1337701812 From:Chris@sender.co.uk To:sales@domain.co.uk User:sales.btw Size:10655 Dest:/var/mail/sales.btw Mode:None
Eric
May 22, 2012, 9:40pm
4
Hmm, that may be a problem with the procmailrc… can you paste in the contents of your /etc/procmailrc file? Thanks!
-Eric
LOGFILE=/var/log/procmail.log
TRAP=/etc/webmin/virtual-server/procmail-logger.pl
:0wi
VIRTUALMIN=|/etc/webmin/virtual-server/lookup-domain.pl $LOGNAME
EXITCODE=$?
:0
?/usr/bin/test “$EXITCODE” = “73”
/dev/null
EXITCODE=0
:0
?/usr/bin/test “$VIRTUALMIN” != “”
{
INCLUDERC=/etc/webmin/virtual-server/procmail/$VIRTUALMIN
}
ORGMAIL=/var/mail/$LOGNAME
DEFAULT=/var/mail/$LOGNAME
DROPPRIVS=yes
:0
$DEFAULT
:0
$DEFAULT
Eric
May 22, 2012, 10:01pm
6
Ah, yeah, those ORGMAIL and DEFAULT paths are incorrect. You can get that fixed up by setting them like this:
ORGMAIL=$HOME/Maildir/
DEFAULT=$HOME/Maildir/
Thanks for this, now looking back I realise that I’ve had this exact same issue before, what can I do to stop this from happening again?
Eric
May 23, 2012, 5:19pm
8
Well, that shouldn’t normally happen – I hadn’t ever had that occur on one of my servers. So I’m not sure what might be causing that.
Do you happen to have a list of what packages updates were recently performed?
Also, which distribution/version are you using?
And do you have any third party repositories enabled?
-Eric
Is there a package update log that will tell me which have been updated?
Eric
May 23, 2012, 6:01pm
10
Yup! But where it is depends on the questions I asked above (in particular, your distro/version, but also knowing whether you have third party repositories enabled would really help)
-Eric
Sorry I’ve only added one extra repository as far as I know which is the bleeding edge one…
Operating system CentOS Linux 5.6
Webmin version 1.585
Virtualmin version 3.92.gpl GPL
Eric
May 23, 2012, 7:34pm
12
Aha, perfect!
You can determine what packages were recently installed by reviewing “/var/log/yum.log”.
Also, what output do you receive if you type this command:
ls /etc/yum.repos.d/*.repo
ls /etc/yum.repos.d/*.repo
Gives…
/etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Vault.repo
/etc/yum.repos.d/CentOS-Debuginfo.repo /etc/yum.repos.d/virtualmin-bleed.repo
/etc/yum.repos.d/CentOS-Media.repo /etc/yum.repos.d/virtualmin.repo
/var/log/yum.log =
May 21 09:56:11 Updated: 30:bind-libs-9.3.6-20.P1.el5.x86_64
May 21 09:56:11 Updated: 30:bind-9.3.6-20.P1.el5.x86_64
May 21 09:56:11 Updated: 30:caching-nameserver-9.3.6-20.P1.el5.x86_64
May 21 09:56:12 Updated: 30:bind-utils-9.3.6-20.P1.el5.x86_64
May 21 09:56:33 Updated: clamav-filesystem-0.97.3-1.vm.el5.centos.x86_64
May 21 09:56:33 Updated: clamav-data-0.97.3-1.vm.el5.centos.x86_64
May 21 09:56:34 Updated: clamav-lib-0.97.3-1.vm.el5.centos.x86_64
May 21 09:56:34 Updated: clamav-update-0.97.3-1.vm.el5.centos.x86_64
May 21 09:56:34 Updated: clamav-0.97.3-1.vm.el5.centos.x86_64
May 21 09:56:34 Updated: clamav-server-0.97.3-1.vm.el5.centos.x86_64
May 21 09:56:34 Updated: clamav-server-sysv-0.97.3-1.vm.el5.centos.x86_64
May 21 09:56:42 Updated: 1:httpd-2.2.3-63.1.vm.x86_64
May 21 09:56:42 Updated: 2:mod_ssl-2.2.3-63.1.vm.x86_64
May 21 09:56:54 Updated: 1:httpd-2.2.3-63.1.vm.x86_64
May 21 09:57:00 Updated: mysql-5.0.95-1.el5_7.1.x86_64
May 21 09:57:00 Updated: mysql-5.0.95-1.el5_7.1.i386
May 21 09:57:00 Updated: mysql-devel-5.0.95-1.el5_7.1.i386
May 21 09:57:00 Updated: mysql-devel-5.0.95-1.el5_7.1.x86_64
May 21 09:57:01 Updated: mysql-server-5.0.95-1.el5_7.1.x86_64
May 21 09:57:16 Updated: openssl-0.9.8e-22.el5_8.3.x86_64
May 21 09:57:16 Updated: openssl-0.9.8e-22.el5_8.3.i686
May 21 09:57:16 Updated: openssl-devel-0.9.8e-22.el5_8.3.x86_64
May 21 09:57:26 Updated: 4:perl-5.8.8-38.el5.x86_64
May 21 09:57:28 Updated: 4:perl-5.8.8-32.el5_7.6.i386
May 21 09:57:32 Updated: postgresql-8.1.23-1.el5_7.3.x86_64
May 21 09:57:33 Updated: postgresql-server-8.1.23-1.el5_7.3.x86_64
May 21 09:57:37 Updated: postgrey-1.34-1.noarch
May 21 09:57:42 Updated: python-libs-2.4.3-46.el5.x86_64
May 21 09:57:42 Updated: python-2.4.3-46.el5.x86_64
May 21 09:57:47 Updated: ruby-libs-1.8.5-24.el5.x86_64
May 21 09:57:47 Updated: ruby-1.8.5-24.el5.x86_64
May 21 09:57:48 Updated: ruby-libs-1.8.5-24.el5.i386
May 21 09:57:48 Updated: ruby-irb-1.8.5-24.el5.x86_64
May 21 09:57:48 Updated: ruby-devel-1.8.5-24.el5.i386
May 21 09:57:48 Updated: ruby-rdoc-1.8.5-24.el5.x86_64
May 21 09:57:48 Updated: ruby-devel-1.8.5-24.el5.x86_64
May 21 09:57:53 Updated: subversion-1.6.11-10.el5_8.x86_64
May 21 09:57:53 Updated: subversion-1.6.11-10.el5_8.i386
May 21 09:57:53 Updated: mod_dav_svn-1.6.11-10.el5_8.x86_64
May 21 09:58:15 Updated: usermin-1.505-1.noarch
May 21 09:58:20 Updated: 2:wbm-security-updates-4.4-1.noarch
May 21 09:59:17 Updated: wbm-virtual-server-3.92.gpl-2.noarch
May 21 09:59:21 Updated: 2:wbm-virtualmin-awstats-4.7-1.noarch
May 21 09:59:25 Updated: 2:wbm-virtualmin-init-2.3-1.noarch
May 21 09:59:29 Updated: 2:wbm-virtualmin-registrar-2.1-1.noarch
May 21 09:59:35 Updated: 2:wbt-virtual-server-theme-8.4-1.noarch
May 21 10:00:26 Updated: webmin-1.585-1.noarch
Eric
May 23, 2012, 8:21pm
14
Hmm, none of those apps are email related – so in theory, the culprit shouldn’t be any of those.
And as you had mentioned, I don’t see any unusual repositories enabled.
ATM, it seems to be a mystery
-Eric