re: cannot see webmin anymore

I haven’t done anything at all to my server but all of a sudden I can’t access webmin at all. It says can’t find the server at ekmb.net which is my webmin server as well as one of my websites.

When I type in 127.0.0.1 or localhost it shows the virtualmin apache page.

I am also getting emails and the website is up for collectivestrategies.com which brings back the server address under ping.

I’ve also restarted Webmin, but no joy.

Please help. I have no idea what caused this or what to do.

$ host ekmb.net
;; connection timed out; no servers could be reached

[code:1] Domain servers in listed order:
NS2.EKMB.NET 74.52.212.235
NS1.EKMB.NET 71.43.226.6[/code:1]

$ dig @71.43.226.6 ekmb.net

[code:1] ; <<>> DiG 9.4.2-P1 <<>> @71.43.226.6 ekmb.net
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached[/code:1]

$ dig @74.52.212.235 ekmb.net

[code:1] ; <<>> DiG 9.4.2-P1 <<>> @74.52.212.235 ekmb.net
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 16022
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;ekmb.net. IN A

;; Query time: 92 msec
;; SERVER: 74.52.212.235#53(74.52.212.235)
;; WHEN: Thu Jul 17 22:41:57 2008
;; MSG SIZE rcvd: 26[/code:1]

So all this tells me that bind is not running on the main server at 71.43.226.6

Scott’s spot on here. You’ve got broken name service. Either BIND isn’t running on your boxes (74.52.212.235 and 71.43.226.6), or your glue records at your registrar are pointing to the wrong addresses.

Thanks. I figured it was DNS, but had no idea what to do or where to start looking.

The ip address is wrong. I don’t have 74.52.212.235 at all. I have no idea where it came from or how it changed.

This is scary.

$ host 74.52.212.235
235.212.52.74.in-addr.arpa domain name pointer ns1.us.editdns.net.

$ whois 74.52.212.235
BW whois 3.4 by Bill Weinman (http://whois.bw.org/)
Copyright 1999-2003 William E. Weinman
Request: 74.52.212.235
connected to whois.arin.net [199.43.0.144:43] …
connected to rwhois.theplanet.com [216.185.113.8:4321] …
%rwhois V-1.5:003eff:00 whois.theplanet.com (by Network Solutions, Inc. V-1.5.9.5)
network:Class-Name:network
network:ID:THEPLANET-BLK-14
network:Auth-Area:74.52.0.0/14
network:Network-Name:TPIS-BLK-74-52-212-0
network:IP-Network:74.52.212.232/29
network:IP-Network-Block:74.52.212.232 - 74.52.212.239
network:Organization-Name:Tyler Hall
network:Organization-City:Phoenix
network:Organization-State:AZ
network:Organization-Zip:85286
network:Organization-Country:US
network:Description-Usage:customer
network:Server-Pri:ns1.theplanet.com
network:Server-Sec:ns2.theplanet.com
network:Tech-Contact;I:abuse@theplanet.com
network:Admin-Contact;I:abuse@theplanet.com
network:Created:20070109
network:Updated:20070109

$ host 71.43.226.6
6.226.43.71.in-addr.arpa domain name pointer rrcs-71-43-226-6.se.biz.rr.com.

$ whois 71.43.226.6
BW whois 3.4 by Bill Weinman (http://whois.bw.org/)
Copyright 1999-2003 William E. Weinman
Request: 71.43.226.6
connected to whois.arin.net [192.149.252.44:43] …

OrgName: Road Runner HoldCo LLC
OrgID: RCSW
Address: 13241 Woodland Park Road
City: Herndon
StateProv: VA
PostalCode: 20171
Country: US

ReferralServer: rwhois://ipmt.rr.com:4321

NetRange: 71.40.0.0 - 71.43.255.255
CIDR: 71.40.0.0/14

If Bind isn’t running on the main server (71.43.226.6) and I can’t get Webmin to start so it will run, how am I supposed to get it going on my system?

you can use ssh…or a keyboard on the box and start it up.

eboughey wrote:

If Bind isn't running on the main server (71.43.226.6) and I can't get Webmin to start so it will run, how am I supposed to get it going on my system?

Must be a point-n-click windows user :frowning: You MUST learn console commands if you are going to play server admin/owner. Yup that was blunt and to-the-point. There is NO WAY around that.

Since you have not told us what distro I’ll give 2 possibilities…

/etc/init.d/bind9 restart
/etc/init.d/named restart

yes, I am a windows user and have been since the begining and dos before that. You make it seem like a bad thing and I don’t think it is.

Granted I need to learn more commands, but I am posting in the NEWBIE section so I thought I’d get just a little more leeway here.

I do use a lot of commands but since I haven’t had any issues with Virtualmin in almost a year, I don’t remember all of the research commands.

I went to my custom nameservers and editdns to make sure everything was okay. editdns was messed up and it was pointing to 1.2.3.4 which looks like they reset it.

When I changed it, it worked for awhile but the email hasn’t worked yet.

Using VM for almost a year hardly constitutes the newbie posting. By now you should be dabbling in the dark arts of linux.

Hi eboughey,

It does look like you’ve got BIND up and running on that box. Your email service is up, though it could take a bit for any DNS changes to take effect. Are you beginning to see a few emails trickle through?
-Eric

some easier to remember commands on my centos setup are
service named restart
service postfix restart
service httpd restart
restart can be replaced with start and stop as well

and can be used for any app that can be called by ‘service’
per haps they work for you too…

Thanks for all the help everyone. I’ve copied those commands to a text file for future. I really have tried to learn more of the Linux system but this old brain only holds so much ‘new’ information (terrible short term memory). That was the main reason for going with Virtualmin. It literally runs itself.

I haven’t seen the emails coming through yet, but at least I can check them through the server until they do.

Using VM for almost a year hardly constitutes the *newbie* posting. By now you should be dabbling in the dark arts of linux.

We’re all newbies sometimes. :wink:

For example, I may be an expert around these parts (by some definition of “expert”) but I have no idea how to work my Windows Vista HTPC. It’s broken all the time…

I haven't seen the emails coming through yet, but at least I can check them through the server until they do.

What shows up in /var/log/maillog when you try to send a message to your domain?

You don’t have an MX record for ekmb.net, but if the same host is providing mail and web, this won’t be an issue.

Joe,

I don’t know about the mx records but the mail has always worked up until now. It’s still not coming over but I see it in Postfix. It says server not found when I do a send/receive.

I don’t see anything at all about the server in the maillog. One of my other domains (collectivestrategies.com) is receiving email fine though.

Howdy,

What’s an example domain name you’re having trouble receiving email for?

Also, the “Server not found” message – that’s what you see in your email client when trying to send a message? If so, in your email client’s settings, what’s the hostname or IP that it’s using for the SMTP server?
-Eric

What shows up in /var/log/maillog when you try to send a message that fails to arrive? You can "tail" the log like this:

tail -f /var/log/maillog

(Hit Ctrl-C when you’ve seen all you want to see of the log.)

hope there’s no sensitive data here. This is an email I got from the USPS. It shows up in Postfix under my email, but I can’t send/receive in outlook and evolution says 'host lookup failed. mail.ekmb.net: Name or service not known.

I only have Postfix set up for mail on all of my sites and haven’t set up any mx records.

Oh, I sent a little extra at the end because it looked suspicious like someone is trying to use my server to send emails…

Jul 19 02:28:34 host postfix/qmgr[3962]: 3D27F16A2B5: removed
Jul 19 02:31:51 host postfix/anvil[13195]: statistics: max connection rate 1/60s for (smtp:207.36.180.232) at Jul 19 02:28:31
Jul 19 02:31:51 host postfix/anvil[13195]: statistics: max connection count 1 for (smtp:207.36.180.232) at Jul 19 02:28:31
Jul 19 02:31:51 host postfix/anvil[13195]: statistics: max cache size 1 at Jul 19 02:28:31
Jul 19 02:34:38 host postfix/smtpd[13522]: connect from maileast16.srvs.usps.gov[56.0.103.16]
Jul 19 02:34:38 host postfix/smtpd[13522]: C464616A2B5: client=maileast16.srvs.usps.gov[56.0.103.16]
Jul 19 02:34:38 host postfix/cleanup[13526]: C464616A2B5: message-id=<11835010.1216448153562.JavaMail.confirm@eagnmntwe121>
Jul 19 02:34:38 host postfix/smtpd[13522]: disconnect from maileast16.srvs.usps.gov[56.0.103.16]
Jul 19 02:34:38 host postfix/qmgr[3962]: C464616A2B5: from=<confirm@email.usps.gov>, size=1512, nrcpt=1 (queue active)
Jul 19 02:34:43 host postfix/local[13527]: C464616A2B5: to=<eboughey.ekmb@host.ekmb.net>, orig_to=<eboughey@ekmb.net>, relay=local, delay=5, status=sent (delivered to command: /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME)
Jul 19 02:34:43 host postfix/qmgr[3962]: C464616A2B5: removed
Jul 19 02:39:04 host postfix/smtpd[13816]: warning: 88.229.39.182: hostname dsl88-229-10166.ttnet.net.tr verification failed: Name or service not known
Jul 19 02:39:04 host postfix/smtpd[13816]: connect from unknown[88.229.39.182]
Jul 19 02:39:04 host postfix/smtpd[13817]: warning: 88.229.39.182: hostname dsl88-229-10166.ttnet.net.tr verification failed: Name or service not known
Jul 19 02:39:04 host postfix/smtpd[13817]: connect from unknown[88.229.39.182]
Jul 19 02:39:05 host postfix/smtpd[13818]: warning: 88.229.39.182: hostname dsl88-229-10166.ttnet.net.tr verification failed: Name or service not known
Jul 19 02:39:05 host postfix/smtpd[13818]: connect from unknown[88.229.39.182]
Jul 19 02:39:06 host postfix/smtpd[13816]: NOQUEUE: reject: RCPT from unknown[88.229.39.182]: 550 <freshsacksn@collectivestrategies.com>: Recipient address rejected: User unknown in virtual alias table; from=<freshsa@hanafos.com> to=<freshsacksn@collectivestrategies.com> proto=SMTP helo=<ups-m??teri>
Jul 19 02:39:06 host postfix/smtpd[13817]: NOQUEUE: reject: RCPT from unknown[88.229.39.182]: 550 <freshsacks@collectivestrategies.com>: Recipient address rejected: User unknown in virtual alias table; from=<freshroast@retailsalesavings.com> to=<freshsacks@collectivestrategies.com> proto=SMTP helo=<ups-m??teri>
Jul 19 02:39:06 host postfix/smtpd[13816]: disconnect from unknown[88.229.39.182]
Jul 19 02:39:06 host postfix/smtpd[13818]: NOQUEUE: reject: RCPT from unknown[88.229.39.182]: 550 <freshsacksnn@collectivestrategies.com>: Recipient address rejected: User unknown in virtual alias table; from=<freshsim@yahoo.de> to=<freshsacksnn@collectivestrategies.com> proto=SMTP helo=<ups-m??teri>
Jul 19 02:39:07 host postfix/smtpd[13817]: disconnect from unknown[88.229.39.182]
Jul 19 02:39:07 host postfix/smtpd[13818]: disconnect from unknown[88.229.39.182]
Jul 19 02:42:27 host postfix/anvil[13524]: statistics: max connection rate 3/60s for (smtp:88.229.39.182) at Jul 19 02:39:05
Jul 19 02:42:27 host postfix/anvil[13524]: statistics: max connection count 3 for (smtp:88.229.39.182) at Jul 19 02:39:05
Jul 19 02:42:27 host postfix/anvil[13524]: statistics: max cache size 1 at Jul 19 02:34:38
Jul 19 02:46:31 host postfix/smtpd[14106]: connect from cable-218-149.multi-speed.net[82.199.218.149]
Jul 19 02:46:32 host postfix/smtpd[14106]: C7D1616A2B5: client=cable-218-149.multi-speed.net[82.199.218.149]
Jul 19 02:46:37 host postfix/cleanup[14110]: C7D1616A2B5: message-id=<000601c8e968$04a56e0a$27874084@llipbaa>
Jul 19 02:46:38 host postfix/qmgr[3962]: C7D1616A2B5: from=<wvtpz@apexfootball.com>, size=4838, nrcpt=1 (queue active)
Jul 19 02:46:40 host postfix/smtpd[14106]: disconnect from cable-218-149.multi-speed.net[82.199.218.149]
Jul 19 02:46:42 host postfix/local[14111]: C7D1616A2B5: to=<jobs.collectivestrategies@host.ekmb.net>, orig_to=<jobs@collectivestrategies.com>, relay=local, delay=10, status=sent (delivered to command: /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME)
Jul 19 02:46:42 host postfix/qmgr[3962]: C7D1616A2B5: removed
Jul 19 02:47:50 host postfix/smtpd[14106]: warning: 220.190.221.2: hostname 2.221.190.220.broad.wz.zj.dynamic.163data.com.cn verification failed: Name or service not known
Jul 19 02:47:50 host postfix/smtpd[14106]: connect from unknown[220.190.221.2]