So I have a godaddy wildcard cert and I installed it and used the copied it via the buttons in SSL management.
This worked fine for months, but recently IMAP emails started timing out on sends.
I looked into it and I dont see many errors. The errors manifest themselves as Roundcube timing out on sends, or MS Outlook timing out on sends (with the message eventually sending)
Outlook sometimes throws:
Task ‘me@tld.com - Sending’ reported error (0x8004210B) : ‘The operation timed out waiting for a response from the sending (SMTP) server. If you continue to receive this message, contact your server administrator or Internet service provider (ISP).’"
however that email eventually goes through.
roundcube sometimes throws a “timeout” too.
/var/log/mail.log shows nothing wierd
/roundcube/errors no errors
There is nothing in this message that indicates an issue with SSL. It is your own assumption that the certificate is at fault - how correct that is remains to be seen.
Well when looking at the logs initially it complained about a chain certificate error, so then I re-keyed it per the recommendation of Godaddy so yeah I dont know what to look at – the problem is it eventually does go in outlook, but roundcube not so much
I am ignoring your hypothesis about the SSL cert and investigating a theory of my own: could you check mail logs for process limit warnings?
Webmin -> System -> System Logs and view mail log. Then in the box next to Only show lines with text, enter “process limit” without the quotes. Hit Refresh. Any results found?
I think you may have bingo on your card sir Jun 23 11:18:53 mail postfix/master[1406]: warning: service "submission" (587) has reached its process limit "100": new clients may experience noticeable delays
If it is, then you should find ways to contain the brute force attack; if not then your process limit of 100 is being reached due to valid use and you should consider increasing it, keeping in mind the corresponding increase in resources that will be required to serve a greater number of processes.
So yeah looks like there are way too many connection from way too many places, what is the best way to deal with these dynamically? I have Config Firewall Installed but its disabled now
Sorry but the jail 'postfix-sasl' does not exist
When I restart fail2ban I get an error
````● fail2ban.service - Fail2Ban Service
Loaded: loaded (/lib/systemd/system/fail2ban.service; enabled; vendor preset: enabled)
Active: failed (Result: start-limit-hit) since Fri 2020-07-17 02:27:56 EDT; 49s ago
Docs: man:fail2ban(1)
Process: 2156 ExecStart=/usr/bin/fail2ban-client -x start (code=exited, status=255)
Jul 17 02:27:56 mail.tld.com systemd[1]: fail2ban.service: Control process exited, code=exited status=255
Jul 17 02:27:56 mail.tld.com systemd[1]: Failed to start Fail2Ban Service.
Jul 17 02:27:56 mail.tld.com systemd[1]: fail2ban.service: Unit entered failed state.
Jul 17 02:27:56 mail.tld.com systemd[1]: fail2ban.service: Failed with result 'exit-code'.
Jul 17 02:27:56 mail.tld.com systemd[1]: fail2ban.service: Service hold-off time over, scheduling restart.
Jul 17 02:27:56 mail.tld.com systemd[1]: Stopped Fail2Ban Service.
Jul 17 02:27:56 mail.tld.com systemd[1]: fail2ban.service: Start request repeated too quickly.
Jul 17 02:27:56 mail.tld.com systemd[1]: Failed to start Fail2Ban Service.
Jul 17 02:27:56 mail.tld.com systemd[1]: fail2ban.service: Unit entered failed state.
Jul 17 02:27:56 mail.tld.com systemd[1]: fail2ban.service: Failed with result 'start-limit-hit'.
Its like the screenshot of what I did to enable is making it fail to start, but I dont see the problem
The key error message is
Failed to restart server : ERROR No file(s) found for glob /var/log/mail.warn ERROR Failed during configuration: Have not found any log file for postfix-sasl jail
but %(postfix_log)s is the log which translates out to /var/log/mail.warn which doesn’t exist so i manually put in /var/log/mail.log and that seemed to work