Topic: sme 7 with so many

[nefkho]

hi,

i have sme 7  and my outgoing email are not seding anymore when i check the mail log file analysis i got this:

Mail Log File Analysis
Report generated: Fri 08 Dec 2006 06:34:25 PM PHT
messages in queue: 376344
messages in queue but not yet preprocessed: 11324

-----

any one can tell me where to start? or is there a trojan in my sme i have run rootkit and run shieldup (Solicited TCP Packets=failed, Ping Reply=failed) my port 25, 80 and 443 is open, should it be?


thanks,

[Terry]

Those port are for:

25: incoming mail.  So, if you expect to receive email from other mail servers, yes it needs to be open.

80: http.  If you have web sites, yes it needs to be open
443: Secure web.  If you use webmail, it needs to be open (or any other app that requires https:)

To trouble shoot your mail problem, has your ISP started blocking outbound SMTP connections?  Mine did this a couple of years ago, forcing you to use there SMTP server to relay your mail from.  To test this, make sure SMTP proxy is off on your server, then try and telnet to port 25 of someone's domain (you can use mine to test if you want "brummell.net").  If you don't get a respones it's a good probablility your ISP has started blocking port 25 outbound.  If you do get a response, I have no idea why your server is not sending mail.  Maybe the logs will tell you more as to why conections are being refused.

[nefkho]

hi,

this is what i got after running the telnet to ur server, what does it mean? it just hang up?

[root@fscimailsvr ~]# telnet brummell.net 25
Trying 74.104.234.110...
Connected to brummell.net.
Escape character is '^]'.
220 webserver02.brummellhosting.homeip.net ESMTP

[byte]

Why don't you also check the port is open at www.grc.com ?

[Terry]

That means you can get out to my mail server, that's a good thing, your ISP isn't stopping the connection.

You need to figure out what is stopping the mail from being processed.  Spamassisn running?  ClamAV running?  Not sure what else would be stopping it.  Maybe some one else will pipe up here.

[nefkho]

also
the settings for:

Virus scanning  Disabled
Spam filtering  Disabled

which log file should i check i have tesed to email yahoo and still did not make but i can ge email from yahoo.


tnx

[Terry]

Well, I am not 100% certain which dameon is responsible for sending the mail.  Hoping someone else will help out at this point, but maybe that service/dameon as stopped.

[byte]

or is there a trojan in my sme i have run rootkit...

If there is a security concern please always email to security [at] contribs [dot] org

Btw yes port 25/80/443 should be open 443 only will show if you have webmail enabled

[byte]

which log file should i check i have tesed to email yahoo and still did not make but i can ge email from yahoo.

You should be checking the /var/log/qpsmtpd and /var/log/qmail current logs that should tell you more, also if you have applied updates and since then mail has stopped you should report to bug tracker.

[Terry]

What does the log qmail/current show you?  Any failures?