The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[case 50859] POP before SMTP no longer working since the weekend.

Discussion in 'E-mail Discussions' started by santrix, Jun 20, 2011.

  1. santrix

    santrix Well-Known Member

    Joined:
    Nov 30, 2008
    Messages:
    223
    Likes Received:
    2
    Trophy Points:
    18
    Hi,

    I have today received a number of tickets from customers complaining they are getting errors when trying to send SMTP, to the tune of

    Access denied - Invalid HELO name (See RFC2821 4.1.1.1)

    I have had to disable "Require RFC-compliant HELO" from the Exim config for the time being. Did something change in the last update to the Release tree of WHM?

    Steve
     
  2. santrix

    santrix Well-Known Member

    Joined:
    Nov 30, 2008
    Messages:
    223
    Likes Received:
    2
    Trophy Points:
    18
    re: [case 50859] Require RFC-compliant HELO - Causing Problems

    Something must have changed recently. The clients experiencing the issue did not have their SMTP clients set to authenticate upon connecting, and must have previously been relying upon pop before smtp.

    I'm still not sure what exactly cPanel have changed to cause this behaviour?
     
  3. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    re: [case 50859] Require RFC-compliant HELO - Causing Problems

    Are the clients who are experiencing this all using Outlook as their email client?
     
  4. cPanelNick

    cPanelNick Administrator
    Staff Member

    Joined:
    Mar 9, 2015
    Messages:
    3,426
    Likes Received:
    2
    Trophy Points:
    38
    cPanel Access Level:
    DataCenter Provider
    re: [case 50859] Require RFC-compliant HELO - Causing Problems


    If they are in /etc/relayhosts it should not be hitting the HELO checks

    Code:
    acl_mail:
        # ignore authenticated hosts
        accept authenticated = *
    
    # ignore pop before smtp 
        accept  condition = ${if match_ip{$sender_host_address}{iplsearch;/etc/relayhosts}{1}{${if eq{$sender_host_address}{127.0.0.1}{1}{0}}}}
        accept hosts = +relay_hosts
    
    #BEGIN ACL_MAIL_BLOCK
    
    deny
        condition = ${if eq{$sender_helo_name}{}}
        message   = HELO required before MAIL
    ...
    
    Are you seeing this happen if they are in /etc/relayhosts?
     
  5. Gareth-AWD

    Gareth-AWD Well-Known Member

    Joined:
    Jul 3, 2008
    Messages:
    144
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    London, UK
    cPanel Access Level:
    Root Administrator
    Re: [case 50859] Require RFC-compliant HELO - Causing Problems

    I'm also getting this issue and turning this off does the trick.

    It's only a temporary messure. Can Cpanel shed any light on this?
     
  6. PenguinInternet

    PenguinInternet Well-Known Member
    PartnerNOC

    Joined:
    Jun 20, 2007
    Messages:
    149
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Cardiff, UK
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    Re: [case 50859] Require RFC-compliant HELO - Causing Problems

    We've also had this reported by quite a few users now since around the 11.30 update
     
  7. docbreed

    docbreed Well-Known Member

    Joined:
    Jul 18, 2005
    Messages:
    57
    Likes Received:
    0
    Trophy Points:
    6
    Re: [case 50859] Require RFC-compliant HELO - Causing Problems

    We've had the same deal happen over the last two days.

    Users now have to require smtp authentication, where as in the past they didn't. It started with alot of 4.1.1.1 errors and when turning off the Require RFC-compliant HELO [?] option we had alot of issues with:

    currently not permitted to relay through this server. Perhaps you have not logged into the pop/imap server in the last 30 minutes or do not have SMTP Authentication turned on in your email client.

    WHM 11.30.0 (build 32)
    exim-4.69-29_cpanel_maildir

    We need a temporary fix to inform clients they need to now change their client apps, devices, phones to require smtp authentication.

    Forgot to mention that i had to disable the rbl checks too because my clients where failing rbl too.
    Very frustrating :(
     
    #7 docbreed, Jun 27, 2011
    Last edited: Jun 27, 2011
  8. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Re: [case 50859] Require RFC-compliant HELO - Causing Problems

    Case 50859 (backport 50908 for 11.30.1.0 version) handles this issue which is that tailwatch is not updating relayhosts after log rotation causing POP3 before SMTP to not function (so antirelayd isn't working properly basically).

    As a temporary measure until that version has been released to your existing tier, you could edit /etc/logrotate.d/syslog file temporarily to change from the following:

    Code:
    /var/log/messages /var/log/secure /var/log/maillog /var/log/spooler /var/log/boot.log /var/log/cron {
        sharedscripts
        postrotate
            /bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true
            /bin/kill -HUP `cat /var/run/rsyslogd.pid 2> /dev/null` 2> /dev/null || true
        endscript
    }
    To this instead:

    Code:
    /var/log/messages /var/log/secure /var/log/maillog /var/log/spooler /var/log/boot.log /var/log/cron {
        sharedscripts
        postrotate
        /bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true
        /bin/kill -HUP `cat /var/run/rsyslogd.pid 2> /dev/null` 2> /dev/null || true
            /scripts/restartsrv_tailwatchd
        endscript
    }
    This would add /scripts/restartsrv_tailwatchd to restart properly and tail the proper log file.

    You can view the changelog to see when 50908 is pushed into production at http://go.cpanel.net/changelog and see the existing versions for each tier at http://httpupdate.cpanel.net location.

    To check your current cPanel version, you can run the following command:

    Code:
    cat /usr/local/cpanel/version ;echo
     
  9. fizz

    fizz Well-Known Member

    Joined:
    Jan 25, 2002
    Messages:
    202
    Likes Received:
    0
    Trophy Points:
    16
    POP before SMTP no longer working since the weekend.

    It appears an update over the weekend broke POP before SMTP. I attempted to apply a fix from this thread, but it had no effect on fixing this problem.

    The fix was to restart tailwatchd on the logrotate.d/syslog file.

    Any clues on what I can check to get this resolved?

    Verified tailwatchd is running.
     
    #9 fizz, Jun 28, 2011
    Last edited: Jun 28, 2011
  10. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,448
    Likes Received:
    194
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Have you checked for any changes to your EXIM config / tried resetting to defaults?
     
  11. fizz

    fizz Well-Known Member

    Joined:
    Jan 25, 2002
    Messages:
    202
    Likes Received:
    0
    Trophy Points:
    16
    Me and one other guy are the only ones with access to WHM. So nothing was changed in that regard. It happened at the same time people started to get the invalid HELO rfc messages.

    No, I havent reset to defaults yet as I wanted to check with the forum first.
     
  12. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,448
    Likes Received:
    194
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Well you might not have changed anything, but an update could have. You said so yourself, just above:
    Unless you've got some reason why you can't reset, I would and see if that helps.
     
  13. cPanelNick

    cPanelNick Administrator
    Staff Member

    Joined:
    Mar 9, 2015
    Messages:
    3,426
    Likes Received:
    2
    Trophy Points:
    38
    cPanel Access Level:
    DataCenter Provider
    Try /scripts/restartsrv_tailwatchd
     
  14. Gareth-AWD

    Gareth-AWD Well-Known Member

    Joined:
    Jul 3, 2008
    Messages:
    144
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    London, UK
    cPanel Access Level:
    Root Administrator
    There's something seriously wrong here. Despite the invalid HELO which was fixed for some clients, we do still get an error.

    When can we expect a fix on this in the RELEASE tree. I'm seriously considering dropping back to STABLE in future.
     
  15. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Please submit a ticket at this point using WHM > Support Center > Contact cPanel or using the link in my signature so we can investigate why this is happening still.
     
  16. cPanelNick

    cPanelNick Administrator
    Staff Member

    Joined:
    Mar 9, 2015
    Messages:
    3,426
    Likes Received:
    2
    Trophy Points:
    38
    cPanel Access Level:
    DataCenter Provider
    Re: [case 50859] Require RFC-compliant HELO - Causing Problems

    Assuming that the inotify watch is being lost on the maillog due to syslogd rotating the log, you could work around the problem by disabling inotify support in tailwatchd (it will revert to the slower pre 11.28 behavior) by running the following:

    Likewise the case referenced in this thread was fixed on the 24th, and is awaiting QA approval to be published (shouldn't be long now).

    Another option is to switch to the EDGE tier (11.30.1.1) which has this patch. Assuming there are no unforeseen problems with 11.30.1.1 it should progress to CURRENT and then RELEASE by the end of the week.
     
  17. mikelegg

    mikelegg Well-Known Member

    Joined:
    Mar 29, 2005
    Messages:
    330
    Likes Received:
    0
    Trophy Points:
    16
    We've had this problem since the weekend and have been advising customers to authenticate to send mail.

    Now they can't send mail even when they explicitly authenticate.

    While disabling "Require RFC-compliant HELO" allows mail to be sent, the first message I sent was refused by the recipient with the error " 503 Valid RCPT command must precede DATA"

    Modifying /etc/logrotate.d/syslog as per this thread seems to fix it.

    WHM 11.30.0 (build 32) Release
     
    #17 mikelegg, Jul 5, 2011
    Last edited: Jul 5, 2011
Loading...

Share This Page