The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Correct Permissions for /etc/localdomains ?

Discussion in 'General Discussion' started by mikelegg, Feb 2, 2011.

  1. mikelegg

    mikelegg Well-Known Member

    Joined:
    Mar 29, 2005
    Messages:
    330
    Likes Received:
    0
    Trophy Points:
    16
    The exim panic log on one of my servers contains hundreds of these entries ...

    2011-02-03 11:31:56 1Pko3A-00031m-9Z Error in system filter: failed to expand "${lookup{${extract{2}{@}{$recipients}}}lsearch{/etc/localdomains}{yes}{no}}" in filter file: failed to open /etc/localdomains for linear search: Permission denied (euid=510 egid=512)

    The only way to prevent this is to change the permissions on /etc/localdomains to 644.

    But cPanel keeps changing it back to 640 which I believe is all it should really require, but this causes the problem to re-occur.

    The permissions are currently ... -rw-r--r-- 1 root mail 8476 Feb 2 22:26 localdomains

    But soon it will revert to -rw-r----- 1 root mail 8476 Feb 2 22:26 localdomains

    This causes the queue to fill with undeliverable mail.

    Has anyone else ever encountered this before?
     
    #1 mikelegg, Feb 2, 2011
    Last edited: Feb 2, 2011
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Hello,

    Do you have any idea what email is triggering the error? You might try running /scripts/eximup --force to see if that corrects the issue, but it's likely some email is invalidly triggering the message. You should be able to check the message ID (1Pko3A-00031m-9Z in the provided example) to see what is happening with that email:

    Code:
    exigrep 1Pko3A-00031m-9Z /var/log/exim_mainlog
    Thanks.
     
  3. mikelegg

    mikelegg Well-Known Member

    Joined:
    Mar 29, 2005
    Messages:
    330
    Likes Received:
    0
    Trophy Points:
    16
    Hi Tristan

    Every entry in the log has a different message ID, it's not just related to a single message.
     
  4. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Hello,

    I didn't believe it was related to a single message, but to a set type of message. Have you reviewed the logs as indicated to see if the same type of scenario is causing this such as sending to a non-existent address causing a bounce back to the main hostname account on the server (for a failure of some sort). The idea is that it is being triggered by a set situation, which can only be determined by checking exim_mainlog for a few message IDs to see what is happening with those messages.

    Thanks.
     
  5. mikelegg

    mikelegg Well-Known Member

    Joined:
    Mar 29, 2005
    Messages:
    330
    Likes Received:
    0
    Trophy Points:
    16
    Sorry, I see what you mean now.

    I'll check it out.
     
  6. mikelegg

    mikelegg Well-Known Member

    Joined:
    Mar 29, 2005
    Messages:
    330
    Likes Received:
    0
    Trophy Points:
    16
    I checked 4 messages from different dates/times and they were all bounce messages, from remote servers to local addresses.

    2011-02-03 11:31:56 1Pko3A-00031m-9Z <= <> R=1Pko38-00031C-4j U=mailnull P=local S=2415 T="Mail delivery failed: returning message to sender" for xxx@yyy.net

    2011-02-03 11:31:02 1Pko2I-0002ve-RE <= <> R=1Pko2G-0002ut-3s U=mailnull P=local S=2234 T="Mail delivery failed: returning message to sender" for xxx@yyy.net.au

    2011-02-02 11:56:57 1PkRxp-0000lp-ME <= <> H=titan.sslserver.net.au [118.127.52.72] P=esmtps X=TLSv1:AES256-SHA:256 S=6279 id=t1e8cRSZN000353c8@bay0-mc4-f24.Bay0.hotmail.com T="Delivery Status Notification (Failure)" for xxx@xxx.com

    2011-02-03 08:33:07 1PklG7-0000hx-Qq <= <> H=mx02.appspoint.com.au (mx01.appspoint.com.au) [118.102.106.36] P=esmtps X=TLSv1:RC4-MD5:128 S=8407 id=ebd1603e-7967-4d68-a8db-0e2e939c12f4 T="Undeliverable: Vacancy - apply online" for xxx@yyy.com.au

    So it looks like it is related to a single type of message.

    I think I know the cause of the problem now, I recently asked my sys admins to see what we could do about backscatter on that server and the changes they made may have affected inbound bounce messages as well as outgoing bounce messages.

    I'll get them to reverse the changes made and see if that helps.

    Thanks Tristan.
     
  7. mikelegg

    mikelegg Well-Known Member

    Joined:
    Mar 29, 2005
    Messages:
    330
    Likes Received:
    0
    Trophy Points:
    16
    The sys admins say that the recent change wouldn't have caused this problem.

    So we're going to try /scripts/eximup --force
     
    #7 mikelegg, Feb 2, 2011
    Last edited: Feb 3, 2011
  8. mikelegg

    mikelegg Well-Known Member

    Joined:
    Mar 29, 2005
    Messages:
    330
    Likes Received:
    0
    Trophy Points:
    16
    /scripts/eximup --force hasn't fixed the problem.

    The other thing that has changed recently is we started using "Send outgoing mail from the IP that matches the domain name in /etc/mailips" so perhaps this is the cause of the problem.

    I think I'll lodge a support ticket.
     
  9. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Once you've opened the support ticket, please post the ticket number here if you are willing to do that. I think a support ticket would be helpful so we can log into the system to review the settings.
     
  10. mikelegg

    mikelegg Well-Known Member

    Joined:
    Mar 29, 2005
    Messages:
    330
    Likes Received:
    0
    Trophy Points:
    16
    Hi Tristan

    I lodged the ticket and Matt got me to reset the exim configuration to default (Main >> Service Configuration >> Exim Configuration Editor > Advanced > Reset all configs to default.)

    This fixed the problem.
     
  11. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Did this change end up unselecting "Send outgoing mail from the IP that matches the domain name in /etc/mailips" as an option? I'm just curious.
     
  12. mikelegg

    mikelegg Well-Known Member

    Joined:
    Mar 29, 2005
    Messages:
    330
    Likes Received:
    0
    Trophy Points:
    16
    Interestingly, it didn't!

    So I'm not sure what exactly got set to default.
     
Loading...

Share This Page