cPanel 11: Exim stopped delivering remote mail

[jonwatson]

Hi,

Since last night's nightly update, my server cannot send mail to any server offsite. Local delivery seems to work, but all the forwarders are broken.

The log shows that my server is unable to connect to any other mail server on the planet. Regardless of what mail server it tries to connect to (hotmail, Yahoo, my own at home, Gmail) the connection is refused.

I can telnet into any of these servers from any other place I've tried, but not from my cPanel server. As funny as it sounds, I am confident that this is an issue on my cPanel server. Problem is, I can't think of any local setting that would cause every mail server on the planet to refuse telnet port 25 connections from it.

Anyone have any ideas where to look for this? Is there some firewall running that I'm not familiar with or something?

Thanks

 

[jonwatson]

More info.

I can connect locally to port 25 and when I nmap the server locally I see port 25 as being filtered.

This all smells like a firewall but I don't see any such setting. Where is this thing hiding?

 

[zmunkz]

Same issue

I am having the same problem. As of about 11 hours ago, all incoming and outgoing mail has failed. I tried to restart Exim, and I get the following result:


Jun 7 12:02:46 h1 exim: exim shutdown failed Jun 7 12:02:47 h1 exim: antirelayd shutdown succeeded Jun 7 12:02:47 h1 exim: spamd shutdown failed Jun 7 12:02:47 h1 exim: 2007-06-07 12:02:47 Exim configuration error: Jun 7 12:02:47 h1 exim: there are two routers called "defer_router" Jun 7 12:02:47 h1 exim: exim startup failed Jun 7 12:02:47 h1 exim: 2007-06-07 12:02:47 Exim configuration error: Jun 7 12:02:47 h1 exim: there are two routers called "defer_router" Jun 7 12:02:47 h1 exim: exim startup failed Jun 7 12:02:47 h1 exim: exim startup succeeded Jun 7 12:02:47 h1 exim: 2007-06-07 12:02:47 Exim configuration error: Jun 7 12:02:47 h1 exim: there are two routers called "defer_router" Jun 7 12:02:47 h1 exim: exim startup failed Jun 7 12:02:48 h1 exim: antirelayd startup succeeded exim has failed, please contact the sysadmin.

 

[andytylerlewis]

My servers are having this problem too - although I can restart the services without error. Clients are screaming now and I have no idea what the problem is other than it co-incides with the nightly update.

Help!

 

[zmunkz]

The following errors are flooding my /var/log/exim_paniclog:

2007-06-06 23:39:11 Exim configuration error:
there are two transports called "address_directory"
2007-06-06 23:39:16 Exim configuration error:
there are two routers called "defer_router"

These same errors repeat every few seconds up through right now. Does this mean anything to anyone?

 

[jonwatson]

My issue turned out to be a firewall issue. The following IPChains were somehow added to my system:
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
acctboth all -- anywhere anywhere

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
REJECT tcp -- anywhere anywhere tcp dpt:smtp reject-with icmp-port-unreachable
acctboth all -- anywhere anywhere

Chain acctboth (2 references)
target prot opt source destination
tcp -- rover anywhere tcp dpt:http

cPanel support flushed the IPTables and everything started working.

I have queried cPanel support as to where these IPChains came from. I assume they came from the cPanel 11 update or the nightly update last night because email has been working up until yesterday. I cannot believe someone nefariously hacked into my box to put IPChains in so I am expecting the answer that cPanel supplied them. Although they are clearly in error if they break everyone's email.

 

[cPanelNick]

The following errors are flooding my /var/log/exim_paniclog:

2007-06-06 23:39:11 Exim configuration error:
there are two transports called "address_directory"
2007-06-06 23:39:16 Exim configuration error:
there are two routers called "defer_router"

These same errors repeat every few seconds up through right now. Does this mean anything to anyone?

Perhaps you have some custom routers added to /usr/local/cpanel/etc/exim

You might try

mv /usr/local/cpanel/etc/exim /usr/local/cpanel/etc/exim.BROKEN
/scripts/upcp --force
/scripts/buildeximconf
/scripts/restartsrv exim

 

[colemanc]

Exim Still Not Delivering Outoing Mail

Perhaps you have some custom routers added to /usr/local/cpanel/etc/exim

You might try

mv /usr/local/cpanel/etc/exim /usr/local/cpanel/etc/exim.BROKEN
/scripts/upcp --force
/scripts/buildeximconf
/scripts/restartsrv exim

I ran through the above script to resinstall exim wit a clean config and then restarted the service and eventually the server... still no change. Then I flushed the IP tables and restarted exim with -force to reinstall once again and restarted chkservd 3 times and then rebooted... again. I'm still getting the same problems... all outgoing mail stuck in queue, "(113) No Route to Host" errors. It seems pretty clear that it was from the upgrade and I've, very sadly changed my automatic updates to STABLE instead of RELEASE but I have a lot of angry clients and still don't have email up. Has anyone else tried anything that seems to be working?

 

[colemanc]

Fix! Remote Mail not Sending

After about 40 hours straight, I got the bright idea of copying my exim.conf file from another (working) server that did not go through the recent WHM 11 update. I have the "bleeding update" to cp/whm in hopes that there was a correction in the past 48 hours... there was not but after I copied the exim.conf file, everything is running smoothly again on cp/whm 11! It seems to be that the update causes some changes in the exim configuration. So, upload exim.conf (I did it with FTP) and then replace /etc/exim.conf and restart exim. Here is how I did it:

FTP to mydomain.com
Upload exim.conf to /home/myuser/exim.conf
SSH to mydomain.com:22
Login with your root username/password
SU to invoke Super User
Enter password again
mv /etc/exim.conf /etc/exim.BROKEN
cp /home/myuser/exim.conf /etc/exim.conf
del /home/myuser/exim.conf
Login to cpanel in your internet browser and choose restart exim!

I'm sure there are better, smoother ways to do this but it worked for me and that's how I knew how to do it, lol. Also, in an effort to resolve the problem quickly since I had a lot of frustrated clients that couldn't send mail, I did not compare the old exim.conf file to see what the exact change was and, please note, if you have a custom exim.conf file, DON'T USE MINE but if you have never modified yours, it is likely similar and will do the trick! BTW, I am a GoDaddy V/D client so that might have some abnormal configuration to but, backup yours and try it. If it doesn't work, simply delete the new exim.conf file and rename exim.BROKEN back to exim.conf. Good luck!

P.S. The exim.conf file is attached but remove the .txt extension before you work with it - I had to add that in order to post it on here as a valid attachment.

 

[wefrank]

Thank you Thank You!

Well that got me back sending mail...

I have a copy of exim.conf.BROKEN and the one you provided above...

at least the email is running again (maybe tonight I can understand the delta...)

 

[wefrank]

Differences in the two configurations

Compared the two configurations - and perhaps this router block is needed:

send_to_smart_host:
driver = manualroute
route_list = !+local_domains k2smtpout.secureserver.net
transport = remote_smtp

see GD/WWD Online help at:
http://help.securepaynet.net/article.php?article_id=150&prog_id=wefdomain

Asked for help with this thread
http://forums.cpanel.net/showthread.php?t=68659

 

[Gamer4u]

Disable SMTP Teak in Security Centre... worked for me

 

[sadanand30]

I must say Thank You very much to colemanc, who's resolution worked fine. I was struggling from 48 hours and this has resolved all my issues with exim.

Thanks again!