Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Email Problem: failed to open /etc/vfilters/domain-name.com

Discussion in 'E-mail Discussion' started by antispam, Jan 9, 2013.

  1. antispam

    antispam Member

    Joined:
    Nov 26, 2012
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I've searched the Forum (Google also) but found no relevant info.

    Suddenly, today, our server (CENTOS 6.3 x86_64 standard – WHM 11.34.1 (build 6))
    stopped receiving e-mail messages.

    On /var/log/exim_mainlog I found thousands of entries like:
    R=central_filter defer (-1): failed to open /etc/vfilters/domain-name-X.com: Permission denied (euid=558 egid=557)
    (for all domain names hosted on the server).

    In /etc/vfilters, files were 640 (on access permission), owned by the appropriate user and the group was "mail". It seems normal.

    However, the /etc/vfilters folder was owned by a reseller (e.g. reseller3), the group was "mail" and permissions were 640 (rw for owner, read for group, no access for others).

    The same happened with valiases, vdomainaliases.
    ls -ld /etc/v*
    drw-r----- 2 reseller3 mail 12K Jan 9 11:41 valiases
    drw-r----- 2 reseller3 mail 12K Jan 9 11:41 vdomainaliases
    drw-r----- 2 reseller3 mail 12K Jan 9 17:59 vfilters

    After changing permissions to 755, the errors have been eliminated and the mail messages are delivered normally.
    ls -ld /etc/v*
    drwxr-xr-x 2 reseller3 mail ****12K Jan ****9 11:41 valiases
    drwxr-xr-x 2 reseller3 mail ****12K Jan ****9 11:41 vdomainaliases
    drwxr-xr-x 2 reseller3 mail ****12K Jan ****9 17:59 vfilters

    I have no clue how the owner was changed and why, or why the permissions missed the execute bit for the directories.

    Any ideas?
     
    #1 antispam, Jan 9, 2013
    Last edited: Jan 9, 2013
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,396
    Likes Received:
    1,857
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello :)

    Is it possible that someone with root access manually modified the permissions and ownership values? You may want to check the /root/.bash_history file to see if you notice any "chown" or "chmod" commands that could have made these changes.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice