Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Email Problem: failed to open /etc/vfilters/

Discussion in 'E-mail Discussion' started by antispam, Jan 9, 2013.

  1. antispam

    antispam Member

    Nov 26, 2012
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    I've searched the Forum (Google also) but found no relevant info.

    Suddenly, today, our server (CENTOS 6.3 x86_64 standard – WHM 11.34.1 (build 6))
    stopped receiving e-mail messages.

    On /var/log/exim_mainlog I found thousands of entries like:
    R=central_filter defer (-1): failed to open /etc/vfilters/ Permission denied (euid=558 egid=557)
    (for all domain names hosted on the server).

    In /etc/vfilters, files were 640 (on access permission), owned by the appropriate user and the group was "mail". It seems normal.

    However, the /etc/vfilters folder was owned by a reseller (e.g. reseller3), the group was "mail" and permissions were 640 (rw for owner, read for group, no access for others).

    The same happened with valiases, vdomainaliases.
    ls -ld /etc/v*
    drw-r----- 2 reseller3 mail 12K Jan 9 11:41 valiases
    drw-r----- 2 reseller3 mail 12K Jan 9 11:41 vdomainaliases
    drw-r----- 2 reseller3 mail 12K Jan 9 17:59 vfilters

    After changing permissions to 755, the errors have been eliminated and the mail messages are delivered normally.
    ls -ld /etc/v*
    drwxr-xr-x 2 reseller3 mail ****12K Jan ****9 11:41 valiases
    drwxr-xr-x 2 reseller3 mail ****12K Jan ****9 11:41 vdomainaliases
    drwxr-xr-x 2 reseller3 mail ****12K Jan ****9 17:59 vfilters

    I have no clue how the owner was changed and why, or why the permissions missed the execute bit for the directories.

    Any ideas?
    #1 antispam, Jan 9, 2013
    Last edited: Jan 9, 2013
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Apr 11, 2011
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    Hello :)

    Is it possible that someone with root access manually modified the permissions and ownership values? You may want to check the /root/.bash_history file to see if you notice any "chown" or "chmod" commands that could have made these changes.

    Thank you.
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice