Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SOLVED Mail queue is full of mails for non existing accounts

Discussion in 'E-mail Discussion' started by hayridumanli, Nov 30, 2017.

  1. hayridumanli

    hayridumanli Member

    Joined:
    Jan 11, 2014
    Messages:
    23
    Likes Received:
    2
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    There are a lot of spam mails in my VPS's Mail Queue, all the Recipient(s) are non existing accounts, there is no account like this or there is no alias for them.
    It suddenly started a few days ago, I didn't have such a problem before.
    What I did;
    In "Tweak Settings / Mail" settings, I changed "Initial default/catch-all forwarder destination" to
    "System account", "Fail" and "Blackhole" in order, and I restarted Exim after each change. None of the 3 methods worked, there are still a lot of spam mails waiting in the queue, everyday I delete the queue manually 4 - 5 times.
    What may be the problem?
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,340
    Likes Received:
    402
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    That's for new accounts created after you change it I believe.
    You might check the cPanel account's setting under the Default Address section to make sure this is configured for the account itself assuming it's an existing account.

    Preferred setting:
    Discard the email while your server processes it by SMTP time with an error message.
    Failure Message (seen by sender)
    No Such User Here

    (Or whatever you want.)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. hayridumanli

    hayridumanli Member

    Joined:
    Jan 11, 2014
    Messages:
    23
    Likes Received:
    2
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    OK, thank you for your message, here are what I did;
    1) In WHM / Tweak Settings / Mail; I selected "System account" in "Initial default/catch-all forwarder destination", restarted Exim.
    2) I have 48 accounts in VPS, I entered all of them cPanel's one by one, I entered "Default Address" as you said, selected "Forward to your system account “$user”" and click on "Change". I did this for all the accounts. I restarted VPS.
    But there are still messages in the queue for non-existing accounts. Some of them are frozen, some of them are still queued. Unfortunately it seems like "Forward to your system account" setting is not working.
    What can I do more?
     
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,749
    Likes Received:
    1,885
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    Could you let us know the output from WHM when attempting to deliver one of the messages in the queue?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. hayridumanli

    hayridumanli Member

    Joined:
    Jan 11, 2014
    Messages:
    23
    Likes Received:
    2
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    Here it is;
    Code:
    LOG: MAIN
    cwd=/usr/local/cpanel/whostmgr/docroot 4 args: /usr/sbin/exim -v -M 1eLtd3-0002b4-8h
    delivering 1eLtd3-0002b4-8h
    LMTP<< 220 server.example.com Dovecot ready.
    LMTP>> LHLO server.example.com
    LMTP<< 250-server.example.com
    LMTP<< 250-STARTTLS
    LMTP<< 250-8BITMIME
    LMTP<< 250-ENHANCEDSTATUSCODES
    LMTP<< 250 PIPELINING
    LMTP>> MAIL FROM:<>
    LMTP<< 250 2.1.0 OK
    LMTP>> RCPT TO:<cafeturc@server.example.com>
    LMTP<< 250 2.1.5 OK
    LMTP>> DATA
    LMTP<< 354 OK
    LMTP>> writing message and terminating "."
    LMTP<< 451 4.2.0 <cafeturc@server.example.com> Internal error occurred. Refer to server log for more information. [2017-12-04 22:15:51]
    LMTP>> QUIT
    LMTP<< 221 2.0.0 OK
    LOG: MAIN
    == cafeturc@server.example.com <Newham.158@domain.com> R=localuser T=dovecot_delivery defer (-46): LMTP error after end of data: 451 4.2.0 <cafeturc@server.example.com> Internal error occurred. Refer to server log for more information. [2017-12-04 22:15:51]
    
    Another one;
    Code:
    LOG: MAIN
    cwd=/usr/local/cpanel/whostmgr/docroot 4 args: /usr/sbin/exim -v -M 1eLtJo-00028L-5V
    delivering 1eLtJo-00028L-5V
    LMTP<< 220 server.example.com Dovecot ready.
    LMTP>> LHLO server.example.com
    LMTP<< 250-server.example.com
    LMTP<< 250-STARTTLS
    LMTP<< 250-8BITMIME
    LMTP<< 250-ENHANCEDSTATUSCODES
    LMTP<< 250 PIPELINING
    LMTP>> MAIL FROM:<>
    LMTP<< 250 2.1.0 OK
    LMTP>> RCPT TO:<econmtr1@server.example.com>
    LMTP<< 250 2.1.5 OK
    LMTP>> DATA
    LMTP<< 354 OK
    LMTP>> writing message and terminating "."
    LMTP<< 451 4.2.0 <econmtr1@server.example.com> Internal error occurred. Refer to server log for more information. [2017-12-04 22:16:26]
    LMTP>> QUIT
    LMTP<< 221 2.0.0 OK
    LOG: MAIN
    == econmtr1@server.example.com <Mcrobbie.91@domain.com.tr> R=localuser T=dovecot_delivery defer (-46): LMTP error after end of data: 451 4.2.0 <econmtr1@server.example.com> Internal error occurred. Refer to server log for more information. [2017-12-04 22:16:26] 
    
     
    #5 hayridumanli, Dec 4, 2017
    Last edited by a moderator: Dec 5, 2017
  6. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,749
    Likes Received:
    1,885
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    This can suggest a missing email directory or an email directory with invalid ownership/permissions. First, check that the following directories exist:

    /home/username/mail/cur/
    /home/username/mail/new


    If so, try running the following command for the cPanel user that's facing the issue to see if you notice any specific errors:

    Code:
    /scripts/mailperm $username --verbose
    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. hayridumanli

    hayridumanli Member

    Joined:
    Jan 11, 2014
    Messages:
    23
    Likes Received:
    2
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    Yes, "cur" and "new" directories exit in all users (total 48 user).
    But when I try to run your following command, for example
    /scripts/mailperm removed --verbose
    for the first user, the result is;

    [removed due to inclusion of real domain names]

    Failed to chown “/home/removed/mail/cur” to group “removed”: Operation not permitted at /usr/local/cpanel/Cpanel/Email/Perms/User.pm line 312.
    [removed due to inclusion of real domain names]

    So, please tell me the next step.
     
    #7 hayridumanli, Dec 5, 2017
    Last edited by a moderator: Dec 5, 2017
  8. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,749
    Likes Received:
    1,885
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    You can check the ownership/permissions/attributes of each of those directories with commands such as:

    Code:
    stat /home/user/mail/cur
    lsattr  /home/user/mail/new
    Check the parent directory as well (e.g. /home/user/mail). Permissions on the directories should be 0751, with both user and group ownership set to the account username. The file attribute output should look like this:

    Code:
    ---------------- /home/user/mail
    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. hayridumanli

    hayridumanli Member

    Joined:
    Jan 11, 2014
    Messages:
    23
    Likes Received:
    2
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    Here are the results;

    [root@server /]# stat /home/removed/mail/cur
    File: ‘/home/removed/mail/cur’
    Size: 4096 Blocks: 8 IO Block: 4096 directory
    Device: 802h/2050d Inode: 6292309 Links: 2
    Access: (0755/drwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root)
    Access: 2017-11-28 03:19:38.623009222 +0300
    Modify: 2017-11-28 03:19:38.623009222 +0300
    Change: 2017-11-28 03:19:38.623009222 +0300
    Birth: -
    [root@server /]# stat /home/removed/mail/new
    File: ‘/home/removed/mail/new’
    Size: 4096 Blocks: 8 IO Block: 4096 directory
    Device: 802h/2050d Inode: 6292307 Links: 2
    Access: (0755/drwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root)
    Access: 2017-11-28 03:19:39.183010775 +0300
    Modify: 2017-11-28 03:19:39.183010775 +0300
    Change: 2017-11-28 03:19:39.183010775 +0300
    Birth: -
    [root@server /]# stat /home/removed/mail
    File: ‘/home/removed/mail’
    Size: 4096 Blocks: 8 IO Block: 4096 directory
    Device: 802h/2050d Inode: 6293594 Links: 14
    Access: (0751/drwxr-x--x)
    Access: 2017-08-05 14:36:07.496608037 +0300
    Modify: 2017-12-05 22:23:45.439788551 +0300
    Change: 2017-12-05 22:23:45.439788551 +0300
    Birth: -

    Yes, parent directory has 0751, but cur and new directories have 0755 permissions. If "Repair Mailbox Permissions" in WHM and "/scripts/mailperm $username --verbose" both don't work, how can I fix these permissions?
     
  10. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,749
    Likes Received:
    1,885
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    The "cur" and "new" directories are owned by root. You need to update ownership to match the account username and then run the mailbox permission repair script again. EX:

    Code:
    chown user.user /home/user/mail/cur
    chown user.user /home/user/mail/new
    Note that you should refrain from using real domain names and usernames in your responses as this is a publicly visible forum.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    hayridumanli likes this.
  11. hayridumanli

    hayridumanli Member

    Joined:
    Jan 11, 2014
    Messages:
    23
    Likes Received:
    2
    Trophy Points:
    3
    cPanel Access Level:
    Root Administrator
    Yes, here is the solution, thank you so much Michael. What I did;
    I made "chown user.user /home/user/mail/cur" and "chown user.user /home/user/mail/new" to all users, then "/scripts/mailperm $username --verbose" to all users again. So, all the cur and new directories had 0751 permissions, and mail queue is back to normal, no more queing non existing accounts.
    Problem is solved, thank you so much again.
     
    cPanelMichael likes this.
  12. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,749
    Likes Received:
    1,885
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    I'm glad to see that helped! Thank you for updating us with the outcome. Note that ownership is typically set to root when a directory is created/restored directory via SSH while logged in as the "root" user. To prevent this from happening in the future, remember to access SSH as the account username when performing such actions.

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice