Mail Queue Manager Exim problem

[sassou2009]

hey,
i'm having a problem sending messages using webmail and php script (wordpress)

all emails stuck in the mail queue manager:
Mail Queue Manager

Delivery attempt for Message ID 1PzIJm-0003rl-Ak
Message 1PzIJm-0003rl-Ak is not frozen LOG: MAIN cwd=/usr/local/cpanel/whostmgr/docroot 4 args: /usr/sbin/exim -v -M 1PzIJm-0003rl-Ak delivering 1PzIJm-0003rl-Ak LOG: MAIN PANIC == [email protected] R=lookuphost T=remote_smtp defer (-1): failed to expand "interface" option for remote_smtp transport: failed to open /etc/mailips for linear search: Permission denied (euid=47 egid=12)

please Help

 

[cPanelTristan]

The error message indicates the file having the issue:

failed to open /etc/mailips for linear search: Permission denied

Check /etc/mailips permissions:

ls -lah /etc/mailips

It should show the following:

# ls -lah /etc/mailips
-rw-r----- 1 root mail 0 Mar 11 21:40 /etc/mailips

If it does not show root:mail for ownership, then fix that:

chown root:mail /etc/mailips

If it doesn't show 640 for file permissions, fix that:

chmod 640 /etc/mailips

If it does have the right ownership and permissions, then next check the file isn't set to be immutable:

lsattr /etc/mailips

It might look like the following:

# lsattr /etc/mailips
-------A----- /etc/mailips

An uppercase A is fine. If it has a lowercase i or a lowercase a, then it isn't fine, and those need removed:

chattr -ia /etc/mailips

 

[sassou2009]

thank you very much it works now but i'm getting this error on local emails:

== [email protected] R=localuser T=local_delivery defer (-29): User 0 set for local_delivery transport is on the never_users list

 

[cPanelTristan]

That error is only for emails to the root user. Are any emails you send normally actually not working, because that email doesn't impact sending and receiving from normal email users. It's only the root user that is on the never users list and the root user shouldn't be sending and receiving emails normally.

 

[crazyaboutlinux]

i am also having the same issue

 

[cPanelTristan]

There were two issues discussed in this thread. Please provide more details.

 

[acenetryan]

I'm encountering the same issue as described by the OP.

2011-06-23 11:00:43 REDACTED == [email protected] R=lookuphost T=remote_smtp defer (-1): failed to expand "interface" option for remote_smtp transport: failed to open /etc/mailips for linear search: Permission denied (euid=47 egid=12)

I'm noticing this error when attempting to send mail through the PHP mail() function through jailshell. Permissions on /etc/mailips are correct.

I've reproduced this behavior on four separate servers.

 

[acenetryan]

The permissions are not the same when viewed through jailshell:

root@server [~]# su testuser
[email protected] [~]# whoami
testuser
[email protected] [~]# echo $SHELL
/usr/local/cpanel/bin/jailshell
[email protected] [~]# ls -l /etc/mailips
-rw-r----- 1 root root 4516 Jun 23 10:58 /etc/mailips
[email protected] [~]# exit
exit
root@server [~]# whoami
root
root@server [~]# ls -l /etc/mailips
-rw-r----- 1 root mail 4516 Jun 23 00:09 /etc/mailips

 

[acenetryan]

I opened a ticket on this and received the following reply:

Hi,

This is happening because php's mail function runs whatever is defined in the sendmail_path, which is going to be /usr/sbin/sendmail by default. That binary SETUIDs it self to mailnull (exim user) but as you pointed out in the thread /etc/mailips is owned by root:root and is not world readable.

UID 47 is mailnull on most every system unless 47 just happen to be taken when cpanel was installed, so maillnull can't read /etc/mailips.

Right now the work around for you would be to give the user a real shell so you're not stuck with the modified permissions mailnull seems to be using when providing access to the file.

I'm opening a ticket with dev now to see if this was intentional for security or if it was overlooked and and should be fixed.

--
Kenneth Smith
Technical Analyst II
cPanel, Inc.

 

[cPanelTristan]

This isn't technically the same issue as the original poster who was using webmail and WordPress, since those are not jailed shell command line attempts to send mail.

Basically in jailed shell, you have /home/username/virtfs setup as the location for hardlinked files. If you go to /home/testuser/virtfs/etc and list the mailips file, it does have a different date and ownership than the /etc/mailips file. You cannot send emails using PHP mail() function in a jailed shell environment of this nature. You will need to either make this user a non-jailed shell user (regular shell) or send the emails normally using the account (Webmail, email client, PHP mail() function in a script like WordPress) without being in jailed shell command line.

Edit: I didn't realize a reply had already been provided via a ticket as a ticket wasn't mentioned until after I had typed out and posted my reply.

 

[acenetryan]

Thanks, Tristan. Not to hijack the OP's thread, but another option might be to use the PEAR Mail package and authenticate to the SMTP server directly. Though, I haven't tested this.