Snowman30

Well-Known Member
PartnerNOC
Apr 7, 2002
679
0
316
cPanel Access Level
DataCenter Provider
I have 2 remote port monitors pinging a couple of our servers on ports 25 and 26 to keep an eye on smtp, among other services and have noticed a lot of access denied failures, despite having the IP allowed in our firewalls

A few clients have also commented on problems connecting to smtp, as though it actively deny's connections to it.

exim appears to be working ok and mail is processing fine, it just appears smtp connections are all thats affected.

anyone know what could be causing this?
 

InfoJunky

Member
May 15, 2004
8
0
151
Partial Failure?

This has been harassing me as well for the past month or two. There have been no errors or any telltale signs in the logs. Once I was even tailing the exim mainlog and it just went quiet.

SMTP fails quietly, and I eventually notice due to lack of mail coming in, error when trying to send a message, or I proactively check for it.

Incoming mail seems to just queue, and get delivered if I catch it soon enough.

Unfortunately, this failure is not enough to trigger an automagic reset, nor to trigger an alert.

Any ideas?
 

InfoJunky

Member
May 15, 2004
8
0
151
I think i have it figured out. Naturally, its nothing to do with cPanel itself ;)

Check if you are running some sort of process load checking script, such as PRM (Process Resource Manager) from R-FX Networks. I had it running, and during heavy spam attacks exim would get a few critical processes killed, thereby hobbling the mailserver. All this, despite RBL shielding.

Anyhow, tweak the Exim rule for PRM for a higher number of processes, and see if that helps.