The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SpamAssassin to external cPanel SA servers not working.

Discussion in 'E-mail Discussions' started by rezman, Feb 5, 2014.

  1. rezman

    rezman Well-Known Member

    Joined:
    Feb 3, 2011
    Messages:
    45
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    I have several Cpanel servers. Out of those 2 are rather idle and one has an account with a lot of email traffic. I'm trying to set it up so that server can send some of it's SA checking to the two idle Cpanel SA servers. Here is my setup.

    Server 1 = high email load server. (127.0.0.1 or 10.0.0.1 in this posting)
    Server 2 = idle Cpanel w/SA running. (10.0.0.2 in this posting)

    Server 1:
    - I added in the exim conf for SA to use both 127.0.0.1 783 : 10.0.0.2 783
    - I've opened up TCP ports 783 (in/out) in my CSF config and also added all IPs to the CSF Allow list.

    Server 2:
    - I've set 127.0.0.1,10.0.0.1 in Cpanel (Email > Spamd Startup Configuration > Allowed IPs)
    - I've opened up TCP ports 783 (in/out) in my CSF config and also added all IPs to the CSF Allow list.

    Everything going good so far. I check the spamd process on server 2.
    Code:
    # ps aux | grep spamd
    root     11892  0.0  0.1 167588 52880 ?        Ss   11:47   0:01 /usr/local/cpanel/3rdparty/perl/514/bin/spamd -d --timeout-child=10 --timeout-tcp=20 --allowed-ips=127.0.0.1,10.0.0.1 --max-conn-per-child=5 --pidfile=/var/run/spamd.pid --max-children=15
    Connections from server 1 to server 2 fail. I can't even telnet 10.0.0.2 783. I check IP tables on server 2 and it's getting traffic from server 1 on port 783. It's as if SA just isn't accepting the connections.
    Code:
    2014-02-05 11:29:40 1WB5LV-0001gp-Os spam acl condition: warning - spamd connection to 10.0.0.2, port 783 failed: Connection refused
    Is there something I'm missing here? Spamd runs perfect when connecting to localhost. In the past I have had my Cpanel connect to a standalone SA server I had and it worked fine. I would rather use the Cpanel SA servers that auto update.
     
    #1 rezman, Feb 5, 2014
    Last edited: Feb 5, 2014
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,766
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Are you able to telnet to other ports on the 10.0.0.2 address? Have you tried temporarily disabling your firewall on both servers temporarily to rule that out as the cause?

    Thank you.
     
  3. rezman

    rezman Well-Known Member

    Joined:
    Feb 3, 2011
    Messages:
    45
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    Thanks for a quick response.

    No change after turning off all firewalls.

    On Server 2 I'll do a tcpdump. This is the output.

    In this case:
    - cpanel1 = server 1 (sender)
    - cpsetup = server 2 (receiving to do the scanning)

    Code:
    15:10:07.079903 IP cpanel1.domain.com.32969 > cpsetup.domain.com.783: Flags [S], seq 847809201, win 14600, options [mss 1460,sackOK,TS val 2400965261 ecr 0,nop,wscale 7], length 0
    15:10:07.079931 IP cpsetup.domain.com.783 > cpanel1.domain.com.32969: Flags [R.], seq 0, ack 847809202, win 0, length 0
    15:10:07.255029 ARP, Request who-has cpsetup.domain.com tell cpanel1.domain.com, length 46
    15:10:07.255040 ARP, Reply cpsetup.domain.com is-at 00:25:90:e0:16:d0 (oui Unknown), length 28
    I think I might have found the problem but I don't know where to change the settings. It looks like spamd is only listening on 127.0.0.1:783
    Code:
    # netstat -l -vp | grep 783
    tcp        0      0 localhost.localdomain:783   *:*                         LISTEN      12978/spamd.pid --m
    Where might I change this at? I don't see anything in the files located in /etc/mail/spamassassin/
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,766
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    You can modify the allowed IP addresses for spamd via:

    "WHM Home » Email » Spamd Startup Configuration"

    This will populate the /etc/cpspamd.conf file.

    Thank you.
     
  5. rezman

    rezman Well-Known Member

    Joined:
    Feb 3, 2011
    Messages:
    45
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    I've already done that part and it's showing up when I check "ps aux | grep spamd". The problem is that spamd is only listening on localhost (127.0.0.1:783) so it's not accepting connections from my other Cpanel servers. I'm trying to do some spamd load balancing between Cpanel servers.
     
Loading...

Share This Page