The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

UPCP reports (& failing .forward file)

Discussion in 'E-mail Discussions' started by friedmayofan, Mar 13, 2014.

  1. friedmayofan

    friedmayofan Member

    Joined:
    Apr 21, 2011
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi there fellow cpanellers,

    So I've got 2 separate VPS's, running nearly ident environs. Auto updating to latest "RELEASE" tier I think. (11.42.0.21)

    On my old server I always get daily an email like this: (where "my" is both domain and primary "super" user (aside from root):

    Code:
    From: Cron Daemon <root@my.domain.com>
    To: root@my.domain.com
    Subject: Cron <root@my> /usr/local/cpanel/scripts/upcp --cron
    
    
    ----------------------------------------------------------------------------------------------------
    => Log opened from cPanel Update (upcp) - Slave (21652) at Sun Feb 23 21:31:01 2014
    [20140223.213101] ********Detected cron=1 (cron mode set from command line)
    [20140223.213101] ********1% complete
    [20140223.213101] ********Running Standardized hooks
    [20140223.213102] ********2% complete
    [20140223.213102] ********mtime on upcp is 1387431410 (Wed Dec 18 21:36:50 2013)
    ----------------------------------------------------------------------------------------------------
    => Log opened from /usr/local/cpanel/scripts/updatenow (21656) at Sun Feb 23 21:31:04 2014
    [20140223.213104] ********Detected version '11.40.1.11' from version file.
    [20140223.213104] ********Using mirror '72.233.42.250' for host 'httpupdate.cpanel.net'.
    [20140223.213104] ********Target version set to '11.40.1.11'
    [20140223.213104] ********Up to date (11.40.1.11)
    => Log closed Sun Feb 23 21:31:04 2014
    [20140223.213104] ********17% complete
    => Log closed Sun Feb 23 21:31:04 2014
    ----------------------------------------------------------------------------------------------------
    => Log opened from /usr/local/cpanel/scripts/maintenance (21659) at Sun Feb 23 21:31:04 2014
    [20140223.213104] ********21% complete 
    
    and it goes on like that for a long time. I use this report to cross reference other emails I get from the system to see if I indeed need to take one action or other. Unfortunately those too don't work on the new VPS… but that's another matter.


    on the new VPS I get nothing, except for logwatch that I manually configured. I've tried messing around and going into cron and putting in emails and so on directly, and this has fixed some stuff, but putting the desired email in the UI in WHM just changes the .forward file if I'm not mistaken, and apparently that file has been ignored since this new VPS was setup. Even deleted and let system recreate, no luck. Also not getting csf emails of course, b/c that just seems to read the .forward file as well. I'll probably just put the correct address in csf manually. But, just in case someone has a new fix for .forward, that would be a bonus to solving the main problem of not getting the above quoted type emails on the new server.

    To be clear, I want to be getting the UPCP reports quoted above on a server that is not sending them.

    I think I tried most of the fixes suggested here: http://forums.cpanel.net/f5/what-does-mean-cpbackup-setting-i-o-priority-reduce-system-load-212772.html

    my settings did seem to be a little different on the contact page. But I couldn't find the UPCP referenced directly, so it still doesn't make sense that page would be responsible. I've tested since.

    Thanks so much,
    f
     
    #1 friedmayofan, Mar 13, 2014
    Last edited: Mar 13, 2014
  2. vanessa

    vanessa Well-Known Member
    PartnerNOC

    Joined:
    Sep 26, 2006
    Messages:
    817
    Likes Received:
    22
    Trophy Points:
    18
    Location:
    Virginia Beach, VA
    cPanel Access Level:
    DataCenter Provider
    Go to WHM -> Basic cPanel & WHM Setup and set your email address as your contact email.
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Yes, setup the contact address as mentioned by Vanessa in the previous post. Also, search /var/log/exim_mainlog for "root" to see if there are any details about the message. EX:

    Code:
    exigrep root /var/log/exim_mainlog
    Thank you.
     
  4. friedmayofan

    friedmayofan Member

    Joined:
    Apr 21, 2011
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi Vanessa, thanks, Yeah, I've updated all the stuff in the UI, sorry my edit to my post might have been buried in there or you had a cached copy.

    So I previously looked at the logs with my VPS support. But now, I think we're closer. I don't remember this stuff showing up before so maybe half the problem was related to the UI fix Tristen originally mentioned in that linked thread.

    Michael, this seems to be a relevant part. Thank you for having me look again! It looks like exim is failing to send the "message failed to send" message before actually sending the UPCP report?
    Code:
    2014-03-14 01:32:49 1WONVD-0007L1-H8 <= root@my.domain.com U=root P=local S=22974 T="Cron <root@2014-03-14 01:24:01 cwd=/root 2 args: /usr/sbin/exim -bpu
    
    2014-03-14 01:30:03 cwd=/root 7 args: /usr/sbin/sendmail -FCronDaemon -i -odi -oem -oi -t
    
    2014-03-14 01:32:49 1WONXt-000849-U3 <= <> R=1WONVD-0007L1-H8 U=mailnull P=local S=23839 T="Mail delivery failed: returning message to sender" for root@my.domain.com
    2014-03-14 01:32:50 1WONXt-000849-U3 remote host address is the local host: my.domain.com
    2014-03-14 01:32:50 1WONXt-000849-U3 == root@my.domain.com R=dkim_lookuphost defer (-1): remote host address is the local host
    2014-03-14 01:32:50 1WONXt-000849-U3 ** root@my.domain.com: retry timeout exceeded
    2014-03-14 01:32:50 1WONXt-000849-U3 root@my.domain.com: error ignored
    2014-03-14 01:32:50 1WONXt-000849-U3 Completed
    
    2014-03-14 01:32:49 1WONVD-0007L1-H8 <= root@my.domain.com U=root P=local S=22974 T="Cron <root@tankard> /usr/local/cpanel/scripts/upcp --cron" for root
    2014-03-14 01:32:49 1WONVD-0007L1-H8 remote host address is the local host: my.domain.com
    2014-03-14 01:32:49 1WONVD-0007L1-H8 == root@my.domain.com R=lookuphost defer (-1): remote host address is the local host
    2014-03-14 01:32:49 1WONVD-0007L1-H8 ** root@my.domain.com: retry timeout exceeded
    2014-03-14 01:32:50 1WONVD-0007L1-H8 Completed 
    Here is a whole block show that it just loops in this manner for mysql report from csf:
    (this starts right after the above
    Code:
    2014-03-14 01:36:14 cwd=/etc/csf 4 args: /usr/sbin/sendmail -f root -t
    
    2014-03-14 01:36:14 cwd=/etc/csf 4 args: /usr/sbin/sendmail -f root -t
    
    2014-03-14 01:36:14 cwd=/etc/csf 4 args: /usr/sbin/sendmail -f root -t
    
    2014-03-14 01:36:14 1WONbC-00086c-1g <= root@my.domain.com U=root P=local S=5414 T="lfd on my.domain.com: Suspicious process running under user ntp" for root
    2014-03-14 01:36:14 1WONbC-00086c-1g remote host address is the local host: my.domain.com
    2014-03-14 01:36:14 1WONbC-00086c-1g == root@my.domain.com R=lookuphost defer (-1): remote host address is the local host
    2014-03-14 01:36:14 1WONbC-00086c-1g ** root@my.domain.com: retry timeout exceeded
    2014-03-14 01:36:14 1WONbC-00086c-1g Completed
    
    2014-03-14 01:36:14 1WONbC-00086m-5a <= <> R=1WONbC-00086c-1g U=mailnull P=local S=6279 T="Mail delivery failed: returning message to sender" for root@my.domain.com
    2014-03-14 01:36:14 1WONbC-00086m-5a remote host address is the local host: my.domain.com
    2014-03-14 01:36:14 1WONbC-00086m-5a == root@my.domain.com R=dkim_lookuphost defer (-1): remote host address is the local host
    2014-03-14 01:36:14 1WONbC-00086m-5a ** root@my.domain.com: retry timeout exceeded
    2014-03-14 01:36:14 1WONbC-00086m-5a root@my.domain.com: error ignored
    2014-03-14 01:36:14 1WONbC-00086m-5a Completed
    
    2014-03-14 01:36:14 cwd=/etc/csf 4 args: /usr/sbin/sendmail -f root -t
    
    2014-03-14 01:36:14 1WONbC-00086i-4L <= root@my.domain.com U=root P=local S=9001 T="lfd on my.domain.com: Suspicious process running under user dovenull" for root
    2014-03-14 01:36:14 1WONbC-00086i-4L remote host address is the local host: my.domain.com
    2014-03-14 01:36:14 1WONbC-00086i-4L == root@my.domain.com R=lookuphost defer (-1): remote host address is the local host
    2014-03-14 01:36:14 1WONbC-00086i-4L ** root@my.domain.com: retry timeout exceeded
    2014-03-14 01:36:14 1WONbC-00086i-4L Completed
    
    2014-03-14 01:36:14 1WONbC-00086x-7u <= <> R=1WONbC-00086i-4L U=mailnull P=local S=9866 T="Mail delivery failed: returning message to sender" for root@my.domain.com
    2014-03-14 01:36:14 1WONbC-00086x-7u remote host address is the local host: my.domain.com
    2014-03-14 01:36:14 1WONbC-00086x-7u == root@my.domain.com R=dkim_lookuphost defer (-1): remote host address is the local host
    2014-03-14 01:36:14 1WONbC-00086x-7u ** root@my.domain.com: retry timeout exceeded
    2014-03-14 01:36:14 1WONbC-00086x-7u root@my.domain.com: error ignored
    2014-03-14 01:36:14 1WONbC-00086x-7u Completed
    
    and it goes on like that for another 60 lines or so 40 minutes past, and it starts again like above with lfd (csf) reporting. I've attached a file with those, but it's basically a lot of the same.

    I'm currently working with this search criteria "exim remote host address is the local host:"
    Could be an MX issue according to some posts… called away for something else atm unfortunately.

    Edit: on the primary domain there was a blank MX entry with priority 10. I deleted it. But still same failure messages as above.
     

    Attached Files:

    #4 friedmayofan, Mar 14, 2014
    Last edited: Mar 14, 2014
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    The error messages you provided typically indicate an issue with the DNS of the domain name, email routing, or the entry in /etc/localdomains or /etc/remotedomains. Feel free to open a support ticket so we can take a closer look. You can post the ticket number here so we can update this thread with the outcome.

    Thank you.
     
  6. friedmayofan

    friedmayofan Member

    Joined:
    Apr 21, 2011
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    That was the fix! Thank you!

    There was an entry in /etc/localdomains for some reason that was bad! remotedomains was empty. I saw that entry in the UI this morning under IP address Assignment, it was bound to the main server dedicated IP address (the unshared one) as linux.hostvps.com, and it should have been my.hostvps.com! Thanks so much for getting me there Michael. I would have probably tried to re-open a ticket with my host asking them if that was a new standard for them… apparently their auto-creation messed things up, or this was a bug in some part of cpanel setup/migration. I have no idea.

    I did a couple other things like restart various services, DNS cleanup. used MXtoolbox and that pointed me to a poor DNS refresh & expire time then reported that it couldn't connect via http. so I pinged the domain from command line and indeed it didn't connect. Which was weird, because I had previously visited the front-end in a browser.

    So it looks like all is well, and getting LFD alerts now too of course since it was the same issue.

    Let me know if you're interested in looking at this further to determine why that happened, I'd be happy to help, open issues, etc.. Of course it's on to 11.42 for release tier now, and I think the actual creation of this VPS was two times under 11.40.

    Thanks again,
    f
     
    #6 friedmayofan, Mar 14, 2014
    Last edited: Mar 14, 2014
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    I am happy to see the issue is now resolved. It's possible the hostname was not setup correctly when the server was setup. Let us know if you encounter any additional issues.

    Thank you.
     
Loading...

Share This Page