Help Needed. Server has had problems since day 1

42 posts / 0 new
Last post
#1 Wed, 04/08/2009 - 06:59
southerns

Help Needed. Server has had problems since day 1

HI

My webmin/virtualmin installation has had problems since it was installed by my hosts technitians, but as its an unmanaged account they are not to helpful.

I have uptill now managed to sort of get it working, BUT seems now its worse than ever. I am not sure what I have done or what went wrong.

I am looking for someone to take a look and help sort it out. I am willing to pay if need be as I am tired of having to keep on changing the records when a new virtual server is created, it also does not always create the email setup for the accounts.

Now its moaning about not allowing email relay and says the users have no email, but the system says the received email today. (New mail received 08/Apr/2009 11:47)

Please help.

Hey JOe and Andrey I know your out there somewhere.

Regards Shane<br><br>Post edited by: southerns, at: 2009/04/08 07:00

Wed, 04/08/2009 - 11:24
andreychek

Alright, I'll bite :-)

What I need is:

1. How did you install? Did you install with the install.sh script?

2. What distro is this?

3. What version of Virtualmin are you using, and is it GPL or Pro?

4.. A detailed list of what's wrong -- it's not clear what all isn't working from the above.

Post that info here for now, then we'll work from there :-)
-Eric

Wed, 04/08/2009 - 12:00 (Reply to #2)
southerns

Hi

Thanx.

Just registered a new Virtual server and all worked except this one error, not sure if it helps.

Adding to email domains list ..
.. Mail for domain failed! : Failed to regenerate table /etc/postfix/virtual: at ../web-lib-funcs.pl line 1010.

Will make a list of problems and info about server for yo to.

I cant send mail via the main domain either

Wed, 04/08/2009 - 12:22 (Reply to #3)
ronald
ronald's picture

Centos-Debian? What distro?
this is a VPS? How much RAM?
If VPS, are the DAG repos in the sources list? Or others non-standard?
if yes remove them before installing webmin/virtualmin.

Wed, 04/08/2009 - 12:46 (Reply to #4)
southerns

Hi

Here is some more info.

System hostname centos_pristine
Operating system CentOS Linux 5
Webmin version 1.441
Virtualmin version 3.59.gpl (GPL)

System is a VPS with 128MB ram,
am busy getting it upgraded to 256MB.

Have had it now for must be almost a year.

Here is the reply from a newly created test domain:

Setting Up Virtual Server

In domain testing.co.za
Creating administration group testing ..
.. done

Creating administration user testing ..
.. done

Creating aliases for administration user ..
.. done

Adding administration user to groups ..
.. done

Creating home directory ..
.. done

Creating mailbox for administration user ..
.. done

Adding to email domains list ..
.. Mail for domain failed! : Failed to regenerate table /etc/postfix/virtual: at ../web-lib-funcs.pl line 1010.

Adding new DNS zone ..
.. done

Adding new virtual website ..
.. done

Adding Apache user apache to server's group ..
.. done

Setting up scheduled Webalizer reporting ..
.. done

Setting up log file rotation ..
.. done

Creating MySQL login ..
.. done

Creating MySQL database testing ..
.. done

Adding DAV directives to website configuration ..
.. done

Setting up AWstats reporting ..
Failed to copy template configuration :

Adding Mailman alias and redirects to website configuration ..
.. done

Creating Webmin user ..
.. done

Re-starting DNS server ..
.. done

Applying web server configuration ..
.. done

Re-loading Webmin ..
.. done

Saving server details ..
.. done

As you can see the only 2 errors to show up are the mail and AWstats set-ups.

When you create a new virtual domain you need to manually change the following.

This is the domain DNS file:

$ttl 38400
@ IN SOA centos_pristine. root.centos_pristine. (
1239226574
10800
3600
604800
38400 )
@ IN NS centos_pristine. need to add both NS1 and NS2
testing.co.za. IN A 65.23.129.184
www.testing.co.za. IN A 65.23.129.184
ftp.testing.co.za. IN A 65.23.129.184
m.testing.co.za. IN A 65.23.129.184
localhost.testing.co.za. IN A 127.0.0.1
testing.co.za. IN TXT &quot;v=spf1 a mx a:testing.co.za ip4: ip4:65.23.129.184 ?all&quot;

These 2 line need to be changed and the mail manually setup,
normally if I go back to the domain edit server and enable the mail server it will put it in then.

@ IN SOA centos_pristine. root.centos_pristine. (
@ IN NS centos_pristine. add both NS1 and NS2

At the moment the whole mail system seems to be having a problem and this is the main problem at the moment.

Thanx
Regards
Shane

Wed, 04/08/2009 - 12:48 (Reply to #5)
southerns

Regarding:

If VPS, are the DAG repos in the sources list? Or others non-standard?

if yes remove them before installing webmin/virtualmin.

Not sre as server came with webmin/virtualmin installed, but always had hassles as mentioned above.

I have always had to make the changes to the DNS records manually.

Wed, 04/08/2009 - 13:49 (Reply to #6)
andreychek

Ahh, 128MB of RAM, eh?

I highly suspect that's your issue :-)

Systems with low memory can end up with some really odd errors -- strange things just seem to not work all over the place!

At the very least, I'd make sure you have lots of swap setup, but getting it upgraded to 256MB of RAM (if not more) should definitely be your first step.
-Eric

Wed, 04/08/2009 - 21:36 (Reply to #7)
southerns

Well it was working okay

Then I tried to sort out a Hello problem on email and a problem with the email relay to, it always stoppping me from sending via smtp.

So some of the problems on the email server at least I think are me.

I have a very minimal installation with just whats needed running

and as I say it was fine for quite awhile, but always had to update dns records manually, thought that was the normsl way as I moved here from CPANEL so was not familiar with the system.

Wed, 04/08/2009 - 22:07 (Reply to #8)
Joe
Joe's picture

<div class='quote'>and as I say it was fine for quite awhile, but always had to update dns records manually</div>

Didn't I address this issue in another thread?

Refresh my memory what problem we're dealing with?

--

Check out the forum guidelines!

Wed, 04/08/2009 - 22:55 (Reply to #9)
southerns

Hi Yes it was spoken about on another thread, just mentioned it so as to give the whole picture of the problems with the server.
(I have not had a chance to sort it out yet.)

The current problem is that it wont send email via my domain (smtp) and also says users have no email while if you go to the user it says they have received new email on what ever date, but it does not show the email and if you try download mail says no new messages on server.

Wed, 04/08/2009 - 23:15 (Reply to #10)
southerns

Quick question.

The server is running

Dovecot IMAP/POP3 Server
Version 1.0.7

and

Postfix Mail Server
Postfix version 2.3.3

Do I need to run both.

Wed, 04/08/2009 - 23:48 (Reply to #11)
Joe
Joe's picture

<div class='quote'>
Dovecot IMAP/POP3 Server
Version 1.0.7

and

Postfix Mail Server
Postfix version 2.3.3

Do I need to run both.
</div>

If you plan to provide mail service, then yes, of course. Postfix is an SMTP server (for sending and accepting mail to/from other SMTP servers). Dovecot is a POP3/IMAP server, which is how mail clients connect to a mail server. They are wholly separate protocols.

--

Check out the forum guidelines!

Thu, 04/09/2009 - 00:42 (Reply to #12)
southerns

Hi Joe

Thanx for the reply.

So if I cant send email via my domain which one must I look at?

Also does not seem to be placing emails into the users accounts.

Thu, 04/09/2009 - 05:12 (Reply to #13)
ronald
ronald's picture

I had a VPS with 128 ram which always led to problems with mail/postfix.
Only bind and mail was running on that server. since I upgraded to 256 mb ram those problems disappeared.

I'd suggest to upgrade ram and possibly a reinstall through the install script on a clean OS.

My provider also offered OS+webmin template but had DAG repos in it which gave problems.

imo, It is fruitless to troubleshoot your problems on a such low ram system, per haps you have more traffic to your server now then before which causes more memory to be used.

Thu, 04/09/2009 - 07:50 (Reply to #14)
southerns

System says its using less than half of its ram and virtual memory.

I am busy upgrading the serve this month.

Thu, 04/09/2009 - 08:16 (Reply to #15)
Joe
Joe's picture

<div class='quote'>So if I cant send email via my domain which one must I look at?</div>

Postfix. But it's always going to be in the maillog. Always look in the maillog. I don't think I've seen any errors from the maillog posted about this problem?

<div class='quote'>Also does not seem to be placing emails into the users accounts.</div>

This could be Postfix, procmail, or Dovecot (if the mail is really there but dovecot is looking in the wrong place). The clues will be in the maillog, as always with mail problems.

As ronald mentioned, running a full mail stack on a 128M system (I don't recall the amount of memory you have being mentioned, but I guess it is a low memory system?). Anyway, look at the Virtualmin on Low Memory Systems guide:

http://www.virtualmin.com/documentation/id,virtualmin_on_low_memory_syst...

Also make sure you're running the latest version of all of the Webmin/Virtualmin/Usermin packages. There was a dramatic memory reduction and performance boost in the latest releases.

--

Check out the forum guidelines!

Thu, 04/09/2009 - 09:44 (Reply to #16)
Joe
Joe's picture

Also, have you looked at the Troubleshooting Common Problems guide?

http://www.virtualmin.com/component/option,com_openwiki/Itemid,48/id,tro...

--

Check out the forum guidelines!

Thu, 04/09/2009 - 21:23 (Reply to #17)
southerns

HI

you lost me with this.

interactive terminal

what is it and where do I find it, is it part of Virtualmin.

Also is 40mb normal for a mailog file seems rather large to me.

Thu, 04/09/2009 - 21:28 (Reply to #18)
Joe
Joe's picture

An interactive terminal is the local console or an ssh client, like PuTTY on Windows or ssh on Linux or Mac OS X.

It has nothing to do with Virtualmin. The ssh server is a standard part of any server, and you'll want to have an ssh client handy if you are the administrator of a server. There are many wonderful things you can do with Webmin and Virtualmin (including looking at logs, searching logs, etc.), but when things get tough, nothing beats hitting the command line.

A 40MB maillog is fine. Mail is a very busy protocol on a world-facing server...there's a lot going on in a mail system. Ours here at Virtualmin.com is 76MB right now, and it's still got more than two days before it's rotated again.

--

Check out the forum guidelines!

Thu, 04/09/2009 - 22:18 (Reply to #19)
southerns

Hi

Thanx for the quick reply.

I have ssh acces and I think I have already installed PuTTY
on my latop.

I downlosded the mailog file, but most amkes no sense to me yet.

Will take another look once I have tried to get mail from the server again and then see what shows up in the mailog.

Thanx

Thu, 04/09/2009 - 22:57 (Reply to #20)
Joe
Joe's picture

<div class='quote'>I downlosded the mailog file</div>

It would never cross my mind to <i>download</i> the maillog. ;-)

I look at it while it's on the server...which is why you want a terminal, and tools like tail.

Sounds like using the Webmin System-&gt;System Logs is more your speed for the time being, until you get the hang of using a terminal like PuTTY. You can use the System Logs module to see the last X number of lines of any log managed by syslog (you can also add other logs to look at, but mailllog is already in there).

--

Check out the forum guidelines!

Thu, 04/09/2009 - 23:05 (Reply to #21)
southerns

Hi

I just like to have a copy on the PC to look at, not always near an internet link so allows me to go through it in my own time.

Just viewed the log with putty.

I tried to send an email just before checking.

this is the last few lines in the log.

Apr 10 02:59:41 centos_pristine postfix/smtpd[6610]: fatal: parameter &quot;smtpd_recipient_restrictions&quot;: specify at least one wor
king instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit

Apr 10 02:59:42 centos_pristine postfix/master[6368]: warning: process /usr/libexec/postfix/smtpd pid 6610 exit status 1

Apr 10 02:59:42 centos_pristine postfix/master[6368]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling

Apr 10 03:00:48 centos_pristine postfix/smtpd[6627]: fatal: parameter &quot;smtpd_recipient_restrictions&quot;: specify at least one wor
king instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit

Apr 10 03:00:49 centos_pristine postfix/master[6368]: warning: process /usr/libexec/postfix/smtpd pid 6627 exit status 1

Apr 10 03:00:49 centos_pristine postfix/master[6368]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling

Apr 10 03:01:49 centos_pristine postfix/smtpd[6653]: fatal: parameter &quot;smtpd_recipient_restrictions&quot;: specify at least one wor
king instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit

Apr 10 03:01:50 centos_pristine postfix/master[6368]: warning: process /usr/libexec/postfix/smtpd pid 6653 exit status 1

Apr 10 03:01:50 centos_pristine postfix/master[6368]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling

Apr 10 03:02:50 centos_pristine postfix/smtpd[7198]: fatal: parameter &quot;smtpd_recipient_restrictions&quot;: specify at least one wor
king instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit

Its seems to be a reap of the same few things.

Any suggestions

Thu, 04/09/2009 - 23:08 (Reply to #22)
Joe
Joe's picture

<div class='quote'>Apr 10 02:59:41 centos_pristine postfix/smtpd[6610]: fatal: parameter &quot;smtpd_recipient_restrictions&quot;: specify at least one wor
king instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit</div>

There's your problem. Postfix refuses to operate in an obviously insecure configuration. You configuration would be a completely open relay.

smtpd_recipient_restrictions, as the error states, must end in one of those options. Here's what it generally looks like on a freshly installed Virtualmin system:

smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination

--

Check out the forum guidelines!

Thu, 04/09/2009 - 23:20 (Reply to #23)
southerns

Thanx will try fix it.

Fri, 04/10/2009 - 01:23 (Reply to #24)
southerns

Okay sort of got it working,
it now atleast forwards some of the mail and allows some user to download.

I guess its a start.

will keep at it.

Fri, 04/10/2009 - 01:28 (Reply to #25)
southerns

What doesd this mean

<div class='quote'>Apr 10 06:16:40 centos_pristine postfix/master[6368]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling</div>

Fri, 04/10/2009 - 01:34 (Reply to #26)
southerns

I just got this, looks like someone is tring to use my server.

<div class='quote'>Apr 10 06:28:21 centos_pristine postfix/smtpd[20678]: disconnect from mx5.businessfindersupplement.com[67.218.163.17]
Apr 10 06:28:23 centos_pristine dovecot: pop3-login: Aborted login: user=&lt;autumn&gt;, method=PLAIN, rip=71.245.156.5, lip=65.23.1
29.184
Apr 10 06:28:25 centos_pristine dovecot: pop3-login: Aborted login: user=&lt;austin&gt;, method=PLAIN, rip=71.245.156.5, lip=65.23.1
29.184
Apr 10 06:28:27 centos_pristine dovecot: pop3-login: Aborted login: user=&lt;autumn&gt;, method=PLAIN, rip=71.245.156.5, lip=65.23.1
29.184
Apr 10 06:28:29 centos_pristine dovecot: pop3-login: Aborted login: user=&lt;austin&gt;, method=PLAIN, rip=71.245.156.5, lip=65.23.1
29.184
Apr 10 06:28:31 centos_pristine dovecot: pop3-login: Aborted login: user=&lt;autumn&gt;, method=PLAIN, rip=71.245.156.5, lip=65.23.1
29.184
Apr 10 06:28:33 centos_pristine dovecot: pop3-login: Aborted login: user=&lt;austin&gt;, method=PLAIN, rip=71.245.156.5, lip=65.23.1
29.184
Apr 10 06:28:33 centos_pristine dovecot: pop3-login: Aborted login: user=&lt;august&gt;, method=PLAIN, rip=71.245.156.5, lip=65.23.1
29.184
Apr 10 06:28:35 centos_pristine dovecot: pop3-login: Aborted login: user=&lt;autumn&gt;, method=PLAIN, rip=71.245.156.5, lip=65.23.1
29.184
</div>

The user names are not mine and if you notice they seem to be in an order,

any ideas

Fri, 04/10/2009 - 10:39 (Reply to #27)
Joe
Joe's picture

No big deal. Someone is trying to figure out how to use your mail server for spam. They're failing. We get thousands of these every day.

As long as you use strong passwords, you'll be fine.

--

Check out the forum guidelines!

Fri, 04/10/2009 - 03:34 (Reply to #28)
southerns

They are still at it
how do I ban/block their IP address:

71.245.156.5

Fri, 04/10/2009 - 05:31 (Reply to #29)
andreychek

<div class='quote'>postfix/master[6368]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling</div>

That usually means there's some sort of error with the Postfix setup, perhaps a bad config file, and that's Postfix's way of complaining :-)

I'd try restarting Postfix, and looking at the mail log immediately afterwards, you should see the actual error in there somewhere.

Regarding the login attempts above -- I don't know that I'd worry too much. There are bots roaming all around the Internet now, just trying a random usernames and passwords. Looking in my auth log, it looks like my server had 251 attempts to login by guessing passwords over the last 2 days.

Sure, you can block this one IP, but there's bazillion more that will be trying, it's just not possible to keep up with it... the key is proactive security -- making sure you and your users have decent passwords, that your system is up to date, and that web apps are kept up to date as well.

If it really bothers you though, you can add a firewall rule to block that host (in Webmin -&gt; Networking -&gt; Linux Firewall), or perhaps simpler, you could add it to the &quot;TCP Wrappers&quot; Denied Hosts file (in Webmin -&gt; Networking -&gt; TCP Wrappers, or /etc/hosts.deny).
-Eric

Fri, 04/10/2009 - 06:02 (Reply to #30)
southerns

Hi

I just update bind and dovecot on the system.

Now I get this error when trying to start bind.

&gt; named-checkconf /etc/named.conf
/etc/named.conf:97: unknown option 'zone'
/etc/named.conf:145: unexpected token near end of file

Have taken a look at lines 97 and 147 in named.conf and dont see any differnece to others.

Fri, 04/10/2009 - 06:04 (Reply to #31)
southerns

Sorry meant

Have taken a look at lines 97 and 145 in named.conf and dont see any differnece to others.

Fri, 04/10/2009 - 06:10 (Reply to #32)
andreychek

Can you paste in those lines? Also include 2 lines above and below the line where you're getting the error.
-Eric

Sun, 06/07/2009 - 07:51 (Reply to #33)
southerns

Okay this is how I got the info:

went to
BIND DNS Server---&gt;Edit Config File

Line 97

95 localnets;
96 };
97 zone &quot;clothing.za.net&quot; {
98 type master;
99 file &quot;/var/named/clothing.za.net.hosts&quot;;

line 145

139 zone &quot;testing.co.za&quot; {
140 type master;
141 file &quot;/var/named/testing.co.za.hosts&quot;;
142 allow-transfer {
143 127.0.0.1;
144 localnets;
145 };

Line 145 is end of file, have check there are no spaces after it.

Fri, 04/10/2009 - 07:29 (Reply to #34)
southerns

I took the whole zone out from line 97 to the next one,
still gives 97 as an error and 145 becomes 138, guess I deleted 7 lines.

I have put it back as it was now.

Fri, 04/10/2009 - 10:26 (Reply to #35)
southerns

Well I have got bind back up.

I just made a copy of the file contents in notepad++.

Then made a spare copy to work with and everytime it moaned about a line I removed it.

Now to put the domains I removed back and see if it still all works.

Wish me luck.. :)

Fri, 04/10/2009 - 10:50 (Reply to #36)
Joe
Joe's picture

<div class='quote'>Then made a spare copy to work with and everytime it moaned about a line I removed it.</div>

This is an interesting instinct. I'm pretty sure it's a bad instinct. ;-)

So, I'm beginning to think this particular instinct is where a lot of your problems are coming from...you've got a lot of broken configuration files (BIND, Postfix, maybe others?). Where did they come from? Virtualmin doesn't generate broken config files (at least not very often, and when it does we fix the bug that caused it)...so something else is breaking your config files. Randomly removing lines from them without having any idea what they're for or where they came from would be one way to go about breaking those config files.

Virtualmin can regenerate zone files under its control; just disable DNS for that domain, and then re-enable it. This will delete the zone and then recreate it from the appropriate Server Template.

--

Check out the forum guidelines!

Fri, 04/10/2009 - 10:43 (Reply to #37)
southerns

Okay well I have put all the zones I removed back now and it still restarts.

I now have 148 line(had 145 before), but I have added a few blank lines between zones to make it easier to read and system seems happy with it.

Now to go see if the email problem is still there which is what I was trying to fix beforte the bind update cause that to stop working.

Regards
Shane

Sun, 06/07/2009 - 07:51 (Reply to #38)
southerns

Well Bind was working fine till I did the update for bind.

But I usually dont follow this route.

I just had to get it back up as there are 30 domains on here,
some of which are not mine.

So I removed the ones that where mine and from there just checked what the problem given was.

I think there was an extra &quot;}&quot; somewhere.

It all seems to work now and all the domains show up in Virtual min too.

Fri, 04/10/2009 - 12:46 (Reply to #39)
southerns

well so far so good the 3 user I have tested all working fine.

Fixing bind or the updating of dovecot must of done the trick

Thu, 04/09/2009 - 20:32
southerns

I am going through my mailog, but its hugh it over 40MB,

I found this error quite a lot.

warning: do not list domain saweb.biz in BOTH mydestination and virtual_alias_domains.

How do I start a new mailog file and is this safe to do?

I was thinking then if I try accessing the mail server and then checking the mailog file, its not a 40Mb file each time to open.

I sort of remember a log rotate option somewhere.

Thu, 04/09/2009 - 20:42 (Reply to #41)
Joe
Joe's picture

<div class='quote'>warning: do not list domain saweb.biz in BOTH mydestination and virtual_alias_domains.</div>

This means you've named your system the same thing as one of your virtual servers. We don't recommend you do this. But it is harmless, just chattery. ;-)

There are a couple of ways to correct it. The best is probably to rename the system to something else...like main.saweb.biz or ns0.saweb.biz or srv1.saweb.biz, etc. Doesn't matter what it is as long as it doesn't match one of your virtual domains in /etc/postfix/virtual.

<div class='quote'>How do I start a new mailog file and is this safe to do?</div>

You don't want to do that. It'll rotate on its own.

Just get more comfortable with the tools you have available for making use of the logs. &quot;tail&quot; is your friend.

tail -200 /var/log/maillog | less

And:

tail -f /var/log/maillog

Both of these require an interactive terminal, so don't try this in the Command Shell. Hit &quot;q&quot; to quit from less or &quot;Ctrl-C&quot; to quit from the tail -f.

--

Check out the forum guidelines!

Topic locked