[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] Re: Re: Re: [RaQ2] SMTP server failure after RaQ2-All-Security Release update
- Subject: [cobalt-users] Re: Re: Re: [RaQ2] SMTP server failure after RaQ2-All-Security Release update
- From: Mike Scioli <mscioli@xxxxxxxxxxxxx>
- Date: Thu May 16 12:50:07 2002
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
> 11. Re: Re: Re: [RaQ2] SMTP server failure after RaQ2-All-Security
Release update (Gerald Waugh)
>Message: 11
>From: Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
>Organization: Front Street Networks LLC
>To: cobalt-users@xxxxxxxxxxxxxxx
>Subject: Re: [cobalt-users] Re: Re: [RaQ2] SMTP server failure after
RaQ2-All-Security Release update
>Date: Thu, 16 May 2002 16:01:22 -0400
>Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
>On Thursday 16 May 2002 11:59 am, Mike Scioli wrote:
>> 1) ;-( Consider me duly chastised. Yes, I am really using telnet. When I
>> have this problem out of the way, I will go the openSSH route.
>>
>> 2) Web server and DNS appear to working normally. I usually delay a bit
>> before installing updates to see which of the gurus on the list report
>> problems ["I'm an ecologist, Jim. I'm not a network administrator!"].
>> This is the first of the updates that has caused me such grief.
>>
>> 3) I'm working on compiling chkrootkit-0.35 right now. Assuming, for the
>> moment, that the server is not rooted, what else to look for/at to get the
>> SMTP service up and running? For the brief periods that the SMTP server
>> runs after a restart, a few messages are trickling through.
>
>Look at the log files and see if you see any errors
>/var/log/messages /var/log/mailog
>
>--
>Gerald Waugh
>http://www.frontstreetnetworks.com :: Phone. [011] 203.785.0699
>Front Street Networks LLC | SOHO Networks & Web Site Hosting
>229 Front Street, Ste. #C, New Haven, CT, 06513-3203 United States
/var/log/messages is loaded with statements such as
May 16 01:07:18 paine kernel: IPX Portions Copyright (c) 1995 Caldera, Inc.
May 16 01:07:18 paine kernel: Appletalk 0.17 for Linux NET3.035
May 16 01:09:26 paine named[362]: Err/TO getting serial# for "www.felab.org"
May 16 01:09:26 paine named[362]: Err/TO getting serial# for
"www.bettermovement
.com"
.
.
.
May 16 01:09:26 paine named-xfer[20946]: wrong answer in resp from
[208.234.1.56
], zone www.felab.org: [felab.org IN SOA]
May 16 01:09:26 paine named-xfer[20947]: wrong answer in resp from
[208.234.1.56
], zone www.bettermovement.com: [bettermovement.com IN SOA]
.
.
.
May 16 01:18:52 paine named[362]: Err/TO getting serial# for
"1.234.208.in-addr.
arpa"
May 16 01:19:26 paine named[362]: Err/TO getting serial# for
"www.bettermovement
.com"
.
.
.
May 16 01:27:54 paine named[362]: "careersite.com IN NS" points to a CNAME
(ns.n
yc.careersite.com)
May 16 01:28:05 paine named[362]: Lame server on 'vill.edu' (in
'vill.EDU'?): [1
51.201.0.68].53 'QSTPI.BA-DSG.NET'
May 16 01:28:06 paine named[362]: Lame server on 'skinner.villanova.edu'
(in 'VI
LLANOVA.EDU'?): [209.213.223.126].53 'NS1.YIPES.COM'
.
.
.
May 16 01:39:25 paine named[362]: USAGE 1021527565 1021484365
CPU=198.79u/76.38s
CHILDCPU=26.07u/23.43s
May 16 01:39:25 paine named[362]: NSTATS 1021527565 1021484365 A=29667 NS=4
CNAM
E=170 SOA=2885 PTR=3439 MX=26190 AAAA=231 38=14 ANY=23212
May 16 01:39:25 paine named[362]: XSTATS 1021527565 1021484365 RR=25570
RNXD=144
0 RFwdR=15940 RDupR=25 RFail=48 RFErr=0 RErr=3 RAXFR=0 RLame=246 ROpts=0
SSysQ=7
936 SAns=85113 SFwdQ=14678 SDupQ=3718 SErr=0 RQ=86412 RIQ=0 RFwdQ=14678
RDupQ=0
RTCP=1063 SFwdR=15940 SFail=0 SFErr=0 SNaAns=61240 SNXD=5953 RUQ=0 RURQ=0
RUXFR=
0 RUUpd=0
The folks at soa.granitecanyon.com have been providing secondary DNS for us
for several years. But they seem to be having their share of problems in
the past month or so. I am not certain if the entries in the messages file
are related to this?
/var/log/maillog is loaded with this (none of these IP addresses or e-mail
adresses are known to me)
May 16 08:17:28 paine sendmail[31427]: IAA31419: to=angus@xxxxxxxxxxxx,
ctladdr=
nobody (99/99), delay=00:00:38, xdelay=00:00:04, mailer=esmtp,
relay=overland.ne
t.overl...t.mail2.psmtp.com. [64.75.1.251], stat=Deferred: 451 Error while
writi
ng spool file
May 16 08:17:29 paine sendmail[31427]: IAA31419: to=angus@xxxxxxx,
ctladdr=nobod
y (99/99), delay=00:00:39, xdelay=00:00:01, mailer=esmtp,
relay=mail.tr.osg.net.
[204.244.179.200], stat=Sent (OK id=178KEm-0000zq-00)
May 16 08:17:32 paine sendmail[31427]: IAA31419: to=angus@xxxxxxxxxxxxx,
ctladdr
=nobody (99/99), delay=00:00:42, xdelay=00:00:03, mailer=esmtp,
relay=mx2.optonl
ine.net. [167.206.5.3], stat=Sent (2.0.0 g4GCH2l24398 Message accepted for
deliv
ery)
May 16 08:17:32 paine sendmail[31427]: IAA31419: IAA31427: DSN: User unknown
May 16 08:17:32 paine sendmail[31427]: IAA31427: to=/dev/null,
delay=00:00:00, x
delay=00:00:00, mailer=*file*, stat=Sent
The maillog and messages log files are somewhat over 6 MB. Question: How
can I download the tar.gz'd versions that preceded the current ones?
--
Mike Scioli <mscioliRUBBISH@xxxxxxxxxxxxxxxxxxxx>
Humble Ecologist, Mad Biometrician, Privacy Advocate
Remove the GARBAGE and RUBBISH to reply by e-mail.