I see following errors in my server ie. httpd error logs:
Code: [Mon Mar 30 07:23:55 2009] [error] mod_ssl: SSL handshake failed (server localhost:443, client 79.132.204.192) (OpenSSL library error follows) [Mon Mar 30 07:23:55 2009] [error] OpenSSL: error:1408F455:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac [Mon Mar 30 07:23:55 2009] [error] mod_ssl: SSL handshake failed (server localhost:443, client 60.63.241.18) (OpenSSL library error follows) [Mon Mar 30 07:23:55 2009] [error] OpenSSL: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol [Hint: speaking not SSL to HTTPS port!?] [Mon Mar 30 07:23:56 2009] [error] [client 114.224.169.0] File does not exist: /var/www/html/XRkVCfvCJ/GzTk/ChDbhf/-YSDDv/1Sch/2hfMMf/-M0DO/ACDEzXMEM/CYSkGFj/SGXtEUX0W/0KMV/RKJ2fTUDC/bFT/SX00/VtJVht/D1XvJBgHP/5lll.gif [Mon Mar 30 08:46:42 2009] [error] server reached MaxClients setting, consider raising the MaxClients setting In last you can see that MySQL reached maximum allowed client ..and it crashed
Also, at regular intervals I see such requests: /var/www/html/XRkVCfvCJ/GzTk/ChDbhf/-YSDDv/1Sch/2hfMMf/-M0DO/ACDEzXMEM/CYSkGFj/SGXtEUX0W/0KMV/RKJ2fTUDC/bF/SX00/VtJVht/D1XvJBgHP/5lll.gif
Also I see SSL handshake failure notices while I do not have any SSL cert or SSL running site on this server.
By default,when domain is created by default it redirect all unrouted mail to default mail.And since i didnt notice that on time,now there is 100k mails.How do i delete that instantly?
I notice that in my WHM Mail Queue Manager I get a few emails pointing to something that looks like this:
Quote:
Everyone looks like this, 1FnPkc-0000rR-VQ 516 22h Delete Deliver Now root@host.mydomain.com
and also some emails going to root about backup etc.
I don't have any email addresses set in the "Change System Mail Preferences" options, I left it blank. Should I set a valid email address or is there any way to stop these emails being sent in the first place?
Recently, I keep getting an email from my dedicated server company (godaddy, plesk 8.2 windows) that I've reached my daily limit of 1000 emails when I only send like 20-40 a day max.
So I want to take a look at whats going on, what emails have been sent/received and are still in queue?
Can can I access my mail queue using Plesk? And then how can I delete them?
my friend has an vps and he has some trouble sending mail to 1 particular host such as hotmail, all the remaining hosts the mails are sent, but only to tht particular mail host the mails are not sent regularly, some times they recv it some times they don't
checked webmail, couldn't see any failed/bounced mail mail msg, so not sure why this is happening, so I want to check the mail-queue for him to check the status of tht particular host, if I could try to sort them out directly with the mail server for him.
I had this spam problem on my server. Some perl scripts uploaded to /tmp folder were generating lots of spam email. We stopped sendmail, cleaned the server from all the bugs and erased all the messages in /var/spool/mqueue. Yet when I start sendmail again I begin receiving lots of autoresponders and returned emails. Where are those incoming mails located? In which queue?
My VPS load high because of much mails in mail queue. And when I mails it gone to normal. Is there any script which delete mails in queue in every hour or any other solution for this?
i am having a one issue, that in my server 2003 i was installed the cdonts dll. whole configuration is fine and port number 17 is also responding to the esmtp service. But when i am testing a email from the asp or any script it always send the email to queue then bad mail folder.
I contacted the guys who I pay to watch over my linux Cpanel server and I do not think they know how to fix the problem. When I look in my mail queue manager in WHM I always see these spam type emails. I also see that my site IP gets blacklisted on:
[url]
I delist and then it appears again a couple of days later. My server is only used to send emails such as registrations and user notifications that they have subscribed to. Could anyone please tell me how to get rid of the spam?
154P Received: from mailnull by server.mydomain.com with local (Exim 4.68) id 1J4neJ-0001DS-Ns for root@server.mydomain.com; Tue, 18 Dec 2007 19:23:03 -0600 038 X-Failed-Recipients: admin@domain.com 029 Auto-Submitted: auto-replied 063F From: Mail Delivery System <Mailer-Daemon@server.mydomain.com> 029T To: root@server.mydomain.com 059 Subject: Mail delivery failed: returning message to sender 052I Message-Id: <E1J4neJ-0001DS-Ns@server.mydomain.com> 038 Date: Tue, 18 Dec 2007 19:23:03 -0600
1J4neJ-0001DS-Ns-D This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
admin@domain.com SMTP error from remote mail server after RCPT TO:<admin@domain.com>: host sentry.domainbank.com [64.85.73.28]: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
------ This is a copy of the message, including all the headers. ------
Return-path: <root@server.mydomain.com> Received: from root by server.mydomain.com with local (Exim 4.68) (envelope-from <root@server.mydomain.com>) id 1J4neI-0001D9-4I for admin@domain.com; Tue, 18 Dec 2007 19:23:02 -0600 To: admin@domain.com Subject: Services(2) failed From: monitor@domain.com Message-Id: <E1J4neI-0001D9-4I@server.mydomain.com> Date: Tue, 18 Dec 2007 19:23:02 -0600
Address:mydomain.com
Following services are down:
SSH(22) MySQL(3306)
Do not reply to this! For further details please contact your provider!
194P Received: from root by server.mydomain.com with local (Exim 4.68) (envelope-from <root@server.mydomain.com>) id 1J4nhC-0001Kn-2T for root@server.mydomain.com; Tue, 18 Dec 2007 19:26:02 -0600 025* From: root (Cron Daemon) 045F From: root@server.mydomain.com (Cron Daemon) 009* To: root 029T To: root@server.mydomain.com 077 Subject: Cron <root@server> lynx --dump [url] 028 X-Cron-Env: <SHELL=/bin/sh> 025 X-Cron-Env: <HOME=/root> 033 X-Cron-Env: <PATH=/usr/bin:/bin> 027 X-Cron-Env: <LOGNAME=root> 024 X-Cron-Env: <USER=root> 052I Message-Id: <E1J4nhC-0001Kn-2T@server.mydomain.com> 038 Date: Tue, 18 Dec 2007 19:26:02 -0600
1J4nhC-0001Kn-2T-D Not Found
The requested URL /agent/cron.php was not found on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. _________________________________________________________________
Apache/2.2.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_jk/1.2.25 PHP/5.2.5 Server at mydomain.com Port 80
Anyway after complaints of "mail not being sent" I looked at a few things, found over 25,000 messages stuck in the queue. The messages no being sent thing is yahoo blocking me because of too many mails sent to their servers without a valid recipient.
When I empty the queue it gathers about 200 mails an hour. Looks like it is coming from all over the world and they are using a valid ip from one of the domains hosted for sending.
Bear with me I was reselling for years and this is my first real dedicated server.
I have hundreds and hundreds of messages in mail queue waiting delivering. Log file says:
connect to remote.host[000.000.000.000]: server refused to talk to me: 421 4.7.0 remote.host Error: too many connections from my-servers-ip
delivery temporarily suspended: connect to remote.host[000.000.000.000]: Connection timed out
(I replaced real IP addresses with 000, my-servers-ip and hostname with "remote host")
It happends only with one host (the most popular free email provider in my country). All emails to yahoo, gmail etc are being delivered without any problems.
What does it mean - too many connections from my server? I have a busy dating website and php script sends out a lot of email notifications (for example - when users get new instant messages). Anyway, I never heard that email providers limit the number of emails from the same server. During the night time all messages from mail queue are being delivered, but at day time this number sometimes grows to 1000.
I have an SMS script, and my vps from surfspeedy.com puts all mail in queue. I try to deliver from there but it isnt working, I want all mail SENT automaticly when form is filled out, dont know why it isnt!