Webmail ‘failure’
A bit of a haste, yesterday.
I guess that after installation of the webmail agent, the previous version was still in the server’s cache, and when it had to map the newly installed new version, it found a mismatch and failed.
Second, I made the mistake to $ INSTALL ADD the latest version by hand and forgot it requires privileges.I found that the logicals involved referred to the pre-10 version of the WASD webserver, and the definitions of these are in the installation script of the mail agent.
This mistake came into mind today, so this night I removed the wrongly installed version, changed the install procedure to define the logicals correctly, and launced it.
Apart from some settings that are now missing, the program runs fine., Except I think I found an anomaly, still to be investigated.
09-Apr-2014
Webserver updates
The WASD mailing list sent out a notice of a vulnerability of OpenSSL, nicknamed “heartbleed” and since this server is built using OpenSSL (be it the WADS version) it coul be effected as well. Mark Daniel has taken a look into his sources and plugged the hole – and the new kit has been made available, send out word and recommended a rebuild of WASD.
And since the latest version (10.3) was already planned, I did both in one go. So now the server runs WASD 10.3, linked with (WASD) OpenSSL 1.0.1G. In the process, I also updated the webmail program (now 1.7.0), and some other products are waiting. But Soymail returns an error:
Internal consistency failure ... language file. and WATCH doesn’t show anything weird..
It’s not something to be worried about too much. Just a nuisance.
07-Apr-2014
Rejected
Got some messages today – delivered and in the spam filter – of messages that appeared to be sent from my domain, but all of these addresses (either From: or ReturnPath: lines) are faked.
Why am I certain: Because NONE of the messages have MY (fixed) IP address, not the only node in the local network, that ANY message will carry, as described in one of my fixed pages.
You find any in the messages below?
Received: from mtalibero01.libero.it (EHLO mtalibero01.libero.it) ([192.168.36.163])
by mailrelay16.libero.it
with ESMTP id ZVM23256;
Mon, 07 Apr 2014 10:52:35 +0200 (CEST)
Authentication-Results: mtalibero01.libero.it; dkim=neutral (message not signed) header.i=none
Received-SPF: None identity=mailfrom; client-ip=178.159.112.38;
receiver=mtalibero01.libero.it;
envelope-from="willem@grootersnet.nl";
x-sender="willem@grootersnet.nl";
x-conformance=spf_only
X-LREMOTE-IP: 178.159.112.38
Received: from host-178-159-112-38.mirgiga.net ([178.159.112.38])
by mtalibero01.libero.it with ESMTP; 07 Apr 2014 08:47:45 +0000
Message-ID:
From: "yehudi audie"
To:
Subject: Ricerchiamo collaboratori in gruppo operante a livello globale.
Date: 7 Apr 2014 15:09:32 +0300
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Windows Live Mail 15.4.3508.1109
X-MimeOLE: Produced By Microsoft MimeOLE V15.4.3508.1109
X-Junkmail: UCE(300)
X-Junkmail-Status: score=300/55, host=mailrelay16.libero.it
X-Junkmail-Signature-Raw: score=confirmed,
refid=str=0001.0A0B0206.5342225D.00BA,ss=4,sh,re=0.000,fgs=0,
ip=178.159.112.38,
so=2011-06-21 16:49:39,
dmn=2011-06-08 23:29:05,
mode=multiengine
X-Junkmail-IWF: false
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0),
refid=str=0001.0A0B0206.5342225D.00BA,ss=4,sh,re=0.000,fgs=0,
ip=178.159.112.38,
so=2011-06-21 16:49:39,
dmn=2011-06-08 23:29:05
X-Mirapoint-Loop-Id: 5edf6d805341aefc0d908c8ef5ea5837
X-libjamoibt: 2587
X-cp3a: Confirmed Spam
====
Received: from mail.cantale.com (14.160.58.146) by mail.cantale.com
(192.168.1.11) with Microsoft SMTP Server id 14.1.438.0; Mon, 7 Apr 2014
11:05:33 +0200
Message-ID: <77FCE2D1AA69CF99120C3F44872177FC@HGR8P7V>
From: pascal ziyou
To:
Date: Mon, 7 Apr 2014 21:34:31 +0600
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Windows Live Mail 16.4.3505.912
X-MimeOLE: Produced By Microsoft MimeOLE V16.4.3505.912
X-WatchGuard-Spam-ID: str=0001.0A010201.53426A47.014A,ss=3,sh,re=0.000,fgs=0
X-WatchGuard-Spam-Score: 3, bulk; 0, no virus
X-WatchGuard-Mail-Client-IP: 14.160.58.146
X-WatchGuard-Mail-From: willem@grootersnet.nl
X-WatchGuard-Mail-Recipients: tta@cantale.com
Subject: ***BULK*** Re: Selezioniamo collaboratori in vostra citta.
Return-Path: willem@grootersnet.nl
====
Received: from HQEDG02.noi.nssi.bg ([192.168.50.32]) by mc.nssi.bg with Microsoft SMTPSVC(6.0.3790.3959);
Mon, 7 Apr 2014 14:16:38 +0300
X-CrossPremisesHeadersFilteredBySendConnector: HQEDG02.noi.nssi.bg
Received: from HQMBX02.noi.nssi.bg (172.20.19.22) by HQEDG02.noi.nssi.bg
(192.168.70.32) with Microsoft SMTP Server (TLS) id 15.0.847.32; Mon, 7 Apr
2014 14:16:36 +0300
Received: from hd2ho4.ho.nssi.bg (172.30.20.2) by HQMBX02.noi.nssi.bg
(172.20.19.22) with Microsoft SMTP Server id 15.0.847.32; Mon, 7 Apr 2014
14:16:04 +0300
Received: from mc.nssi.bg ([192.168.48.9]) by hd2ho4.ho.nssi.bg with Microsoft
SMTPSVC(6.0.3790.3959); Mon, 7 Apr 2014 14:02:53 +0300
Received: from HQEDG01.noi.nssi.bg ([192.168.50.31] RDNS failed) by mc.nssi.bg
with Microsoft SMTPSVC(6.0.3790.3959); Mon, 7 Apr 2014 13:52:13 +0300
X-CrossPremisesHeadersFilteredBySendConnector: HQEDG01.noi.nssi.bg
Received: from HQMBX01.noi.nssi.bg (172.20.19.21) by HQEDG01.noi.nssi.bg
(192.168.70.31) with Microsoft SMTP Server (TLS) id 15.0.847.32; Mon, 7 Apr
2014 13:51:38 +0300
Received: from hd2ho4.ho.nssi.bg (172.30.20.2) by HQMBX01.noi.nssi.bg
(172.20.19.21) with Microsoft SMTP Server id 15.0.847.32; Mon, 7 Apr 2014
13:51:05 +0300
Received: from mc.nssi.bg ([192.168.48.9]) by hd2ho4.ho.nssi.bg with Microsoft
SMTPSVC(6.0.3790.3959); Mon, 7 Apr 2014 13:40:47 +0300
Received: from HQEDG01.noi.nssi.bg ([192.168.50.31] RDNS failed) by mc.nssi.bg
with Microsoft SMTPSVC(6.0.3790.3959); Mon, 7 Apr 2014 13:30:40 +0300
X-CrossPremisesHeadersFilteredBySendConnector: HQEDG01.noi.nssi.bg
Received: from HQMBX01.noi.nssi.bg (172.20.19.21) by HQEDG01.noi.nssi.bg
(192.168.70.31) with Microsoft SMTP Server (TLS) id 15.0.847.32; Mon, 7 Apr
2014 13:29:52 +0300
Received: from hd2ho4.ho.nssi.bg (172.30.20.2) by HQMBX01.noi.nssi.bg
(172.20.19.21) with Microsoft SMTP Server id 15.0.847.32; Mon, 7 Apr 2014
13:29:51 +0300
Received: from mc.nssi.bg ([192.168.48.9]) by hd2ho4.ho.nssi.bg with Microsoft
SMTPSVC(6.0.3790.3959); Mon, 7 Apr 2014 13:24:39 +0300
Received: from HQEDG01.noi.nssi.bg ([192.168.50.31] RDNS failed) by mc.nssi.bg
with Microsoft SMTPSVC(6.0.3790.3959); Mon, 7 Apr 2014 13:14:10 +0300
X-CrossPremisesHeadersFilteredBySendConnector: HQEDG01.noi.nssi.bg
Received: from HQMBX02.noi.nssi.bg (172.20.19.22) by HQEDG01.noi.nssi.bg
(192.168.70.31) with Microsoft SMTP Server (TLS) id 15.0.847.32; Mon, 7 Apr
2014 13:14:02 +0300
Received: from hd2ho4.ho.nssi.bg (172.30.20.2) by HQMBX02.noi.nssi.bg
(172.20.19.22) with Microsoft SMTP Server id 15.0.847.32; Mon, 7 Apr 2014
13:14:00 +0300
Received: from mc.nssi.bg ([192.168.48.9]) by hd2ho4.ho.nssi.bg with Microsoft
SMTPSVC(6.0.3790.3959); Mon, 7 Apr 2014 12:59:33 +0300
Received: from HQEDG02.noi.nssi.bg ([192.168.50.32]) by mc.nssi.bg with
Microsoft SMTPSVC(6.0.3790.3959); Mon, 7 Apr 2014 12:48:48 +0300
X-CrossPremisesHeadersFilteredBySendConnector: HQEDG02.noi.nssi.bg
Received: from HQMBX01.noi.nssi.bg (172.20.19.21) by HQEDG02.noi.nssi.bg
(192.168.70.32) with Microsoft SMTP Server (TLS) id 15.0.847.32; Mon, 7 Apr
2014 12:48:47 +0300
Received: from hd2ho4.ho.nssi.bg (172.30.20.2) by HQMBX01.noi.nssi.bg
(172.20.19.21) with Microsoft SMTP Server id 15.0.847.32; Mon, 7 Apr 2014
12:48:36 +0300
Received: from mc.nssi.bg ([192.168.48.9]) by hd2ho4.ho.nssi.bg with Microsoft
SMTPSVC(6.0.3790.3959); Mon, 7 Apr 2014 12:36:23 +0300
Received: from HQEDG01.noi.nssi.bg ([192.168.50.31] RDNS failed) by mc.nssi.bg
with Microsoft SMTPSVC(6.0.3790.3959); Mon, 7 Apr 2014 12:25:55 +0300
X-CrossPremisesHeadersFilteredBySendConnector: HQEDG01.noi.nssi.bg
Received: from HQMBX02.noi.nssi.bg (172.20.19.22) by HQEDG01.noi.nssi.bg
(192.168.70.31) with Microsoft SMTP Server (TLS) id 15.0.847.32; Mon, 7 Apr
2014 12:25:52 +0300
Received: from hd2ho4.ho.nssi.bg (172.30.20.2) by HQMBX02.noi.nssi.bg
(172.20.19.22) with Microsoft SMTP Server id 15.0.847.32; Mon, 7 Apr 2014
12:25:50 +0300
Received: from mc.nssi.bg ([192.168.48.9]) by hd2ho4.ho.nssi.bg with Microsoft
SMTPSVC(6.0.3790.3959); Mon, 7 Apr 2014 12:20:19 +0300
Received: from HQEDG01.noi.nssi.bg ([192.168.50.31] RDNS failed) by mc.nssi.bg
with Microsoft SMTPSVC(6.0.3790.3959); Mon, 7 Apr 2014 12:20:19 +0300
X-CrossPremisesHeadersFilteredBySendConnector: HQEDG01.noi.nssi.bg
Received: from HQMBX02.noi.nssi.bg (172.20.19.22) by HQEDG01.noi.nssi.bg
(192.168.70.31) with Microsoft SMTP Server (TLS) id 15.0.847.32; Mon, 7 Apr
2014 12:20:18 +0300
Received: from hd2ho4.ho.nssi.bg (172.30.20.2) by HQMBX02.noi.nssi.bg
(172.20.19.22) with Microsoft SMTP Server id 15.0.847.32; Mon, 7 Apr 2014
12:20:16 +0300
Received: from mc.nssi.bg ([192.168.48.9]) by hd2ho4.ho.nssi.bg with Microsoft
SMTPSVC(6.0.3790.3959); Mon, 7 Apr 2014 12:13:19 +0300
Received: from HQEDG02.noi.nssi.bg ([192.168.50.32]) by mc.nssi.bg with
Microsoft SMTPSVC(6.0.3790.3959); Mon, 7 Apr 2014 12:13:18 +0300
X-CrossPremisesHeadersFilteredBySendConnector: HQEDG02.noi.nssi.bg
Received: from HQMBX01.noi.nssi.bg (172.20.19.21) by HQEDG02.noi.nssi.bg
(192.168.70.32) with Microsoft SMTP Server (TLS) id 15.0.847.32; Mon, 7 Apr
2014 12:13:12 +0300
Received: from hd2ho4.ho.nssi.bg (172.30.20.2) by HQMBX01.noi.nssi.bg
(172.20.19.21) with Microsoft SMTP Server id 15.0.847.32; Mon, 7 Apr 2014
12:13:08 +0300
Received: from mc.nssi.bg ([192.168.48.9]) by hd2ho4.ho.nssi.bg with Microsoft
SMTPSVC(6.0.3790.3959); Mon, 7 Apr 2014 11:58:26 +0300
Received: from [117.198.246.170] ([117.198.246.170] RDNS failed) by mc.nssi.bg
with Microsoft SMTPSVC(6.0.3790.3959); Mon, 7 Apr 2014 11:58:25 +0300
Message-ID: <04BDC4C4EA7DBDEA532A2A04935304BD@C7XI0XH>
From: isidore jonathan
To:
Subject: =?koi8-r?B?9yDT18/Cz8TOz9TPINPJINfSxc3FIPfJxSDNz9bF1MUgxMEg0MXexQ==?=
=?koi8-r?B?zMnUxSAxMTUgxdfSzyDOwSDewdMgy8HUzyDQz83Bx8HUxSDOwSDCzw==?=
=?koi8-r?B?zM7J1MUgyM/SwS4=?=
Date: Mon, 7 Apr 2014 18:02:56 +0400
MIME-Version: 1.0
Content-Type: text/plain; charset="koi8-r"
Content-Transfer-Encoding: 8bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.4806
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.4806
Return-Path: willem@grootersnet.nl
X-OriginalArrivalTime: 07 Apr 2014 08:58:26.0221 (UTC) FILETIME=[899CDDD0:01CF523F]
X-OrganizationHeadersPreserved: HQEDG02.noi.nssi.bg
X-OrganizationHeadersPreserved: HQEDG01.noi.nssi.bg
X-OrganizationHeadersPreserved: HQEDG01.noi.nssi.bg
X-OrganizationHeadersPreserved: HQEDG02.noi.nssi.bg
X-OrganizationHeadersPreserved: HQEDG01.noi.nssi.bg
X-OrganizationHeadersPreserved: HQEDG01.noi.nssi.bg
X-OrganizationHeadersPreserved: HQEDG01.noi.nssi.bg
X-OrganizationHeadersPreserved: HQEDG02.noi.nssi.bg
====
Return-path:
Envelope-to: mike@strongholdfitness.com
Delivery-date: Mon, 07 Apr 2014 03:23:05 -0500
Received: from 61-227-67-104.dynamic.hinet.net ([61.227.67.104]:21226)
by fin.fineassmarketing.com with esmtp (Exim 4.82)
(envelope-from
id 1WX4pc-0002OI-R6
for mike@strongholdfitness.com; Mon, 07 Apr 2014 03:23:05 -0500
Message-ID: <87315D3C08EB5069DFB3D2E605BE8731@VW7X0KIT>
From: "goddart gulukota"
To:
Subject: Pharmacy
Date: 6 Apr 2011 23:10:55 +0700
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-14"
Content-Transfer-Encoding: 8bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5931
Received-SPF: none(grootersnet.nl: grootersnet.nl does not designate permitted sender hosts)
====
Received: from [188.251.177.11] (188.251.177.11) by exserver.intercapital.bg
(31.13.228.86) with Microsoft SMTP Server id 14.1.438.0; Mon, 7 Apr 2014
11:45:35 +0300
Message-ID: <534273AD.3070802@grootersnet.nl>
Date: Mon, 7 Apr 2014 09:45:17 +0000
From: scott baker
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:6.0.1) Gecko/20110830 Thunderbird/6.0.1
MIME-Version: 1.0
To:
Subject: =?koi8-r?B?WyEhU3BhbV3z1MHOxdTFIM7B2yDEydPUwc7Dyc/Oxc4g0M/Nz93Oycsg2sEg?=
=?koi8-r?B?18nTz8vPINDMwdTFzsEg0sHCz9TBIQ==?=
Content-Type: text/plain; charset="KOI8-R"; format=flowed
Content-Transfer-Encoding: quoted-printable
Return-Path: willem@grootersnet.nl
X-KSE-AntiSpam-Interceptor-Info: scan successful
X-KSE-AntiSpam-Version: 5.1.9, Database issued on: 4/7/2014 9:19:08 AM
X-KSE-AntiSpam-Status: KAS_STATUS_SPAM
X-KSE-AntiSpam-Method: content [recent terms]
X-KSE-AntiSpam-Rate: 100
X-KSE-AntiSpam-Info: Lua profiles 59341 [Apr 07 2014]
X-KSE-AntiSpam-Info: Version: 5.1.9
X-KSE-AntiSpam-Info: Envelope from: willem@grootersnet.nl
X-KSE-AntiSpam-Info: {Content: Spam}
X-KSE-AntiSpam-Info: Rate: 100
X-KSE-AntiSpam-Info: Status: spam
X-KSE-AntiSpam-Info: Method: content [recent terms]
X-KSE-AntiSpam-Info: Moebius-Timestamps: 2862628, 2862660, 0
X-KSE-Antivirus-Interceptor-Info: scan successful
X-KSE-Antivirus-Info: Clean
====
Return-Path:
Received: from localhost (localhost [127.0.0.1])
by mailnew.briospa.com (Postfix) with ESMTP id 456F3A80144
for
X-Spam-Flag: YES
X-Spam-Score: 14.612
X-Spam-Level: **************
X-Spam-Status: Yes, score=14.612 tagged_above=-10 required=6.6
tests=[ALL_TRUSTED=-1, BAYES_99=3.5, HELO_DYNAMIC_SPLIT_IP=3.482,
RDNS_NONE=0.793, T_FSL_HELO_BARE_IP_2=0.01,
T_FSL_HELO_NON_FQDN_2=0.01, T_KHOP_NO_FULL_NAME=0.01,
T_LONG_HEADER_LINE_80=0.01, URIBL_BLACK=1.725, URIBL_DBL_SPAM=1.7,
URIBL_JP_SURBL=1.25, URIBL_RHS_DOB=1.514, URIBL_WS_SURBL=1.608]
autolearn=no
Received: from mailnew.briospa.com ([127.0.0.1])
by localhost (mailnew.briospa.com [127.0.0.1]) (amavisd-new, port 10032)
with ESMTP id oXCweHPaSPpM for
Mon, 7 Apr 2014 10:54:01 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
by mailnew.briospa.com (Postfix) with ESMTP id 95723A8011F
for
X-Virus-Scanned: amavisd-new at briospa.com
Received: from mailnew.briospa.com ([127.0.0.1])
by localhost (mailnew.briospa.com [127.0.0.1]) (amavisd-new, port 10026)
with ESMTP id Ao9DRWp3e81Y for
Mon, 7 Apr 2014 10:54:01 +0200 (CEST)
Received: from lnxsrv2 (unknown [192.168.31.5])
by mailnew.briospa.com (Postfix) with ESMTPS id 03F53A800CA
for
Received: (qmail 22930 invoked by uid 89); 7 Apr 2014 08:54:13 -0000
Received: from unknown (HELO 117.84.117.91.dynamic.mundo-r.com) (91.117.84.117)
by lnxsrv2 with SMTP; 7 Apr 2014 08:54:13 -0000
Received-SPF: none (lnxsrv2: domain at grootersnet.nl does not designate permitted sender hosts)
Message-ID: <6C54AECB4D96312810EA8F09D2756C54@grootersnet.nl>
From: "rabi gwyn"
To:
Subject: Voglio offrirvi un'opportunita di lavoro con holding operante a livello globale.
Date: 7 Apr 2014 11:41:12 +0100
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Mailer: Hixccwo wmsvu 0.0
01-Apr-2014
More of the same
The end-of-month processing shows no surprises:
PMAS statistics for March
Total messages : 2569 = 100.0 o/o
DNS Blacklisted : 0 = .0 o/o (Files: 0)
Relay attempts : 495 = 19.2 o/o (Files: 31)
Accepted by PMAS : 2074 = 80.7 o/o (Files: 31)
Handled by explicit rule
Rejected : 1538 = 74.1 o/o (processed), 59.8 o/o (all)
Accepted : 176 = 8.4 o/o (processed), 6.8 o/o (all)
Handled by content
Discarded : 136 = 6.5 o/o (processed), 5.2 o/o (all)
Quarantained : 197 = 9.4 o/o (processed), 7.6 o/o (all)
Delivered : 27 = 1.3 o/o (processed), 1.0 o/o (all)
It may seem weird that there are no mails rejected because of the sender being blacklisted, but that is because I had to disable this….But it seems the rules are strict enough, blocking almost 75% of what remaind. Nevertheless: it might stil be a good idea to re-enable it again, and be at hand if there still is a failure..
There is, however. a very different problem, with VoiP.
The router facilitates VoiP using standard, analog phones. Works fine, except that at times, connections are dropped, and calling us is at times impossible. The Dect phone I used did have a problem with power – the adaptor had a bad connection and the batteries were too old, so the unit ran out of power fairly quicky.
Now we have a new set, and at first, it didn’t show this behaviour. It did, however, show something else – perferrably in the middle of the night, for two nights in a row: it rang a few times, displaying a small number – 2,to 5 digits where 10 is normal. then quit the connection. This happened a few times i a minute, and al of a sudden it stopped.
Today, connection was, once again, dropped after a few minutes…
The big problem to solve it, is that it cannot be reproduced at will. Plus that I will have to reinstall the Fritzbox for the test – something I would try to avoid due to it’s restrictions…