MSMilter not started after installation
-
- Posts: 24
- Joined: 02 Mar 2019 17:04
MSMilter not started after installation
Hi,
I just followed the installation using the command:
curl -sSL https://install.efa-project.org | bash
Once I started the MailScanner Webconsole I noticed that MSMilter was not running. In the maillog there was "Connection refused". I started the msmilter service manually and set the SELinux to Permissive and it started working. Is this normal behavior for a default installation? Should I start and enable MSMilter manually post-installation? Or is this an indication of something wrong?
Thank you
I just followed the installation using the command:
curl -sSL https://install.efa-project.org | bash
Once I started the MailScanner Webconsole I noticed that MSMilter was not running. In the maillog there was "Connection refused". I started the msmilter service manually and set the SELinux to Permissive and it started working. Is this normal behavior for a default installation? Should I start and enable MSMilter manually post-installation? Or is this an indication of something wrong?
Thank you
Re: MSMilter not started after installation
I installed mine like a week ago the same exact way, and I did not have this problem
Code: Select all
[uname@hostname ~]$ ps -aux | grep MSMilter
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
postfix 741 0.0 0.3 249904 30312 ? S Apr19 0:16 MSMilter Daemon
Code: Select all
[uname@hostname ~]$ sudo netstat -tulpn | grep MSMilter
tcp 0 0 127.0.0.1:33333 0.0.0.0:* LISTEN 741/MSMilter Daemon
-
- Posts: 24
- Joined: 02 Mar 2019 17:04
Re: MSMilter not started after installation
Hi,
What is your SELINUX setting? This is really an out of the box installation, so I am surprised that it causes problems.
Thank you
What is your SELINUX setting? This is really an out of the box installation, so I am surprised that it causes problems.
Thank you
-
- Posts: 24
- Joined: 02 Mar 2019 17:04
Re: MSMilter not started after installation
I completely reinstalled the server following the guide on Youtube from Mailserverguru. Nothing special configured, but still Milter is not started... what is going wrong here?
It does start when I do: sudo systemctl start msmilter
Apr 27 23:50:09 efa MSMilter[2968]: MailWatch: Starting up MailWatch SQL Whitelist
Apr 27 23:50:09 efa MSMilter[2968]: MailWatch: Read 2 whitelist entries
Apr 27 23:50:09 efa root[2970]: MSMilter started
Apr 27 23:50:42 efa postfix/smtpd[1846]: warning: hostname 37.156.237.114.broad.lyg.js.dynamic.163data.com.cn does not resolve to address 114.237.156.37: Name or service not known
Apr 27 23:50:42 efa postfix/smtpd[1846]: connect from unknown[114.237.156.37]
Apr 27 23:50:42 efa postfix/smtpd[1846]: warning: connect to Milter service inet:localhost:8893: Connection refused
Apr 27 23:50:42 efa postfix/smtpd[1846]: NOQUEUE: milter-reject: CONNECT from unknown[114.237.156.37]: 451 4.7.1 Service unavailable - try again later; proto=SMTP
Apr 27 23:50:43 efa postfix/smtpd[1846]: NOQUEUE: milter-reject: EHLO from unknown[114.237.156.37]: 451 4.7.1 Service unavailable - try again later; proto=SMTP helo=<jbwi.com>
Apr 27 23:50:43 efa postfix/smtpd[1846]: NOQUEUE: milter-reject: MAIL from unknown[114.237.156.37]: 451 4.7.1 Service unavailable - try again later; from=<pxlcpmcq@crot.com> proto=ESMTP helo=<jbwi.com>
Apr 27 23:50:43 efa postfix/smtpd[1846]: disconnect from unknown[114.237.156.37] ehlo=1 mail=0/1 quit=1 commands=2/3
A think I noticed is that also DMARC is not running:
Failed to start Domain-based Message Authentication, Reporting & Conformance (DMARC) Milter.
It does start when I do: sudo systemctl start msmilter
Apr 27 23:50:09 efa MSMilter[2968]: MailWatch: Starting up MailWatch SQL Whitelist
Apr 27 23:50:09 efa MSMilter[2968]: MailWatch: Read 2 whitelist entries
Apr 27 23:50:09 efa root[2970]: MSMilter started
Apr 27 23:50:42 efa postfix/smtpd[1846]: warning: hostname 37.156.237.114.broad.lyg.js.dynamic.163data.com.cn does not resolve to address 114.237.156.37: Name or service not known
Apr 27 23:50:42 efa postfix/smtpd[1846]: connect from unknown[114.237.156.37]
Apr 27 23:50:42 efa postfix/smtpd[1846]: warning: connect to Milter service inet:localhost:8893: Connection refused
Apr 27 23:50:42 efa postfix/smtpd[1846]: NOQUEUE: milter-reject: CONNECT from unknown[114.237.156.37]: 451 4.7.1 Service unavailable - try again later; proto=SMTP
Apr 27 23:50:43 efa postfix/smtpd[1846]: NOQUEUE: milter-reject: EHLO from unknown[114.237.156.37]: 451 4.7.1 Service unavailable - try again later; proto=SMTP helo=<jbwi.com>
Apr 27 23:50:43 efa postfix/smtpd[1846]: NOQUEUE: milter-reject: MAIL from unknown[114.237.156.37]: 451 4.7.1 Service unavailable - try again later; from=<pxlcpmcq@crot.com> proto=ESMTP helo=<jbwi.com>
Apr 27 23:50:43 efa postfix/smtpd[1846]: disconnect from unknown[114.237.156.37] ehlo=1 mail=0/1 quit=1 commands=2/3
A think I noticed is that also DMARC is not running:
Failed to start Domain-based Message Authentication, Reporting & Conformance (DMARC) Milter.
- shawniverson
- Posts: 3649
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: MSMilter not started after installation
Share with me some details about this please...
What envrionment (hyper-v? vmware? kvm? vps? physical?)
If vps, which provider?
Any errors in /var/log/eFa/*log
Which initialization method used (web gui or console cli)?
Any errors in MailWatch GUI (such as a failure notice in the footer)?
What envrionment (hyper-v? vmware? kvm? vps? physical?)
If vps, which provider?
Any errors in /var/log/eFa/*log
Which initialization method used (web gui or console cli)?
Any errors in MailWatch GUI (such as a failure notice in the footer)?
-
- Posts: 24
- Joined: 02 Mar 2019 17:04
Re: MSMilter not started after installation
It is Hyper-V, with Centos 7.7 Core. I have tried both initialization methods. There are two files in that /var/log/eFa/ directory build.log and eFa-Backup.log. Checked both, no indication of any error.
What I did notice is an issue that DMARC didn't want to start. For a reason unclear. When I disable DMARC it seems also to resolve the Milter issue. So likely the issue has to do with DMARC?
I don't see or get errors in the GUI. The only thing I noticed was that the MSMilter status was NO i.o. YES, which is the reason I looked into this issue.
What I did notice is an issue that DMARC didn't want to start. For a reason unclear. When I disable DMARC it seems also to resolve the Milter issue. So likely the issue has to do with DMARC?
I don't see or get errors in the GUI. The only thing I noticed was that the MSMilter status was NO i.o. YES, which is the reason I looked into this issue.
- shawniverson
- Posts: 3649
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: MSMilter not started after installation
Thanks for the info, I am running tests.
- shawniverson
- Posts: 3649
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: MSMilter not started after installation
Okay, I am having trouble reproducing this on hyper-v with CentOS 7.7 Minimal. Both my milter and dmarc/dkim are up and running after setup. There has to be something unique to your situation, and we need to find it.
Can you provide me more details, such as what you have chosen during setup phase?
Can you provide me more details, such as what you have chosen during setup phase?
-
- Posts: 24
- Joined: 02 Mar 2019 17:04
Re: MSMilter not started after installation
Hi,
The only thing that comes to mind as maybe unusual is that the netmask is 255.255.255.255 because this system is in a hosted environment of which I don't own all IPs.
My SELinux is set to permissive. Firewalld is left untouched before the installation.
The installation was start like this:
sudo yum install wget
wget -O build.bash https://install.efa-project.org
sudo bash build.bash
The options selected are:
1. Hostname: servernamewhatever
2. Domainname: mydomainname.net
3. Admin Email: postmaster@mydomainname.net
4. Interface: eth0
5. IP v4 address: 123.123.123.123
6. IP v4 Netmask: 255.255.255.255
7. IP v4 gateway: 123.123.123.254
8. IP v6 DNS: Disabled
9. IP v6 Address:
10. IP v6 Mask:
11. IP v6 Gateway:
12. Use Recursion: Enabled
13. Primary DNS:
14. Secundary DNS:
15. Web User: myuser
16. Web User PWS: <hidden>
17. CLI User: cliuser
18. CLI User PWD: <hidden>
19. Hypervisor Agents: No (while I selected Y on the question configure Virtualization)
20. Time Zone: Europe/Paris Not using UTC
21. Keyboard: fr
22. IANA Code: fr
23. Mail server: mx01.mydomain.net
24. Org Name: MyOrg
The only thing that comes to mind as maybe unusual is that the netmask is 255.255.255.255 because this system is in a hosted environment of which I don't own all IPs.
My SELinux is set to permissive. Firewalld is left untouched before the installation.
The installation was start like this:
sudo yum install wget
wget -O build.bash https://install.efa-project.org
sudo bash build.bash
The options selected are:
1. Hostname: servernamewhatever
2. Domainname: mydomainname.net
3. Admin Email: postmaster@mydomainname.net
4. Interface: eth0
5. IP v4 address: 123.123.123.123
6. IP v4 Netmask: 255.255.255.255
7. IP v4 gateway: 123.123.123.254
8. IP v6 DNS: Disabled
9. IP v6 Address:
10. IP v6 Mask:
11. IP v6 Gateway:
12. Use Recursion: Enabled
13. Primary DNS:
14. Secundary DNS:
15. Web User: myuser
16. Web User PWS: <hidden>
17. CLI User: cliuser
18. CLI User PWD: <hidden>
19. Hypervisor Agents: No (while I selected Y on the question configure Virtualization)
20. Time Zone: Europe/Paris Not using UTC
21. Keyboard: fr
22. IANA Code: fr
23. Mail server: mx01.mydomain.net
24. Org Name: MyOrg
- shawniverson
- Posts: 3649
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: MSMilter not started after installation
255.255.255.255 will definitely cause a problem. Even in a hosted environment. The gateway will be invalid from the perspective of the guest and reject routing to the gateway you have defined.
The smallest valid netmask would be a 255.255.255.252, which includes your machine, the gateway, and the broadcast address.
The smallest valid netmask would be a 255.255.255.252, which includes your machine, the gateway, and the broadcast address.
- shawniverson
- Posts: 3649
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: MSMilter not started after installation
I am going to attempt to simulate that same problem and see why the MailWatch footer did not trigger a failure.
-
- Posts: 24
- Joined: 02 Mar 2019 17:04
Re: MSMilter not started after installation
I made the same comment to the hosting company, which is a huge global hosting company, and they told me that this is not an issue due to the way how they do their routing. The server is isolated on the network, but the router will do the work. And I have to say, it works indeed. I have many servers like this in different OSes. No problems at all. But I do agree that is feels a bit unnatural indeed.
Re: MSMilter not started after installation
It'd definitely a valid, and you'll see it more and more in ipv4 as providers try to optimize there pool.Citabria79 wrote: ↑29 Apr 2020 22:26 I made the same comment to the hosting company, which is a huge global hosting company, and they told me that this is not an issue due to the way how they do their routing. The server is isolated on the network, but the router will do the work. And I have to say, it works indeed. I have many servers like this in different OSes. No problems at all. But I do agree that is feels a bit unnatural indeed.
- shawniverson
- Posts: 3649
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: MSMilter not started after installation
I'm working on this. I belive eFa assumes a network part and a host part when it does some of its tasks, and 255.255.255.255 is breaking them.
More to come soon.
More to come soon.
-
- Posts: 24
- Joined: 02 Mar 2019 17:04
Re: MSMilter not started after installation
At the moment it works fine. But I had to disable DMARC to be able to start Milter. Just for your info.
- shawniverson
- Posts: 3649
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: MSMilter not started after installation
Well, I can't reproduce this locally, it seems, and I could not make the milter fail, even with an all 255 netmask. I also reviewed the code, and it doesn't look like the 255.255.255.255 should be causing any problems after all.
I am at a loss. Any other thoughts? Should I get a vps spun up on $hostingCompany and try it there?
I am at a loss. Any other thoughts? Should I get a vps spun up on $hostingCompany and try it there?
-
- Posts: 24
- Joined: 02 Mar 2019 17:04
Re: MSMilter not started after installation
What could result in a failure of the DMARC service? Maybe that can give an insight?
- shawniverson
- Posts: 3649
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: MSMilter not started after installation
That's where I'm lost as well. The DMARC daemon is separate from the milter daemon, and they live on different ports. They have nothing in common except that they are referenced in /etc/postfix/main.cf and bind to the same address. I was hoping that something would fail so I could start debugging the problem.
-
- Posts: 24
- Joined: 02 Mar 2019 17:04
Re: MSMilter not started after installation
Where would I find the logs for it in eFa? The main thing is that I installed it twice, with the same result. I don't do anything abnormal if I look at the guide on YouTube and review the parameter I enter.
Re: MSMilter not started after installation
The journalctl logs might give us some insight, but only after a fresh install.
Code: Select all
journalctl --no-pager > logs.txt
Re: MSMilter not started after installation
Also a copy of dmesg after a fresh install might catch some pertinent info as well.
Code: Select all
dmesg > dmesg.txt
-
- Posts: 24
- Joined: 02 Mar 2019 17:04
Re: MSMilter not started after installation
The problem is that it all was to be done after a fresh install, the system is used now. And impossible to reinstall... But I might try to activate DMARC and restart it. It will normally result in the same error...
Re: MSMilter not started after installation
see how far back journalctl goes, it may still have the logs from when you first installed eFaCitabria79 wrote: ↑30 Apr 2020 21:20 The problem is that it all was to be done after a fresh install, the system is used now. And impossible to reinstall...
-
- Posts: 24
- Joined: 02 Mar 2019 17:04
Re: MSMilter not started after installation
May 01 00:46:51 removedforprivacy.domain.net systemd[1]: Starting Domain-based Message Authentication, Reporting & Conformance (DMARC) Milter...
-- Subject: Unit opendmarc.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/li ... temd-devel
--
-- Unit opendmarc.service has begun starting up.
May 01 00:46:51 removedforprivacy.domain.net opendmarc[3400]: opendmarc_policy_library_init() failed
May 01 00:46:51 removedforprivacy.domain.net systemd[1]: Can't open PID file /var/run/opendmarc/opendmarc.pid (yet?) after start: No such file or directory
May 01 00:46:51 removedforprivacy.domain.net systemd[1]: Failed to start Domain-based Message Authentication, Reporting & Conformance (DMARC) Milter.
-- Subject: Unit opendmarc.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/li ... temd-devel
--
-- Unit opendmarc.service has failed.
--
-- The result is failed.
May 01 00:46:51 removedforprivacy.domain.net systemd[1]: Unit opendmarc.service entered failed state.
May 01 00:46:51 removedforprivacy.domain.net systemd[1]: opendmarc.service failed.
-- Subject: Unit opendmarc.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/li ... temd-devel
--
-- Unit opendmarc.service has begun starting up.
May 01 00:46:51 removedforprivacy.domain.net opendmarc[3400]: opendmarc_policy_library_init() failed
May 01 00:46:51 removedforprivacy.domain.net systemd[1]: Can't open PID file /var/run/opendmarc/opendmarc.pid (yet?) after start: No such file or directory
May 01 00:46:51 removedforprivacy.domain.net systemd[1]: Failed to start Domain-based Message Authentication, Reporting & Conformance (DMARC) Milter.
-- Subject: Unit opendmarc.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/li ... temd-devel
--
-- Unit opendmarc.service has failed.
--
-- The result is failed.
May 01 00:46:51 removedforprivacy.domain.net systemd[1]: Unit opendmarc.service entered failed state.
May 01 00:46:51 removedforprivacy.domain.net systemd[1]: opendmarc.service failed.
- shawniverson
- Posts: 3649
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: MSMilter not started after installation
This makes sense now.
I think you are missing the Public Suffix List.
You should have seen this in the MailWatch footer, did you not?
"...ERROR INITIALIZATING, CHECK public suffix list..."
I think you are missing the Public Suffix List.
You should have seen this in the MailWatch footer, did you not?
"...ERROR INITIALIZATING, CHECK public suffix list..."
Code: Select all
curl -s https://publicsuffix.org/list/public_suffix_list.dat > /etc/opendmarc/public_suffix_list.dat