opendmarc.service failed - kills mailscanner?

Bugs in eFa 4
MattS
Posts: 18
Joined: 12 Dec 2017 14:00

Re: opendmarc.service failed - kills mailscanner?

Post by MattS » 17 Jun 2021 10:52

Yeah, it didn't work for me either when I tried it yesterday.

My efa stops processing mail every 4 hours at 59 minutes past the hour without fail. I think it's the same email triggering the seg fault every time and suspect the email is stuck in the queue of the external backup smtp service we use, hence the 4hr retry cycle. Obviously can't block the IP of the "sender" at the firewall as it's coming from the legitimate IP address of our provider.

As it's happening with such predicatable regularity, I just scheduled a root cron job to restart the opendmarc service every 4 hours on the hour, which has at least meant I don't need to sit here all day monitoring it until a fixed version of the opendmarc package is released.

1an3
Posts: 17
Joined: 07 May 2021 13:05

Re: opendmarc.service failed - kills mailscanner?

Post by 1an3 » 17 Jun 2021 10:55

bizzare, my opendmarc was crashing all over the weekend and always restarted itself.

There is another way to do it in opendamrc.conf, where you can configure restart auto restart behaviour, max attempts, rates, etc.

kandegama
Posts: 7
Joined: 28 Sep 2017 17:38

Re: opendmarc.service failed - kills mailscanner?

Post by kandegama » 17 Jun 2021 12:52

I have a similar issue. please help with this.EFA use as the primary spam gateway. this happened after auto-update happen in DMRC RPMs


1an3
Posts: 17
Joined: 07 May 2021 13:05

Re: opendmarc.service failed - kills mailscanner?

Post by 1an3 » 17 Jun 2021 15:50

Hi Shawn will this fix for opendmarc make it into the repo for yum to get hold of? Not sure I have it in me to compile a patch etc unless there are noddy instructions.

kandegama
Posts: 7
Joined: 28 Sep 2017 17:38

Re: opendmarc.service failed - kills mailscanner?

Post by kandegama » 17 Jun 2021 16:19

Please can you help me how to deploy SRC package to my EFA enviorment

User avatar
shawniverson
Posts: 3425
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: opendmarc.service failed - kills mailscanner?

Post by shawniverson » 17 Jun 2021 18:39

I am preparing to send an update out that includes this patch

kandegama
Posts: 7
Joined: 28 Sep 2017 17:38

Re: opendmarc.service failed - kills mailscanner?

Post by kandegama » 18 Jun 2021 01:31

shawniverson wrote:
17 Jun 2021 18:39
I am preparing to send an update out that includes this patch
Thanks Shawn

kandegama
Posts: 7
Joined: 28 Sep 2017 17:38

Re: opendmarc.service failed - kills mailscanner?

Post by kandegama » 18 Jun 2021 05:10

shawniverson wrote:
17 Jun 2021 18:39
I am preparing to send an update out that includes this patch
today morning updated following RPM's
Jun 18 06:10:11 Updated: libopendmarc.x86_64 1.4.1.1-1.eFa.1.el7
Jun 18 06:10:11 Updated: opendmarc.x86_64 1.4.1.1-1.eFa.1.el7
Jun 18 06:10:50 Updated: eFa.noarch 1:4.0.4-13.eFa.el7

but after that Mailwatch web console is hanging but there is no error in the mail log file.

kandegama
Posts: 7
Joined: 28 Sep 2017 17:38

Re: opendmarc.service failed - kills mailscanner?

Post by kandegama » 18 Jun 2021 05:26

Gateway timeout error appear in web page

forhire
Posts: 12
Joined: 10 Jun 2021 16:54

Re: opendmarc.service failed - kills mailscanner?

Post by forhire » 18 Jun 2021 05:49

I just ran yum updates and a new version was updated. The epel version has been replaced by an eFa4 rpm.
Updated libopendmarc-1.4.1-1.el7.x86_64 @epel
Update 1.4.1.1-1.eFa.1.el7.x86_64 @eFa4
Updated opendmarc-1.4.1-1.el7.x86_64 @epel
Update 1.4.1.1-1.eFa.1.el7.x86_64 @eFa4

bostjanc
Posts: 160
Joined: 01 Jun 2016 17:18

Re: opendmarc.service failed - kills mailscanner?

Post by bostjanc » 18 Jun 2021 05:58

Forhire do you have the same issue as others? Gateway timeouts?
I havent upgraded yet on our EFAs

jamerson
Posts: 159
Joined: 19 Aug 2017 18:57
Location: kaaskop

Re: opendmarc.service failed - kills mailscanner?

Post by jamerson » 18 Jun 2021 08:43

its appear to be a brut force or something similar to manipulate EFA.
what firewall are you using in front of the EFA? what ports are open from the WAN to the EFA? are you using some kind of ids/IPS?
Version eFa 4.0.0 RC1 now available in testing repo. Come join us in advancing eFa!

kandegama
Posts: 7
Joined: 28 Sep 2017 17:38

Re: opendmarc.service failed - kills mailscanner?

Post by kandegama » 18 Jun 2021 09:14

Fortinet firewall and IPS and spam enable in firewall side

MattS
Posts: 18
Joined: 12 Dec 2017 14:00

Re: opendmarc.service failed - kills mailscanner?

Post by MattS » 18 Jun 2021 09:29

I noticed the three new rpm's being available this morning but hung back from applying them pending any teething problems. However, my eFa instance appears to have automatically updated itself in the last hour. Luckily without any issue. I've even just seen the offending email that was causing our problem get delivered and processed in mailwatch before correctly being identified as black listed.

The fact eFa automatically installed the broken opendmarc package caused the problem in the first place but the automatic updating has obviously fixed the problem a week later. I'm in two minds as to whether to disable automatic system package updates, if there's an easy way to do that, in order to sanity check any future updates.

forhire
Posts: 12
Joined: 10 Jun 2021 16:54

Re: opendmarc.service failed - kills mailscanner?

Post by forhire » 18 Jun 2021 15:31

bostjanc wrote:
18 Jun 2021 05:58
Forhire do you have the same issue as others? Gateway timeouts?
I havent upgraded yet on our EFAs
I haven't had any issues.

kandegama
Posts: 7
Joined: 28 Sep 2017 17:38

Re: opendmarc.service failed - kills mailscanner?

Post by kandegama » 18 Jun 2021 16:23

forhire wrote:
18 Jun 2021 15:31
bostjanc wrote:
18 Jun 2021 05:58
Forhire do you have the same issue as others? Gateway timeouts?
I havent upgraded yet on our EFAs
I haven't had any issues.
Thanks for update
I had an issue. anyway after restart again still there is no issue. will update on if any problem arises.

Post Reply