User profile for user: Brenton Bills
Brenton Bills Author
User level: Level 2
179 points

Mail service on, SMTP on, but clients can't connect -- please help a novice

Hi all,

We use 10.4 Server on a G5 Xserve. A few days ago we had a problem with our server being used for spam. That was fixed quickly enough, but the problem is: while being fixed, the mail queue accumulated more and more mail, and it wasn't going out. The "retry" button didn't work. Repairing the database didn't work.

To make a long story shorter, after reading different things here and on the web, I managed to delete all the messages in the queue. All the users are still there. But now, when I turn the mail service back on, everyone gets a "can't connect" error.

I've used the terminal before, but I've always been following directions; I don't know what to type or why. But if someone with patience can help, I can follow directions, and would really appreciate the help. Right now I'm dead in the water.

Black MacBook 2.16GHz C2D, 2GB RAM, Mac OS X (10.5.5), "Oh I get by with a little help from my friends..."

Posted on Oct 23, 2008 10:15 AM

Reply
66 replies
User profile for user: Brenton Bills
Brenton Bills Author
User level: Level 2
179 points

Oct 23, 2008 12:55 PM in response to tibor.moldovan

tibor.moldovan wrote:
I'm not an expert, but:

- how was the problem fixed "quickly enough"?

- does your mailaccess.log have any entries with regards to failed user authentication?
(You can view it in Server Admin, if you go to your server/mail service/logs)

- if you have web mail enabled, can you, or users log in through that?

Message was edited by: tibor.moldovan

The problem was that someone had brought in their own PC laptop, and it looked like they had never ran Windows Update, anti-malware, etc. on it. Whenever he ran Excel 2003, spam would start flooding the queue. It would stop when Excel was quit. And that was solved by installing a Excel security update.

Here's a sample of the "Mail Access" log. Sorry if that's not the log you wanted.

Oct 23 14:34:15 mail pop3[602]: IOERROR: opening /var/spool/imap/user/bfrey/cyrus.header: Permission denied
Oct 23 14:34:18 mail pop3[602]: Unable to open maildrop for bfrey: System I/O error
Oct 23 14:34:54 mail pop3[598]: IOERROR: opening /var/spool/imap/user/tmcculloch/cyrus.header: Permission denied
Oct 23 14:34:57 mail pop3[598]: Unable to open maildrop for tmcculloch: System I/O error
Oct 23 14:35:00 mail pop3[602]: IOERROR: opening /var/spool/imap/user/tmcculloch/cyrus.header: Permission denied
Oct 23 14:35:03 mail pop3[602]: Unable to open maildrop for tmcculloch: System I/O error
Oct 23 14:35:55 mail pop3[598]: IOERROR: opening /var/spool/imap/user/custodian/cyrus.header: Permission denied
Oct 23 14:35:58 mail pop3[598]: Unable to open maildrop for custodian: System I/O error
Oct 23 14:35:59 mail pop3[598]: IOERROR: opening /var/spool/imap/user/custodian/cyrus.header: Permission denied
Oct 23 14:36:02 mail pop3[598]: Unable to open maildrop for custodian: System I/O error
Oct 23 14:36:16 mail pop3[602]: IOERROR: opening /var/spool/imap/user/bbills/cyrus.header: Permission denied
Oct 23 14:36:19 mail pop3[602]: Unable to open maildrop for bbills: System I/O error
Oct 23 14:37:06 mail pop3[602]: IOERROR: opening /var/spool/imap/user/jdeck/cyrus.header: Permission denied
Oct 23 14:37:06 mail pop3[637]: IOERROR: opening /var/spool/imap/user/rsoderstrom/cyrus.header: Permission denied
Oct 23 14:37:09 mail pop3[602]: Unable to open maildrop for jdeck: System I/O error
Oct 23 14:37:09 mail pop3[637]: Unable to open maildrop for rsoderstrom: System I/O error
Oct 23 14:37:11 mail pop3[637]: IOERROR: opening /var/spool/imap/user/rsoderstrom/cyrus.header: Permission denied
Oct 23 14:37:12 mail pop3[602]: IOERROR: opening /var/spool/imap/user/jdeck/cyrus.header: Permission denied
Oct 23 14:37:14 mail pop3[637]: Unable to open maildrop for rsoderstrom: System I/O error

Finally, if I try to use webmail, I get:
Error connecting to IMAP server: localhost.
61 : Connection refused
Reply
User profile for user: tibor.moldovan
tibor.moldovan
User level: Level 1
134 points

Oct 23, 2008 1:35 PM in response to Brenton Bills

And how did you manage to delete all the mail in the queue?

Did you change permissions on any of the folders, like Mail-store, or Mail-database?

As per Pterobyte's suggestion from a similar topic, open the terminal on the server and issue:

ls -l /var/spool/imap/user/username
(replace username with actual user - one user is enough)
and post the output.
Reply
User profile for user: tibor.moldovan
tibor.moldovan
User level: Level 1
134 points

Oct 23, 2008 2:34 PM in response to Brenton Bills

I would imagine that you did a chown on one of the directories while trying to delete the mail and now the wrong user owns them.

If you're SSHed into the server, you can type "history" (without the quotes) and either try to see if you issued any chown, chmod, or chgrp commands. You can post it here if it doesn't contain any sensitive data, that will list all of your recent commands.
Reply
User profile for user: Brenton Bills
Brenton Bills Author
User level: Level 2
179 points

Oct 23, 2008 2:47 PM in response to tibor.moldovan

OK, I've already admitted that I know nothing about this, so I'm sure this will give some people some laughs. That's OK, so the only thing I've changed was the name of the company. I have more peace of mind knowing I'm not showing who's got problems. The other thing is that I don't know when my part of the history begins. Maybe it's all me, but I don't remember doing anything even remotely close to changing IPs. So here it is:

1 telnet mail.abcde.com 110
2 telnet mail.abcde.com 110
3 telnet mail.abcde.com 110
4 sudo /etc/squirrelmail/config/conf.pl
5 grep swupd /etc/swupd/com.apple.server.swupdate.plist > ~/Desktop/
6 update_list.txt
7 grep swupd /etc/swupd/com.apple.server.swupdate.plist > ~/Desktop/
8 update_list.txt
9 grep swupd /etc/swupd/com.apple.server.swupdate.plist > ~/Desktop/update_list.txt
10 softwareupdate
11 man changeip
12 changeip
13 exit
14 changeip -checkhostname
15 sudo changeip
16 changeip -checkhostname
17 sudo changeip -checkhostname
18 man changeip
19 sudo changeip -gethostname
20 sudo changeip -gethostname
21 sudo changeip
22 /usr/sbin/changeip /LDAPv3/127.0.0.1 10.10.10.3 10.10.10.3 mail.abcde.org mail.abcde.org
23 sudo changeip -checkhostname
24 sudo /usr/sbin/changeip /LDAPv3/127.0.0.1 10.10.10.3 10.10.10.3 mail.abcde.org mail.abcde.org
25 changeip -checkhostname
26 sudo changeip -checkhostname
27 sudo rm -rf /usr/share/swupd/html/061-4590/
28 sudo rm -rf /usr/share/swupd/html/061-4589/
29 sudo rm -rf /usr/share/swupd/html/061-4589
30 sudo rm -rf /usr/share/swupd/html/061-4590/
31 sudo rm -rf /usr/share/swupd/html/061-4590/
32 sudo rm -rf /usr/share/swupd/html/061-2089/
33 grep swupd /etc/swupd/com.apple.server.swupdate.plist > ~/Desktop/update_list.txt
34 sudo mkdir /usr/sieve
35 sudo mkdir /usr/sieve
36 sudo pico /etc/services
37 netstat -an | grep 2000
38 telnet localhost 2000
39 sudo mkdir -p /usr/sieve
40 sudo mkdir -p /usr/sieve
41 sudo chown cyrusimap /usr/sieve
42 sudo chgrp wheel /usr/sieve
43 cd
44 pwd
45 ls
46 cd /usr
47 ls
48 ls -l
49 exit
50 sudo pico /etc/services
51 telnet localhost 2000
52 netstat
53 netstat -an | grep 2000
54 exit
55 changeip
56 sudo changeip
57 changeip -checkhostname
58 sudo changeip -checkhostname
59 exit
60 sudo ls -al /var/spool/imap/user/diradmin
61 sudo ls -al /var/spool/imap/user/kbentley
62 sudo /usr/share/mailman/bin/check_perms -f
63 su root
64 su root
65 su root
66 su root
67 su root
68 fsck -f
69 fsck
70 sudo fsck -f
71 sudo fsck /?
72 fsck /help
73 fsck \help
74 pwd
75 ..
76 12345
77 sudo /System/Library/CoreServices/Finder.app/
78 sudo /System/Library/CoreServices/Finder.app/Contents/MacOS/Finder
79 su root
80 su root
81 sudo -u cyrusimap
82 su cyrus
83 su cyrus
84 su cyrus
85 su cyrus
86 su cyrus
87 cyrus
88 sudo cyrus
89 su cyrus
90 su cyrus
91 su cyrus /usr/bin/cyrus/bin/reconstruct -r -f /var/spool/imap/bbills
92 postfix reload
93 sudo postfix reload
94 sudo postfix reload
95 ls -l /var/spool/imap/user/bbills
96 history
Reply
User profile for user: tibor.moldovan
tibor.moldovan
User level: Level 1
134 points

Oct 23, 2008 3:03 PM in response to Brenton Bills

You can edit and remove everything prior to line 60, if you can still edit.
(The older stuff looks doesn't look related to this.)

Were you successful in switching to root (su root) or switching to cyrus (su cyrus)?
If you've switched to cyrus, and if you can do it again, and type history again. That will show what was done under that account.

If you can switch to root, you can post any lines dealing with what you know you've typed since this issue started. Again, chown, chmod and chgrp are the things to look for. Certainly don't post anything you don't recognize as dealing with this issue.

Otherwise, I don't see anything that changed any settings.

Message was edited by: tibor.moldovan

Message was edited by: tibor.moldovan
Reply
User profile for user: Brenton Bills
Brenton Bills Author
User level: Level 2
179 points

Oct 23, 2008 3:12 PM in response to tibor.moldovan

Here's the history from root:

1 sudo /etc/squirrelmail/config/conf.pl
2 sudo /etc/squirellmail/config/conf.pl
3 sudo /etc/squirrelmail/config/conf.pl
4 exit
5 serveradmin stop mail
6 mv /var/imap /var/imap.old
7 mkdir /var/imap
8 /usr/bin/cyrusimap/tools/mkimap
9 chown -R cyrusimap:mail /var/imap
10 sudo -u cyrusimap /usr/bin/cyrus/bin/reconstruct -i
11 serveradmin start mail
12 exit
13 rm /var/imap
14 rm /var/imap/
15 rmdir /var/imap
16 rmdir /var/imap/
17 cp -d /var/imap /var/imap.older
18 cp /var/imap /var/imap.older
19 help cp
20 info cp
21 mv /var/imap.old /var/imap
22 chown -R cyrusimap:mail /var/imap
23 mv /var/imap /var/imap.old
24 mkdir /var/imap
25 /usr/bin/cyrus/tools/mkimap
26 chown -R cyrusimap:mail /var/imap
27 sudo -u cyrusimap /usr/bin/cyrus/bin/reconstruct -i
28 (password)
29 mv /var/imap /var/imap.old
30 mkdir /var/imap
31 /usr/bin/cyrus/tools/mkimap
32 chown -R cyrusimap:mail /var/imap
33 sudo -u cyrusimap /usr/bin/cyrus/bin/reconstruct -i
34 sudo -u cyrusimap /usr/bin/cyrus/bin/reconstruct -f -r user/username
35 cyrusimap /usr/bin/cyrus/bin/reconstruct -f -r
36 /usr/bin/cyrus/bin/reconstruct
37 postfix reload
38 history
Reply
User profile for user: tibor.moldovan
tibor.moldovan
User level: Level 1
134 points

Oct 23, 2008 9:00 PM in response to Brenton Bills

OK, now we may be getting somewhere.
For one, your
chown -R cyrusimap:mail /var/imap
should be
chown -R cyrus:mail /var/imap

but I'm not sure if that is the true problem, because I think if chown can't find the proper user (cyrusimap) it errors out and doesn't apply changes.

You can try stopping your mail service, logging in as root and issuing that command and then starting your mail service again and see if that works.

Message was edited by: tibor.moldovan
Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Mail service on, SMTP on, but clients can't connect -- please help a novice

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up