I keep losing messages because they get tacked onto the end of spam messages. Is this a known problem?

I suspect it might be because the (Russian) spam messages have an incorrect Lines or Content-Length header which the MDA is not correcting and the POP3 server is believing, but it's a bit hard for me to diagnose the problem as I'm only a user (of hostlogical.com) and can't inspect the mail spool.

I tend to rather doubt the quality of the POP3 server, anyway. It's vm-pop3d 1.1.6 and it leaves blank lines in the UIDL listing, which is not really a sign of quality:

UIDL
..
102 E1AlHVh-00036x-KX@ess4.xxxxxxxxxxxx.com
103 D[20

104 E1AlHZ0-0003IA-Hc@ess4.xxxxxxxxxxxx.com
..

Hello,

Try it now. You have 1.1.7e. We'll also be packaging the newer version shortly.

John

i am getting mails lost too. I have 2 servers, both running DA but of different version, server ones DA is 1.21.3 while server 2 which is a newer server is running ver 1.222000. When i send an e-mail from one of the domain located on server 1 to a domain on server 2 (that was migrated from server 1), the mail was never received. Tried a few times last night, all mails not received but when i send out from domain on server 2, it gets received all the time.

Any ideas?

Hello,

That might be different. Check your /var/log/exim/mainlog. Also, the version of DirectAdmin doesn't have as much to with with email as does the exim version or vm-pop3d version.

John

Originally posted by DirectAdmin Support
Hello,

That might be different. Check your /var/log/exim/mainlog. Also, the version of DirectAdmin doesn't have as much to with with email as does the exim version or vm-pop3d version.

John

here the logs.

From older server. Send receive no problem. i was trying to send to e-mail address ending with itcow.com

[root@gandalf root]# cat /var/log/exim/mainlog | grep mobile@itcow.com
2004-06-29 00:24:43 1Beyvu-0001GZ-FL => mobile <mobile@itcow.com> R=virtual_user T=virtual_localdelivery
2004-06-29 00:36:16 1Bez79-0002JR-Af => mobile <mobile@itcow.com> R=virtual_user T=virtual_localdelivery
2004-06-29 00:37:02 1Bez7t-0002KS-Fw => mobile <mobile@itcow.com> R=virtual_user T=virtual_localdelivery
2004-06-29 12:54:55 1BfAdz-0006r5-85 <= mobile@itcow.com H=(support.antlabs.com) [202.172.38.6] P=smtp S=6969
2004-06-29 13:04:43 1BfAnQ-0007E3-C3 => mobile <mobile@itcow.com> R=virtual_user T=virtual_localdelivery

From new server, send no problem, receiving problem, no mails were ever received but i tried sending from mobile@itcow.com to mobile@itcow.com i get the e-mail immediately.

Following is the only line for mobile@itcow.com

[root@aragorn XSilver]# cat /var/log/exim/mainlog | grep mobile@itcow.com
2004-06-28 09:57:50 1BelP0-0000fP-UL => mobile <mobile@itcow.com> R=virtual_user T=virtual_localdelivery

Hello,

Run this:

grep 1BelP0-0000fP-UL /var/log/exim/mainlog

to see all the logs records for that message.

Just a note.... I telnetted to 25 for your domain, it showed "aragorn.ministryofhosting.com" as the hostname. I did a lookup on that record, and it doesn't resolve. Make sure the hostname resolves.

John

Originally posted by DirectAdmin Support
Hello,

Run this:

grep 1BelP0-0000fP-UL /var/log/exim/mainlog

to see all the logs records for that message.

Just a note.... I telnetted to 25 for your domain, it showed "aragorn.ministryofhosting.com" as the hostname. I did a lookup on that record, and it doesn't resolve. Make sure the hostname resolves.

John

Hi John,

the command returns:


[root@aragorn root]# grep 1BelP0-0000fP-UL /var/log/exim/mainlog
2004-06-28 09:57:50 1BelP0-0000fP-UL <= yap_siew_meng@moe.edu.sg H=(gw2.myedumail.moe.edu.sg) [166.121.5.65] P=esmtp S=9854 id=3515a934c24c.34c24c3515a9@moe.edu.sg
2004-06-28 09:57:50 1BelP0-0000fP-UL => mobile <mobile@itcow.com> R=virtual_user T=virtual_localdelivery
2004-06-28 09:57:50 1BelP0-0000fP-UL Completed

How do i make it resolve? sorry for the trouble.

Hello,

Just add an A record "aragorn" to the "ministryofhosting.com" domain, with the server's main IP as the value.

John

Originally posted by DirectAdmin Support
Hello,

Just add an A record "aragorn" to the "ministryofhosting.com" domain, with the server's main IP as the value.

John

Hi John, can you guide me on how to exactly go about doing that? i'm a little lost with /etc/named.conf

Hello,

Login to DA as admin, go to:

Admin Panel -> Dns Administration -> ministryofhosting.com

At the bottom of the page there should be a few input areas. There should be one for "A" records. Enter

aragorn

and then the server IP in the box to the right, then click Save.

John

Originally posted by DirectAdmin Support
Hello,

Login to DA as admin, go to:

Admin Panel -> Dns Administration -> ministryofhosting.com

At the bottom of the page there should be a few input areas. There should be one for "A" records. Enter

aragorn

and then the server IP in the box to the right, then click Save.

John

Thanks John but i'm just wondering why doesn't it work for gandalf.ministryofhosting.com but it works fine for aragorn.ministryofhosting.com

Aragorn's IP belongs to server 2 (new server).

Hello,

both of those names are resolving now. What's the error you're getting now?

John

Originally posted by DirectAdmin Support
Hello,

both of those names are resolving now. What's the error you're getting now?

John

Hi John, i'm not getting any error, the mail is just missing. Mail does not come in at all for anything send to any_user@itcow.com

What else you need to help me troubleshoot?

I think the problem is with the sender's e-mail address which i really find funny. I used support@ministryofhosting.com (old server) to mail out to others all no problem it seems but sending to gwee1@itcow.com makes the mail disappear. Migration cause the problem? Itcow.com was on the old server and was migrated recently.

I found out using a Yahoo mail, sending from this yahoo mail to gwee1@itcow.com no problem, and using gwee1@itcow.com to send to thhis yahoo accoun also no problem.

Thanks for upgrading to 1.1.7e. That should avoid some problems with parsing the UIDL output.

However, the main problem still persists: today I had at least two real messages tacked onto the end of Russian spam messages, and therefore invisible unless you look at the raw text because the real message is after the final MIME boundary of the spam.

Unfortunately, by the time I notice this, the message has already been redelivered a couple of times and deleted from the original mailbox.

It might not be vm-pop3d's fault.

Whenever this happens, it's always Russian spam, so I would guess there is something strange about the Russian spam. If it's not the Lines or Content-Length, perhaps the spam is arriving without a final newline or something like that.

I looked at the mailbox parsing in vm-pop3d-1.1.6/extra.c and it's very simple: it looks for "\n\nFrom ". The merged message I have appears to have a blank line before the "From ", so the only way I can think of how it might go wrong is if vm-pop3d sees "\n\r\nFrom ". I don't know whether Exim 4.24 can be configured to write such a thing ...

Aha. I think I can see a bug in vm-pop3d-1.1.6/extra.c that might explain the symptoms: perhaps the Russian spam contains a '\0'. The code in extra.c uses strchr(buf, '\n') to decide whether it's seen the end of a line. If the last line of the Russian spam contains a '\0' then it won't see the '\n' and it will eat the blank line that forms part of the message separator.

YES! I can now reproduce the problem using this Perl script.

Do I get a prize, or must I make do with just the glory and honour?

#!/usr/bin/perl -w

use Net::SMTP;

$server = 'xxxx.org';
$address = 'test@xxxx.org';

$header = <<"END"
From: $address
To: $address
Subject: test

END
;

$message1 = $header . "With null\n\0";
$message2 = $header . "Without null\n";

$smtp = Net::SMTP->new($server);
$smtp->mail($address);
$smtp->to($address);
$smtp->data($message1);
$smtp->quit();

$smtp = Net::SMTP->new($server);
$smtp->mail($address);
$smtp->to($address);
$smtp->data($message2);
$smtp->quit();

Hello,

Yes, you get the wonderful prize of a new release of vm-pop3d (vm-pop3d-1.1.7f-T6). I'll package that up in the next few days.

John