Email filter, permission denied
Testing email filters causes an error:
This server is set up to use the dedicated IP for each account as the mail sender, and the IPs are set up in both "/etc/mail_reverse_dns" and "/etc/mailips", with both files agreeing. Permissions are 640 on these, owned by root:mail. The only way to get a filter test to work is to set the permissions to 666 on "mail_reverse_dns" (support folks at the company I have this VPS suggested this), and it's the only thing currently working. It's likely the next Cpanel update (daily) will see that and edit, so no long term fix. Any suggestions here would be appreciated.
LOG: MAIN PANIC DIE
failed to expand "${lookup{$interface_address}lsearch{/etc/mail_reverse_dns}{$value}{$primary_hostname}}" (smtp_active_hostname): failed to open /etc/mail_reverse_dns for linear search: Permission denied (euid=501 egid=501)This server is set up to use the dedicated IP for each account as the mail sender, and the IPs are set up in both "/etc/mail_reverse_dns" and "/etc/mailips", with both files agreeing. Permissions are 640 on these, owned by root:mail. The only way to get a filter test to work is to set the permissions to 666 on "mail_reverse_dns" (support folks at the company I have this VPS suggested this), and it's the only thing currently working. It's likely the next Cpanel update (daily) will see that and edit, so no long term fix. Any suggestions here would be appreciated.
-
Hello, Could you post the output of /etc/exim.conf.local on your system? It's possible this is related to internal case number 148377, but I'd like to see that output before making that determination. Thank you. 0 -
Thanks, Michael. Here it is: @AUTH@ @BEGINACL@ @CONFIG@ queue_only_override = false message_logs = false smtp_banner = "${smtp_active_hostname} ESMTP Exim ${version_number} \#${compile_number} ${tod_full} \n We do not authorize the use of this system to transport unsolicited, \n and/or bulk e-mail." smtp_active_hostname = ${lookup{$interface_address}lsearch{/etc/mail_reverse_dns}{$value}{$primary_hostname}} message_id_header_domain = $smtp_active_hostname @DIRECTOREND@ @DIRECTORMIDDLE@ @DIRECTORSTART@ @ENDACL@ @POSTMAILCOUNT@ @PREDOTFORWARD@ @PREFILTER@ @PRELOCALUSER@ @PRENOALIASDISCARD@ @PREROUTERS@ @PREVALIASNOSTAR@ @PREVALIASSTAR@ @PREVIRTUALUSER@ @RETRYEND@ @RETRYSTART@ @REWRITE@ @ROUTEREND@ @ROUTERMIDDLE@ @ROUTERSTART@ @TRANSPORTEND@ @TRANSPORTMIDDLE@ @TRANSPORTSTART@0 -
Hello, Internal case number 148377 is open to address an issue where the cPanel UI mail filter rule test will fail due to a permissions error when /etc/mail_reverse_dns is referenced in a custom Exim configuration. There's currently no time frame on a resolution, but I've attached a a temporary patch you can use until that time. The supplied patch can be applied via the /scripts/postupcp hook using commands such as: mv /root/updateuserdomains.txt /root/updateuserdomains.patch vi /scripts/postupcp
Ensure the postupcp file has the following lines:#!/bin/bash patch -N -p 0 -r - < /root/updateuserdomains.patch
Thank you.0 -
Thanks, Michael. I see the txt file doesn't current exist on the server, so this would just be a straight edit of creating the .patch file that's being called, is that right? I see that will set perms on the file in question (mail_reverse_dns) to 644, but at 644 it was still erroring out. It was only when that was assigned 666 it worked. Am I missing something in that which allows that to work with less permission granted? 0 -
Update: Added the file "/root/updateuserdomains.patch" with the contents in the attached text doc (root:root and 644), then added the lines to postupcp just before upcp ran. It completed, showed it ran postupcp, no change to the issue or file perms (still 640 on that file). Wondering where I'd gone wrong. 0 -
Hello, The /scripts/updateuserdomains file has changed since that patch was first developed. Try using the following contents in that patch file to see if it makes a difference: --- /usr/local/cpanel/scripts/updateuserdomains.orig 2014-12-20 08:32:37.799997831 -0600 +++ /usr/local/cpanel/scripts/updateuserdomains 2014-12-20 08:34:00.476999244 -0600 @@ -65,10 +65,11 @@ my $force = 0; my $exim_dbmbuild; my %permissions_list = ( - '/etc/remotedomains' => 0644, # case 169545: must be readable for autodiscovery exemption - '/etc/relayhosts' => 0644, - '/etc/relayhostsusers' => 0644, - '/etc/trueuserowners' => 0644, - 'default' => 0640, + '/etc/mail_reverse_dns' => 0644, + '/etc/remotedomains' => 0644, # case 169545: must be readable for autodiscovery exemption + '/etc/relayhosts' => 0644, + '/etc/relayhostsusers' => 0644, + '/etc/trueuserowners' => 0644, + 'default' => 0640, ); if (@ARGV) {
You can run "/scripts/updateuserdomains" after running "/scripts/postupcp" to verify it corrects the permissions. Thank you.0 -
No joy, I'm afraid. patch: **** malformed patch at line 4: my $force = 0;0 -
It's working well on a test server, so it could be how you are pasting the data. Are you copying it from the text file on a Windows machine? Or, are you pasting it from the CODE output through an editor such as VIM? Thank you. 0 -
On Windows, but copied from this post above (no text file for the new version) and pasted directly into nano. I'm going to stick it into a good text editor first, see if anything weird is in it and copy from there. [edit] Nothing showed, still hates it. 0 -
Manually edited the previous text file to have the new lines, and copied from that. Different error now, so it looks like something to do with the forum and copying. Any chance you could stick that in a text file? This is the new error: patching file /usr/local/cpanel/scripts/updateuserdomains Hunk #1 FAILED at 65. 1 out of 1 hunk FAILED -- saving rejects to file -0 -
What version of cPanel is installed on your system? Thank you. 0 -
CENTOS 5.11 i686 virtuozzo WHM 11.48.3 (build 0) 0 -
This issue is addressed in cPanel version 11.50 with the removal of the /etc/mail_reverse_dns entry. As it's addressed in 11.50, you could simply manually update the /scripts/updateuserdomains file in the meantime if the patch is not working. EX: vi /scripts/updateuserdomains
Add this entry below "'/etc/trueuserowners' => 0644,"'/etc/mail_reverse_dns' => 0644,
Or, setup a temporary cron job that updates the permissions of /etc/mail_reverse_dns on a regular basis until you have updated to cPanel version 11.50. Thank you.0
Please sign in to leave a comment.
Comments
13 comments