Solved

Linux Qmail-Server for local mail is not working if internet is down..how to solve this issue?

Posted on 2006-11-13
9
345 Views
Last Modified: 2013-12-06
Hi Experts,
I am a newbie to linux, detailed explanation would be appreciated.
I configured Qmail MAIL on Fedora core 4 server and the same is acting as Internet proxy server too.
Mail server role is to serve the local mails POP3 and SMTP to Intranet (i.e. mydomain.com) and forward Outgoing mail (i.e. all other mails) to email ISP and download the mails through fetch-mail service from same ISP.

I have got Two NIC one (Eth0) is configured to Local LAN and other (Eth1) is configured to DSL router connecting to 1Mbps broadband.

Now if the internet is down or slow on Eth1 the Local emails on LAN side also not processing. The mail server is not accepting the incoming mails if the internet is down. Emails will stuck in OUTBOX of Email client (Microsoft Outlook in a client machine).

The little more interesting thing is if I down the Eth1(WAN side) [ #ifdown eth1 ] then the local mails(i.e. for mydomain.com) are processing and delivering locally.
Also if I send to outside mail account for ex: to yahoo, its queuing as expected.

And If the Eth1 is also up and Internet is down from the ISP side Q-mail server is not working.
How should I address to solve this issue……

Thanks in Advance.


0
Comment
Question by:hivos
  • 5
  • 4
9 Comments
 
LVL 34

Expert Comment

by:Duncan Roe
ID: 17941289
Possibly Qmail is sending DNS requests over eth1. As root, do "tcpdump -i eth1" to check. Post results.
0
 

Author Comment

by:hivos
ID: 17954081
DSL is connected to eth1... and it is sending DNS requests over eth1.
My problem is If internet is down from ISP. Qmail server is not accepting the incommimg mails from mail client, even for local mails.

If ISP is down, server has to deliver the local mails immidietly and wait for internent connection to send other outside mails..

How to resolve this issue?
0
 
LVL 34

Expert Comment

by:Duncan Roe
ID: 17954281
I understand what your problem is, that's why I want to see the tcpdump. I suspect your netrwork is (mis)configued so qmail needs an answer of some kind from DNS before it will try locals.
Are the local systems so configured to qmail?
0
 

Author Comment

by:hivos
ID: 17954967
local systems(XP workstations with  MS OUTLOOK2002 POP3) are configured to qmail server.
Primary and secondary DNS in a Qmail server is configured to ISP's DNS Address.
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 34

Expert Comment

by:Duncan Roe
ID: 17959737
Force the scenario where eth1 is down by disconnecting the modem's connection to the network. Start tcpdump on eth1. Try to send some local mail. Wait a few minutes to be sure it's not working. Stop tcpdump. Re-connect network. Post tcpdump output. This is my last answer unti I see that post.
0
 

Author Comment

by:hivos
ID: 17964291
Eth0(LAN):192.168.10.1
Eth1(WAN):192.168.20.10
GW::192.168.20.1
Mail client IP:192.168.10.140

Executed #tcpdump -i eth1
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes

14:56:37.782596 IP 192.168.20.10.41352 > 61.1.96.71.domain:  21196+ PTR? 71.96.1.61.in-addr.arpa. (41)
14:56:37.838600 IP 192.168.20.10.59258 > 61.1.96.69.domain:  28701+ PTR? 1.10.168.192.in-addr.arpa. (42)
14:56:38.802684 IP 192.168.20.10.60166 > 61.1.96.69.domain:  47046+ PTR? 1.10.168.192.in-addr.arpa. (42)
14:56:40.858820 IP 192.168.20.10.58547 > 61.1.96.71.domain:  64722+ PTR? 1.10.168.192.in-addr.arpa. (42)
14:56:42.782907 IP 192.168.20.10.41355 > 61.1.96.69.domain:  21196+ PTR? 71.96.1.61.in-addr.arpa. (41)
14:56:43.331068 IP 192.168.20.10.54330 > 61.1.96.71.domain:  50865+ PTR? 1.10.168.192.in-addr.arpa. (42)

After disconnecting the cable from DSL router end
there nothing has dumped..

I sent a local mails from client..it was stuck in a Outbox..
waited for 3-4 min..
and reconnected back the cable.
Following continued after reconnecting the cable. and then Local mails dispatched from OutBOX from mail client and delivered

15:09:48.442733 arp who-has 192.168.20.10 tell 192.168.20.1
15:09:48.675925 arp who-has 192.168.20.1 tell 192.168.20.10
15:09:48.677706 arp reply 192.168.20.1 is-at 00:0f:a3:50:e2:73
15:09:48.677721 IP 192.168.20.10.59258 > 61.1.96.69.domain:  28701+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:09:48.677730 IP 192.168.20.10.8479 > 61.1.96.69.domain:  7545+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:09:49.174953 IP 192.168.20.10.64715 > 61.1.96.71.domain:  61116+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:09:49.364154 IP 192.168.20.10.61146 > 61.1.96.71.domain:  50865+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:09:49.692126 IP 192.168.20.10.58547 > 61.1.96.71.domain:  64722+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:09:49.696112 IP 192.168.20.10.6147 > 61.1.96.71.domain:  53988+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:09:52.192284 IP 192.168.20.10.59258 > 61.1.96.69.domain:  28701+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:09:54.540451 IP 192.168.20.10.48823 > 61.1.96.71.domain:  45465+ PTR? 140.10.168.192.in-addr.arpa. (43)
15:09:55.212511 IP 192.168.20.10.27351 > 61.1.96.71.domain:  64722+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:10:00.712823 IP 192.168.20.10.10118 > 61.1.96.69.domain:  31416+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:10:00.716783 IP 192.168.20.10.36391 > 61.1.96.69.domain:  47287+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:10:01.112842 IP 61.1.96.69.domain > 192.168.20.10.10118:  31416 NXDomain 0/1/0 (97)
15:10:01.114629 IP 61.1.96.69.domain > 192.168.20.10.36391:  47287 NXDomain 0/1/0 (97)
15:10:17.477864 IP 192.168.20.10.47460 > 61.1.96.69.domain:  54626+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:10:18.885958 IP 192.168.20.10.10118 > 61.1.96.69.domain:  31416+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:10:19.289436 IP 61.1.96.69.domain > 192.168.20.10.10118:  31416 NXDomain 0/1/0 (97)
15:10:22.193922 IP 192.168.20.10.64715 > 61.1.96.71.domain:  61116+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:10:25.233085 IP 192.168.20.10.59258 > 61.1.96.69.domain:  28701+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:10:26.046394 IP 192.168.20.10.36391 > 61.1.96.69.domain:  47287+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:10:28.250528 IP 192.168.20.10.58547 > 61.1.96.71.domain:  64722+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:10:32.478210 IP 192.168.20.10.41377 > 61.1.96.71.domain:  14492+ PTR? 1.0.0.224.in-addr.arpa. (40)
15:10:34.386978 IP 192.168.20.10.23378 > 61.1.96.69.domain:  25287+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:10:37.067096 IP 192.168.20.10.2381 > 61.1.96.71.domain:  45465+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:10:37.475098 IP 192.168.20.10.41378 > 61.1.96.69.domain:  14492+ PTR? 1.0.0.224.in-addr.arpa. (40)
15:10:38.943061 arp who-has 192.168.20.1 tell 192.168.20.10
15:10:38.944675 arp reply 192.168.20.1 is-at 00:0f:a3:50:e2:73
15:10:39.271243 IP 192.168.20.10.10118 > 61.1.96.69.domain:  31416+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:10:39.563242 IP 192.168.20.10.20452 > 61.1.96.69.domain:  51003+ PTR? 140.10.168.192.in-addr.arpa. (43)
15:10:39.962111 IP 61.1.96.69.domain > 192.168.20.10.20452:  51003 NXDomain 0/1/0 (98)
15:10:41.462095 IP 192.168.20.10.64715 > 61.1.96.71.domain:  61116+ PTR? 140.10.168.192.in-addr.arpa. (43)
15:10:42.475412 IP 192.168.20.10.41377 > 61.1.96.71.domain:  14492+ PTR? 1.0.0.224.in-addr.arpa. (40)
15:10:44.479509 IP 192.168.20.10.59258 > 61.1.96.69.domain:  28701+ PTR? 140.10.168.192.in-addr.arpa. (43)
15:10:47.475728 IP 192.168.20.10.41378 > 61.1.96.69.domain:  14492+ PTR? 1.0.0.224.in-addr.arpa. (40)
15:10:47.499704 IP 192.168.20.10.58547 > 61.1.96.71.domain:  64722+ PTR? 140.10.168.192.in-addr.arpa. (43)
15:10:50.291917 IP 192.168.20.10.54330 > 61.1.96.71.domain:  50865+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:10:58.520408 IP 192.168.20.10.10118 > 61.1.96.69.domain:  31416+ PTR? 140.10.168.192.in-addr.arpa. (43)
15:11:02.276715 IP 192.168.20.10.20452 > 61.1.96.69.domain:  46851+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:11:04.173547 IP 192.168.20.10.64715 > 61.1.96.71.domain:  61116+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:11:07.192971 IP 192.168.20.10.59258 > 61.1.96.69.domain:  28701+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:11:09.541138 IP 192.168.20.10.61146 > 61.1.96.71.domain:  50865+ PTR? 140.10.168.192.in-addr.arpa. (43)
15:11:10.213166 IP 192.168.20.10.58547 > 61.1.96.71.domain:  64722+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:11:10.851064 IP 192.168.20.10.64715 > 61.1.96.71.domain:  61116+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:11:12.067830 IP 192.168.20.10.15093 > 61.1.96.71.domain:  61116+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:11:13.869369 IP 192.168.20.10.59258 > 61.1.96.69.domain:  28701+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:11:15.085469 IP 192.168.20.10.8479 > 61.1.96.69.domain:  7545+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:11:16.901094 IP 192.168.20.10.6147 > 61.1.96.71.domain:  64722+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:11:18.118881 IP 192.168.20.10.27351 > 61.1.96.71.domain:  53988+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:11:21.233862 IP 192.168.20.10.10118 > 61.1.96.69.domain:  31416+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:11:22.089945 IP 192.168.20.10.48356 > 61.1.96.69.domain:  54626+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:11:27.918264 IP 192.168.20.10.36391 > 61.1.96.69.domain:  47287+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:11:28.926510 IP 192.168.20.10.64715 > 61.1.96.71.domain:  61116+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:11:29.138364 IP 192.168.20.10.60166 > 61.1.96.69.domain:  47046+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:11:29.283565 IP 61.1.96.69.domain > 192.168.20.10.60166:  47046 NXDomain 0/1/0 (97)
15:11:31.972405 IP 192.168.20.10.59258 > 61.1.96.69.domain:  28701+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:11:32.254559 IP 192.168.20.10.2381 > 61.1.96.71.domain:  50865+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:11:32.918437 arp who-has 192.168.20.1 tell 192.168.20.10
15:11:32.918987 arp reply 192.168.20.1 is-at 00:0f:a3:50:e2:73
15:11:34.990683 IP 192.168.20.10.58547 > 61.1.96.71.domain:  64722+ PTR? 2.1.168.192.in-addr.arpa. (42)
15:11:35.314732 IP 192.168.20.10.48823 > 61.1.96.69.domain:  6869+ PTR? 2.1.168.192.in-addr.arpa. (42)
15:11:38.943034 IP 192.168.20.10.27862 > 61.1.96.71.domain:  45465+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:11:46.011404 IP 192.168.20.10.10118 > 61.1.96.69.domain:  31416+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:11:46.162298 IP 61.1.96.69.domain > 192.168.20.10.10118:  31416 NXDomain 0/1/0 (97)
15:11:54.563964 IP 192.168.20.10.47460 > 61.1.96.69.domain:  25287+ PTR? 140.10.168.192.in-addr.arpa. (43)
15:12:11.462428 IP 192.168.20.10.64715 > 61.1.96.71.domain:  61116+ PTR? 140.10.168.192.in-addr.arpa. (43)
15:12:14.481189 IP 192.168.20.10.59258 > 61.1.96.69.domain:  28701+ PTR? 140.10.168.192.in-addr.arpa. (43)
15:12:17.277369 IP 192.168.20.10.48356 > 61.1.96.69.domain:  54626+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:12:17.501428 IP 192.168.20.10.58547 > 61.1.96.71.domain:  64722+ PTR? 140.10.168.192.in-addr.arpa. (43)
15:12:19.932144 IP 192.168.20.10.64715 > 61.1.96.71.domain:  61116+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:12:23.965784 IP 192.168.20.10.20452 > 61.1.96.69.domain:  46851+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:12:24.929684 arp who-has 192.168.20.1 tell 192.168.20.10
15:12:24.930252 arp reply 192.168.20.1 is-at 00:0f:a3:50:e2:73
15:12:25.969890 IP 192.168.20.10.6147 > 61.1.96.71.domain:  64722+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:12:28.522059 IP 192.168.20.10.10118 > 61.1.96.69.domain:  31416+ PTR? 140.10.168.192.in-addr.arpa. (43)
15:12:28.923620 IP 61.1.96.69.domain > 192.168.20.10.10118:  31416 NXDomain 0/1/0 (98)
15:12:29.629340 IP 192.168.20.10.64715 > 61.1.96.71.domain:  61116+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:12:30.172076 IP 192.168.20.10.15093 > 61.1.96.71.domain:  61116+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:12:32.646286 IP 192.168.20.10.59258 > 61.1.96.69.domain:  28701+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:12:33.190345 IP 192.168.20.10.8479 > 61.1.96.69.domain:  7545+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:12:35.666505 IP 192.168.20.10.58547 > 61.1.96.71.domain:  64722+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:12:36.210578 IP 192.168.20.10.27351 > 61.1.96.71.domain:  53988+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:12:36.392239 IP 192.168.20.10.64715 > 61.1.96.71.domain:  61116+ PTR? 1.10.168.192.in-addr.arpa. (42)
15:12:36.990571 IP 192.168.20.10.36391 > 61.1.96.69.domain:  47287+ PTR? 1.10.168.192.in-addr.arpa. (42)

[1]+  Stopped                 tcpdump -i eth1
[root@Myserver ~]#



0
 
LVL 34

Accepted Solution

by:
Duncan Roe earned 500 total points
ID: 17969039
Good on you for posting that - I think it shows the problem.
Perhaps I didn't explain clearly enough - I didn't want you to disconnect either end of the cable that plugs into your system because then the NIC would realise there was no carrier and not try to send anything. I wanted you to disconnect the cable (or telephone line, whatever) between your modem and the outside world. That way the local NIC would likely not be aware and would keep sending. Never mind, here is your problem:
   14:56:37.838600 IP 192.168.20.10.59258 > 61.1.96.69.domain:  28701+ PTR? 1.10.168.192.in-addr.arpa. (42)
Yor system is doing a reverse lookup on the local address 192.168.10.1
If it's working, DNS responds that it doesn't know, so then the application looks at the hosts file.
You have to configure that it looks at the hosts file first. Or, configure a local DNS to handle authoritatively the 192.168.0.0 network and pass through everything else. External DNS has hunted all round the world to find an answer, that's why it took so long to respond. See for example http://www.experts-exchange.com/Operating_Systems/Linux/Q_22043800.html
Modify or create the file /etc/host.conf to include the line:
   order hosts, bind
Ensure /etc/hosts contains entries for 192.168.1.10 and any other 192.168 addresses in use (including 192.168.20.10 if not there already). If you do that, you shouldn't need a local DNS
0
 

Author Comment

by:hivos
ID: 18001596
Thanks, It is working after I configured the local DNS. But it is not working without local DNS although I made an entry of all interfaces in a /etc/hosts and modified the host.conf to look host file first.
my /etc/hosts file look like this.
127.0.0.1       localhost.localdomain   localhost
192.168.20.10   mailserver.mydomain.com        mailserver
192.168.10.1     mailserver.mydomain.com        mailserver
192.168.10.91     mailclient.mydomain.com        mailclient

Should I do any other modifications other than this to work without local DNS configured?

0
 
LVL 34

Expert Comment

by:Duncan Roe
ID: 18001674
If it works with a local DNS, what's the problem in leaving it that way? DNS can answer MX queries and other stuff that the hosts file can never hope to do. And your hosts file has 2 entries with identical names - 2 NICs on the same host I guess: in an ideal world that'd be OK but I wonder if software will handle it flawlessly. For instance, if you place a call to mailserver, what route is it going to take? In my experience, multiple interfaces on the same box have had to have different names as well as different IP addresses (OK I managed 2 NICs with the same IP once - but I used host routing)
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

This document is written for Red Hat Enterprise Linux AS release 4 and ORACLE 10g.  Earlier releases can be installed using this document as well however there are some additional steps for packages to be installed see Metalink. Disclaimer: I hav…
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now