Extra Outbound Messages in Qmail

Posted on 2009-05-13
Last Modified: 2013-12-02
I have NDRs for *legitimate* outbound email from extra addresses that were not on the original message created by the user.

For example, user A sends email to user about something.  A little later user A will get an NDR saying "Could not deliver your message to A copy of the message is below" and it's the legit email.

Can you offer me some troubleshooting and maintenance things to try?  I'm an exchange admin who fell into Qmail admin almost by accident, so I don't really know what I'm doing.  I know my basic way around the unix command line, but not too deep.
Thanks for your time.
Question by:Scottmanoh
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3

Author Comment

ID: 24394245
More details.  Here is the NDR:

Hi. This is the qmail-send program at
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

qmail-spawn unable to open message. (#4.3.0) I'm not going to try again; this message has been in the queue too long.

<there are 4 of these, all very similar legitimate looking email addresses and then>
--- Below this line is a copy of the message.

The message below the line is a legitimate email that was delivered to an associate in our company.

Thanks for any suggestions you might be able to give.
LVL 20

Expert Comment

by:Daniel McAllister
ID: 24396524
You seem to have a permissions error in your QMail Queue. The result is that the service that delivers messages is unable to open those messages for delivery, and perhaps is also prohibited from adding or removing messages from the queue as well.

The typical QMail queue is located at /var/qmail/queue, and since we're debugging permissions, the permissions of this folder should be 750, with the OWNER being qmailq & the group qmail.

The contents of this folder should be the following folders:
 bounce, info, local, & remote - all should be OWNED by qmails & belong to the GROUP qmail
 intd, lock, mess, pid, & todo - all should be OWNED by qmailq & belong to the GROUP qmail
(NOTE: half are owned by qmailS & the other half by qmailQ)

Permissions on all should be 700 - EXCEPT for lock, mess, & todo - which should be 750!

A fully-featured Queue will have 23 (0-22) sub-folders (named, curiously enough, "0" thru "22") in each of the following folders: info, local, mess, & remote. The other folders should have no sub-folders.

A NOTE OF CAUTION: my user & group names (as well as the location of the queue) assumes you installed QMail in the same way/place as "Life With QMail" -- your implementation may be different. Even so, the permissions will need to be as shown above.

I hope this helps....


PS: One last thing -- the above error can also be caused by a FULL hard drive -- check to make sure your queue has space to work in!

Author Comment

ID: 24396784
Thanks Dan, I appreciate you writing!  

All permissions are as you have noted above.
Additionally, the disk with the queue's is only 10% of capacity.

The messages that could not be opened look like attempts to send copies of a legitimate email to people NOT originally on the To: or CC: or Bcc: fields.

In other words, he meant to send it to user A, but it also tried to send to user b, c and d, who were not supposed to get it, and not addressed in the message when he composed it on his PC.

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 20

Accepted Solution

Daniel McAllister earned 500 total points
ID: 24397040
Hmmm.... that IS unusual -- the TO and FROM sections of the message are stored separately in the queue (they are organized by message number)...

Say I receive a message from addressed to When I start receiving the message, I assign the message a number -- say, 123456 for now.

I will place the content of the message into the mess queue in a file named 123456. I will then create a file in the local queue, also named 123456, with the list of recipients (to my knowledge, the TO: recipients get a prefix of T, CC recipients get a C, and BCC recipients get a B -- so in the case above, the entry in local will be

If there are recipients for other servers (like a message that is CC'd to another user at another domain), then an entry is made (file created named 123456) in the remote queue just like the local queue.

Lastly, there is an entry made (file created named 123456) in the info queue that will indicate who the message was from (

In this way, a message received for multiple recipients can be entered into multiple queues without having to duplicate the entire message body!

The program qmail-local (service, actually) will read the local queue and deliver messages locally (and remove the 123456 entry from the local queue when this has been completed).

The program qmail-remote (again, a service) will read the remote queue and deliver messages to remote servers, again removing the 123456 entry when completed.

Finally, the qmail-clean service will remove the message body when there are no more entries in the local or remote queues!

OK... so how does this affect you?

There are only 2 ways (unobscure ways) that the message could be delivered incorrectly locally:
 1) someone or something is messing with the local queue entry, or
 2) there is a forward or alias definition making the message go to a mailbox you're not expecting.

The latter is more probable (assuming your permissions are correct), so I'd  next check the .qmail files for the users affected (or your MySQL database if you're using that as a back-end).

I hope this helps...


Author Comment

ID: 24397146
Thanks again Dan,

In addition to checking .qmail files,  is there a set of regular maintenance routines I should be doing on my QMAIL server?

LVL 20

Expert Comment

by:Daniel McAllister
ID: 24397287
Actually no... QMail generally runs (and cleans up after itself) quite well. In my experience, once it is setup correctly, the only maintenance required is user-generated (add, remove, modify users, domains, admins, etc.).

Then again, I use the QMail Toaster and only bother to "update" anything other than CLAM about once a year or so! :-) (QMail itself hasn't been "updated" in many years -- it doesn't need it! What is generally updated are the "add-on" packages like the SPAM & antivirus filters, or the management programs.)

Good luck!

LVL 20

Expert Comment

by:Daniel McAllister
ID: 24397299
BTW: if this behavior is being caused by a forward, then that is a user config issue (possibly caused directly by the user!), not a general QMail issue...


Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Easy CSR creation in Exchange 2007,2010 and 2013
The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question