1

Topic: Intermittent access, spends more time down than up

==== Required information ====
- iRedMail version: 0.8.5
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Linux/BSD distribution name and version: Ubuntu 12.04 x32
- Related log if you're reporting an issue:
====

I installed iRedMail on a brand new virtual server last night but it spends more time down (totally inaccessible) than it does up and I don't know why. I installed exactly how it asked me to and I've set up all the relevant DNS to make it my mail server (MX records, SPF and pointing my mail.domain.tld at the server)

I can ping the address and dig it and everything looks okay and correct.

I've turned debugging on but there doesn't appear to be any "errors" just a long record of all the SQL queries. Are there any known issues with being able to access and any known fixes? I don't want to have to go back to OpenPanel *shudder*

It's very sporadic, sometimes it's up but most of the time it's down, can anyone help?

2

Re: Intermittent access, spends more time down than up

Excuse me, what do you mean "down" and "up"? Was the server shut down? or just the network connection?
If it's network connection related issue, maybe you should check network devices (router/firewall, etc), or ask your ISP.

3

Re: Intermittent access, spends more time down than up

It is not my ISP, The server is not shut down and the network connection is dandy.

down = inaccessible, I can't access anything at all either through the hostname or the IP address
up     = the opposite of the above.

4

Re: Intermittent access, spends more time down than up

- Is your IP address blocked in iptables rules? You can list all rules with command 'iptables -L -n'.
- Does the same issue occur if you disable iptables service?

5

Re: Intermittent access, spends more time down than up

I will check when I get back to my office and report back with my findings.

6

Re: Intermittent access, spends more time down than up

Sorry for the delay, I turned off iptables and I'm straight in.

This is an issue though because iptables is what iRedMail is using to ban bad IP's right? Is there any reason this might be happening?

7

Re: Intermittent access, spends more time down than up

davemackintosh wrote:

Sorry for the delay, I turned off iptables and I'm straight in.

This is an issue though because iptables is what iRedMail is using to ban bad IP's right? Is there any reason this might be happening?

Dave,

Check to make sure you do not have users trying to login with invalid credentials from your network. I had to disable fail2ban for the first week of deployment because my users were using invalid credentials with Outlook and Roundcube. Fail2Ban is a great piece of software to stop Brute force attacks, however, you can accidentally have your own IP address banned which would cause it.

Also - when you say your server is down, can you reach it from off of your network (Through mobile broadband or at a friend's house?)

8

Re: Intermittent access, spends more time down than up

It becomes entirely inaccessible in every way. Disabling iptables seems to work but I'm not really happy with this solution since like you say it stops some baddies from getting in. There is only me trying to log in at the moment since I'm trying to set up a stable mail server that any client can use to set up accounts/etc for their domain and I just hate cPanel..

9

Re: Intermittent access, spends more time down than up

You can stop Fail2ban service.

Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc. Generally Fail2Ban then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email, or ejecting CD-ROM tray) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, curier, ssh, etc).

10

Re: Intermittent access, spends more time down than up

Hi,

I have exactly the same problem, and no fix yet, the only way to get it working again without waiting for ????? time, is by doing service iptables restart. It fixes it instantly. But even with iptables disabled it still goes down and comes back up again.

11

Re: Intermittent access, spends more time down than up

Hi naudes,

You can disable Fail2ban service to avoid this issue.

12

Re: Intermittent access, spends more time down than up

It's just fail2ban doing its job...

run 'service iptables stop' to kill it off(temporarily), or unjail the offending IP using fail2ban client command line:
fail2ban-client set $jail unbanip $ip
Replace $jail with the respective jail your IP is locked in and $ip with your IP.

To prevent fail2ban from starting backup on reboot 'chkconfig fail2ban off'

... I will say though, doing this will expose your server to brute force techniques.