pmg-smtp-filter cannot remove rule

H

Heiko Siewert

Active Member
Proxmox Subscriber
Oct 1, 2018
17
1
43
Hello,

I have writte some time ago a blacklist rule which should block sender with the tld ".xyz"
After a while I removed the rule and deleted all entries belonging to it but in the logs of both nodes I see this:

Code: 
Feb  8 09:44:56 xxxxxxxx pmg-smtp-filter[1647]: WARNING: ^* matches null string many times in regex; marked by <-- HERE in m/^* <-- HERE .\.[xyzXYZ]{3}$/ at /usr/share/perl5/PMG/RuleDB/WhoRegex.pm line 90.

I'm not able to find this rule in any filtersetting.

Is there a way to remove this setting / rule / entry ?

kind regards
 
can you show us your rules/who objects?

if they are really gone, you should be able to simply restart the pmg-smtp-filter and they should be gone
 
ok weird,

can you do

Code: 
systemctl restart pmg-smtp-filter

and send the syslog beginning with the restart until a bit after such an error occurs?
 
hi,

* this is not the syslog (i wanted to see what else happens on the machine)
* the restart happened after the error in the log in this case
* please either post the text directly, or attach it as file (makes it easier to search)
 
  • Like
Reactions: Stoiko Ivanov
Hoppala ...

# systemctl restart pmg-smtp-filter && tail -f /var/log/syslog

Feb 9 14:05:04 mx02 systemd[1]: Starting Proxmox SMTP Filter Daemon...
Feb 9 14:05:04 mx02 pmg-smtp-filter[3614]: Process Backgrounded
Feb 9 14:05:04 mx02 pmg-smtp-filter[3614]: 2021/02/09-14:05:04 main (type Net::Server::PreFork) starting! pid(3614)
Feb 9 14:05:04 mx02 pmg-smtp-filter[3614]: Binding to TCP port 10023 on host 127.0.0.1 with IPv4
Feb 9 14:05:04 mx02 pmg-smtp-filter[3614]: Binding to TCP port 10024 on host 127.0.0.1 with IPv4
Feb 9 14:05:04 mx02 pmg-smtp-filter[3614]: Group Not Defined. Defaulting to EGID '0'
Feb 9 14:05:04 mx02 pmg-smtp-filter[3614]: User Not Defined. Defaulting to EUID '0'
Feb 9 14:05:04 mx02 pmg-smtp-filter[3614]: Setting up serialization via flock
Feb 9 14:05:04 mx02 pmg-smtp-filter[3614]: Filter daemon (re)started (max. 40 processes)
Feb 9 14:05:04 mx02 systemd[1]: Started Proxmox SMTP Filter Daemon.
Feb 9 14:05:06 mx02 pmg-smtp-filter[3614]: Beginning prefork (2 processes)
Feb 9 14:05:06 mx02 pmg-smtp-filter[3614]: Starting "2" children
Feb 9 14:05:11 mx02 pmgpolicy[3299]: starting policy database maintainance (greylist, rbl)
Feb 9 14:05:11 mx02 pmgpolicy[3299]: found 1 expired mails in greylisting database
Feb 9 14:05:11 mx02 pmgpolicy[3299]: end policy database maintainance (15 ms, 4 ms)
Feb 9 14:05:12 mx02 systemd[1]: Starting Check_MK (172.20.16.111:50498)...
Feb 9 14:05:12 mx02 systemd[1]: check_mk@17-172.20.32.22:6556-172.20.16.111:50498.service: Succeeded.
Feb 9 14:05:12 mx02 systemd[1]: Started Check_MK (172.20.16.111:50498).
Feb 9 14:05:27 mx02 postfix/smtpd[3419]: connect from SRV-EX-003.tp-do01.techprotect.de[172.20.16.106]
Feb 9 14:05:27 mx02 postfix/smtpd[3419]: Anonymous TLS connection established from srv-ex-003.tp-do01.techprotect.de[172.20.16.106]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
Feb 9 14:05:27 mx02 postfix/smtpd[3419]: EE453160CC8: client=SRV-EX-003.tp-do01.techprotect.de[172.20.16.106]
Feb 9 14:05:27 mx02 postfix/cleanup[3135]: EE453160CC8: message-id=<a6f4b650e9e24cxxxxxx0cda@techprotect.de>
Feb 9 14:05:27 mx02 postfix/qmgr[3036]: EE453160CC8: from=<Nxxxxxxxxct.de>, size=14292, nrcpt=1 (queue active)
Feb 9 14:05:27 mx02 pmg-smtp-filter[3618]: 2021/02/09-14:05:27 CONNECT TCP Peer: "[127.0.0.1]:41556" Local: "[127.0.0.1]:10023"
Feb 9 14:05:27 mx02 postfix/smtpd[3419]: disconnect from SRV-EX-003.tp-do01.techprotect.de[172.20.16.106] ehlo=2 starttls=1 mail=1 rcpt=1 bdat=1 quit=1 commands=7
Feb 9 14:05:27 mx02 pmg-smtp-filter[3618]: 160CCA60228897EFF20: new mail message-id=<a6f4b650e9e24ccabac3da2753990cda@techprotect.de>#012
Feb 9 14:05:28 mx02 postfix/smtpd[3431]: connect from localhost[127.0.0.1]
Feb 9 14:05:28 mx02 postfix/smtpd[3431]: 0AAAB160CD3: client=localhost[127.0.0.1], orig_client=SRV-EX-003.tp-do01.techprotect.de[172.20.16.106]
 
I have to reinitialized the cluster at ~14:01 to change out certificates.
Before that, the error repeated every minute but now (cross fingers), it look like it is gone.
Does this make sense to you ?
 
mhmm ok, maybe the cluster was not able to sync. you can check the syslog if that was the issue
 
You must log in or register to reply here.
Top Bottom