Plesk 8.3 - Messages stuck in MAIL QUEUE

Discussion in 'Parallels Plesk Panel for Linux - 8.x and Older' started by bskrakes, Apr 8, 2008.

  1. bskrakes

    bskrakes New Member

    Hi there,

    So as of my last server move I have been getting mail messages stuck in my mail queue. They don't appear to be originating from any of my clients. This is the error I see in all of the mail messages: (they are similar but have different destination addresses)

    Now those are just 2 of about 20 over the last few days. I am trying to figure out how and where they might be coming from. Any ideas where I should start? Thank you in advance!!
  2. boecherer

    boecherer New Member

    same issue

    I have a GoDaddy VDS with Plesk and have the same issue. As far as I can tell, it's mail being sent from spammers and it's sent from a spoofed email address to the spam recipient. If the spam recipient is an invalid email address, qmail tries to return the message to the sender, but since that address was spoofed, it may not be a valid email address either (and can't return the email to the "sender") and the "failure notice" gets stuck in the queue until it times out.

    To limit these, make sure you don't have catchall addresses, that you go into the domain, mail, preferences and set it to "reject" (for ALL domains) otherwise if you have it to bounce with message it will try to send it back.

    Also, if you are forwarding mail for some accounts, the sever you are forwarding to might be rejecting the mail you are trying to forward to them and then your server tries to send it back to the sender and also generates an internal failure notice so you get 2 emails stuck in the queue.

    I think the only way to fix this is to have some sort of spam filtering BEFORE qmail gets the mail so that spam can be rejected before qmail has to deal with it.

    Parallels. Any input on this. It's a real pain and there has to be some form of fix. Even with DNSBL turned on the problem still exists.
  3. bskrakes

    bskrakes New Member

    Plesk 8.3 - qmHandle - Messages stuck in MAIL QUEUE

    hey computica (like the name)

    thanks for your reply! all of what you said makes sense. i did some more research of my own and found a tool called qmHandle for qmail. This tool basically reads the mail messages stuck in the mail queue (from what i gather). once installed i was able to view the messages in queue. this gave me more insight and i was able to locate the domain and the e-mail within that domain which was receiving sick amounts of spam. i have disabled that account for now (probably 24 - 48 hours). See my below quote for my breif example... if you can't get a copy of qmHandle and want one let me know, i will post it on one of my sites for download.

    these are the links i used to help educate me :) oh installing qmHandle on Cent OS wasn't hard but it wasn't fun. it is not like a usual linux program or at least not one that i am used to. you basically unzip it and then run it while passing commands to it (make sense?? noramlly you run #qmHandle -[$option/command] but in my case i have to #./qmHandle -[$option/command])

    my concern now is that i have spamassassin set to "2" for points/hits for a message to qualify as spam, this obviously isn't working. maybe you can confirm if this is a high setting, i would think it is but you never know.

    i also have used spamhaus in my DNS blacklist filter but that doesn't seem to be helping at least not in this case.

    thanks and take care!
  4. boecherer

    boecherer New Member

    I've found qmHandle, but it doesn't seem like it would help much. This is a problem with qmail and the fact that it is accepting mail and not filtering spam BEFORE it handles it.

    I can actually view the messages from Plesk if I click the message, but only when I do it from my Mac. If I do it in Windows it tries to open a php script.

    My problem is that I know the domains and accounts receiving the spam, but I can't cancel the accounts since they are active accounts. And basically my issue is that a lot of the email is being forwarded to a client's Exchange server. Since it is spam the Exchange server rejects it and I get it back.

    If I kept the mail on my server I wouldn't have all the failure notices. So check to see if you have any email accounts that are forwards. Those are the ones that will generate a lot of outgoing SMTP traffic.

    As for the spam setting, I believe you are correct that 2 is a "high" setting. When spam arrives it gets assigned points and the more points it gets, the more spammy it is. So a lvel of 2 means it will EASILY be classified as spam. If you set it to 7, for instance, it will take more spam features in each email to qualify it as spam. I usually set it to about 5 and it filters pretty well. Are you setting the server level or the level for each domain? If it's the server level, it will just mark it as spam, it will not delete or reject it. If you set it on each domain, then you can set it to mark it as spam or delete it.

    But again, keep in mind that the failure notices are because spam is being returned to an invalid address so either you are forwarding mail accounts out side like I am or you are bouncing the messages rather than rejecting (which are settings you've probably seen in the spam settings for each domain.)
  5. bskrakes

    bskrakes New Member

    Fair enough.

    This was what I found for my particular problem:
    One of my clients e-mail inbox reached its quota so all of the SPAM/JUNK he would normally receive was sitting in my mail queue. I used qmHandle to view the messages and discovered that the mails stuck in queue were specific to his account (qmHanlde was great because it helped me narrow down the issue!). Once I figured that out I spoke with the client and have since then selected the option to "delete" spam for that particullar mailbox. For now, no more SPAM/JUNK! I guess if I didn't have qmHandle I wouldn't have known where to start looking. The client doesn't really check that account so he/she didn't know that he/she had that much SPAM and I don't monitor the individual e-mail accounts because they have the quotas for a reason, if the user reachs the quota it is not my problem (unless of course it becomes my problem like this one did).

    As for your Windows machine and you trying to open the message in IE, the expected results are to download and open up that PHP script. That is becaues IE sucks, if you have FireFox on your Windows machine you can actually view the messages stuck in que. The problem with that still is the fact that it doesn't show all of the information you need. That is why I used qmHandle.

    As for your problem with the forwarder.... I am not to sure how you can handle that. I would expect that exchange should have pretty good filters. I haven't played with exchange enough to offer help. But I'd like to know how you resolve your problem... basically you are using Plesk for the web site but bouncing/relaying the e-mails to your clients exchange box right?

Share This Page