CSF blocks email every few weeks and needs a restart
Posted: 25 Jan 2019, 02:04
Hi folks,
We have a really unusual intermittent issue that is driving us crazy. We have a number of clients using O365 mail service for sending mail from their WordPress websites. We have a plug-in installed that sends and logs emails via SMTP to office 365 (Post SMTP aka postman) The plug-in is OK with diagnostic information and when this issue occurs, we can deduce that when it drops out the mail is redirected locally to the WHM server to send using Exim (instead of o365 remotely as its been set up). This is a significant issue as the email account doesn’t exist and as such the emails are not sent.
We have been able to work out that CSF is the cause of the redirection. If CSF is disabled, the redirection doesn’t occur and everything works as it should. If we restart CSF, the issue is resolved, however returns after a few days (we haven’t been able to zero in on an exact timeframe, however it seems to be random, but so far not more than 14 days). Once it starts redirecting, it continues to redirect until restarted (without any changes to the configuration). This is happening across three different web servers at different intervals.
We have confirmed (both through WHM UI and SSH to csf.conf):
-SMTP block is disabled
-All mail ports are included in TCP_OUT
-All mail ports are included in TCP6_OUT
-SMTP_Redirect is disabled
There is no reason we can determine why CSF would be initiating a redirect, however it is definitely the cause of the redirect.
Have any of you encountered something like this, or able to give us a hint on where to start investigating?
We have a really unusual intermittent issue that is driving us crazy. We have a number of clients using O365 mail service for sending mail from their WordPress websites. We have a plug-in installed that sends and logs emails via SMTP to office 365 (Post SMTP aka postman) The plug-in is OK with diagnostic information and when this issue occurs, we can deduce that when it drops out the mail is redirected locally to the WHM server to send using Exim (instead of o365 remotely as its been set up). This is a significant issue as the email account doesn’t exist and as such the emails are not sent.
We have been able to work out that CSF is the cause of the redirection. If CSF is disabled, the redirection doesn’t occur and everything works as it should. If we restart CSF, the issue is resolved, however returns after a few days (we haven’t been able to zero in on an exact timeframe, however it seems to be random, but so far not more than 14 days). Once it starts redirecting, it continues to redirect until restarted (without any changes to the configuration). This is happening across three different web servers at different intervals.
We have confirmed (both through WHM UI and SSH to csf.conf):
-SMTP block is disabled
-All mail ports are included in TCP_OUT
-All mail ports are included in TCP6_OUT
-SMTP_Redirect is disabled
There is no reason we can determine why CSF would be initiating a redirect, however it is definitely the cause of the redirect.
Have any of you encountered something like this, or able to give us a hint on where to start investigating?