check_mail_permissions rampant in logs
Posted: 26 Jun 2013, 15:02
Over the last few months on one of my servers I have been seeing this error (warning or whatever); "check_mail_permissions could not determine the sender domain" slowly increasing in number. It started with a couple of users on one domain when they sent mail remotely from their office out to their customers. Then a domain on the server that uses x-cart mailer (smtp) started showing the message. Looking around I saw that people who had mail forwarders were seeing that message, and on the cPanel forum a tech said it was going to be re-worded. Plus mail was flowing fine, no complaints, so I thought it was a non-issue.
But lately I see that message on every email from that one domain. They are sending to many domains all over the net, none of which would possibly forward back to the source (which is what people are saying causes that message). cPanel has looked over the issue and can only reproduce when using forwarders. They seem to think it's because of MailScanner. Here is an exigrep of the logs for one such email (identifying details purged):
[/size]
Anybody else experiencing or seen this?
But lately I see that message on every email from that one domain. They are sending to many domains all over the net, none of which would possibly forward back to the source (which is what people are saying causes that message). cPanel has looked over the issue and can only reproduce when using forwarders. They seem to think it's because of MailScanner. Here is an exigrep of the logs for one such email (identifying details purged):
Code: Select all
root@server [Wed Jun 26 09:18:40]:~ $ exigrep "1UrTHC-0008Oi-Cu" /var/log/exim_mainlog
2013-06-25 09:27:19 [32290] cwd=/var/spool/MailScanner/incoming/25914 5 args: /usr/sbin/exim -C /etc/exim_outgoing.conf -Mc 1UrTHC-0008Oi-Cu
2013-06-25 09:27:18 [32284] 1UrTHC-0008Oi-Cu <= sender@senddomain.com H=10.0.0.0-business.isp.com (CustomerService) [SENDER.IP]:53144 I=[SERVER.IP]:25 P=esmtp S=29767 id=0000$@domain.com T="Purchase Order - 122404" from <sender@senddomain.com> for recipient@rcptdomain.com
2013-06-25 09:27:19 [32290] 1UrTHC-0008Oi-Cu SMTP connection identification H=10.0.0.0-business.isp.com A=SENDER.IP P=53144 M=1UrTHC-0008Oi-Cu U= ID= S= B=relayhosts_domain
2013-06-25 09:27:19 [32290] 1UrTHC-0008Oi-Cu check_mail_permissions could not determine the sender domain [routed_domain=rcptdomain.com message_exim_id=1UrTHC-0008Oi-Cu sender_host_address=SENDER.IP recipients_count=1]
2013-06-25 09:27:20 [32290] 1UrTHC-0008Oi-Cu => recipient@rcptdomain.com F=<sender@senddomain.com> P=<sender@senddomain.com> R=lookuphost T=remote_smtp S=31008 H=mail.rcptdomain.com [RECIPIENT.IP]:25 C="250 Ok" QT=2s DT=1s
2013-06-25 09:27:20 [32290] 1UrTHC-0008Oi-Cu Completed QT=2sAnybody else experiencing or seen this?