Page 1 of 3
Email notifications fail on Plesk servers
Posted: 12 Apr 2015, 16:50
by marcele
I've discovered that some email notifications fail on Plesk servers:
e.g.
When running the command csf --logrun the email is never sent out. LFD reports that the email was sent successfully (with debug on) but I see this in the mail logs:
Code: Select all
Apr 12 09:16:40 web1 plesk sendmail[23334]: handlers_stderr: SKIP
Apr 12 09:16:40 web1 plesk sendmail[23334]: _mh_fork(): Error occured during waiting the child process with pid: 23335: No child processes
Apr 12 09:16:40 web1 plesk sendmail[23334]: Error during 'check-quota' handler
Apr 12 09:16:40 web1 plesk sendmail[23333]: waitpid failed (10): No child processes
Running another email command e.g. csf --mail <myemail> and I get the server security email with no problems.
This seems to be happening on Plesk servers only. I think that CSF and the Plesk sendmail wrapper are not playing nice together with the new reaper code. The only way I've gotten all email notifications to work are to set OLD_REAPER = "1" in /etc/csf/csf.conf. I've verified the error across multiple servers running the latest Plesk 12 on both Centos 5, Centos 6, Centos7.
Re: Email notifications fail on Plesk servers
Posted: 13 Apr 2015, 10:19
by ForumAdmin
Nothing has changed in csf with regards to sending emails for a very long time and it works on all other platforms without issue. You should also not use the OLD_REAPER option as that is an ancient workaround for a bug in RedHat v9 and older which will likely be removed in the future.
If you are having problems with the sendmail wrapper provided by Plesk, then you should try using the LF_ALERT_SMTP option by setting it to, for example, "127.0.0.1" and then restart lfd.
Re: Email notifications fail on Plesk servers
Posted: 13 Apr 2015, 11:07
by ForumAdmin
The only other thing I can think of is if the alert templates have been modified and that has broken them. Ensure that the files in /usr/local/csf/tpl/ are set to the defaults from the csf distribution.
Re: Email notifications fail on Plesk servers
Posted: 13 Apr 2015, 12:22
by marcele
Dear Chirpy,
It seems that CSF email notifications in Plesk 12 have been broken for a while. I've verified this across multiple servers running different operating systems. Ubuntu, Debian, Centos. etc. I've also tested this in our lab in various VM's running different OS. These are all stock OS with latest default Plesk 12 install. No changes have been made to any email templates.
Here is the log from inside one of our development VMs. This error happens when using either postfix or qmail:
e.g. csf --logrun
Plesk 12 server running Postfix as MTA
Code: Select all
Apr 13 05:09:08 plesk12 check-quota filter[15819]: waitpid(15820) for '/usr/sbin/postalias' process failed: No child processes (10)
Apr 13 05:09:08 plesk12 plesk sendmail[15818]: handlers_stderr: SKIP
Apr 13 05:09:08 plesk12 plesk sendmail[15818]: _mh_fork(): Error occured during waiting the child process with pid: 15819: No child processes
Apr 13 05:09:08 plesk12 plesk sendmail[15818]: Error during 'check-quota' handler
Apr 13 05:09:08 plesk12 plesk sendmail[15817]: waitpid failed (10): No child processes
^C
Plesk 12 server running Qmail as MTA
Code: Select all
Apr 13 05:16:01 web4 plesk sendmail[9875]: handlers_stderr: SKIP
Apr 13 05:16:01 web4 plesk sendmail[9875]: _mh_fork(): Error occured during waiting the child process with pid: 9876: No child processes
Apr 13 05:16:01 web4 plesk sendmail[9875]: Error during 'check-quota' handler
Apr 13 05:16:01 web4 plesk sendmail[9873]: waitpid failed (10): No child processes
If you want I can provide you access to any fully setup Plesk development VM's or give me instructions for how to debug this. Just a note that I wrote the Plesk interface for CSF (Juggernaut) so I'm pretty familiar with the workings of CSF.
Re: Email notifications fail on Plesk servers
Posted: 13 Apr 2015, 13:26
by marcele
Just a follow up that setting LF_ALERT_SMTP="127.0.0.1" does allow emails to be sent without having to turn on OLD_REAPER. So it does seem that CSF and the Plesk qmail or postfix sendmail wrappers do not play nice together. I'll report back some more info after I've done more testing.
Re: Email notifications fail on Plesk servers
Posted: 13 Apr 2015, 13:56
by marcele
Note: I created a Perl script and am able to send out email directly using PERL and sendmail without the crash. This code looks almost identical to what is in LFD's sendmail function so its not a problem with the Plesk sendmail wrapper but must be specific to LFD or its child forking/reaping functions:
Code: Select all
#!/usr/bin/perl
open (MAIL, "|/usr/sbin/sendmail -f test@test.com -t");
print MAIL "To: test@example.com\n";
print MAIL "From: test@test.com\n";
print MAIL "Subject: this is a test\n\n";
print MAIL "This is a test message\n";
close(MAIL);
Re: Email notifications fail on Plesk servers
Posted: 13 Apr 2015, 15:22
by marcele
I've confirmed that when LFD sets $SIG{CHLD} = 'IGNORE'; that this breaks mails from being sent correctly from the Plesk sendmail wrappers. This is likely used in other parts of LFD so their emails won't work either:
Example:
Code: Select all
#!/usr/bin/perl
$title='Perl Mail demo';
$to='test@example.com';
$from= 'test@test.com';
$subject='foo';
$SIG{CHLD} = 'IGNORE';
open(MAIL, "|/usr/sbin/sendmail -t");
## Mail Header
print MAIL "To: $to\n";
print MAIL "From: $from\n";
print MAIL "Subject: $subject\n\n";
## Mail Body
print MAIL "This is a test message\n";
close(MAIL);
## Content sent, let use know we sent an email
print "A message has been sent from $from to $to";
The command:
# ./test.pl
plesk sendmail[17205]: waitpid failed (10): No child processes
A message has been sent from
test@test.com to
test@example.com
The logs:
Code: Select all
Apr 13 07:39:51 plesk12 plesk sendmail[17206]: handlers_stderr: SKIP
Apr 13 07:39:51 plesk12 plesk sendmail[17206]: _mh_fork(): Error occured during waiting the child process with pid: 17207: No child processes
Apr 13 07:39:51 plesk12 plesk sendmail[17206]: Error during 'check-quota' handler
Apr 13 07:39:51 plesk12 plesk sendmail[17205]: waitpid failed (10): No child processes
Re: Email notifications fail on Plesk servers
Posted: 13 Apr 2015, 15:27
by ForumAdmin
In that case, you should definitely use the option LF_ALERT_SMTP="127.0.0.1" on such servers.
Re: Email notifications fail on Plesk servers
Posted: 13 Apr 2015, 16:09
by marcele
ForumAdmin wrote:In that case, you should definitely use the option LF_ALERT_SMTP="127.0.0.1" on such servers.
That's not an ideal fix as not everyone wants to whitelist localhost for all SMTP email. Plesk has specific options in the web interface for allowing web scripts to access sendmail directly without directly opening SMTP on localhost.
I've been doing some more research:
https://corp.sonic.net/ceo/2008/06/24/p ... m-and-you/
Is there something that I can submit to the Plesk developers to fix or anyway we could get CSF email sending to work with the sendmail wrapper? I'll update the defaults to set LF_ALERT_SMTP="127.0.0.1" in Juggernaut but I'm still worried that it still might cause problems with people changing it. The bad thing about this is that LFD reports that everything was sent successfully in the logs but the email is never really sent. Also this isn't just some Plesk servers that are affected but its actually not working on all of them.
Re: Email notifications fail on Plesk servers
Posted: 13 Apr 2015, 16:14
by ForumAdmin
The sendmail wrapper should be dealing with SIGCHLD itself. 127.0.0.1 only needs to be available to root, which it normally should be anyway so that email can be sent out from the server. To allow that you could always define a separate rule so that only root can access port 25 on 127.0.0.1 using an advanced port filter with a UID of 0, e.g.:
There's little we can do with csf as there's nothing unusual about what it is doing, it just seems to be a bug with their sendmail wrapper not dealing with child signals properly - as mentioned before, this appears to be purely a Plesk issue as we've never seen reports from any other OS or MTA when using csf.