Thanks again for all the help. Bit of an update: I’m still having issues with mail exchanges recognising the new SSL, they still show the expired one. Also, when I test on //email/testTo: I get the both results.

スクリーンショット 2022-12-04 22.49.221738×1328 351 KB

I also tried to check the SSL on geocerts and got this:

スクリーンショット 2022-12-04 22.57.301500×1314 127 KB

i was talking about SSL button not about renew cron. Also, sometimes lsws not getting restart even after sucessful renew by cron. so you can set lsws restart cron once a week.
Don’t use Cyberpanel SSL renew button showing on website listing page more than once. if first time its not working then run from commandline with --debug option for finding issue.

For now run below commands:
cat /root/.acme.sh/intervalle-arts.com_ecc/backup/fullchain.bak> /etc/letsencrypt/live/intervalle-arts.com/fullchain.pem
cat /root/.acme.sh/intervalle-arts.com_ecc/backup/key.bak > /etc/letsencrypt/live/intervalle-arts.com/privkey.pem
rm /etc/pki/dovecot/certs/dovecot.pem /etc/pki/dovecot/private/dovecot.pem
ln -s /etc/letsencrypt/live/mail.intervalle-arts.com/fullchain.pem /etc/pki/dovecot/certs/dovecot.pem
ln -s /etc/letsencrypt/live/mail.intervalle-arts.com/privkey.pem /etc/pki/dovecot/private/dovecot.pem
service lsws restart && service postfix restart && service dovecot restart

tail -n 4 /etc/dovecot/dovecot.conf
#make sure above tail command output have without #
#local_name mail.intervalle-arts.com {

ssl_cert = </etc/letsencrypt/live/mail.intervalle-arts.com/fullchain.pem

ssl_key = </etc/letsencrypt/live/mail.intervalle-arts.com/privkey.pem

#}

if you are not able to get www SSL working, Please renew SSL after limit ban removal. or try other SSL like zero SSL instead of LE.
Hope everything will be fine.

Hi @luckyrajpurohit @josephgodwinke. Sorry to bother you again, but I’m getting some very odd errors since yesterday evening.

I received a couple of mails from Cyberpanel Log:

The first:

[12.05.2022_00-00-06] [Errno 2] No such file or directory: ‘/home/cyberpanel/git’. [IncScheduler.git:90].

The second:

[12.05.2022_02-00-04] [Errno 2] No such file or directory: ‘postmap’: ‘postmap’. [ProcessUtilities.normalExecutioner.Base].
[12.05.2022_02-00-04] Running SSL Renew Utility.

The third:

[12.05.2022_03-05-32] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’).
[12.05.2022_03-05-32] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’).

I exported the CYBERPANEL LOG below:

[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-29] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-00-31] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-01-50] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-02-04] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-05-32] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.05.2022_03-05-32] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)

Also, the ERROR LOG:

2022-12-05 03:00:56.035912 [NOTICE] [26034] [UDP [::]:443] Worker #2 activates SO_REUSEPORT #2 socket, fd: 36
2022-12-05 03:00:56.035922 [INFO] [26034] [UDP:[::]:443] initPacketsIn: allocated 100 packets
2022-12-05 03:00:56.035932 [NOTICE] [26034] Stop listener :7080, fd 21.
2022-12-05 03:00:56.035932 [INFO] [26033] [lsphp]: locked pid file [/tmp/lshttpd/lsphp.sock.pid].
2022-12-05 03:00:56.035926 [INFO] [26035] Close SO_REUSEPORT #1 fd: 23.
2022-12-05 03:00:56.035948 [INFO] [26033] [lsphp] remove unix socket for detached process: /tmp/lshttpd/lsphp.sock
2022-12-05 03:00:56.035955 [INFO] [26035] Close SO_REUSEPORT #2 fd: 24.
2022-12-05 03:00:56.035960 [NOTICE] [26035] [:80] Worker #3 activates SO_REUSEPORT #3 socket, fd: 25
2022-12-05 03:00:56.035984 [INFO] [26035] Close SO_REUSEPORT #1 fd: 26.
2022-12-05 03:00:56.035989 [INFO] [26035] Close SO_REUSEPORT #2 fd: 27.
2022-12-05 03:00:56.035993 [NOTICE] [26035] [*:443] Worker #3 activates SO_REUSEPORT #3 socket, fd: 28
2022-12-05 03:00:56.036005 [INFO] [26035] Close SO_REUSEPORT #1 fd: 29.
2022-12-05 03:00:56.036009 [INFO] [26035] Close SO_REUSEPORT #2 fd: 30.
2022-12-05 03:00:56.036013 [NOTICE] [26035] [UDP *:443] Worker #3 activates SO_REUSEPORT #3 socket, fd: 31
2022-12-05 03:00:56.036016 [NOTICE] [26033] [LocalWorker::workerExec] Config[lsphp]: suExec uid 99 gid 99 cmd /usr/local/lsws/lsphp73/bin/lsphp, final uid 99 gid 99, flags: 0.
2022-12-05 03:00:56.036044 [INFO] [26035] [UDP:0.0.0.0:443] initPacketsIn: allocated 100 packets
2022-12-05 03:00:56.036055 [INFO] [26035] Close SO_REUSEPORT #1 fd: 32.
2022-12-05 03:00:56.036059 [INFO] [26035] Close SO_REUSEPORT #2 fd: 33.
2022-12-05 03:00:56.036063 [NOTICE] [26035] [[::]:443] Worker #3 activates SO_REUSEPORT #3 socket, fd: 34
2022-12-05 03:00:56.036069 [INFO] [26035] Close SO_REUSEPORT #1 fd: 35.
2022-12-05 03:00:56.036073 [INFO] [26035] Close SO_REUSEPORT #2 fd: 36.
2022-12-05 03:00:56.036076 [NOTICE] [26034] AIO is not supported on this machine!
2022-12-05 03:00:56.036077 [NOTICE] [26035] [UDP [::]:443] Worker #3 activates SO_REUSEPORT #3 socket, fd: 37
2022-12-05 03:00:56.036093 [INFO] [26035] [UDP:[::]:443] initPacketsIn: allocated 100 packets
2022-12-05 03:00:56.036099 [NOTICE] [26035] Stop listener *:7080, fd 21.
2022-12-05 03:00:56.036109 [NOTICE] [26034] Successfully change current user to nobody
2022-12-05 03:00:56.036123 [NOTICE] [26034] Core dump is enabled.
2022-12-05 03:00:56.036151 [NOTICE] [26034] Setup swapping space…
2022-12-05 03:00:56.036193 [NOTICE] [26034] LiteSpeed/1.7.16 Open starts successfully!
2022-12-05 03:00:56.036240 [NOTICE] [26035] AIO is not supported on this machine!
2022-12-05 03:00:56.036275 [NOTICE] [26035] Successfully change current user to nobody
2022-12-05 03:00:56.036287 [NOTICE] [26035] Core dump is enabled.
2022-12-05 03:00:56.036312 [NOTICE] [26035] Setup swapping space…
2022-12-05 03:00:56.036353 [NOTICE] [26035] LiteSpeed/1.7.16 Open starts successfully!
2022-12-05 03:00:56.036375 [NOTICE] [26033] [lsphp] add child process pid: 26036
2022-12-05 03:00:56.036421 [INFO] [26033] [lsphp]: unlocked pid file [/tmp/lshttpd/lsphp.sock.pid].
2022-12-05 03:00:56.036477 [INFO] [26033] [inter46336157.990]: locked pid file [/tmp/lshttpd/inter46336157.sock.pid].
2022-12-05 03:00:56.036482 [INFO] [26033] [inter46336157.990] remove unix socket for detached process: /tmp/lshttpd/inter46336157.sock
2022-12-05 03:00:56.036526 [NOTICE] [26033] [LocalWorker::workerExec] VHost:mail.intervalle-arts.com suExec check uid 99 gid 99 setuidmode 0.
2022-12-05 03:00:56.036532 [NOTICE] [26033] [LocalWorker::workerExec] Config[inter46336157.990]: suExec uid 5002 gid 5002 cmd /usr/local/lsws/lsphp73/bin/lsphp, final uid 5002 gid 5002, flags: 0.
2022-12-05 03:00:56.041349 [NOTICE] [26033] [inter46336157.990] add child process pid: 26037
2022-12-05 03:00:56.041415 [INFO] [26033] [inter46336157.990]: unlocked pid file [/tmp/lshttpd/inter46336157.sock.pid].
2022-12-05 03:00:56.041474 [INFO] [26033] [inter4633.990]: locked pid file [/tmp/lshttpd/inter4633.sock.pid].
2022-12-05 03:00:56.041480 [INFO] [26033] [inter4633.990] remove unix socket for detached process: /tmp/lshttpd/inter4633.sock
2022-12-05 03:00:56.041535 [NOTICE] [26033] [LocalWorker::workerExec] VHost:intervalle-arts.com suExec check uid 99 gid 99 setuidmode 0.
2022-12-05 03:00:56.041543 [NOTICE] [26033] [LocalWorker::workerExec] Config[inter4633.990]: suExec uid 5002 gid 5002 cmd /usr/local/lsws/lsphp74/bin/lsphp, final uid 5002 gid 5002, flags: 0.
2022-12-05 03:00:56.041794 [NOTICE] [26033] [inter4633.990] add child process pid: 26038
2022-12-05 03:00:56.041846 [INFO] [26033] [inter4633.990]: unlocked pid file [/tmp/lshttpd/inter4633.sock.pid].
2022-12-05 03:00:56.041875 [NOTICE] [26033] Setup swapping space…
2022-12-05 03:00:56.041957 [NOTICE] [26033] LiteSpeed/1.7.16 Open starts successfully!

Aslo, if the auto-renewal is running via Cyberpanel and requesting certs from Let’s Encrypt, does that mean the limit ban will just keep continuing forever?

Outgoing emails are being rejected. Are you sendin bulk emails? Your postfix MTA is opening so many concurrent connections at a single time 03-00-29

Solution: As explained here Postfix Configuration Parameters run the command nano /etc/postfix-out/main.cf or vi /etc/postfix-out/main.cf on AlmaLinux and change

# Don't anvil(8) control the re-injection port.
#
# smtpd_client_connection_count_limit = 0
# 50 concurrent connections
smtpd_client_connection_count_limit = 50 

Read here:

Hi! No, I’ve only sent two or three mails out to test the new SSLs. I’ve checked all the mails and there’s nothing outgoing or stuck in a queue. What could be causing this? Maybe something I did yesterday while trying to fix the SSL issue?

I read the article on rate limits, but if Cyberpanel is requesting new SSLs every day via auto renew doesn’t that mean that the limit will be hit again an again and again?

I believe @luckyrajpurohit gave you the proper way to solve this issue rather than my delete-all-start-all-over again method. I have taken the time to look over his/her steps and they look okay to me.

Did you do anything extra out of what he/she posted?

Thanks for the reply, I haven’t done anything extra at all. I honestly wouldn’t know how!

I just want to check the below questions before I proceed with @luckyrajpurohit 's fix as things are getting a little confusing for me.

1. for the multiple connections issue. In cyberpanel how can I diagnose the cause of these hundreds of connections? Also, should I do the Postfix Configuration Parameters you suggested? I filled the nano command but there was no such document.

2. the limit ban with Let’s Encrypt. For this ban to be lifted, I mustn’t request/renew my SSL for one week. But everyday, Cyberpanel is renewing SSL automatically, so I will never escape the ban. Is this correct?

3. after, should I know run the fix from @luckyrajpurohit to solve the issues from my previous post?

Thanks again, I’m sorry this is taking so long.

Hello,

1. Check mail logs, auth/message logs for the multiple connections issue
2. cyberpanel renewal script run everyday but not requesting the LE server for SSL till ssl not expiring in next 15 days.
3. check SPF and DKIM if Outgoing emails are being rejected.

Hi, @luckyrajpurohit I appreciate the breakdown, many thanks.

I have new errors today. I didn’t touch anything yesterday other than look at logs, but now cyberpanel is reporting multiple errors.

1. My mail client was unable to connect to my e-mail sever this morning at the same time Cyberpanel was running the auto-renewal SSL function. I got a sever 500 error in Cyberpanle and the mail client error was:

I checked the EMAIL logs in cyberpanel and got this:

Dec 6 03:01:41 taro postfix/trivial-rewrite[69828]: warning: virtual_mailbox_domains lookup failure
Dec 6 03:01:47 taro postfix/trivial-rewrite[69828]: warning: virtual_mailbox_domains: proxy:mysql:/etc/postfix/mysql-virtual_domains.cf: table lookup problem
Dec 6 03:01:49 taro postfix/trivial-rewrite[69828]: warning: virtual_mailbox_domains lookup failure
Dec 6 03:01:55 taro postfix/smtpd[69900]: NOQUEUE: reject: RCPT from o19837159x89.outbound-mail.sendgrid.net[198.37.159.89]: 451 4.3.0 [email protected]: Temporary lookup failure; from=bounces+5900088-83b4-chris.hayes=intervalle-arts.com@sendgrid.net to=[email protected] proto=ESMTP helo=<o19837159x89.outbound-mail.sendgrid.net>
Dec 6 03:01:55 taro postfix/smtpd[69900]: using backwards-compatible default setting smtpd_relay_before_recipient_restrictions=no to reject recipient “[email protected]” from client “o19837159x89.outbound-mail.sendgrid.net[198.37.159.89]”
Dec 6 03:01:55 taro postfix/smtpd[69900]: disconnect from o19837159x89.outbound-mail.sendgrid.net[198.37.159.89] ehlo=2 starttls=1 mail=1 rcpt=0/1 quit=1 commands=5/6
Dec 6 03:01:55 taro dovecot: auth-worker(70068): Error: mysql(localhost): Connect failed to database (cyberpanel): Can’t connect to local MySQL server through socket ‘/var/lib/mysql/mysql.sock’ (2 “No such file or directory”) - waiting for 125 seconds before retry
Dec 6 03:01:55 taro dovecot: auth-worker(70068): Error: mysql(localhost): Connect failed to database (cyberpanel): Can’t connect to local MySQL server through socket ‘/var/lib/mysql/mysql.sock’ (2 “No such file or directory”) - waiting for 125 seconds before retry
Dec 6 03:01:55 taro dovecot: auth-worker(70068): Error: mysql(localhost): Connect failed to database (cyberpanel): Can’t connect to local MySQL server through socket ‘/var/lib/mysql/mysql.sock’ (2 “No such file or directory”) - waiting for 125 seconds before retry
Dec 6 03:01:55 taro dovecot: auth-worker(70068): Error: mysql(localhost): Connect failed to database (cyberpanel): Can’t connect to local MySQL server through socket ‘/var/lib/mysql/mysql.sock’ (2 “No such file or directory”) - waiting for 125 seconds before retry
Dec 6 03:02:15 taro spamd[70019]: spamd: server killed by SIGTERM, shutting down
Dec 6 03:02:15 taro dovecot: auth-worker(70068): Error: sqlpool(mysql): Finished query ‘SELECT email as user, password FROM e_users WHERE email=‘[email protected]’;’ in 60018 msecs: Query timed out (no free connections for 60 secs)
Dec 6 03:02:15 taro dovecot: auth-worker(70068): Error: conn unix:auth-worker (pid=69764,uid=0): auth-worker<1>: sql([email protected],203.10.99.13,<QUuPAiDvI/3LCmMN>): Password query failed: Not connected to database
Dec 6 03:02:15 taro dovecot: auth: Error: auth-worker: Aborted PASSV request for [email protected]: Lookup timed out
Dec 6 03:02:15 taro dovecot: imap-login: Login: user=[email protected], method=PLAIN, rip=86.48.13.251, lip=93.188.165.29, mpid=70138, TLS, session=<w9uf/x/v0PRWMA37>
Dec 6 03:02:15 taro dovecot: imap-login: Login: user=[email protected], method=PLAIN, rip=86.48.13.251, lip=93.188.165.29, mpid=70141, TLS, session=<1BHGByDvK/VWMA37>
Dec 6 03:02:15 taro dovecot: imap-login: Login: user=[email protected], method=PLAIN, rip=86.48.13.251, lip=93.188.165.29, mpid=70143, TLS, session=
Dec 6 03:02:16 taro dovecot: imap-login: Login: user=[email protected], method=PLAIN, rip=86.48.13.251, lip=93.188.165.29, mpid=70145, TLS, session=
Dec 6 03:02:16 taro dovecot: imap([email protected])<70145>: Disconnected: Logged out in=36 out=555 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0
Dec 6 03:02:17 taro dovecot: imap-login: Login: user=[email protected], method=PLAIN, rip=203.10.99.13, lip=93.188.165.29, mpid=70146, TLS, session=<QUuPAiDvI/3LCmMN>
Dec 6 03:02:21 taro spamd[70149]: logger: removing stderr method
Dec 6 03:02:21 taro spamd[70153]: spamd: server started on IO::Socket::IP [127.0.0.1]:783, IO::Socket::IP [::1]:783 (running version 3.4.0)
Dec 6 03:02:27 taro spamd[70153]: spamd: server pid: 70153
Dec 6 03:02:27 taro spamd[70153]: spamd: server successfully spawned child process, pid 70155
Dec 6 03:02:27 taro spamd[70153]: spamd: server successfully spawned child process, pid 70156
Dec 6 03:02:27 taro spamd[70153]: prefork: child states: IS
Dec 6 03:02:27 taro spamd[70153]: prefork: child states: II
Dec 6 03:02:27 taro dovecot: imap-login: Login: user=[email protected], method=PLAIN, rip=203.10.99.13, lip=93.188.165.29, mpid=70157, TLS, session=<kdQ5CCDvK/3LCmMN>
Dec 6 03:02:27 taro dovecot: imap([email protected])<70143>: Disconnected: Logged out in=697 out=6699 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0
Dec 6 03:02:58 taro postfix/smtpd[69900]: connect from o19837159x89.outbound-mail.sendgrid.net[198.37.159.89]
Dec 6 03:02:58 taro postfix/smtpd[69900]: NOQUEUE: reject: RCPT from o19837159x89.outbound-mail.sendgrid.net[198.37.159.89]: 451 4.3.0 [email protected]: Temporary lookup failure; from=bounces+5900088-83b4-chris.hayes=intervalle-arts.com@sendgrid.net to=[email protected] proto=ESMTP helo=<o19837159x89.outbound-mail.sendgrid.net>
Dec 6 03:02:58 taro postfix/smtpd[69900]: using backwards-compatible default setting smtpd_relay_before_recipient_restrictions=no to reject recipient “[email protected]” from client “o19837159x89.outbound-mail.sendgrid.net[198.37.159.89]”
Dec 6 03:02:58 taro postfix/smtpd[69900]: disconnect from o19837159x89.outbound-mail.sendgrid.net[198.37.159.89] ehlo=2 starttls=1 mail=1 rcpt=0/1 quit=1 commands=5/6
Dec 6 03:02:58 taro postfix/smtpd[69900]: connect from localhost[::1]
Dec 6 03:02:58 taro postfix/smtpd[69900]: NOQUEUE: reject: RCPT from localhost[::1]: 451 4.3.0 [email protected]: Temporary lookup failure; from=[email protected] to=[email protected] proto=ESMTP helo=<taro.intervalle-arts.com>
Dec 6 03:02:58 taro postfix/smtpd[69900]: using backwards-compatible default setting smtpd_relay_before_recipient_restrictions=no to reject recipient “[email protected]” from client “localhost[::1]”
Dec 6 03:02:58 taro postfix/smtpd[70165]: connect from localhost[::1]
Dec 6 03:02:58 taro postfix/smtpd[70165]: 827FDC00A2: client=localhost[::1]
Dec 6 03:02:58 taro postfix/cleanup[70170]: 827FDC00A2: message-id=[email protected]
Dec 6 03:02:58 taro opendkim[496]: 827FDC00A2: no signing table match for ‘[email protected]’
Dec 6 03:02:58 taro opendkim[496]: 827FDC00A2: no signature data
Dec 6 03:02:59 taro postfix/qmgr[68174]: 827FDC00A2: from=[email protected], size=605, nrcpt=1 (queue active)
Dec 6 03:03:00 taro postfix/smtpd[70165]: disconnect from localhost[::1] ehlo=1 mail=1 rcpt=1 data=1 commands=4
Dec 6 03:03:00 taro postfix/smtpd[69900]: lost connection after RSET from localhost[::1]
Dec 6 03:03:00 taro postfix/smtpd[69900]: disconnect from localhost[::1] ehlo=1 mail=1 rcpt=0/1 rset=1 commands=3/4
Dec 6 03:03:00 taro postfix/pipe[70172]: 827FDC00A2: to=[email protected], relay=dovecot, delay=0.11, delays=0.09/0.01/0/0.01, dsn=2.0.0, status=sent (delivered via dovecot service)
Dec 6 03:03:00 taro postfix/qmgr[68174]: 827FDC00A2: removed
Dec 6 03:03:07 taro dovecot: imap-login: Login: user=[email protected], method=PLAIN, rip=203.10.99.13, lip=93.188.165.29, mpid=70190, TLS, session=
Dec 6 03:03:56 taro dovecot: imap([email protected])<70157><kdQ5CCDvK/3LCmMN>: Disconnected: Logged out in=320 out=1940 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0
Dec 6 03:04:26 taro dovecot: imap([email protected])<70146><QUuPAiDvI/3LCmMN>: Disconnected: Logged out in=1424 out=3264 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0

2. I received this error in an e-mail report from Cyberpanel at the same time it was running the SSL auto-renewal function:

[12.06.2022_03-02-57] {‘[email protected]’: (451, b’4.3.0 <[email protected]>: Temporary lookup failure’)}.

3. I also received this error in a separate report at the same time as (2):

[12.06.2022_02-00-03] [Errno 2] No such file or directory: ‘postmap’: ‘postmap’. [ProcessUtilities.normalExecutioner.Base].

4. earlier this morning I received this error report:

[12.06.2022_00-00-05] [Errno 2] No such file or directory: ‘/home/cyberpanel/git’. [IncScheduler.git:90].

5. I’ve been getting regular Server 500 errors while logged onto Cyberpanel.

6. I’m still getting the “too many connections errors” In Cyberpanel main log. It’s about the same time as yesterday, could there be a process causing this?:

[12.06.2022_03-34-28] (421, b’4.7.0 mail.intervalle-arts.com Error: too many connections from ::1’)
[12.06.2022_03-34-28] maximum recursion depth exceeded while calling a Python object

7. DKIM errors (see below)

I really, really appreciate the help from you both, but I feel like I might be making things worse!!!

@luckyrajpurohit thanks for your feedback:

1. I’ve posted my mail log above, I searched but I couldn’t find the auth/message logs.

2. Thanks! But check says Certificate #1 is still expired, so I think the auto-renewal for LE is still requesting.
   

   

   スクリーンショット 2022-12-06 12.42.301752×1106 181 KB

3. I’ve checked SPF and DKIM on SPF Checker - SPF Lookup and https://dmarcian.com/dkim-inspector/ SPF is OK. For DKIM (“intervalle-arts.com” and selector = default) they both say “no DKIM record found”.

If I go into DKIM manager in Cyberpanel it says “key successfully fetched” and displays key, but when I look at the Cyberpanle error log it says

[12.06.2022_04-49-06] We had errors while creating DKIM record for: intervalle-arts.com. Error message: Command '[‘cat’, ‘/etc/opendkim/keys/intervalle-arts.com/default.txt’]’ returned non-zero exit status 1…

Quick addition:

I’m refreshing my e-mail logs and even though I’m not using my mail address for anything, I can see that a process “spamd” is running over and over.

Dec 6 05:13:59 taro spamd[75036]: spamd: server killed by SIGTERM, shutting down
Dec 6 05:13:59 taro spamd[75070]: logger: removing stderr method
Dec 6 05:14:01 taro spamd[75074]: spamd: server started on IO::Socket::IP [127.0.0.1]:783, IO::Socket::IP [::1]:783 (running version 3.4.0)
Dec 6 05:14:01 taro spamd[75074]: spamd: server pid: 75074
Dec 6 05:14:01 taro spamd[75074]: spamd: server successfully spawned child process, pid 75075
Dec 6 05:14:01 taro spamd[75074]: spamd: server successfully spawned child process, pid 75076
Dec 6 05:14:01 taro spamd[75074]: prefork: child states: IS
Dec 6 05:14:02 taro spamd[75074]: prefork: child states: II
Dec 6 05:14:16 taro dovecot: imap-login: Login: user=[email protected], method=PLAIN, rip=::1, lip=::1, mpid=75097, TLS, session=
Dec 6 05:14:16 taro dovecot: imap([email protected])<75097>: Disconnected: Logged out in=84 out=634 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0
Dec 6 05:14:16 taro dovecot: imap-login: Login: user=[email protected], method=PLAIN, rip=::1, lip=::1, mpid=75098, TLS, session=
Dec 6 05:14:16 taro dovecot: imap([email protected])<75098>: Disconnected: Logged out in=522 out=1401 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0
Dec 6 05:15:29 taro spamd[75074]: spamd: server killed by SIGTERM, shutting down
Dec 6 05:15:30 taro spamd[75129]: logger: removing stderr method
Dec 6 05:15:31 taro spamd[75133]: spamd: server started on IO::Socket::IP [127.0.0.1]:783, IO::Socket::IP [::1]:783 (running version 3.4.0)
Dec 6 05:15:31 taro spamd[75133]: spamd: server pid: 75133
Dec 6 05:15:31 taro spamd[75133]: spamd: server successfully spawned child process, pid 75134
Dec 6 05:15:31 taro spamd[75133]: spamd: server successfully spawned child process, pid 75135
Dec 6 05:15:31 taro spamd[75133]: prefork: child states: IS
Dec 6 05:15:31 taro spamd[75133]: prefork: child states: II
Dec 6 05:17:00 taro spamd[75133]: spamd: server killed by SIGTERM, shutting down
Dec 6 05:17:00 taro spamd[75162]: logger: removing stderr method
Dec 6 05:17:02 taro spamd[75166]: spamd: server started on IO::Socket::IP [127.0.0.1]:783, IO::Socket::IP [::1]:783 (running version 3.4.0)
Dec 6 05:17:02 taro spamd[75166]: spamd: server pid: 75166
Dec 6 05:17:02 taro spamd[75166]: spamd: server successfully spawned child process, pid 75167
Dec 6 05:17:02 taro spamd[75166]: spamd: server successfully spawned child process, pid 75168
Dec 6 05:17:02 taro spamd[75166]: prefork: child states: SI
Dec 6 05:17:02 taro spamd[75166]: prefork: child states: II
Dec 6 05:17:16 taro dovecot: imap-login: Login: user=[email protected], method=PLAIN, rip=193.29.61.200, lip=93.188.165.29, mpid=75188, TLS, session=<NC/W6iHvaMPBHT3I>
Dec 6 05:17:17 taro dovecot: imap([email protected])<75188><NC/W6iHvaMPBHT3I>: Disconnected: Logged out in=36 out=555 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0

I ran into same issue with a client and unfortunately these steps do not work

I have just followed these steps -

Go to OLS WebAdmin Console of your server i.e https://SERVER_URL:7080 use admin and password you chose for CyberPanel admin panel

If you cannot log in. Using SSH Terminal run adminPass add new password

Then you delete all private keys and certificates for respective website from server:

$ rm -f /etc/letsencrypt/live/intervalle-arts.com/privkey.pem && rm -f /etc/letsencrypt/live/intervalle-arts.com/fullchain.pem

$ rm -f /etc/letsencrypt/live/mail.intervalle-arts.com/privkey.pem && rm -f /etc/letsencrypt/live/mail.intervalle-arts.com/fullchain.pem

$ rm -f /etc/letsencrypt/live/ssl.intervalle-arts.com/privkey.pem && rm -f /etc/letsencrypt/live/ssl.intervalle-arts.com/fullchain.pem

Then run this command from https://community.cyberpanel.net/t/how-to-fix-ssl-issues-in-cyberpanel/90#debugging-with-command-line-6

/root/.acme.sh/acme.sh --issue -d <YOUR\_DOMAIN> -d www.<YOUR\_DOMAIN> --cert-file /etc/letsencrypt/live/<YOUR\_DOMAIN>/cert.pem --key-file /etc/letsencrypt/live/<YOUR\_DOMAIN>/privkey.pem --fullchain-file /etc/letsencrypt/live/<YOUR\_DOMAIN>/fullchain.pem -w /usr/local/lsws/Example/html --force --debug

SSL-Checker808×744 140 KB

Hi Joseph,
May I know what was the reason of using these commands for client.

I gave first 2 commands for restoring SSL from backup and rest of commands for mail server SSL linking.

Correct. I restored the ssl from backup as the first ever step and restarted OLS and LSCPD but still the client had selfsigned cert

Hi @Rofocale
I can’t help for each point mantion in log via this forum.
Please hire a person that can check all the things.

Did you check SSL expiry and other info before restoring that file?

Yes the ssl was valid but for some reason CYberPanel chose to renew the certificate. I have removed the cronjob and added my own - nothing special just added a sink and different timing

Sorry if it’s not worked for you. To find a reason why SSL renew by cp, In this case you need to read the SSL renew python script mantion in cronjob.

I think at this stage it’s a delete the server and start again after a week or so. That way Cyberpanel doesn’t request any more SSL certs, the LE ban resets and all these connected errors will hopefully go away. Something in the above fixes that I’ve applied has caused a whole bunch of new but connected problems. This is too much work for just a simple Wordpress site and e-mail server.

Thanks both for all your help over the last few days.