Logging SMTP errors with qmail

  • Posted by kchr
  • April 12, 2008

For the past few days, a customer of ours has had problems receiving mail from one of their partners. While troubleshooting the SMTP traffic to our qmail server I stumbled upon the following line in our logs:

X-Qmail-Scanner-1.25st: Process XXXX closed, parent process died

This message occurs every single time they tried to send mail to our customer.

It turns out they used a homebrew MUA which sent messages using Bare LFs as EOL instead of proper ones (according to document 822bis) - read DJB’s dwelling into this matter.

Our qmail system rejects the mail as supposed to, and informs the sender about the problem (along with the above link describing why it is one) - but it does not log the incident. This could make it really hard when troubleshooting why some connections drop from time to time.

However, Len Budney were way ahead of me and wrote this little tutorial on how to use DJB’s recordio tool (included in his ucspi-tcp package) for extracting the relevant 4xx and 5xx errors from the SMTP conversation. This makes sure we log it with everything else in our qmail-smtpd logs!

UPDATE: It seems that piping qmail-smtpd to recordio breaks SMTP TLS support. John M. Simpson writes the following on his excellent qmail information/patch collection site:

…It also means that, since the encrypted data stream is just as likely to contain a “0×00” byte as any other, and the C language treats the zero byte as an “end of string” marker, programs such like “recordio“, which involve themselves in the data stream between the client and qmail-smtpd, are likely to become confused.

Disable TLS by setting “DENY_TLS=1″ as an environment variable in your qmail-smtpd startup script, while troubleshooting with recordio. Don’t forget to remove both the recordio pipe and the environment variable when you’re done!

UPDATE #2: You can make qmail more forgiving by invoking fixcrio in your qmail-smtpd run script, before qmail-smtpd. This little tool is found in the ucspi-tcp package, and helps out by prepending a carriage return (CR) to every lone line feed (LF).

However, by going down this path you won’t tell the broken mailers that they’re actually broken…

Information and Links

Join the fray by commenting, tracking what others have to say, or linking to it from your blog.

Information
April 12th, 2008
No Responses
Feeds and Links
Comment Feed
From This Author
Del.icio.us
Digg
Technorati
Categories
Linux

Other Posts
XBMC Script: Sveriges Radio v1.1
Getting own content on top of Google Maps

Write a Comment

Take a moment to comment and tell us what you think. Some basic HTML is allowed for formatting.

Spam protection by WP Captcha-Free

Reader Comments

Be the first to leave a comment!