For this host I still have to figure out why there is no default IPv6 route. I have to add it manually after reboot.
So I thought it could be a routing issue, but when connecting there is no delay, only after being connected it takes long to show 220 domain Service ready.
There is no custom configuration (only the nginx-header from my other post).
I tried logging in once more, and comparing logs.
A single error is recorded in May, a single line mentioning time-out, but nothing more.
/var/log/info for the last hour says:
Jun 30 03:57:39 akashaduocyen postfix/smtpd[3548]: connect from unknown[37.49.224.189]
Jun 30 03:57:39 akashaduocyen postfix/smtpd[3548]: disconnect from unknown[37.49.224.189] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Jun 30 04:00:59 akashaduocyen postfix/anvil[3550]: statistics: max connection rate 1/60s for (smtp:37.49.224.189) at Jun 30 03:57:39
Jun 30 04:00:59 akashaduocyen postfix/anvil[3550]: statistics: max connection count 1 for (smtp:37.49.224.189) at Jun 30 03:57:39
Jun 30 04:00:59 akashaduocyen postfix/anvil[3550]: statistics: max cache size 1 at Jun 30 03:57:39
Jun 30 04:29:48 akashaduocyen postfix/smtpd[3845]: connect from unknown[2001:888:0:1::9]
the last line is me logging in.
There is a repeating list of messages in /var/log/warn, about hosts of blacklist-services not being found:
Jun 30 03:27:16 akashaduocyen postfix/smtpd[3237]: warning: 72.149.210.149.cbl.abuseat.org: RBL lookup error: Host or domain name not found. Name service error for name=72.149.210.149.cbl.abuseat.org type=A: Host not found, try again
Jun 30 03:27:26 akashaduocyen postfix/smtpd[3237]: warning: 72.149.210.149.zen.spamhaus.org: RBL lookup error: Host or domain name not found. Name service error for name=72.149.210.149.zen.spamhaus.org type=A: Host not found, try again
Jun 30 04:35:55 akashaduocyen postfix/smtpd[3845]: warning: 2.7.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.c.7.0.8.c.7.0.1.0.a.2.bl.spamcop.net: RBL lookup error: Host or domain name not found. Name service error for name=2.7.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.c.7.0.8.c.7.0.1.0.a.2.bl.spamcop.net type=A: Host not found, try again
Jun 30 04:36:05 akashaduocyen postfix/smtpd[3845]: warning: 2.7.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.c.7.0.8.c.7.0.1.0.a.2.cbl.abuseat.org: RBL lookup error: Host or domain name not found. Name service error for name=2.7.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.c.7.0.8.c.7.0.1.0.a.2.cbl.abuseat.org type=A: Host not found, try again
Jun 30 04:36:15 akashaduocyen postfix/smtpd[3845]: warning: 2.7.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.c.7.0.8.c.7.0.1.0.a.2.zen.spamhaus.org: RBL lookup error: Host or domain name not found. Name service error for name=2.7.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.c.7.0.8.c.7.0.1.0.a.2.zen.spamhaus.org type=A: Host not found, try again
Jun 30 04:37:05 akashaduocyen postfix/smtpd[3845]: warning: 72.149.210.149.bl.spamcop.net: RBL lookup error: Host or domain name not found. Name service error for name=72.149.210.149.bl.spamcop.net type=A: Host not found, try again
Jun 30 04:37:15 akashaduocyen postfix/smtpd[3845]: warning: 72.149.210.149.cbl.abuseat.org: RBL lookup error: Host or domain name not found. Name service error for name=72.149.210.149.cbl.abuseat.org type=A: Host not found, try again
Jun 30 04:37:25 akashaduocyen postfix/smtpd[3845]: warning: 72.149.210.149.zen.spamhaus.org: RBL lookup error: Host or domain name not found. Name service error for name=72.149.210.149.zen.spamhaus.org type=A: Host not found, try again
DNS resolving works OK for eg. spamhaus.org, but the concatenation of the IP and domain does not give a result.
/etc/resolv.conf points at the dnsmasq list via the run-file:
admin@akashaduocyen:/etc$ cat resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1
20% of memory (200M of 1G) is allocated to journald, the next heaviest process is synapse with 10%. No swap is used.
Journalctl mentions me logging into SMTP, but no complaints there (apart from ongoing barrage of failed logins on SSH) :
Jun 30 04:28:46 akashaduocyen sshd[3839]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.15.2.178 user=root
Jun 30 04:28:48 akashaduocyen sshd[3839]: Failed password for root from 121.15.2.178 port 43620 ssh2
Jun 30 04:28:48 akashaduocyen sshd[3839]: Received disconnect from 121.15.2.178 port 43620:11: Bye Bye [preauth]
Jun 30 04:28:48 akashaduocyen sshd[3839]: Disconnected from 121.15.2.178 port 43620 [preauth]
> Jun 30 04:29:48 akashaduocyen postfix/smtpd[3845]: connect from unknown[2001:888:0:1::9]
Jun 30 04:30:01 akashaduocyen CRON[3855]: pam_unix(cron:session): session opened for user nextcloud by (uid=0)
Jun 30 04:30:01 akashaduocyen CRON[3857]: (nextcloud) CMD (/usr/bin/php7.3 -f /var/www/nextcloud/cron.php)
Jun 30 04:30:09 akashaduocyen CRON[3855]: pam_unix(cron:session): session closed for user nextcloud
Jun 30 04:30:35 akashaduocyen sshd[3866]: Connection from 13.68.222.199 port 37063 on 80.127.182.179 port 22
Jun 30 04:30:36 akashaduocyen sshd[3866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.222.199 user=root
Jun 30 04:30:38 akashaduocyen sshd[3866]: Failed password for root from 13.68.222.199 port 37063 ssh2
Would you have a suggestion how to troubleshoot the issue?