As said before, double-check if some firewall rule is blocking outgoing connections, or if your ISP for some strange reason does not allow connections to DNS root servers
I’ve disabled DNSban, IPban and threatshield within Nethsecurity, but still the same issue.
On my NS8 I don’t have no firewall (other then the default) or blocks installed.
Can it be that i’ve my NS8 behind a reverse proxy ?
The portforwarding to NS8 is only SMTP port
runagent -m mail1 podman exec rspamd unbound-control lookup nethserver.org
[1732820462] unbound-control[74:0] error: connect: No such file or directory for /run/unbound.control.sock
Gives an error
No idea why this service has stopped.
Nothing has been changed besides the updates or a restart of the server
The fact that unbound isn’t running depicts a completely different scenario. We were investigating why it was not resolving addresses, now we are going to check why it isn’t running.
Navigate to the System logs page and select App mail1, with Follow mode. Then restart Rspamd with:
runagent -m mail1 systemctl --user restart rspamd
If some error message is sent to the logs, it should be among first lines. Please share them here.
Hello Davide
Good to hear it is still under investigation. Happy to see the great support on the forum.
I’ve restarted the service and this is the log
2024-11-29T12:44:49+01:00 [1:mail1:podman] 2024-11-29 12:44:49.825268753 +0100 CET m=+0.210049679 container died e084ee81d9b7e95f1c3a99782b6c3294f911359b13b33e8223112576c3fa85e6 (image=ghcr.io/nethserver/mail-rspamd:1.4.10, name=rspamd, PODMAN_SYSTEMD_UNIT=rspamd.service, io.buildah.version=1.23.1)
2024-11-29T12:44:49+01:00 [1:mail1:podman] 2024-11-29 12:44:49.854701455 +0100 CET m=+0.239482382 container cleanup e084ee81d9b7e95f1c3a99782b6c3294f911359b13b33e8223112576c3fa85e6 (image=ghcr.io/nethserver/mail-rspamd:1.4.10, name=rspamd, PODMAN_SYSTEMD_UNIT=rspamd.service, io.buildah.version=1.23.1)
2024-11-29T12:44:49+01:00 [1:mail1:rspamd] e084ee81d9b7e95f1c3a99782b6c3294f911359b13b33e8223112576c3fa85e6
2024-11-29T12:44:50+01:00 [1:mail1:podman] 2024-11-29 12:44:50.133507353 +0100 CET m=+0.237645165 container remove e084ee81d9b7e95f1c3a99782b6c3294f911359b13b33e8223112576c3fa85e6 (image=ghcr.io/nethserver/mail-rspamd:1.4.10, name=rspamd, PODMAN_SYSTEMD_UNIT=rspamd.service, io.buildah.version=1.23.1)
2024-11-29T12:44:50+01:00 [1:mail1:rspamd] e084ee81d9b7e95f1c3a99782b6c3294f911359b13b33e8223112576c3fa85e6
2024-11-29T12:44:50+01:00 [1:mail1:systemd] rspamd.service: Failed with result 'exit-code'.
2024-11-29T12:44:50+01:00 [1:mail1:systemd] Stopped rspamd.service - Rspamd mail filter.
2024-11-29T12:44:51+01:00 [1:mail1:rspamd] enabled
2024-11-29T12:44:51+01:00 [1:mail1:podman] 2024-11-29 12:44:51.188647749 +0100 CET m=+0.039122401 image pull ghcr.io/nethserver/mail-rspamd:1.4.10
2024-11-29T12:44:52+01:00 [1:mail1:systemd] Started libpod-a1d1f2b690cdfc2d8143068e6a9e68ca8329e766465071a3d035635cffee1403.scope - libcrun container.
2024-11-29T12:44:52+01:00 [1:mail1:su] + none root:redis
2024-11-29T12:44:52+01:00 [1:mail1:su] + none root:redis
2024-11-29T12:44:52+01:00 [1:mail1:] WARNING Memory overcommit must be enabled! Without it, a background save or replication may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
2024-11-29T12:44:52+01:00 [1:mail1:] oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
2024-11-29T12:44:52+01:00 [1:mail1:redis-persistent] Server initialized
2024-11-29T12:44:52+01:00 [1:mail1:] WARNING Memory overcommit must be enabled! Without it, a background save or replication may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
2024-11-29T12:44:52+01:00 [1:mail1:] oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
2024-11-29T12:44:52+01:00 [1:mail1:redis-volatile] Ready to accept connections unix
2024-11-29T12:44:52+01:00 [1:mail1:redis-persistent] Ready to accept connections unix
2024-11-29T12:44:55+01:00 [1:mail1:rspamd] /usr/bin/bash: connect: Verbinding is geweigerd
2024-11-29T12:44:55+01:00 [1:mail1:rspamd] /usr/bin/bash: regel 1: /dev/tcp/127.0.0.1/11334: Verbinding is geweigerd
2024-11-29T12:44:58+01:00 [1:mail1:rspamd] /usr/bin/bash: connect: Verbinding is geweigerd
2024-11-29T12:44:58+01:00 [1:mail1:rspamd] /usr/bin/bash: regel 1: /dev/tcp/127.0.0.1/11334: Verbinding is geweigerd
2024-11-29T12:45:00+01:00 [1:mail1:rspamd] (main) <fdp86m>; map; rspamd_map_add: added map https://maps.rspamd.com/freemail/free.txt.zst
2024-11-29T12:45:00+01:00 [1:mail1:rspamd] (main) <da4ph6>; symcache; add_augmentation: added implied flags (0100000000000000000) for symbol BYPASS_RECIPIENT as it has passthrough augmentation
2024-11-29T12:45:00+01:00 [1:mail1:rspamd] (main) <da4ph6>; lua; rbl.lua:1126: added URL whitelist for RBL DWL_DNSWL
2024-11-29T12:45:00+01:00 [1:mail1:rspamd] (main) <da4ph6>; cfg; rspamd_map_parse_backend: map '/etc/rspamd/local.d/maps.d/spf_whitelist.inc.local' is not found, but it can be loaded automatically later
2024-11-29T12:45:00+01:00 [1:mail1:rspamd] (main) <yhcyzt>; map; rspamd_map_read_http_cached_file: read cached data for https://maps.rspamd.com/rspamd/phishing_whitelist.inc.zst from /var/lib/rspamd/110ec84de81cc98813b71d34d42dedbc199bd687.map, 170 bytes; next check at: 2024-11-29 14:56:47; last modified on: 2021-02-25 19:17:32; etag: (NULL)
2024-11-29T12:45:00+01:00 [1:mail1:rspamd] (main) <k8f914>; map; rspamd_map_read_http_cached_file: read cached data for https://maps.rspamd.com/freemail/disposable.txt.zst from /var/lib/rspamd/ea942f35f2c82e84bdb7b8ceb34537f7dbe986eb.map, 15599 bytes; next check at: 2024-11-29 13:59:35; last modified on: 2024-09-20 17:33:31; etag: (NULL)
2024-11-29T12:45:00+01:00 [1:mail1:rspamd] (normal) <da4ph6>; lua; lua_redis.lua:1254: uploaded redis script to unix:/run/redis/persistent.sock from file bayes_cache_learn.lua, sha: 67e32328bb29b39efed307d5d179a6ccf099da54
2024-11-29T12:45:00+01:00 [1:mail1:rspamd] (normal) <da4ph6>; lua; lua_redis.lua:1254: uploaded redis script to unix:/run/redis/persistent.sock from file bayes_cache_learn.lua, sha: 67e32328bb29b39efed307d5d179a6ccf099da54
2024-11-29T12:45:00+01:00 [1:mail1:rspamd] (normal) <da4ph6>; lua; lua_redis.lua:1254: uploaded redis script to unix:/run/redis/persistent.sock from file bayes_classify.lua, sha: 0075688c9013897c35b1ef045c2b9f55d12d4586
2024-11-29T12:45:00+01:00 [1:mail1:rspamd] (normal) <da4ph6>; lua; lua_redis.lua:1254: uploaded redis script to unix:/run/redis/persistent.sock from file bayes_classify.lua, sha: 0075688c9013897c35b1ef045c2b9f55d12d4586
2024-11-29T12:45:00+01:00 [1:mail1:rspamd] (normal) <da4ph6>; lua; lua_redis.lua:1254: uploaded redis script to unix:/run/redis/persistent.sock from file bayes_learn.lua, sha: 18c1f7e837d77f2d1d51cc491aa89365ed1c5bc6
2024-11-29T12:45:00+01:00 [1:mail1:rspamd] (normal) <da4ph6>; lua; lua_redis.lua:1254: uploaded redis script to unix:/run/redis/persistent.sock from file bayes_learn.lua, sha: 18c1f7e837d77f2d1d51cc491aa89365ed1c5bc6
2024-11-29T12:45:00+01:00 [1:mail1:rspamd] (normal) <da4ph6>; lua; lua_redis.lua:1254: uploaded redis script to unix:/run/redis/persistent.sock from file bayes_cache_check.lua, sha: dc0667e90f70e3df72fc6131e3b332160e82f638
2024-11-29T12:45:00+01:00 [1:mail1:rspamd] (normal) <da4ph6>; lua; lua_redis.lua:1254: uploaded redis script to unix:/run/redis/persistent.sock from file bayes_cache_check.lua, sha: dc0667e90f70e3df72fc6131e3b332160e82f638
2024-11-29T12:45:00+01:00 [1:mail1:rspamd] (normal) <da4ph6>; lua; lua_redis.lua:1254: uploaded redis script to unix:/run/redis/persistent.sock from file bayes_classify.lua, sha: 0075688c9013897c35b1ef045c2b9f55d12d4586
2024-11-29T12:45:00+01:00 [1:mail1:rspamd] (normal) <da4ph6>; lua; lua_redis.lua:1254: uploaded redis script to unix:/run/redis/persistent.sock from file bayes_classify.lua, sha: 0075688c9013897c35b1ef045c2b9f55d12d4586
2024-11-29T12:45:00+01:00 [1:mail1:rspamd] (normal) <da4ph6>; lua; lua_redis.lua:1254: uploaded redis script to unix:/run/redis/persistent.sock from file bayes_learn.lua, sha: 18c1f7e837d77f2d1d51cc491aa89365ed1c5bc6
2024-11-29T12:45:00+01:00 [1:mail1:rspamd] (normal) <da4ph6>; lua; lua_redis.lua:1254: uploaded redis script to unix:/run/redis/persistent.sock from file bayes_learn.lua, sha: 18c1f7e837d77f2d1d51cc491aa89365ed1c5bc6
2024-11-29T12:45:00+01:00 [1:mail1:rspamd] (controller) <da4ph6>; lua; lua_redis.lua:1254: uploaded redis script to unix:/run/redis/volatile.sock from file ratelimit_cleanup_pending.lua, sha: cd653186a50918be9389f99095e2e34625004596
2024-11-29T12:45:00+01:00 [1:mail1:rspamd] (controller) <da4ph6>; lua; lua_redis.lua:1254: uploaded redis script to unix:/run/redis/volatile.sock from file ratelimit_cleanup_pending.lua, sha: cd653186a50918be9389f99095e2e34625004596
2024-11-29T12:45:00+01:00 [1:mail1:rspamd] (normal) <da4ph6>; lua; lua_redis.lua:1254: uploaded redis script to unix:/run/redis/volatile.sock from file neural_maybe_invalidate.lua, sha: dc4556c7a1cd47d361b56026db3e644eea127d94
2024-11-29T12:45:00+01:00 [1:mail1:rspamd] (normal) <da4ph6>; lua; lua_redis.lua:1254: uploaded redis script to unix:/run/redis/volatile.sock from file neural_maybe_invalidate.lua, sha: dc4556c7a1cd47d361b56026db3e644eea127d94
2024-11-29T12:45:05+01:00 [1:mail1:rspamd] (hs_helper) rspamd_rs_compile_cb: compiled 0 regular expressions to the hyperscan tree, postpone loaded notification for 1 seconds to avoid races
2024-11-29T12:45:06+01:00 [1:mail1:rspamd] (main) <4ae116>; main; rspamd_srv_handler: received hyperscan cache loaded from /var/lib/rspamd/
2024-11-29T12:45:06+01:00 [1:mail1:rspamd] (controller) <imhkkk>; monitored; rspamd_monitored_dns_cb: DNS query blocked on multi.uribl.com (127.0.0.1 returned), possibly due to high volume
2024-11-29T12:45:10+01:00 [1:mail1:rspamd] (controller) <k4k3se>; monitored; rspamd_monitored_dns_cb: DNS reply returned 'no error' for bl.score.senderscore.com while 'no records with this name' was expected when querying for '1.0.0.127.bl.score.senderscore.com'(likely DNS spoofing or BL internal issues)