external connectivity issue

If none of the more specific forums is the right place to ask

external connectivity issue

Postby siil-itman » 2020-10-13 15:39

Sorry but this is a bit long....
I'm running 3 debian 9.13 LAMP stacks which are hosting a number of different web services and have been working fine for a long time.

This morning, the stack which hosts our helpdesk developed a problem with email connectivity. The service scrapes a number of group mailboxes as well as sends emails the responses out through the same mailboxes. Once it's scraped a mailbox and raised or updated a ticket, it moves the mail to another folder. I noticed a growing number of emails in the inbox 'unscraped' so checked the helpdesk back end logs and found

Code: Select all
Mailer Error
Unable to email via SMTP:smtp.office365.com:587 [it.helpdesk@****] Failed to set sender: it.helpdesk@**** [SMTP: Failed to write to socket: not connected (code: -1, response: )]


Code: Select all
 Mail Fetch Failure Alert
*** is having trouble fetching emails from the following mail account:
User: it.helpdesk@**** Host: outlook.office365.com
Error: Can't connect to outlook.ms-acdc.office.com, 993:
Connection timed out 36 consecutive errors. Maximum of 5 allowed
This could be connection issues related to the mail server. Next delayed login attempt in aprox. 10 minutes https://support.***.com


Normally if we get a mail error, just sending a test email from within the helpdesk back end gets things moving again, but not this time.

Jumped on to the console for the server and noticed a few updates queued so attempted to run apt update and i'm getting two different errors showing
Err:7 http://ftp.uk.debian.org/debian stretch Release
403 Forbidden [IP: 146.112.61.106. 80]
Err:10 https://packages.sury.org/php stretch Release
server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none

the sources files contain the following

deb http://ftp.uk.debian.org/debian/ stretch main contrib non-free
deb-src http://ftp.uk.debian.org/debian/ stretch main contrib non-free

deb http://security.debian.org/debian-security stretch/updates main contib non-free
deb-src http://security.debian.org/debian-security stretch/updates main contib non-free

deb http://ftp.uk.debian.org/debian/ stretch-updates main contrib non-free
deb-src http://ftp.uk.debian.org/debian/ stretch-updates main contrib non-free

deb http://deb.debian.org/debian stretch-backports main

deb https://packages.sury.org/php/ stretch main

The web services these system are running are all ok but we have the email issue on 2 systems and we can't update all 3.

Anyone give me a clue on solving either of the issues?
siil-itman
 
Posts: 2
Joined: 2020-10-13 12:27

Re: external connectivity issue

Postby Head_on_a_Stick » 2020-10-13 16:34

siil-itman wrote:Jumped on to the console for the server and noticed a few updates queued so attempted to run apt update and i'm getting two different errors showing
Err:7 http://ftp.uk.debian.org/debian stretch Release
403 Forbidden [IP: 146.112.61.106. 80]
Err:10 https://packages.sury.org/php stretch Release
server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none

Not sure about the deb.sury.org error (ask them about it here) but for the Debian repository that IP address looks wrong and doesn't match what I see:
Code: Select all
~$ nslookup ftp.uk.debian.org                                   
Server:         9.9.9.9
Address:        9.9.9.9#53

Non-authoritative answer:
ftp.uk.debian.org       canonical name = debian.hands.com.
Name:   debian.hands.com
Address: 78.129.164.123
Name:   debian.hands.com
Address: 2001:1b40:5600:ff80:f8ee::1

~$

How are you handling DNS queries for the server?
Black Lives Matter

Debian buster-backports ISO image: for new hardware support
User avatar
Head_on_a_Stick
 
Posts: 12650
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: external connectivity issue

Postby siil-itman » 2020-10-13 18:48

Head_on_a_Stick wrote:How are you handling DNS queries for the server?


It looks like I've got some really weird routing going on and the non-web traffic for these servers is going out the wrong connection (we have a static and dynamic connection).

Turns out the dynamic connection is spam blacklisted right now and a lot of places are rejecting our connections because of it. I think the problems should resolve once the blacklist clears or I sort the routing out.

I've got a bad night ahead of me I think!
siil-itman
 
Posts: 2
Joined: 2020-10-13 12:27


Return to General Questions

Who is online

Users browsing this forum: No registered users and 15 guests

fashionable