Re: RES: [qmailtoaster] Re: Qmail-inject issue

[Martin Waschbüsch IT-Dienstleistungen]

Hi all,

I sometimes have the same kind of entry in the logs:

grep -R -i 'inject' /var/log/qmail/send/*

comes up with entries such as this:

/var/log/qmail/send/@40004cac830228d80ff4.s:@40004ca982cb35955a94 
delivery 291: failure: 
qmail-inject:_fatal:_unable_to_parse_this_line:/Cc:_cdshummar...@waschbuesch.de,/_mar...@waschbuesch.de;_Mon,_4_Oct_2010_09:31:12_+0200/system_error_calling_qmail-inject/

The interesting thing is that I always have that when mails seem to have 
multiple recipients and one of them is clearly fake: 
cdshummar...@waschbuesch.de is not one of my users while 
mar...@waschbuesch.de is.

I also attached an error message that goes with such errors.

Please note that I have never yet seen this if it was not a spam mail anyway, 
so I never investigated further.

Perhaps that helps?

Martin


--
Martin Waschbüsch
IT-Dienstleistungen
Lautensackstr. 16
80687 München

Telefon: +49 89 57005708
Fax: +49 89 57868023
Mobil: +49 170 2189794
serv...@waschbuesch.it
http://www.waschbuesch.it
---BeginMessage---
Hi. This is the qmail-send program at hydra.waschbuesch.de.
I tried to deliver a bounce message to this address, but the bounce bounced!

er...@mailfrom.com:
Sorry, I wasn't able to establish an SMTP connection. (#4.4.1)
I'm not going to try again; this message has been in the queue too long.

--- Below this line is the original bounce.

Return-Path: 
Received: (qmail 2830 invoked for bounce); 4 Oct 2010 07:31:13 -
Date: 4 Oct 2010 07:31:13 -
From: mailer-dae...@hydra.waschbuesch.de
To: er...@mailfrom.com
Subject: failure notice

Hi. This is the qmail-send program at hydra.waschbuesch.de.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

i...@waschbuesch.de:
qmail-inject: fatal: unable to parse this line:
Cc: cdshummar...@waschbuesch.de,
mar...@waschbuesch.de; Mon, 4 Oct 2010 09:31:12 +0200
system error calling qmail-inject

--- Below this line is a copy of the message.

Return-Path: er...@mailfrom.com
Received: (qmail 2806 invoked by uid 89); 4 Oct 2010 07:31:13 -
Received: by simscan 1.4.0 ppid: 2799, pid: 2800, t: 23.6234s
 scanners: attach: 1.4.0 clamav: 0.96.3/m:52/d:12005 spam: 3.2.5
X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
serv01.waschbuesch.de
X-Spam-Level: ***
X-Spam-Status: Yes, score=3.6 required=2.0 tests=BAYES_99,HTML_MESSAGE,
RDNS_NONE autolearn=no version=3.2.5
X-Spam-Report: 
*  3.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
*  [score: 1.]
*  0.0 HTML_MESSAGE BODY: HTML included in message
*  0.1 RDNS_NONE Delivered to trusted network by a host with no rDNS
Received: from unknown (HELO ?95.86.101.2?) (95.86.101.2)
  by hydra.waschbuesch.de with SMTP; 4 Oct 2010 07:30:50 -
Received-SPF: none (hydra.waschbuesch.de: domain at mailfrom.com does not 
designate permitted sender hosts)
Received: from [132.51.125.15] (helo=ybqmocxuyk.jmznfn.va)
by  with esmtpa (Exim 4.69)
(envelope-from )
id 1MMNII-6917ai-41
for andre...@waschbuesch.de,
andrea...@waschbuesch.de,
andr...@waschbuesch.de,
i...@waschbuesch.de
Cc: cdshummar...@waschbuesch.de,
mar...@waschbuesch.de; Mon, 4 Oct 2010 09:31:12 +0200
From: Benjamin Lay carterzotyv...@imperial-software.de 
To: andre...@waschbuesch.de,
andrea...@waschbuesch.de,
andr...@waschbuesch.de,
i...@waschbuesch.de
Cc: cdshummar...@waschbuesch.de,
mar...@waschbuesch.de
Subject: Die Armbanduhren sind viel billiger online!
Date: Mon, 4 Oct 2010 09:31:12 +0200
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary==_fxxoamnvl_49_47_27
X-Priority: 3
X-Mailer: rmhuzwmu.96
Message-ID: 2033986661.weil69lr106...@pvurl.pbmgh.va

--=_fxxoamnvl_49_47_27
Content-Type: text/plain;
charset=iso-8859-2
Content-Transfer-Encoding: quoted-printable

Die Brand Original Chronometer aus der Schweiz sind zu teuer geldfressend=
, aber Menschen respektieren achten deren Besitzer. erwerben Sie eine Kop=
ie von einer Brand und kriegen Sie alle Privilegien der Elite ohne ein ga=
nzes Vermoegen zu bezahlen.http://bit.ly/95d0yz
--=_fxxoamnvl_49_47_27
Content-Type: text/html;
charset=iso-8859-2
Content-Transfer-Encoding: quoted-printable

!DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.0 Transitional//EN
HTMLHEAD
META http-equiv=3DContent-Type content=3Dtext/html; charset=3Diso-8859-=
2
STYLE/STYLE
/HEAD
BODY
html
body bgcolor=3D#FF link=3Dgreen
font face=3DVerdana size=3D2Die Brand Original Chronometer aus der =
Schweiz sind zu teuer geldfressend, aber Menschen respektieren achten der=
en Besitzer. erwerben Sie eine Kopie von einer Brand und kriegen Sie alle=
 Privilegien der Elite ohne ein ganzes Vermoegen zu bezahlen./fontbr=
br
font face=3DVerdana size=3D2a href=3Dhttp://bit.ly/95d0yz; target=

RES: [qmailtoaster] Re: Qmail-inject issue

[Atalibio Frederico Schneider Junior]

Dear Eric,

The message presented here is taken from e-mail returned to sender.

It also appears in /var/log/qmail/send/current

@40004d80079808d3e14c info msg 10083300: bytes 76237 from 
x...@xxx.com.br  qp 4600 uid 89
@40004d8007980934877c starting delivery 3364: msg 10083300 to local
digiall.com.br-...@yyy.com.br
@40004d80079809349eec status: local 1/10 remote 0/60
@40004d8007980a9728a4 delivery 3364: deferral:
qmail-inject:_fatal:_unable_to_parse_this_line:/From:_=?iso-8859-1?Q?..::_th
inkmedia_comunica=E7=E3o?=_ x...@xxx.com.br
/write_to_qmail-inject_failed:_32/system_error_calling_qmail-inject/
@40004d8007980a974bcc status: local 0/10 remote 0/60
@40004d80079d0a9f94e4 starting delivery 3365: msg 10083297 to local
yyy.com.br-...@yyy.com.br
@40004d80079d0a9fac54 status: local 1/10 remote 0/60
@40004d80079d0c09525c delivery 3365: deferral:
qmail-inject:_fatal:_unable_to_parse_this_line:/From:_=?iso-8859-1?Q?..::_th
inkmedia_comunica=E7=E3o?=_x...@xxx.com.br/write_to_qmail-inject_failed:_32
/system_error_calling_qmail-inject/
@40004d80079d0c097584 status: local 0/10 remote 0/60

Information as follows

[root@server1 ~]# qtp-whatami
-bash: qtp-whatami: command not found

[root@server1 ~]# locate qtp-

[root@server1 ~]# rpm -qa|grep toaster | sort
autorespond-toaster-2.0.4-1.3.6
clamav-toaster-0.96.5-1.3.40
control-panel-toaster-0.5-1.3.7
courier-authlib-toaster-0.59.2-1.3.10
courier-imap-toaster-4.1.2-1.3.10
daemontools-toaster-0.76-1.3.6
ezmlm-cgi-toaster-0.53.324-1.3.6
ezmlm-toaster-0.53.324-1.3.6
isoqlog-toaster-2.1-1.3.7
libdomainkeys-toaster-0.68-1.3.6
libsrs2-toaster-1.0.18-1.3.6
maildrop-toaster-2.0.3-1.3.8
maildrop-toaster-devel-2.0.3-1.3.8
qmailadmin-toaster-1.2.15-1.3.9
qmailmrtg-toaster-4.2-1.3.6
qmail-pop3d-toaster-1.03-1.3.20
qmail-toaster-1.03-1.3.20
ripmime-toaster-1.4.0.6-1.3.6
simscan-toaster-1.4.0-1.3.8
spamassassin-toaster-3.2.5-1.3.17
squirrelmail-toaster-1.4.20-1.3.17
ucspi-tcp-toaster-0.88-1.3.9
vpopmail-toaster-5.4.17-1.3.7
vqadmin-toaster-2.3.4-1.3.6
[root@server1 ~]#

Thanks,

Schneider


-Mensagem original-
De: Eric Shubert [mailto:e...@shubes.net] 
Enviada em: segunda-feira, 28 de março de 2011 19:22
Para: qmailtoaster-list@qmailtoaster.com
Assunto: [qmailtoaster] Re: Qmail-inject issue

On 03/28/2011 11:50 AM, Atalibio Frederico Schneider Junior wrote:
 Dear users,


 I found this error in one of the servers that I manage:


 addresses.
 This is a permanent error; I've given up. Sorry it didn't work out.

 sen...@xxx.com:
 qmail-inject: fatal: unable to parse this line:
 From: =?iso-8859-1?Q?..::_txxx=
 ...@xx.com.br
 write to qmail-inject failed: 32
 system error calling qmail-inject
 I'm not going to try again; this message has been in the queue too long.



 Searched this forum and Internet with no relevant results.
 Can you help me please?

 Thanks a lot,

 Atalibio Schneider



 --
 ---

Need a bit more information than that.
Which log?
Where's the message originating from?
I don't believe that qmail-inject is  is typically used in a stock QMT
setting. Do you know what's invoking it?

Also, so we know at least a little about your environment, please post:
# qtp-whatami
# rpm -qa | grep toaster | sort

--
-Eric 'shubes'



-
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!

-
 Please visit qmailtoaster.com for the latest news, updates, and
packages.
 
  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com



-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com