Generic troubleshooting tips
1) Use tail –f to watch log file in real time, advantage is simple you can spot error or warning message in real time.
tail –f /path/to/log/file
Example(s):
# tail –f /var/log/maillog
2) Use telnet command to see if you get response or not. Sometime you will also see some informative message:
telnet ip port
Example(s):
# telnet localhost 53
# telnet localhost 25
3) Make sure you can see PID of your service.
pidof service-name
cat /var/run/service.pid
Example(s):
# pidof sshd
# cat /var/run/sshd.pid
4) You need to make sure that your DNS server or third party DNS server (ISP) is accessible. This is an important step, as many network services depend upon DNS; especially sendmail/postfix or Squid etc for example. Run dig or nslookup. No timeout should occurred.
# dig your-domain.com
# nslookup gw.isp.com
# more /etc/resolv.conf
5) For networking troubleshooting, make sure your ip address configuration is right, gateway, routine, hostname etc all configured. Here is list of tools on RedHat Linux to verify or modify information:
Hostname verification or setup tools
- hostname : To get hostname of server.
- hostname –s : To get FQDN hostname of server
- more /etc/sysconfig/network : To setup hostname and networking can enabled or disabled.
- dnsdomainname : List or setup domainname.
- more /etc/hosts :Make sure at least localhost entry do exist.
Ethernet configuration tools
- ifconfig : To see running network card information.
- ifconfig eth0 up|down : To enable|disable network interface
- service network reload|restart|stop|start : To reload (after changed made in ip config file)|restart|stop|start network interface with all properties.
- route|netstat –rn : To print routing table
- ping ip-address : To see if host is alive or dead
- more /etc/modules.conf : To see your network card configuration alias for eth0 exists or not.
- lsmod : To list loaded modules (read as drivers), here you need to see that eth0 module is loaded or not, if not loaded then use insmod to insert (load) driver.
- dhclient : Dynamic Host Configuration Protocol Client, run this if your Ethernet card is not getting ip from DHCP box on startup; this command does by default shows useful information.
To see if service blocked because of access control
- iptables –n –L : To list all iptable rules; useful to see if firewall blocks service or not.
- service iptables stop|start : To start|stop iptables
- more /etc/xinetd.conf
OR
- more /etc/xinetd.conf/SERVICENAME = To list configuration of xinetd server. Again useful to see if firewall xinetd based security blocks service or not (xinetd includes host-based and time-based access control)
- more /etc/hosts.allow : To see list of hosts allowed to access service.
- more /etc/hosts.deny : To see list of hosts NOT allowed to access service. NOTE first TCP wrappers (hosts.allow|hosts.deny) checked and then xinetd-based access control checked.
- more /etc/path/to/application.conf : See your application configuration file for access control. For example smb.conf and many other applications/services got own access control list in application. You need to check that as well.
Read man pages of all above command for more details on syntax and usage.
{ 4 comments… read them below or add one }
respected sir ,
i would like 2 know the steps of installing a firewall “centos 4.5″,mail server and the commands use to run it , i would be very greatful to hear from you
thank you in advance
karim
Hello Karim,
Use our Linux tech support forum and post all your question, we have some good people on the forum and they will sort out your issues.
I am suffering from the messages which refuse to be sent to some emails…
below you will find a sample of those messages, please advice and thanx in advance…
***********************************
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
info@satpro.org
SMTP error from remote mail server after initial connection:
host mxlb.ispgateway.de [80.67.18.126]: 554 No reverse dns for IP
196.202.137.213. Help at/Hilfe unter http://www.mfaq.info
—— This is a copy of the message, including all the headers. ——
Return-path:
Received: from afromap by ashrafco.com with local (Exim 4.66)
(envelope-from )
id 1I6SxN-0001Ql-FC
for info@satpro.org; Thu, 05 Jul 2007 18:09:21 +0300
Received: from 196.202.137.215 ([196.202.137.215])
(SquirrelMail authenticated user malik@afromap-ltd.com)
by http://www.afromap-ltd.com with HTTP;
Thu, 5 Jul 2007 18:09:21 +0300 (EAT)
Message-ID:
In-Reply-To:
References:
Date: Thu, 5 Jul 2007 18:09:21 +0300 (EAT)
Subject: Re: Server
From: “Malik Youssef”
To: info@satpro.org
User-Agent: SquirrelMail/1.4.9a
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
**********************************
What should i do exactly step by step because i am not full professional in mailserver issues???
Create a reverse dns IP entry for your mail server hostname to get rid of this problem. If you need further assistance please use the our mail server forum.