Hello, I have a problem with the server where Mailcow is, this server is exclusively running Mailcow.
Mailcow was working great for several months, a week ago it began to block all ports on the server, even the ssh port.
Restarting the server it started working again for a few hours.
Then I found out that restarting docker Mailcow was working again, actually the network (all ports) were reachable again.
In the Mailcow log I found some things but I don’t understand much, I would be very grateful if someone could give me a hand:
sogo-mailcow_1 | Jan 25 07:24:01 119579fcf48f CRON[87]: pam_unix(cron:session): session closed for user sogo [275/3391]
solr-mailcow_1 | 2021-01-25 10:22:37.764 INFO (main) [ ] o.a.s.h.a.MetricsHistoryHandler No .system collection, keeping metrics history in memory.
solr-mailcow_1 | 2021-01-25 10:22:37.962 INFO (main) [ ] o.a.s.m.r.SolrJmxReporter JMX monitoring for ‘solr.node’ (registry ‘solr.node’) enabled at server: com.sun.jmx.mbeanser
ver.JmxMBeanServer@4fa1c212
php-fpm-mailcow_1 | fd4d:6169:6c63:6f77::4 - 25/Jan/2021:07:17:40 -0300 “GET /settings.php” 200
unbound-mailcow_1 | [1611568604] unbound[1:0] info: service stopped (unbound 1.9.6).
nginx-mailcow_1 | 117.240.208.20 - - [25/Jan/2021:07:24:11 -0300] "\x00\x00\x00\x85\xFFSMBr\x00\x00\x00\x00\x18S\xC0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xFF\xFE
\x00\x00@\x00\x00b\x00\x02PC NETWORK PROGRAM 1.0\x00\x02LANMAN1.0\x00\x02Windows for Workgroups 3.1a\x00\x02LM1.2X002\x00\x02LANMAN2.1\x00\x02NT LM 0.12\x00″ 400 150 “-” “-”
nginx-mailcow_1 | 110.137.18.198 - - [25/Jan/2021:07:24:12 -0300] "\x00\x00\x00T\xFFSMBr\x00\x00\x00\x00\x18\x01(\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00/K\x00\x00\
xC5\x001\x00\x02LANMAN1.0\x00\x02LM1.2X002\x00\x02NT LANMAN 1.0\x00\x02NT LM 0.12\x00″ 400 150 “-” “-”
redis-mailcow_1 | 1:C 25 Jan 2021 07:22:28.332 # Warning: no config file specified, using the default config. In order to specify a config file use redis-server /path/to/redis.conf
redis-mailcow_1 | 1:M 25 Jan 2021 07:22:28.429 * Running mode=standalone, port=6379.
rspamd-mailcow_1 | 2021-01-25 07:22:39 #1(main) <4dego7>; map; rspamd_regexp_list_fin: read regexp list of 24 elements
php-fpm-mailcow_1 | 172.22.1.4 - 25/Jan/2021:07:17:54 -0300 “HEAD /forwardinghosts.php” 200
php-fpm-mailcow_1 | fd4d:6169:6c63:6f77::4 - 25/Jan/2021:07:17:54 -0300 “GET /forwardinghosts.php” 200
dovecot-mailcow_1 | 2021-01-25 07:22:41,327 INFO spawned: ‘dovecot’ with pid 122
unbound-mailcow_1 | [1611568604] unbound[1:0] info: server stats for thread 0: 338827 queries, 318170 answers from cache, 20657 recursions, 0 prefetch, 0 rejected by ip ratelimiting
nginx-mailcow_1 | 49.206.57.44 - - [25/Jan/2021:07:24:13 -0300] "\x00\x00\x00\x85\xFFSMBr\x00\x00\x00\x00\x18S\xC0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xFF\xFE\x
00\x00@\x00\x00b\x00\x02PC NETWORK PROGRAM 1.0\x00\x02LANMAN1.0\x00\x02Windows for Workgroups 3.1a\x00\x02LM1.2X002\x00\x02LANMAN2.1\x00\x02NT LM 0.12\x00″ 400 150 “-” “-”
redis-mailcow_1 | 1:M 25 Jan 2021 07:22:28.429 # Server initialized
postfix-mailcow_1 | 2021-01-25 07:22:25,473 INFO Set uid to user 0 succeeded
postfix-mailcow_1 | 2021-01-25 07:22:25,478 INFO supervisord started with pid 1
php-fpm-mailcow_1 | 172.22.1.4 - 25/Jan/2021:07:18:07 -0300 “GET /forwardinghosts.php” 200
solr-mailcow_1 | 2021-01-25 10:22:37.963 INFO (main) [ ] o.a.s.m.r.SolrJmxReporter JMX monitoring for ‘solr.jvm’ (registry ‘solr.jvm’) enabled at server: com.sun.jmx.mbeanserve
r.JmxMBeanServer@4fa1c212
dovecot-mailcow_1 | 2021-01-25 07:22:41,329 INFO spawned: ‘syslog-ng’ with pid 124
unbound-mailcow_1 | [1611568604] unbound[1:0] info: server stats for thread 0: requestlist max 113 avg 3.69705 exceeded 0 jostled 0
redis-mailcow_1 | 1:M 25 Jan 2021 07:22:28.429 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add ’vm.overcommit_me
mory = 1′ to /etc/sysctl.conf and then reboot or run the command ‘sysctl vm.overcommit_memory=1’ for this to take effect.
redis-mailcow_1 | 1:M 25 Jan 2021 07:22:28.429 # WARNING you have Transparent Huge Pages (THP) support enabled in your kernel. This will create latency and memory usage issues with
Redis. To fix this issue run the command ‘echo never > /sys/kernel/mm/transparent_hugepage/enabled’ as root, and add it to your /etc/rc.local in order to retain the setting after a reb
oot. Redis must be restarted after THP is disabled.
rspamd-mailcow_1 | 2021-01-25 07:22:39 #1(main) <4dego7>; map; read_map_static: static: read map data, 47 bytes
postfix-mailcow_1 | 2021-01-25 07:22:26,499 INFO spawned: ‘processes’ with pid 9
php-fpm-mailcow_1 | fd4d:6169:6c63:6f77::4 - 25/Jan/2021:07:18:15 -0300 “HEAD /settings.php” 200
solr-mailcow_1 | 2021-01-25 10:22:37.981 INFO (main) [ ] o.a.s.m.r.SolrJmxReporter JMX monitoring for ‘solr.jetty’ (registry ‘solr.jetty’) enabled at server: com.sun.jmx.mbeans
erver.JmxMBeanServer@4fa1c212
dovecot-mailcow_1 | [2021-01-25T07:22:41.517353] WARNING: With use-dns(no), dns-cache() will be forced to ‘no’ too!;
unbound-mailcow_1 | [1611568604] unbound[1:0] info: average recursion processing time 0.242784 sec
netfilter-mailcow_1 | Clearing all bans
redis-mailcow_1 | 1:M 25 Jan 2021 07:22:28.674 * DB loaded from disk: 0.244 seconds
rspamd-mailcow_1 | 2021-01-25 07:22:39 #1(main) <4dego7>; map; rspamd_try_load_re_map_cache: loaded hypersan cache from /var/lib/rspamd//3034a0483753f4fd9b1d586eda8b5b7eb0f8352dbdb2
fbccd5114fcdecb80cfe.hsmc (5.97KiB length) for static
postfix-mailcow_1 | 2021-01-25 07:22:26,502 INFO spawned: ‘postfix’ with pid 10
postfix-mailcow_1 | 2021-01-25 07:22:26,506 INFO spawned: ‘syslog-ng’ with pid 11
php-fpm-mailcow_1 | 172.22.1.4 - 25/Jan/2021:07:18:15 -0300 “GET /settings.php” 200
solr-mailcow_1 | 2021-01-25 10:22:38.088 INFO (main) [ ] o.a.s.c.CorePropertiesLocator Found 1 core definitions underneath /opt/solr/server/solr
dovecot-mailcow_1 | Jan 25 07:22:41 5b10f6ee6676 syslog-ng[124]: syslog-ng starting up; version=‘3.19.1’
unbound-mailcow_1 | [1611568604] unbound[1:0] info: histogram of recursion processing times
netfilter-mailcow_1 | Initializing mailcow netfilter chain
From already thank you very much.