Yesterday we started to get hundreds of notifications even tough everything seemed OK on NagiosXI GUI. After cheeking the logs I saw the message
Code: Select all
cannot update mailbox /var/mail/nagios for user nagios. error writing message: File too largeCode: Select all
>/var/mail/nagiosThe restart of the service didn't seems to do the trick so I restarted the whole nagios server and after about 1 hour of hundreds of emails, it finally stopped and mails started to work OK.
I really have no clue why this have happened. Server have been working fine for over 1 year but recently some configuration changes were made to make the server CIS complaint that might have caused the issue.
Is normal for the /var/mail/nagios to just keep growing and growing? Or some underlying issues caused it to not been cleared?
Here is an extract of the maillog were I think the root cause is. Emails get bounced because that unknown user.
Code: Select all
Nov 8 08:13:44 ESBARLMONAPP06 postfix/pickup[28434]: EBC73BB: uid=996 from=<nagios>
Nov 8 08:13:44 ESBARLMONAPP06 postfix/cleanup[6775]: EBC73BB: message-id=<[email protected]>
Nov 8 08:13:44 ESBARLMONAPP06 postfix/qmgr[1750]: EBC73BB: from=<[email protected]>, size=779, nrcpt=1 (queue active)
Nov 8 08:13:44 ESBARLMONAPP06 postfix/local[6780]: EBC73BB: to=<[email protected]>, orig_to=<$>, relay=local, delay=0.01, delays=0.01/0/0/0, dsn=
5.1.1, status=bounced (unknown user: "$")
Nov 8 08:13:44 ESBARLMONAPP06 postfix/cleanup[6775]: EE0774F2: message-id=<[email protected]>
Nov 8 08:13:44 ESBARLMONAPP06 postfix/bounce[6781]: EBC73BB: sender non-delivery notification: EE0774F2
Nov 8 08:13:44 ESBARLMONAPP06 postfix/qmgr[1750]: EE0774F2: from=<>, size=2712, nrcpt=1 (queue active)
Nov 8 08:13:44 ESBARLMONAPP06 postfix/qmgr[1750]: EBC73BB: removed
Nov 8 08:13:44 ESBARLMONAPP06 postfix/local[6780]: EE0774F2: to=<[email protected]>, relay=local, delay=0.01, delays=0/0/0/0, dsn=2.0.0, sta
tus=sent (delivered to mailbox)