Posts by sutorinfo

This is just a small report of my late experiences.

After a long time I visited the demo site of i-MSCP, where you can log in as admin, reseller or user. Every 2nd or 3rd page couldn't be delivered. Cloudflare gave some information that s. th. went wrong, I should try a few minutes later. Then the page appeared. But still every now and than cloudflare came in between with its error message. The demo site itself seemed to operate correct.

Just mention that, because I wanted to lead other people to i-MSCP and don't want them to drive away disappointed by reasons not in the responsibility of i-MSCP. Having a demo site is best to argument for our panel.

Well, after all, this still could have been a regional/local problem or one of cloudflare not being connected good enough to my provider (vodafone).

This "will follow..." was a bit too enthusiastic. Sorry for that. To investigate this behaviour I have to wait for an occurrence of this problem and examine three mail server logs. Something I currently have no time to do. Postponed into some future.

Meanwhile I read this blogpost: https://www.heinlein-support.d…n-mail-rejects-durch-spf/

This encoureged me to on first hand uninstall all SPF plugins, clear my DNS entries and stay with only DKIM and DMARC. If even myself on my own server can't ensure an overall working environment of SPF, I can't expect this from other admins. Only mailings between own servers where affected, not to think of bounced mails from other persons, which mostly remains unknown to me.

A small niche for DNS entries remains. E. g. if there is an only internaly used subdomain where I don't want under any circumstances outgoing mail, I could add a "... -all". Also on a virtual server, where there is no domain at all affected with any of these SPF problems as e. g. mail forwarding, this may be activated.

What's next?
I will wait for some time and watch incoming mails. Are there any, which could have been bounced because of SPF usage? Are my own mails resent more and more often? Will other spam measurements keep their number small enough? If this will work, I will stay with this configuration.

Hopefully my decision and the reasons to come to that one (part of my best practice) may help some of you

Quote from Speddy

Seit wan haben sie server in Deutschland?

Wurde in der Tat erst vor Kurzem freigegeben. OVH hat VC an die Seite bekommen und sie expandieren derzeit global mit großem Tempo. Bieten auch innovative Cloudprodukte, aber mir sind dedicated Server derzeit noch am liebsten. Vor kurzem gab es einen OVH Summit in Paris. Gut, den Charme einer Google-IO oder von Apple haben sie nicht drauf. Dafür aber ein starkes Commitment zu Opensource! Vor allem, nachdem jetzt der Privacy Shield zerbrochen ist (falls der Link geht: https://plus.google.com/u/0/+AndreasSutor/posts/bQcLgoeK4wf ), brauchen wir europäische Lösungen.

Will follow...

I added a somehow relating aspect in a different post.
https://i-mscp.net/index.php/T…s-confirm-sending-rights/

I'm referring to post https://i-mscp.net/index.php/Thread/13074-SRS-Plugin/
But this case seems a bit different. In addition to the SRS subject I'm currently watching a special issue in the case of mail forwarding.

Setup is as following:

• 2 virtual servers, each with its own IP and some domains as clients.
• Identical configurations on every machine.
• OS: Debian Jessie, updated
• i-MSCP: latest stable 1.4.7, any configuration left to defaults
• MTA_SERVER => 'postfix',
• PO_SERVER => 'dovecot',
• SPF Plugin 1.2.0

Few imap accounts, some mail forwarders as well as catchall are set on some domains.

Following is the process that happens.

1. One domain's Wordpress sends an information to the admin
[email protected] -> [email protected]
i. e. from VM1 to VM2
result of mailtransfer OK so far

2. Recepient server SSS.info has set a forward on wpadmin02
Tries to proceed forwarding
"[email protected]" -> [email protected]
i. e. from VM2 back to VM1
Where only by chance DDD.net is located again on VM1
Rejected.

Part of mail message is:

3. Whole Message is submitted to [email protected] as bounced mail
This is, what I received.

Analyzing:

Now the curious fact, wether related to SRS or not and in difference to bounced mails by providers like gmx.net or web.de:

SPF txt entries in any mentioned domain is as follows

"v=spf1 ip4:[IP adress or net range of VM1] ip4:[IP adress or net range of VM2] +a +mx ~all"

That means, any domain is allowed to send from each VM.
The correct configuration is confirmed by SPF website.

Current possible solutions:

• I could create imap accounts for some purposes. Here: for WP Admin contact.
• Trying to avoid forwarding generally, as concerning the SRS problems, this is a growing reason for bounced mails as SPF gets more implemented
• One may think, that the reason is not related to forwarding in general but in forwarding as result of a catchall. I'm forwarding several catchalls to one general catchall address, which works fine so far. May be I have to recreate catchall adresses for each domain seperately again.

This post is intended foremost as a report and I myself will keep an eye on that. Looking for other solutions. As far as today I dindn't found some.

@Sami Arifi
Die ersten beiden Treffer bieten Anleitungen:
https://www.google.de/search?n…hsts+browser+cache+leeren

Years ago I used a control panel at Strato in Germany (Vista24, proprietary and now dead). They had a special feature in mail forwarding.

With i-MSCP you can have
- an e-mail box
- an e-mail forwarder to one or more addresses, even cascade them
- a catchall address

In the mentioned program there was additionally
- a forwarder for a multiple of addresses

Example:

I have subscribed to many newsletters, each with its own mailadress, say

letter01@mydomain.tld pour Figaro
letter02@mydomain.tld pour Le Monde
letter03@mydomain.tld pour Financial Times

itgeek01@mydomain.tld pour Framasoft
itgeek02@mydomain.tld pour Opensaar e.V.
itgeek03@mydomain.tld pour i-MSCP News

Formerly I had forwarders like

letter* -> [email protected] (being an imap-account, called separately from other mails)
itgeek* -> [email protected]

I tested with i-MSCP and wildcards were accepted, but not working as such but literally

So my question is: could this be implemented without much work? Just by giving postoffice programs a regular expression?

If this would not be possible I'm happy I read of another solution in this forum. There s. o. suggested to create appropriate subdomains, e. g. in this case letter.mydomain.tld and itgeek.mydomain.tld.

Beyond comfort there is another reason for my question/suggestion. Today it happens more often, that mail addresses get lost because they get on spam lists. While still receiving valid mails amidst spam you can put them out of your everyday box when naming of the addresses is somehow structured (name-YY-MM). In praxis it happens like this: on a webpage I discover an interesting new newsletter. Without need for creating a new address for that I can order this letter by using the next number (letter04@mydomain.tld in the example above). This address is already covered by my "catchmultiple"-forwarder. The frontend needn't be changed with such a solution.

What do you think?

Well, I reinstalled this VM to get php7.1
Drupal needs it and a shop prefers it.

But I will add Adminer on an old machine, if that's ok for you. And will report here again.

OK, thank you, haven't found this on search.

Generally speaking:
Are such things more subject for the forum or for youtrack?
I want to add some more minor things I discovered while installing/using i-MSCP.

In tab versions of the plugins, you mention "Version compatible with i-MSCP 1.3.x Serie".
To me so far

AdminerSQL, Mailgraph, Monitorix, OpenDKIM, PolicydSPF, RoundcubePlugins

seem being compatible to 1.4.x Serie.

Appreciating what you do and Thanks for your work!