Posts by sutorinfo

    This is just a small report of my late experiences.

    After a long time I visited the demo site of i-MSCP, where you can log in as admin, reseller or user. Every 2nd or 3rd page couldn't be delivered. Cloudflare gave some information that s. th. went wrong, I should try a few minutes later. Then the page appeared. But still every now and than cloudflare came in between with its error message. The demo site itself seemed to operate correct.

    Just mention that, because I wanted to lead other people to i-MSCP and don't want them to drive away disappointed by reasons not in the responsibility of i-MSCP. Having a demo site is best to argument for our panel.

    Well, after all, this still could have been a regional/local problem or one of cloudflare not being connected good enough to my provider (vodafone).

    This "will follow..." was a bit too enthusiastic. Sorry for that. =O To investigate this behaviour I have to wait for an occurrence of this problem and examine three mail server logs. Something I currently have no time to do. Postponed into some future.

    Meanwhile I read this blogpost: https://www.heinlein-support.d…n-mail-rejects-durch-spf/

    This encoureged me to on first hand uninstall all SPF plugins, clear my DNS entries and stay with only DKIM and DMARC. If even myself on my own server can't ensure an overall working environment of SPF, I can't expect this from other admins. Only mailings between own servers where affected, not to think of bounced mails from other persons, which mostly remains unknown to me.

    A small niche for DNS entries remains. E. g. if there is an only internaly used subdomain where I don't want under any circumstances outgoing mail, I could add a "... -all". Also on a virtual server, where there is no domain at all affected with any of these SPF problems as e. g. mail forwarding, this may be activated.

    What's next?
    I will wait for some time and watch incoming mails. Are there any, which could have been bounced because of SPF usage? Are my own mails resent more and more often? Will other spam measurements keep their number small enough? If this will work, I will stay with this configuration.

    Hopefully my decision and the reasons to come to that one (part of my best practice) may help some of you :)

    Seit wan haben sie server in Deutschland?

    Wurde in der Tat erst vor Kurzem freigegeben. OVH hat VC an die Seite bekommen und sie expandieren derzeit global mit großem Tempo. Bieten auch innovative Cloudprodukte, aber mir sind dedicated Server derzeit noch am liebsten. Vor kurzem gab es einen OVH Summit in Paris. Gut, den Charme einer Google-IO oder von Apple haben sie nicht drauf. Dafür aber ein starkes Commitment zu Opensource! Vor allem, nachdem jetzt der Privacy Shield zerbrochen ist (falls der Link geht: ), brauchen wir europäische Lösungen.

    I'm referring to post
    But this case seems a bit different. In addition to the SRS subject I'm currently watching a special issue in the case of mail forwarding.

    Setup is as following:

    • 2 virtual servers, each with its own IP and some domains as clients.
    • Identical configurations on every machine.
    • OS: Debian Jessie, updated
    • i-MSCP: latest stable 1.4.7, any configuration left to defaults
    • MTA_SERVER => 'postfix',
    • PO_SERVER => 'dovecot',
    • SPF Plugin 1.2.0

    Few imap accounts, some mail forwarders as well as catchall are set on some domains.

    Following is the process that happens.

    1. One domain's Wordpress sends an information to the admin
    [email protected] -> [email protected]
    i. e. from VM1 to VM2
    result of mailtransfer OK so far

    2. Recepient server has set a forward on wpadmin02
    Tries to proceed forwarding
    "[email protected]" -> [email protected]
    i. e. from VM2 back to VM1
    Where only by chance is located again on VM1

    Part of mail message is:

    1. This is the mail system at host'm sorry to have to inform you that your message could notbe delivered to one or more recipients. It's attached below.For further assistance, please send mail to postmaster.If you do so, please include this problem report. You candelete your own text from the attached returned message. The mail system<[email protected]> (expanded from <[email protected]>): host[IP VM1] said: 550 5.7.1 <[email protected]>: Recipient address rejected: Please see;;ip=IP VM2; (in reply to RCPT TO command)

    3. Whole Message is submitted to [email protected] as bounced mail
    This is, what I received.


    Now the curious fact, wether related to SRS or not and in difference to bounced mails by providers like or

    SPF txt entries in any mentioned domain is as follows

    "v=spf1 ip4:[IP adress or net range of VM1] ip4:[IP adress or net range of VM2] +a +mx ~all"

    That means, any domain is allowed to send from each VM.
    The correct configuration is confirmed by SPF website. :exclamation:

    1. rejected a message that claimed an envelope sender address of [email protected].
    2. received a message from (IP...) that claimed an envelope sender address of [email protected].
    3. The domain has authorized (IP...) to send mail on its behalf, so the message should have been accepted. It is impossible for us to say why it was rejected.

    Current possible solutions:

    • I could create imap accounts for some purposes. Here: for WP Admin contact.
    • Trying to avoid forwarding generally, as concerning the SRS problems, this is a growing reason for bounced mails as SPF gets more implemented
    • One may think, that the reason is not related to forwarding in general but in forwarding as result of a catchall. I'm forwarding several catchalls to one general catchall address, which works fine so far. May be I have to recreate catchall adresses for each domain seperately again.

    This post is intended foremost as a report and I myself will keep an eye on that. Looking for other solutions. :?: As far as today I dindn't found some.

    Years ago I used a control panel at Strato in Germany (Vista24, proprietary and now dead). They had a special feature in mail forwarding.

    With i-MSCP you can have
    - an e-mail box
    - an e-mail forwarder to one or more addresses, even cascade them :-)
    - a catchall address

    In the mentioned program there was additionally
    - a forwarder for a multiple of addresses


    I have subscribed to many newsletters, each with its own mailadress, say

    letter01@mydomain.tld pour Figaro
    letter02@mydomain.tld pour Le Monde
    letter03@mydomain.tld pour Financial Times

    itgeek01@mydomain.tld pour Framasoft
    itgeek02@mydomain.tld pour Opensaar e.V.
    itgeek03@mydomain.tld pour i-MSCP News

    Formerly I had forwarders like

    letter* -> [email protected] (being an imap-account, called separately from other mails)
    itgeek* -> [email protected]

    I tested with i-MSCP and wildcards were accepted, but not working as such but literally ;-)

    So my question is: could this be implemented without much work? Just by giving postoffice programs a regular expression?

    If this would not be possible I'm happy I read of another solution in this forum. There s. o. suggested to create appropriate subdomains, e. g. in this case letter.mydomain.tld and itgeek.mydomain.tld.

    Beyond comfort there is another reason for my question/suggestion. Today it happens more often, that mail addresses get lost because they get on spam lists. While still receiving valid mails amidst spam you can put them out of your everyday box when naming of the addresses is somehow structured (name-YY-MM). In praxis it happens like this: on a webpage I discover an interesting new newsletter. Without need for creating a new address for that I can order this letter by using the next number (letter04@mydomain.tld in the example above). This address is already covered by my "catchmultiple"-forwarder. The frontend needn't be changed with such a solution.

    What do you think?

    OK, thank you, haven't found this on search.

    Generally speaking:
    Are such things more subject for the forum or for youtrack?
    I want to add some more minor things I discovered while installing/using i-MSCP.

    In tab versions of the plugins, you mention "Version compatible with i-MSCP 1.3.x Serie".
    To me so far

    AdminerSQL, Mailgraph, Monitorix, OpenDKIM, PolicydSPF, RoundcubePlugins

    seem being compatible to 1.4.x Serie.

    Appreciating what you do and Thanks for your work!