Posts by UncleSam
-
-
I moved to another server and copied my dualstack listener file (only to add one ipv6 addresse to every domain). Now I have a problem using ssl and ipv6.
Ipv4 is working great, but somehow the listener gets ... confused ... which port it should use:
Apache port 80 configuration file of a domain:
Apache port 443 (ssl) configuration file of a domain:- Can anyone tell me what I am doing wrong? This script worked on my old server without ony troubles.
- Is there a way to tell I-MSCP to recreate the vhost information after fixing this?
-
I have no idea if it is a "perfect" way or not (... I think It's not, but it's working). I am not a professional in postfix or dovecot - so please check my answer before trying it at your productive server!!! If someone has the know how to proove or correct my solution, please tell us all the "perfect" solution for further restores :-).
My restore process for e.g. mail@domain.tld:
- I extracted my backup of /var/mail/ into a seperate place: /backup/
- Copied the file "subscriptions" from backup to mail folder:
- After that I copied all mails:
- IMPORTANT: run the snipped from Nuxwin to correct the permissions!
My restore process timeline:
- Created the new server parallel, installed I-MSCP and created all mail boxes again.
- Switched dns from old server to new server IP.
- Waited about two days that every host in the world wide web knows the new server.
- Did a backup of /var/mail/ on the old server and copied it to the new one.
- Restored the way I told above.
In my situation this was the best solution. Every mailbox was empty for some days or only filled with new mails. After copying the old mails backupthere should be every mail there, even the mails which were sent to the old server during dns change.
-
Hallo,
I have a short question:
I do not want I-MSCP to manage my DNS records. Is there any possibility to install I-MSCP without DNS management? -
Hi there,
I moved to another server and wanted to stay as secure as possible. So I tried to create all iptable rules first and found an easier solution called "ufw".
So I decided to remove the default iptables and use ufw instead. Is there anyone who has more knowledge about iptables and ufw who could tell me if it is a "good way" or not?Versions:
Here is my current script which creates my ufw iptable rules:
Display MoreShell-Script: ufw.sh- # switch iptables to accept all and reset all rules
- iptables -P INPUT ACCEPT
- iptables -P OUTPUT ACCEPT
- iptables -P FORWARD ACCEPT
- iptables -F
- iptables -X
- ip6tables -P INPUT ACCEPT
- ip6tables -P OUTPUT ACCEPT
- ip6tables -P FORWARD ACCEPT
- ip6tables -F
- ip6tables -X
- # reset ufw rules
- ufw reset
- ufw disable
- # first enable logging for psad
- ufw logging off
- #iptables -A INPUT -j LOG --log-tcp-options --log-prefix "[IPTABLES] "
- #iptables -A FORWARD -j LOG --log-tcp-options --log-prefix "[IPTABLES] "
- #ip6tables -A INPUT -j LOG --log-tcp-options --log-prefix "[IPTABLES] "
- #ip6tables -A FORWARD -j LOG --log-tcp-options --log-prefix "[IPTABLES] "
- # SSH
- ufw allow ssh/tcp
- #ufw limit ssh/tcp # Disable this if you transfer files e.g. using rsync
- # Services
- ufw allow submission/tcp
- ufw allow urd/tcp
- ufw allow smtp/tcp
- ufw allow ftp/tcp
- ufw allow ftp-data/tcp
- ufw allow ftps/tcp
- ufw allow ftps-data/tcp
- ufw allow imaps/tcp
- #ufw allow pop3s/tcp # pop3 is no longer supported for me due to non ssl connection
- #ufw allow imap2/tcp # imap without ssl is no longer supported for me due to non ssl connection
- #ufw allow 4190/tcp # managedsieve port e.g. to use it with thunderbird plugin
- ufw allow http/tcp
- ufw allow https/tcp
- #ufw limit ftps/tcp
- #ufw limit ftp/tcp
- # I-MSCP
- ufw allow 4443/tcp
- #ufw allow http-alt/tcp # port 8080 is no longer supported for me
- # Webmin
- #ufw allow 10000/tcp
- # Teamspeak
- #ufw allow 9987/udp
- #ufw allow 30033/tcp
- #ufw allow 10011/tcp
- #ufw allow 41144/tcp
- # Whitelist addresses
- #ufw allow from 1.2.3.4/32 # whitelist ipv4 address
- #ufw allow from 1234:1234:1234:1234:FFFF:FFFF:FFFF:FFFF/128 # whitelist ipv6 address
- # securely enable firewall
- ufw enable
- echo 'UFW enabled'
- echo 'if you can read this press ctrl+c - if not firewall gets disabled in 60 seconds'
- echo 'if you can read this press ctrl+c - if not firewall gets disabled in 60 seconds'
- echo 'if you can read this press ctrl+c - if not firewall gets disabled in 60 seconds'
- sleep 60
- # Disable again
- iptables -P INPUT ACCEPT
- iptables -P OUTPUT ACCEPT
- iptables -P FORWARD ACCEPT
- iptables -F
- iptables -X
- ip6tables -P INPUT ACCEPT
- ip6tables -P OUTPUT ACCEPT
- ip6tables -P FORWARD ACCEPT
- ip6tables -F
- ip6tables -X
- # disable ufw
- ufw disable
-
Ok thank you very much for your answer.
Before I saw your answer I transfered just the missing folders and mails and replaced the file "subscription". After it I set the folder permission to "vmail:mail" - this worked for me but I run the permission script later when I am back at my pc.
Is there any plan to include a restore process for emails too?
-
Hallo,
I moved to another server and copied my backup files including the e-mail backup to the backup directory of the domain. I pressed the restore button and domain, subdomains and sql databases got restores. But why is the e-mail backup not restored?
Is there something i have to do?
-
Same thing happens to my Strato virtual server (VPS)
My solution for Strato vserver / VPS:
- reboot in recovery mode
- move /etc/resolv.conf to another location (e.g. /etc/resolv.conf.backup
- create a new resolv.conf containing (works for my server):nameserver 85.214.7.22
nameserver 81.169.163.106 -
Thank you very much for your fast replay.
I tried your solution, but dovecot instantly recreates the mounts file and throws this messages again.
So I am going to ignore that
-
Hallo,
today i saw inside /var/log/mail.log on restarting the dovecot service there are a lot of warning message. Can you please tell me if there is something to do or if I can safely ignore them:
I have for every domain and subdomain one of these entries on dovecot restart.
