Posts by biologist

  • Missing custom-DNS-entries

    I installed imscp 1.4.3 and, in order to migrate, overwrote imscp's DB with an old one (1.1.20). Everything went fine so far, but yesterday I recognized not all custom-DNS-entries were migrated. What I can say is: only entries with "ext_mail_feature" were affected by this problem. Those declared as "custom_dns_feature" are still there. However, as one of the custom-records has an A-record named "mail1" which finally led to


    Servers::named::bind::addCustomDNS: Couldn't dump domain.xx zone: dns_master_load: /etc/imscp/bind/working/domain.xx.db:33: mail1.domain.xx: CNAME and other data zone domain.xx/IN: loading from master file /etc/imscp/bind/working/a


    I'm not sure, if this broke the rest of the custom-dns-migration. However, instead of six entries, now there are only two. It's not a bing thing for me, to do this step manually, but maybe there's a bug.


    imscp 1.4.3
    Ubuntu 16.04
    Plugins: opendkim, spamassassin

  • Missing EOL in main.cf

    Hmm, maybe you're right. In the beginning I've been editing main.cf manually - just in order to test it. After that I added the line to the listener. Possibly I forgot to remove the manual entry in main.cf and updated the plugin subsequently which could have led to the behaviour I described above.


    So yes, possibly it was just my fault - sorry :-)
    I'll keep an eye on it and tell you if the problem occures again (without my manual interaction) :-)


    Thank you!

  • Missing EOL in main.cf

    Well, the point is that I included the directive somewhere in the middle of the block - not at the end. Looks like this


    [...]
    'smtp_tls_loglevel' => '1',
    'authorized_submit_users' => 'root, vu2000, vmail',
    'tls_high_cipherlist' => 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL::!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA::DES-CBC3-SHA:DES-CBC3-SHA',
    [...]


    Now I've been recreating the configuration using imscp-reconfigure (not just updating the plugin) and it's fine. So I don't know where I could possible add a newline!? :-) Plugin-version is 1.1.1.


    Regarding smtp-auth: I always had to kick the client's ass in order to get them updating their webspaces. But in the end, they didn't/don't do. However, was a good decision to refuse mailrelaying without smtp-auth. But the downside is when you have dozens of clients - usually their webcontents rely on relaying mail without using smtp-auth. It's a hard way to explain to every client that smtp-auth is necessary in future. Even for wordpress for example you need a plugin.
    Additionaly, only postfix-user is allowed (restricted by iptables/iptables6) to send mails to dport 25/465/587. And this is by far more important, because you usually don't take notice when a webspace is spamming without using your mta.
    For sure, only ports necessary are allowed in my firewall. And I can tell you: there were dozens of times where an suspious process was started in the client's context which tried to reach a command-and-qonquer-server. But that's another story... :-)

  • Missing EOL in main.cf

    As there've been problems with spamming webspaces in the past, I somewhen decided to deny relaying mails through postfix without smtp-auth. However, in order to avoid patching imscp at every release, I defined a few exceptions. This is possible by setting "authorized_submit_users = root, vu2000, vmail" in main.cf


    Nuxwin: So why I'm writing this? :-) I just applied the postfix-listener by using "afterMtaBuildAliasesDb" (as you proposed a few days ago) and, in parallel with the Spamassassin-Plugin, I get



    authorized_submit_users = root, vu2000, vmailmilter_connect_macros = j {daemon_name} v



    in the final config. So is the missing \n due to the workaround with the modified event or is the plugin the initial problem? Just did a change to the plugin-configuration and updated the plugin just right before.



    (Yes, I know you commited a change in the event-handling but I didn't do a checkout from the trunk so far)



    Thanks in advance.

  • Upgrade 1.1 > 1.4: Questions

    Many thanks Nuxwin, this solved my problem completely.
    I thought it was only an unimportant detail that I removed the old server-ip-entry, because eth0 was not available in my local DB which finally led to an error. However, now with your advise, I turned the number of the newly created entry into the new one and I'm done :-)


    Thanks again!

  • Upgrade 1.1 > 1.4: Questions

    After running imscp for multiple years on Gentoo, I finally decided to switch over to Ubuntu in order to have native platform-support for imscp. However, currently I'm about to perform some preliminary tests in a local VM. So I installed Ubuntu 16.04 from scratch and imscp 1.4.3. After that I dumped all mysql-DBs from my productive-system and set them up in the local VM. After fixing some minor things I ran into:


    main::setupDbTasks: Modules::Domain::_loadData: Domain with ID 3 has not been found or is in an inconsistent state at /tmp/imscp-1.4.3/engine/PerlLib/iMSCP/DbTasksProcessor.pm line 486.



    So: yes, I didn't copy the webspace, because I don't have that much space in my local VM. What exactly has to be at least in place to persuade imscp, that everything is consistent? :-) The thing is: I'd like imscp to create all the folders, configs etc - I know that it's my task, to copy all the userdata later. So basically I'd like imscp to do that steps that are usually performed when a new domain is created. As far I can see, all folders in /var/ww/virtual have been created, but that's all.


    Thanks in advance.