Thanks for your quick answer.
Must have been a while ago when I read it. Sorry- didn't have this point in my mind.
Thread can be closed.
Posts by biologist
-
-
I installed imscp 1.4.3 and, in order to migrate, overwrote imscp's DB with an old one (1.1.20). Everything went fine so far, but yesterday I recognized not all custom-DNS-entries were migrated. What I can say is: only entries with "ext_mail_feature" were affected by this problem. Those declared as "custom_dns_feature" are still there. However, as one of the custom-records has an A-record named "mail1" which finally led to
Servers::named::bind::addCustomDNS: Couldn't dump domain.xx zone: dns_master_load: /etc/imscp/bind/working/domain.xx.db:33: mail1.domain.xx: CNAME and other data zone domain.xx/IN: loading from master file /etc/imscp/bind/working/a
I'm not sure, if this broke the rest of the custom-dns-migration. However, instead of six entries, now there are only two. It's not a bing thing for me, to do this step manually, but maybe there's a bug.
imscp 1.4.3
Ubuntu 16.04
Plugins: opendkim, spamassassin -
Hmm, maybe you're right. In the beginning I've been editing main.cf manually - just in order to test it. After that I added the line to the listener. Possibly I forgot to remove the manual entry in main.cf and updated the plugin subsequently which could have led to the behaviour I described above.
So yes, possibly it was just my fault - sorry
I'll keep an eye on it and tell you if the problem occures again (without my manual interaction)Thank you!
-
Well, the point is that I included the directive somewhere in the middle of the block - not at the end. Looks like this
[...]
'smtp_tls_loglevel' => '1',
'authorized_submit_users' => 'root, vu2000, vmail',
'tls_high_cipherlist' => 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL::!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA::DES-CBC3-SHA:DES-CBC3-SHA',
[...]Now I've been recreating the configuration using imscp-reconfigure (not just updating the plugin) and it's fine. So I don't know where I could possible add a newline!? Plugin-version is 1.1.1.
Regarding smtp-auth: I always had to kick the client's ass in order to get them updating their webspaces. But in the end, they didn't/don't do. However, was a good decision to refuse mailrelaying without smtp-auth. But the downside is when you have dozens of clients - usually their webcontents rely on relaying mail without using smtp-auth. It's a hard way to explain to every client that smtp-auth is necessary in future. Even for wordpress for example you need a plugin.
Additionaly, only postfix-user is allowed (restricted by iptables/iptables6) to send mails to dport 25/465/587. And this is by far more important, because you usually don't take notice when a webspace is spamming without using your mta.
For sure, only ports necessary are allowed in my firewall. And I can tell you: there were dozens of times where an suspious process was started in the client's context which tried to reach a command-and-qonquer-server. But that's another story... -
As there've been problems with spamming webspaces in the past, I somewhen decided to deny relaying mails through postfix without smtp-auth. However, in order to avoid patching imscp at every release, I defined a few exceptions. This is possible by setting "authorized_submit_users = root, vu2000, vmail" in main.cf
Nuxwin: So why I'm writing this? I just applied the postfix-listener by using "afterMtaBuildAliasesDb" (as you proposed a few days ago) and, in parallel with the Spamassassin-Plugin, I get
authorized_submit_users = root, vu2000, vmailmilter_connect_macros = j {daemon_name} v
in the final config. So is the missing \n due to the workaround with the modified event or is the plugin the initial problem? Just did a change to the plugin-configuration and updated the plugin just right before.
(Yes, I know you commited a change in the event-handling but I didn't do a checkout from the trunk so far)
Thanks in advance.
-
@Nuxwin:
I guess the plugin for iptables has not yet been finalized. However, what's currently the best way to integrate an own iptables-ruleset into imscp? -
I already expected this behavior, but I wasn't sure if I'm doing something wrong.
Anyhow, I'm fine with this workaround.Question answered - thank you (especially for the quick reply => as always ).
-
I added 10_postfix_tuning.pl as listener which basically works fine, but some values don't seem to be considered. For example:
'virtual_transport' => 'lmtp:localhost:24'
'smtpd_tls_loglevel' => '1'
'smtp_tls_loglevel' => '1'Are there any limitations?
-
Many thanks Nuxwin, this solved my problem completely.
I thought it was only an unimportant detail that I removed the old server-ip-entry, because eth0 was not available in my local DB which finally led to an error. However, now with your advise, I turned the number of the newly created entry into the new one and I'm doneThanks again!
-
After running imscp for multiple years on Gentoo, I finally decided to switch over to Ubuntu in order to have native platform-support for imscp. However, currently I'm about to perform some preliminary tests in a local VM. So I installed Ubuntu 16.04 from scratch and imscp 1.4.3. After that I dumped all mysql-DBs from my productive-system and set them up in the local VM. After fixing some minor things I ran into:
main::setupDbTasks: Modules::Domain::_loadData: Domain with ID 3 has not been found or is in an inconsistent state at /tmp/imscp-1.4.3/engine/PerlLib/iMSCP/DbTasksProcessor.pm line 486.
So: yes, I didn't copy the webspace, because I don't have that much space in my local VM. What exactly has to be at least in place to persuade imscp, that everything is consistent? The thing is: I'd like imscp to create all the folders, configs etc - I know that it's my task, to copy all the userdata later. So basically I'd like imscp to do that steps that are usually performed when a new domain is created. As far I can see, all folders in /var/ww/virtual have been created, but that's all.
Thanks in advance.