Posts by robbo007

    Hiya,

    Im setting up a new server (cloud based) but the only thing is it's limited to 1GB of RAM. Would I be able to run I-MSCP with about 6 domains, a mixture of Wordpress and standard html, email. Nothing massively heavy loads. Do you think?

    Cheers,

    perfect thanks. This only updates the www part of the control panel. How can I update the IMAP/POP3 services with the same certificate?


    perl /var/www/imscp/engine/setup/imscp-setup -dr ssl ???

    Should this parameter go before the # Plugin::Postscreen - Begin ?


    I've found in /etc/postfix/main.cf the Post-screen plugin is at the end of the file when enabled.


    I added check_client_access hash:/etc/postfix/rbl_override to the smtpd_recipient_restrictions parameter to try and whitelist but it seems the post screen plugin is run before this? Where would I need to put the check_client_access hash:/etc/postfix/rbl_override parameter to get it running before the post-screen plugin runs? Any ideas?


    Code
    1. # SMTP restrictions
    2. smtpd_helo_required = yes
    3. smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, permit
    4. smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, reject_unknown_sender_domain, permit
    5. smtpd_recipient_restrictions = reject_non_fqdn_recipient, reject_unknown_recipient_domain, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_client_access h$
    6. smtpd_data_restrictions = reject_multi_recipient_bounce, reject_unauth_pipelining

    Hello all,
    I have one client who uses a dynamic IP from his ISP but 7 out of the 10 IPS are blacklisted on the spam sites. I use the Spam Assassin and Post-screen plugins on the server which are ovioulsy blocking him sending email via my server. If he reboots his router he might get a clean IP address but most times they are all blacklisted. (Crappy ISP)


    Is there any way to exclude his domain from these checks so it does not check his Internet's IP before trying to send?


    Thanks,
    Rob

    I've also done this after googling more:


    deleted /etc/courier/dhparams.pem and recreated with DH_BITS=2048 mkdhparams


    I use Courier:


    ii courier-base 0.73.1-1.6 amd64 Courier mail server - base system
    ii courier-imap 4.15-1.6 amd64 Courier mail server - IMAP server
    ii courier-imap-ssl 4.15-1.6 amd64 Courier mail server - IMAP over SSL
    ii courier-pop 0.73.1-1.6 amd64 Courier mail server - POP3 server
    ii courier-pop-ssl 0.73.1-1.6 amd64 Courier mail server - POP3 over SSL
    ii courier-ssl 0.73.1-1.6 amd64 Courier mail server - SSL/TLS Support


    After rebooting the server I can use port 143 checking the SSL box. Is this now working? Or should the port be 993?

    Right.


    So the config file for courier is this one?


    /etc/courier/imap-ssl


    There is no sign of TLS_DHPARAMS= parameter in this file. The closest is: TLS_DHCERTFILE=


    I tried adding the following there:


    TLS_DHCERTFILE=/etc/courier/dhparams.pem


    Restarted Courier and I get the same error.


    I then tried adding the command from the website to the end of the /etc/courier/imap-ssl file. As there is no section defined.


    TLS_DHPARAMS=/etc/courier/dhparams.pem I removed previous edited entries and restarted courier. I now get:


    Unexpected SSL connection shutdown.


    A little different but still does not work. Hmmmm getting closer I think....

    If you see the error its referring to the /etc/imscp/imscp_services.pem file. I've triple checked it and don't see any discrepancies.


    Ive run openssl x509 -in imscp_services.pem -text -noout and I get a clear output no errors.