Plesk 12.x / Linux :: Inbound TLS Due To Standard DNS Template
Jul 17, 2014
With the standard-DNS-Layout every customer has an MX-entry like MX 10 mail.customerdomainexample.com
The problem is, that inbound mailservers get a TLS warning, because the mailhostname does not match mail.companydomainexample.com, which is the domain with a valid SSL-Certificate pointing to the same server.
Wouldn't it make sense to change the default template to mail.companydomainexample.com since it is the same machine anyway?
I ran the script in KB article 123160 [1] to disable SSLv3 and avoid the POODLE vulnerability, but I recently discovered that this has caused all inbound emails to bounce. The bounce message says, "TLS Negotiation failed."
1/ What is the difference between maillog and maillog.processed? I want to keep a permanent record of all mail inbound and outbound even if delivery is deferred by the gray listing. I'm not sure which one is the best to keep.
2/ I would like to change the way that the mail logs get log rotated. I am struggling to work out exactly what happens at the moment but I would like to rotate the log out every day regardless of size. I think currently that the maillog.processed is rotated daily if it is over a specific size.
I am currently in the process of migrating a few hundred domains from one server to another using Plesk's Migration & Transfer Manager. The servers have the following name servers allocated:
Server 1: ns9.example.com & ns2.example.com Server 2: ns1.example.com & ns2.example.com
In the DNS Zone Template in Tools & Settings on Server 2, can I just click Apply DNS Template Changes and change all migrated domains NS records to ns1/ns2? Will this affect custom DNS entries as a lot of the domains have DNS changes that need to remain. I'm just hoping that this might be a quicker way than going into each domains DNS zone and manually changing ns9 to ns1.
I just really don't want all the domains DNS zones to reset to the standard template on Server 2 ...
I've been messing about a lot recently and I've had to rebuild my VPS template a lot in the past month. For some reason, Plesk is finding user data from a bunch of previous instances, so I've got to a point now where it's saying users exist when they can't be found in the panel interface.
I don't know how my VPS provider's infrastructure works but I'd presume that when I rebuild the server it's a total new instance and no data should carry over.
Is the the user data stored locally, and how would I go about clearing out the obsolete data?
I disabled the reverse proxy and i got following error:
Code: Fehler: Aufgrund von Fehlern in den Konfigurations-Templates konnten keine neuen Konfigurationsdateien für den Apache Webserver erstellt werden: Template processing failed: file = /opt/psa/admin/conf/templates/default/server.php, error = Template_Exception: syntax error, unexpected '=>' (T_DOUBLE_ARROW) file: /opt/psa/admin/plib/Template/Processor.php
[Code] ....
Now I got the problem that i can't create the /etc/apache2/plesk.conf.d/server.conf
edited /usr/local/psa/admin/conf/templates/custom/domain/nginxDomainVirtualHost.php and add this include hhvm.conf; and work but it's possible to edit this setting only for one vhosts? I must enable only for one vhost because i have some php script not work with hhvm
We have a problem with our plesk servers. I executed "/usr/local/psa/admin/sbin/httpdmng --reconfigure-all" and now the plesk interface shows an error message:
I found out that all domain configs were generated correctly, but the psa database shows an error (select * from Configurations where status = 'error'; ) for file /etc/apache2/plesk.conf.d/server.conf.
I'm using this script as a cron to generate DKIM keys for the domains I have. It's an easy script. And it does it's job just OK. I have the necessary software installed and configured.
The way it works is:
The script check if the domain in queue has a record for it. If it doesn't, OpenDKIM generates a one time DKIM record for mail._domainkey that I am entering to my dns records for all the domains I have.
After creating the DKIM record, it checks and deletes mail._domainkey records if there's any. Then adds the generated DKIM to plesk dns zones and disables/enables greylisting to create the appropriate dns entry.
If it does have a DKIM recors on the hdd already, then it removes
mail._domainkeyand TXT o=-entries.
After that it basically adds the already generated DKIM record and it disables/enables the greylisting for each domain in order to recreate "TXT o=-"
Up till here, it works fine. I can see these entries when I check the DNS Settings. They are there.
But whenever I run this script either via cron or manually, I get an error message on my panel: (You can check the screenshot as well)
Code:
Warning: The DNS zone was modified. If you would like to apply DNS template changes to this zone, either click the 'Apply DNS Template Changes' button on this page or choose the 'Apply the changes to all zones' option in Server Administration Panel > Tools & Settings > DNS Template Settings > Apply DNS Template Changes.
And unless I manually click "Apply DNS Template Changes" for EVERY SITE it doesn't go away.
So, I was wondering, is there a way to scriptize that command? Or how to prevent it?
This is the command I use to generate DKIM and add it to Plesk database, also if any such record exists, delete and re-write it:
1: Obtain two Nameservers. ns1.maindomain.com, ns2.maindomain.com. (Completed) 2: Glue the Nameservers to the server's IP addresses. 1.1.1.1 -> ns1.maindomain.com / 2.2.2.2 -> ns2.maindomain.com (Completed) 3: Successfully register domain and make sure it's pointing to the correct server. (Completed) 4: Register new domain (client.com) to server using ns1.maindomain.com & ns2.maindomain.com as it's nameservers. (Problem)
Reason: Can't edit the template correctly due to a suffix .<domain> that I cannot get rid of.
In order for me to use (ns1.maindomain.com) and (ns2.maindomain.com) as the namerservers for client.com, I'll need to be able to edit those fields entirely. I don't want Plesk to append the client's domain name to the NS record.
This may be a very simple thing to remove, but I give up.
I created a New Client Default Domain by copying plesk's original Default Domain.This template is for clients we move from older versions of plesk up to servers with plesk 12.x. Under resources for that "Service Plan Name"
I have Sites published with Presence Builder set to 0 and.Allow customer to create trial Presence Builder websites. Not checked.When I log in as the client I still see Presence Builder with edit Website.I also confirmed the correct plan was picked for that subscription by picking the new "New Client Default Domain" and under add-on plans I picked "remove"
But when I log in as the "client" to see what they would see I see Presence Builder and Edit Website available.How do I get rid of that selection?I can see a client clicking on it and basically over writing their current website.
When you click on "Forgot your password?" in Plesk for Linux 11, you'll get an email like this: Dear <firstname>Your password could not be sent because it is stored in the encrypted form.To set up a new password, please follow the link: <link to reset password>
How can I change that? It's a bit sparse and it doesn't even include a email signature with the company name.
The IP addresses assigned to our servers have changed so it's time to update the default SPF information contained in the DNS records for ALL of the domains hosted on our servers:
However, when we update the resource record in the DNS template and then "Apply the changes to all zones...",
Panel will apply changes from the template to all DNS zones including the customized ones. Note that user-modified records always remain intact. For example, if the template contains a new record that was already added by a customer, Panel will keep the customer's record.Click to expand...
URL....We are running Plesk 12 on a Linux VPS where we have multiple domains running.Multiple of these domains should redirect from www. domain name. ext to https://ext.domainname.com.This is configured with the Domain forwarding in Plesk, with hosting type Forwarding.But as described in the 2 links provided above, whenever you go to https://www.domain.ext, it does not redirect, and actually shows a Security error, since the domain doesn't have the SSL-certificate installed (because it should redirect to the https://ext.domainname.com).
Clearly we don't want visitors on the website to receive the (incorrect) Security error, and we want all traffic to http(s)://www.domain.ext to be redirected to the appropriate subdomains. allows us to redirect both the https/http connections to the domains, without forcing us to have the domains have a Website hosting add redirect them manually with (for example) .htaccess.
run a command on /var/git to set rights and onwer without being cautious enough.I have run chown git:git .* -R which did not only run direction downwards the tree but upwards as well :-(
Any way to reset permissions and ownership for the directories back to standard?I tried /usr/local/psa/bin/repair already. Did lot of the fixes, but not all is in line yet.
I am having some problems with the inbound smtp sockets, we are receiving a constant attack from spammers, and they are taking all the sockets we have open for our users. We have enable SPF, greylisting, inbound control access through authentication, relay access with authentication also. but after some weeks we are on the same situation yet. We have spam assasin also installed as power pack from plesk, and we have add DSN black list from b.barracudacentral.org, bl.mailspike.net and bl.spamcop.net but we still suffer from this problem.
We have also try to increase the socket assigned to 200 and after some minutes they used all again and the CPU change increase up to 25% of the total capacity.
Is there a way to set default PHP settings so they apply by default to all websites' custom php.ini file, or even server-wide or system-wide? For example, the timezone? I am using custom builds of PHP 5.5 and 5.6, per the PPA docs, but I found that, contrary to some Plesk (not PPA) documentation, /etc/php.ini is not used. It looks like a set of PHP settings are generated into a php.ini for the vhost, and I can set "Additional Directives" for each website but would prefer to set a system default. For instance, on recent PHP versions not having a timezone set generates a warning in the logs on every PHP execution. I'd also like to enable opcache since we're using FastCGI. So from where does PHP generate the vhost's php.ini?
As an aside, adding an "Additional Directives" entry with this unquoted generated an error and no directives were saved:
date.timezone=America/Chicago Instead, I had to quote it: date.timezone="America/Chicago"
I use Windows Plesk v 11.5.30 with Mailenable Standard Edition 7.0 version. In mailenable site i saw a new version of Mailenable standard version (7.5.1). URL...Can i download and update Mailenable version of my Windows PLesk? If i made this change and have problem can i do downgrande later?
We have a PPA environment with 7 service nodes (one management node, two web-, two database- and two e-mail servers). We also have 2 variants of hosting, a consumer and business variant.
We want separate the consumers from the business variants on the service nodes.
I want to use webserver1, databaseserver1 and emailserver1 for consumer hosting and webserver2, databaseserver2 and emailserver2 for business hosting
I want to make two service templates, one consumer and one business template.
Is it possible to configure ppa : When we subscript a consumer template, everything must provision only on the consumer service nodes automatically (web01, db01 and email01) and not on the business services nodes.
I'm migrating from Plesk 9.5 to 11 and I'm getting the following on my Transfer Pre-Check from within the Migration Manager."The destination DNS server does not support networks in the Transfer Restrictions Template, but some subscriptions have networks in DNS transfer restrictions. The records with network IP addresses in the DNS transfer restrictions will not be restored."
I've gone to Server, DNS Settings, Transfer Restriction Template and added the new server's IP to the list of allowed networks to no avail. I also couldn't find any documentation on what the cause might be.
Imagine you want a set of servers (VPSs would be a cheaper choice, that is why I am posting here) that do not have much outbound traffic but download from other servers (more or less as spiders, but I am not trying to create a web index). Disk space or memory size are not important, but port speed and monthly transfer should be as high as possible. As inbound traffic is less frequently used, I wonder if any provider offer cheaper rates if traffic is like this.
I have been searching the forums and have not found too much about this topic (a quite related post named "I want to download the Internet" or something similar did not get a conclusion).
I have 2 IPs bounded on a Windows 2003 server. These 2 IPs have different network routes (one uses network A, one uses network B). Obviously for outbound traffic I can freely choose which IP to use (I simply choose to use [url]or [url]), however I wonder if it's possible to tell the server which IP it should use for inbound traffic when I need to download something from the internet to the server?
