Plesk 12.x / Linux :: Prevent Use Of Local Mailserver
Nov 12, 2014
We set up a Plesk 12 server for web hosting purposes only.
All mail-related services, exception from "smtp server" and "Plesk milter" are disabled or uninstalled.
For specific domains, we want to prevent the useage of the php mail function with "localhost" to avoid problems with outgoing spam by unsecured scripts. Instead, we want to force webmasters to use external smtp servers.
Is there any directive or setting on domain-level that we allow for this limitation?
View 4 Replies
ADVERTISEMENT
Feb 17, 2015
I'm using plesk with CentOS 6.6 and the postfix/courier mail services...I tried to connect an existing mail account with a mail program like thunderbird. But I'm not able to connect to it, except when I'm using "no connection security"...So I tried, if manually contacting the POP3s Port is working:
Code:
openssl s_client -ssl3 -host mail.domain.de -port 995
with the following result:
Code:
CONNECTED(00000003)
write:errno=104
---
no peer certificate available
---
No client certificate CA names sent
[code]....
the same results come for trying to connect to port 465 (ssmtp) and 993 (imaps)port 443 (https) seems to work fine..i already checked if the corresponding certificates exist (e.g. /usr/share/imapd.pem) and filled with the standard certificate informtaion given by plesk checking openssl on the server gives the following result:
Code:
# openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013
is there anything I have missed to configure?
View 4 Replies
View Related
May 30, 2015
I have the problem that I can't connect to my mailserver tru the mail client (Webmail works fine, I receive mails and can send mails)
But if i try to connect over mailclient I get this error in errorlog:
couriertls: connect: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
What can I do to get connection over mailclient?
View 2 Replies
View Related
Jun 12, 2015
I changed the Plesk mailserver from Courier to Dovecot. All went good, but after the Install i can not see new E-Mails in my Inbox. Even the Search does not Work.
I can change the Mailserver again and use Courier. This works and i can see my emails. But only with Courier.
Some details:
Inbox has 100 E-mails. After scrolling down to the first emails, i can even see the newest email. But i have to scroll down and load all E-Mails.
Changing "Sort by" from "Date" to "Unread" all emails appear, even the latest. But changing to "Date" the newest email is missing again. Only a Number on my Inbox button shows me there has to be a new email in there.
The Open Xchange Team can not find any errors, the open xchange log looks good.
View 2 Replies
View Related
Jun 20, 2014
We were using the mailserver on our linux install, but have since changed over to an ms exchange server. With that I removed the mailserver and installed MSMTP relay only mailserver (SMTP client) option.
I configured the External SMTP Server settings under Tools & Settings / Mail with a valid email address password host name and port of 587. When I save it says settings saved.
Since doing this I have been unable to use the email link option for share files in the file share portion of my domain. When I try to select a user from the list to send the email to or even type an external email all I get is the error "Unable to send email".
When I checked the maillog file in /usr/local/psa/var/log, I get this error "Jun 20 15:42:59 u16271698 msmtp: host=smtp.1and1.com tls=off auth=on user=to@email.ca from=psaadm recipients=to@email.ca errormsg='cannot use a secure authentication method' exitcode=EX_UNAVAILABLE"
Where I have proper emails configured where I placed "to@email.ca"
How can I get this working with the MSMTP relay only mailserver (SMTP client) option installed?
View 5 Replies
View Related
Nov 29, 2007
I try to enhance my server security and prevent local hack but it seem useless.
I tried to chmod home/user/public_html to 711; disable functions; enable php open_basedir.
I can stop some popular shell such as c99shell.php but server can be hacked local.
Anyway to prevent it completely?
View 5 Replies
View Related
Apr 29, 2009
I have similar problem that explained [url]
The detail of my problem is below:
Some people sent spoofing mails from our mail users sent to our user from Postfix/local that is listed in maillog like below:
Apr 29 16:57:02 ns1 postfix/local[3075]: EC2153565E3: to=<user-mydomain.com@ns1.mydns.com>, orig_to=<user@mydomain.com>, relay=local, delay=486, status=sent (delivered to command: /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME)
Bu i do not know how to prevent this people not to use my Postfix/local delivery part. How can i prevent this attack?
When i connect to my mail server to sent or receive my mail it look like
Apr 29 17:25:28 ns1 dovecot: pop3-login: Login: user=<user@mydomain.com>, method=PLAIN, rip=***.***.***.***, lip=***.***.***.***
....
Apr 29 17:25:55 ns1 dovecot: POP3(user@mydomain.com): Disconnected: Logged out top=0/0, retr=0/0, del=0/0, size=0....
But the attackers connect directly like below:
Apr 29 17:29:59 ns1 postfix/local[2456]: 3192E357FD9: to=<user-mydomain.com@ns1.mydns.com>, orig_to=<user@mydomain.com>, relay=local, delay=261, status=sent (delivered to command: /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME)
....
Apr 29 17:29:59 ns1 postfix/qmgr[2218]: 3192E357FD9: removed
How can the spammer connect to Postfix/local part? My mail server not open relay. i test it from internet.
View 2 Replies
View Related
Sep 27, 2014
I use CentOS 5.5, Plesk 12 and Atmail. When I log in to
webmail.example.com
by browser and send emails to others, my home computer IP is attached to emails as X-Origin. I even used Thunderbird to send emails and same issue happens.
How can I prevent Qmail or (Atmail) to add my home computer IP to X-Origin? I am even OK if the server IP is attached to emails rather than home IP.
View 1 Replies
View Related
Sep 25, 2014
I am looking for a way to prevent panel users i created to change their passwords.
When i try to edit user roles, i can check/uncheck capabilities, but nothing on user password change.
I've tried to search information on this but both Google and this forum are flooded by "users password change" regarding "Horde", which i don't use.
View 1 Replies
View Related
Nov 19, 2014
I have a Plesk 12 server running that works great. But the problem is that whenever one of my shared hosting customers changes something out a domain or subdomain, all the other sites on the server give a 502 error.
The reason why is clear to me: apache is reloading its config while nginx is still active, but sees apache as being down and therefor throws a 502 error.
Is there any way to prevent this from happening? Because it's happening a lot and people are sending in 'site down' reports while there's actually nothing wrong with the server or their site.
View 2 Replies
View Related
Jun 16, 2013
My server works fine like expected, but isn't uploaded to ftp. It was in 11.0.9, same after upgrading to 11.5.29.
The ftp repository in plesk shows a manually done older backup, so ftp connection seems to be ok.
In ftp repository settings I get an error, if I try to safe anything, ftp server, user and password are correct, manual ftp connection is working fine.
The error is:
Code:
Fehler: FTP-Verbindung fehlgeschlagen. Bitte überprüfen Sie Ihre FTP-Einstellungen.
drwx---r-x 2 b088598 cust 4096 Jun 17 06:01 .
drwxr-xr-x 3 b088598 cust 4096 Jun 17 06:01 ..
drwx---r-x 2 b088598 cust 4096 Jun 17 06:01 .
drwxr-xr-x 3 b088598 cust 4096 Jun 17 06:01 ..
Repository error: created file not present in directory listing
View 19 Replies
View Related
Aug 14, 2014
I've generated migration files on a source server that runs plesk11.5..I've transfer these files to my new server (plesk 12).I've logged into plesk on the new server, go to migration tool and create a new migration using local files.with chrome dev tools. i can see the following a post request is sent to :
/plesk/ server/migration/start/ the response is a redirection ( http status 303 , location = /admin/backup/restore/type/import/id/migration )a
After several attempts to this url I've got : admin/backup/restore/type/import/id/migration net::ERR_TOO_MANY_REDIRECTS..is there a way to restore the data using the command line ?
View 7 Replies
View Related
Apr 23, 2014
I'm using on virtual machine the last version of PLESK 11.5.3 update #42 and UBUNTU 12.04.4 LTS provide by a main Italian ISP, the MySQL version is 5.5.35-0ubuntu0.12.04.2.I'm trying to enable the local-infile option in the /etc/mysql/my.cnf file:
[client]
local-infile = 1
[mysqld]
local-infile = 1
When I'm restarting mysql service (with command "service mysql restart") the PHP script works correctly and "SHOW GLOBAL VARIABLES" results "ON", but when server reboot or some hours by the restart the PHP script return to not work correctly and appear the standard messagge: "The used command is not allowed with this MySQL version".Maybe the problem is the start of mysql on boot? I haven't any errors in the mysql or system log!!
View 2 Replies
View Related
Jul 23, 2014
There is a strange problem with the new feature fail2ban. I have noticed that a local ip address (ip address from the webserver itself) was added to the blocked ip addresses of fail2ban now for the second time. What I can see is that it was the recidive jail.
If there is nginx used as reverse proxy you get a "502 Bad Gateway". Any way to find out more about the reason why an ip address is added to the list of blocked ip addresses in fail2ban?
View 2 Replies
View Related
May 30, 2015
keep a local and remote backup of certain subscriptions or at least have a full server backup on FTP.
I have a livedrive.com reseller account which allows be to quite cheaply add 512GB of remote storage accessible through SFTP, FTP and WebDAV. I created this partition and added it as a server-level FTP repository in Plesk 12 (latest build). During testing I added a firewall exception for traffic on the FTP IP-address and figured that I had to put the FTP repository in passive mode to properly connect.
After setting this up I ran a configuration only backup to test if everything was working properly. The backup was created properly and can be accessed through the FTP as well: success!
My second test was running a full server backup through the manager. The ±40GB file was created properly (I could see my disk usage increase and decrease through new relic monitoring) and supposedly transferred to the FTP repository according to Plesk.
When I look at the FTP or the Plesk Backup Manager both indicate that the full server backup is 0kb in size.
After this issue I figured: I really don't care about a full server backup, I mostly care about a specific set of subscriptions that have new content on a daily basis and need to be backed up properly as well. Those subscriptions are already on a daily or weekly backup scheme that places backups on the local repository.
What I would eventually like to do is create daily or weekly backups on the local repository and create weekly or monthly backups on the FTP repository for those specific subscriptions, but unfortunately you cannot (by default) setup Plesk to automatically backup to local and remote based on different or even the same intervals.
And this is the more important question: How to be able to create/setup a backup automation that keeps local and remote backups for the same or different intervals? Either through the Plesk interface, a plugin or a script?
Running Plesk 12 on CentOS 6.6
Update:
Just tried running the same server wide backup, but this time as a multivolume backup. This resulted in the following error:
ERROR: () Can't upload file 'backup_info_1505301327.xml' to ftp. Error code: 1
View 5 Replies
View Related
Apr 4, 2015
How much local disk space is necessary for a full backup of 240 GB data to a remote ftp?
I have 314 GB free on my local disk, but this is still not enough.
The backup process is 100% after round about 4 hours, according to Backup Manager.
But there are still tar processes until the disk is full.
View 5 Replies
View Related
Jul 27, 2014
If I try to download a plesk backup to my local machine it saves a file a few bytes in size in .xml.tar.html format
My other non plesk 12 machines correctly save the file in .tar format ....
View 11 Replies
View Related
May 17, 2015
I have multiple backups stored under server repository (subscriptions --> <domainname> --> website and domains --> backup manager).
The physical files are located at: /var/lib/psa/dumps/clients/904279/domains/<domainname>/
When I click the green arrow to download these files to a local computer (see attached image) I get a new page with title "Download the backup file". On this page I have the option to set a password on the downloaded file, but no matter what I do (password or no password) the file is not downloaded to my local PC. I don't get a pop-up box with the option to save the file. Just nothing happens ...
View 1 Replies
View Related
May 7, 2007
Does the use of partitions prevent hackers from getting access to the entire Unix server?
View 2 Replies
View Related
Jun 4, 2014
How Can I prevent users removing file web.config on FileManager?
I try set attribute read-only, but not effect.
View 4 Replies
View Related
Mar 9, 2014
How can I prevent users to create blank or simple password (like 12345) on mailserver(Plesk Panel 11.5)?
View 2 Replies
View Related
Feb 10, 2008
Get ready for another round of patching and reboots. See:
[url]
Linux vmsplice Local Root Exploit
By qaaz
Linux 2.6.17 - 2.6.24.1
Debian also has a report but I'm trying to avoid linking to the source of the exploit. It works on 2.6.24, but only once. Then the box kernel panics (did for me). 2.6.24.1 is out as of couple days ago, but I'm not sure if it's still vulnerable. Seems like it is.
luki@tester:/tmp$ gcc t.c -o t
luki@tester:/tmp$ ./t
-----------------------------------
Linux vmsplice Local Root Exploit
By qaaz
-----------------------------------
[+] mmap: 0x0 .. 0x1000
[+] page: 0x0
[+] page: 0x20
[+] mmap: 0x4000 .. 0x5000
[+] page: 0x4000
[+] page: 0x4020
[+] mmap: 0x1000 .. 0x2000
[+] page: 0x1000
[+] mmap: 0xb7e6f000 .. 0xb7ea1000
[+] root
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.
root@tester:/tmp# id
uid=0(root) gid=0(root) groups=0(root)
root@tester:/tmp#
View 15 Replies
View Related
May 22, 2015
I have recently upgraded Plesk Panel from 11.0.5 windows to 12.0.18 MU#46 windows.
As checked that local plesk backup via GUI throwing error and is not working. On checking the event viewer I found below event during backup run.
Log Name: Plesk
Source: scheduled_backup.exe
Date: 5/23/2015 6:52:06 AM
Event ID: 1
Task Category: None
Level: Warning
[Code] ....
View 1 Replies
View Related
Nov 19, 2014
Operating System: Windows Server 2008 R2 Std
Plesk: Parallels Plesk Panel 11.5
We have scheduled a server local backup via Backup Manager and found that backup has got completed with warnings.
We have checked logs from location : E:Program Files (x86)ParallelsPleskPMMsessions2014-11-18-144536.191psadump.log
8052: Warning 18/11/2014 18:18:55.028 : Exception ignored ( System.ComponentModel.Win32Exception: The system cannot find the file specified at psabackupcommon.FileUtils.DeleteFile(String fileName) at psadumpagent.ArchiveNode.doStdClose() )
8052: Debug 18/11/2014 18:18:55.028 : Add mail name 'abc@xxxx.com' directory 'F:Plesk PrivateTemp21282721-4181-4c0f-9520-c232f00b7668MailMigratorabc@xxxx.com to dump
[Code] .....
View 3 Replies
View Related
Jan 22, 2014
I have a plesk 11.0.9 on a windows server 2008 R2 which has MailEnable. One of my customers faced a problem to send emails from one of his local mailboxes to another of his local mailboxes! He got this error:Your message did not reach some or all of the intended recipients.The following recipient(s) cannot be reached.Server error: '550 Requested action not taken: mailbox unavailable or not local'
But we are sure the recipient mailboxes exist and work fine!I checked this link: URL....It dosen't work for this case.
View 4 Replies
View Related
Apr 15, 2009
I've got some questions regarding use of a VPS as a mail-server. I've had this little domain since 1996, and it's not only my main e-mail but now also my family, extended family, close friends and work colleagues. No complaints with my current shared host, except their mail-server just isn't cutting it. They've even stated as much, and suggested users not happy about performance move to g-mail. Whatever, I want my name at my domain. So, I'm thinking I should just get myself a VPS to use mostly as a mail-server (the website it self gets like, 10 unique hits/month from totally lost Googlers)
I'd like to keep things around $70/month, a price well worth it IMHO to not have to be told 'the webmail is down again.' I have no way to determine my total mail bandwidth, but I'm guessing 10-20 legitimate e-mails in and out per day with about 2 dozen users.
Any thoughts on pitfalls, or advice? How does the actual network connection work? I.E, if the VPS has a 10mbps Ethernet connection with 10 total users, does each user get a dedicated 1mbps connection? Also, any good recommendations? I'm looking a liquidweb, but really have no clue. Location doesn't matter, but I'm Ohio so anything nearby might be refreshing for a change.
My technical experience isn't great, but I am able to RTFM and have setup a Debian server on scrap hardware with trixbox installed, so I'm guessing it's not much harder than that. This all kind of started out as a hobby, but has oddly enough become a bit vital for myself and others who use email@mydomain.
View 14 Replies
View Related
Mar 15, 2007
We're having a problem with a few clients saying that people are sending email to them but that the emails are not getting through. They ran their domain name via a system that tests email servers and it came back with the following issues for the server:
"There was a problem while talking with the mail server. Got 'Socket Timeout Exception: Read timed out'"
The mailserver we're running is Exim. The domain name is www.newwritingnorth.com and the site they used for testing is here:
[url]
we ARE getting emails in, but just not from some people, so its a strange one
View 0 Replies
View Related
Mar 27, 2014
Somehow when customers add a new MySQL database they can select a Local MySQL server. It turns out this is the MySQL instance running on the CP server, can I somehow hide this server from the list?
View 1 Replies
View Related
May 8, 2009
I have an issue with o2 - some of their mailservers have blacklisted IPs and hence mail doesn't get delivered to recipients whose ISPs subscribe to the specific blacklists.
Questions:
1 If mail is not delivered, will I ALWAYS know about it?
I've had bounce notifications from one specific ISP, but I'm wondering whether in other cases the mail will just not get through and I'll not know about it.
2 I'm aware of problems with two specific o2 IPs:
82.132.130.151
82.132.130.169
View 3 Replies
View Related
Apr 16, 2008
I am talking about a WHM/Cpanel setup. Is there a way to convince the Exim mailserver (MTA) to get any of the hosted domain name in the "HELO" greeting when dispatching mail? Many ISPs deny accepting mail when the smtp domain name in the setting of a mail client program does not match the vps main hostname.
The only workaround seems to be to change the smtp server name for all domains to be identical to the main server (setup) name.
In detail: When you setup more then one domain on your vps and use your own dns/bind, then CPanel installs the domain records in a way that mail exchange is set to e.g.
firstdomain.com. 14400 IN MX 10 mail.firstdomain.com.
...
mail 14440 IN A 111.111.111.111
which basically instruct your vps that email client programs can connect to the "firstdomain.com" host for pop (imap) as well as smtp using the subdomain name mail.firstdomain.com with the respective ports.
Now, Cpanels MTA (mail transfer agent) exim uses only the vps setup domain name as mailserver address and all Outgoing eMails always show the setup domain or one of its subdomains (depending on setup) in the mail header, no matter which of your vps domains sends the mail.
This way you most likely run into the situation that a couple of ISPs deny accepting your (or your clients) eMails because your (actually one and only) "mailserver does not have their host name in the greeting".
technically, if you telnet (no need to ssh) to mail.firstdomain.com on port 25 the response will be
220-setup.maindomain.com ESMTP Exim 4.52 #1 Sun, 26 Mar 2006 ...
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
and, in case you send a helo command to this connection, the result is
helo
250 setup.maindomain.com Hello [11.22.33.44]
That means some mails sent out with mail.firstdomain.com might be rejected as spam.
Is there a way to get exim to display
250 mail.firstdomain.com Hello [11.22.33.44]
or
250 mail.seconddomain.com Hello [11.22.33.44]
etc
View 0 Replies
View Related
Oct 21, 2009
I want to create a mailserver setup ( SMTP/POP3/IMAP/SSL) in my server which in public network.Can any one suggest the Webbased GUI interface tool which manages my mailserver setup . The tool must able to manage users ( creating mail users,allocating quato).
View 13 Replies
View Related