how exactly email works. For example, I set my mx record to google apps in order to use google mail with my own domain. Thing is, I can sent from google mail now with my domain email address but cannot send. Furthermore, login to my website email bij www.domain.com/webmail is possible but receiving is impossible and even sending email from that place will not work.
Thinking about it it seems that email is lost
google can send but not receive
from my domain webmail i cannot receive nor send.
I have a domain with a few forwarding email accounts that forward to mac.com email accounts... for some reason every once in a while these accounts stop working...
This is the error I get when I email to that account:
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed: ...
I am having trouble settingt up my email, it used to work until another user changed my dns file zone.
If i send an email i get the following...
----- Transcript of session follows ----- 550 5.1.2 <test@example.co.uk>... Host unknown (Name server: mx2.external-mail-server.com.example.co.uk.: host not found) My Records are...[url]
Just got a new server online this week from VolumeDrive, and everything has been going just fine with my initial setup. I transferred over 7 domains from another cPanel/WHM machine and the transfer feature worked flawlessly.
Since I use Gmail for most of my communication, I haven't even had any email accounts setup on any of my domains in quite sometime. So knowing that I need a few setup for various correspondence, I went ahead and set one up tonight. I've setup and used mailboxes on cPanel machines before, and it's not exactly rocket science... pretty easy stuff.
But what's weird here is that when I attempt to click on the "Webmail" icon from directly within cPanel, the Horde login fails over and over again. Then, if I setup the account in Thunderbird or Outlook using the CORRECT account information (username@domain.com as the login -- and the appropriate password/server settings), the client login fails also.
To add to this weird behavior, I sent myself an email at the newly setup address with a 2mb attachment. Obviously I can't login to the account to see if the mail arrived, but at least it didn't bounce.
However, when I'm in cPanel under this domain and go to "Email Accounts", I'm showing "0 Bytes" for usage under the account where i know there should be at least 2mb worth of usage.
I tranferred all my accounts from my old cpanel server to my new one,
Updated the DNS records with my registrar to the new ips, unfortunately e-mail is not working, i used the trouble shooter and seems to trying to relay or something my mail to the old IP.
I keep getting this error when trying to send to an account
IPdoes not like recipient.
Remote host said: [IP DOMAIN] is currently not 550-permitted to relay through this server. Perhaps you have not logged into 550-the pop/imap server in the last 30 minutes or do not have SMTP 550 Authentication turned on in your email client.
My server was hacked so they did a OS reload. Everything seemed ok then they did the Level 2 Security Plan which includes
Update kernel to the latest release Update security patches Thorough security audit Installation and configuration of firewall Installation of security updates as released by OS vendor Installation of security updates as released by Control Panel vendor Configuration changes as desired by customer Disabling of unused and insecure services Removal of insecure packages and unnecessary software Regular scans for easy-to-guess users passwords Log auditing for unusual activity Investigating hacking attempts Restoring files from backup Anti-spam configuration Anti-virus configuration Anti-DoS/DDoS kernel code tweaking Default system users removal SSH server hardening Mod_Security (Intrusion detection and prevention engine for web applications) Securing /tmp directory Kernel tuning with sysctl Snort (Network Intrusion Detection System) Acid (Analysis Console for Intrusion Databases) Smartd (HDD Reliability monitor) SIM (System Integrity Monitor) PRM (Process Resource Monitor) SPRI (System Priority) BFD (Brute Force Detection) PMON (Socket Monitor) Tripwire (keeps track of every file being moved/edited in the system) CHkrootkit (Rootkit/Exploit scanner reports sent daily)
1. Now I get a timed out message via my browsers IE & Mozilla
2.When I try to FTP into an account I get this message, same message on all accounts. [06:37:47] Connecting to 72.21.49.74 Port: 21 [06:38:08] A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
3. When I try to retrieve my email via Outlook 2007 I get this Receiving reported error (0x80042108) 0UTLOOK CANNOT CONNECT TO YOUR INCOMING (pop3) EMAIL SERVER
Here are the traceroute results (image below) Note the timed out message
Servstra keeps telling me everything works on their end...... yet I cannot get to the server any longer.
I can receive email and check them via Horde but i'm unable to get them forwarded to my gmail account.Is there anything i can check/do ?I'm an ex-cpanel user.
We have a MS Window server 2003 with SP2, currently there is a website running, the webiste is desgined by using asp.net 2.0 c#.
We reinstalled the window server 2003 last week, and we found the email functions not working any more(users in the website can't receive email each other).
I have spent days and trying to figure out, but no luck, I have tried to reset the IIS settings, SMTP Virtual settings, and add/remove windows componets settings...
I've just installed a Plesk 12 vServer and created a customer with a email adress. I took the informations shown in the Power-User-Panel under "emails" with the correct ports. After clicking on "finish" it shows that Thunderbird has a problem with a certificate from Plesk.
I don't want that this error message will be shown for customers.My primary domain of the vServer has a SSL-certificate. Could I use this primary-domain to avoid the error message (the server-adress would be different)? If I use the primary domain inside the server-adress Thunderbird will say "there is no email account on this server".
We were using the mailserver on our linux install, but have since changed over to an ms exchange server. With that I removed the mailserver and installed MSMTP relay only mailserver (SMTP client) option.
I configured the External SMTP Server settings under Tools & Settings / Mail with a valid email address password host name and port of 587. When I save it says settings saved.
Since doing this I have been unable to use the email link option for share files in the file share portion of my domain. When I try to select a user from the list to send the email to or even type an external email all I get is the error "Unable to send email".
When I checked the maillog file in /usr/local/psa/var/log, I get this error "Jun 20 15:42:59 u16271698 msmtp: host=smtp.1and1.com tls=off auth=on user=to@email.ca from=psaadm recipients=to@email.ca errormsg='cannot use a secure authentication method' exitcode=EX_UNAVAILABLE"
Where I have proper emails configured where I placed "to@email.ca"
How can I get this working with the MSMTP relay only mailserver (SMTP client) option installed?
My server currently has some problems with DNS/mail, which i can't seem to fix myself. My colocation host offered to help me by giving him root access, but i don't know him very well yet. Is there some kind of script/logtool so i can track everything he did on the server? I don't want him snooping around through my webfiles and databases...
Can anyone please tell me how dangerous in fact Apache's TRACE and TRACK functions? I have read common explanation but would disabling TRACK and TRACE improve my server's ability to fight cross site scripting and similar attacks and make it more secure?
I have a few shred hosting servers I run. One of them keeps getting listed on CBL. It is very frustrating. Does anyone have an tools, tips, or tricks on finding the compromised?
So far I have confirmed that a script is using PHP to send mail out bypassing the MTA. It is faking the HELO and impersonating a well known ISP.
I used a combination of tshark and netstat. tshark can show me the HELO and EHLO. When I see the wrong entry I cross check that with netstat to see what. So Netstat only shows that it was PHP not the script path.
nohup tshark -f "port 25 and src host XX.XX.XX.XX" > /var/log/monitor/tshark-smtp.log & Then I grep for what I'm looking for:
grep -i "HELO" /var/log/monitor/tshark-smtp.log
Is there a way to get Netstat to show the script path or complete command that is establishing the connection? Currently these scripts are eating up memory to a point that other process or getting killed off.
I also tried to force all mail through the MTA, but When I enable SMTP_BLOCK in my firewall config I get and error:
*WARNING* Cannot use SMTP_BLOCK on this VPS as the Monolithic kernel does not support the iptables module ipt_owner - SMTP_BLOCK disabled.
If there is a better way I'm game. Maybe some IDS that can tell me more of what is going on with the server?
I am currently developing a web application on a WAMP server. Once complete my client will have some in-house "programmers" make changes to the code as they are needed.
My client wants to track all changes made to the source files (ie- who made the change, when it was made, what files were modified, and what specific lines were added/removed/modified). Also, the program must run on the server and not the programmers computers.
I've searched high and low and only found a couple programs that scratch the surface of what they want.
Is there a way I can track the HTTP traffic to which domain is running with high traffic. Due to traffic load I/O wait is increasing. I want to suspend the domain that have the large traffic to avoid down time.
I've done plenty of searching on DDoS attacks and from what I've found so far it seems that it's "very difficult" track down the person(s) responsible for the attack.
My question is this - could someone actually do it if they were qualified enough? Would a hacker who is well versed in the techniques used be able to find the person(s)? Or is it just simply impossible sometimes?
I just installed Apache 2.4.4 and it seems to run fine overall. But in my error.log I get about 3 of these every hour or so.error.log:[Sat Jun 15 20:57:44.095961 2013] [core:notice] [pid 31400:tid 16384] AH00052: child pid 1971 exit signal Segmentation fault (11)
track down what causes this? What module? vhost?Otherwise the server seems to run fine. It's on Linux with PHP 5.3.26 and MySQL 5.1.
I'm working on setting something up for monitoring my bandwidth/traffic on multiple interfaces. I have setup interface aliases so I have eth0, eth0:0, eth0:1 and the issue I'm running into is that it seems snmp cannot tell the diff between the aliased interfaces. I've found references in the cacti forums of using ipchains rules to track the bandwidth, but I've not found a good howto that explains what I need to get going on this.
