Messages

16

Postfix / Re: i can send email but i can't receive

« on: April 18, 2020, 08:45:15 PM »

Set "debug_peer_level" to 4 in /etc/postfix/main.cf , restart postfix again and check startup log. If there is some problem with configuration it should be reported.

It could be that somehow you got alien config (maybe due to installing wrong postfix with yum, or another software).

I installed CWP on two servers, and besides setting up interfaces and protocols everything else worked perfectly without any interventions.

17

Postfix / Re: i can send email but i can't receive

« on: April 18, 2020, 02:50:05 PM »

Postfix says unknown account, try creating another one for test, restart  postfix just in case.
Also check mysql -> postfix -> mailbox table for list of mail accounts.

18

Postfix / Re: i can send email but i can't receive

« on: April 17, 2020, 10:55:43 PM »

Then, you should've made that clear?

You need to understand that some people like to do things step by step, there is nothing wrong in that. Try to be more cautious with your posts, possibly even understand that lots of mail servers don't have PTR record set and yet they are legit and not spammers.

19

Postfix / Re: i can send email but i can't receive

« on: April 17, 2020, 10:38:38 PM »

Untick "Drop all emails if no rDNS/PTR" for start and rebuild.

Not such a good move. Enjoy getting more spam. 

Maybe you should stop this, buddy.

Of course its better to disable that option if to debug setup and find out whats wrong. Once postfix starts working properly, that option can be enabled.

20

Postfix / Re: i can send email but i can't receive

« on: April 17, 2020, 09:09:52 PM »

Settings - email - email manager
Untick "Drop all emails if no rDNS/PTR" for start and rebuild.
Edit /etc/postfix/main.cf and make sure there is "inet_protocols = ipv4" line. If there isn't add it above "inet_interfaces = all", save, restart postfix.

tail -f /var/log/maillog and test sending mail to and from account., watch the log output.

21

CentOS-WebPanel Bugs / Re: Bug: Imported cpanel account with FTP path set outside of user home dir . . .

« on: April 16, 2020, 08:50:14 PM »

Chroot is by default on, but that doesn't prevent such account from read access.
I don't expect anything, I just pointed out that there is problem which can be possibly fixed by reworking cpanel import scripts, or simple warning displayed about possible security threat.

I'm very happy so far with CWP, guys behind it must be supported financially and paying for CWP Pro license is least of what any of us should do.

So your expectation is for CWP to scan all files from a backup generated on a different system and fix security flaws. That's unreasonable. IMHO.
IF, however all services, such as FTP are run in a chroot environment then it becomes a moot point i.e. restricted access by design.

22

CentOS-WebPanel Bugs / Re: Bug: Imported cpanel account with FTP path set outside of user home dir . . .

« on: April 16, 2020, 06:47:38 PM »

In any case this is serious security problem.

Caused by the bad actions of the root user on cPanel, in your example.

My point exactly.
You get customer with such prepared backup, who innocently says "hey can you import my cpanel backup" . ..

23

CentOS-WebPanel Bugs / Re: Bug: Imported cpanel account with FTP path set outside of user home dir . . .

« on: April 16, 2020, 04:02:29 PM »

If you get such packed backup to import into CWP  server then its of course CWP issue, no ?
In any case this is serious security problem.

24

CentOS-WebPanel Bugs / Bug: Imported cpanel account with FTP path set outside of user home dir . . .

« on: April 16, 2020, 02:23:44 PM »

There is potentially serious bug when importing cpanel account backup.

Scenario:

Root account can edit ftp account homedir folder in pure-ftpd conf file.

For example, account home folder is  /home/account/ftpaccount but  can be edited into / *

Pack such account and import into CWP and said ftp account now have read only access to root directory /. Potential attacker can prepare such account and gain access to all user files on new server.
Cpanel does necessary checks and fixes  such "errors" automatically.

25

Backup / Re: Server never make mysql backup

« on: April 16, 2020, 02:10:05 PM »

I actually agree with the policy of matching database prefix with the username. WHM/cPanel pandered to Windows/Mac lusers by allowing a larger prefix/username, IMHO.
Personally, I'd have renamed the username.
Each to their own, as the saying goes.

Yes that makes sense to some point. Much better would be to query for all db-s owned by "username" than to match predetermined name prefix.
It's something i'll try to dig in following days.
Changing username on account is not simple task in production.

26

Backup / Re: Server never make mysql backup

« on: April 16, 2020, 12:05:19 AM »

In my case sql backup doesn't work due to account username being longer than database name. I migrated cpanel account where db is imported from old naming scheme but account was created on new one allowing long usernames.

For example, username on account is 12345678910 but database name is 12345678_dbx. Query which gets database names for given account uses "username" string thus it fails to find mysql db. (It takes as mandatory that all databases under account must start with username_xx string.)

Workaround is to create daily cron job which will dump db to home dir to be packed later by backup.