Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - overseer

Pages: [1] 2 3 ... 30
Mod_Security / Re: Reseller panel - Login error
« on: June 03, 2023, 10:56:20 PM »
Disable Mod Security altogether and the CSF firewall and see if it works then. Then work your way backwards, re-enabling and testing each part in series. Are you for sure using the OWASP ruleset with Mod Security (as it looks by the logs)? Try the Comodo ruleset, as it is more friendly as a starting point.

Other / Re: cronjop problem
« on: June 03, 2023, 10:53:46 PM »
Need more info about what your configuration is like and what you are trying to accomplish...

CentOS-WebPanel Bugs / Re: Email and email forwarders
« on: June 03, 2023, 02:40:08 AM »
This is also true of other unescaped, illegal characters in the e-mail address. You can also fix this directly in the database if you need to. But it is very true the devs should give this some attention and sanitize the input and check for illegal characters.

(An interesting aside, on on LAMP server I tried to set a passphrase that ended with an ellipsis ... -- which the IMAP server interpreted as a full stop command -- so it would never accept the passphrase, even though it was typed correctly.)

CentOS-WebPanel Bugs / Re: Cant login to CWP User :2083
« on: June 03, 2023, 02:35:38 AM »
When I see errors re: "The encoded file... has expired" it makes me believe it is an IonCube problem, which is either a non up-to-date CWP installation or PHP version. Is your CWP fully up to date? Did you run
Code: [Select]
yum -y update

E-Mail / Re: problems with spam, abuse
« on: June 03, 2023, 02:23:52 AM »
Who is "they"?
Do you have specific configuration information, more details, relevant logs, queue error messages, message rejection notices or anything else? It takes a lot of detail to sort these kinds of things out.

E-Mail / Re: Spamhaus
« on: June 03, 2023, 02:22:25 AM »
I'm not sure I'm understanding your question. SpamHaus is one of the "good guys" and I use their RBL on all my mail servers. They now require you have an account and generate a server-specific key, but you shouldn't have any trouble with their traffic usage levels for personal/small scale use. Are you running into a misconfiguration or are you getting bounce messages about your server being an open resolver?

E-Mail / Re: Fwd: Delayed Mail (still being retried)
« on: June 03, 2023, 02:20:05 AM »
Is Amavis not running on your mail server?

You followed rcschaff's post, following the CentOS 7 steps (carefully)?

E-Mail / Re: I received email from my own email account
« on: June 03, 2023, 02:14:25 AM »
Do you need a generic e-mail address like ""? That is easily guessed and likely on many spammer e-mail lists, so you're better off with something more specialized to avoid high volumes of generic spam. Or you could implement an obfuscated e-mail like the DuckDuckGo forwarders.

That IP resolves to Thailand. Do you (or anyone on your server) do business with Thailand? If not, consider blocking that country via the CSF firewall. Also consider blocking the other top 10 spam source countries if you don't need to communicate with them.

Do you have proper UCE (unsolicited commercial e-mail) settings on your postfix config? Consider implementing RBL, if not many more RBLs to shut down a large percentage of spam. SpamAssassin is farther down the chain so it is best to stop spam at the gate if it fails various helo or FQDN checks or is RBL-listed.

Another option I use on a high traffic mail server is ASSP (Anti-Spam SMTP Proxy). It sits on the edge as a dedicated anti-spam solution, running on ports 25, 465, and 587. It is HIGHLY configurable and not so resource intensive. I have trained its corpus and block about 75% of incoming, non-local mail. Then it passes mail onto Postfix which runs on an alternate SMTP port (1025 or whatever). And Postfix can still be set up to use RBLs and do HELO and FQDN and other checks, so you effectively have 2 high hurdles for spam to pass.

Other / Re: Updating cURL and OpenSSL/1.0.2k-fips
« on: June 02, 2023, 01:26:05 PM »
Do you mean you successfully updated OpenSSL to 1.1.1k but it didn't get rid of your curl error?
Or do you mean that updating to OpenSSL 1.1.1k hosed the whole system (too many dependencies, not compatible with the CWP stack)? I'm curious because I would upgrade my OpenSSL to 1.1.1 if I knew it worked with CWP. Then I would probably ride like that until I ditch CentOS 7 in spring of 2024.

You've updated CWP?
Code: [Select]
/scripts/update_cwpAnd make sure IonCube is up to date, as the "encoded" portion of the error refers to CWP's IonCube encoded files:
Code: [Select]
/scripts/update_ioncubeAnd may as well make sure the whole system is up to date:
Code: [Select]
yum -y update

A sample command (from a remote cPanel to the local CWP) is listed on the wiki here:
Code: [Select]
rsync -avz -e "ssh -p 22" root@ /var/vmail/DOMAIN/USERNAME/

CentOS-WebPanel Bugs / Re: Cant login to CWP User :2083
« on: June 02, 2023, 01:15:27 PM »
Have you tried logging in twice? Login once and it appears to succeed but kicks you back to the login page. But then immediately login again and then it will actually succeed. This was a bug I encountered and was my workaround (but that client rarely logged into the user control panel, so it wasn't much of an issue). I resolved it by adjusting the features of the user under User Accounts>Features,Themes,Language -- since it was a dedicated VM for a single client, I effectively gave them full permissions and full features over every aspect of the server. After that, they were able to login on the first try. You don't need to go to that extreme, just try giving them one feature not currently assigned and see if that fixes it.

Other / Re: Updating cURL and OpenSSL/1.0.2k-fips
« on: June 02, 2023, 02:17:55 AM »
Note: The latest stable version is the 3.1 series supported until 14th March 2025. Also available is the 3.0 series which is a Long Term Support (LTS) version and is supported until 7th September 2026. The previous LTS version (the 1.1.1 series) is also available and is supported until 11th September 2023. All older versions (including 1.1.0, 1.0.2, 1.0.0 and 0.9.8) are now out of support and should not be used. Users of these older versions are encouraged to upgrade to 3.1 or 3.0 as soon as possible. Extended support for 1.0.2 to gain access to security fixes for that version is available.
Off the cuff, I would suggest shooting for the 1.1.1 version upgrade, as it is supported until September 2023. It is unlikely to break things in the CWP stack which depend on the 1.0.x code branch. I don't know how much the 3.1 or 3.0 branch is as a drop-in replacement under CentOS 7.9 and the CWP stack -- so proceed at your own risk!

465 is SSL/TLS. You can use STARTTLS with port 25 SMTP or 587 submission if you want to negotiate a secure channel on those ports.

Are you allowing outgoing mail ports in your firewall config file -- /etc/csf/csf.conf?
TCP_IN = "21,22,25,53,80,110,143,443,465,587,993,995,2083,2096,2304"
TCP_OUT = "20,21,22,25,22,53,80,110,113,443,2083,2096,587,993,995,2080,2443"
Code: [Select]
SMTP_PORTS = "25,465,587"
PORTS_imapd = "143,993"
PORTS_pop3d = "110,995"

Pages: [1] 2 3 ... 30