Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - intellitech

Pages: [1]
Updates / Re: Update for openSSL is important!
« on: October 27, 2016, 07:42:05 PM »
Just to update - I have manually compiled and updated OpenSSL on a CentOS 6.8 - using the following steps (ofcourse you need root priviledges on the server) -

1. Download LTS version of OpenSSL:

# cd /usr/src
# wget
# tar -zxf openssl-1.0.2j.tar.gz

2. Manually compile & upgrade / install OpenSSL:

# cd openssl-1.0.2j
# ./config
# make
# make test
# make install

4. Copy OpenSSL files:

# mv /usr/bin/openssl /root/
# ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl

5. Verify installed version of OpenSSL

# openssl version

After a number of hours going through the server log as well as postfix documentation, the problem seems to have resolved now.
What I did - reloaded & restarted the postfix service a number of times, in addition to a single reboot of the server too (to resolve and lingering scripts).

This configuration now seems to work perfectly. Adding "dovecot_destination_recipient_limit = 1" in the finally resolved the mail receipt to multiple users on the same domain on the same server.

==== (location: /etc/postfix) ====
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
anvil_rate_time_unit = 3600s
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
delay_warning_time = 4
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
html_directory = no
inet_interfaces = all
local_recipient_maps = virtual_mailbox_maps
mail_owner = postfix
mailbox_size_limit = 2048000000
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 204800000
milter_default_action = accept
milter_protocol = 2
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain =
myhostname =
mynetworks = $config_directory/mynetworks
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters = $smtpd_milters
queue_directory = /var/spool/postfix
recipient_delimiter = +
relay_domains = proxy:mysql:/etc/postfix/
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache
smtp_use_tls = yes
smtpd_client_message_rate_limit = 500
smtpd_client_restrictions =
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_helo_required = yes
smtpd_helo_restrictions =
smtpd_milters = inet:
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_rbl_client, reject_rbl_c$
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions =
smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
smtpd_tls_cert_file = /etc/pki/tls/certs/
smtpd_tls_key_file = /etc/pki/tls/private/
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
soft_bounce = yes
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
virtual_alias_maps = proxy:mysql:/etc/postfix/, regexp:/etc/postfix/virtual_regexp
virtual_gid_maps = static:12
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/
virtual_mailbox_maps = proxy:mysql:/etc/postfix/
virtual_minimum_uid = 101
virtual_transport = dovecot
virtual_uid_maps = static:101

I've been having some issues with mail being sent to the local domain being qued - and when I view the mail que, its' showing up two errors -
1. Emails being sent to "root" - come up with the message = "user unknown"
2. Emails being send to from - where (is the local domain configured on the server) are coming up with a message = "mail system configuration error"

My postfix is as follows -

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
anvil_rate_time_unit = 3600s
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
delay_warning_time = 4
disable_vrfy_command = yes
html_directory = no
inet_interfaces = all
local_recipient_maps =
mail_owner = postfix
mailbox_size_limit = 2048000000
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 204800000
milter_default_action = accept
milter_protocol = 2
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain =
myhostname =
mynetworks = $config_directory/mynetworks
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters = $smtpd_milters
queue_directory = /var/spool/postfix
recipient_delimiter = +
relay_domains = proxy:mysql:/etc/postfix/
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache
smtp_use_tls = yes
smtpd_client_message_rate_limit = 500
smtpd_client_restrictions =
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_helo_required = yes
smtpd_helo_restrictions =
smtpd_milters = inet:
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_rbl_client, reject_rbl_client, reject_rbl_client,check_policy_service unix:private/spfpolicy
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions =
smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
smtpd_tls_cert_file = /etc/pki/tls/certs/
smtpd_tls_key_file = /etc/pki/tls/private/
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
soft_bounce = yes
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
virtual_alias_maps = proxy:mysql:/etc/postfix/, regexp:/etc/postfix/virtual_regexp
virtual_gid_maps = static:12
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/
virtual_mailbox_maps = proxy:mysql:/etc/postfix/
virtual_minimum_uid = 101
virtual_transport = dovecot
virtual_uid_maps = static:101

PHP / Re: PHP Extension Installation
« on: February 02, 2015, 02:24:11 PM »
Vladi - I actually even tried it on the demo site on here, and PHP won't switch .... :(

PHP / Re: PHP Extension Installation
« on: February 02, 2015, 02:01:24 PM »
Thanks for your reply vladi - unfortunately, it didn't work (I had tried it before) ... unfortunately, as I was unable to find any documentation on manually compiling php to work with this control panel - I kind of gave up on it .... 
I tried the PHP switcher, and rebuilding from the "admin" panel - tailed the process via an ssh session and it compiles successfully, however, if you refresh the admin panel, restart the httpd process or reboot the server, the PHP version remains the same. :(

PHP / PHP Cron Job
« on: January 31, 2015, 04:40:25 PM »
Trying to run a cron via the crontab in a user account, doesn't seem to trigger the job.
Cron was set to run every 5 mins, and the command line to the php script used is as follows: php -f /home/demo/public_html/cron.php

This however doesn't seem to be working - although the cron saves & shows as active in the webpanel.

Any ideas?

PHP / PHP Extension Installation
« on: January 31, 2015, 04:37:38 PM »
I've just come across an issue which perhaps someone may have already solved - I need to install the php-imap exention, so, I ran the comman via a root terminal session: yum install php-imap
Installation completed successfully, and httpd was restarted.

However, when I access the service and try to use the application which requires the php module, it's still not available.

On checking the via root, it doesn't show the extension enabled.

Any ideas or pointers will be appreciated.

Mod_Security / Re: How to install Mod_Security to secure Apache
« on: January 30, 2015, 02:37:39 PM »
If OWASP rules are giving you issues because of their strictness, it might be an idea to look at the mod_security rules offered by Comodo - they call them the WAF - if you google that you'll get more information.

As we've used the rules on a different control panel, I can say there aren't any issues with the major CMS systems being used - and if you do find a block, simply disable that rule.

Hope that helps!

Pages: [1]