Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - ozgur

Pages: [1]
1
E-Mail / Couldn't successfully setup mail server
« on: March 05, 2017, 07:06:11 PM »
Hi all,

I tried many things but couldn't setup mail server successfully.
My sending mails do not hit inbox of recipients.

I collected my attemption results here.

I'm using CWP on Centos 6.8.

My running systems:
* "Apache Webserver" running.
* "MySQL Database Server" running.
* "BIND DNS Server" running.
* "Crontab" running.
* "Postfix Mail Server" running.
* "Dovecot IMAP/POP3 Server" running.
* "OpenDKIM" running.

I specified xxxxxx as my domain and IPs below.

On "DKIM & SPF Manager" page, I added xxxxxx.com.db with Trusted Host enabled, KeyTable enabled, v=DKIM1 enabled, v=spf1 enabled.

Quote
; Panel %version%
; Zone file for xxxxxx.com
$TTL 14400
xxxxxx.com.      86400        IN      SOA     ns1.centos-webpanel.com. xxxxxx.xxxxxx.com. (
         2013071601      ; serial, todays date+todays
                86400           ; refresh, seconds
          7200            ; retry, seconds
            3600000         ; expire, seconds
           86400 )         ; minimum, seconds

xxxxxx.com. 86400 IN NS ns1.centos-webpanel.com.
xxxxxx.com. 86400 IN NS ns2.centos-webpanel.com.

xxxxxx.com. IN A XXX.XX.XX.XX

localhost.xxxxxx.com. IN A 127.0.0.1

xxxxxx.com. IN MX 0 xxxxxx.com.

mail IN CNAME xxxxxx.com.
www IN CNAME xxxxxx.com.
ftp IN CNAME xxxxxx.com.
; Add additional settings below this line


xxxxxx.com. IN TXT "v=spf1 mx a"

default._domainkey 14400 IN TXT "v=DKIM1; k=rsa; p=XXXXXXXXXXXXXXXXX"

I rebuilt mail servers and BIND DNS server.
However mxtoolbox.com returns 1 error and 2 warnings.
Quote
1st error : dmarc   xxxxxx.com   Record Missing
1st warning: spf   xxxxxx.com   No records found
2nd warning: smtp   mail.xxxxxx.com   Reverse DNS does not match SMTP Banner

And I also sent an email to check-auth@verifier.port25.com.
It returns:

Quote
==========================================================
Summary of Results
==========================================================
SPF check:          neutral
DomainKeys check:   neutral
DKIM check:         permerror
SpamAssassin check: ham

==========================================================
Details:
==========================================================

HELO hostname:  srv1.xxxxxx.com
Source IP:      XXX.XX.XX.XX
mail-from:      xxxxxx@xxxxxx.com

----------------------------------------------------------
SPF check details:
----------------------------------------------------------
Result:         neutral (SPF-Result: None)
ID(s) verified: smtp.mailfrom=xxxxxx@xxxxxx.com
DNS record(s):
    xxxxxx.com. SPF (no records)
    xxxxxx.com. TXT (no records)

----------------------------------------------------------
DomainKeys check details:
----------------------------------------------------------
Result:         neutral (message not signed)
ID(s) verified: header.From=xxxxxx@xxxxxx.com
DNS record(s):

----------------------------------------------------------
DKIM check details:
----------------------------------------------------------
Result:         permerror (key "default._domainkey.xxxxxx.com" doesn't exist)
ID(s) verified:
Canonicalized Headers:
    date:Sun,'20'05'20'Mar'20'2017'20'20:21:13'20'+0200'0D''0A'
    from:xxxxxx@xxxxxx.com'0D''0A'
    to:<check-auth@verifier.port25.com>'0D''0A'
    subject:test7'0D''0A'
    dkim-signature:v=1;'20'a=rsa-sha256;'20'c=relaxed/simple;'20'd=xxxxxx.com;'20's=default;'20't=1488738074;'20'bh=HCUCD5NcipzH9VGYlghyFuRJ7ITprxMz6Z+i7qrE5HA=;'20'h=Date:From:To:Subject;'20'b=

Canonicalized Body:
    test7'0D''0A'
   

DNS record(s):
    default._domainkey.xxxxxx.com. TXT (NXDOMAIN)

NOTE: DKIM checking has been performed based on the latest DKIM specs
(RFC 4871 or draft-ietf-dkim-base-10) and verification may fail for
older versions.  If you are using Port25's PowerMTA, you need to use
version 3.2r11 or later to get a compatible version of DKIM.

----------------------------------------------------------
SpamAssassin check details:
----------------------------------------------------------
SpamAssassin v3.4.0 (2014-02-07)

Result:         ham  (-1.8 points, 5.0 required)

 pts rule name              description
---- ---------------------- --------------------------------------------------
-0.0 RP_MATCHES_RCVD        Envelope sender domain matches handover relay domain
-1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
                            [score: 0.0002]
 0.1 DKIM_SIGNED            Message has a DKIM or DK signature, not necessarily valid
 0.0 T_DKIM_INVALID         DKIM-Signature header exists but is not valid

==========================================================
Explanation of the possible results (from RFC 5451)
==========================================================

SPF and Sender-ID Results
=========================

"none"
      No policy records were published at the sender's DNS domain.

"neutral"
      The sender's ADMD has asserted that it cannot or does not
      want to assert whether or not the sending IP address is authorized
      to send mail using the sender's DNS domain.

"pass"
      The client is authorized by the sender's ADMD to inject or
      relay mail on behalf of the sender's DNS domain.

"policy"
     The client is authorized to inject or relay mail on behalf
      of the sender's DNS domain according to the authentication
      method's algorithm, but local policy dictates that the result is
      unacceptable.

"fail"
      This client is explicitly not authorized to inject or
      relay mail using the sender's DNS domain.

"softfail"
      The sender's ADMD believes the client was not authorized
      to inject or relay mail using the sender's DNS domain, but is
      unwilling to make a strong assertion to that effect.

"temperror"
      The message could not be verified due to some error that
      is likely transient in nature, such as a temporary inability to
      retrieve a policy record from DNS.  A later attempt may produce a
      final result.

"permerror"
      The message could not be verified due to some error that
      is unrecoverable, such as a required header field being absent or
      a syntax error in a retrieved DNS TXT record.  A later attempt is
      unlikely to produce a final result.


DKIM and DomainKeys Results
===========================

"none"
      The message was not signed.

"pass"
      The message was signed, the signature or signatures were
      acceptable to the verifier, and the signature(s) passed
      verification tests.

"fail"
      The message was signed and the signature or signatures were
      acceptable to the verifier, but they failed the verification
      test(s).

"policy"
      The message was signed but the signature or signatures were
      not acceptable to the verifier.

"neutral"
      The message was signed but the signature or signatures
      contained syntax errors or were not otherwise able to be
      processed.  This result SHOULD also be used for other
      failures not covered elsewhere in this list.

"temperror"
      The message could not be verified due to some error that
      is likely transient in nature, such as a temporary inability
      to retrieve a public key.  A later attempt may produce a
      final result.

"permerror"
      The message could not be verified due to some error that
      is unrecoverable, such as a required header field being
      absent. A later attempt is unlikely to produce a final result.

What can I do for this?
Quote
Result:         permerror (key "default._domainkey.xxxxxx.com" doesn't exist)

Last thing, is my rdns checker normal?
Simple rDNS Checker (PTR records)
Your rDNS for IP 10.1.1.1 is set as following:
Quote
(empty)
resolves to:
Quote
k.root-servers.net.
l.root-servers.net.
f.root-servers.net.
a.root-servers.net.
c.root-servers.net.
d.root-servers.net.
b.root-servers.net.
g.root-servers.net.
j.root-servers.net.
m.root-servers.net.
h.root-servers.net.
e.root-servers.net.
i.root-servers.net.
Another check resolves to:
Quote
(empty)

2
CentOS 6 Problems / CWP and Network are out of service
« on: February 02, 2017, 07:59:52 PM »
Hi,

I paid for cloud server, installed centos 6.8 and set up CWP.
My cloud server has 24 core cpu, 96 GB ram, 100 Mbps dedicated internet connection. And everything is new.

My web site is not in live, it is in development and test process. Even if high resources and new insallations, my internet connection is closed and some migrations activities happened in cloud system.

I installed only centos web panel, desktop, general usage desktop programs, team viewer, memcached, elastic search.

What is your opinions for this happining problems:

These are messages logs in Centos:
Feb 1 07:46:23 srv1 rtkit-daemon[4081]: The canary thread is apparently starving. Taking action.
Feb 1 07:46:24 srv1 rtkit-daemon[4081]: Demoting known real-time threads.
Feb 1 07:46:24 srv1 rtkit-daemon[4081]: Demoted 0 threads.
Feb 1 07:47:03 srv1 rtkit-daemon[4081]: The canary thread is apparently starving. Taking action.
Feb 1 07:47:03 srv1 rtkit-daemon[4081]: Demoting known real-time threads.
Feb 1 07:47:03 srv1 rtkit-daemon[4081]: Demoted 0 threads.
Feb 1 07:47:28 srv1 rtkit-daemon[4081]: The canary thread is apparently starving. Taking action.
Feb 1 07:47:28 srv1 rtkit-daemon[4081]: Demoting known real-time threads.
Feb 1 07:47:28 srv1 rtkit-daemon[4081]: Demoted 0 threads.
Feb 1 07:47:52 srv1 rtkit-daemon[4081]: The canary thread is apparently starving. Taking action.
Feb 1 07:47:52 srv1 rtkit-daemon[4081]: Demoting known real-time threads.
Feb 1 07:47:52 srv1 rtkit-daemon[4081]: Demoted 0 threads.
Feb 1 07:49:38 srv1 rtkit-daemon[4081]: The canary thread is apparently starving. Taking action.
Feb 1 07:49:38 srv1 rtkit-daemon[4081]: Demoting known real-time threads.
Feb 1 07:49:38 srv1 rtkit-daemon[4081]: Demoted 0 threads.
Feb 1 07:51:52 srv1 kernel: BUG: soft lockup - CPU#0 stuck for 70s! [lfd:6664]
Feb 1 09:10:56 srv1 rtkit-daemon[4081]: The canary thread is apparently starving. Taking action.
Feb 1 09:11:03 srv1 kernel: Modules linked in:
Feb 1 09:11:03 srv1 kernel: BUG: soft lockup - CPU#4 stuck for 79s! [java:8778]


Thanks a lot,
Ozgur

3
Postfix / Re: ERROR: You don't have a valid hostname set!
« on: January 28, 2017, 11:00:11 PM »
you need to add a subdomain with valid A record set
You are awesome!  That totally did it.  Thank you!!!

My host is something like srv1.domain.com
I added srv1 to A record in dns settings.
And then it worked. Thanks.

4
Mod_Security / CWP - How to enable Mod Security?
« on: January 01, 2017, 06:25:15 PM »
Hello,

I'm getting this message on Dashboard even if I installed OWASP old (Old rules which come as default with CWP) mod security:

=== SECURITY WARNING === Mod Security is NOT enabled on your server, click here to enable it!

How can I enable it?
Thanks

5
MySQL / How to change phpMyAdmin 80 port in CWP?
« on: January 01, 2017, 06:00:09 PM »
Hi all,

My apache is servicing on 80 port.
How can I change only phpMyAdmin port from 80 to 81 without chaning apache 80 port?

Thanks

6
Installation / Re: how can install MemCached ? thanks
« on: December 24, 2016, 12:23:22 AM »
Hi again,

I misconfigured first, but then I found solutions for my problems via mixing method.

I followed these steps:
Code: [Select]
1. Install Webtatic repo and libmemcached:
rpm -Uvh https://mirror.webtatic.com/yum/el6/latest.rpm
yum install libmemcached10-devel
2. Install memcached libevent and compile it
yum install memcached libevent libevent-devel nc -y
cd /usr/src/
wget http://pecl.php.net/get/memcached-2.2.0.tgz
tar -zxvf memcached-2.2.0.tgz
cd memcached-2.2.0/
phpize
./configure
(if command does not work, try with this: "./configure --with-libmemcached-dir")
make && make install
3. open /usr/local/php/php.ini and add to the bottom: "extension=/usr/src/memcached-2.2.0/modules/memcached.so" without quotation marks
service httpd reload
4. Configure memcached
vi /etc/sysconfig/memcached
5. Restart memcached
/etc/init.d/memcached restart

We can configure memcached settings as:
Code: [Select]
vi /etc/sysconfig/memcached

PORT="11211"
USER="memcached"
# max connection 1024
MAXCONN="1024"
# set ram size to 512 MB
CACHESIZE="512"
# listen to loopback ip 127.0.0.1, for network connection use real ip e.g., 10.0.0.4
OPTIONS="-l 127.0.0.1"

Moreover, If we need to increase timeout from 65535 seconds to almost 1 year (because, we can get this error while writing: "udf_flags will be limited to 65535") to store data in memcached, I edited and recomplied c code like this:
Code: [Select]
vi /usr/src/memcached-2.2.0/php_memcached.c
change this line (16 means 2^16 seconds):
"#define MEMC_VAL_USER_FLAGS_MAX ((1 << 16) - 1)"
with this line (25 means 2^25 seconds):
"#define MEMC_VAL_USER_FLAGS_MAX ((1 << 25) - 1)"
and turn phpize step and continue again.

Hope to help someone.

7
Installation / Re: how can install MemCached ? thanks
« on: December 22, 2016, 06:57:46 PM »
Hello everybody.

Who want to install php pecl memcached with the CWP should use old libmemcached.
See below for instruction:

1. Install Webtatic repo and libmemcached:
Code: [Select]
rpm -Uvh https://mirror.webtatic.com/yum/el6/latest.rpm
yum install libmemcached10-devel
2. Get and unpack pecl memcached

Code: [Select]
cd /usr/local/src
pecl download memcached
tar -xf memcached-{downloaded_version}.tgz

3. Compile it
Code: [Select]
cd memcached-{downloaded_version}/
/usr/local/bin/phpize
./configure
make

4. Install it
Code: [Select]
mkdir -p `php -c date.timezone=utc -i |grep -i no-debug-non |awk '{print $3}'`
cp modules/memcached.so  `php -c date.timezone=utc -i |grep -i no-debug-non |awk '{print $3}'`
echo "extension=memcached.so" >> /usr/local/php/php.ini
/etc/init.d/httpd restart

5. Enjoy!

Hi, I followed these steps, and it worked for me.

However, I couldn't find editing cache size of memcached system.
I only found this file /usr/local/src/memcached-2.2.0/memcached.ini but no option for cache limit.
When I print Memcached::getStats() method in PHP file, I see [limit_maxbytes] => 536870912 (512 MB)

Nevertheless I couldn't find right command for restarting memcached.

I use Centos 6.7 and CWP.
Does anyone know solution for these?
Thanks


8
MySQL / MySQL Remote Connection
« on: December 20, 2016, 11:44:26 PM »
Hi all,

I've just solved my mysql remote connection problem, and I thought that this may help someone else.

Let me begin with MySQL or phpMyAdmin:
* Create a new user (by your root account) or use existing user. Select Any Host (write % to textbox and it means "from everywhere") selection or write specific IP (you would like to connect remotely from) to that textbox.
* Consider giving global privileges for this user (check all if you don't mind)
* Now, you can also give access right to this user for specific databases or specific tables.
Let's continue with CWP:
* You also need to add bind-address=0.0.0.0 (from everywhere or write your IP address for connection) in my.cnf (it may be named as my.ini) file. You can also use CWP's "SQL Services" > "MySQL Configuration" page for doing this configuration.
* Restart mysql service.
* Add firewall rule for giving permission to the IP with "IN" "TCP" "3306" (mysql specific port or without port number in order to open all ports for that IP). You can use CWP's Security > Firewall Manager
* Restart Firewall then.
* Check your firewall rules.
Also look at:
* If you use firewall service from 3rd party, ask them there is a block or not.

9
Apache / Re: Default Page Displayed for all domains
« on: December 19, 2016, 02:22:20 PM »
I have just experienced this problem.
Thanks to @charliefinale. Your method resolved my problem.

To sum up, I deleted the user and recreate it with local IP (192.168.1.xxx) address rather than shared global IP address.
Global "index.html" (it is a welcome page) in "/usr/local/apache/htdocs" changed to user's index.html (it is a welcome page too) in user's public_html directory.

In addition, take into consideration that restart Apache WebServer in Services Status.

I have faced with the same situtation. At those times, I tried to configure CWP in home network and open to the worldwide.
Now, I am reconfiguring CWP in data center and trying to open to the worldwide again. Previous solution is not solving at this time.

I've just resolved my problem with these steps:
I have 2 dedicated ip address and 3 domains.
* I entered local ip address to Shared Ip in CWP Settings page.
* I didn't activated NAT-ed mode and not entered any IP there.
* I rebuilded Virtual Hosts in Apache Settings page.
* I restarted Apache Server in Dashboard page.
* I recreated user1 for domain1 with dedicatedIP1.
* I recreated user2 for domain2 with dedicatedIP1.
* I recreated user3 for domain3 with dedicatedIP2.
* I rebuilded Virtual Hosts in Apache Settings page as well
* I restarted Apache Server in Dashboard page as well.
Then, done!

Note 1: I'm only using Apache as webserver with 80 port.
Note 2: I switched Apache version to Apache/2.2.31 (Unix) from Apache/2.2.27 in "Apache Re-Build" page.

10
Apache / Re: Default Page Displayed for all domains
« on: January 03, 2016, 02:53:20 PM »
I have just experienced this problem.
Thanks to @charliefinale. Your method resolved my problem.

To sum up, I deleted the user and recreate it with local IP (192.168.1.xxx) address rather than shared global IP address.
Global "index.html" (it is a welcome page) in "/usr/local/apache/htdocs" changed to user's index.html (it is a welcome page too) in user's public_html directory.

In addition, take into consideration that restart Apache WebServer in Services Status.

11
Hi,

It may be caused by setting web server as apache & nginx.
Could you try this link "http://SERVER_IP:80/phpMyAdmin/" or this link "http://SERVER_IP:8080/phpMyAdmin/".

I think if you set web server as only apache and set port to 80 from cwp settings, then it will work.

Pages: [1]