Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - cwpdfsr

Pages: [1]
1
Hi, I use Cloudflare for all DNS.

  • I have Bind turned off
  • I put Cloudflare IP's in NS IP setup

You also need to add your DKIM & SPF records as text records to Cloudflare if you set these up on CWP mail server.

 :)

Thank you very much, it works!



Something else happened, maybe related to changes in the dns setup or cert files.
Now these errors come up:

"
host postfix/smtpd[36245]: connect from remote.server.com
host postfix/smtpd[36245]: Anonymous TLS connection established from remote.server.com: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bi$
host postfix/spawn[36328]: warning: command /usr/bin/python exit status 1
host postfix/smtpd[36245]: warning: premature end-of-input on private/spfpolicy while reading input attribute name
host postfix/spawn[36328]: warning: command /usr/bin/python exit status 1
host postfix/smtpd[36245]: warning: premature end-of-input on private/spfpolicy while reading input attribute name
host postfix/smtpd[36245]: warning: problem talking to server private/spfpolicy: Success
host postfix/smtpd[36245]: NOQUEUE: reject: RCPT from remote.server.com: 451 4.3.5 Server configuration problem; from=<postmaster@remote.server.com> to=<he$
host postfix/smtpd[36245]: disconnect from remote.server.com
"

and

"Mailserver rejected mail to postmaster. The Mailserver provided: unexpected response to [RCPT TO: ] | 451 4.3.5 Server configuration problem."
Consider, that the postmaster email address/mailbox exists and works, it can send and its emails are being received at the designated external recipient (e.g. at a gmail email address).

and

From another server to check the error out, this log came up:
  "
  ...
  SMTP>> STARTTLS
  SMTP<< 220 2.0.0 Ready to start TLS
LOG: MAIN
  [RemoteIP] SSL verify error: depth=0 error=unable to get local issuer certificate cert=/CN=host.remoteserver.com
LOG: MAIN
  [RemoteIP] SSL verify error: depth=0 error=unable to verify the first certificate cert=/CN=host.remoteserver.com
  SMTP>> EHLO host.localserver.com
  SMTP<< 250-host.remoteserver.com
         250-PIPELINING
         250-SIZE 204800000
         250-ETRN
         250-AUTH PLAIN LOGIN
         250-AUTH=PLAIN LOGIN
         250-ENHANCEDSTATUSCODES
         250-8BITMIME
         250 DSN
  SMTP>> MAIL FROM:<postmaster@localserver.com> SIZE=1616
  SMTP>> RCPT TO:<postmaster@remoteserver.com>
  SMTP>> DATA
  SMTP<< 250 2.1.0 Ok
  SMTP<< 451 4.3.5 Server configuration problem
  SMTP<< 454 4.5.1 Error: no valid recipients
  SMTP>> QUIT
  SMTP(close)>>
LOG: MAIN
  == postmaster@remoteserver.com R=dkim_lookuphost T=dkim_remote_smtp defer (-44) H=host.remoteserver.com [RemoteIP]: SMTP error from remote mail server after RCPT TO:<postmaster@remoteserver.com>: 451 4.3.5 Server configuration problem

2
If you use CloudFlare or any remote DNS provider, do you switch off BIND or do you keep it running? Should not all DNS records then be put into the remote one? Can you then delete all the .db files in the named folder?
And do you put the CloudFlare nameservers/IPs into the CWP NS/IP setup?
Any tried and tested advice most welcome :)

3
CentOS Configuration / other DNS admin, remote nameservers
« on: October 28, 2017, 07:38:51 PM »
Hi,

How could one use CWP without hosting the DNS records in BIND, but in a remote DNS, say CloudFlare or EasyDNS?
Could then BIND be switched off completely or what should remain? Is there any FAQ/manual or instruction about such a use case?
Would it suffice to just put the NS records of the other DNS server into CWP NS records and their IPs, or how should one proceed?
Any useful step by step instruction much appreciated :)

Thank you!

Pages: [1]