Tag Archives: Email

How to remove an IP from the CBL (Composite Blocking List)

Today I was introduced to something called the CBL, or the Composite Blocking List. This is one of several Spamhaus projects that’s there to make sure IP’s are blacklisted when they’re sending spam.

You can check if your IP’s are OK at http://www.spamhaus.org/lookup/

The CBL is a separate website in which you can also lookup IPs. Spamhaus will tell you if that’s the case and direct you to the CBL here: http://www.abuseat.org/lookup.cgi

Even though my IP was otherwise fine, it was listed in the CBL, and Yahoo kindly made me aware of this as part of an error message I’ve received when trying to send an email. If ever there is an email problem in CentOS, the first place to look is /var/log/maillog. Here’s Yahoo’s very helpful explanation: https://help.yahoo.com/kb/postmaster/SLN5070.html

Turns out that the hostname was not setup yet, so the box would respond as localhost.localdomain. That’s a big fat no-no as far as the CBL people are concerned. Here’s CBL’s explanation:

This IP address is HELO’ing as “localhost.localdomain” which violates the relevant standards (specifically: RFC5321).

The CBL does not list for RFC violations per-se. This _particular_ behaviour, however, correlates strongly to spambot infections. In other words, out of thousands upon thousands of IP addresses HELO’ing this way, all but a handful are infected and spewing junk. Even if it isn’t an infection, it’s a misconfiguration that should be fixed, because many spam filtering mechanisms operate with the same rules, and it’s best to fix it regardless of whether the CBL notices it or not.

Continue reading How to remove an IP from the CBL (Composite Blocking List)

How to open SMTP port 587 to send emails in Plesk

Plesk-LogoBy default Plesk on Linux uses Postfix for outgoing email, and by default listens on port 25 for outgoing SMTP mail. Some service providers do not allow to send emails on that port, and tragedy occurs: clients can’t send email with their Plesk servers. Not good.

Other SMTP ports will usually work, such as the other favourite 587 – but by default, Postfix is not listening on this port for email submissions – at least not in Plesk 12.0.8 on CentOS 7.

Here’s how to enable port 587 for such ventures:

Open the Postfix configuration file at /etc/postfix/master.cf and find the following line. It’s commented out. All we have to do is to remove the hash in front of it, and email can be sent via port 587:

Restart Postfix for the changes to take effect. In CentOS 5 and 6:

This will also work in CentOS 7, but to be more precise:

Happiness!

Note that port 587 needs to be open in your firewall. If the Plesk Firewall Extension is enabled, it’ll take care of it for you automagically.

 

  • http://blog.mailgun.com/25-465-587-what-port-should-i-use/
  • http://www.faqforge.com/linux/how-to-enable-port-587-submission-in-postfix/
  • http://know.mailsbestfriend.com/how_to_enable_port_587_submission_in_postfix-1932675618.shtml
  • a Plesk 11 alternative: http://kb.sp.parallels.com/en/114417

How to setup Plesk Mail in Mozilla Thunderbird for Windows

In this episode I’ll show you how to setup Plesk Mail in Thunderbird for Windows. Unlike most email clients, Thunderbird can figure out the correct settings by itself – something neither Outlook nor Mac Mail can do. Therefore, the real magic with Thunderbird is figuring out how to get to the account settings.

To do so, click the three little lines next to the search box. It will bring up a fly-out menu. Under Options – Account Settings, setup a new account or change the settings for an existing one.

TB-Demo

Thunderbird is clever usually enough to detect the settings it needs to connect to the Plesk server. In case it fails, use the following:

  • STARTTLS as encryption
  • Authentication: use encrypted password
  • your full email address as user name (such as you@domain.com)
  • Port 143
  • Outgoing Mail Server: Port 587
  • Incoming Mail Server: Port 143 OR 993

Good luck!

Catch this episode on my WP Guru Podcast:

How to setup Plesk Mail in Microsoft Outlook for Windows

In this episode I’ll show you how to setup Plesk Mail in Microsoft Outlook on Windows. It’s often a big stumbling block for users. The instructions will also work for Microsoft Essentials, the predecessor of Outlook Express. I’m using Outlook 2010 here, but the instructions are also applicable to later versions.

The two important windows are under Account Settings, there’s a window with six tabs. One of which is labelled Outgoing Server and the other one is called Advanced:

Screen Shot 2015-04-13 at 18.16.03

 

Screen Shot 2015-04-13 at 18.16.13

Make sure Outlook is set to use TLS for both incoming and outgoing connections. The Root Folder Path needs to be set to INBOX (in all capitals).

Good luck 😉

Catch this episode on my WP Guru Podcast:

FIXED: WordPress refuses to send you a Password Reset Link

Screen Shot 2015-02-10 at 21.33.07

I ran into an interesting problem today: on a CentOS 6 server a colleague of mine wanted to reset her WordPress password via the handy link provided in the login dialogue. But rather than sending an email, WordPress got back to her with the following error message:

The e-mail could not be sent.
Possible reason: your host may have disabled the mail() function.

Intrigued I had a look at the server. To my surprise sendmail was installed, and emails could be sent from the command line as well as from PHP scripts. But not from WordPress. What was going on?

Examining the logs I came across the following error message:

followed by a Web Server 500 error caused by the password reset link. Interesting.

Turns out it was an old acquaintance of mine, someone who has been spoiling the broth on many occasions: SELinux.

SELinux can prevent Apache from sending mail when enabled, but lucky for us there’s a quick way to fix this, courtesy of manyon over at the Simple Machines Forum.

To test if SELinux is preventing mail from being sent, try this test from the command line:

It will return with httpd_can_sendmail –> on or off, and if your server is set to the latter then mail can’t be sent.

To change this, execute the following, switching this bool to on:

Note that this can take a minute or two (literally) because the entire SELinux policy needs to be recompiled. Be patient, your server isn’t hanging.

Once changed, make sure to restart Apache:

Now WordPress can send the password reset link. #result

  • http://www.simplemachines.org/community/index.php?topic=446074.0
  • https://wordpress.org/support/topic/wordpress-cant-send-mail-for-forgot-password-and-new-account
  • http://unix.stackexchange.com/questions/67732/why-setsebool-command-of-selinux-taking-so-long-and-slow

How (and when) to disable Plesk Mail Services

Plesk-LogoImagine the following scenario:

A website is hosted on Server 1. Let’s call it domain.com. The email services for domain.com are hosted on another server, let’s say with Google (via MX records set at the domain level).

Email sent from other servers gets through fine, but when you send email from a domain also hosted on Server 1 to client@domain.com, Plesk returns an error message – such as “there’s no such mailbox”. Or mail is delivered, but it never reaches client@domain.com.

What’s going on? And how do we fix this?

 

The solution is simple: switch off the mail service in Plesk for this domain.

What’s happening here is that two servers are volunteering to control mail requests, but only one server can be in charge. Otherwise mail requests will be processed in places they are not supposed to, and mail does not reach the correct destination.

 

Screen Shot 2015-02-06 at 10.49.30

 

Here’s why: when we send mail from Server 1 to client@domain.com, Plesk doesn’t look for external DNS records. It can see that mail is supposed to be hosted right here on Server 1 and tries its best to deliver it. That’s when the error is produced.

It may get confusing if a mailbox with the same name exists on both servers, email is delivered but will likely never reach client’s inbox.

Other servers look at the external MX records and bypass Server 1 completely, therefore mail is delivered as it’s supposed to be.

 

How can we fix it, Cap’m?

To force Plesk to check external MX records too, head over to the subscription’s control panel and

  • select the Mail tab
  • Mail Settings
  • tick the checkbox next to the domain in question
  • click Activate/Deactivate Services
  • and in the overlay window, select Disable
  • (and finally click OK to close the overlay window)

Screen Shot 2015-02-06 at 10.59.39

Now Plesk will no longer use its own MX records for mail requests and it will deliver mail as you would expect.

How to install and secure Dovecot in Plesk 12

dovecotI’ve just installed the Dovecot Mail Service on one of my Plesk 12 servers. It’s an alternative to the old favourite Courier IMAP/POP and a new addition in Plesk 12.

Dovecot does more or less the same as Courier (i.e. lets you receive mail), but it’s a bit more configurable and debug friendly. It also offers server-side mail filtering which is accessible via the Plesk Webmail services Roundcube and Horde.

In this article I’ll show you how to install Dovecot in Plesk 12, and how to add your own SSL certificates for mail. In my previous article I’ve explained how to do this with the standard Courier Mail service.

 

Installing Dovecot in Plesk 12

Head over to

  • Tools and Settings (or the Server Tab)
  • under the Plesk heading
  • Updates and Upgrades

Select Add or Remove Components and under Mail Hosting Features, find the option for Different IMAP/POP3 server:

Screen Shot 2015-01-03 at 15.14.37

You can only install either Courier or Dovecot. Switching will automatically uninstall the component you currently have and instead install the other one.

Note that switching Courier for Dovecot will preserve all mailboxes and will not affect your outgoing mail services. Give Plesk a moment until your see the “installation has finished” message.

You’re now running Dovecot!

 

Patching Dovecot SSL Certificates

As with Courier, Dovecot will use self-signed certificates for secure connections. This means that a nasty window is likely to pop up when clients connect. You can suppress this window by specifying your own SSL Certificates.

Screen Shot 2015-01-03 at 15.12.08

 

The default configuration file for Dovecot is in /etc/dovecot/dovecot.conf. However the file states that any changes you make here are wiped when an upgrade comes along. Instead, take a look at the /etc/dovecot/conf.d/ directory in which you’ll find three files by default:

  • 10-plesk-security.conf
  • 15-plesk-auth.conf
  • 90-plesk-sieve.conf

You can add your own configuration snippets here, each beginning with a number and ending with .conf. The lower the number, the earlier your snippet is loaded. The higher the number, the later it is loaded. You get the picture.

Let’s create /etc/dovecot/conf.d/5-ssl.conf for our purposes. Because I had already configured my certificates for Courier they are still in /usr/share/imapd.pem – but feel free to place your .pem files anywhere you like. Here’s what my file looks like:

Dovecot lets you have separate files for the certificate and the private key, something that’s not possible in Courier as far as I know. Dovecot is also happy to keep those in the same file though as in my example, and as in Courier. Easy going I say!

For the changes to take effect we need to restart the Plesk Mail Service like so:

That’s it!

 

How do I add a certificate for outgoing mail?

Postfix (and QMail) deal with sending mail, Dovecot and Courier only deal with receiving it. I’ve described how to add SSL Certificates to Postfix in my article about Courer.

 

Further Reading

 

How to override auto-detected Email Settings in iOS

IMG_5845.PNG

The nature of any automation is that sometimes it just doesn’t work. Apple’s iOS is no exception.

When you add a new email account on your iOS device, several mail providers’ settings can be auto detected. It’s there to make our lives easier so that we don’t have to add details for mail servers and ports manually. Yahoo Mail and Gmail.com are detected perfectly, but other services – for example GMX – are not.

This is no problem if iOS simply says that you need to add details manually (as with Plesk mail), but it is an issue if iOS has detected the correct POP settings and you’d much rather use IMAP. iOS offers no way to change these settings when auto detection was successful.

There’s a trick which will let you specify your own settings by bodging your password. Do the following:

  • under Settings – Mail, Contacts, Calendars – add a new account
  • choose other, then select Add Mail Account
  • This will show you a dialogue similar to the one in the screenshot above. Fill out your details but deliberately choose the wrong password. A single letter of your choice will do.
  • Hit Next and the auto-detection goes to work, telling you the password was wrong.
  • Now configure the settings to your liking, including a choice of POP and IMAP, incoming and outgoing mail servers, encryption options and ports.

I found this out by helping my friend Oliver leave POP behind for good on his new iPhone 6. In case you need the GMX IMAP details, they can be found here:

Setting up Plesk Mail on iOS 8 (iPad)

In this episode I’m explaining how to setup your iOS Device for use with Email Accounts created in Plesk 12. I’m also explaining how to map IMAP folders from your email account to the relevant folders on your iOS Device.

For this demo I’m using an iPad 3 running iOS 8, but the process is the same on your iPhone and iPod Touch and older versions of iOS.

It’s a rather complex setup (as dealing with email accounts usually is) and has caused me and my customers major headaches in the past. I hope this video can alleviate such pains. If setup properly, Plesk Mail is a pleasure to deal with and works very reliably.

Sadly iOS Mail does not discover the settings it needs to work with your Plesk Mail automatically, but with a bit of help and guidance it’s easy to get it working. Let me show you how.

Catch this episode on my WP Guru Podcast:

Setting up Plesk Mail on Mac OSX Mavericks (10.9)

In this episode I’m explaining how to setup Mac Mail for use with Email Accounts created in Plesk 12.  I’m also explaining how to map IMAP folders from your email account to the relevant folders on your Mac.

It’s a rather complex setup (as dealing with email accounts usually is) and has caused me and my customers major headaches in the past, I hope this video can alleviate such pains. If setup properly, Plesk Mail is a pleasure to deal with and works very reliably.

Sadly however Mac Mail cannot discover the settings it needs to work with your Plesk Mail automatically, but with a bit of help and guidance it’s easy to get it working. Let me show you how.

I’ve created a similar screencast to show you how this works in iOS:

  • https://wpguru.co.uk/2014/10/plesk-mail-ios/
Catch this episode on my WP Guru Podcast: