Tagged: Email Toggle Comment Threads | Keyboard Shortcuts

  • Jay Versluis 3:31 pm on November 9, 2015 Permalink | Reply
    Tags: Email, Spam   

    Categories: Linux ( 96 )

    How to remove an IP from the CBL (Composite Blocking List) 

    Today I was introduced to something called the CBL, or the Composite Blocking List. This is one of several Spamhaus projects that’s there to make sure IP’s are blacklisted when they’re sending spam.

    You can check if your IP’s are OK at http://www.spamhaus.org/lookup/

    The CBL is a separate website in which you can also lookup IPs. Spamhaus will tell you if that’s the case and direct you to the CBL here: http://www.abuseat.org/lookup.cgi

    Even though my IP was otherwise fine, it was listed in the CBL, and Yahoo kindly made me aware of this as part of an error message I’ve received when trying to send an email. If ever there is an email problem in CentOS, the first place to look is /var/log/maillog. Here’s Yahoo’s very helpful explanation: https://help.yahoo.com/kb/postmaster/SLN5070.html

    Turns out that the hostname was not setup yet, so the box would respond as localhost.localdomain. That’s a big fat no-no as far as the CBL people are concerned. Here’s CBL’s explanation:

    This IP address is HELO’ing as “localhost.localdomain” which violates the relevant standards (specifically: RFC5321).

    The CBL does not list for RFC violations per-se. This _particular_ behaviour, however, correlates strongly to spambot infections. In other words, out of thousands upon thousands of IP addresses HELO’ing this way, all but a handful are infected and spewing junk. Even if it isn’t an infection, it’s a misconfiguration that should be fixed, because many spam filtering mechanisms operate with the same rules, and it’s best to fix it regardless of whether the CBL notices it or not.

    (More …)





     
    • N1njawtf 2:50 pm on March 20, 2016 Permalink | Reply

      Cool! thanks alot! I guess this solved my blacklisting problem.

  • Jay Versluis 4:05 pm on April 23, 2015 Permalink | Reply
    Tags: , Email,   

    Categories: Linux, Plesk ( 96 )

    How to open SMTP port 587 to send emails in Plesk 

    Plesk-LogoBy default Plesk on Linux uses Postfix for outgoing email, and by default listens on port 25 for outgoing SMTP mail. Some service providers do not allow to send emails on that port, and tragedy occurs: clients can’t send email with their Plesk servers. Not good.

    Other SMTP ports will usually work, such as the other favourite 587 – but by default, Postfix is not listening on this port for email submissions – at least not in Plesk 12.0.8 on CentOS 7.

    Here’s how to enable port 587 for such ventures:

    Open the Postfix configuration file at /etc/postfix/master.cf and find the following line. It’s commented out. All we have to do is to remove the hash in front of it, and email can be sent via port 587:

    submission inet n       -       n       -       -       smtpd
    

    Restart Postfix for the changes to take effect. In CentOS 5 and 6:

    service postfix restart
    

    This will also work in CentOS 7, but to be more precise:

    systemctl restart postfix.service
    

    Happiness!

    Note that port 587 needs to be open in your firewall. If the Plesk Firewall Extension is enabled, it’ll take care of it for you automagically.

     





     
    • Newman 8:06 am on December 29, 2016 Permalink | Reply

      Thank you for this!I am now able to send email from ec2 instance.

  • Jay Versluis 9:47 am on April 20, 2015 Permalink | Reply
    Tags: Email   

    Categories: Plesk, Screencast, Windows ( 70 )

    How to setup Plesk Mail in Mozilla Thunderbird for Windows 

    In this video I’ll show you how to setup Plesk Mail in Thunderbird for Windows. Unlike most email clients, Thunderbird can figure out the correct settings by itself – something neither Outlook nor Mac Mail can do. Therefore, the real magic with Thunderbird is figuring out how to get to the account settings.

    To do so, click the three little lines next to the search box. It will bring up a fly-out menu. Under Options – Account Settings, setup a new account or change the settings for an existing one.

    TB-Demo

    Thunderbird is clever usually enough to detect the settings it needs to connect to the Plesk server. In case it fails, use the following:

    • STARTTLS as encryption
    • Authentication: use encrypted password
    • your full email address as user name (such as you@domain.com)
    • Port 143
    • Outgoing Mail Server: Port 587
    • Incoming Mail Server: Port 143 OR 993

    Good luck!





     
    • Maliwaince 5:19 am on May 25, 2017 Permalink | Reply

      hi!

      I am facing isse while adding my Plesk panel email in thunderbird its showing.

      “username or password invalid”

      but i have checked its working on webmail.

      I trying to manual setting also.

      server: mydomain.com

      i read on other forum problm is with SSL its genrating SSL certificate by it self signed but not taking the real one. Need to change this with SSH.

      any luck to get help on this?

  • Jay Versluis 6:21 pm on April 13, 2015 Permalink | Reply
    Tags: Email   

    Categories: Plesk, Screencast, Windows ( 70 )

    How to setup Plesk Mail in Microsoft Outlook for Windows 

    In this video I’ll show you how to setup Plesk Mail in Microsoft Outlook on Windows. It’s often a big stumbling block for users. The instructions will also work for Microsoft Essentials, the predecessor of Outlook Express. I’m using Outlook 2010 here, but the instructions are also applicable to later versions.

    The two important windows are under Account Settings, there’s a window with six tabs. One of which is labelled Outgoing Server and the other one is called Advanced:

    Screen Shot 2015-04-13 at 18.16.03

     

    Screen Shot 2015-04-13 at 18.16.13

    Make sure Outlook is set to use TLS for both incoming and outgoing connections. The Root Folder Path needs to be set to INBOX (in all capitals).

    Good luck 😉





     
  • Jay Versluis 10:10 pm on February 10, 2015 Permalink | Reply
    Tags: , Email,   

    Categories: WordPress ( 137 )

    FIXED: WordPress refuses to send you a Password Reset Link 

    Screen Shot 2015-02-10 at 21.33.07

    I ran into an interesting problem today: on a CentOS 6 server a colleague of mine wanted to reset her WordPress password via the handy link provided in the login dialogue. But rather than sending an email, WordPress got back to her with the following error message:

    The e-mail could not be sent.
    Possible reason: your host may have disabled the mail() function.

    Intrigued I had a look at the server. To my surprise sendmail was installed, and emails could be sent from the command line as well as from PHP scripts. But not from WordPress. What was going on?

    Examining the logs I came across the following error message:

    sendmail: fatal: chdir /var/spool/postfix: Permission denied

    followed by a Web Server 500 error caused by the password reset link. Interesting.

    Turns out it was an old acquaintance of mine, someone who has been spoiling the broth on many occasions: SELinux.

    SELinux can prevent Apache from sending mail when enabled, but lucky for us there’s a quick way to fix this, courtesy of manyon over at the Simple Machines Forum.

    To test if SELinux is preventing mail from being sent, try this test from the command line:

    /usr/sbin/getsebool httpd_can_sendmail
    

    It will return with httpd_can_sendmail –> on or off, and if your server is set to the latter then mail can’t be sent.

    To change this, execute the following, switching this bool to on:

    sudo setsebool -P httpd_can_sendmail 1
    

    Note that this can take a minute or two (literally) because the entire SELinux policy needs to be recompiled. Be patient, your server isn’t hanging.

    Once changed, make sure to restart Apache:

    service httpd restart
    

    Now WordPress can send the password reset link. #result





     
    • Luke 6:47 pm on October 24, 2017 Permalink | Reply

      Hi, thank you for sharing your experience. We have experienced this error as well, WordPress won’t send any email at all, like the subscription or the contact form submission, etc.
      But I don’t really understand what is the SELinux, how do I know if we have the same issue?
      How to input the commend line to test it?

      Many thanks

      Luke

  • Jay Versluis 11:10 am on February 6, 2015 Permalink | Reply
    Tags: Email   

    Categories: Plesk ( 70 )

    How (and when) to disable Plesk Mail Services 

    Plesk-LogoImagine the following scenario:

    A website is hosted on Server 1. Let’s call it domain.com. The email services for domain.com are hosted on another server, let’s say with Google (via MX records set at the domain level).

    Email sent from other servers gets through fine, but when you send email from a domain also hosted on Server 1 to client@domain.com, Plesk returns an error message – such as “there’s no such mailbox”. Or mail is delivered, but it never reaches client@domain.com.

    What’s going on? And how do we fix this?

     

    The solution is simple: switch off the mail service in Plesk for this domain.

    What’s happening here is that two servers are volunteering to control mail requests, but only one server can be in charge. Otherwise mail requests will be processed in places they are not supposed to, and mail does not reach the correct destination.

     

    Screen Shot 2015-02-06 at 10.49.30

     

    Here’s why: when we send mail from Server 1 to client@domain.com, Plesk doesn’t look for external DNS records. It can see that mail is supposed to be hosted right here on Server 1 and tries its best to deliver it. That’s when the error is produced.

    It may get confusing if a mailbox with the same name exists on both servers, email is delivered but will likely never reach client’s inbox.

    Other servers look at the external MX records and bypass Server 1 completely, therefore mail is delivered as it’s supposed to be.

     

    How can we fix it, Cap’m?

    To force Plesk to check external MX records too, head over to the subscription’s control panel and

    • select the Mail tab
    • Mail Settings
    • tick the checkbox next to the domain in question
    • click Activate/Deactivate Services
    • and in the overlay window, select Disable
    • (and finally click OK to close the overlay window)

    Screen Shot 2015-02-06 at 10.59.39

    Now Plesk will no longer use its own MX records for mail requests and it will deliver mail as you would expect.





     
  • Jay Versluis 3:34 pm on January 3, 2015 Permalink | Reply
    Tags: dovecot, Email, ,   

    Categories: Linux, Plesk ( 96 )

    How to install and secure Dovecot in Plesk 12 

    dovecotI’ve just installed the Dovecot Mail Service on one of my Plesk 12 servers. It’s an alternative to the old favourite Courier IMAP/POP and a new addition in Plesk 12.

    Dovecot does more or less the same as Courier (i.e. lets you receive mail), but it’s a bit more configurable and debug friendly. It also offers server-side mail filtering which is accessible via the Plesk Webmail services Roundcube and Horde.

    In this article I’ll show you how to install Dovecot in Plesk 12, and how to add your own SSL certificates for mail. In my previous article I’ve explained how to do this with the standard Courier Mail service.

     

    Installing Dovecot in Plesk 12

    Head over to

    • Tools and Settings (or the Server Tab)
    • under the Plesk heading
    • Updates and Upgrades

    Select Add or Remove Components and under Mail Hosting Features, find the option for Different IMAP/POP3 server:

    Screen Shot 2015-01-03 at 15.14.37

    You can only install either Courier or Dovecot. Switching will automatically uninstall the component you currently have and instead install the other one.

    Note that switching Courier for Dovecot will preserve all mailboxes and will not affect your outgoing mail services. Give Plesk a moment until your see the “installation has finished” message.

    You’re now running Dovecot!

     

    Patching Dovecot SSL Certificates

    As with Courier, Dovecot will use self-signed certificates for secure connections. This means that a nasty window is likely to pop up when clients connect. You can suppress this window by specifying your own SSL Certificates.

    Screen Shot 2015-01-03 at 15.12.08

     

    The default configuration file for Dovecot is in /etc/dovecot/dovecot.conf. However the file states that any changes you make here are wiped when an upgrade comes along. Instead, take a look at the /etc/dovecot/conf.d/ directory in which you’ll find three files by default:

    • 10-plesk-security.conf
    • 15-plesk-auth.conf
    • 90-plesk-sieve.conf

    You can add your own configuration snippets here, each beginning with a number and ending with .conf. The lower the number, the earlier your snippet is loaded. The higher the number, the later it is loaded. You get the picture.

    Let’s create /etc/dovecot/conf.d/5-ssl.conf for our purposes. Because I had already configured my certificates for Courier they are still in /usr/share/imapd.pem – but feel free to place your .pem files anywhere you like. Here’s what my file looks like:

    # SSL Certificates for Dovecot are defined here
    
    ssl = yes
    # Path to your Certificate, preferred permissions: root:root 0444
    ssl_cert = </usr/share/imapd.pem
    # Path to your Private Key, preferred permissions: root:root 0400
    ssl_key = </usr/share/imapd.pem
    

    Dovecot lets you have separate files for the certificate and the private key, something that’s not possible in Courier as far as I know. Dovecot is also happy to keep those in the same file though as in my example, and as in Courier. Easy going I say!

    For the changes to take effect we need to restart the Plesk Mail Service like so:

    /usr/local/psa/admin/sbin/mailmng --restart-service

    That’s it!

     

    How do I add a certificate for outgoing mail?

    Postfix (and QMail) deal with sending mail, Dovecot and Courier only deal with receiving it. I’ve described how to add SSL Certificates to Postfix in my article about Courer.

     

    Further Reading

     





     
    • prupert 2:32 pm on January 18, 2015 Permalink | Reply

      You may want to add the following directives for added security:

      Strong DH params

      ssl_dh_parameters_length = 2048

      Disable insecure SSL protocols

      ssl_protocols = !SSLv2 !SSLv3

      • Jay Versluis 3:35 pm on January 18, 2015 Permalink | Reply

        Thank you for the tip, prupert! Very much appreciated!

    • good advise 4:30 pm on September 22, 2015 Permalink | Reply

      for dovecot in debian/ubuntu you have to add a > before the paths otherwise it gives an error.
      i wasted a few hours for this little detail. also in debian/ubuntu use

      Path to your Certificate, preferred permissions: root:root 0444

      ssl_cert = </path/to/cert.pem

      Path to your Private Key, preferred permissions: root:root 0400

      ssl_key= </path/to/private.key

    • Patrick 5:29 pm on December 9, 2015 Permalink | Reply

      I followed the steps, but when i open ssl test i get the following message:

      :993
      CONNECTED(00000003)
      write:errno=104

      no peer certificate available

      No client certificate CA names sent

      SSL handshake has read 0 bytes and written 249 bytes

      New, (NONE), Cipher is (NONE)
      Secure Renegotiation IS NOT supported
      Compression: NONE
      Expansion: NONE

      • Jay Versluis 11:24 pm on December 9, 2015 Permalink | Reply

        Which SSL test did you use? What were the results before you patched the certificates (i.e. Please default)?

    • Patrick 9:15 am on December 10, 2015 Permalink | Reply

      I used this “openssl s_client -showcerts -connect mail.myserver.com:993” to test the SSL.

      After loading the new SSL certificate my email stops working as-well.

      Before patching, the results showed the default PLESK certificate.

    • Patrick 1:58 pm on December 10, 2015 Permalink | Reply

      I also noticed that i’m not able to access my mail. Webmail login stops working, and imap connections are closed.

      • Jay Versluis 2:05 pm on December 10, 2015 Permalink | Reply

        Oh yes, I had that problem on a couple of systems too. I’m sure there’s a perfectly logical explanation for it, and with several decades of research we’ll probably get to the bottom of it.

        But a much easier solution is to ditch Dovecot and use Courier instead. I know it makes zero sense, but I’ve noticed that on some systems, Dovecot just doesn’t want to work – and on others, I have trouble with Courier. They’re really easy to switch, and all your mail account settings are preserved.

    • Patrick 3:49 pm on December 10, 2015 Permalink | Reply

      ok i will try that out, glad to know if not the only one experiencing this issue. Thanks alot for your help. Appreciate it 🙂

      • Jay Versluis 4:21 pm on December 10, 2015 Permalink | Reply

        Any time! Out of interest, what operating system are you using? I’ve had these issues with both CentOS 6 and 7, with plain vanilla installations. Let me know and I’ll forward the issue to the Plesk team – they love fixing things 😉

    • Patrick 4:43 pm on December 10, 2015 Permalink | Reply

      I’m using ‪CentOS 6.7, it’s a new setup. Dedicated server from 1and1.

      I just tried courier, followed your other article. I am getting the exact error 🙁
      (CERT OK fails on TLS check.)

      This is weird. Would you be able to take a look for me? I don’t mind paying for the service.

      • Jay Versluis 5:26 pm on December 10, 2015 Permalink | Reply

        Sure Patrick, I’ll see what I can discover. I can’t make any promises, but I have a few ideas. Head over here to make a payment, we’ll discuss everything else via email:

        http://wphosting.tv/support/plesk-and-server-support/

        • Daniel McDonald 7:47 pm on April 5, 2016 Permalink | Reply

          Yes, i followed that instructions.
          as i deleted the 10-ssl.cnf thing it just worked. :-S
          uhm

    • Arno T 7:41 pm on September 30, 2016 Permalink | Reply

      I’ve had a good bit of trouble getting it to work and testing it correctly.
      Here is my configuration

      /etc/dovecot/conf.d/5-custom-ssl.conf
      for debugging

      verbose_ssl = yes

      ssl = yes

      Path to your Certificate, preferred permissions: root:root 0444

      ssl_cert = </usr/local/etc/ssl/dovecot-cert.pem

      Path to your Private Key, preferred permissions: root:root 0400

      ssl_key = </usr/local/etc/ssl/dovecot-key.pem

      Path to your CA file,

      ssl_ca = </usr/local/etc/ssl/comodo-positiveSSL/AddTrustExternalCARoot.crt
      ssl_ca = </usr/local/etc/ssl/comodo-positiveSSL/COMODORSAAddTrustCA.crt
      ssl_ca = </usr/local/etc/ssl/comodo-positiveSSL/COMODORSADomainValidationSecureServerCA.crt

      ssl_verify_client_cert = yes
      auth_ssl_require_client_cert = yes

      #auth_ssl_username_from_cert = yes

      #EOF

      openssl s_client -CApath /etc/ssl/certs -CAfile /etc/ssl/certs/ca-bundle.crt -cert ./postfix-cert.pem -key ./postfix-key.pem -connect smtp.foobar.com:110 -starttls pop
      openssl s_client -CApath /etc/ssl/certs -CAfile /etc/ssl/certs/ca-bundle.crt -cert ./postfix-cert.pem -key ./postfix-key.pem -connect smtp.foobar.com:143 -starttls imap

      Post about Postfix & Dovecot, *(post is still under moderation)
      https://talk.plesk.com/threads/postfix-dovecot-cert-error.334931/#post-808783

    • Ari 3:57 pm on July 12, 2017 Permalink | Reply

      Hi there!

      I noticed on your Further Reading section you mentioned “Check your new mail server with this handy online tool”.

      We created a secure email checker with a little better UI that may give a better experience to your readers.

      Here’s the link: https://www.paubox.com/secure-email-check

      Let me know if you think it’s an improvement, thank you!

      Cheers,
      Arianna

  • Jay Versluis 1:02 pm on December 29, 2014 Permalink | Reply
    Tags: Email, GMX,   

    Categories: iOS ( 222 )

    How to override auto-detected Email Settings in iOS 

    IMG_5845.PNG

    The nature of any automation is that sometimes it just doesn’t work. Apple’s iOS is no exception.

    When you add a new email account on your iOS device, several mail providers’ settings can be auto detected. It’s there to make our lives easier so that we don’t have to add details for mail servers and ports manually. Yahoo Mail and Gmail.com are detected perfectly, but other services – for example GMX – are not.

    This is no problem if iOS simply says that you need to add details manually (as with Plesk mail), but it is an issue if iOS has detected the correct POP settings and you’d much rather use IMAP. iOS offers no way to change these settings when auto detection was successful.

    There’s a trick which will let you specify your own settings by bodging your password. Do the following:

    • under Settings – Mail, Contacts, Calendars – add a new account
    • choose other, then select Add Mail Account
    • This will show you a dialogue similar to the one in the screenshot above. Fill out your details but deliberately choose the wrong password. A single letter of your choice will do.
    • Hit Next and the auto-detection goes to work, telling you the password was wrong.
    • Now configure the settings to your liking, including a choice of POP and IMAP, incoming and outgoing mail servers, encryption options and ports.

    I found this out by helping my friend Oliver leave POP behind for good on his new iPhone 6. In case you need the GMX IMAP details, they can be found here:





     
  • Jay Versluis 9:27 am on October 6, 2014 Permalink | Reply
    Tags: Email,   

    Categories: Plesk, Screencast ( 70 )

    Setting up Plesk Mail on iOS 8 (iPad) 

    In this screencast I’m explaining how to setup your iOS Device for use with Email Accounts created in Plesk 12. I’m also explaining how to map IMAP folders from your email account to the relevant folders on your iOS Device.

    For this demo I’m using an iPad 3 running iOS 8, but the process is the same on your iPhone and iPod Touch and older versions of iOS.

    It’s a rather complex setup (as dealing with email accounts usually is) and has caused me and my customers major headaches in the past. I hope this video can alleviate such pains. If setup properly, Plesk Mail is a pleasure to deal with and works very reliably.

    Sadly iOS Mail does not discover the settings it needs to work with your Plesk Mail automatically, but with a bit of help and guidance it’s easy to get it working. Let me show you how.





     
  • Jay Versluis 7:21 am on September 29, 2014 Permalink | Reply
    Tags: Email,   

    Categories: Plesk, Screencast ( 70 )

    Setting up Plesk Mail on Mac OSX Mavericks (10.9) 

    In this screencast I’m explaining how to setup Mac Mail for use with Email Accounts created in Plesk 12.  I’m also explaining how to map IMAP folders from your email account to the relevant folders on your Mac.

    It’s a rather complex setup (as dealing with email accounts usually is) and has caused me and my customers major headaches in the past, I hope this video can alleviate such pains. If setup properly, Plesk Mail is a pleasure to deal with and works very reliably.

    Sadly however Mac Mail cannot discover the settings it needs to work with your Plesk Mail automatically, but with a bit of help and guidance it’s easy to get it working. Let me show you how.

    I’ve created a similar screencast to show you how this works in iOS:





     
c
compose new post
j
next post/next comment
k
previous post/previous comment
r
reply
e
edit
o
show/hide comments
t
go to top
l
go to login
h
show/hide help
shift + esc
cancel