Today I was introduced to something called the CBL, or the Composite Blocking List. This is one of several Spamhaus projects that’s there to make sure IP’s are blacklisted when they’re sending spam.
You can check if your IP’s are OK at http://www.spamhaus.org/lookup/
The CBL is a separate website in which you can also lookup IPs. Spamhaus will tell you if that’s the case and direct you to the CBL here: http://www.abuseat.org/lookup.cgi
Even though my IP was otherwise fine, it was listed in the CBL, and Yahoo kindly made me aware of this as part of an error message I’ve received when trying to send an email. If ever there is an email problem in CentOS, the first place to look is /var/log/maillog. Here’s Yahoo’s very helpful explanation: https://help.yahoo.com/kb/postmaster/SLN5070.html
Turns out that the hostname was not setup yet, so the box would respond as localhost.localdomain. That’s a big fat no-no as far as the CBL people are concerned. Here’s CBL’s explanation:
This IP address is HELO’ing as “localhost.localdomain” which violates the relevant standards (specifically: RFC5321).
The CBL does not list for RFC violations per-se. This _particular_ behaviour, however, correlates strongly to spambot infections. In other words, out of thousands upon thousands of IP addresses HELO’ing this way, all but a handful are infected and spewing junk. Even if it isn’t an infection, it’s a misconfiguration that should be fixed, because many spam filtering mechanisms operate with the same rules, and it’s best to fix it regardless of whether the CBL notices it or not.
By default Plesk on Linux uses Postfix for outgoing email, and by default listens on port 25 for outgoing SMTP mail. Some service providers do not allow to send emails on that port, and tragedy occurs: clients can’t send email with their Plesk servers. Not good.
Other SMTP ports will usually work, such as the other favourite 587 – but by default, Postfix is not listening on this port for email submissions – at least not in Plesk 12.0.8 on CentOS 7.
Here’s how to enable port 587 for such ventures:
Open the Postfix configuration file at /etc/postfix/master.cf and find the following line. It’s commented out. All we have to do is to remove the hash in front of it, and email can be sent via port 587:
Restart Postfix for the changes to take effect. In CentOS 5 and 6:
service postfix restart
This will also work in CentOS 7, but to be more precise:
systemctl restart postfix.service
Note that port 587 needs to be open in your firewall. If the Plesk Firewall Extension is enabled, it’ll take care of it for you automagically.
In this episode I’ll show you how to setup Plesk Mail in Thunderbird for Windows. Unlike most email clients, Thunderbird can figure out the correct settings by itself – something neither Outlook nor Mac Mail can do. Therefore, the real magic with Thunderbird is figuring out how to get to the account settings.
To do so, click the three little lines next to the search box. It will bring up a fly-out menu. Under Options – Account Settings, setup a new account or change the settings for an existing one.
Thunderbird is clever usually enough to detect the settings it needs to connect to the Plesk server. In case it fails, use the following:
STARTTLS as encryption
Authentication: use encrypted password
your full email address as user name (such as firstname.lastname@example.org)
In this episode I’ll show you how to setup Plesk Mail in Microsoft Outlook on Windows. It’s often a big stumbling block for users. The instructions will also work for Microsoft Essentials, the predecessor of Outlook Express. I’m using Outlook 2010 here, but the instructions are also applicable to later versions.
The two important windows are under Account Settings, there’s a window with six tabs. One of which is labelled Outgoing Server and the other one is called Advanced:
Make sure Outlook is set to use TLS for both incoming and outgoing connections. The Root Folder Path needs to be set to INBOX (in all capitals).
I ran into an interesting problem today: on a CentOS 6 server a colleague of mine wanted to reset her WordPress password via the handy link provided in the login dialogue. But rather than sending an email, WordPress got back to her with the following error message:
The e-mail could not be sent.
Possible reason: your host may have disabled the mail() function.
Intrigued I had a look at the server. To my surprise sendmail was installed, and emails could be sent from the command line as well as from PHP scripts. But not from WordPress. What was going on?
Examining the logs I came across the following error message:
A website is hosted on Server 1. Let’s call it domain.com. The email services for domain.com are hosted on another server, let’s say with Google (via MX records set at the domain level).
Email sent from other servers gets through fine, but when you send email from a domain also hosted on Server 1 to email@example.com, Plesk returns an error message – such as “there’s no such mailbox”. Or mail is delivered, but it never reaches firstname.lastname@example.org.
What’s going on? And how do we fix this?
The solution is simple: switch off the mail service in Plesk for this domain.
What’s happening here is that two servers are volunteering to control mail requests, but only one server can be in charge. Otherwise mail requests will be processed in places they are not supposed to, and mail does not reach the correct destination.
Here’s why: when we send mail from Server 1 to email@example.com, Plesk doesn’t look for external DNS records. It can see that mail is supposed to be hosted right here on Server 1 and tries its best to deliver it. That’s when the error is produced.
It may get confusing if a mailbox with the same name exists on both servers, email is delivered but will likely never reach client’s inbox.
Other servers look at the external MX records and bypass Server 1 completely, therefore mail is delivered as it’s supposed to be.
How can we fix it, Cap’m?
To force Plesk to check external MX records too, head over to the subscription’s control panel and
select the Mail tab
tick the checkbox next to the domain in question
click Activate/Deactivate Services
and in the overlay window, select Disable
(and finally click OK to close the overlay window)
Now Plesk will no longer use its own MX records for mail requests and it will deliver mail as you would expect.
I’ve just installed the Dovecot Mail Service on one of my Plesk 12 servers. It’s an alternative to the old favourite Courier IMAP/POP and a new addition in Plesk 12.
Dovecot does more or less the same as Courier (i.e. lets you receive mail), but it’s a bit more configurable and debug friendly. It also offers server-side mail filtering which is accessible via the Plesk Webmail services Roundcube and Horde.
In this article I’ll show you how to install Dovecot in Plesk 12, and how to add your own SSL certificates for mail. In my previous article I’ve explained how to do this with the standard Courier Mail service.
Installing Dovecot in Plesk 12
Head over to
Tools and Settings (or the Server Tab)
under the Plesk heading
Updates and Upgrades
Select Add or Remove Components and under Mail Hosting Features, find the option for Different IMAP/POP3 server:
You can only install either Courier or Dovecot. Switching will automatically uninstall the component you currently have and instead install the other one.
Note that switching Courier for Dovecot will preserve all mailboxes and will not affect your outgoing mail services. Give Plesk a moment until your see the “installation has finished” message.
You’re now running Dovecot!
Patching Dovecot SSL Certificates
As with Courier, Dovecot will use self-signed certificates for secure connections. This means that a nasty window is likely to pop up when clients connect. You can suppress this window by specifying your own SSL Certificates.
The default configuration file for Dovecot is in /etc/dovecot/dovecot.conf. However the file states that any changes you make here are wiped when an upgrade comes along. Instead, take a look at the /etc/dovecot/conf.d/ directory in which you’ll find three files by default:
You can add your own configuration snippets here, each beginning with a number and ending with .conf. The lower the number, the earlier your snippet is loaded. The higher the number, the later it is loaded. You get the picture.
Let’s create /etc/dovecot/conf.d/5-ssl.conf for our purposes. Because I had already configured my certificates for Courier they are still in /usr/share/imapd.pem – but feel free to place your .pem files anywhere you like. Here’s what my file looks like:
# SSL Certificates for Dovecot are defined here
# Path to your Certificate, preferred permissions: root:root 0444
# Path to your Private Key, preferred permissions: root:root 0400
Dovecot lets you have separate files for the certificate and the private key, something that’s not possible in Courier as far as I know. Dovecot is also happy to keep those in the same file though as in my example, and as in Courier. Easy going I say!
For the changes to take effect we need to restart the Plesk Mail Service like so:
The nature of any automation is that sometimes it just doesn’t work. Apple’s iOS is no exception.
When you add a new email account on your iOS device, several mail providers’ settings can be auto detected. It’s there to make our lives easier so that we don’t have to add details for mail servers and ports manually. Yahoo Mail and Gmail.com are detected perfectly, but other services – for example GMX – are not.
This is no problem if iOS simply says that you need to add details manually (as with Plesk mail), but it is an issue if iOS has detected the correct POP settings and you’d much rather use IMAP. iOS offers no way to change these settings when auto detection was successful.
There’s a trick which will let you specify your own settings by bodging your password. Do the following:
under Settings – Mail, Contacts, Calendars – add a new account
choose other, then select Add Mail Account
This will show you a dialogue similar to the one in the screenshot above. Fill out your details but deliberately choose the wrong password. A single letter of your choice will do.
Hit Next and the auto-detection goes to work, telling you the password was wrong.
Now configure the settings to your liking, including a choice of POP and IMAP, incoming and outgoing mail servers, encryption options and ports.
I found this out by helping my friend Oliver leave POP behind for good on his new iPhone 6. In case you need the GMX IMAP details, they can be found here:
In this episode I’m explaining how to setup your iOS Device for use with Email Accounts created in Plesk 12. I’m also explaining how to map IMAP folders from your email account to the relevant folders on your iOS Device.
For this demo I’m using an iPad 3 running iOS 8, but the process is the same on your iPhone and iPod Touch and older versions of iOS.
It’s a rather complex setup (as dealing with email accounts usually is) and has caused me and my customers major headaches in the past. I hope this video can alleviate such pains. If setup properly, Plesk Mail is a pleasure to deal with and works very reliably.
Sadly iOS Mail does not discover the settings it needs to work with your Plesk Mail automatically, but with a bit of help and guidance it’s easy to get it working. Let me show you how.
In this episode I’m explaining how to setup Mac Mail for use with Email Accounts created in Plesk 12. I’m also explaining how to map IMAP folders from your email account to the relevant folders on your Mac.
It’s a rather complex setup (as dealing with email accounts usually is) and has caused me and my customers major headaches in the past, I hope this video can alleviate such pains. If setup properly, Plesk Mail is a pleasure to deal with and works very reliably.
Sadly however Mac Mail cannot discover the settings it needs to work with your Plesk Mail automatically, but with a bit of help and guidance it’s easy to get it working. Let me show you how.
I’ve created a similar screencast to show you how this works in iOS: