Get Social

Where plesk 17 (onyx) store dkim public key?

How to find postfix public domainkey in plesk server for dkim dns settings?

After plesk dkim activation any services (like opendkim) not required.
The keys store in «/etc/domainkeys/», but public dkim keys do not store.

We can easily generate them:

# openssl rsa -in /etc/domainkeys/somedomain.tld/default -pubout -out /etc/domainkeys/somedomain.tld/public
# writing RSA key

After that you will see:

# cat /etc/domainkeys/somedomain.tld/public
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNP/0esApEWVmQEtjbT8WGJSyPhKpNvxuxHDSf/TChc1ssgO+DWtXOdFyd/jM1L+vtBUOXLewmrWJ+shnAiZOibyR2LtCvmBZ44K08UvC6Xqnz8Jh9BLv9K0KZ/3tX7UU0DMHQ/zWb1Ya6cWHfkfJc4H+DkqAGQhQPZMk3nrwXVwIDAQAB
-----END PUBLIC KEY-----

And than you can set up it in you dns hosting provider, like:
name: default._domainkey
type: TXT
value: "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNP/0esApEWVmQEtjbT8WGJSyPhKpNvxuxHDSf/TChc1ssgO+DWtXOdFyd/jM1L+vtBUOXLewmrWJ+shnAiZOibyR2LtCvmBZ44K08UvC6Xqnz8Jh9BLv9K0KZ/3tX7UU0DMHQ/zWb1Ya6cWHfkfJc4H+DkqAGQhQPZMk3nrwXVwIDAQAB"

For dkim testing you can use this service.

How to change the address of the Vesta CP web interface to a subdomain

It is not always convenient for mail to be located at /webmail. But this configuration is in Vesta CP by default. While the developers of the panel have not done the same thing that we are going to do, this will have to be repeated with each new server installation.

So, let’s start:

1. Create a web domain in Vesta CP: mail.your-domain.com (it can be immediately configured on https using the new, built-in ability to generate ssl certificates – letsencrypt).

2. Delete the links to the roundcube and / or roundcube.inc in /etc/apache2 (in the sub-folders conf.d, sites-available, sites-enabled) and /etc/nginx (in the subfolder conf.d).

3. Edit Nginx configuration file (for simplicity, we use /home/admin – the standard user folder in vesta):

/home/admin/conf/web/nginx.conf
/home/admin/conf/web/snginx.conf

replace
root /home/admin/web/your-domain/public_html;
to
root /var/lib/roundcube;

4. Edit Apache configuration file:

/home/admin/conf/web/apache.conf
/home/admin/conf/web/sapache.conf

replace
DocumentRoot /home/admin/web/mail.nebulonis.com/public_html
to
DocumentRoot /var/lib/roundcube/

and add:

# Access to tinymce files
<Directory "/usr/share/tinymce/www/">
    Options Indexes MultiViews FollowSymLinks
    AllowOverride None
    Order allow,deny
    allow from all
</Directory>

<Directory /var/lib/roundcube/>
    Options +FollowSymLinks
    # This is needed to parse /var/lib/roundcube/.htaccess. See its
    # content before setting AllowOverride to None.
    AllowOverride All
    order allow,deny
    allow from all
</Directory>

# Protecting basic directories:
<Directory /var/lib/roundcube/config>
    Options -FollowSymLinks
    AllowOverride None
</Directory>

<Directory /var/lib/roundcube/temp>
    Options -FollowSymLinks
    AllowOverride None
    Order allow,deny
    Deny from all
</Directory>

<Directory /var/lib/roundcube/logs>
    Options -FollowSymLinks
    AllowOverride None
    Order allow,deny
    Deny from all
</Directory>

5. Let’s check the syntax:
apachectl configtest
nginx -t

6. Restart:
apachectl graceful
service nginx restart

7. And, finally, in the panel settings (https://your-ip-or-address:8083/edit/server/) SERVER -> CONFIGURE In the tab MAIL -> Webmail URL change to new (https://mail.your-domain.com)

SMTP PTR error ipv6 authentication error (Vesta CP with Exim)

I tried to send an email to gmail on my Debian server (with the Vesta panel installed). I received this error:

 SMTP error from remote mail server after end of data:
 host gmail-smtp-in.l.google.com [2a00:1450:400c:c01::1b]:
 550-5.7.1 [2001:41d0:8:e974::1] Our system has detected that this message does
 550-5.7.1 not meet IPv6 sending guidelines regarding PTR records and
 550-5.7.1 authentication. Please review
 550-5.7.1 https://support.google.com/mail/?p=ipv6_authentication_error for more

Thus, I need to add a PTR record for my ipv6 address. However, not all providers provide such an opportunity. The easiest way to solve this issue is by disabling ipv6 in the mail system.

First, I checked:

netstat -tulpn | grep :25
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      17919/exim4     
tcp        0      0 0.0.0.0:2525            0.0.0.0:*               LISTEN      17919/exim4     
tcp6       0      0 :::25                   :::*                    LISTEN      17919/exim4     
tcp6       0      0 :::2525                 :::*                    LISTEN      17919/exim4

Then I opened Exim configuration file:

nano /etc/exim4/exim4.conf.template

I put a ban on ipv6 (disable_ipv6 = true) before the begin acl section as shown below:

######################################################################
#                       ACL CONFIGURATION                            #
#         Specifies access control lists for incoming SMTP mail      #
######################################################################

# disable ipv6
disable_ipv6=true

begin acl

Then I saved the changes and restarted Exim:

/etc/init.d/exim4 restart

Checked:

netstat -tulpn | grep :25
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      18286/exim4     
tcp        0      0 0.0.0.0:2525            0.0.0.0:*               LISTEN      18286/exim4

all is ready!

Pages:12