Announcement

Collapse
No announcement yet.

Changing Hostname

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Changing Hostname

    Hi all,

    Changed the hostname on an Interworx installation via the traditional Centos 7 command and also made sure /etc/hosts is updated. I've also updated:

    /usr/local/interworx/iworx.ini
    Plus any mentions of it in the Mail Server in the contrtol panel (MTA/MDA) etc.

    Is there anywhere else you can think of it may need changing?

    Cheers,

  • #2
    Hi Bertie

    I think youíve covered all but it has been many years since I had to do this

    I would create a siteworx for the new hostnane and then SSL using LE, then set this SSL in nodeworx SSL

    Many thanks

    John

    Comment


    • #3
      After running

      # hostnamectl set-hostname new.host.name

      check these files:

      /etc/hosts
      /etc/sysconfig/network
      /home/interworx/iworx.ini
      /var/qmail/control/locals
      /var/qmail/control/me
      /var/qmail/control/rcpthosts
      /var/qmail/control/plusdomain
      /var/qmail/control/smtpgreeting

      Restart the network and iworx services or reboot.

      You probably need a PTR record with the replacement host name for reverse DNS lookups. Depending on your hosting situation, rDNS may need to be set at the datacenter level. If it's a VPS your VM control panel may let you do it.

      Comment


      • #4
        Thanks guys - Does anyone know how to fix the following on a mail-tester.com? This is for emails that are sent by Interworx like forgotten passwords etc.

        We didn't find a server (A Record) behind your hostname localhost.

        We check if there is a server (A Record) behind your hostname localhost.

        You may want to publish a DNS record (A type) for the hostname localhost or use a different hostname in your mail software.

        Comment


        • #5
          Hi Bertie

          You need to complete the entries from nodeworx, system services, mail server, MTA settings

          And complete the MTA server options FQDN and default domain

          MTA bounce message options

          Ideally these should match your FQDN server name inc MX

          So if say your server host FQDN was mydomain.url with MX of mail.mydomain.url

          You would set FQDN as mail.mydomain.url and default domain mydomain.url

          Etc... for bounce

          Restart mail server and it should then use correct details

          Also make sure a siteworx account for mydomain.url so full dns records exist and you have your PTR set correctly for mail server FQDN

          Many thanks

          John

          Comment


          • #6
            Originally posted by d2d4j View Post
            Hi Bertie

            You need to complete the entries from nodeworx, system services, mail server, MTA settings

            And complete the MTA server options FQDN and default domain

            MTA bounce message options

            Ideally these should match your FQDN server name inc MX

            So if say your server host FQDN was mydomain.url with MX of mail.mydomain.url

            You would set FQDN as mail.mydomain.url and default domain mydomain.url

            Etc... for bounce

            Restart mail server and it should then use correct details

            Also make sure a siteworx account for mydomain.url so full dns records exist and you have your PTR set correctly for mail server FQDN

            Many thanks

            John
            I shall give that ago. Also do you know if it's possible to send system emails out via SSL? For example password reset emails etc. At the moment they don't seem to be.

            Comment


            • #7
              Hi Bertie

              Many thanks

              The internal emails go through localhosts and therefore not require ssl connection as there local

              I think you refer to your email client for email collection - pop or imap

              You need to use your mail server FQDN MX record to attain a full SSL communication without warning. If using your domain MX, you have to accept the warning for SSL to be set

              I believe IW Jenna quoted IW are in process of changing from qmail to exim or postfix so this may change to allow SNI for mail server SSL

              If I have misunderstood please let me know

              Many thanks

              John

              Comment


              • #8
                Originally posted by d2d4j View Post
                Hi Bertie

                Many thanks

                The internal emails go through localhosts and therefore not require ssl connection as there local

                I think you refer to your email client for email collection - pop or imap

                You need to use your mail server FQDN MX record to attain a full SSL communication without warning. If using your domain MX, you have to accept the warning for SSL to be set

                I believe IW Jenna quoted IW are in process of changing from qmail to exim or postfix so this may change to allow SNI for mail server SSL

                If I have misunderstood please let me know

                Many thanks

                John
                I believe Interworx doesn't actually support this yet but maybe I am wrong. Basically if a user asks for a reset password, the server will send an email out from the server itself I believe (or maybe there is a place to tell it what email address to use) but this email isn't sent encrypted via SSL at the moment in time.

                Comment


                • #9
                  Hi Bertie

                  Sorry I am not explaining very well

                  The generated messages are unencrypted because they are local to the mail server - so do not go outside of localhost

                  It is the receiving email client that uses encryption or not to the mail server

                  If the cert is not accepted, it usually uses unencrypted for connection

                  If server set correctly and email client uses correct server url (mx) for encryption without warning, would use encryption

                  Again if Iím wrong sorry as I am not understanding sorry

                  Many thanks

                  John

                  Comment


                  • #10
                    Originally posted by d2d4j View Post
                    Hi Bertie

                    Sorry I am not explaining very well

                    The generated messages are unencrypted because they are local to the mail server - so do not go outside of localhost

                    It is the receiving email client that uses encryption or not to the mail server

                    If the cert is not accepted, it usually uses unencrypted for connection

                    If server set correctly and email client uses correct server url (mx) for encryption without warning, would use encryption

                    Again if Iím wrong sorry as I am not understanding sorry

                    Many thanks

                    John

                    Hi John,

                    I donít think itís anything to do with the clients email program. For example the password reset test email was sent to a gmail address. Which had a red padlock saying the email wasnít encrypted with SSL/TLS. So itís the way interworx sends these emails out. If you did it for cPanel or maybe another control panel. The emails would get sent via SSL/TLS.

                    Its probably a setting somewhere or something Interworx hasnít implemented yet.

                    Also if the client doesnít have emails on the server or has their account set to an email address that isnít hosted on the Interworx server then the emails would be sent from the server to the World Wide Web and then delivered to the persons inbox.

                    Comment


                    • #11
                      Hi Bertie

                      Many thanks and sorry for not fully understanding

                      I would be surprised if gmail showed a warning if email was encrypted when sent server to server but I do not use gmail sorry

                      That then sounds likely you have not set SSL on nodeworx server SSL or perhaps you have and itís expired or perhaps your ciphers are not tight enough.

                      I will test though a password reset email to review its headers

                      Many thanks

                      John

                      Comment


                      • #12
                        Hi Bertie

                        Sorry you could be correct

                        There is a setting in nodeworx server settings - at the very bottom which is meant I believe to rename localhost to your server FQDN

                        This does not appear to work or change when looking at headers

                        The email sent does only appear in smtp log but this does not mean it is not encrypted

                        I will forward to thread to IW

                        Many thanks

                        John

                        Comment


                        • #13
                          Hi Bertie

                          I'm having a hard time visualizing or reproducing your issue with the password reset emails. Could you provide a screenshot of where you are seeing the red lock symbol in gmail on the password reset link email? Also, exact instructions on how to reproduce would be really helpful.

                          Thanks,
                          -Jenna

                          Comment


                          • #14
                            Originally posted by IWorx-Jenna View Post
                            Hi Bertie

                            I'm having a hard time visualizing or reproducing your issue with the password reset emails. Could you provide a screenshot of where you are seeing the red lock symbol in gmail on the password reset link email? Also, exact instructions on how to reproduce would be really helpful.

                            Thanks,
                            -Jenna
                            Hi Jenna,

                            See attached photo - I've blurred some stuff out to keep things private but I can always drop an email to you if needed.

                            Comment


                            • #15
                              Bertie Oh that's super helpful, thanks! :D I see what you are referring to now. I'm going to talk to the devs about it, but because I know they'll ask, since it was mentioned when I brought it up yesterday--are you using self signed or paid SSL certificates on your InterWorx services (under Server > SSL Certificates in NodeWorx)?

                              Comment

                              Working...
                              X