Announcement

Collapse
No announcement yet.

Changing Hostname

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Bertie
    started a topic Changing Hostname

    Changing Hostname

    Hi all,

    Changed the hostname on an Interworx installation via the traditional Centos 7 command and also made sure /etc/hosts is updated. I've also updated:

    /usr/local/interworx/iworx.ini
    Plus any mentions of it in the Mail Server in the contrtol panel (MTA/MDA) etc.

    Is there anywhere else you can think of it may need changing?

    Cheers,

  • IWorx-Jenna
    replied
    Bertie I talked to the devs and it seems that we currently use a different method to send the password reset emails than messages that are sent directly from the server, which is why it is listed as unencrypted but messages sent from, say, the mail queue page are. I'm submitting a ticket to investigate a different method that would allow the message to be shown as encrypted. Thanks for letting us know!

    Leave a comment:


  • IWorx-Jenna
    replied
    Bertie Oh that's super helpful, thanks! :D I see what you are referring to now. I'm going to talk to the devs about it, but because I know they'll ask, since it was mentioned when I brought it up yesterday--are you using self signed or paid SSL certificates on your InterWorx services (under Server > SSL Certificates in NodeWorx)?

    Leave a comment:


  • Bertie
    replied
    Originally posted by IWorx-Jenna View Post
    Hi Bertie

    I'm having a hard time visualizing or reproducing your issue with the password reset emails. Could you provide a screenshot of where you are seeing the red lock symbol in gmail on the password reset link email? Also, exact instructions on how to reproduce would be really helpful.

    Thanks,
    -Jenna
    Hi Jenna,

    See attached photo - I've blurred some stuff out to keep things private but I can always drop an email to you if needed.

    Leave a comment:


  • IWorx-Jenna
    replied
    Hi Bertie

    I'm having a hard time visualizing or reproducing your issue with the password reset emails. Could you provide a screenshot of where you are seeing the red lock symbol in gmail on the password reset link email? Also, exact instructions on how to reproduce would be really helpful.

    Thanks,
    -Jenna

    Leave a comment:


  • d2d4j
    replied
    Hi Bertie

    Sorry you could be correct

    There is a setting in nodeworx server settings - at the very bottom which is meant I believe to rename localhost to your server FQDN

    This does not appear to work or change when looking at headers

    The email sent does only appear in smtp log but this does not mean it is not encrypted

    I will forward to thread to IW

    Many thanks

    John

    Leave a comment:


  • d2d4j
    replied
    Hi Bertie

    Many thanks and sorry for not fully understanding

    I would be surprised if gmail showed a warning if email was encrypted when sent server to server but I do not use gmail sorry

    That then sounds likely you have not set SSL on nodeworx server SSL or perhaps you have and itís expired or perhaps your ciphers are not tight enough.

    I will test though a password reset email to review its headers

    Many thanks

    John

    Leave a comment:


  • Bertie
    replied
    Originally posted by d2d4j View Post
    Hi Bertie

    Sorry I am not explaining very well

    The generated messages are unencrypted because they are local to the mail server - so do not go outside of localhost

    It is the receiving email client that uses encryption or not to the mail server

    If the cert is not accepted, it usually uses unencrypted for connection

    If server set correctly and email client uses correct server url (mx) for encryption without warning, would use encryption

    Again if Iím wrong sorry as I am not understanding sorry

    Many thanks

    John

    Hi John,

    I donít think itís anything to do with the clients email program. For example the password reset test email was sent to a gmail address. Which had a red padlock saying the email wasnít encrypted with SSL/TLS. So itís the way interworx sends these emails out. If you did it for cPanel or maybe another control panel. The emails would get sent via SSL/TLS.

    Its probably a setting somewhere or something Interworx hasnít implemented yet.

    Also if the client doesnít have emails on the server or has their account set to an email address that isnít hosted on the Interworx server then the emails would be sent from the server to the World Wide Web and then delivered to the persons inbox.

    Leave a comment:


  • d2d4j
    replied
    Hi Bertie

    Sorry I am not explaining very well

    The generated messages are unencrypted because they are local to the mail server - so do not go outside of localhost

    It is the receiving email client that uses encryption or not to the mail server

    If the cert is not accepted, it usually uses unencrypted for connection

    If server set correctly and email client uses correct server url (mx) for encryption without warning, would use encryption

    Again if Iím wrong sorry as I am not understanding sorry

    Many thanks

    John

    Leave a comment:


  • Bertie
    replied
    Originally posted by d2d4j View Post
    Hi Bertie

    Many thanks

    The internal emails go through localhosts and therefore not require ssl connection as there local

    I think you refer to your email client for email collection - pop or imap

    You need to use your mail server FQDN MX record to attain a full SSL communication without warning. If using your domain MX, you have to accept the warning for SSL to be set

    I believe IW Jenna quoted IW are in process of changing from qmail to exim or postfix so this may change to allow SNI for mail server SSL

    If I have misunderstood please let me know

    Many thanks

    John
    I believe Interworx doesn't actually support this yet but maybe I am wrong. Basically if a user asks for a reset password, the server will send an email out from the server itself I believe (or maybe there is a place to tell it what email address to use) but this email isn't sent encrypted via SSL at the moment in time.

    Leave a comment:


  • d2d4j
    replied
    Hi Bertie

    Many thanks

    The internal emails go through localhosts and therefore not require ssl connection as there local

    I think you refer to your email client for email collection - pop or imap

    You need to use your mail server FQDN MX record to attain a full SSL communication without warning. If using your domain MX, you have to accept the warning for SSL to be set

    I believe IW Jenna quoted IW are in process of changing from qmail to exim or postfix so this may change to allow SNI for mail server SSL

    If I have misunderstood please let me know

    Many thanks

    John

    Leave a comment:


  • Bertie
    replied
    Originally posted by d2d4j View Post
    Hi Bertie

    You need to complete the entries from nodeworx, system services, mail server, MTA settings

    And complete the MTA server options FQDN and default domain

    MTA bounce message options

    Ideally these should match your FQDN server name inc MX

    So if say your server host FQDN was mydomain.url with MX of mail.mydomain.url

    You would set FQDN as mail.mydomain.url and default domain mydomain.url

    Etc... for bounce

    Restart mail server and it should then use correct details

    Also make sure a siteworx account for mydomain.url so full dns records exist and you have your PTR set correctly for mail server FQDN

    Many thanks

    John
    I shall give that ago. Also do you know if it's possible to send system emails out via SSL? For example password reset emails etc. At the moment they don't seem to be.

    Leave a comment:


  • d2d4j
    replied
    Hi Bertie

    You need to complete the entries from nodeworx, system services, mail server, MTA settings

    And complete the MTA server options FQDN and default domain

    MTA bounce message options

    Ideally these should match your FQDN server name inc MX

    So if say your server host FQDN was mydomain.url with MX of mail.mydomain.url

    You would set FQDN as mail.mydomain.url and default domain mydomain.url

    Etc... for bounce

    Restart mail server and it should then use correct details

    Also make sure a siteworx account for mydomain.url so full dns records exist and you have your PTR set correctly for mail server FQDN

    Many thanks

    John

    Leave a comment:


  • Bertie
    replied
    Thanks guys - Does anyone know how to fix the following on a mail-tester.com? This is for emails that are sent by Interworx like forgotten passwords etc.

    We didn't find a server (A Record) behind your hostname localhost.

    We check if there is a server (A Record) behind your hostname localhost.

    You may want to publish a DNS record (A type) for the hostname localhost or use a different hostname in your mail software.

    Leave a comment:


  • sysnop
    replied
    After running

    # hostnamectl set-hostname new.host.name

    check these files:

    /etc/hosts
    /etc/sysconfig/network
    /home/interworx/iworx.ini
    /var/qmail/control/locals
    /var/qmail/control/me
    /var/qmail/control/rcpthosts
    /var/qmail/control/plusdomain
    /var/qmail/control/smtpgreeting

    Restart the network and iworx services or reboot.

    You probably need a PTR record with the replacement host name for reverse DNS lookups. Depending on your hosting situation, rDNS may need to be set at the datacenter level. If it's a VPS your VM control panel may let you do it.

    Leave a comment:

Working...
X