Failed to start Dovecot after add ssl certificate

Discussion in 'Installation/Configuration' started by Frédéric URBANIAK, May 9, 2022.

Page 2 of 2
  1. till

    till Super Moderator Staff Member ISPConfig Developer

    The solution is to set up your system correctly again:

    1) undo the changes you made to have a correct central ssl cert again for your mail server.
    2) Ensure that the hostname of your system is a subdomain of one of your domains like server1.yourdomain.tld or mail.yourdomain.tld, if it's a mail server only and this name must point with a DNS A-record to your server.
    3) Ensure that the reverse record of your IP is set correctly and points to the hostname of the server.
    Add SPF and DKIM for your mail domains

    and if the IP of your server or subnet has a bad reputation, then it will take some time until the other mail systems learn that this is a valid mail server now. That#s normal and can not be sped up.
     
    till, May 9, 2022
    #21
    ahrasis and Frédéric URBANIAK like this.
  2. Frédéric URBANIAK

    Frédéric URBANIAK Member

    i think my server have a bad configuration, my hostname is not a subdomain but the reverse name soyoustart ip server
    i have installed this server few year ago but i'm not sure to make good choice :(
    i want to install a new server ispconfig and migrate data but i don't want to repeat the same mistakes
    can I easily transfer the data to the new server without moving the configuration? I simply want to copy my sites, databases and content of my mailboxes.
     
    Frédéric URBANIAK, May 9, 2022
    #22
  3. till

    till Super Moderator Staff Member ISPConfig Developer

    You can change the hostname of a server at any time, there is no need to migrate your installation to a new server for that.
     
    till, May 9, 2022
    #23
  4. Frédéric URBANIAK

    Frédéric URBANIAK Member

    There is response of microsoft outlook
    We have completed reviewing the IP(s) you submitted. The following table contains the results of our investigation.
    Not qualified for mitigation
    54.37.xxx.xxx
    Our investigation has determined that the above IP(s) do not qualify for mitigation.
    Please ensure your emails comply with the Outlook.com policies, practices and guidelines found here: http://mail.live.com/mail/policies.aspx.
    To have Deliverability Support investigate further, please reply to this email with a detailed description of the problem you are having, including specific error messages, and an agent will contact you.
    Regardless of the deliverability status, Outlook.com recommends that all senders join two free programs that provide visibility into the Outlook.com traffic on your sending IP(s), the sending IP reputation with Outlook.com and the Outlook.com user complaint rates.

    you think that my hostname who is the problem?

    my server is too my dns server, if i want change name of hostname, i must:
    - change my hostname on my server
    - modify reverse dns on my back office server (soyoustart)
    - modify all zone DNS with the new hostname

    is there anything else to change?
     
    Frédéric URBANIAK, May 10, 2022
    #24
  5. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Why would it be a problem? What is the hostname? What is the reverse hostname? They should be equal and you should use that as the system mailname.
    My signature has link to e-mail server setup, maybe that provides information?
     
    Taleman, May 10, 2022
    #25
    Frédéric URBANIAK likes this.
  6. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    Just reply again with a detailed description as they say, and they will remove the listing I think the next time you reply. Microsoft has a standard set of responses they send out without considering the specifics of the case whatsoever; they are very frustrating to deal with if you expect you are carrying out an interaction with a person who actually reads the messages you send, but you will have a real person review your response and take action after about the third email, so keep your expectations at that and be patient.

    Unfortunately there really is no other recourse, even changing IP addresses would likely have you in the same situation, and they are too big to ignore; they impose external costs on every other mail system/admin to operate with them in the implementation of their spam filtering, which is unjust and for which they are unapologetic, and currently I've seen or heard no indication that they are working to improve that. Just be patient and play their game...
     
    Last edited: May 10, 2022
    Jesse Norell, May 10, 2022
    #26
    Frédéric URBANIAK likes this.
  7. Frédéric URBANIAK

    Frédéric URBANIAK Member

    When i have created this ispconfig server i used the reverse name default of my dedicated server (soyoustart)
    my config is :
    hostname = reverse hostname = ip107.ip-54-37-126.eu
    for my mails i have used this tutorial https://www.howtoforge.com/communit...d-lets-encrypt-ssl-certificate-certbot.86372/
    my MX server is now mail.pixelatwork.fr for all domains on my server
     
    Frédéric URBANIAK, May 10, 2022
    #27
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    And if this is a new server and you just got this IP, then it's good to mention to Microsoft that you just got this IP newly assigned by your ISP so that MS admins know that you are not responsible for potential issues with spam-sending that this IP might had in the past.

    This is a very bad hostname indeed as it is basically a domain abbreviation of the IP similar to names used by dial-up/cable/mobile ISP's and you should change it. The hostname should be a subdomain of a domain you own. e.g. server1.yourdomain.tld or srv.yourdomain.tld if you want to keep it generic. if the system hosts just one service like mail or DNS or web services, then you can use mail.yourdomain.tld etc. But if it hosts multiple services, then I would use the generic name approach. But the subdomain part does not really matter, some admins use comic figure names like idefix.somedomain.tld or something else.
     
    till, May 10, 2022
    #28
    Frédéric URBANIAK likes this.
  9. Frédéric URBANIAK

    Frédéric URBANIAK Member

    thank you for your replys

    Now if i want to name it to server.pixelat.work how do it?
    on dashboard ispconfig go to system -> server -> change the hostname
    on dashboard soyoustart -> change reverse
    on dashboard ispconfig change name DNS server on areas DNS of my domains
    must i have to add subdomain to my domain pixelatwork.fr like server.pixelatwork.fr ?
    to have ssl connection on https://server.pixelatwork.fr:8080 i must do something ?
    sorry for all these noob questions :(
     
    Frédéric URBANIAK, May 11, 2022
    #29
  10. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Taleman, May 12, 2022
    #30
  11. michelangelo

    michelangelo Active Member

    The only way to change the pointer of your server IP is to change it via the control panel of your data center, not ISPConfig.
    In your case your hoster is OVH. You need to change the pointer aka reverse record via their custumer/control panel.

    For the forward zone records, you'll have to change them via your providers DNS management, or if you've set it up accordingly via ISPConfig.
     
    michelangelo, May 12, 2022
    #31
Page 2 of 2

Share This Page