Hi, I installed Rspamd to replace Amavis through the howto : https://www.howtoforge.com/replacing-amavisd-with-rspamd-in-ispconfig/ However I got 2 questions. 1. When I go to the web interfece for rspamd, in the history part, I have errors that says : Code: "cannot resolve maps.rspamd.com: query timed out" They run constantly every second or two. When I changed to rpamd, I checked and I do have Bind installed, so I did NOT install Unbound. I can : Code: ping maps.rspamd.com ---- Works fine dig maps.rspamd.com ---- Works fine However : Code: dig @127.0.0.1 maps.rspamd.com ---- Does not work, times out. dig @127.0.0.1 -p 10053 maps.rspamd.com ---- Does not work, times out. This is what it says when it times out: Code: ; (1 server found) ;; global options: +cmd ;; connection timed out; no servers could be reached Any suggestions? I noticed one other comment on this in the tutorial as having the same problem, but there were no replies to him. Also my second question, should be easy one lol 2. So at the end of the tutorial for Rspamd, I did the setup for Nginx and being able to access it "Outside" through a domain like rspamd.mydomain.com. However why exactly do we do this? I mean I can access it from "Outside" through : Code: https://server1.mydomain.com:8081/rspamd/ and it works fine. So why the extra step? BTW, everything seems to be running fine, including DKIM signing. Only not sure how to resolve the errors. Thanks so much for your help.
Well that's interesting. ISPconfig says the "DNS-Server" is running, so I assumed it was working fine, but I just checked with "service bind9 status" and it was "inactive". So I did a "service bind9 start" and now I haven't got the error for the last few minutes, so I assume it's ok. Although one of the digs I'm doing on the specific port still isn't working, so maybe I have that wrong, or the wrong port. Code: dig @127.0.0.1 maps.rspamd.com ---- Now this works dig @127.0.0.1 -p 10053 maps.rspamd.com ---- Still does NOT work Either way, I'm satisfied as long as no more errors. Thanks for the tip Jesse. By the way, any idea why we do the extra Nginx setup to access from "Outside" when connecting through port 8081 works? Thanks
Other that cosmetic (easier to remember?), there's probably not much difference. It's conceivable that some networks would restrict port 8081 connections whereas the other name on port 443 would work, but that would not be common.
Yes I agree it's definitely easier to access/remember without the port. Would this work for stuff like Roundcube webmail also? Cuz that's something users would use more, and remembering the 8081 is not easy.
Definitely. I set up ours (apache, not nginx) so that /webmail/ on any customer site as well as the 'webmail' subdomain for every site will run roundcube. I think (not 100% positive) if it's already using https it just runs roundcube directly (so https://webmail.clientdomain.com/ or https://clientdomain.com/webmail/ stays in the url), but if it's http it redirects to the webserver's hostname (https://web-1.mydomain.com/roundcube/). I didn't want to redirect customers from http to https on their own domain name because they may not have a certificate setup.
I'd love to set it up like that also, but unfortunately I think Nginx is not as flexible because it does not have global aliases, so I'd have to do that setup seperatly for each domain.
With nginx you just need to make your changed to a custom vhost template and save on the conf-custom directory. Search the forums for examples and more info.
hm, I think this post describes the process : https://www.howtoforge.com/community/threads/global-nginx-directives.71023/#post-334118 Looks like it's the "nginx_apps.vhost.master" file I need to edit then move into the "conf-custom" folder. I'll look a little more into exactly what I need to change/add, as I don't want to mess things up. What about the websites that are already created? Will they get updated if I do a resync? Thanks