Wheaton

From GoBlueMich Wiki
Jump to navigation Jump to search

Storm Backup File Presence Verification

Template:Warning

The first step of this process is to identify the backup server the backup resides on. For this you simply find the backup workflow from the day you want to restore.

The workflows are under the "Provisioning" tab in billing and for older backups you may need to load "Archived Workflows" on that same page.

Inspect the top section, looking for backup_server as pictured in the screenshot below. This is the IP you want to access. Also take note of the backup_volume value as this will indicate the location of the backup on the backup parent itself.


File:Block-wf.png


You will access the backup server IP listed after backup_server with the below command, using your lw username and idm/otp password

ssh $lwuser@10.x.x.x

Once logged in you need to sudo su - to root:

sudo su -

Now you need to determine whether the backup was taken via Block or rsync. This can be done looking at the top of the workflow again, checking for the value of _use_block. If this is 1 proceed to the block section as it indicates block based backup was used. If 0 proceed to the rsync section.



Block

File:Block-wf.png

Once you have identified the backup type is block, navigate to the backup volume location as indicated in the workflow.

The location will be /backup$backup_volume/$uniq_id/

So for the example above:

[root@backup95 ~]# cd /backup3/PQH48Q

Within this location you will find the backup image, using the backup_timestamp in the naming convention.

In the example from above this would look like below:

[root@backup95 /backup3/PQH48Q]# ll

total 299779300
-rw------- 1 root root     72689664 Aug 12 10:55 20160812T050134.img.p1
-rw------- 1 root root 316954058752 Aug 12 12:56 20160812T050134.img.p3

You will likely see p1 and p3. p3 in our setup is going to be the / partition and will likely hold the data you want (/home/). p1 is boot which is generally not needed for user file restoration.

Mount The Backup Image

The next step is to create a mount point and mount the image to verify the file(s) in question are present.

Make the directory using the unique ID:


[root@backup95 /backup3/02JXZA]# mkdir /mnt/PQH48Q

Now mount the image at that location to view the files:

[root@backup95 /backup3/02JXZA]# mount -o loop 20160812T050134.img.p3 /mnt/PQH48Q

Now simply cd into that directory and view the files.

Template:Warning


[root@backup95 /backup3/02JXZA]# cd /mnt/PQH48Q

Unmount Backup Image

Template:Warning

Once you have verified the presence or absence of the file in question, remember to UNMOUNT THE BACKUP IMAGE

[root@backup95 /backup3/02JXZA]# umount /mnt/PQH48Q

That's it. You can exit now.

Rsync

File:Rsync-wf.png

Storm Create Page API

Useful for restoring or creating server using images/backups when server is no longer online

http://ec.qa.dev.-.com/

Disable wp-cron.php and set up crons (cPanel)

Build the file list

find /home*/*/public_html -type f -name wp-config.php > wpcronlist.txt

Edit as necessary

Add the line to disable cron to wp-config.php

for i in `cat /root/wpcronlist.txt` ; do sed -i "/<?php/a define('DISABLE_WP_CRON', true);" $i ; done


Create the cron jobs (Random times x2)

EA3

for i in `cat /root/wpcronlist.txt` ; do USER=`echo $i | cut -d/ -f3` ; LINE=`echo $i | sed 's/wp-config.php/wp-cron.php/g'` ; echo "0 $[ 1 + $[ RANDOM % 12 ]],$[ 13 + $[ RANDOM % 9 ]] * * * /usr/local/bin/php -f $LINE > /dev/null 2>&1" >> /var/spool/cron/$USER  ; done

EA4

for i in `cat /root/wpcronlist.txt` ; do USER=`echo $i | cut -d/ -f3` ; LINE=`echo $i | sed 's/wp-config.php/wp-cron.php/g'`; PHPVER=`uapi --user="$USER" LangPHP php_get_vhost_versions | grep "version: ea-php"| egrep -o "ea-php[5-7][0-9]"`; PHPBIN=`which "$PHPVER"`; echo "0 $[ 1 + $[ RANDOM % 12 ]],$[ 13 + $[ RANDOM % 9 ]] * * * "$PHPBIN" -f $LINE > /dev/null 2>&1" >> /var/spool/cron/$USER  ; done

Done

Need to revert?

Delete line in wp-config.php

for i in `cat /root/wpcronlist.txt` ; do sed -i '/DISABLE_WP_CRON/d' $i ; done

Remove the crons

for i in `cat /root/wpcronlist.txt | cut -d/ -f3` ; do sed -i '/wp-cron.php/d' /var/spool/cron/$i ; done

Enable IMAP Transaction Logging (Dovecot)

http://wiki2.dovecot.org/Plugins/MailLog

Make a copy of the dovecot template file to a local file:

cd /var/cpanel/templates/dovecot2.2/
cp main.default main.local
vim main.local

Find this line:

mail_plugins = $mail_plugins imap_zlib 

Change to:

mail_plugins = $mail_plugins imap_zlib mail_log notify

Add following on next line:

 plugin {
  # Events to log. Also available: flag_change save mailbox_create
   mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
  # Also available: flags vsize from subject
     mail_log_fields = uid box msgid size
     }

Save main.local

Rebuild the dovecot conf:

/usr/local/cpanel/scripts/builddovecotconf

Restart Dovecot:

/scripts/restartsrv_dovecot

You should now see transaction logging in /var/log/maillog like:

Jun 25 16:23:24 whale dovecot: imap(admin@acwheaton.com): expunge: box=INBOX, uid=1420, msgid=<0.1.3F.BFA.1D0AF6BDC274E20.0@e3uspmta161.emarsys.net>, size=47429
Jun 25 16:24:08 whale dovecot: imap(admin@acwheaton.com): expunge: box=INBOX, uid=1418, msgid=<6f21ce9cf3e407688b5addc983ae501d@async.facebook.com>, size=15487

Install yii2 extensions

Install composer.phar. I like to do it just in user home folder.

wget https://getcomposer.org/installer
php installer

alias in bash_profile

echo "alias composer='php /home/$username/composer.phar'" >> .bashrc
. ~/.bashrc

Then cd back into the project root. Run the following to install extension:

composer require kartik-v/yii2-krajee-base "dev-master"

You may run into issues with the github api. The link below describes how to get around by generating token:

http://artarmstrong.com/blog/2014/12/23/how-to-fix-composer-update-failure-due-to-github-authorization/ 

Once you have the token, run the following:

composer config -g github-oauth.github.com 

Then you can proceed with extension installation.

You may also come across errors related to minimum stability. If the extensions aren't available in a stable release you'll need to edit the composer.json file in the project root and change the minimum stability to "dev"

    "minimum-stability": "dev",


Mount Image Backup

cd to backup folder

cd /backup/$UID

create mount point

mkdir /mnt/$UID

mount image

mount -o loop 20130906T042744.img.p3 /mnt/$UID
cd /mnt/$UID

do your things

imapsync

$server1: source $server2: destination

echo "$server1password" > /home/secret1 
echo "$server2password" > /home/secret2
imapsync --host1 $server1 --user1 $server1email --passfile1 /home/secret1 --host2 $server2 --user2 $server2email --passfile2 /home/secret2 --tls1 --ssl2 --noauthmd52 --nosyncacls --useuid --syncinternaldates

Check Success Logins cPanel

grep NEW /usr/local/cpanel/logs/session_log


dig script

#!/bin/bash
 
nsip=`dig ns $1 +short | sed 's/\.$//g'`
mxip=`dig mx $1 +short | awk '{ print $2 }' | sed 's/\.$//g'`
 
echo -e '====A===='
dig $1 +short
echo -e '====MX===='
dig mx $1 +short | sort -n
echo -e '====MX IP====' 
dig $mxip +short
echo -e '====TXT====' 
dig txt $1 +short
echo -e '====NS===='
dig ns $1 +short
echo -e '====NS IP===='
dig $nsip +short

Filter to reject messages bypassing Barracuda

#Mailsecure
if
 $message_headers does not contain "X-Barracuda"
 and $message_headers does not contain "127.0.0.1"
then
 save "/dev/null" 660
endif

Google IP ranges for Barracuda Whitelist

Find their ranges by running:

dig +short txt _netblocks.google.com
64.18.0.0,255.255.240.0,google ip ranges
64.233.160.0,255.255.224.0,google ip ranges
66.102.0.0,255.255.240.0,google ip ranges
66.249.80.0,255.255.240.0,google ip ranges
72.14.192.0,255.255.192.0,google ip ranges
74.125.0.0,255.255.0.0,google ip ranges
108.177.8.0,255.255.248.0,google ip ranges
173.194.0.0,255.255.0.0,google ip ranges
207.126.144.0,255.255.240.0,google ip ranges
209.85.128.0,255.255.128.0,google ip ranges
216.58.192.0,255.255.224.0,google ip ranges
216.239.32.0,255.255.224.0,google ip ranges

Overview

The Barracuda Spam Firewall is a service that filters and blocks spam. This solution is for customers that constantly have spam issues (primarily incoming spam). If cPanel spam filtering is not doing the job then this is the next step.

By default the Barracuda Spam Firewall will only Tag spam messages, however it is rather painless to create a new folder called "spam" and have webmail / email client send all tagged spam to that folder. If the customer is happy with the results and wants to Quarantine or Block spam you can modify the default behavior by logging into the UI and modifying settings as needed.

At this time the UI will not be customer-facing; if the customer needs something changed they will need to contact us to make the changes. This may change over time, but initially we want to manage this for the customer instead of giving them access.

Barracuda Spam Firewall Datasheet https://www.barracuda.com/assets/docs/Datasheets/Barracuda_Spam_Firewall_DS_US.pdf

Packages and Quotas

Price TBD

This section is not final, once we launch this service the specs here will be accurate, for now this is a placeholder.


Basic Tab

Basic: Dashboard

600px

As you can see the dashboard above is much more informative and useful than the default login page. This dashboard displays various email statistics such as:

Total, Daily, and Hourly Incoming / Outgoing:

Blocked, Blocked Virus, Blocked Policy, Blocked Spam Quarantined Allowed, Tagged Encrypted Redirected Sent

Basic: Message Log

The next tab over consists of the Message Log which displays all the email that has gone through the filter. I haven’t changed my MX records yet so the message log is blank. Not much to cover here, if you want to check message logs for whatever reason, this is where you do it.

Basic: Spam Checking

Next up is the Spam Checking tab. This tab has a few settings which control how spam is scored and filtered. The settings below are the default settings. All Spam gets tagged initially, by default nothing is blocked or quarantined. These settings should be fine initially. Once the customer is satisfied / convinced that the filter is working correctly we can modify the filter to be more aggressive or less aggressive.

600px

After changes are made here you can visit the main dashboard tab to the left to see how many emails get blocked or quarantined and adjust settings as needed. You can always view and restore Quarantined emails if there are false positives.

Basic: Virus Checking

The next tab over contains the Virus Checking option. This page has one setting which can be yes or no. Pretty simple stuff. By default virus checking is enabled.

600px

Basic: Quarantine

Moving on down the line we find the Quarantine tab which has a few settings that control how the quarantine operates. The default setting Per-User enables users to have their own accounts with the option to store and manage their (inbound) quarantined email on the Barracuda Spam Firewall.

600px

Alternatively, if the customer does not want per user quarantine they can enter in a Global Quarantine address accepts quarantined emails from all users under the domain. You can also enable or disable user features, if you disable this then individual users will not see a “preferences” tab. This provides resellers with some flexibility on a per user basis.

Basic: IP Configuration

Next up is the IP Configuration tab which can be used to change the:

  • Destination Server IP / Domain and Port
  • Test Email Address
  • Whether or not to use MX records

600px


Customer Sign-up Process and Configuration

  • Step 1) Customer requests the service via Sales or Support
  • Step 2) Sales or Support creates a ticket and gathers some information from the customer, mainly the domain(s) that they want to filter.
  • Step 3) Ticket is handed off to a member of our Escalations Team or if the customer is Enterprise the ticket will go to our Enterprise Team.
  • Step 4) Escalations / Enterprise will perform the tasks listed Below:


Escalations/Enterprise TODO list

  1. Make sure all MX records are set to 300 TTL.
  2. Change the DNS to point to our sourcedns mx servers Listed below.
  3. Make sure to implement all of the cpanel configuration changes below that apply to your customer.

If DNS is hosted with LiquidWeb or on the customer's server, add the Barracuda MX records and remove the original 'domain.com' MX record. The Barracuda servers are clustered, eliminating single point of failure.

0 bmx01.sourcedns.com
0 bmx02.sourcedns.com
Coming soon:
10 bmx03.sourcedns.com
10 bmx04.sourcedns.com

Template:Warning

rsync -avH /var/named/ /var/named.`date +%Y%m%d_%T`/

Template:Warning Lower TTLs so we can fix or reverse changes fast.

Template:Warning

;; ANSWER SECTION:
dig mx domain.com

domain.com.		900	IN	MX	0 bmx01.sourcedns.com.domain.com

If you run dig on a domain that is setup correctly you should see something like this:

dig mx domain.com

;; QUESTION SECTION:
;domain.com.			IN	MX

;; ANSWER SECTION:
domain.com.		900	IN	MX	0 bmx01.sourcedns.com.
domain.com.		900	IN	MX	0 bmx02.sourcedns.com.
domain.com.		900	IN	MX	10 bmx03.sourcedns.com.
domain.com.		900	IN	MX	10 bmx04.sourcedns.com.

Once the new MX records are in place we need to login to the Barracuda Dashboard.

Logging into Barracuda Spam Firewall

Access the Barracuda Spam Filter UI via https://bmx01.sourcedns.com/cgi-mod/index.cgi, see your supervisor for the password.

After you login you will need to navigate to the Domain Manager page for the domain that you are working on. To do this you click on the Domains tab and select Domain Manager you should see the following.

600px

Click on “Manage Domain” next to the domain that you wish to work on the main dashboard then navigate to "IP Configuration" which is located under the "Basic" tab.

600px

  • Destination Server: Can be mail.$domain.com, which worked for me. You may be able to put in an IP here or just enter $domain.com, but mail.domain.com worked for me.
  • Valid Test Email Address: This section shouldn't be needed, but if you have to validate the email address to work for some reason you may want to create a test email address for that domain on the customer's server to make sure Barracuda can send emails to the destination server.
  • Use MX Records: Set this to NO.


Cpanel configuration tweaks

Backup Exim Configuration File (please do this before doing any of the rest)

Exim Configuration Manager >> Backup >> Save On Server

Add bmx01 and bmx02 IPs to Sender verification bypass list

Exim basic >> Sender verification bypass IP addresses
  • bmx01.sourcedns.com 209.59.185.61
  • bmx02.sourcedns.com 67.227.128.115

Fix barracuda smtp test - Should do!

Reduce smtp_banner to a single line.

Exim Advanced editor >> smtp_banner.

Example only

"${primary_hostname} ESMTP Exim ${version_number}  \#${compile_number} ${tod_full} - We do not authorize the use of this system to transport unsolicited, and/or bulk e-mail."

Enable Spambox

Tweak Settings >> Enable Apache SpamAssassin™ Spam Box delivery for messages marked as spam (user configurable)

Unfortunately each account will need the spambox enabled individually for now. Will probably be able to bulk update all accounts eventually.

Send Barracuda marked messages to spambox

Add to section:

Exim Advanced editor >> PRELOCALUSER
localuser_barracudaspam:
driver = accept
headers_remove="x-spam-exim"
domains = ! +user_domains
require_files = "+$home/.spamassassinboxenable"
condition = ${if match{$h_X-Barracuda-Spam-Status:}{\N^Yes\N}{true}{false}}
check_local_user
transport = local_delivery_spam

Add to Section:

Exim Advanced editor >> PREVIRTUALUSER.
virtual_user_barracudaspam:
driver = accept
domains = +user_domains
require_files = "+${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/.spamassassinboxenable:+${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/$domain/passwd"
condition = ${if eq {${lookup {$local_part} lsearch {${extract{5}{:}{${lookup passwd{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}{$value}}}}/etc/$domain/passwd}}}{}{false}{${if match{$h_X-Barracuda-Spam-Status:}{\N^Yes\N}{true}{false}}}}
headers_remove="x-spam-exim"
transport = virtual_userdelivery_spam

Don't forward emails marked as spam by barracuda

Add to Section:

 Exim Advanced editor >> POSTMAILCOUNT
reject_forwarded_mail_marked_as_barracudaspam:
  driver = redirect
  domains = ! +local_domains
  condition = ${if match{$h_X-Barracuda-Spam-Status:}{^Yes}{true}{false}}
  allow_fail
  data = :fail: This mail cannot be forwarded because it was detected as spam, barracuda.

Disable SA SPF checks

\ls /home/*/.spamassassin/user_prefs | while read i ; do sed '/SPF_SOFTFAIL/d' -i $i ; echo "score SPF_SOFTFAIL 0.0" >> $i ; sed '/SPF_FAIL/d' -i $i ; echo "score SPF_FAIL 0.0" >> $i; done

If customer has a set list of domains, this will work if they are all in `/home` . It needs adjusting for multiple home dirs.

  • Create list of domains being added to Baraccuda Firewall
mkdir -p /home/lwtemp
vim /home/lwtemp/domain-list.txt
  • Create list of users from list from previously generated domain-list.txt
for DOMAIN in `cat /home/lwtemp/domain-list.txt`; do egrep -i "^$DOMAIN" /etc/userdomains | awk '{print $2}' >> /home/lwtemp/user-list-temp.txt; done
  • Remove system user and duplicate users
cat /home/lwtemp/user-list-temp.txt | grep -iv system | sort | uniq >> /home/lwtemp/user-list.txt
for USER in `cat /home/lwtemp/user-list.txt`;do USERHOME=$(eval echo "~$USER") && CONF=$(echo $USERHOME/.spamassassin/user_prefs); sed -i '/SPF_SOFTFAIL/d' $CONF; echo "score SPF_SOFTFAIL 0.0" >> $CONF ; done
  • Clean up temp files after verifying work
 rm /home/lwtemp/user-list.txt /home/lwtemp/user-list-temp.txt /home/lwtemp/domain-list.txt



MailSecure Set Up

  • Add subacct in `Billing -> SubAccts -> MailSecure Batch Create`
  • Dig MX and note in ticket. If using `mail.domain.com` rather than `domain.com`, manually change will be needed on MailSecure device.

https://wiki.int.liquidweb.com/articles/Barracuda_Spam_Firewall#Cpanel_configuration

  • If MX uses `mail.domain.com` -> https://bmx01.sourcedns.com/ -> Domain Manager -> IP Configuration -> change **Destination Server** from `domain.com` to `mail.domain.com`.
  • Enable SpamAssassin in user's cPanel if not already enabled. If it was disabled, set threshold to 99.
  • Echo "score SPF_FAIL 0.0" `/home/$USER/.spamassin/user_prefs`
  • Run 1-liner if cPanel 11.52 (Go to wiki for manual set up for other cPanel versions or if non-cPanel)
cp -a /etc/exim.conf{,.premailsecure.$(date +%s)}
if [[ -f /etc/csf/csf.conf ]] ; then echo -e "67.227.128.115 #Barracuda Spam Firewall allowance\n209.59.185.61 #Barracuda Spam Firewall allowance" | tee -a /etc/csf/csf.allow  /etc/csf/csf.ignore; fi
cat >> /etc/ips.remotemail <<'EOF'209.59.185.61
67.227.128.115
EOF
cat >> /etc/senderverifybypasshosts <<'EOF'209.59.185.61
67.227.128.115
EOF
cat >> /etc/trustedmailhosts <<'EOF'209.59.185.61
67.227.128.115
EOF
cat >> /etc/skipsmtpcheckhosts <<'EOF'209.59.185.61
67.227.128.115
EOF
cat >> /etc/backupmxhosts <<'EOF'
bmx01.sourcedns.com
bmx02.sourcedns.com
EOF
touch /etc/exim.conf.local
echo '@CONFIG@ @POSTMAILCOUNT@ @PRELOCALUSER@ @PREVIRTUALUSER@'|tr ' ' '\n'|while read line; do grep -q $line /etc/exim.conf.local > /dev/null; if [[ $? -eq 0 ]]; then echo $line "is already there"; else echo "adding $line"; echo $line >> /etc/exim.conf.local; echo  >> /etc/exim.conf.local; fi; done
 sed -e '/smtp_banner/d' -e "s/@CONFIG@/@CONFIG@\nsmtp_banner = \"\${primary_hostname} ESMTP Exim \${version_number} #\${compile_number} \${tod_full} We do not authorize the use of this system to transport unsolicited, and\/or bulk e-mail.\"/" -i /etc/exim.conf.local
cat > /tmp/eximconftmp <<'EOF'@PRELOCALUSER@
#barracuda-PRELOCALUSER#
localuser_barracudaspam:
driver = accept
headers_remove="x-spam-exim"
domains = ! +user_domains
require_files = "+$home/.spamassassinboxenable"
condition = ${if match{$h_X-Barracuda-Spam-Status:}{\N^Yes\N}{true}{false}}
check_local_user
transport = local_delivery_spam
#barracuda-PRELOCALUSER#
EOF
sed -e '/#barracuda-PRELOCALUSER#/,/#barracuda-PRELOCALUSER#/d' -e 

* Go to Activation Page: https://billing.int.liquidweb.com/mysql/content/admin/orders/mailsecure.mhtml
   * If domain shows LW as DNS or WHM, click `Activate`
   * If domain has DNS hosted on server, manually update DNS via `WHM - Edit MX Entry` - Set MX to **Local** and use the records below:

300 0 bmx01.sourcedns.com 300 0 bmx02.sourcedns.com

   * Activate once DNS propagates
  • Create email account in cPanel -> send test email to it from external email -> `grep "test@email.com" /var/log/exim_mainlog` and note that it did go through barracuda.sourcedns.com without error.
  • Delete test email account
  • Inform customer that setup has been completed

/@PRELOCALUSER@/ {r /tmp/eximconftmp\n d}' -i /etc/exim.conf.local cat > /tmp/eximconftmp <<'EOF'@PREVIRTUALUSER@

  1. barracuda-PREVIRTUALUSER#

virtual_user_barracudaspam: driver = accept domains = +user_domains require_files = "+${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/.spamassassinboxenable:+${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/$domain/passwd" condition = ${if eq {${lookup {$local_part} lsearch {${extract{5}{:}{${lookup passwd{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}{$value}}}}/etc/$domain/passwd}}}{}{false}{${if match{$h_X-Barracuda-Spam-Status:}{\N^Yes\N}{true}{false}}}} headers_remove="x-spam-exim" transport = virtual_userdelivery_spam

  1. barracuda-PREVIRTUALUSER#

EOF sed -e '/#barracuda-PREVIRTUALUSER#/,/#barracuda-PREVIRTUALUSER#/d' -e

   * If domain shows LW as DNS or WHM, click `Activate`
   * If domain has DNS hosted on server, manually update DNS via `WHM - Edit MX Entry` - Set MX to **Local** and use the records below:

300 0 bmx01.sourcedns.com 300 0 bmx02.sourcedns.com

   * Activate once DNS propagates
  • Create email account in cPanel -> send test email to it from external email -> `grep "test@email.com" /var/log/exim_mainlog` and note that it did go through barracuda.sourcedns.com without error.
  • Delete test email account
  • Inform customer that setup has been completed

/@PREVIRTUALUSER@/ {r /tmp/eximconftmp\n d}' -i /etc/exim.conf.local cat > /tmp/eximconftmp <<'EOF' @POSTMAILCOUNT@

  1. barracuda-POSTMAILCOUNT#

reject_forwarded_mail_marked_as_barracudaspam: driver = redirect domains = ! +local_domains condition = ${if match{$h_X-Barracuda-Spam-Status:}{^Yes}{true}{false}} allow_fail data = :fail: This mail cannot be forwarded because it was detected as spam, barracuda.

  1. barracuda-POSTMAILCOUNT#

EOF sed -e '/#barracuda-POSTMAILCOUNT#/,/#barracuda-POSTMAILCOUNT#/d' -e

   * If domain shows LW as DNS or WHM, click `Activate`
   * If domain has DNS hosted on server, manually update DNS via `WHM - Edit MX Entry` - Set MX to **Local** and use the records below:

300 0 bmx01.sourcedns.com 300 0 bmx02.sourcedns.com

   * Activate once DNS propagates
  • Create email account in cPanel -> send test email to it from external email -> `grep "test@email.com" /var/log/exim_mainlog` and note that it did go through barracuda.sourcedns.com without error.
  • Delete test email account
  • Inform customer that setup has been completed
<a class="internal bs-internal-link new" title="Category:Pages%20with%20broken%20file%20links" href="Category:Pages%20with%20broken%20file%20links" data-bs-type="internal_link" data-bs-wikitext="Category:Pages%20with%20broken%20file%20links">Category:Pages with broken file links</a>
<a class="internal bs-internal-link new" title="Category:Protected" href="Category:Protected" data-bs-type="internal_link" data-bs-wikitext="Category:Protected">Category:Protected</a>
<a class="internal bs-internal-link new" title="Category:Wikis" href="Category:Wikis" data-bs-type="internal_link" data-bs-wikitext="Category:Wikis">Category:Wikis</a>
/@POSTMAILCOUNT@/ {r /tmp/eximconftmp\n d}' -i /etc/exim.conf.local
/scripts/buildeximconf
service lfd restart
csf -r
   * If domain shows LW as DNS or WHM, click `Activate`
   * If domain has DNS hosted on server, manually update DNS via `WHM - Edit MX Entry` - Set MX to **Local** and use the records below:

300 0 bmx01.sourcedns.com 300 0 bmx02.sourcedns.com

   * Activate once DNS propagates
  • Create email account in cPanel -> send test email to it from external email -> `grep "test@email.com" /var/log/exim_mainlog` and note that it did go through barracuda.sourcedns.com without error.
  • Delete test email account
  • Inform customer that setup has been completed