Migrate email accounts to different user account on the same cPanel server

Maybe you’ll want to merge two separate cPanel accounts on the same server, but you won’t be able to, because you can’t simply just delete domain from the first account, and you can’t add domain to the second account because it exists on the first one :).

You can migrate email and other user data simply, by creating backup of user account and delete it from cPanel. Below, I will show how to migrate just email. But you can also migrate websites like this.

  1. Make copy of primary user account (if websites, also make sure to dump databases of that user)
    root@cpanel [/home]# cp -rp useraccount1  useraccount1.bak
  2. Make copy of email aliases of primary account so they wont get lost after delete of primary account
    cp /etc/valiases/userdomain.com /etc/valiases/userdomain.com.bak
  3. Delete primary user account in cPanel – useraccount1 in our case
  4. Add domain of primary account to secondary account (useraccount2). Now you’ll be able to, because domain don’t exist on the system anymore.
  5. Copy settings from primary account from backup to secondary one (the one you added domain to) and set right permissions:
    root@cpanel [/home]# cp -rp /home/useraccount1.bak/etc/userdomain.com  /home/useraccount2/etc/userdomain.com
    chown -R useraccount2: /home/useraccount2/etc/userdomain.com
  6. Copy all email accounts to new account and set right permissions
     cp -rp /home/useraccount1.bak/mail/userdomain.com /home/useraccount2/mail/userdomain.com
    
    chown useraccount2:mail /home/useraccount2/mail/userdomain.com
    
    chown -R useraccount2: /home/useraccount2/mail/userdomain.com/*
  7. Recreate alliases
    cp /etc/valiases/userdomain.com.bak  /etc/valiases/userdomain.com

That’s it. You should be able to see email accounts for userdomain.com in new cPanel account. All passwords should remain the same as before.

Directadmin – Unrouteable address error on incoming mail

I had this stupid error the other day on Directadmin. I upgraded Exim to the latest version and then all mail sent to address@email.com which was on this server was bounced with the error “Unrouteable address”. From the past, I knew that errors like this can be due to exceeded mail limit. But in this case, this was happening only for one mail out of 50 others, and no limits were reached.

After some searching, I found out that there was an alias pointing to the email address itself, which was causing this error. I removed the forwarder (alias) and incoming mail started to work again on this mailbox.

2021-05-09 20:53:28 H=([1.1.1.1]) [2.2.2.2] F=<us11-99cb50d256-903kjsd32113@inbound.mailchimp.com> rejected RCPT <address@email.com>: Unrouteable address

So I had mail forwarder like:
address@email.com -> address@email.com

So when dealing with such an error, just remove the alias like described above.

Slow email sending from cPanel SMTP

I received a few complaints from different people, that sending of email messages is really slow. This didn’t make any sense, because no modifications were made on the server.

After an hour, I found that this was caused by Exim setting “Delay SMTP Transaction”. Quoting cPanel: The SMTP receiver will wait a few additional seconds for a connection when it detects spam messages in order to reduce inbound spam. 

So it’s another weapon to fight spam mail, but it makes sending slower.

You can disable this feature in Exim Configuration Manager -> ACL Options -> Introduce a delay into the SMTP transaction for unknown hosts and messages detected as spam.

When disabled, your emails should be fast again.

Directadmin – get disk size information for every email account on your server/user

If you want to get information about how much of disk is consuming every email account on your Directadmin server, then you can use this command.

[root@post ~]# find /home/*/imap/*/*/ -maxdepth 1 -type d -exec du -sh {} \; | awk -F '/' {'print $6"@"$5 " -> " $1'}
info@domain1.si -> 60K
test@domain1.si -> 60K
lala@domain1.ba -> 529M
info@somedomain.ba -> 529M
igor@somedomain.eu -> 772K
...

If you would want for every email account of some specific user, than you can use this:

[root@post ~]# find /home/user1/imap/*/*/ -maxdepth 1 -type d -exec du -sh {} \; | awk -F '/' {'print $6"@"$5 " -> " $1'}
info@domain1.si -> 1.3G
test2@domain1.it -> 1.3G
igor@test.si -> 68M
...

Simple, but it can save some time 🙂

Directadmin – Process failed (1) when writing error message to your@mail.com (frozen)

User complained about not being able to receive error messages from remote mail servers. When he sent to this email address from Gmail, error message return, but when he tried from Directadmin server, no error message arrived in inbox. I could see those messages in Exim’s mail queue as frozen.

In Exim mail log, this error was shown:

Process failed (1) when writing error message to your@mail.com (frozen)

After a while of digging online, I’ve found out that BlockCracking is causing this problem. We had BlockCracking version 1.8 which was apparently version with this issue. You’ll have to upgrade BlockCracking to version 1.10 or newer. Just go to your Directadmin’s custombuild directory, then follow this steps:

./build exim
./build dovecot_conf
./build spamassassin
./build blockcracking
./build update
./build exim_conf

After that, error messages should arrive in your inbox.

cPanel email problem – (13): Permission denied: failed to chdir to /home/username

I had this weird issue on one of our production cpanel servers where user’s email stopped working without any reason. Only error that was available was:

T=dovecot_virtual_delivery defer (13): Permission denied: failed to chdir to /home/username

From time to time users document root permissions were set to user nobody and execution privileges were removed. Because of this, email wasn’t working and I couldn’t find out why.

After a lot of headache I googled across this thread. Permissions were altered by cPanel’s File Protect. Somehow file protect recognized this accounts permissions weren’t right. After checking in users account, there was sub-domain created for which document root was set to “/”. This is not valid document root, and because of this, file protect altered users permissions.

I changed document root for this sub-domain and problem was solved. You should also correct user’s permissions on document root after fixing issue with file protect:

chmod +x /home/username
chown username:username /home/username

You should make sure that user accounts permissions are absolutely correct.

Hope this saves some sleep 🙂

cPanel: Your server does not support the connection encryption type you have specified

If you’re getting message like “Your server does not support the connection encryption type you have specified” when try to set up email in your Outlook, then chances are that your cPanel mail server has disabled some needed encryption types.

By default, cPanel disables all those protocols: SSLv2, SSLv3, TLSv1, TLSv1.1. SSL2 and SSL3 should be disabled at all costs, but you may not get away with TLS 1.1 or even TLS 1 being disabled.

To enable TLS 1 and TLS 1.1 in your Exim, login as admin in your cpanel and then: Home -> Service Configuration -> Exim Configuration Manager. Select second option so you can insert your own directives and add this:

 +no_sslv2 +no_sslv3

check_eximailqueue: query returned no output! [FIX]

If you are icinga/nagios user and dealing with exim, you probably know for wonderful plugin check_eximailqueue. This plugin warns you when there are specific amount of email in your exim mail queue. Usually this indicates spam.

I installed this plugin on CentOS 7 with Directadmin installed. When I was executing plugin locally, it worked fine. But when I tried to execute it remotely (from Icinga server), it failed.

This was error returned when executing from Icinga server:

> # /usr/local/libexec/nagios/check_nrpe -H my.serverhostname.com -c check_exim_queue
Mailqueue WARNING - query returned no output!

I added “nagios  ALL=(ALL) NOPASSWD:/usr/sbin/exim” to my /etc/sudoers file but error still persisted. I manually set Exim and sudo path in script. Error was still there.

If you check your nrpe process, you’ll see that it runs by nrpe user and not nagios!

[root@da ~]# ps -aux | grep nrpe
 nrpe 26993 0.0 0.0 46356 1460 ? Ss 10:44 0:00 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d

Solution is very simple. Just change “nagios ALL=(ALL) NOPASSWD:/usr/sbin/exim”  to “nrpe ALL=(ALL) NOPASSWD:/usr/sbin/exim”  in your /etc/sudoers – replace user nagios with nrpe. It should work.

I hope it helps 🙂

Directadmin – block zip attachments with ClamAV and Exim

A lot of viruses and malware is sent in emails with zip attachments. Sometimes your antivirus like ClamAV wont catch nasty email. This is a big problem when you receiving tons of this kind of messages. So if you’re receiving tons of nasty emails containing zip attachments with viruses in it, good way to solve this is by simply reject emails with zip attachments. This was done on Directadmin server with Custombuild 2.0. Even if you’re not using Directadmin, configuration for ClamAV should be very identical.

  • If you built Exim and Clamav with Custombuild 2.0, than you should see this line in your /etc/exim.conf. Uncomment if it’s not already. If you’re using Custombuild 1.2, then this should be changed in /etc/exim.conf directly – settings in step 2 bellow.
    .include_if_exists /etc/exim.clamav.conf
  • Open file /etc/exim.clamav.conf and find word demime within that file. Then simply add zip to it. It should look like this:
    #1.0
    deny message = This message contains malformed MIME ($demime_reason)
    demime = *
    condition = ${if >{$demime_errorlevel}{2}{1}{0}}
    deny message = This message contains a virus or other harmful content ($malware_name)
    demime = *
    malware = *
    deny message = This message contains an attachment of a type which we do not accept (.$found_extension)
    demime = bat:com:pif:prf:scr:vbs:zip
    warn message = X-Antivirus-Scanner: Clean mail though you should still use an Antivirus

Now any email with zip attachment will be rejected. Sender will receive error message like this:

The error that the other server returned was: 
550 This message contains an attachment of a type which we do not accept (.zip)

Exim – remove messages from mail queue sorted by email address

Ok, title is a little confusing, I admit :). Let me try to explain. When you have stuffed exim mail queue and you want to remove all messages from specific domain only, sometimes email address that you want to use as key for your parsing is in second line. So, classic exim -bp | grep <searchstring> | awk {‘print $3’} | xargs exim -Mrm is not very useful in this case because it won’t return message ID. Grep with -B flag is what you need in this case. -B will show line before your “key” string also – message ID in this case. You can check how to on example below.

  • Check exim mail queue
[root@mailserver ~]# exim -bp

46h   58K 1b59PU-000J6d-1U <something@domain.com>
          info@mydomain.si

44h   11K 1b5Bj4-000MJC-GF <johndoe@iasoiasd.in>
          info@mydomain.si

44h   16K 1b5BjQ-000MNC-0M <jimi.hendrix@guitar.com>
          peter@olderdomain.org

43h  9.0K 1b5Bvp-000P1c-6s <purchase@domainname.net>
          info@mydomain.si

43h   11K 1b5BzX-000PmA-S5 <GallowayIla96@asgasfasgas.com>
          info@mydomain.si

41h   59K 1b5Dhb-000I5h-8E <bloop@auhuiejnapob.net>
          info@mydomain.si

27h   17K 1b5RNl-000OFW-Tn <sasa@bjkoapojfoaubopaw.si>
          info@mydomain.si

22h   78K 1b5W42-000Nna-Jn <johndoe@gmail.com>
          anothermail@foo.com

22h   11K 1b5W8b-000Oes-Fb <ramones@band.com>
          info@mydomain.si

22h  250K 1b5WHr-0000Om-Oa <fuckface@guilttrip.com>
          joasd@aasdfasf.si

20h   12K 1b5YEZ-000MF7-Jq <mrinsignificant@mobile.cn>
          test@anotherdomain.net

19h  9.1K 1b5YK6-000NPV-1m <fetasir@cheese.com>
          info@mydomain.si

19h   12K 1b5YXM-000Ppg-Qd <asfaeaw@asdasa.com.br>
          info@mydomain.si

19h   11K 1b5Yeq-0001JN-9a <geaafwawfaef@gesawad.vn>
          blabla@mojadomena.si
.
.
.
  • We want to delete all messages that contains string info@mydomain.si and are in second line.
[root@mailserver ~]# exim -bp | awk {'print $1,$3'} | grep -B1 mydomain | awk {'print $2'} | xargs exim -Mrm

Message 1b59PU-000J6d-1U has been removed
Message 1b5Bj4-000MJC-GF has been removed
Message 1b5Bvp-000P1c-6s has been removed
Message 1b5BzX-000PmA-S5 has been removed
Message 1b5Dhb-000I5h-8E has been removed
Message 1b5RNl-000OFW-Tn has been removed
Message 1b5W8b-000Oes-Fb has been removed
Message 1b5W42-000Nna-Jn has been removed
Message 1b5W8b-000Oes-Fb has been removed
Message 1b5YK6-000NPV-1m has been removed
Message 1b5YEZ-000MF7-Jq has been removed
Message 1b5YK6-000NPV-1m has been removed
.
.
.

© 2022 geegkytuts.net
Hosted by SIEL


About author