Dovecot fails to reload after upgrade / code=exited, status=226/NAMESPACE

If your Dovecot fails to reload/restart after upgrade, chances are that your kernel is too old. But you can try and fix this problem with simple step bellow.

This was in syslog log:

systemd[20406]: dovecot.service: Failed at step NAMESPACE spawning /usr/bin/doveadm: No such file or directory
dovecot.service: Control process exited, code=exited status=226
systemd[1]: Reload failed for Dovecot IMAP/POP3 email server.

This was Dovecot service status:

● dovecot.service - Dovecot IMAP/POP3 email server
Loaded: loaded (/lib/systemd/system/dovecot.service; enabled; vendor preset: enabled)
Active: active (running) (Result: exit-code) since Tue 2021-09-07 19:31:12 CEST; 1 months 28 days ago
Docs: man:dovecot(1)
Process: 20406 ExecReload=/usr/bin/doveadm reload (code=exited, status=226/NAMESPACE)

To solve, you can try and edit dovecot service script and add coment to PrivateTmp variable.

root@mailmachine:~# vi /lib/systemd/system/dovecot.service

...
[Service]
Type=forking
ExecStart=/usr/sbin/dovecot
PIDFile=/var/run/dovecot/master.pid
ExecReload=/usr/bin/doveadm reload
ExecStop=/usr/bin/doveadm stop
#PrivateTmp=true
NonBlocking=yes
# Enable this if your systemd is new enough to support it:
#ProtectSystem=full
...

Directadmin – x509: certificate signed by unknown authority – Letsencrypt

DST Root CA X3 expired on September 30, 2021. Because of this I got invalid certificate error when visiting Directadmin login in Chrome. Certificate itself was valid. CA certificate is problem. What you have to do is update system CA certificates. Also update letsencrypt via custombuild if you didn’t already.

Error was:

[root@server]# /usr/local/directadmin/scripts/letsencrypt.sh renew my.server.com
Setting up certificate for a hostname: my.server.com
2021/09/30 14:49:15 Could not create client: get directory at 'https://acme-v02.api.letsencrypt.org/directory': Get "https://acme-v02.api.letsencrypt.org/directory": x509: certificate signed by unknown authority
Certificate generation failed.

You have to update system CA certificates ( Centos in this case ):

[root@server ~]# yum install ca-certificates -y
....
[root@server ~]# update-ca-trust

Then try to create new certificate for server hostname:

[root@server]# /usr/local/directadmin/scripts/letsencrypt.sh request_single my.server.com 4096
Setting up certificate for a hostname: my.server.com
2021/09/30 14:51:50 [INFO] [my.server.com] acme: Obtaining SAN certificate
2021/09/30 14:51:51 [INFO] [my.server.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/35702261650
2021/09/30 14:51:51 [INFO] [my.server.com] acme: Could not find solver for: tls-alpn-01
2021/09/30 14:51:51 [INFO] [my.server.com] acme: use http-01 solver
2021/09/30 14:51:51 [INFO] [my.server.com] acme: Trying to solve HTTP-01
2021/09/30 14:51:57 [INFO] [my.server.com] The server validated our request
2021/09/30 14:51:57 [INFO] [my.server.com] acme: Validations succeeded; requesting certificates
2021/09/30 14:52:01 [INFO] [my.server.com] Server responded with a certificate.
Certificate for my.server.com has been created successfully!
DirectAdmin certificate has been setup.
...

Directadmin – ModSecurity: Request body (Content-Length) is larger than the configured limit (13107200)

I had problem with uploading files on Directadmin server with mod_security enabled. I set upload_max_filesize and post_max_size to 64M, and still recived error like this:

[Wed Aug 04 23:31:30.320425 1912] [:error] [pid 1418987:tid 140666332325632] [client 89.212.96.1:64983] [client 89.212.96.1] ModSecurity: Request body (Content-Length) is larger than the configured limit (13107200). [hostname "www.geekytuts.net"] [uri "/wp-admin/async-upload.php"] [unique_id "YQpCUpEZgUlp9rxIlbunrAAAnTQ"], referer: https://www.geekytuts.net/wp-admin/media-new.php

I found out that this behavior is not caused by any mod_security rules (Free ModSecurity Rules from Comodo) but by directive SecRequestBodyLimit setting . Default value is 12.5M and since I set 64M for file uploads, I changed this value the same – in bytes.

File which you want to modify is /etc/httpd/conf/extra/httpd-modsecurity.conf. In my case, I modifyed like this:

SecRequestBodyLimit 67108864
SecRequestBodyNoFilesLimit 1048576

Directadmin – Unrouteable address error on incoming mail

I had this stupid error the other day on Directadmin. I upgraded Exim to the latest version and then all mail sent to address@email.com which was on this server was bounced with the error “Unrouteable address”. From the past, I knew that errors like this can be due to exceeded mail limit. But in this case, this was happening only for one mail out of 50 others, and no limits were reached.

After some searching, I found out that there was an alias pointing to the email address itself, which was causing this error. I removed the forwarder (alias) and incoming mail started to work again on this mailbox.

2021-05-09 20:53:28 H=([1.1.1.1]) [2.2.2.2] F=<us11-99cb50d256-903kjsd32113@inbound.mailchimp.com> rejected RCPT <address@email.com>: Unrouteable address

So I had mail forwarder like:
address@email.com -> address@email.com

So when dealing with such an error, just remove the alias like described above.

Slow email sending from cPanel SMTP

I received a few complaints from different people, that sending of email messages is really slow. This didn’t make any sense, because no modifications were made on the server.

After an hour, I found that this was caused by Exim setting “Delay SMTP Transaction”. Quoting cPanel: The SMTP receiver will wait a few additional seconds for a connection when it detects spam messages in order to reduce inbound spam. 

So it’s another weapon to fight spam mail, but it makes sending slower.

You can disable this feature in Exim Configuration Manager -> ACL Options -> Introduce a delay into the SMTP transaction for unknown hosts and messages detected as spam.

When disabled, your emails should be fast again.

Cpanel – migrate all email accounts to new cPanel server with existing passwords. No password change

For migration of user accounts between cPanel servers, there is a superb “Transfer tool” which is provided and is part of Cpanel. With it, you can simply migrate all data from one server to another. But what about when you have the same accounts on both servers and you don’t want to overwrite data on a new server? I had one account for which the only email was necessary to transfer. This is not something transfer tool can do because I didn’t want to overwrite account.

If you have many email accounts and you don’t know passwords for them, it is realy pain in  the ass to change all passwords and make transfer via imapsync. But luckily, you can simly copy all email accounts from one Cpanel server to another by copy user’s “passwd” and “shadow” file.

Here is how you can migrate all email accounts from one server to another without changing username/password. All passwords will be transferred.

Continue Reading

Directadmin restore error: “your_user” is not a valid username

I had this weird error when I tried to restore some directadmin accounts on new server. Majority of accounts were restored successfully, but some returned this error:

user1 is not a valid username
user2 is not a valid username

I tried many things and than found out that there is default setting for username length in directadmin configuration max_username_length. Default value is 10, so if your username of account that you are trying to restore is larger than 10 characters, error will be returned. You have to edit directadmin configuration and set this variable.

[root@mx ~]# vi /usr/local/directadmin/conf/directadmin.conf

then edit max_username_length to larger value. I my example 20.

max_username_length=20

Directadmin – instal imagick (ImageMagick PHP module) with pecl – multi php

It’s amazingly simple. If you have multi PHP instances installed, go to bin directory of the one for which you want to install imagick module. In this example, I’ll install it on php version 7.3. This is CentOS 7 with Directadmin. You don’t need custombuild in this procedure.

Go to PHP bin directory:
[root@wutang4eva ~]# cd /usr/local/php73/bin/

Then just install imagick module likeå this:
[root@wutang4eva bin]# ./pecl install imagick

If php_ini is not set, then add extension to your php.ini manualy:
Add extension=imagick.so to /usr/local/php73/lib/php.ini

Restart php-fpm for php version - if you are using fpm of coruse:
systemctl restart php-fpm73.service

Check if imagick is installed:
[root@wutang4eva bin]# ./php73 -m | grep imag
imagick

If you want on other PHP versions, just do the same for each version you need imagick on.

I hope this helps.

© 2024 geegkytuts.net
Hosted by SIEL


About author