@nicolas There's a feature request to monitor network traffic at the app level. If we had that, we could have narrowed this down more quickly.

The more I read about FireHol the more I wish this was backed into cloudron install directly, it seems to me that Firehol is a great source to rely for blocking bad IP's

Okay so after multiple filter integrity issues ("X does not exist"), I opted to install a new Matomo instance, and migrated the data from old to new. It seems to be working well and passes all system checks now. I think this can be marked resolved. I still don't know how it ever got into that state, but it's good again.

@mehdi you're right, my poor choice of words..

apt is a binary that can call libapt-pkg libraries and provides a subset of interactive options and commands for apt-get/cache by default.

apt-get is not limited to those options.

@mehdi said in Ability to modify server name used for SFTP access to avoid use of Cloudron's my.<domain>.<tld>:

the prompt that everybody confirms without even reading

haha, so true. Yeah I got a pop-up that was like "This is a new key" or something and just accepted it. Basically the same kind of message that happens with SSH. I just have certificate-based SSH though where it needs my key to even connect (i.e. you couldn't connect to my server over SSH without it), so I was surprised I didn't need that on my SFTP connection, thought I'd maybe need something similar. But I guess this makes sense then the more I think about it. Just caught me off guard. haha.

@d19dotca said in Outbound email error: "Client network socket disconnected before secure TLS connection was established":

Are you aware of any method for me to determine what the receiving mail server supports for TLS protocols and cipher suites?

You can try something like openssl s_client -starttls smtp -connect server:25. Note that usually you have to do this from a real server and not from your laptop, since most residential networks will block outbound port 25.

There is also a better tool for SMTP connection testing, it's at the tip of my tongue...

Edit: gnutls-cli is the tool. It has some feature which openssl s_client does not support. I can't seem to remember what exactly.

@brutalbirdie I genuinely enjoyed the response lol and it should absolutely be on here =]

@robi said in Firewall IP blocking: IPv6 not possible:

Marcel, can you share more detail about your chosen block list and how others can do the same?

Sure!

top 10 countries of attacks: https://www.privacyaffairs.com/geopolitical-attacks/

Source of country ip's: https://www.ipdeny.com/ipblocks/

I've choosen to only block those below, we don't expect any necessary traffic from those countries (it's more than 45% of the known Countries where attacks come from):

China: https://www.ipdeny.com/ipblocks/data/aggregated/cn-aggregated.zone

Russia: https://www.ipdeny.com/ipblocks/data/aggregated/ru-aggregated.zone

North Korea: https://www.ipdeny.com/ipblocks/data/aggregated/kp-aggregated.zone

Iran: https://www.ipdeny.com/ipblocks/data/aggregated/ir-aggregated.zone

Pakistan: https://www.ipdeny.com/ipblocks/data/aggregated/pk-aggregated.zone

Syria: https://www.ipdeny.com/ipblocks/data/aggregated/sy-aggregated.zone

India: https://www.ipdeny.com/ipblocks/data/aggregated/in-aggregated.zone

Vietnam: https://www.ipdeny.com/ipblocks/data/aggregated/vn-aggregated.zone

All those IP's copy-pasted in Cloudron > Network> Firewall, currently 20906 ranges blocked.

I added them this morning and I can tell now already that spam has reduced with 90%

@atrilahiji I hadn't considered the option to just install Surfer and a bunch of these apps manually coming from the App packaging perspective.

@marcusquinn It might be neat to get a list of all installed apps in Cloudron and populate them in Roam then link them to all their descriptions and various tags for speedy browsing and learning about them. Might be perfect as a New User Welcome Guide that everyone can contribute to as they learn from their path through the Cloudron experience.

so we could request upstream that they allow for customizing the table prefixes to make this less rigid.

@jordanurbs this is probably relevant to you https://docs.moodle.org/310/en/Database_transfer

@yusf Are backups failing by any chance. I wonder why there are multiple backups in a day. How often do you create backups? If it's one week backups from 17th Npv are expected. the ones which are slightly older are probably preserved for various reasons. One thing you can do is Backups -> Cleanup backup. Then in the same view, click on logs and it will tell you why each and every backup is preserved. If you paste the log, I can explain in a bit more detail.

@nebulon
using pyzor, MooCloud use it on his antispam gateway, we host a self hosted exchange pyzor server.

https://www.pyzor.org/en/latest/

I uploaded a little Demo, if you like you can watch it. (No Sound)

Youtube Video

cc @plusone-nick . He knows all sorts of no-code apps.

@girish you have an email with logs.

@brutalbirdie It was a discount coupon that we sent out via email to some users. It was meant to offer an off on the monthly plan. I changed the title since we didn't send it to most people

@marcusquinn @d19dotca @girish @nebulon Dear All, many thank's for answer. As I saw in the folders, Iphone has two kind of sent message folders:

Sent Message Sent

So as @d19dotca and @marcusquinn stated, on Thunderbird emails was saved in "Sent", but on iphone in "Sent Messages".

When I configured emails who was on Cpanel iphone saved emails in "Sent". But when I configured email from Cloudron, iphone saved email in Sent Messages.

Thant's why it was like I had missing email from Thunderbird and vice versa.

Workaround is to configure the same folder and when adding Cloudron email on iphone, be sure to follow @d19dotca instruction.

Thank's a lot!

@fbartels Oops sorry, I should have at least tried to restart. It working fine just with restarting the app (no need to even reinstall). Thanks

@dreamcatch22 with AWS, I have usually found that it's either

a) the cpu credits are kicking in. are you aware of https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-credits-baseline-concepts.html ? AFAIK, even lightsail has the same limitation (but not 100% sure).

b) some machine have a lot of memory but perform very poorly . For example, see the notes in EC2 R5 xlarge (which has 32GB RAM!) but works very poorly with docker - https://forum.cloudron.io/post/17488

Not sure, if either of those apply to you. What instance are you using ?