Cloudron Forum

@privsec said in Let’s encrypt certificates expiring?: Like can there be a memory within cloudron of all subdomains used and when it comes time to renew, just renew it on all of those subdomains? That's the current behavior. It only renews domains that are in use in Cloudron. AFAIK, there is no way to tell Let's Encrypt to "forget a subdomain" that we had gotten a certificate before. This is the reason why you get the reminder emails from Let's Encrypt about old domains.

@marcusquinn It's a more general tool as an attempt to fix and replace the issues with Email in general. It does that well. It just needs adoption. https://hacker10.com/computer-security/send-email-with-tor-i2p-and-gpg-using-confidant-mail/ https://privacytools.io has other options too

@paenzy I read somewhere that adding terms and disclaimers to emails made then "contractual", so in some cases and places it is better not to have them. I'm always interested in what's supposed to be law and what becomes hearsay law because lots of people do it and tell each other it should be done. I don't have experience either way but tend not to use email signatures from both habit and to be personable.

I really like the blackllist checking being built-in. Frankly, I'd also be a fan of getting notifications about it. I suppose UX-wise, perhaps this is the appropriate sort of thing to trigger a yellow status on email.

The root cause for this was the Cloudron server had the hostname as "box.domain.com" (same as the relay). Debian/Ubuntu has a quirk that it will put the hostname in /etc/hosts to resolve as 127.0.1.1. This meant that when we try to set it as relay, it resolves to 127.0.1.1 instead of the actual IP. To add to the confusion, I suggested using the host command which does not use /etc/hosts (i.e the nsswitch mechanisms) and uses only the DNS. If I had suggested using ping then we would have narrowed down the issue more quickly... Anyway, the fix is simply to hostnamectl set-hostname somethingelse.domain.com and also edit /etc/hosts (for some reason, hostnamectl doesn't change hosts file even after reboot, ).

@girish When will this be exposed in the GUI? Hopefully this can be planned for 7.4 perhaps, along with the many other mail improvements requested?

@drpaneas said in gmail blocks my server?: @jdaviescoates I have cloudron installed at home. Ah, right.

@girish Yes, I guess the email from my Cloudron domain is getting flagged as spam on their side, and then they reply to me without removing it from the Subject line. Ok, I'll get in touch with them and figure things out. As far as I know, I've done all I should to legitimize my cloudron domain - they use a provincial ISP for the email so I suspect they are picky. Thanks!

@girish Ok

@girish perfect, it works !

@girish Ok thanks, will try that

I love this conversation, this is gold. We have to strengthen the mail server as a safe, it is a very valuable asset. If we add to these limits/fuses the ability for the server to do certain actions if it detects that a domain has a higher percentage of X% of bounces and X% of complaints. This would also be a must have to shield the mail server. We have to be able to monitor all this well and automate actions in mail server.

@girish Thanks - it is green now and everything is okay

@msbt thanks! I will try to see if I can make this just "work" in the next release.

@marcusquinn Thank's Marcus, I'll follow your advice to check the reputation BEFORE, and if reputation is poor, just delete and purchase new one. Should be interesting that ISP's do themself this control and tell BEFORE the IP reputation.

@necrevistonnezr I noticed the first time enabling it,it has to index each mailbox which takes time depending on how big they are. I am sure if you left it as-is for a bit it would have started on it's own. Glad it's working now

@girish also, I imagine if MailPile hadn't tried to make PGP easy as part of it the developer might not have burnt out and there might be a decent open source webmail app!

I found that in Thundberbird, if you press Ctrl+K, it will use IMAP search. On Android K-9, there is Settings -> Account Settings -> Search -> Enable server search.

I'd like to add to this. The ability to select the pass length and whether we want special characters. Or if it's easier to do, allow us to add our own passwords instead of them being generated for us.