Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - acon

Pages: [1] 2 3 ... 30
Spanish / Re: Nuestro dominio de correo es detectado como spam
« on: September 13, 2023, 09:00:40 pm »
Gmail rechaza los correos de servidores de correos para la que no obtiene resolución inversa DNS.
Muchos registradores de domino no tienen resolución inversa, por lo que si es tu caso, no podras interactuar con gmail.
Por otra parte, es casi imperativo implementar DKIM y DMARK para que no te marquen como spam.
Hay un doc para configurarlo en zential, pero no es fácil. Busca en la doc por DKIM

BTW, i also got this one:
I have updated 2 servers from 6.2 to 7 and one is fine and the other has those 2 small issues, but still usable.

Other people are experiencing same issue:

Searching in syslog at upgrade time, i found this:
Code: [Select]
May 22 15:21:15 fermat dovecot: config: Warning: please set ssl_dh=</etc/dovecot/dh.pem
May 22 15:21:15 fermat dovecot: config: Warning: You can generate it with: dd if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dhparam -inform der > /etc/dovecot/dh.pem
I get this message every time i restart dovecot.
In /etc/dovecot//conf.d/10-ssl.conf the config for DH is:
Code: [Select]
ssl_dh = </usr/share/dovecot/dh.pemWhish exists in this folder:
Code: [Select]
-rw-r--r-- 1 root root  769 nov 14  2019 dh.pemSo i d'ont know how to fix this. Please any help is apreciated.

Hi, i have just upgraded a Zen6.2 server to Zen7. I has to delete the nginx certs and create news (no web admin).
Everithing is now running as expected, except for IMAP connection from thunderbird clients.
Sogo works, ActveSync works but nor IMAP.
I think the relevant part in syslog is:
Code: [Select]
May 22 16:39:53 fermat dovecot: imap-login: Error: Failed to initialize SSL server context: Can't load DH parameters: error:1408518A:SSL routines:ssl3_ctx_ctrl:dh key too small: user=<>, rip=, lip=, session=<AU8+JuzCOPsKAAAB>
May 22 16:39:53 fermat dovecot: imap-login: Disconnected: TLS initialization failed. (no auth attempts in 0 secs): user=<>, rip=, lip=, session=<AU8+JuzCOPsKAAAB>

It looks to me like a dovecot cert problem. Any idea to delete a re-crate dovecots certs?

Same error here.
I have reverted my VM server to previous snapshot.I will wait until migration to 7.0 is fine.

The ugrade to Zen7 button is offered again, but if you pust it, in the upgrade windows it says "This will upgrade your Zentyal 6.0 to Zentyal 6.2 Community edition"...
Tested on 2 servers

Installation and Upgrades / Re: upgrade from 6.2 to 7.0
« on: March 12, 2021, 04:11:26 pm »
The ugrade to Zen7 button is offered again, but if you pust it, in the upgrade windows it says "This will upgrade your Zentyal 6.0 to Zentyal 6.2 Community edition"...

Other modules / Re: Zentyal to Zentyal VPN constantly dropping
« on: February 02, 2021, 01:50:47 pm »
Must be some problem related to certificates used in the VPN.
Anyway, i have deleted both server an client VPN, revoked certificates, generated news and created VPN and now it is stable and working as expected.

To modify the value of the TXT record in samba DNS, you can use the DNS administrative console from the M$ RSAT (Remote Server Administration Tool), wich can be installed in windows 10.
Run DNS console, connect to zentyal server IP and modify the record.
Thats all. I have generated new 1024 bits keys, created txt records in both internal zentyal DNS and Internet DNS and restarted services...
Shoul be modified in the manual, including the choice to generate 1024 or 2048 bit keys and an example in a split dns scenario?

When trying to delete the old TXT record, i get prompted to suply a password:
Code: [Select]
Password for []:dns-hostname is a samba user and it is listed with:
Code: [Select]
sudo samba-tool user listThe password for this user is not the password defined at instalation time for administrative user (same a sudo), so i d'ont know wich password to use here.

I have confirmed that the key generated is 2048, so i generated a new one with -b 1024:
Code: [Select]
opendkim-genkey -b 1024 -s mail -d -D /etc/opendkim/keysThe generated key now fits in 250 charters TXT record, but i need to edit or delete the record created with:
Code: [Select]
samba-tool dns add TXT [i]key[/i]

Hi, i have followed the manual at:
Quote to configure DKIM.
Everithing whent fine until i tryed to create the TXT record with de DKIM key in my DNS zone at
According to Hover technical support, the max lenght of the TXT record is 255 charters.
By default, opendkim-genkey should generate 1024 bit keys. This must fit in 255 charters string so i assume the manual procedure is generating a 2048 bit key.
So, the question is:
How can i replace the generated key with a shorter one and how to reconfigure dkim to use the new key and modify the DNS record added with samba-tool.
BTW, the manual is assuming that the Zentyal DNS server is authoritative for the mail domain.
In my case, i use a split DNS scenario, where the authoritative DNS server for my domain in internet is the hover DNS and for my internal network, the authoritative DNS is my zentyal server, so i asume i have to add the TXT with the key to both DNS zones.
Any help is welcome....

Spanish / Re: VPN's redes anunciadas
« on: January 28, 2021, 10:24:10 am »
El tipo de tunel que has configurado es " Permitir túneles de Zentyal a Zentyal "?
Si afirmativo, has anunciado las redes locales de cada cliente?
Imagino que si, ya que accedes de 172.16.0 a las otras dos.
En el manual pone esta advertencia:
Warning The propagation of routes can take a few minutes.

Con tracert, hasta donde llegas?

Other modules / Re: Zentyal to Zentyal VPN constantly dropping
« on: January 28, 2021, 07:42:23 am »
To configure client side, i have used the bundle downloaded from the server side and both servers are 6.2.6.
I will delete both server side and client side, apply updates to both servers, reboot and create a new link and report back the results.

Pages: [1] 2 3 ... 30