• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Search results

  1. I

    Unable to disable SSL v2 and v3 in Postfix & Courier

    Looking at IMAP and POP3 from Courier again and using the following configuration: TLS_STARTTLS_PROTOCOL=TLS1 TLS_CIPHER_LIST="TLSv1:HIGH:!LOW:!MEDIUM:!EXP:!NULL:!aNULL@STRENGTH" Note the lack of any ciphers defined for use with SSLv3, but using the shorter HIGH and !LOW settings rather than...
  2. I

    Unable to disable SSL v2 and v3 in Postfix & Courier

    Similar results with Postfix. I had found and applied: smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5 # Preferred syntax with Postfix = 2.5: smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3 Based on the KB article I also added: # Iain 2014-12-14 ref: http://kb.odin.com/123160...
  3. I

    Unable to disable SSL v2 and v3 in Postfix & Courier

    The correct version of OpenSSL for CentOS 6.6 is openssl-1.0.1e-30.el6_6.2.<arch>.rpm or above (http://wiki.centos.org/Security/POODLE). I am at 6_6.4 as below and so yes, OpenSSL is fully up to date: # rpm -q openssl openssl-1.0.1e-30.el6_6.4.x86_64 I remember too checking out 1.0.1e, as...
  4. I

    Unable to disable SSL v2 and v3 in Postfix & Courier

    I did a comnplete CentOS update to 6.6 recently, but will check the OpenSSL version as well
  5. I

    Unable to disable SSL v2 and v3 in Postfix & Courier

    Well for anyone interested, after researching more I have more info. There’s an interesting thread on disabling SSLv3 and not simultaneously disabling TLSv1.0. It starts by someone experimenting and finding that if the explicitly disabled SSLv3 in the cipher list...
  6. I

    Unable to disable SSL v2 and v3 in Postfix & Courier

    I've just re-read your note and you seem to think the cipher list is somehow linked to the transport layer protocol. Excepting that POODLE is linked to the use of block ciphers in CBC mode, the protocol used to negotiate the session and the cipher agreed for use in the ongoing symmetric...
  7. I

    Unable to disable SSL v2 and v3 in Postfix & Courier

    Sorry, but I *did* read the article when I was addressing Apache. The scan of the VPS later showed SSLv2 on the mail services and I didn't remember this article as also relating to Postfix and Apache and it didn't come up in searches, and yes I did look, hence my post. As to the use of specific...
  8. I

    Unable to disable SSL v2 and v3 in Postfix & Courier

    Thanks for this. I have in fact been this way and the httpd/Apache are already sorted, but looking again, I do see: for Linux - Disables Apache, nginx, proftpd, courier-imap, qmail, postfix, dovecot, Plesk server engine (for versions 11.5 and later). So Courier and Postfix are both there...so...
  9. I

    Unable to disable SSL v2 and v3 in Postfix & Courier

    I am trying to secure my VPS and one thing noted in a recent scan was SSL v2 and v3 being supported for SMTP, POP3 and IMAP. So a check of ‘Disabling SSLv3 Support on Servers’ and the Postfix configuration settings suggest: smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5 # Preferred syntax...
  10. I

    Firewall update test

    Small point, but when you go to update a firewall config, it says: Warning: The changes you made to the firewall configuration have not yet been applied to the server. To do it 'Apply configuration'. The option/buttun is then marked 'Apply Changes', not 'Apply configuration'. Also, maybe...
  11. I

    Updating out of date components

    Is there any advice on how to update out of date components included in VPS? For instance... rkhunter is at v1.3.4 whereas the current version is 1.4.2. Why both about updating? Well, in part to reduce the number of false-positive warnings and in part to gain more current protection. A yum...
  12. I

    Unable to activate firewall changes

    I have posted this previously (http://talk.plesk.com/threads/modify-plesk-firewall-rules-never-completes.326239/) but not really got any answer. I am running 12.0.18 Update #27 on CentOS 6.6 and while I can make changes to firewall rules, I cannot activate them. Importantly, I need to permit my...
  13. I

    Loading certificates

    A small point, but one I believe improves understanding of what's going on... Under certificate management, there are options to "Upload the certificate files" or "Upload the certificate as text", but then the relevant submit buttons are marked "Send Files" and "Send Text". "Send"?? Surely...
  14. I

    Modify Plesk firewall rules never completes

    Well I am trying to make another firewall update and I get the same issue. I... Make the firwall changes Apply changes I can check the script and click Activate Sit and wait with the same message about "if this screen does not disappear in more than 30 seconds" and the screen just sits there...
  15. I

    Modify Plesk firewall rules never completes

    Strangely, the firewall now shows as being updated, although I could (and did!) leave the Apply Update screen saying it should refresh within 30 seconds for maybe 5 mins and it still be apparently stuck. Obviously something was going on, but odd that it should take so long. It is were a...
  16. I

    Modify Plesk firewall rules never completes

    Does anyone have issues with applying Plesk firewall changes? I make my change, apply and get to: Status Applying in progress. If your browser shows connection error messages, or if this screen does not disappear in more than 30 seconds, go to previous page. And there things stay. Going back...
  17. I

    Upgrade Spamassassin 3.4 and CentOS 7 timing

    Could I add a plea too for rkhunter to be updated. It too is way out of date as per my post about: Updating rkhunter and Plesk (http://talk.plesk.com/threads/updating-rkhunter-and-plesk.325463/) spamassassin SpamAssassin 3.3.1 (2010-03-16) (v3.3.1-3.el6). 3.4.0 is the current version...
  18. I

    Updating rkhunter and Plesk

    What is the recommended way to update rkhunter and SpamAssassin. My Plesk up to date 12.0.18 Update #23 server I have: spamassassin SpamAssassin 3.3.1 (2010-03-16) (v3.3.1-3.el6). 3.4.0 is the current version (2014-02-07) Rootkit Hunter v1.3.4 (12 Jan 2009). v1.4.2 is the current version (24...
  19. I

    Changes to php.ini, mail.add_x_header and sendmail_from

    I am migrating from Plesk 8 to 12 on CentOS 6 and still trying to iron out a few issues. Currently I'm looking at two php-sent mail issues. Issue 1: X-PHP-Originating-Script header has appeared in mail sent by new vhost Mail sent from the new box includes the X-PHP-Originating-Script header...
  20. I

    Unable to get webmail password!

    I am having the same issue under Plesk 12.0.18 Update #13. Each time I create a new domain and activate webmail, it seems to be necessary to go back and set permissions on .horde.shadow: chmod 755 /etc/psa-webmail/horde/.horde.shadow But my question is; Why? Why should it be necessary to SSH...
Back
Top