Jump to content

infantex

Members
  • Posts

    85
  • Joined

  • Last visited

1 Follower

Profile Information

  • Gender
    Male

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

infantex's Achievements

Explorer

Explorer (4/14)

  • Dedicated Rare
  • Reacting Well Rare
  • Conversation Starter Rare
  • First Post Rare
  • Collaborator Rare

Recent Badges

1

Reputation

  1. I think I (partially) know what's happening. What lit the fuse was the selector field of the DKIM field. I had forgotten it even existed (quite easily since I only used it once about two months ago when setting up my VPS, and then I just copied it from Google's recommendation). Today I received another DMARC report and there were two valid e-mails originating from a Google-owned IP and passing all tests -- and the selector for DKIM was google. This selector thing was fresh in my mind for having answered @balloons about my (supposedly) nonexistent DKIM and DMARC records (you had to specify the selector when querying with curl). At first I thought someone had somehow added a DKIM selector (mailo from the DMARC report) to my domain. So I queried for it, but no, there was none. But, sure enough, garena,com had one. So, what I think is happening is that someone with a garena.com account is sending mail with altered headers, as to appear e-mail is from us (infantex.com.mx). Such e-mails are passing garena.com's SPF and DKIM tests because they're in fact originating from garena.com, thus the pass results in the auth_results section of the DMARC report. But they are failing DMARC, so they're being rejected or quarantined as per the policy_evaluated section. I think the combination of SPF, DKIM and DMARC is what's filtering those e-mails, how exactly, I don't know. But it seems DMARC is not accepting the passing SPF and DKIM results from garena.com. Good! One thing I noticed is that garena.com's SPF record includes _spf.google.com, as does mine. I don't know if that's legit (meaning legitimate e-mail from them occasionally uses Google's servers) or an attempt to hijack a lot of Google-hosted e-mails. I'm more at ease now! ๐Ÿ™‚
  2. I would think the same, but I can't think of anything else that'd be causing this. I went ahead and deleted the DNS zone in Hestia. Now, www.infantex.com.mx, instead of displaying the "Success! Web server is ready" page, I'm getting a too many redirects error (ERR_TOO_MANY_REDIRECTS). The curl output is similar to what you got: http points to https and https points to http. I don't know what's causing this or how to track who is redirectig what. ๐Ÿ˜ž
  3. Thanks for your answer. It got me thinking... I initially used Hestia's DNS to setup my site, but some DNS records were not propagating even after several days (I don't remember if it was the SPF record or another one). I switched over to Cloudflare for DNS and the issue was resolved. However, the DNS zone is still set up in Hestia. I have not noticed any problems so far, but I don't know if this could cause the looping issue you see. I just deleted the www A record in Hestia, nothing changed in the curl output but it may be cached, will wait 'till tomorrow. I would ask you if it would be OK to completely delete the DNS zone in Hestia, but you already said you're not familiar with it. ๐Ÿ™‚ Although Hestia should be just an interface to whatever service is providing the DNS.
  4. Hello. My site is hosted in a VPS, previously it was hosted in Tommy. Back when it was in Tommy, I could get to the site either by typing: "www.infantex.com.mx", or: "infantex.com.mx". Now, if I type: "infantex.com.mx", I can get to the site, but, if I type: "www.infantex.com.mx", i just get a: "Success! Your new web server is ready to use" page. My VPS was configured with Hestia CP, so I guess the success page is a default Nginx page. My DNS is setup in Cloudflare. I have an A record "www" pointing to my VPS's IP. From some evidence, I presume that previously, in Tommy, the "www" record was a CNAME one (I have an infantex.mx site still in Tommy and its www record is a CNAME record, so I'm extrapolating). However, I changed the www record from A to CNAME and pointed it to the root domain (infantex.com.mx) but it's still not working (after some hours after the change). Googling, I found that setting "Use always HTTPS" on in Cloudflare should correct this. Still no luck. I also found several script recommendations to solve this, not really a consensus. I don't know which file the script modifications refer to or where the files are/should be located (practically zero Linux or Sys Admin experience here). Also, I never did anything remotely like that when the site was hosted in Tommy (I would remember), it just worked. I checked the Hestia UI and found the Nginx configuration page. There are two versions: Basic and Advanced. In Basic, there's no evident option for www to non-www redirection. In Advanced, I can see the /etc/nginx/nginx.conf file, but don't know how to begin modifying it. For example, one of the recommendations is to set different servers for www.infantex.com.mx and infantex.com.mx, like: server { server_name www.infantex.com.mx; return 301 ... } server { server_name infantex.com.mx; # real configuration goes here... } But the /etc/nginx/nginx.conf I see in Hestia CP has not a single server section (?). I can see there's an events and an http section. I could bracket everything in the file into a server{} and add another server{} with the return 301 but I wouldn't know what I would be doing and I'm more likely to break what's working. What should I do? Is it a question of DNS? Is it a question of Nginx configuration? Is it a matter of Hestia configuration? Something else? Regards,
  5. cPanel is not working (the license was revoked, as per the email that was sent to you). You need to use FTP. As for zerossl, try entering just: "popnow.heliohost.us" (without the: "https://" part).
  6. Just for your reference, I know I have DMARC and DKIM records set. I set them up in Cloudflare and checked them in dmarcanalyzer.com (about a month ago). For some reason (probably by design?), dig doesn't return DKIM and DMARC records, even though they're TXT records. I searched, and found that you have to use the following syntax to query for DKIM and DMARC records using dig: dig selector._domainkey.domain txt dig _dmarc.domain txt Tried it with my site and obtained the corresponding records. I still don't know how garena.com-originated emails are able to pass DKIM and SPF checks... Or I may be reading the DMARC report wrong. The auth_results section lists both DKIM and SPF tests as pass, but the policy_evaluated section (for the same record, if I'm reading correctly) lists them both as fail. I'm baffled! As for the ~all qualifier, since I don't know any better and it's the configuration recommended by Google (at least for beginners), I used it.
  7. What should I include? According to what I read, I already have all the necessary TXT records set up (SPF, DKIM and DMARC). Do you mean I would get the answer to my question by including something in some unspecified TXT record? (My question was how an e-mail originating from garena.com was able to pass my DKIM and SPF rules?) Regards,
  8. I checked the memory and I do have 2 GB, so I'm fine. Will the VPS be reverted to 1 GB of memory once the sale ends or do we get to keep the extra GB?
  9. I'm from the beautiful city of Guadalajara in Mexico.
  10. I already have a VPS (vps40), thanks. I was asking about a promo (?) for an extra GB in the VPSs. This is the post: But, upon checking the VPS offerings on your page, I see the Mercury configuration already lists 2 GB of memory as the standard offering, so I guess that's the amount of memory I have on my vps40. Regards,
  11. Hi, all. After the cPanel "incident" with Tommy, I got a VPS to (temporally?) host my website. I still haven't everything ironed out. One thing I never did when hosted on Tommy was setup e-mail verification (DKIM, SPF, DMARC). I think some of that stuff was handled by cPanel. Well. My e-mail is served by Google (I have a legacy free Google Apps account) not by the VPS (and not by Tommy before). And I'm following Google's tutorial for DMARC implementation (https://support.google.com/a/answer/10032473?ref_topic=2759254). Right now I have the following SPF record: v=spf1 include:_spf.google.com ~all And the following DMARC record: v=DMARC1; p=reject; pct=15; rua=mailto:dmarc@infantex.com.mx We are really small (one location, three people managing less than ten e-mail accounts: each person's plus some generic ones like sales, invoicing, contact, etc.), so I'm confident none of our (legit) e-mail is originating from outside the country. ๐Ÿ™‚ However, according to a DMARC report I just received from Google, an e-mail originating from the host garena.com was able to pass both SPF and DKIM checks! I don't know that host and have no relationship with them whatsoever. Do you know how could they pass SPF and DKIM? I'm attaching the report, and here's the relevant part: <record> <row> <source_ip>166.78.71.215</source_ip> <count>1</count> <policy_evaluated> <disposition>quarantine</disposition> <dkim>fail</dkim> <spf>fail</spf> <reason> <type>sampled_out</type> <comment/> </reason> </policy_evaluated> </row> <identifiers> <header_from>infantex.com.mx</header_from> </identifiers> <auth_results> <dkim> <domain>garena.com</domain> <result>pass</result> <selector>mailo</selector> </dkim> <spf> <domain>garena.com</domain> <result>pass</result> </spf> </auth_results> </record> I'm also a little confused, the auth_results section reports a pass for DKIM and SPF but the policy_evaluated section reports them as fail. Any comments or ideas? Regards, google.com!infantex.com.mx!1631664000!1631750399.xml
  12. Hello. I read in a recent post that there was a promo for the $4/month VPS to get 2GB of memory instead of 1GB. How can I access that promo? Regards,
  13. Sorry to flood your email but: Thanks!
  14. Hello, everybody. I'm still in the process of setting up a VPS to host my domains until Tommy is fully back. I had a problem with blocked emails and learned a little more than I wanted about SPF, DKIM and that kind of stuff. ๐Ÿ™‚ One issue I'm still having is that I need to set up reverse DNS for one of the domains. I know I have to ask to have it done for me, that it's something I can't do myself. However, I don't know what the rDNS should point to, so I can ask properly. The mail server? The VPS name? The VPS is vps40.heliohost.us It currently hosts two domains: infantex.com.mx zaldivar.mx infantex.com.mx's mail is handled by Google (an old free G Suite deal). zaldivar.mx's is handled by the VPS (via Hestia). And this domain's email is the one lacking rDNS. Here's the relevant part from mail-tester.com: From this, I'd gather that the reverse DNS should point to vps40.heliohost.us and not zaldivar.mx (or mail.zaldivar.mx), even though the mail is from zaldivar.mx. It also makes sense in case I end up adding another domain to the VPS. But... am I correct? Also, what would be the best practice in naming the VPS that's hosting the sites? Is it OK to let it at "vps40.heliohost.us" or would a personalized domain be better? Or is it simply irrelevant? Regards,
  15. Thanks for your help, @pctips. I now understand (kind of) that I was trying to set the PHP options for the domain, and I only had a "default" PHP template availabe for that). With your help, I was able to enable PHP 5.6 on the server and, afterwards, select a PHP 5.6 template for the domain. Voilรก! The contacto.php web page is now working, including the mini map! Clarification for you and @balloons regarding the domains: infantex.com.mx is the main, original site. It's just a static website that was hosted on Tommy (and previously on Ricky, and before that on Johnny, I don't remember). Mail for this domain is handled by Google Apps (now Google Worskspace?). A couple of years ago, I secured the infantex.mx domain name, and the only thing I did was to set it as an alias to infantex.com.mx in Tommy's cPanel (I think). I never got to adding emails, etc. I moved the domain infantex.com.mx to the VPS. I didn't do anything with infantex.mx, so I guess that's why it's still on Tommy (which means I don't really understand how aliases work) or because the Registrar's records for infantex.mx still points to heliohost.org's nameservers. So, yes: infantex.com.mx is on the VPS and infantex.mx is on Tommy (I guess this turned out to be kind of fortunate). Additionally, I have the zaldivar.mx domain that I only use for email (so that the family can have emails with our surname ๐Ÿ™‚). No website for this domain. Mail for this domain was serviced by Tommy (I still haven't been able to set the email for this domain correctly, I correct one thing and another stops working ๐Ÿ˜ฌ).
×
×
  • Create New...