ISPConfig 3 issueshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues2022-11-10T17:32:43Zhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6373Add support for RHEL 9 and compatible clones2022-11-10T17:32:43ZMichaelAdd support for RHEL 9 and compatible clonesI've already the detection code for RHEL 9 and clones in my local git repo, however, RHEL 9 suffers from the very same problem as Ubuntu 22.04 that the shipped PHP and MariaDB versions are too new for current ISPConfig codebase.
Also ...I've already the detection code for RHEL 9 and clones in my local git repo, however, RHEL 9 suffers from the very same problem as Ubuntu 22.04 that the shipped PHP and MariaDB versions are too new for current ISPConfig codebase.
Also there are still some critical 3rd-party packages missing as of today, like rspamd, awstats, or pure-ftpd among a few more.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6372Add an option to disable automatic creation of CAA record on issuing LE2022-08-19T13:11:48ZMichaelAdd an option to disable automatic creation of CAA record on issuing LEFor reference: https://forum.howtoforge.com/threads/prevent-caa-records-from-lets-encrypt.89113For reference: https://forum.howtoforge.com/threads/prevent-caa-records-from-lets-encrypt.891133.2.9MichaelMichaelhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6371Postfix recipient_access management2023-01-05T15:35:19ZPyte CPostfix recipient_access managementI am migrating my mailservers into my new ISPConfig multiserver setup. I have a special config to my postfix that checks a local database for recipient access with `smtpd_recipient_restrictions`. This is done to not allow any recipient o...I am migrating my mailservers into my new ISPConfig multiserver setup. I have a special config to my postfix that checks a local database for recipient access with `smtpd_recipient_restrictions`. This is done to not allow any recipient on catchall mailboxes and avoid spam. We have quiet a few catchall mailboxes that collect mails and afterwards get retrieve from local exchange servers. So within the database there are the following entries:
- All maildomains managed by the dovecot server itself
- All mailadresses/aliases/etc that a local exchange server knows of
This will also always result in a correct error message for the sender in case the mailbox does not exist or the recipient access is denied.
Is it possible to add this functionality to ISPConfig, so we can manage a recipient access list from within ISPConfig and add/remove entries from there and from the API?
With the API, the process of adding the mailadressen known by local exchange Servers can be automated with a restricted API user.
I am not sure how many Sysadmins use such a solution with their postfix servers, and feedback is appreciated!https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6370Show user info in datalog list view2022-08-15T22:32:59ZMichaelShow user info in datalog list viewFor QOL reasons, show the user in the Datalog who performed actions.For QOL reasons, show the user in the Datalog who performed actions.3.2.9https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6363rfe: rspamd: add mxroute lists2022-07-15T19:31:14ZJesse Norellrfe: rspamd: add mxroute listsConsider adding https://github.com/mxroute/rspamd_rules/tree/master/lists to rspamd configuration.Consider adding https://github.com/mxroute/rspamd_rules/tree/master/lists to rspamd configuration.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6355rspamd: trusted ARC signers2022-06-27T16:18:59ZJesse Norellrspamd: trusted ARC signersFeature Request: Add to the UI a way to specify trusted ARC signers (rspamd whitelisted_signers_map setting). Ideally we could allow individual domain owners to specify what signers are trusted when mailing their domain, but it may hav...Feature Request: Add to the UI a way to specify trusted ARC signers (rspamd whitelisted_signers_map setting). Ideally we could allow individual domain owners to specify what signers are trusted when mailing their domain, but it may have to be a server/system wide setting, I've not dug into the details).
This will help improve mail authentication for mail forwarded to an ISPConfig system, if the forwarder breaks DMARC (spf usually breaks, DKIM breaks if headers/body/sender is changed) but ARC signed the message that they received, rspamd can ignore the DMARC failure and consider the message authenticated. This feature allows the server/domain admin to specify what ARC forwarders should be trusted.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6349Lost root ssh access, here's how2022-06-17T18:08:06ZSergioLost root ssh access, here's howHi, today I lost the root ssh access to the ISPConfig installation, running on Ubuntu 20.04. When I first installed ISPConfig I removed the prefix for FTP users and Shell users. Today I wanted to test a few customizations on shell users,...Hi, today I lost the root ssh access to the ISPConfig installation, running on Ubuntu 20.04. When I first installed ISPConfig I removed the prefix for FTP users and Shell users. Today I wanted to test a few customizations on shell users, so I created a new user with the same username of the only user on sudoers (it's my name afterall :P), then I deleted it and boom. That action deleted the sudoer user, so I lost the root access to my machine. Nothing really serious, I recovered it, then it was a virtual machine running on my home computer, but I think it shouldn't have happened. In this way a ISPConfig user with create users privileges, could compromise the access to the machine. Maybe there could be a check if the user already exists before creating a new one.
Thanks :smile:https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6346Send email to reseller when quota is reached2022-05-18T21:15:07ZThomSend email to reseller when quota is reachedCurrently, we do send a email to the admin and the client, but not the reseller. Should be a option to send to the reseller as well.Currently, we do send a email to the admin and the client, but not the reseller. Should be a option to send to the reseller as well.3.2.9ThomThomhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6342Always include related domain/user/id in error message2022-07-31T13:24:07ZThomAlways include related domain/user/id in error messageOn one of my servers, I saw this warning entry in the log: `WARNING - Problem with website user or group. Websites cannot be owned by root or an existing user/group. User: - Group: -`
It's completely unclear which domain it affects. We...On one of my servers, I saw this warning entry in the log: `WARNING - Problem with website user or group. Websites cannot be owned by root or an existing user/group. User: - Group: -`
It's completely unclear which domain it affects. We should include the id/domain/user in all warning messages.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6341disable AUTH on port 252022-05-02T17:55:25ZJesse Norelldisable AUTH on port 25Add a server setting to disable AUTH on port 25. This of course requires clients to be using proper mail submission ports, but blocks a lot of junk authentication attempts where it can be used.Add a server setting to disable AUTH on port 25. This of course requires clients to be using proper mail submission ports, but blocks a lot of junk authentication attempts where it can be used.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6340disable plaintext email logins2022-05-02T16:13:37ZJesse Norelldisable plaintext email loginsAdd a server setting to disable plaintext email logins, which will help with email account compromises.Add a server setting to disable plaintext email logins, which will help with email account compromises.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6335Some PHP-FPM config seems to be missing in apache2 vhost template2022-09-06T14:45:24ZGuillaume SubironSome PHP-FPM config seems to be missing in apache2 vhost templateI would have prefer to make a pull request but it seems I am not allowed to fork the projet.
## Summary
On Debian 11, PHP requests are not passed to PHP-FPM when DocumentRoot starts with `/var/www/foo.com/web` instead of `/var/www/clie...I would have prefer to make a pull request but it seems I am not allowed to fork the projet.
## Summary
On Debian 11, PHP requests are not passed to PHP-FPM when DocumentRoot starts with `/var/www/foo.com/web` instead of `/var/www/clients/client1/web1/web`
## Steps to reproduce
- Check that mod-fastcgi is not enabled in apache2
- Set the site in PHP-FPM
- In Apache Directives, add `DocumentRoot {DOCROOT}`
- PHP files will be returned as text
- Set the site in Fast-CGI, it will work again
- Set the site in PHP-FPM, it will not work again…
## Environment
Server OS + version: Debian 11, Apache2.4
ISPConfig version: 3.2.8p1
Software version of the related software: Apache/2.4.53 (Debian)
Package libapache2-mod-fastcgi is not installed, mod-fastcgi is not enabled
## Proposed fix
In `server/conf/vhost.conf.master`, I believe the blocks in lines 411 and 421 should be deduplicated to add `<Directory {tmpl_var name='web_document_root_www'}>`. This double block seems to be present everywhere (lines 377-384 for example), but not in FPM use_tcp and use_socket configs.
Thank you.3.2.9https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6334Delete Client message should include client name for verification2022-08-15T22:35:20ZJeff NewmanDelete Client message should include client name for verificationISPC 3.2.8
just went to delete a client (did not need). There is a popup window with an "are you sure" message/alert, and then there's a verification web page to again verify deletion.
The issue - neither of these repeat or indicate t...ISPC 3.2.8
just went to delete a client (did not need). There is a popup window with an "are you sure" message/alert, and then there's a verification web page to again verify deletion.
The issue - neither of these repeat or indicate the name of the item being deleted. This is also true for other delete functions. It would be nice if the messages included identifying information indicating what the asset is that will be deleted - it's possible that the wrong thing was clicked on, but that wouldn't be known at that last step.3.2.9https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6332API to get mail user details for all account that belong to a client.2022-08-15T22:33:14ZHelmoAPI to get mail user details for all account that belong to a client.I'm missing an mail_user_get_all_by_client api function.I'm missing an mail_user_get_all_by_client api function.3.2.9https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6328Support PHP 8.X2022-10-20T19:42:49ZThomSupport PHP 8.XWe need to support PHP 8.X for the next Ubuntu release (22.04) - let's start gathering issues with the current code which we can look into. Please comment on this issue if you find a incompatibility.
ToDo:
- [x] `Function strftime() is ...We need to support PHP 8.X for the next Ubuntu release (22.04) - let's start gathering issues with the current code which we can look into. Please comment on this issue if you find a incompatibility.
ToDo:
- [x] `Function strftime() is deprecated in /usr/local/ispconfig/server/lib/classes/cron.inc.php` (https://www.howtoforge.com/community/threads/disable-deprecated-for-cron-on-debian10.88776/)
- [ ] `Uncaught Error: Call to undefined function mysqli_init() in /usr/local/ispconfig/server/lib/classes/db_mysql.inc.php:83` > `apt install php8.1-mysql` (need to add check for this to update script)
- [x] `stderr: thrown in /usr/local/ispconfig/interface/lib/classes/tpl.inc.php(1366) : eval()'d code on line 173`3.2.9Till BrehmTill Brehmhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6324Cleanup vhost.conf.master2023-08-08T07:22:15ZThomCleanup vhost.conf.masterThe vhost.conf.master template is quite a mess. I will go through it and clean it up, fix indentation, etcThe vhost.conf.master template is quite a mess. I will go through it and clean it up, fix indentation, etc3.2.12ThomThomhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6317Updated Italian translation (attached)2022-03-31T10:36:45ZTill BrehmUpdated Italian translation (attached)Attached is an updated Italian translation. Thanks to Aldo for providing the update.
[it.lng](/uploads/4dbb6477a7abd3211658eab355f27ee2/it.lng)Attached is an updated Italian translation. Thanks to Aldo for providing the update.
[it.lng](/uploads/4dbb6477a7abd3211658eab355f27ee2/it.lng)3.2.9ThomThomhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6314Only add Mailman related config to the Postfix config if Mailman is installed2022-09-30T19:05:22ZThomOnly add Mailman related config to the Postfix config if Mailman is installedCurrently, in all Postfix configurations, there are references to Mailman, e.g. for the transport. We should only put that in there if Mailman is installed. This will prevent issues such as https://www.howtoforge.com/community/threads/af...Currently, in all Postfix configurations, there are references to Mailman, e.g. for the transport. We should only put that in there if Mailman is installed. This will prevent issues such as https://www.howtoforge.com/community/threads/after-migrate-from-debian-10-to-11-i-cant-use-an-email-that-existing-in-mailing-list.88681/3.2.9ThomThomhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6313Add warning to update script when incorrect PHP version is used as default2022-11-01T12:53:35ZThomAdd warning to update script when incorrect PHP version is used as defaultAdd a warning to the update script that the default PHP version is not in line with the OS default. Eventually offer to fix this?Add a warning to the update script that the default PHP version is not in line with the OS default. Eventually offer to fix this?3.2.9ThomThomhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6311Add warning to the update script when PHP 8+ is the default PHP version2022-03-24T16:16:19ZThomAdd warning to the update script when PHP 8+ is the default PHP version3.2.8p1Till BrehmTill Brehm