Jump to content

George A.

Members
 View Profile  See their activity

  • Posts

    25

  • Joined

  • Last visited

 Content Type 

Posts posted by George A.

  1. SMTP issues - Blesta 4.1

    in Support

    Posted

    32 minutes ago, timnboys said:

    read the github issues on that:

    https://github.com/swiftmailer/swiftmailer/issues/598

    which is suggested to do this instead:

    https://github.com/swiftmailer/swiftmailer/blob/5.x/lib/classes/Swift/Transport/StreamBuffer.php#L95

    change this from:

    public function startTLS()

    {

    return stream_socket_enable_crypto($this->_stream, true, STREAM_CRYPTO_METHOD_TLS_CLIENT);

    }

    to 

    public function startTLS()

    {

    return stream_socket_enable_crypto($this->_stream, true, STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT);

    }

    that will force swiftmailer to only use tls v1.2 not any other version.

    I have also tried that, but it's not working.

  2. SMTP issues - Blesta 4.1

    in Support

    Posted

    Hello,

    It's not a server issue but how PHP has implemented the default way to handle a TLS connection: which is TLSv1.

    Found something. As per php docs: 

    Before PHP 5.6.7 :
STREAM_CRYPTO_METHOD_SSLv23_CLIENT = STREAM_CRYPTO_METHOD_SSLv2_CLIENT|STREAM_CRYPTO_METHOD_SSLv3_CLIENT
STREAM_CRYPTO_METHOD_TLS_CLIENT = STREAM_CRYPTO_METHOD_TLSv1_0_CLIENT|STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT|STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT

PHP >= 5.6.7
STREAM_CRYPTO_METHOD_SSLv23_CLIENT = STREAM_CRYPTO_METHOD_TLSv1_0_CLIENT|STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT|STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT
STREAM_CRYPTO_METHOD_TLS_CLIENT = STREAM_CRYPTO_METHOD_TLSv1_0_CLIENT

    From swiftmailer the file /vendors/swiftmailer/swiftmailer/lib/classes/Swift/Transport/StreamBuffer.php. I have commented out line 94 and added: 

    $crypto_m = STREAM_CRYPTO_METHOD_TLS_CLIENT;

if (defined('STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT')) {
	$crypto_m |= STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT;
	$crypto_m |= STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT;
}

return stream_socket_enable_crypto($this->_stream, true, $crypto_m);

    But I still can't make TLSv1.2 work. What am I missing?

     

    Kind regards,

    George.

  5. SMTP issues - Blesta 4.1

    in Support

    Posted

    Hello,

    This is from postfix with log level 3.

    Sep 25 17:26:39 ***censored*** postfix/submission/smtpd[4558]: initializing the server-side TLS engine
    Sep 25 17:26:39 ***censored*** postfix/submission/smtpd[4558]: connect from ***censored***[***censored***]
    Sep 25 17:26:39 ***censored*** postfix/submission/smtpd[4558]: setting up TLS connection from ***censored***[***censored***]
    Sep 25 17:26:39 ***censored*** postfix/submission/smtpd[4558]: ***censored***[***censored***]: TLS cipher list "aNULL:-aNULL:HIGH:@STRENGTH"
    Sep 25 17:26:39 ***censored*** postfix/submission/smtpd[4558]: SSL_accept:before SSL initialization
    Sep 25 17:26:39 ***censored*** postfix/submission/smtpd[4558]: read from 555C190F59F0 [555C192035E3] (5 bytes => -1 (0xFFFFFFFFFFFFFFFF))
    Sep 25 17:26:39 ***censored*** postfix/submission/smtpd[4558]: read from 555C190F59F0 [555C192035E3] (5 bytes => 0 (0x0))
    Sep 25 17:26:39 ***censored*** postfix/submission/smtpd[4558]: SSL_accept:error in before SSL initialization
    Sep 25 17:26:39 ***censored*** postfix/submission/smtpd[4558]: SSL_accept error from ***censored***[***censored***]: lost connection
    Sep 25 17:26:39 ***censored*** postfix/submission/smtpd[4558]: lost connection after STARTTLS from ***censored***[***censored***]
    Sep 25 17:26:39 ***censored*** postfix/submission/smtpd[4558]: disconnect from ***censored***[***censored***] ehlo=1 starttls=0/1 commands=1/2

     

    This is the log showing a success e-mail delivery using SMTP TLS with other php applications:

    Sep 25 17:37:05 ***censored*** postfix/submission/smtpd[4824]: initializing the server-side TLS engine
    Sep 25 17:37:05 ***censored*** postfix/submission/smtpd[4824]: connect from ***censored***[***censored***]
    Sep 25 17:37:05 ***censored*** postfix/submission/smtpd[4824]: setting up TLS connection from ***censored***[***censored***]
    Sep 25 17:37:05 ***censored*** postfix/submission/smtpd[4824]: ***censored***[***censored***]: TLS cipher list "aNULL:-aNULL:HIGH:@STRENGTH"
    Sep 25 17:37:05 ***censored*** postfix/submission/smtpd[4824]: SSL_accept:before SSL initialization
    Sep 25 17:37:05 ***censored*** postfix/submission/smtpd[4824]: SSL_accept:before SSL initialization
    Sep 25 17:37:05 ***censored*** postfix/submission/smtpd[4824]: SSL_accept:SSLv3/TLS read client hello
    Sep 25 17:37:05 ***censored*** postfix/submission/smtpd[4824]: SSL_accept:SSLv3/TLS write server hello
    Sep 25 17:37:05 ***censored*** postfix/submission/smtpd[4824]: SSL_accept:SSLv3/TLS write certificate
    Sep 25 17:37:05 ***censored*** postfix/submission/smtpd[4824]: SSL_accept:SSLv3/TLS write key exchange
    Sep 25 17:37:05 ***censored*** postfix/submission/smtpd[4824]: SSL_accept:SSLv3/TLS write server done
    Sep 25 17:37:05 ***censored*** postfix/submission/smtpd[4824]: SSL_accept:SSLv3/TLS write server done
    Sep 25 17:37:05 ***censored*** postfix/submission/smtpd[4824]: SSL_accept:SSLv3/TLS read client key exchange
    Sep 25 17:37:05 ***censored*** postfix/submission/smtpd[4824]: SSL_accept:SSLv3/TLS read change cipher spec
    Sep 25 17:37:05 ***censored*** postfix/submission/smtpd[4824]: SSL_accept:SSLv3/TLS read finished
    Sep 25 17:37:05 ***censored*** postfix/submission/smtpd[4824]: ***censored***[***censored***]: Issuing session ticket, key expiration: 1506352024
    Sep 25 17:37:05 ***censored*** postfix/submission/smtpd[4824]: SSL_accept:SSLv3/TLS write session ticket
    Sep 25 17:37:05 ***censored*** postfix/submission/smtpd[4824]: SSL_accept:SSLv3/TLS write change cipher spec
    Sep 25 17:37:05 ***censored*** postfix/submission/smtpd[4824]: SSL_accept:SSLv3/TLS write finished
    Sep 25 17:37:05 ***censored*** postfix/submission/smtpd[4824]: Anonymous TLS connection established from ***censored***[***censored***]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
    Sep 25 17:37:06 ***censored*** postfix/submission/smtpd[4824]: 1E1EC1605E3: client=***censored***[***censored***], sasl_method=PLAIN, sasl_username=***censored***
    Sep 25 17:37:06 ***censored*** postfix/cleanup[4829]: 1E1EC1605E3: message-id=<0acc08fa8eced2bcdf9546ddb58093bb@***censored***>
    Sep 25 17:37:06 ***censored*** postfix/qmgr[4821]: 1E1EC1605E3: from=<***censored***>, size=4899, nrcpt=1 (queue active)
    Sep 25 17:37:06 ***censored*** postfix/submission/smtpd[4824]: disconnect from ***censored***[***censored***] ehlo=2 starttls=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=8
    Sep 25 17:37:06 ***censored*** dovecot[559]: imap(***censored***): Logged out in=4603 out=499
    Sep 25 17:37:06 ***censored*** postfix/virtual[4830]: 1E1EC1605E3: to=<***censored***>, relay=virtual, delay=0.21, delays=0.17/0.02/0/0.01, dsn=2.0.0, status=sent (delivered to maildir)
    Sep 25 17:37:06 ***censored*** postfix/qmgr[4821]: 1E1EC1605E3: removed

     

    I'm still not convinced it's a server-side issue. I have tried to find the blesta file that handles the email sending to see how is everything wrapped, but after going back the stream I bumped into an encrypted file. 

    The system environment is entirely built, customised and validated as working by myself. 

     

    Kind regards,

    George.

  6. SMTP issues - Blesta 4.1

    in Support

    Posted

    Hello,

     

    10 hours ago, timnboys said:

    what mail server are you running?

    as I use zimbra ose as my mail server stack and don't have any problems currently with blesta & tls smtp encryption.

    I'm using postfix with enforced TLS connection on submission.

     

    10 hours ago, gosuhost said:

    No issue here either, must be something on your server side

    If it was a server side issue then all other websites would have the same problem, but it's not the case.

     

    Kind regards,

    George.

  7. SMTP issues - Blesta 4.1

    in Support

    Posted

    Hello,

     

    I'm testing the latest Blesta version 4.1. I have configured the SMTP login details but when I'm sending a test e-mail the error is as follows:

    Sep 24 20:25:03 ***** postfix/submission/smtpd[22156]: connect from *****[*****]
    Sep 24 20:25:03 ***** postfix/submission/smtpd[22156]: SSL_accept error from *****[*****]: lost connection
    Sep 24 20:25:03 ***** postfix/submission/smtpd[22156]: lost connection after STARTTLS from *****[*****]

     

    Which means the application is not establishing a proper TLS connection, even tough in SMTP Settings the SMTP Security is set to "TLS".

    What's the solution to make TLS work?

     

    Kind regards,

    George.

  12. Ioncube Error

    in Support

    Posted

    Hello,

     

    My server is setup with PHP 7.1.x and using the latest ioncube loaders (10.0). I have tried to perform a new installation but installer crashes:

     

    1. Without uploading the contents of the "hotfix-php7" folder:

    [06-Aug-2017 09:34:05 UTC] PHP Fatal error:  The file /***/public_html/app/models/license.php was encoded by the ionCube Encoder for PHP 5.4 and cannot run under PHP 7.1.
     Please ask the provider of the script to provide a version encoded with the ionCube Encoder for PHP 7.1. in Unknown on line 0

     

    2. After uploading the contents of the "hotfix-php7" folder
    [06-Aug-2017 09:36:04 UTC] PHP Fatal error:  The file /***/public_html/app/models/license.php encoded as type [1/56] cannot be decoded by this version of the ionCube Loader.
     in Unknown on line 0

     

    Kind regards,

    George.

  14. Invoices not being delivered

    in Support

    Posted

    Hello,

    If I disable the cron in the Automation section then it doesn't run at all (invoices don't get delivered) when I manually execute the cron.

    Here is what I have in /etc/crontab

    */5 * * * * root /***censored***/php-cli5 -q /***censored***/public_html/index.php cron  > /dev/null 2>&1

  15. Invoices not being delivered

    in Support

    Posted

    14 hours ago, Paul said:

    Do you have the GD extension in your PHP?

    Yes.

    14 hours ago, Paul said:

    Does the logo and/or background image appear when trying to open an existing invoice?

    Yes.

    But still the cron fails to deliver invoices via email when  the invoice customization is set.

    If I remove the customization everything goes back to normal and invoices are delivered using email.

  23. New Module Guidance

    in Support

    Posted

    Hello,

     

     

    I wish to create a module that can do this:

     

    A client orders a dedicated server and if he purchases a server setup product then I input his ssh login details in the admin area.

     

    After I input his ssh root login details inside the server it is executed a bash script (after it gets to the clients server via wget) that would setup mysql, postfix, dovecot, nginx, csf, sphinx etc.

    Basically what needs to have a server in order to host some sites.

     

    I am not a cpanel fan because I do not like interfaces and I feel safer to work via command line.

    But it is time consuming to setup every server and instead I wish to automate this procedure.

     

    Basically what I need to know is how can I code this module to link the admin area of blesta to a clients server so I can run this script.

     

     

     

    Kind regards,

    George.

  24. Remove Version Details

    in Support

    Posted

    Hello,

     

     

    Is it ok to remove the footer script version details (Installed Version 3.x.x) to discourage any "good intended" people out there?

    Or is it just visible in the admin area?

     

     

     

    Kind regards,

    George.

×
×
  • Create New...