Status
Not open for further replies.

dwykofka

Well-Known Member
Aug 6, 2003
394
3
168
After upgrading today all of my customers with remote mail servers (i.e. exchange) are getting warning messages that they are being redirected to an autodiscover address with cpanel.

What a pain in the ...... this has been today.
 

resapu

Member
Oct 16, 2012
11
0
1
cPanel Access Level
Reseller Owner
It points to https://cpanelemaildiscovery.cpanel.net/autodiscoer/autodiscover.xml

Why are my customers being redirected to a cpanel url?


This is an URGENT issue

I expect more people to see this thread shortly once their systems upgrade to 11.34.02 and DNS updates

All of our customers SRV records have been wiped and automatically changed to:
https://cpanelemaildiscovery.cpanel.net/autodiscover/autodiscover.xml


When starting Outlook popup:

Allow this website to configure [email protected] server settings?
https://cpanelemaildiscovery.cpanel.net/autodiscover/autodiscover.xml

Also SSL certificate mismatch warning for autodiscover.domain.com warning box.


cPanel - please advise on a speedy resolution to roll back our changed records

For now we seem to be manually updating our SRV records and removing the automatic added A records (autoconfig IN A, autodiscover IN A) as per the 11.34.02 upgrade. Will not be a fun task figuring out the missing entries that have been wiped!
 
Last edited:

resapu

Member
Oct 16, 2012
11
0
1
cPanel Access Level
Reseller Owner
This is an URGENT issue

I expect more people to see this thread shortly once their systems upgrade to 11.34.02 and DNS updates

All of our customers SRV records have been wiped and automatically changed to:
https://cpanelemaildiscovery.cpanel.net/autodiscover/autodiscover.xml


When starting Outlook popup:

Allow this website to configure [email protected] server settings?
https://cpanelemaildiscovery.cpanel.net/autodiscover/autodiscover.xml

Also SSL certificate mismatch warning for autodiscover.domain.com warning box.


cPanel - please advise on a speedy resolution to roll back our changed records

I have a Ticket Lodged 3286803.. cPanel support please make this a priority
 

dwykofka

Well-Known Member
Aug 6, 2003
394
3
168
FYI, I did a grep for "cpanelemail" on /var/named and edited the records manually via whm to revert the changes.

I have /var/named backups so it was possible for me to compare the files and fix the errors however it was still a pain to deal with and some customers were upset because the dns changes took hours to propagate to their isp.
 

noimad1

Well-Known Member
Mar 27, 2003
629
0
166
Yea, this is killing me. Same issue of course and I don't think we had any backups on the zone files so I don't know what to do at this point other than to mange the flood of customers calling.
 

cPanelNick

Administrator
Staff member
Mar 9, 2015
3,488
35
208
cPanel Access Level
DataCenter Provider
We are currently investigating what it will take to provide support for disabling autoconfig/autodiscovery support on remote domains.

We currently discussing internally, and we have two directions on how we can proceed:

1 - Fast Fix) Drop autoconfig support for:
Outlook 2007
Outlook 2010
Thunderbird
Postbox
KDE Kmail

2 - Slow Fix) Add support for discovering remote mail domains to the proxy subdomains system. This will have to be tied into the system in many places so it will require extensive testing.

We plan on completing one of the two options before 11.34 is shipped to RELEASE.
 

cPanelNick

Administrator
Staff member
Mar 9, 2015
3,488
35
208
cPanel Access Level
DataCenter Provider
In the mean time if you want to remove all the autodiscovery/autoconfig dns entries here is patch that will allow you to do so without removing your custom SRV records (an ALPHA quality patch that has not been though QA yet, and only tested on my machine):

Note: this post will be removed once an official update is available.

Do not attempt the instructions below this line unless you are comfortable with patching code, and understand the risk associated with this.

Backup your zone files first.

Copy this patch file to /root on your server: View attachment noreplace_preserve_custom_SRV_13.patch.txt

Code:
[email protected] [/usr/local/cpanel]# patch -p1 < ~/noreplace_preserve_custom_SRV_13.patch.txt 
patching file Cpanel/DnsUtils.pm
patching file Cpanel/Proxy.pm
patching file Cpanel/TaskProcessors/ProxySubdomains.pm
patching file scripts/checkproxysubdomains
patching file scripts/proxydomains
Be sure this block is now present in /usr/local/cpanel/Cpanel/DnsUtils.pm before considering the instructions below
Code:
# Preserve custom SRV records
if ( $type eq 'SRV' && $current_record->{'record'} ne $value ) {
     push @domain_messages, "=$type\@$shortname (custom)";
    next;
}

After applying the patch ,
Code:
/scripts/proxydomains --subdomain=autodiscover,autoconfig remove
should remove all the autoconfig and autodiscover + SRV records (it should preserve custom ones if the patch was applied).

Then running
Code:
/scripts/proxydomains add
should add them back in for ONLY the localdomains.


If you have a specific _autodiscover._tcp SRV record you want to point all your remote domains to you could also do something like this (replace yourrdomainhere.com with where you want it to point .. be sure to double check this before you run it or just try it on one first)

Code:
for DOMAIN in `cat /etc/remotedomains`
do
perl -I/usr/local/cpanel -MCpanel::DnsUtils -e "Cpanel::DnsUtils::install_srv_records( [{'domain' => '$DOMAIN','record' => '_autodiscover._tcp.$DOMAIN.', 'value'=> '0 0 443 yourrdomainhere.com.'}], ['$DOMAIN', join('.',(split(/\./, '$DOMAIN'))[-2,-1]) ] );"
done
This is by no means a complete fix as it does not remove/add the autoconfig/autodiscover when a domain is moved from local to remote and vise-versa.
 

cPanelNick

Administrator
Staff member
Mar 9, 2015
3,488
35
208
cPanel Access Level
DataCenter Provider
We will be removing the autoconfig and auto discovery support for the following mail clients:
Outlook 2007
Outlook 2010
Thunderbird
Postbox
KDE Kmail
from 11.34. Once we have added support disabling the autodiscovery when a remote mail servers (ie Exchange) has been configured, we plan on re-introducing it in 11.36. If you installed 11.34.0.2 and this support was enabled, it will continue to function for domains it has been enabled on.

Unfortunately it is too late introduce this change into 11.34 without significantly delaying the rollout of RELEASE and STABLE which would trickle down to delaying 11.36.
 

MediaServe

Well-Known Member
PartnerNOC
Apr 9, 2004
138
2
168
Dallas, Texas
cPanel Access Level
DataCenter Provider
I've just been alerted by a client to this issue, and I applied the patch to his server. Running "/scripts/proxydomains --subdomain=autodiscover,autoconfig remove" does remove the autodiscovery records, but "/scripts/proxydomains add" adds them back even for a domain that has Remote Mail Exchanger set in MX Entry and is listed in /etc/remotedomains

I guess I'll remove them all and then leave it be for now.
 

SageBrian

Well-Known Member
Jun 1, 2002
416
2
318
NY/CT (US)
cPanel Access Level
Root Administrator
wow. this was a big mess. I just tried to run the patch, and it worked great for the records that didn't have special settings. But others that I have MX pointing elsewhere seemed to keep the settings.

Looks like I'll have to just restore from a backup.

I have to say, I am disappointed that this made it to the Release. I had waited 10 days from the Oct 5th updates, figured if there were any issues they would pop up.
The change log did not indicate a new release yet for 10/18. So, I foolishly updated, and got whacked by this mess of DNS settings.

It's a great feature, having autodiscovery. But it really should have been tested longer. AND it would have been ok to delay the Release. Now, instead, server admins have to fix/patch this mess.
 

MediaServe

Well-Known Member
PartnerNOC
Apr 9, 2004
138
2
168
Dallas, Texas
cPanel Access Level
DataCenter Provider
Patch appears to no longer be valid after cPanel changes.

Code:
/scripts/proxydomains --subdomain=autodiscover,autoconfig remove
Removing proxy subdomains for all users.
This may take several minutes if there are many accounts on the system.
Can't use an undefined value as an ARRAY reference at /usr/local/cpanel/Cpanel/Proxy.pm line 77.
What do we do now? I haven't gotten all servers patched yet and have clients complaining.
 
Last edited:

xkola

Registered
Oct 29, 2012
1
0
1
cPanel Access Level
Root Administrator
Patch appears to no longer be valid after cPanel changes.

Code:
/scripts/proxydomains --subdomain=autodiscover,autoconfig remove
Removing proxy subdomains for all users.
This may take several minutes if there are many accounts on the system.
Can't use an undefined value as an ARRAY reference at /usr/local/cpanel/Cpanel/Proxy.pm line 77.
What do we do now? I haven't gotten all servers patched yet and have clients complaining.

i've the same issue here, there is no new patch yet? :confused:
 

cPanelNick

Administrator
Staff member
Mar 9, 2015
3,488
35
208
cPanel Access Level
DataCenter Provider
The patch won't work past 11.34.0.2 since we removed autodiscover and autoconfig support in later versions (to be reintroduced in 11.36 with remotedomains support). You will need to downgrade to 11.34.0.2 and apply the patch in order to use it. You could then reupgrade to 11.34.0.6. If you need help downgrading, please open a ticket and reference this post.
 

RomulusJ

Registered
Feb 15, 2013
3
0
1
cPanel Access Level
Website Owner
Hello,

I am getting this exact issue but my agency is to the best of my knowledge NOT using cpanel. I would know as I am the IT Support for the agency

Facts of the situation
We moved ISPs the day of this started.
We use Microsoft Exchange wit access via web mail
Our former ISP and still our email provider is Smart Systems for Heath (eHealth - Ontario Government Health Ministry)
I've talked with our Email provider extensively and they have no idea what is causing this.
If we hit allow our web configuration settings are deleted and I have to go in and literally delete all email setting and reset the account and warn staff never ever ever hit allow. This is getting old....
We started on the same day of the ISP change using a SONICWALL firewall. No one seems to understand why this is occurring and are happily passing the buck., We're a modest Housing and Case Management Non-profit dealing with Mental Health and Addictions and so far I've had to spend literally over 80 hours working on this and pay people to look into this. I now am at the stage of coming here and going hoping people here can help.

This is an extremely frustrating and time consuming problem that I can't fix.
 
Status
Not open for further replies.