Autodiscover with cpanelemaildiscovery.cpanel.net?

[DWardCA]

I'm trying to understand how Outlook autodiscover works for cPanel when the default autodiscover SRV is set to cpanelemaildiscovery.cpanel.net.

Specifically ... If Outlook is talking to cpanelemaildiscovery.cpanel.net - then how is it going to get the email configuration the user would use for my specific cpanel server?

I can't find any documentation explaining what the default cPanel autodiscover.xml file contains ... and I haven't figured out how to see it myself ...


I have seen the CPanel KB on AutoConfig and Autodiscover and it states

Microsoft® Outlook®’s Autodiscover service searches DNS for an SRV record for an email inbox’s domain that points to a particular server for Autodiscover. By default, this server is cpanelemaildiscovery.cpanel.net.

From reading up on it on Microsoft's website...

In this example, the Autodiscover service does the following when the client tries to contact the Autodiscover service:

1. Autodiscover posts to https://contoso.com/Autodiscover/Autodiscover.xml. This fails.
2. Autodiscover posts to https://autodiscover.contoso.com/Autodiscover/Autodiscover.xml. This fails.
3. Autodiscover performs the following redirect check:
   GET http://autodiscover.contoso.com/Autodiscover/Autodiscover.xml
   This fails.
4. Autodiscover uses DNS SRV lookup for _autodiscover._tcp.contoso.com, and then "mail.contoso.com" is returned.
5. Outlook asks permission from the user to continue with Autodiscover to post to https://mail.contoso.com/autodiscover/autodiscover.xml.
6. Autodiscover'sPOST request is successfully posted to https://mail.contoso.com/autodiscover/autodiscover.xml.

So if it gets down to the SRV stage .. and sees the following in the DNS records:

_autodiscover._tcp 3600 IN SRV 0 0 443 cpanelemaildiscovery.cpanel.net.

then it will send an HTTPS POST request to https://cpanelemaildiscovery.cpanel.net/Autodiscover/Autodiscover.xml

From reading this Microsoft Article on Exchange 2013 AutoDiscover, it says that the POST request is sent using POX which sends an XML POST request which contains the email address that it is attempting to autodiscover...

 

[cPanelLauren]

Hello,


While this defaults to the cpanelemaildiscovery.cpanel.net our documentation does indicate that you can create your own autodiscover hosts:

Host to publish in the SRV records for Outlook autodiscover support.
Microsoft® Outlook®’s Autodiscover service searches DNS for an SRV record for an email inbox’s domain that points to a particular server for Autodiscover. By default, this server is cpanelemaildiscovery.cpanel.net.

This setting allows system administrators to perform the following actions:

• Choose the host that the system publishes to the SRV records.
• Change the default host if they have an SSL-enabled host with an SSL certificate that a Certificate Authority signs.
• Use their own server for Outlook® Autodiscover. Enter that server’s Fully Qualified Domain Name (FQDN) in the available text box.
• When you enable the Host to publish in the SRV records for Outlook autodiscover support feature, the system queries the server that you specify for the Autodiscover settings. You must have a custom XML file for this feature to function properly.

This setting defaults to cpanelemaildiscovery.cpanel.net.

Notes:

• For more information about how to use a custom XML file, visit Mozilla's autoconfiguration page, or the Exchange's Autodiscover page.
• You must enable the Thunderbird and Outlook autodiscover and autoconfig support (enables proxy subdomain and SRV record creation) option in order to configure this option.

Microsoft also provides their own if you're using their services. There are also a few other threads that discuss AutoDiscovery/AutoConfig which might be helpful as well:

cPanel Autodiscover, Exchange+POP
SOLVED - AutoDiscover & AutoConfig
Autodiscover setting breaking outlook autodisover for domains setup to remote exchange server

Thank you,

 

[DWardCA]

While this defaults to the cpanelemaildiscovery.cpanel.net our documentation does indicate that you can create your own autodiscover hosts:

Thank you for your response. Yes, I read up on that. I am also aware that there are PHP scripts out there that offer autodiscover / autoconfig services ( e.g. github.com/Thorarin/MailClientAutoConfig )

However, I was specifically interested in the default cpanelemaildiscovery.cpanel.net service. How the default autodiscover could provide the email configuration for cPanel hosts.


Since writing my original post, I learned that in Outlook you can Control + Right-Click the system tray icon and run a "Test Email AutoConfiguration" tool. I did this .. and I think I figured out why I wasn't able to see the autodiscover.xml file myself...

It reports:

AutoDiscover internet timeout against URL https://cpanelemaildiscovery.cpanel.net/autodiscover/autodiscover.xml

Whether that means the cPanel autodiscover service is down or removed I am not certain ... unless there is another issue at play here ....
But that would explain why I wasn't able to autodiscover my cPanel email configuration.

 

[cPanelLauren]

Hello,


When querying cpanelemaildiscovery.cpanel.net with your email client you should be able to obtain basic configuration instructions such as:

$ curl -d '[email protected]' https://cpanelemaildiscovery.cpanel.net/autodiscover/autodiscover.xml
<?xml version="1.0" encoding="utf-8"?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
    <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
        <User>
            <DisplayName>cpanel test</DisplayName>
            <EMailAddress>[email protected]</EMailAddress>
        </User>
        <Action>
          <Settings>
            <Server>
              <Type>MobileSync</Type>
              <Url>https://exchange.cpanel.net/Microsoft-Server-ActiveSync</Url>
              <Name>https://exchange.cpanel.net/Microsoft-Server-ActiveSync</Name>
            </Server>
          </Settings>
        </Action>
        <Account>
            <AccountType>email</AccountType>
            <Action>settings</Action>
            <Protocol>
                <Type>IMAP</Type>
                <Server>mail.cpanel.net</Server>
                <Port>993</Port>
                <DomainRequired>off</DomainRequired>
                <SPA>off</SPA>
                <SSL>on</SSL>
                <AuthRequired>on</AuthRequired>
                <LoginName>[email protected]</LoginName>
            </Protocol>
            <Protocol>
                <Type>SMTP</Type>
                <Server>mail.cpanel.net</Server>
                <Port>465</Port>
                <DomainRequired>off</DomainRequired>
                <SPA>off</SPA>
                <SSL>on</SSL>
                <AuthRequired>on</AuthRequired>
                <LoginName>[email protected]</LoginName>
            </Protocol>
        </Account>
    </Response>

This appears to be experiencing intermittent issues though as I found while testing. I've opened an internal case to have this addressed. I'll update here when I have more information

 

[DWardCA]

Thank You for your help on this cPanelLauren ..

{simplified quote}
<Protocol>
<Type>IMAP</Type>
<Server>mail.cpanel.net</Server>
<Port>993</Port>
<LoginName>[email protected]</LoginName>
</Protocol>

Even though it is down for me at the moment, you may still be able to answer my question.

See how it returns the server "mail.cpanel.net" in your example?
How does the cpanelemaildiscovery.cpanel.net autodiscover service know what the mail server should be?


... or does it basically just add the mail host name to the domain provided by the email? So if I did:

$ curl -d '[email protected]' https://cpanelemaildiscovery.cpanel.net/autodiscover/autodiscover.xml

... would it return:

           <Protocol>
               <Type>IMAP</Type>
               <Server>mail.lol.foobar.com</Server>
               <Port>993</Port>
               <LoginName>[email protected]</LoginName>
           </Protocol>

????

PS - thanks for that curl command. Was looking for a good way to test it.

This appears to be experiencing intermittent issues though as I found while testing. I've opened an internal case to have this addressed. I'll update here when I have more information

I am relieved it is not just me. Thank you for looking into it ...
When I'm lucky I get a "503 Service Unavailable" response. Most times it just gives me a "Connection timed out"

-Daniel

 

[cPanelLauren]

See how it returns the server "mail.cpanel.net" in your example?
How does the cpanelemaildiscovery.cpanel.net autodiscover service know what the mail server should be?

So what this does is send a GET request to the domain in the email address which *should* return your server's specific autoconfig details:

$ curl -d '<EMailAddress>[email protected]</EMailAddress>' https://cpanelemaildiscovery.cpanel.net/autodiscover/autodiscover.xml
<?xml version="1.0" encoding="utf-8"?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
    <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
        <User>
            <DisplayName>[email protected]</DisplayName>
            <EMailAddress>[email protected]</EMailAddress>
        </User>
        <Account>
            <AccountType>email</AccountType>
            <Action>settings</Action>
            <Protocol>
                <Type>IMAP</Type>
                <Server>mail.mydomain.tech</Server>
                <Port>993</Port>
                <DomainRequired>off</DomainRequired>
                <SPA>off</SPA>
                <SSL>on</SSL>
                <AuthRequired>on</AuthRequired>
                <LoginName>[email protected]</LoginName>
            </Protocol>
            <Protocol>
                <Type>SMTP</Type>
                <Server>mail.mydomain.tech</Server>
                <Port>465</Port>
                <DomainRequired>off</DomainRequired>
                <SPA>off</SPA>
                <SSL>on</SSL>
                <AuthRequired>on</AuthRequired>
                <LoginName>[email protected]</LoginName>
            </Protocol>
        </Account>
    </Response>

When it fails to resolve your domain or get the expected response (i.e. it gets a 301) it will return data specific to the local setup so cpanel.net related information for a test account.

I am relieved it is not just me. Thank you for looking into it ...
When I'm lucky I get a "503 Service Unavailable" response. Most times it just gives me a "Connection timed out"

I have an internal systems ticket open for this and it is getting attention, I'm sorry for the inconvenience and nope, not just you, thank you for bringing to our attention!!


Thank you,

 

[DWardCA]

So what this does is send a GET request to the domain in the email address which *should* return your server's specific autoconfig details

Thanks Lauren .. this is the part I am most interested in ..

You say it "should" return the server's specific autoconfig details ... how do I see if that is working on my cPanel server?

• What page does that GET request ... request?
• Is it contacting the default host on the domain or is it using a specific hostname such as autodiscover.mydomain.com
• Is this part of cPanel itself or does each user need to have the support for it? I don't see anything in the apache includes ...

Thanks

Daniel

 

[cPanelLauren]

Here's what the request looks like when ran this earlier for an email address on my personal domain:

# grep -r autodiscover /etc/apache2/domlogs/ |grep "17/Apr/2018"
/etc/apache2/domlogs/proxy-subdomains-vhost.localhost:127.0.0.1 - - [17/Apr/2018:09:16:17 -0400] "GET /cgi-sys/autodiscover.cgi?email=lauren%40mydomain.tech HTTP/1.1" 200 1196 "-" "autodisc/2.000 (cPanel autodiscover/autoconfig server)"
/etc/apache2/domlogs/proxy-subdomains-vhost.localhost:208.74.120.173 - - [17/Apr/2018:09:16:17 -0400] "GET /cgi-sys/autodiscover.cgi?email=lauren%40mydomain.tech HTTP/1.1" 200 1196 "-" "autodisc/2.000 (cPanel autodiscover/autoconfig server)"
/etc/apache2/domlogs/proxy-subdomains-vhost.localhost:127.0.0.1 - - [17/Apr/2018:13:47:31 -0400] "GET /cgi-sys/autodiscover.cgi?email=lauren%40mydomain HTTP/1.1" 200 1196 "-" "autodisc/2.000 (cPanel autodiscover/autoconfig server)"
/etc/apache2/domlogs/proxy-subdomains-vhost.localhost:208.74.120.173 - - [17/Apr/2018:13:47:31 -0400] "GET /cgi-sys/autodiscover.cgi?email=lauren%40mydomain.tech HTTP/1.1" 200 1196 "-" "autodisc/2.000 (cPanel autodiscover/autoconfig server)"

So the issue with the autoconfig through cpanelemaildiscovery.cpanel.net is happening on our side not yours and while the issue is ongoing I wouldn't suggest testing using it but you can if you like using the same command I used. To set up Autoconfig/Autodiscovery on your own server our documentation here goes over the steps:
AutoConfig and Autodiscover - cPanel Knowledge Base - cPanel Documentation

 

[DWardCA]

Here's what the request looks like when ran this earlier for an email address on my personal domain

Thanks Lauren - again - great information.

I'm not seeing ANY autodiscover.cgi references in any of our account logs. When I curl or wget against /cgi-sys/autodiscover.cgi it reports Autodiscover and Autoconfig support is disabled. I am guessing that I need to enable proxy subdomains for this to be enabled.

Before I enable proxy subdomains I need to do a bit more reserach and ensure it will apply to only new users and won't cause unintended interference with existing configurations (e.g. existing autodiscover configurations in DNS-only clients configured for Office 365)

As a side note, I see many autodiscover SRV records in our DNS pointing to cpanelemaildiscovery.cpanel.net - so I am guessing that the configuration option was not persisted during our last hosting provider change migration.

Again, thanks for all your help.

 

[DWardCA]

I enabled Proxy subdomains,
disabled Proxy subdomain creation, and
enabled Thunderbird and Outlook autodiscover and autoconfig support (enables proxy subdomain and SRV record creation)

It completely rewrote all of the zone files ... so apparently the "enables proxy subdomain and SRV record creation" notice does not *JUST* apply to those subdomains and SRV records that relate to Thunderbird and Outlook autodiscover - it applies to ALL proxy subdomains ...

cpcontacts, webmail, webdisk, cpanel, cpcalendars, autoconfig ...
plus it added in the caldav and carddav SRV and TXT entries ...
It also did this for EVERY subdomain too .. so that was a LOT of records ..

I ended up restoring the /var/named files from a backup and restarting the DNS service.

After all that ... it looks like the /cgi-sys/autodiscover.cgi is just substituting the domain name of the email that it was passed. I'm not certain if its actually accessing the cPanel configuration at all. Not sure if there is a way to control what information is passes back to cpanelemaildiscovery.cpanel.net .. its an ELF binary .. not a script ..

 

[cPanelLauren]

HI

Enabling proxy subdomains is what I would assume created all the records an explanation of proxy subdomains can be found here: Proxy Subdomains Explanation - cPanel Knowledge Base - cPanel Documentation

The following forum posts also go over customizing the autodiscover.xml and may be helpful for you:
Autodiscover
Autodiscover domain / server name
Autodiscover dns records

In order to send back different information, you can customize this further utilizing an xml file. There are links to both Mozilla and Microsoft for more details on the format. I would highly recommend reviewing that information.

Though you didn't specifically mention Apple, I wanted to make note: Apple® email clients do not support AutoConfig or AutoDiscover for IMAP servers. To use AutoConfig and AutoDiscover with Apple products, you must meet one of the following requirements:

- Your service provider must register with Apple's AutoDiscover service.
- Your server must run Exchange rather than IMAP.