Autodiscover with cpanelemaildiscovery.cpanel.net?

DWardCA · Apr 13, 2018

I'm trying to understand how Outlook autodiscover works for cPanel when the default autodiscover SRV is set to cpanelemaildiscovery.cpanel.net.

Specifically ... If Outlook is talking to cpanelemaildiscovery.cpanel.net - then how is it going to get the email configuration the user would use for my specific cpanel server?

I can't find any documentation explaining what the default cPanel autodiscover.xml file contains ... and I haven't figured out how to see it myself ...

I have seen the CPanel KB on AutoConfig and Autodiscover and it states

Microsoft® Outlook®’s Autodiscover service searches DNS for an SRV record for an email inbox’s domain that points to a particular server for Autodiscover. By default, this server is cpanelemaildiscovery.cpanel.net.
Click to expand...

From reading up on it on Microsoft's website...

In this example, the Autodiscover service does the following when the client tries to contact the Autodiscover service:

Autodiscover posts to https://contoso.com/Autodiscover/Autodiscover.xml. This fails.

Autodiscover posts to https://autodiscover.contoso.com/Autodiscover/Autodiscover.xml. This fails.

Autodiscover performs the following redirect check:
GET http://autodiscover.contoso.com/Autodiscover/Autodiscover.xml
This fails.

Autodiscover uses DNS SRV lookup for _autodiscover._tcp.contoso.com, and then "mail.contoso.com" is returned.

Outlook asks permission from the user to continue with Autodiscover to post to https://mail.contoso.com/autodiscover/autodiscover.xml.

Autodiscover'sPOST request is successfully posted to https://mail.contoso.com/autodiscover/autodiscover.xml.

Click to expand...

So if it gets down to the SRV stage .. and sees the following in the DNS records:

_autodiscover._tcp 3600 IN SRV 0 0 443 cpanelemaildiscovery.cpanel.net.

then it will send an HTTPS POST request to https://cpanelemaildiscovery.cpanel.net/Autodiscover/Autodiscover.xml

From reading this Microsoft Article on Exchange 2013 AutoDiscover, it says that the POST request is sent using POX which sends an XML POST request which contains the email address that it is attempting to autodiscover...

cPanelLauren · Apr 16, 2018

Hello,

While this defaults to the cpanelemaildiscovery.cpanel.net our documentation does indicate that you can create your own autodiscover hosts:

Host to publish in the SRV records for Outlook autodiscover support.
Microsoft® Outlook®’s Autodiscover service searches DNS for an SRV record for an email inbox’s domain that points to a particular server for Autodiscover. By default, this server is cpanelemaildiscovery.cpanel.net.

This setting allows system administrators to perform the following actions:

Choose the host that the system publishes to the SRV records.

Change the default host if they have an SSL-enabled host with an SSL certificate that a Certificate Authority signs.

Use their own server for Outlook® Autodiscover. Enter that server’s Fully Qualified Domain Name (FQDN) in the available text box.

When you enable the Host to publish in the SRV records for Outlook autodiscover support feature, the system queries the server that you specify for the Autodiscover settings. You must have a custom XML file for this feature to function properly.

This setting defaults to cpanelemaildiscovery.cpanel.net.

Notes:

For more information about how to use a custom XML file, visit Mozilla's autoconfiguration page, or the Exchange's Autodiscover page.

You must enable the Thunderbird and Outlook autodiscover and autoconfig support (enables proxy subdomain and SRV record creation) option in order to configure this option.

Click to expand...

Microsoft also provides their own if you're using their services. There are also a few other threads that discuss AutoDiscovery/AutoConfig which might be helpful as well:

cPanel Autodiscover, Exchange+POP
SOLVED - AutoDiscover & AutoConfig
Autodiscover setting breaking outlook autodisover for domains setup to remote exchange server

Thank you,

DWardCA · Apr 16, 2018

cPanelLauren said: ↑

While this defaults to the cpanelemaildiscovery.cpanel.net our documentation does indicate that you can create your own autodiscover hosts:
Click to expand...

Thank you for your response. Yes, I read up on that. I am also aware that there are PHP scripts out there that offer autodiscover / autoconfig services ( e.g. github.com/Thorarin/MailClientAutoConfig )

However, I was specifically interested in the default cpanelemaildiscovery.cpanel.net service. How the default autodiscover could provide the email configuration for cPanel hosts.

Since writing my original post, I learned that in Outlook you can Control + Right-Click the system tray icon and run a "Test Email AutoConfiguration" tool. I did this .. and I think I figured out why I wasn't able to see the autodiscover.xml file myself...

It reports:

AutoDiscover internet timeout against URL https://cpanelemaildiscovery.cpanel.net/autodiscover/autodiscover.xml

Whether that means the cPanel autodiscover service is down or removed I am not certain ... unless there is another issue at play here ....
But that would explain why I wasn't able to autodiscover my cPanel email configuration.

cPanelLauren · Apr 17, 2018

Hello,

When querying cpanelemaildiscovery.cpanel.net with your email client you should be able to obtain basic configuration instructions such as:

Code:

$ curl -d 'test@cpanel.net' https://cpanelemaildiscovery.cpanel.net/autodiscover/autodiscover.xml
<?xml version="1.0" encoding="utf-8"?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
    <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
        <User>
            <DisplayName>cpanel test</DisplayName>
            <EMailAddress>test@cpanel.net</EMailAddress>
        </User>
        <Action>
          <Settings>
            <Server>
              <Type>MobileSync</Type>
              <Url>https://exchange.cpanel.net/Microsoft-Server-ActiveSync</Url>
              <Name>https://exchange.cpanel.net/Microsoft-Server-ActiveSync</Name>
            </Server>
          </Settings>
        </Action>
        <Account>
            <AccountType>email</AccountType>
            <Action>settings</Action>
            <Protocol>
                <Type>IMAP</Type>
                <Server>mail.cpanel.net</Server>
                <Port>993</Port>
                <DomainRequired>off</DomainRequired>
                <SPA>off</SPA>
                <SSL>on</SSL>
                <AuthRequired>on</AuthRequired>
                <LoginName>test@cpanel.net</LoginName>
            </Protocol>
            <Protocol>
                <Type>SMTP</Type>
                <Server>mail.cpanel.net</Server>
                <Port>465</Port>
                <DomainRequired>off</DomainRequired>
                <SPA>off</SPA>
                <SSL>on</SSL>
                <AuthRequired>on</AuthRequired>
                <LoginName>test@cpanel.net</LoginName>
            </Protocol>
        </Account>
    </Response>

This appears to be experiencing intermittent issues though as I found while testing. I've opened an internal case to have this addressed. I'll update here when I have more information

DWardCA · Apr 17, 2018

Thank You for your help on this cPanelLauren ..

cPanelLauren said: ↑

{simplified quote}
<Protocol>
<Type>IMAP</Type>
<Server>mail.cpanel.net</Server>
<Port>993</Port>
<LoginName>test@cpanel.net</LoginName>
</Protocol>
Click to expand...

Even though it is down for me at the moment, you may still be able to answer my question.

See how it returns the server "mail.cpanel.net" in your example?
How does the cpanelemaildiscovery.cpanel.net autodiscover service know what the mail server should be?

... or does it basically just add the mail host name to the domain provided by the email? So if I did:
Code:
$ curl -d 'bob@lol.foobar.com' https://cpanelemaildiscovery.cpanel.net/autodiscover/autodiscover.xml
... would it return:
Code:
           <Protocol>
               <Type>IMAP</Type>
               <Server>mail.lol.foobar.com</Server>
               <Port>993</Port>
               <LoginName>bob@lol.foobar.com</LoginName>
           </Protocol>
????

PS - thanks for that curl command. Was looking for a good way to test it.

cPanelLauren said: ↑

This appears to be experiencing intermittent issues though as I found while testing. I've opened an internal case to have this addressed. I'll update here when I have more information
Click to expand...

I am relieved it is not just me. Thank you for looking into it ...
When I'm lucky I get a "503 Service Unavailable" response. Most times it just gives me a "Connection timed out"

-Daniel

cPanelLauren · Apr 17, 2018

DWardCA said: ↑

See how it returns the server "mail.cpanel.net" in your example?
How does the cpanelemaildiscovery.cpanel.net autodiscover service know what the mail server should be?
Click to expand...

So what this does is send a GET request to the domain in the email address which *should* return your server's specific autoconfig details:
Code:
$ curl -d '<EMailAddress>lauren@mydomain.tech</EMailAddress>' https://cpanelemaildiscovery.cpanel.net/autodiscover/autodiscover.xml
<?xml version="1.0" encoding="utf-8"?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
    <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
        <User>
            <DisplayName>lauren@mydomain.tech</DisplayName>
            <EMailAddress>lauren@mydomain.tech</EMailAddress>
        </User>
        <Account>
            <AccountType>email</AccountType>
            <Action>settings</Action>
            <Protocol>
                <Type>IMAP</Type>
                <Server>mail.mydomain.tech</Server>
                <Port>993</Port>
                <DomainRequired>off</DomainRequired>
                <SPA>off</SPA>
                <SSL>on</SSL>
                <AuthRequired>on</AuthRequired>
                <LoginName>lauren@mydomain.tech</LoginName>
            </Protocol>
            <Protocol>
                <Type>SMTP</Type>
                <Server>mail.mydomain.tech</Server>
                <Port>465</Port>
                <DomainRequired>off</DomainRequired>
                <SPA>off</SPA>
                <SSL>on</SSL>
                <AuthRequired>on</AuthRequired>
                <LoginName>lauren@mydomain.tech</LoginName>
            </Protocol>
        </Account>
    </Response>
When it fails to resolve your domain or get the expected response (i.e. it gets a 301) it will return data specific to the local setup so cpanel.net related information for a test account.

DWardCA said: ↑

I am relieved it is not just me. Thank you for looking into it ...
When I'm lucky I get a "503 Service Unavailable" response. Most times it just gives me a "Connection timed out"
Click to expand...

I have an internal systems ticket open for this and it is getting attention, I'm sorry for the inconvenience and nope, not just you, thank you for bringing to our attention!!

Thank you,

DWardCA · Apr 17, 2018

cPanelLauren said: ↑

So what this does is send a GET request to the domain in the email address which *should* return your server's specific autoconfig details
Click to expand...

Thanks Lauren .. this is the part I am most interested in ..

You say it "should" return the server's specific autoconfig details ... how do I see if that is working on my cPanel server?

What page does that GET request ... request?

Is it contacting the default host on the domain or is it using a specific hostname such as autodiscover.mydomain.com

Is this part of cPanel itself or does each user need to have the support for it? I don't see anything in the apache includes ...

Thanks

Daniel

cPanelLauren · Apr 17, 2018

Here's what the request looks like when ran this earlier for an email address on my personal domain:
Code:
# grep -r autodiscover /etc/apache2/domlogs/ |grep "17/Apr/2018"
/etc/apache2/domlogs/proxy-subdomains-vhost.localhost:127.0.0.1 - - [17/Apr/2018:09:16:17 -0400] "GET /cgi-sys/autodiscover.cgi?email=lauren%40mydomain.tech HTTP/1.1" 200 1196 "-" "autodisc/2.000 (cPanel autodiscover/autoconfig server)"
/etc/apache2/domlogs/proxy-subdomains-vhost.localhost:208.74.120.173 - - [17/Apr/2018:09:16:17 -0400] "GET /cgi-sys/autodiscover.cgi?email=lauren%40mydomain.tech HTTP/1.1" 200 1196 "-" "autodisc/2.000 (cPanel autodiscover/autoconfig server)"
/etc/apache2/domlogs/proxy-subdomains-vhost.localhost:127.0.0.1 - - [17/Apr/2018:13:47:31 -0400] "GET /cgi-sys/autodiscover.cgi?email=lauren%40mydomain HTTP/1.1" 200 1196 "-" "autodisc/2.000 (cPanel autodiscover/autoconfig server)"
/etc/apache2/domlogs/proxy-subdomains-vhost.localhost:208.74.120.173 - - [17/Apr/2018:13:47:31 -0400] "GET /cgi-sys/autodiscover.cgi?email=lauren%40mydomain.tech HTTP/1.1" 200 1196 "-" "autodisc/2.000 (cPanel autodiscover/autoconfig server)"
So the issue with the autoconfig through cpanelemaildiscovery.cpanel.net is happening on our side not yours and while the issue is ongoing I wouldn't suggest testing using it but you can if you like using the same command I used. To set up Autoconfig/Autodiscovery on your own server our documentation here goes over the steps:
AutoConfig and Autodiscover - cPanel Knowledge Base - cPanel Documentation

DWardCA · Apr 17, 2018

cPanelLauren said: ↑

Here's what the request looks like when ran this earlier for an email address on my personal domain
Click to expand...

Thanks Lauren - again - great information.

I'm not seeing ANY autodiscover.cgi references in any of our account logs. When I curl or wget against /cgi-sys/autodiscover.cgi it reports Autodiscover and Autoconfig support is disabled. I am guessing that I need to enable proxy subdomains for this to be enabled.

Before I enable proxy subdomains I need to do a bit more reserach and ensure it will apply to only new users and won't cause unintended interference with existing configurations (e.g. existing autodiscover configurations in DNS-only clients configured for Office 365)

As a side note, I see many autodiscover SRV records in our DNS pointing to cpanelemaildiscovery.cpanel.net - so I am guessing that the configuration option was not persisted during our last hosting provider change migration.

Again, thanks for all your help.

DWardCA · Apr 17, 2018

I enabled Proxy subdomains,
disabled Proxy subdomain creation, and
enabled Thunderbird and Outlook autodiscover and autoconfig support (enables proxy subdomain and SRV record creation)

It completely rewrote all of the zone files ... so apparently the "enables proxy subdomain and SRV record creation" notice does not *JUST* apply to those subdomains and SRV records that relate to Thunderbird and Outlook autodiscover - it applies to ALL proxy subdomains ...

cpcontacts, webmail, webdisk, cpanel, cpcalendars, autoconfig ...
plus it added in the caldav and carddav SRV and TXT entries ...
It also did this for EVERY subdomain too .. so that was a LOT of records ..

I ended up restoring the /var/named files from a backup and restarting the DNS service.

After all that ... it looks like the /cgi-sys/autodiscover.cgi is just substituting the domain name of the email that it was passed. I'm not certain if its actually accessing the cPanel configuration at all. Not sure if there is a way to control what information is passes back to cpanelemaildiscovery.cpanel.net .. its an ELF binary .. not a script ..

cPanelLauren · Apr 18, 2018

HI

Enabling proxy subdomains is what I would assume created all the records an explanation of proxy subdomains can be found here: Proxy Subdomains Explanation - cPanel Knowledge Base - cPanel Documentation

The following forum posts also go over customizing the autodiscover.xml and may be helpful for you:
Autodiscover
Autodiscover domain / server name
Autodiscover dns records

In order to send back different information, you can customize this further utilizing an xml file. There are links to both Mozilla and Microsoft for more details on the format. I would highly recommend reviewing that information.

Though you didn't specifically mention Apple, I wanted to make note: Apple® email clients do not support AutoConfig or AutoDiscover for IMAP servers. To use AutoConfig and AutoDiscover with Apple products, you must meet one of the following requirements:

- Your service provider must register with Apple's AutoDiscover service.
- Your server must run Exchange rather than IMAP.

Forums

The Community Forums

Interact with an entire community of cPanel & WHM users!

Autodiscover with cpanelemaildiscovery.cpanel.net?

DWardCA Member

cPanelLauren Forums Analyst II
Staff Member

DWardCA Member

cPanelLauren Forums Analyst II
Staff Member

DWardCA Member

cPanelLauren Forums Analyst II
Staff Member

DWardCA Member

cPanelLauren Forums Analyst II
Staff Member

DWardCA Member

DWardCA Member

cPanelLauren Forums Analyst II
Staff Member

New Thread ModSecurity Rule Triggered by autodiscover

Autodiscover.xml redirect behavior

SOLVED Get rid of autodiscover.domain.com, webdisk.domain.com, etc?

Disabling autodiscover?

autodiscover.cgi running and hogging memory

Share This Page

Useful Searches

The Community Forums

Interact with an entire community of cPanel & WHM users!

Autodiscover with cpanelemaildiscovery.cpanel.net?

DWardCA Member

cPanelLauren Forums Analyst II Staff Member

DWardCA Member

cPanelLauren Forums Analyst II Staff Member

DWardCA Member

cPanelLauren Forums Analyst II Staff Member

DWardCA Member

cPanelLauren Forums Analyst II Staff Member

DWardCA Member

DWardCA Member

cPanelLauren Forums Analyst II Staff Member

New Thread ModSecurity Rule Triggered by autodiscover

Autodiscover.xml redirect behavior

SOLVED Get rid of autodiscover.domain.com, webdisk.domain.com, etc?

Disabling autodiscover?

autodiscover.cgi running and hogging memory

Share This Page

cPanelLauren Forums Analyst II
Staff Member

cPanelLauren Forums Analyst II
Staff Member

cPanelLauren Forums Analyst II
Staff Member

cPanelLauren Forums Analyst II
Staff Member

cPanelLauren Forums Analyst II
Staff Member