Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Disable auto-generation of mail ServerAlias?

Discussion in 'Security' started by DWardCA, Feb 9, 2018.

  1. DWardCA

    DWardCA Registered

    Joined:
    Aug 12, 2017
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Edmonton, Canada
    cPanel Access Level:
    Root Administrator
    My core question is ..

    Which method (from the CLI) is recommended in order to disable the auto-generation of the mail ServerAlias entries that are populating in the /var/cpanel/userdata/<account> files??

    I have researched this .. here's what I have come to learn:
    • As of cPanel version 60, the "mail" and "www" serveraliases entries are added to all domains by design. This is to facilitate the Domain certificate generation system.
    • In each account's Home -> Security -> TLS/SSL Status configuration, you can exclude the mail and www entries.
    AutoSSL issue:
    We recently migrated our cPanel server to a new provider and we are having issues with AutoSSL emailing notifications to clients (which in turn is generating tickets and noise on our helpdesk).

    There are various notifications being sent ...
    -Successfully Renewed Certificate
    -Could not renew because mail.domain.com failed DCV
    -Could not renew because mail.domain.com does not resolve
    -Could not renew because mail.domain.com resolves to a different IP

    • I disabled the Send notifications when AutoSSL has renewed a certificate. option under Manage AutoSSL -> Options. This has solved the successfully renewed certificate notifications.

    • I disabled the Send notifications when certificates approach expiry option under Server Configuration -> Tweak Settings -> Notifications
    • I disabled AutoSSL for DNS-only clients under Packages -> Feature Manager. Edited the feature profile for the DNS-only package.

    • I found that if I remove the ServerAlias entries from the files (config + cache) in /var/cpanel/userdata/account .. this pretty much corrects the AutoSSL issues entirely .. this is why my main question is how to go about doing this "correctly" and globally on the WHM.
    I have already built a script that looks at each users' userdata files .. and attempts to resolve the mail domain ... if it fails it spits it out into an invalid_mail_domains.txt file for me ...

    From forum posts, it looks like I may be looking at modifying the Global Apache Configuration. The posts referenced CPanel documentation, which in turn referenced /etc/apache2/conf.d/userdata. I don't see the userdata folder in that directory structure however. I could create it - but I am not sure what the format would be.

    I'm fairly new to cPanel .. been around Linux/Unix for decades tho ..

    Thanks for your time ..

    Dan
     
  2. DWardCA

    DWardCA Registered

    Joined:
    Aug 12, 2017
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Edmonton, Canada
    cPanel Access Level:
    Root Administrator
    Found this forum post:
    Do /var/cpanel/userdata files get regenerated?

    Which states:
    So this sounds like I should be able to make all my modifications within /var/cpanel/userdata and that's it .. (other than backing it up first)
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    41,437
    Likes Received:
    1,608
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page