Postings by Dave

apache 2.4, git smart http, and gitweb configuration


I'm trying to host a git repository via smart http on apache 2.4. I'm
also trying to make it viewable using gitweb. The goal is for all
transactions to happen over https so I've got a letsencrypt
certificate. Both reading and writing to the repo on the server should
prompt for a password.

virtual host gives unexpected network read error


Can someone take a look at the below virtual host configuration?
Whenever I put it in my apache 2.4 the server returns an alert
unexpected network read error connection aborted message. If I take it
out the server behaves normally. Of course nothing is in any of the
logs I've got LogLevel set to warn.

difference in alias lines?


What is the difference between the two below alias lines?

Alias /.well-known/acme-challenge/ /usr/local/www/.well-known/
Alias /.well-known/acme-challenge "/usr/local/www/.well-known/"


disk cache block on a vps?


I've got an apache 2.4 system running on a vps. Is the below block
needed? Currently it is set in all virtual hosts, if it is needed can
it be set globally? If options are not needed let me know.

issue with apache and virtual hosts and acme-client letsencrypt certificates


I'm running a FreeBSD system that I'm running apache on and using that
to validate and put in to place letsencrypt certificates for several

I thought I had auto-updating working, turns out I didn't, but also
I've got a configuration problem with apache that is preventing
certificate validation.

If I use:

acme-client -v -C /usr/local/www/.well-known/acme-challenge -mbnN

/usr/local/www/.well-known/acme-challenge is where challenges are
stored, the validation works only if I have this line commented out:

Redirect / <a href="" title=""></a>

if t

virtual host double slash effect, need solution


I'm running Apache 2.4 on a FreeBSD 10.3 system, with several virtual
hosts. My goal is to have all of them completely ssl, except for the
.well-known area needed for letsencrypt.

I'm getting a double slash effect,

for example

and similar for other virtual hosts.

disk cache setup


Wondering about disk cache setup?

redirect vs. rewrite

I'm using apache 2.4. What is the difference between these lines?

Redirect permanent / <a href="" title=""></a>
RewriteRule ^/?(.*)$1 [R,L]

They both redirect.


Apache 2.4 and letsencrypt challenge setup issue?


I'm trying to get letsencrypt certificates working with
security/acme-client on FreeBSD 10.3, which I like much better than
the python certbot client.

That being said I'm having a problem where authentication is failing,
account keys are created, and from the output below it looks like the
tokens are being successfully generated, not retrieved.

New 2.4 configuration, need sanity and security check


I'm doing a config rewrite. I'm using apache 2.4. If someone who does
security could give my setup a check from a security perspective i'd
appreciate it.

I'm also wondering in particular about my cache setup and virtual

virtual transport lmtp vs. dovecot lda?


I'm running a Postfix 3.1 setup with Dovecot 2.29 and Mysql 5.7. I am
trying to track down an elusive problem. Previously I had my
virtual_transport set to dovecot with a dovecot service in
I then enabled the lmtp service which uses a socket

I keep getting the error in the logs to many connections to the mysql
database and stuff is deferred.

Any ideas?


Apache 2.4 with Mysql authentication


I've got a Mysql database set up for user authentication, with fields
username, password, group, and active. I've got a group testgroup that
i've put users in.

Re: Can not add foreign key constraint


Here's the create table sand error message.

root@localhost [(none)]> use mail;
Database changed
root@localhost [mail]> CREATE TABLE IF NOT EXISTS `lastauth` (
-> `user` varchar(40) NOT NULL,
-> `remote_ip` varchar(18) NOT NULL,
-> PRIMARY KEY (`user`),
-> FOREIGN KEY (user) REFERENCES virtual_users(user) ON DELETE CASCADE
ERROR 1215 (HY000): Cannot add foreign key constraint

For the table it's referencing

Can not add foreign key constraints


I'm trying to add a table to an existing database. I'm wanting it to get
one of it's fields from an already existing table. I've done this
before in this database.

file attachments for the domain only, and virtual mailbox size


I've got two issues. The first is I'm blocking file attachments in the
mime_headers file below. I'd like to allow those attachments but only
for hosts within the domain, so for example <a href="mailto: ... at example dot com"> ... at example dot com</a> can send
<a href="mailto: ... at example dot com"> ... at example dot com</a> a word document.

The second issue is I'm running virtual users out of a mysql database.
I'd like to ensure that each virtual user's mailbox is no larger than
250MB in size.



I'm running a postfix mail server. One of it's components is
antivirus. For that I'm running clamav. I'd like to have a second
scanner as backup. Does anyone have any experience with bitdefender?
If not any other suggestions?


gmail servers on blacklists?


I'm starting to see blocks on my messages to my mail server.

Possibly o.t. Postfixadmin 3.x unable to log in


Not sure if this is the right place for this question.

I have no previous experience with Postfixadmin for domain and user
management with postfix as I usually do my configuration file editing

I've got a project where i'm needing to run it. I've got a postfix
2.11 and Postfixadmin 3.0 install in a virtual machine. The setup.php
is complete, database connectivity works fine. I've generated the hash
password and put that line in config.local.php and an admin email.

nonconsistent proxy 503 or 502 errors with apache 2.4


I'm running a FreeBSD 10.3 server which has an Apache 2.4.25 system
running on it. It's reverse proxying to two web servers
and hosted in two separate FreeBSD jails.

I'm getting nonconsistent 502 and 503 errors when atempting to access
the systems from the outside.

For example one time I hit and it works. I then go to and get either a 502 or 503 message. I try from another
browser this time going to and it works, but then going
to gives me those same 502 or 503 error messages.

Inserting a signature


I'm wanting to insert an email signature in all outgoing email
messages. Is altermime still the best way of doing this or is there
another path?


free email fax setup postfix integration


I am looking for a free email 2 fax system that integrates with
postfix. I looked at faximum but that's very out of my range.

Anyone know of any product comparable?


Postfix, Dmarc, and Dkim for multiple domains


I'm not sure if this is the right place to ask this question, but it
is mail related.

I've got Postfix 3.1, and two milter filters dkim (with OpenDKIM), and
dmarc (with OpenDMARC). At the time of initial setup I had one virtual
mailbox domain and things were working fine.

Now I've added two more virtual mailbox domains and need to configure
both opendkim and opendmarc to handle them.

smtpd not announcing sasl capabilities


I'm running Postfix 3.1.

Allowing users to edit web sites safely


I've got a FreeBSD 10.3 server on which is running Apache 2.4. I've
got two web sites that are relevant to this message and which both get
backed up on an other daily basis.

A user wants now to take control of both. I don't use a control panel
so he'll have to make files then upload. I've got sftp set up to
restrict the user to his home directory area.



I'm looking for an autoresponder, free, and one that does not rely on

I saw one featured in a howtoforge article called Autoresponse 1.6.3
but that has been taken down, which is unfortunate, because how it
worked, sending an email to an address sounded great for my needs.

If anyone has this, or has any suggestions i'd appreciate them. I have
looked on the postfix page and the autoresponders there are paid
products, and the one that isn't uses an LDAP format which I am not


Postfix migration 2.11 to 3.1, Thunderbird, and antispam questions


I'm running a FreeBSD 10.3 AMD64 system. I just upgraded Postfix from
2.11 to 3.1. I'm using Dovecot for Sasl authentication via mysql and
email storage via maildir.

The system can receive emails from the internet via port 25, (running
postscreen), and store them on disk using dovecot, no p roblem.

I'm using Thunderbird 31.7.0 to connect remotely to my server and
retrieve and send email.

Am I overdoing my configuration?


I'm running Postfix 2.11.6 on a FreeBSD 10 system. I'm wondering if
I'm making my Postfix work to hard? I've got postscreen checking
various rbl lists to check for spammers then doing checks in my
smtpd_recipient_restrictions. Here's my config I'd appreciate any
comments on it?

postfix tls error on port 587


I'm running a FreeBSD 10.2 system, postfix 2.11.6, Openssl 1.0.1P. I'm
working on setting up a webmail client to my existing
Postfix/Dovecot/Mysql setup. I've tried two webmail clients both are
giving me the below errors when the webmail client (postfix dovecot
mysql the web server are all running on the same machine), atempts to
send mail through port 587.

Using the most secure SSL cipher suites


I'm configuring a new apache 2.4 system which will have a webmail app
running on it. I'm wanting to use only the most current/secure ssl
ciphers and ones that offer perfect forward secrecy. I'm using FreeBSD
10.1 and my openssl version is 1.0.1l. In the virtual host
configuration that will run the webmail app I have:

SSLEngine on
SSLCipherSuite HIGH

and then of course the path to my certificate and key.

Postfix with Postscreen and Fail2ban


Is anyone running Postfix 2.11 on an f21 machine? I'm using it and am
using postscreen which I really like. The system firewall is FirewallD
and I'm using fail2ban 0.9.1 to block brute force bot hits on the
machine. I've got the jail Fail2ban for Postfix enabled, but the
regexp don't appear to be catching the logs of attempted postscreen
connections. I'm assuming here that anything postscreen rejects is a
spammer and would like them rejected out of hand.

If anyone has this working I'd appreciate knowing how you did it.