[PART 8 – VERY FIRST DRAFT] [Virtualmin and Webmin] Teo En Ming’s Notes for Setting Up Slave DNS Server

Subject: [PART 8 – VERY FIRST DRAFT] [Virtualmin and Webmin] Teo En Ming’s Notes for Setting Up Slave DNS Server

Author: Mr. Turritopsis Dohrnii Teo En Ming (TARGETED INDIVIDUAL)

Country: Singapore

Date: 24 Oct 2021 Sunday Singapore Time

Type of Publication: Plain Text

Document Version: 20211024.01

WHAT IS WHAT

=============

Virtualmin is the MASTER Server.

Webmin is the SLAVE Server.

DETAILED INSTRUCTIONS

======================

Setting Primary Name Server in Virtualmin Master Server

========================================================

Reference Guide: Name server setting, hostname and DNS

Link: https://archive.virtualmin.com/node/22091

Login to Virtualmin.

Click System Settings > Server Templates

Click on Default Settings template.

Edit template section: BIND DNS domain

Under Master DNS server hostname, click Hostname. Change from vmi696121.contaboserver.net to ns1.turritopsis-dohrnii-teo-en-ming.com

Click Save.

Modify System hostname in the Master Server

===========================================

Putty/SSH into your Virtualmin server.

The existing /etc/hosts is as follows:

127.0.0.1 localhost.localdomain localhost

::1 localhost6.localdomain6 localhost6

185.182.9.61 vmi696121.contaboserver.net vmi696121

Modify your /etc/hosts as follows:

127.0.0.1 localhost.localdomain localhost

::1 localhost6.localdomain6 localhost6

185.182.9.61 ns1.turritopsis-dohrnii-teo-en-ming.com ns1

Login to Virtualmin.

Click on Webmin at the top left.

Click Dashboard.

Click on System hostname.

Change Hostname from vmi696121.contaboserver.net to ns1.turritopsis-dohrnii-teo-en-ming.com

Click Save.

Reboot the Virtualmin Master Server using Putty.

Changing IP address of Name Server 2 at Your Domain Registrar

=================================================================

Login to your domain registrar. In my case it is namecheap.

Click Domain List on the left menu.

Click domain turritopsis-dohrnii-teo-en-ming.com and click Manage.

Under NAMESERVERS, change to Namecheap BasicDNS. Click green check mark.

Click Advanced DNS.

Under PERSONAL DNS SERVER, click Search.

Click ns2.turritopsis-dohrnii-teo-en-ming.com and click Delete.

Still under PERSONAL DNS SERVER, click ADD NAMESERVER.

Nameserver: ns2

IP Address: 185.214.135.104

Click Done.

Click Search again to ensure both ns1 and ns2 entries show up.

Click the Domain tab at the top.

Under NAMESERVERS, change to Custom DNS.

Nameserver 1: ns1.turritopsis-dohrnii-teo-en-ming.com

Nameserver 2: ns2.turritopsis-dohrnii-teo-en-ming.com

Click the green check mark.

Sign out of namecheap.

Changing IP address of Name Server 2 in Virtualmin Master Server

================================================================

Login to Virtualmin.

Click Webmin at the top left.

Click Servers > BIND DNS Server

Click the zone turritopsis-dohrnii-teo-en-ming.com

Click Address button.

Click ns2.turritopsis-dohrnii-teo-en-ming.com.

Change Address to 185.214.135.104

Click Save.

Click Return to record types.

Click Apply Configuration.

Setting Up the Slave DNS Server

================================

Putty/SSH into your Slave DNS Server.

Change your root password.

# passwd

Download Webmin on the Slave Server.

# wget https://prdownloads.sourceforge.net/webadmin/webmin-1.981-1.noarch.rpm

ERROR

======

–2021-10-24 15:46:47–  https://prdownloads.sourceforge.net/webadmin/webmin-1.981-1.noarch.rpm

Resolving prdownloads.sourceforge.net (prdownloads.sourceforge.net)… 204.68.111.105

Connecting to prdownloads.sourceforge.net (prdownloads.sourceforge.net)|204.68.111.105|:443… connected.

ERROR: cannot verify prdownloads.sourceforge.net’s certificate, issued by ‘/C=US/O=Let’s Encrypt/CN=R3’:

Issued certificate has expired.

To connect to prdownloads.sourceforge.net insecurely, use `–no-check-certificate’.

Solution to above error

=======================

# yum install ca-certificates

Download Webmin again.

# wget https://prdownloads.sourceforge.net/webadmin/webmin-1.981-1.noarch.rpm

Install Webmin on the Slave Server.

# rpm -ivh webmin-1.981-1.noarch.rpm

ERROR

=====

warning: webmin-1.981-1.noarch.rpm: Header V4 DSA/SHA1 Signature, key ID 11f63c51: NOKEY

error: Failed dependencies:

perl(Net::SSLeay) is needed by webmin-1.981-1.noarch

perl(Encode::Detect) is needed by webmin-1.981-1.noarch

perl(Data::Dumper) is needed by webmin-1.981-1.noarch

unzip is needed by webmin-1.981-1.noarch

Solution to above error

========================

# yum install perl-Net-SSLeay

# yum install perl-Encode-Detect

# yum install perl-Data-Dumper

# yum install unzip

Install Webmin on the Slave Server again.

# rpm -ivh webmin-1.981-1.noarch.rpm

warning: webmin-1.981-1.noarch.rpm: Header V4 DSA/SHA1 Signature, key ID 11f63c51: NOKEY

Preparing…                          ################################# [100%]

Operating system is CentOS Linux

Updating / installing…

1:webmin-1.981-1                   ################################# [100%]

Webmin install complete. You can now login to https://vmi701385.contaboserver.net:10000/

as root with your root password.

Login to your Webmin Slave Server at https://185.214.135.104:10000

Dashboard > System Information

===============================

System hostname: vmi701385.contaboserver.net (185.214.135.104) Operating system: CentOS Linux 7.9.2009

Webmin version: 1.981  Authentic theme version: 19.83-2

Time on system: Sunday, October 24, 2021 3:57 PM Kernel and CPU: Linux 3.10.0-1160.el7.x86_64 on x86_64

Processor information: Intel(R) Xeon(R) CPU E5-2630 v4 @ 2.20GHz, 4 cores System uptime: 47 minutes

Running processes: 95 CPU load averages: 0.01 (1 min) 0.06 (5 mins) 0.05 (15 mins)

Real memory: 421.51 MiB used / 563.47 MiB cached / 7.63 GiB total Local disk space: 11.96 GiB used / 184.74 GiB free / 196.71 GiB total

Package updates: 96 package updates are available

Install Firewalld on the Slave Server

=====================================

Firewalld is already pre-installed. No need to install it again.

# systemctl enable firewalld

# systemctl start firewalld

# systemctl status firewalld

● firewalld.service – firewalld – dynamic firewall daemon

Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)

Active: active (running) since Sun 2021-10-24 16:06:44 CEST; 19s ago

Docs: man:firewalld(1)

Main PID: 9533 (firewalld)

CGroup: /system.slice/firewalld.service

└─9533 /usr/bin/python2 -Es /usr/sbin/firewalld –nofork –nopid

Oct 24 16:06:44 vmi701385.contaboserver.net systemd[1]: Starting firewalld – dynamic firewall daemon…

Oct 24 16:06:44 vmi701385.contaboserver.net systemd[1]: Started firewalld – dynamic firewall daemon.

Oct 24 16:06:44 vmi701385.contaboserver.net firewalld[9533]: WARNING: AllowZoneDrifting is enabled. This is considered an insecure configuration option. It w… it now.

Hint: Some lines were ellipsized, use -l to show in full.

Checking if Firewalld is running

=================================

# firewall-cmd –state

running

Checking for default zone

=========================

# firewall-cmd –get-default-zone

public

Checking for active zone

========================

# firewall-cmd –get-active-zones

public

interfaces: eth0

List all services of the active zone

====================================

# firewall-cmd –list-all

public (active)

target: default

icmp-block-inversion: no

interfaces: eth0

sources:

services: dhcpv6-client ssh

ports:

protocols:

masquerade: no

forward-ports:

source-ports:

icmp-blocks:

rich rules:

Restart Firewalld

=================

# firewall-cmd –reload

success

Opening Firewall Port 10000 for the Webmin Slave Server

=======================================================

# firewall-cmd –zone=public –add-port=10000/tcp

success

Login to your Webmin Slave Server at https://185.214.135.104:10000 again

Click Networking > FirewallD

Click Add allowed port

Allowed in zone: public

Under Port to allow, click Single port and enter 10000

Network protocol: TCP

Click Create

Install BIND on the Slave Server

================================

# yum install bind bind-config

# systemctl enable named

# systemctl start named

# systemctl status named

● named.service – Berkeley Internet Name Domain (DNS)

Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)

Active: active (running) since Sun 2021-10-24 16:27:59 CEST; 9s ago

Process: 11361 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS (code=exited, status=0/SUCCESS)

Process: 11358 ExecStartPre=/bin/bash -c if [ ! “$DISABLE_ZONE_CHECKING” == “yes” ]; then /usr/sbin/named-checkconf -z “$NAMEDCONF”; else echo “Checking of zone files is disabled”; fi (code=exited, status=0/SUCCESS)

Main PID: 11364 (named)

CGroup: /system.slice/named.service

└─11364 /usr/sbin/named -u named -c /etc/named.conf

Oct 24 16:27:59 vmi701385.contaboserver.net named[11364]: network unreachable resolving ‘./DNSKEY/IN’: 2001:7fd::1#53

Oct 24 16:27:59 vmi701385.contaboserver.net named[11364]: network unreachable resolving ‘./NS/IN’: 2001:7fd::1#53

Oct 24 16:27:59 vmi701385.contaboserver.net named[11364]: network unreachable resolving ‘./DNSKEY/IN’: 2001:dc3::35#53

Oct 24 16:27:59 vmi701385.contaboserver.net named[11364]: network unreachable resolving ‘./NS/IN’: 2001:dc3::35#53

Oct 24 16:27:59 vmi701385.contaboserver.net named[11364]: network unreachable resolving ‘./DNSKEY/IN’: 2001:500:a8::e#53

Oct 24 16:27:59 vmi701385.contaboserver.net named[11364]: network unreachable resolving ‘./DNSKEY/IN’: 2001:7fe::53#53

Oct 24 16:27:59 vmi701385.contaboserver.net named[11364]: network unreachable resolving ‘./DNSKEY/IN’: 2001:500:2d::d#53

Oct 24 16:27:59 vmi701385.contaboserver.net named[11364]: network unreachable resolving ‘./DNSKEY/IN’: 2001:500:2f::f#53

Oct 24 16:27:59 vmi701385.contaboserver.net named[11364]: resolver priming query complete

Oct 24 16:28:00 vmi701385.contaboserver.net named[11364]: managed-keys-zone: Key 20326 for zone . acceptance timer complete: key now trusted

Reference Guide: Menu item in Webmin > Servers missing for “BIND DNS Server”.

Link: https://archive.virtualmin.com/node/59786

Go to Webmin on your Slave server.

Click Refresh Modules on the left menu.

You should now see BIND DNS Server under Servers.

Open Additional Firewall Ports on the Slave Server

===================================================

Login to Webmin.

Click Networking > FirewallD

Click Add allowed port

Allowed in zone: public

Under Port to allow, click Single port and enter 53

Network protocol: UDP

Click Create

Click Add allowed port

Allowed in zone: public

Under Port to allow, click Single port and enter 53

Network protocol: TCP

Click Create

Click Add allowed port

Allowed in zone: public

Under Port to allow, click Port range and enter 10001-10010

Network protocol: TCP

Click Create

Apply rules to interfaces: Click eth0 Click Save

Click Apply Configuration

Activate at boot: Yes

# firewall-cmd –list-all

public (active)

target: default

icmp-block-inversion: no

interfaces: eth0

sources:

services: dhcpv6-client ssh

ports: 10000/tcp 53/udp 53/tcp 10001-10010/tcp

protocols:

masquerade: no

forward-ports:

source-ports:

icmp-blocks:

rich rules:

Configuring the Virtualmin Master Server

=========================================

Login to Virtualmin.

Click Webmin at the top left.

Click Webmin > Webmin Servers Index

Click Register a new server

Hostname or IP address: ns2.turritopsis-dohrnii-teo-en-ming.com

Server type: CentOS Linux

SSL server? Yes

Under Link type, click Login via Webmin with username: root password: <removed>

Make fast RPC calls? Yes

Click Save

There should now be an icon representing the server you created in the Webmin Servers page.

Enabling Cluster Slave Servers on the Master Server

===================================================

On the Master Server, login to Virtualmin.

Click Webmin on the top left.

Click Servers > BIND DNS Server

Click the Cluster Slave Servers button

Add server: ns2.turritopsis-dohrnii-teo-en-ming.com

Create secondary on slave when creating locally? Yes

Create all existing master zones on slave? Yes

Name for NS record: ns2.turritopsis-dohrnii-teo-en-ming.com

Click Add Now

Add Servers

===========

Adding ns2.turritopsis-dohrnii-teo-en-ming.com ..

Added ns2.turritopsis-dohrnii-teo-en-ming.com, with 0 existing zones.

Setup ns2.turritopsis-dohrnii-teo-en-ming.com with 1 new slave zones, but encountered 5 errors :

ns2.turritopsis-dohrnii-teo-en-ming.com : This zone already exists

Setting the Master IP Address on the Master Server

====================================================

Go to your Master Server.

Click Servers > BIND DNS Server

Click Module config

Configuration category: Zone file options

Default master server(s) for slave zones: 185.182.9.61

Click Save

Reference Guide: DNS Slave Auto-configuration

Link: https://www.virtualmin.com/slave-configuration/

Refernce Guide: Name server setting, hostname and DNS

Link: https://archive.virtualmin.com/node/22091

Reference Guide: How To Setup DNS Slave Auto Configuration Using Virtualmin/Webmin on Ubuntu

Link: https://www.digitalocean.com/community/tutorials/how-to-setup-dns-slave-auto-configuration-using-virtualmin-webmin-on-ubuntu

Problem: BIND DNS Server is not listening on the Slave Server

=============================================================

Edit /etc/named.conf

# nano /etc/named.conf

Find the “options {” section.

Replace the following lines:

listen-on port 53 { 127.0.0.1; };

listen-on-v6 port 53 { ::1; };

with the lines below:

listen-on port 53 {

any;

};

listen-on-v6 port 53 {

any;

};

# systemctl restart named

Run the following port scanning command on your Windows laptop

===============================================================

C:\PortQryV2>portqry -n ns2.turritopsis-dohrnii-teo-en-ming.com -e 53 -p both

Querying target system called:

ns2.turritopsis-dohrnii-teo-en-ming.com

Attempting to resolve name to IP address…

Name resolved to 185.214.135.104

querying…

TCP port 53 (domain service): LISTENING

UDP port 53 (domain service): LISTENING

Problem: BIND DNS Server on the Slave Server is Not Allowing Queries

=====================================================================

Edit /etc/named.conf

# nano /etc/named.conf

Find the line that says

allow-query     { localhost; };

And replace it with

allow-query     { any; };

# systemctl restart named

Reference Guide: Bind9 denied query

Link: https://unix.stackexchange.com/questions/283276/bind9-denied-query

Conclusion

==========

Webmin Slave DNS Server is setup successfully.

Mr. Turritopsis Dohrnii Teo En Ming, 43 years old as of 24 Oct 2021, is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant with a Systems Integrator (SI)/computer firm in Singapore. He is an IT enthusiast.

REFERENCES

===========

[1] https://pastebin.com/raw/dCzuAsKu

[2] https://sourceforge.net/p/webadmin/mailman/message/37372512/

[3] https://marc.info/?l=webmin-l&m=163509170223965&w=2

[PASTEBIN] [PART 7] [Virtualmin and Webmin] Tweaking and Fine-tuning Master DNS Zone

Subject: [PASTEBIN] [PART 7] [Virtualmin and Webmin] Tweaking and Fine-tuning Master DNS Zone

Author: Mr. Turritopsis Dohrnii Teo En Ming (TARGETED INDIVIDUAL)

Country: Singapore

Date: 23 Oct 2021 Saturday Singapore Time

Type of Publication: Plain Text

Document Version: 20211023.01

BACKING UP EXISTING MASTER DNS ZONE BEFORE MODIFICATION

=======================================================

Putty/SSH into your Virtualmin server.

# mkdir backup

# cd /var/named/

# cp turritopsis-dohrnii-teo-en-ming.com.hosts /root/backup/

# cd /root/backup/

# cat turritopsis-dohrnii-teo-en-ming.com.hosts

$ttl 3600

@       IN      SOA     vmi696121.contaboserver.net. root.vmi696121.contaboserver.net. (

1634651912

3600

600

1209600

3600 )

@       IN      NS      vmi696121.contaboserver.net.

turritopsis-dohrnii-teo-en-ming.com.    IN      A       185.182.9.61

http://www.turritopsis-dohrnii-teo-en-ming.com.        IN      A       185.182.9.61

ftp.turritopsis-dohrnii-teo-en-ming.com.        IN      A       185.182.9.61

m.turritopsis-dohrnii-teo-en-ming.com.  IN      A       185.182.9.61

localhost.turritopsis-dohrnii-teo-en-ming.com.  IN      A       127.0.0.1

webmail.turritopsis-dohrnii-teo-en-ming.com.    IN      A       185.182.9.61

admin.turritopsis-dohrnii-teo-en-ming.com.      IN      A       185.182.9.61

mail.turritopsis-dohrnii-teo-en-ming.com.       IN      A       185.182.9.61

turritopsis-dohrnii-teo-en-ming.com.    IN      MX      5 mail.turritopsis-dohrnii-teo-en-ming.com.

turritopsis-dohrnii-teo-en-ming.com.    IN      TXT     “v=spf1 a mx a:turritopsis-dohrnii-teo-en-ming.com ip4:185.182.9.61 ip4:185.182.9.61 ip6:2a02:c207:2069:6121:0000:0000:0000:0001 ?all”

@       IN      CAA     0 issuewild letsencrypt.org

2021._domainkey.turritopsis-dohrnii-teo-en-ming.com.    IN      TXT     ( “v=DKIM1; k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAag9wT+JcVqf”

“4LOXV4tIkfAeOudlfU5ne3at292ch+En3zhRlwUflzMJkE/Ax+chxy+lbj2X4/mUdhFiEsMcly2LNFkO”

“06xLK+2LUcl71u+JfOvt1vSGwV1EXtlEkbtfH7y9eQu0SRX13cy0oQTvtpyrbbrmRSjUKpHA8wxdJQq8”

“0lj7X3n6EahtY1Y+P5t04tsUBpPyxplIauqp9j47iib2lLwXAAgUw+q2ezz2OgX9nwgMUZfVNFzZAuug”

“nzoQgBij7UVmH72GOaDsJ724Pp2RqJhYXZaYMImy1pExDXRUc60I7EjXn6ONXHlszjO7U2XVOreaLGPl”

“c4UAmMNrQIDAQAB” )

_dmarc.turritopsis-dohrnii-teo-en-ming.com.     IN      TXT     “v=DMARC1; p=none; pct=100; rua=mailto:ceo@teo-en-ming-corp.com; adkim=r; aspf=r”

Tweaking the Master DNS Zone

=============================

Login to Virtualmin.

Click Webmin at the top left.

Click Servers > BIND DNS Server

Click the zone turritopsis-dohrnii-teo-en-ming.com

NS Record

==========

Click Name Server button.

Click Select all.

Click Delete Selected.

NS1

===

Zone Name: turritopsis-dohrnii-teo-en-ming.com

Name Server: ns1.turritopsis-dohrnii-teo-en-ming.com.

Click Create.

NS2

===

Zone Name: turritopsis-dohrnii-teo-en-ming.com

Name Server: ns2.turritopsis-dohrnii-teo-en-ming.com.

Click Create.

Click Return to record types.

A Record

=========

Click Address button.

Name: ns1.turritopsis-dohrnii-teo-en-ming.com

Address: 185.182.9.61

Update reverse? No

Click Create.

Name: ns2.turritopsis-dohrnii-teo-en-ming.com

Address: 185.182.9.61

Update reverse? No

Click Create.

Click Return to record types.

Check DNS Records for Syntax Errors

===================================

Click Check Records

No errors were found in the records file /var/named/turritopsis-dohrnii-teo-en-ming.com.hosts.

Click Return to record types

VERY VERY IMPORTANT

===================

Do not forget to click Apply configuration.

The New Modified Master DNS Zone File

======================================

# cd /var/named

# cat turritopsis-dohrnii-teo-en-ming.com.hosts

$ttl 3600

@       IN      SOA     ns1.turritopsis-dohrnii-teo-en-ming.com. ceo.teo-en-ming-corp.com. (

1634651918

3600

600

1209600

3600 )

turritopsis-dohrnii-teo-en-ming.com.    IN      A       185.182.9.61

http://www.turritopsis-dohrnii-teo-en-ming.com.        IN      A       185.182.9.61

ftp.turritopsis-dohrnii-teo-en-ming.com.        IN      A       185.182.9.61

m.turritopsis-dohrnii-teo-en-ming.com.  IN      A       185.182.9.61

localhost.turritopsis-dohrnii-teo-en-ming.com.  IN      A       127.0.0.1

webmail.turritopsis-dohrnii-teo-en-ming.com.    IN      A       185.182.9.61

admin.turritopsis-dohrnii-teo-en-ming.com.      IN      A       185.182.9.61

mail.turritopsis-dohrnii-teo-en-ming.com.       IN      A       185.182.9.61

turritopsis-dohrnii-teo-en-ming.com.    IN      MX      5 mail.turritopsis-dohrnii-teo-en-ming.com.

turritopsis-dohrnii-teo-en-ming.com.    IN      TXT     “v=spf1 a mx a:turritopsis-dohrnii-teo-en-ming.com ip4:185.182.9.61 ip4:185.182.9.61 ip6:2a02:c207:2069:6121:0000:0000:0000:0001 ?all”

@       IN      CAA     0 issuewild letsencrypt.org

2021._domainkey.turritopsis-dohrnii-teo-en-ming.com.    IN      TXT     ( “v=DKIM1; k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAag9wT+JcVqf”

“4LOXV4tIkfAeOudlfU5ne3at292ch+En3zhRlwUflzMJkE/Ax+chxy+lbj2X4/mUdhFiEsMcly2LNFkO”

“06xLK+2LUcl71u+JfOvt1vSGwV1EXtlEkbtfH7y9eQu0SRX13cy0oQTvtpyrbbrmRSjUKpHA8wxdJQq8”

“0lj7X3n6EahtY1Y+P5t04tsUBpPyxplIauqp9j47iib2lLwXAAgUw+q2ezz2OgX9nwgMUZfVNFzZAuug”

“nzoQgBij7UVmH72GOaDsJ724Pp2RqJhYXZaYMImy1pExDXRUc60I7EjXn6ONXHlszjO7U2XVOreaLGPl”

“c4UAmMNrQIDAQAB” )

_dmarc.turritopsis-dohrnii-teo-en-ming.com.     IN      TXT     “v=DMARC1; p=none; pct=100; rua=mailto:ceo@teo-en-ming-corp.com; adkim=r; aspf=r”

turritopsis-dohrnii-teo-en-ming.com.    IN      NS      ns1.turritopsis-dohrnii-teo-en-ming.com.

turritopsis-dohrnii-teo-en-ming.com.    IN      NS      ns2.turritopsis-dohrnii-teo-en-ming.com.

ns1.turritopsis-dohrnii-teo-en-ming.com.        IN      A       185.182.9.61

ns2.turritopsis-dohrnii-teo-en-ming.com.        IN      A       185.182.9.61

Conclusion

===========

Modification of Master DNS Zone file is successful.

Mr. Turritopsis Dohrnii Teo En Ming, 43 years old as of 23 Oct 2021, is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant with a Systems Integrator (SI)/computer firm in Singapore. He is an IT enthusiast.

REFERENCES

==========

[1] https://sourceforge.net/p/webadmin/mailman/message/37372010/

[2] https://marc.info/?l=webmin-l&m=163499494030509&w=2

[3] https://pastebin.com/raw/GfJGPEc8

[PART 7] [Virtualmin and Webmin] Tweaking and Fine-tuning Master DNS Zone

Subject: [PART 7] [Virtualmin and Webmin] Tweaking and Fine-tuning Master DNS Zone

Author: Mr. Turritopsis Dohrnii Teo En Ming (TARGETED INDIVIDUAL)

Country: Singapore

Date: 23 Oct 2021 Saturday Singapore Time

Type of Publication: Plain Text

Document Version: 20211023.01

BACKING UP EXISTING MASTER DNS ZONE BEFORE MODIFICATION

=======================================================

Putty/SSH into your Virtualmin server.

# mkdir backup

# cd /var/named/

# cp turritopsis-dohrnii-teo-en-ming.com.hosts /root/backup/

# cd /root/backup/

# cat turritopsis-dohrnii-teo-en-ming.com.hosts

$ttl 3600

@       IN      SOA     vmi696121.contaboserver.net. root.vmi696121.contaboserver.net. (

1634651912

3600

600

1209600

3600 )

@       IN      NS      vmi696121.contaboserver.net.

turritopsis-dohrnii-teo-en-ming.com.    IN      A       185.182.9.61

http://www.turritopsis-dohrnii-teo-en-ming.com.        IN      A       185.182.9.61

ftp.turritopsis-dohrnii-teo-en-ming.com.        IN      A       185.182.9.61

m.turritopsis-dohrnii-teo-en-ming.com.  IN      A       185.182.9.61

localhost.turritopsis-dohrnii-teo-en-ming.com.  IN      A       127.0.0.1

webmail.turritopsis-dohrnii-teo-en-ming.com.    IN      A       185.182.9.61

admin.turritopsis-dohrnii-teo-en-ming.com.      IN      A       185.182.9.61

mail.turritopsis-dohrnii-teo-en-ming.com.       IN      A       185.182.9.61

turritopsis-dohrnii-teo-en-ming.com.    IN      MX      5 mail.turritopsis-dohrnii-teo-en-ming.com.

turritopsis-dohrnii-teo-en-ming.com.    IN      TXT     “v=spf1 a mx a:turritopsis-dohrnii-teo-en-ming.com ip4:185.182.9.61 ip4:185.182.9.61 ip6:2a02:c207:2069:6121:0000:0000:0000:0001 ?all”

@       IN      CAA     0 issuewild letsencrypt.org

2021._domainkey.turritopsis-dohrnii-teo-en-ming.com.    IN      TXT     ( “v=DKIM1; k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAag9wT+JcVqf”

“4LOXV4tIkfAeOudlfU5ne3at292ch+En3zhRlwUflzMJkE/Ax+chxy+lbj2X4/mUdhFiEsMcly2LNFkO”

“06xLK+2LUcl71u+JfOvt1vSGwV1EXtlEkbtfH7y9eQu0SRX13cy0oQTvtpyrbbrmRSjUKpHA8wxdJQq8”

“0lj7X3n6EahtY1Y+P5t04tsUBpPyxplIauqp9j47iib2lLwXAAgUw+q2ezz2OgX9nwgMUZfVNFzZAuug”

“nzoQgBij7UVmH72GOaDsJ724Pp2RqJhYXZaYMImy1pExDXRUc60I7EjXn6ONXHlszjO7U2XVOreaLGPl”

“c4UAmMNrQIDAQAB” )

_dmarc.turritopsis-dohrnii-teo-en-ming.com.     IN      TXT     “v=DMARC1; p=none; pct=100; rua=mailto:ceo@teo-en-ming-corp.com; adkim=r; aspf=r”

Tweaking the Master DNS Zone

=============================

Login to Virtualmin.

Click Webmin at the top left.

Click Servers > BIND DNS Server

Click the zone turritopsis-dohrnii-teo-en-ming.com

NS Record

==========

Click Name Server button.

Click Select all.

Click Delete Selected.

NS1

===

Zone Name: turritopsis-dohrnii-teo-en-ming.com

Name Server: ns1.turritopsis-dohrnii-teo-en-ming.com.

Click Create.

NS2

===

Zone Name: turritopsis-dohrnii-teo-en-ming.com

Name Server: ns2.turritopsis-dohrnii-teo-en-ming.com.

Click Create.

Click Return to record types.

A Record

=========

Click Address button.

Name: ns1.turritopsis-dohrnii-teo-en-ming.com

Address: 185.182.9.61

Update reverse? No

Click Create.

Name: ns2.turritopsis-dohrnii-teo-en-ming.com

Address: 185.182.9.61

Update reverse? No

Click Create.

Click Return to record types.

Check DNS Records for Syntax Errors

===================================

Click Check Records

No errors were found in the records file /var/named/turritopsis-dohrnii-teo-en-ming.com.hosts.

Click Return to record types

VERY VERY IMPORTANT

===================

Do not forget to click Apply configuration.

The New Modified Master DNS Zone File

======================================

# cd /var/named

# cat turritopsis-dohrnii-teo-en-ming.com.hosts

$ttl 3600

@       IN      SOA     ns1.turritopsis-dohrnii-teo-en-ming.com. ceo.teo-en-ming-corp.com. (

1634651918

3600

600

1209600

3600 )

turritopsis-dohrnii-teo-en-ming.com.    IN      A       185.182.9.61

http://www.turritopsis-dohrnii-teo-en-ming.com.        IN      A       185.182.9.61

ftp.turritopsis-dohrnii-teo-en-ming.com.        IN      A       185.182.9.61

m.turritopsis-dohrnii-teo-en-ming.com.  IN      A       185.182.9.61

localhost.turritopsis-dohrnii-teo-en-ming.com.  IN      A       127.0.0.1

webmail.turritopsis-dohrnii-teo-en-ming.com.    IN      A       185.182.9.61

admin.turritopsis-dohrnii-teo-en-ming.com.      IN      A       185.182.9.61

mail.turritopsis-dohrnii-teo-en-ming.com.       IN      A       185.182.9.61

turritopsis-dohrnii-teo-en-ming.com.    IN      MX      5 mail.turritopsis-dohrnii-teo-en-ming.com.

turritopsis-dohrnii-teo-en-ming.com.    IN      TXT     “v=spf1 a mx a:turritopsis-dohrnii-teo-en-ming.com ip4:185.182.9.61 ip4:185.182.9.61 ip6:2a02:c207:2069:6121:0000:0000:0000:0001 ?all”

@       IN      CAA     0 issuewild letsencrypt.org

2021._domainkey.turritopsis-dohrnii-teo-en-ming.com.    IN      TXT     ( “v=DKIM1; k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAag9wT+JcVqf”

“4LOXV4tIkfAeOudlfU5ne3at292ch+En3zhRlwUflzMJkE/Ax+chxy+lbj2X4/mUdhFiEsMcly2LNFkO”

“06xLK+2LUcl71u+JfOvt1vSGwV1EXtlEkbtfH7y9eQu0SRX13cy0oQTvtpyrbbrmRSjUKpHA8wxdJQq8”

“0lj7X3n6EahtY1Y+P5t04tsUBpPyxplIauqp9j47iib2lLwXAAgUw+q2ezz2OgX9nwgMUZfVNFzZAuug”

“nzoQgBij7UVmH72GOaDsJ724Pp2RqJhYXZaYMImy1pExDXRUc60I7EjXn6ONXHlszjO7U2XVOreaLGPl”

“c4UAmMNrQIDAQAB” )

_dmarc.turritopsis-dohrnii-teo-en-ming.com.     IN      TXT     “v=DMARC1; p=none; pct=100; rua=mailto:ceo@teo-en-ming-corp.com; adkim=r; aspf=r”

turritopsis-dohrnii-teo-en-ming.com.    IN      NS      ns1.turritopsis-dohrnii-teo-en-ming.com.

turritopsis-dohrnii-teo-en-ming.com.    IN      NS      ns2.turritopsis-dohrnii-teo-en-ming.com.

ns1.turritopsis-dohrnii-teo-en-ming.com.        IN      A       185.182.9.61

ns2.turritopsis-dohrnii-teo-en-ming.com.        IN      A       185.182.9.61

Conclusion

===========

Modification of Master DNS Zone file is successful.

Mr. Turritopsis Dohrnii Teo En Ming, 43 years old as of 23 Oct 2021, is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant with a Systems Integrator (SI)/computer firm in Singapore. He is an IT enthusiast.

REFERENCES

==========

[1] https://sourceforge.net/p/webadmin/mailman/message/37372010/

[2] https://marc.info/?l=webmin-l&m=163499494030509&w=2

Teo En Ming’s Blog Book (23 Oct 2021 Edition) Cloud Storage Download Links

Subject: Teo En Ming’s Blog Book (23 Oct 2021 Edition) Cloud Storage Download Links

[1] https://www.amazon.com/clouddrive/share/2akO7o37s0HoWry5p6zSWrTSp3myGXB760wnSKv9yYZ

[2] https://www.icloud.com/iclouddrive/0kLvKqs7L0rsBivmxqAnG58vQ#Turritopsis_Dohrnii_Teo_En_Ming_Blog_Book_23_Oct_2021

[3] https://app.box.com/s/ac26uh1rxu6gvpqpdh3cabbsf9uzi27q

[4] https://www.dropbox.com/s/k8bndnii189soxg/Turritopsis%20Dohrnii%20Teo%20En%20Ming%20Blog%20Book%2023%20Oct%202021.pdf?dl=0

[5] https://mega.nz/file/DHxwHIyQ#5d_0n54vyOx39rns8xXWUM4drdrjYp7X5muGPMgDkkQ

[6] https://1drv.ms/b/s!ArahPxJAVR61h3U2x8vmYRUgMyix

Teo En Ming’s Blog Book (23 Oct 2021 Edition) Starter Download Links

Subject: Teo En Ming’s Blog Book (23 Oct 2021 Edition) Starter Download Links

[1] https://drive.google.com/file/d/1ygAcNSQ3oVXOC4F3hk7TpyjLjNFBZN7D/view?usp=sharing

[2] https://drive.google.com/file/d/1A_IU2_dhWlJ3lBXL21hN2Dvg41eIG2N2/view?usp=sharing

[3] https://drive.google.com/file/d/1Yb9QBFcuUUc8B6MP_LsIRj5RU-eyapPT/view?usp=sharing

[4] https://www.mediafire.com/file/r5z2cohj1bwp9e4/Turritopsis_Dohrnii_Teo_En_Ming_Blog_Book_23_Oct_2021.pdf/file

[5] scribd.com – pending

[6] docdroid – pending

[7] yumpu – pending

[PART 6] [Virtualmin and Webmin] I have verified that DNS, Email and Web Hosting are working properly

Subject: [PART 6] [Virtualmin and Webmin] I have verified that DNS, Email and Web Hosting are working properly

Good day from Singapore,

I have verified that DNS, Email and Web Hosting are working properly.

(1) DNS Hosting

I have verified that my DNS zone turritopsis-dohrnii-teo-en-ming.com is working properly.

I have also checked my SPF, DKIM and DMARC DNS TXT records at mxtoolbox.com.

All are well.

(2) Email Hosting

I have verified that my Postfix SMTP Outgoing Mail Server and Dovecot IMAP/POP3 Incoming Mail Server are working properly.

Installed Samsung Email app on my Samsung Galaxy A32 5G Android phone.

Added email account <username>@turritopsis-dohrnii-teo-en-ming.com using Samsung Email app.

Configured using IMAP SSL at TCP port 993.

I am able to send and receive emails successfully. This is important.

Therefore, email hosting is working properly.

(3) Web Hosting

I have verified that web hosting is working properly.

I am able to access Apache SSL website at https://www.turritopsis-dohrnii-teo-en-ming.com

Conclusion

==========

My Virtualmin web hosting control panel is working properly.

Mr. Turritopsis Dohrnii Teo En Ming, 43 years old as of 23 Oct 2021, is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant with a Systems Integrator (SI)/computer firm in Singapore. He is an IT enthusiast.

REFERENCES

============

[1] https://sourceforge.net/p/webadmin/mailman/message/37371836/

[2] https://marc.info/?l=webmin-l&m=163495255920020&w=2

[5-Part Series] Getting Virtualmin Web Hosting Control Panel and Webmin UNIX/Linux System Administration GUI Up and Running Very Quickly

Subject: [5-Part Series] Getting Virtualmin Web Hosting Control Panel and Webmin UNIX/Linux System Administration GUI Up and Running Very Quickly

Author: Mr. Turritopsis Dohrnii Teo En Ming (TARGETED INDIVIDUAL)

Country: Singapore

Date: 21 Oct 2021 Thursday Singapore Time

This is a 5-part series. There are 5 parts in this series.

PART 1: Teo En Ming’s Notes for Setting Up Web Hosting Control Panel using Virtualmin GPL

=========================================================================================

Link a: https://sourceforge.net/p/webadmin/mailman/message/37368877/

Link b: https://marc.info/?l=webmin-l&m=163456246226087&w=2

Part 2: Teo En Ming’s Notes for Configuring DNS and Creating Virtual Server with Virtualmin and Webmin

=======================================================================================================

Link a: https://sourceforge.net/p/webadmin/mailman/message/37369606/

Link b: https://marc.info/?l=webmin-l&m=163464785411739&w=2

Part 3: [Part 3] Successful Creation of Virtual Server with Virtualmin

======================================================================

Link a: https://sourceforge.net/p/webadmin/mailman/message/37369722/

Link b: https://marc.info/?l=webmin-l&m=163465469616880&w=2

Part 4: [Virtualmin and Webmin] Postfix Mail Server Cannot Receive Email At All

===============================================================================

Link a: https://sourceforge.net/p/webadmin/mailman/message/37370775/

Link b: https://marc.info/?l=webmin-l&m=163481493012920&w=2

Part 5: [Virtualmin and Webmin] Creating SPF, DKIM and DMARC DNS TXT Records

=============================================================================

Link a: https://sourceforge.net/p/webadmin/mailman/message/37370863/

Link b: https://marc.info/?l=webmin-l&m=163482250918041&w=2

Mr. Turritopsis Dohrnii Teo En Ming, 43 years old as of 21 Oct 2021, is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant with a Systems Integrator (SI)/computer firm in Singapore. He is an IT enthusiast.

REFERENCES

===========

[1] https://sourceforge.net/p/webadmin/mailman/message/37370877/

[2] https://marc.info/?l=webmin-l&m=163482418619158&w=2

Inside Canada’s jails holding immigrants and asylum seekers

Dear Turritopsis Dohrnii,

When Abdelrahman Elmady arrived in Vancouver to seek

refugee protection, he was arrested without charge and had

his hearing aid batteries confiscated. He was detained for two

months in three different provincial jails, where he also spent

weeks in solitary confinement.

Abdelrahman is not alone. Between April 2019 and March

2020, nearly 9,000 people were in Canadian immigration

detention, including 138 infants and children. Every year,

hundreds are held in provincial jails, some of them

maximum-security. Our research has shown that

immigration detainees are regularly handcuffed,

shackled, and held with little to no contact with the

outside world. With no set release date, they can be held for

months or years without an end in sight.

In partnership with Amnesty International, last week we

launched #WelcomeToCanada – a national

campaign going coast to coast, starting with British Columbia

(BC), calling on provincial leaders to cancel

their immigration detention contracts with the federal

government. Like most provinces, BC’s contract allows for

immigration detainees to be held in provincial jails.

Call on British Columbia to be the first to cancel this

contract!

We can’t be silent. People like Abdelrahman need your

help.  Over the next few months, you’ll hear more stories

from people who have experienced immigration detention in

Canada first-hand, and learn from advocates across the

country on how you can help call on Canada’s leadership to

cancel these contracts.  With your help, we can get Canada on

the path to abolishing immigration detention.

It is time for Canada to give people seeking safety and a

better life the #WelcomeToCanada they deserve.

In solidarity,

Samer  Muscati

Associate Director, Disability Rights Division

Human Rights Watch

There are about 72,000 Targeted Individuals in Singapore

As I have mentioned in an earlier blog post, mental illnesses were invented by governments to punish and torture people whom they do not like.

A Straits Times newspaper article in May 2021 mentioned that there are about 71,600 in Singapore with psychotic disorders.

Article: About 71,600 in S’pore have psychotic disorders, says study

Link: https://www.straitstimes.com/singapore/health/over-71600-in-singapore-have-psychotic-disorders-says-study

Because mental illnesses were invented by governments to punish and torture people whom they do not like, this translates to about 72,000 Targeted Individuals in Singapore.

Targeted Individuals are people who are persecuted, targeted, marked and blacklisted by the government.

Night Owl Cinematics (NOC) Sylvia Chan Saga vs Turritopsis Dohrnii Teo En Ming

Current and former employees of NOC reported that Sylvia Chan is verbally abusing and bullying them. The whole story became viral and is widely known in Singapore.

On the other hand, Turritopsis Dohrnii Teo En Ming has been reporting on the internet for the past 14 years that he is persecuted, targeted, marked and bullied by the Singapore Government. How come his story did not become viral and no one in Singapore knows about it at all?

Life is so unfair!

The problem is that the Singapore Government does not want Turritopsis Dohrnii Teo En Ming to become world famous at all.

[5-Part Series] Getting Virtualmin Web Hosting Control Panel and Webmin UNIX/Linux System Administration GUI Up and Running Very Quickly

Subject: [5-Part Series] Getting Virtualmin Web Hosting Control Panel and Webmin UNIX/Linux System Administration GUI Up and Running Very Quickly

Author: Mr. Turritopsis Dohrnii Teo En Ming (TARGETED INDIVIDUAL)

Country: Singapore

Date: 21 Oct 2021 Thursday Singapore Time

This is a 5-part series. There are 5 parts in this series.

PART 1: Teo En Ming’s Notes for Setting Up Web Hosting Control Panel using Virtualmin GPL

=========================================================================================

Link a: https://sourceforge.net/p/webadmin/mailman/message/37368877/

Link b: https://marc.info/?l=webmin-l&m=163456246226087&w=2

Part 2: Teo En Ming’s Notes for Configuring DNS and Creating Virtual Server with Virtualmin and Webmin

=======================================================================================================

Link a: https://sourceforge.net/p/webadmin/mailman/message/37369606/

Link b: https://marc.info/?l=webmin-l&m=163464785411739&w=2

Part 3: [Part 3] Successful Creation of Virtual Server with Virtualmin

======================================================================

Link a: https://sourceforge.net/p/webadmin/mailman/message/37369722/

Link b: https://marc.info/?l=webmin-l&m=163465469616880&w=2

Part 4: [Virtualmin and Webmin] Postfix Mail Server Cannot Receive Email At All

===============================================================================

Link a: https://sourceforge.net/p/webadmin/mailman/message/37370775/

Link b: https://marc.info/?l=webmin-l&m=163481493012920&w=2

Part 5: [Virtualmin and Webmin] Creating SPF, DKIM and DMARC DNS TXT Records

=============================================================================

Link a: https://sourceforge.net/p/webadmin/mailman/message/37370863/

Link b: https://marc.info/?l=webmin-l&m=163482250918041&w=2

Mr. Turritopsis Dohrnii Teo En Ming, 43 years old as of 21 Oct 2021, is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant with a Systems Integrator (SI)/computer firm in Singapore. He is an IT enthusiast.

REFERENCES

===========

[1] https://sourceforge.net/p/webadmin/mailman/message/37370877/

[2] https://marc.info/?l=webmin-l&m=163482418619158&w=2

[Virtualmin and Webmin] Creating SPF, DKIM and DMARC DNS TXT Records

Subject: [Virtualmin and Webmin] Creating SPF, DKIM and DMARC DNS TXT Records
Author: Mr. Turritopsis Dohrnii Teo En Ming (TARGETED INDIVIDUAL)
Country: Singapore
Date: 21 Oct 2021 Thursday Singapore Time
Type of Publication: Plain Text
Document Version: 20211021.01
DETAILED INSTRUCTIONS
======================
Creating SPF Record
====================
SPF record was created automatically previously. There is no need to create SPF record again.
Verifying SPF Record
======================
Go to mxtoolbox.com
The SPF record is
v=spf1 a mx a:turritopsis-dohrnii-teo-en-ming.com ip4:185.182.9.61 ip4:185.182.9.61 ip6:2a02:c207:2069:6121:0000:0000:0000:0001 ?all
Creating DKIM Record
=====================
Login to Virtualmin.
Click Email Settings > DomainKeys Identified Mail
DomainKeys Identified Mail
==========================
DomainKeys identified mail options
===================================
Signing of outgoing mail enabled? Yes
Selector for DKIM record name: 2021
Reject incoming email with invalid DKIM signature? Yes
Size of new DKIM key: 2048 bits
Domains to sign for: turritopsis-dohrnii-teo-en-ming.com
Click Save
Enable DomainKeys Identified Mail
==================================
Finding virtual servers to enable DKIM for ..
.. found 1 servers and 1 extra domains
Generating private key in file /etc/opendkim/keys/default.private ..
.. done
Extracting public key from private key in /etc/opendkim/keys/default.private ..
.. done
Setting domain and selector in DKIM filter configuration ..
.. done
Adding DKIM records to DNS domain turritopsis-dohrnii-teo-en-ming.com ..
.. added successfully
Enabling DKIM filter at boot time ..
.. done
Starting DKIM filter ..
.. done
Configuring mail server to use DKIM filter ..
.. done
Re-starting DNS server ..
.. done
Verifying DKIM Record
======================
Go to mxtoolbox.com
DKIM Selector: 2021
The DKIM record is
v=DKIM1; k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAag9wT+JcVqf4LOXV4tIkfAeOudlfU5ne3at292ch+En3zhRlwUflzMJkE/Ax+chxy+lbj2X4/mUdhFiEsMcly2LNFkO06xLK+2LUcl71u+JfOvt1vSGwV1EXtlEkbtfH7y9eQu0SRX13cy0oQTvtpyrbbrmRSjUKpHA8wxdJQq80lj7X3n6EahtY1Y+P5t04tsUBpPyxplIauqp9j47iib2lLwXAAgUw+q2ezz2OgX9nwgMUZfVNFzZAuugnzoQgBij7UVmH72GOaDsJ724Pp2RqJhYXZaYMImy1pExDXRUc60I7EjXn6ONXHlszjO7U2XVOreaLGPlc4UAmMNrQIDAQAB
Creating DMARC Record
=====================
Login to Virtualmin.
Click Webmin on the top left.
Click Servers > BIND DNS Server
Click DNS zone turritopsis-dohrnii-teo-en-ming.com
Click DMARC button.
Percentage of messages to apply policy: 100%
Send aggregate feedback to: ceo@teo-en-ming-corp.com
Click Create.
Click Return to records type.
Click Return to zone list.
Click Apply configuration.
Verifying DMARC Record
=======================
Go to mxtoolbox.com
The DMARC record is
v=DMARC1; p=none; pct=100; rua=mailto:ceo@teo-en-ming-corp.com; adkim=r; aspf=r
Mr. Turritopsis Dohrnii Teo En Ming, 43 years old as of 21 Oct 2021, is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant with a Systems Integrator (SI)/computer firm in Singapore. He is an IT enthusiast.
REFERENCES
===========

[Virtualmin and Webmin] Postfix Mail Server Cannot Receive Email At All

Subject: [Virtualmin and Webmin] Postfix Mail Server Cannot Receive Email At All

Author: Mr. Turritopsis Dohrnii Teo En Ming (TARGETED INDIVIDUAL)

Country: Singapore

Date: 21 Oct 2021 Thursday Singapore Time

Type of Publication: Plain Text

Document Version: 20211021.01

Good day from Singapore,

========================

Initially Postfix SMTP server is not listening. So I did the following.

Login to Virtualmin.

Click Webmin at the top left.

Click Servers > Postfix Mail Server

Click Stop Postfix

Click Start Postfix

Click Reload Configuration

Now Postfix SMTP server is listening successfully.

But then there is another problem. Cannot STARTTLS. postfix/smtpd[4411]: warning: No server certs available. TLS won’t be enabled

You can see below that STARTTLS won’t work because there are no SSL certificates for Postfix.

telnet mail.turritopsis-dohrnii-teo-en-ming.com 25

===================================================

220 vmi696121.contaboserver.net ESMTP Postfix

ehlo test

250-vmi696121.contaboserver.net

250-PIPELINING

250-SIZE 10240000

250-VRFY

250-ETRN

250-STARTTLS

250-AUTH PLAIN LOGIN

250-AUTH=PLAIN LOGIN

250-ENHANCEDSTATUSCODES

250-8BITMIME

250 DSN

starttls

454 4.7.0 TLS not available due to local problem

tail -f /var/log/maillog

=========================

Oct 21 12:20:59 vmi696121 postfix/smtpd[4411]: warning: No server certs available. TLS won’t be enabled

Oct 21 12:20:59 vmi696121 postfix/smtpd[4411]: connect from mail-pf1-f172.google.com[209.85.210.172]

Oct 21 12:21:00 vmi696121 postfix/smtpd[4411]: lost connection after STARTTLS from mail-pf1-f172.google.com[209.85.210.172]

Oct 21 12:21:00 vmi696121 postfix/cleanup[4412]: 1B05AB2010D: message-id=<20211021102100.1B05AB2010D@vmi696121.contaboserver.net>

Oct 21 12:21:00 vmi696121 postfix/smtpd[4411]: disconnect from mail-pf1-f172.google.com[209.85.210.172]

Oct 21 12:21:00 vmi696121 postfix/qmgr[1987]: 1B05AB2010D: from=<double-bounce@vmi696121.contaboserver.net>, size=989, nrcpt=1 (queue active)

Oct 21 12:21:00 vmi696121 postfix/local[4414]: 1B05AB2010D: to=<root@vmi696121.contaboserver.net>, orig_to=<postmaster>, relay=local, delay=0.18, delays=0.02/0.01/0/0.15, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME)

Oct 21 12:21:00 vmi696121 postfix/qmgr[1987]: 1B05AB2010D: removed

THE SOLUTION

============

Reference Guide: Steps to create SSL for SMTP?

Link: https://archive.virtualmin.com/node/16747

Login to Virtualmin.

Click Server Configuration > SSL Certificate

Current Certificate > Current SSL certificate details

======================================================

SSL certificate file /home/turritopsis-dohrnii-teo-en-ming/ssl.cert

SSL private key file /home/turritopsis-dohrnii-teo-en-ming/ssl.key

Web server hostname turritopsis-dohrnii-teo-en-ming.com Issuer name R3

Issuer organization Let’s Encrypt Expiry date Jan 17 12:59:35 2022 GMT

Certificate type Signed by CA

Other domain names admin.turritopsis-dohrnii-teo-en-ming.com, mail.turritopsis-dohrnii-teo-en-ming.com, turritopsis-dohrnii-teo-en-ming.com, webmail.turritopsis-dohrnii-teo-en-ming.com, http://www.turritopsis-dohrnii-teo-en-ming.com.

Used by services Webmin (turritopsis-dohrnii-teo-en-ming.com), Usermin (host turritopsis-dohrnii-teo-en-ming.com), Dovecot (host turritopsis-dohrnii-teo-en-ming.com)

Download certificate

Download private key

Time until expiry 88 days until expiry

Click Set as Default Services Certificate > Use this SSL certificate as the default in Webmin, Usermin, Dovecot, Postfix and ProFTPD

Copy SSL Certificate

====================

In domain turritopsis-dohrnii-teo-en-ming.com

Copying certificate and key to /etc/webmin ..

.. done

Configuring Webmin to use them ..

.. done

Copying certificate and key to /etc/usermin ..

.. done

Configuring Usermin to use them ..

.. done

Copying certificate and key to Dovecot files ..

.. wrote out certificate and CA in /etc/pki/dovecot/certs/dovecot.pem, and key in /etc/pki/dovecot/private/dovecot.pem

Enabling SSL in Dovecot configuration ..

.. done

Copying certificate, key and CA to Postfix files ..

.. wrote out certificate in /etc/postfix/postfix.cert.pem and key in /etc/postfix/postfix.key.pem

Enabling SSL in Postfix configuration ..

.. done

Copying certificate, key and CA to ProFTPD files ..

.. wrote out certificate in /etc/pki/tls/certs/proftpd.pem and key in /etc/pki/tls/private/proftpd.pem

Enabling SSL in ProFTPD configuration ..

.. done

Applying FTP server configuration ..

.. done

telnet mail.turritopsis-dohrnii-teo-en-ming.com 25

==================================================

220 vmi696121.contaboserver.net ESMTP Postfix

ehlo test

250-vmi696121.contaboserver.net

250-PIPELINING

250-SIZE 10240000

250-VRFY

250-ETRN

250-STARTTLS

250-AUTH PLAIN LOGIN

250-AUTH=PLAIN LOGIN

250-ENHANCEDSTATUSCODES

250-8BITMIME

250 DSN

starttls

220 2.0.0 Ready to start TLS

Testing

========

telnet mail.turritopsis-dohrnii-teo-en-ming.com 25: SUCCESS

telnet mail.turritopsis-dohrnii-teo-en-ming.com 465: FAILED

telnet mail.turritopsis-dohrnii-teo-en-ming.com 587: SUCCESS

telnet mail.turritopsis-dohrnii-teo-en-ming.com 110: SUCCESS

telnet mail.turritopsis-dohrnii-teo-en-ming.com 143: SUCCESS

telnet mail.turritopsis-dohrnii-teo-en-ming.com 993: FAILED

telnet mail.turritopsis-dohrnii-teo-en-ming.com 995: FAILED

Conclusion: Able to receive emails successfully

Mr. Turritopsis Dohrnii Teo En Ming, 43 years old as of 21 Oct 2021, is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant with a Systems Integrator (SI)/computer firm in Singapore. He is an IT enthusiast.

REFERENCES

===========

[1] https://sourceforge.net/p/webadmin/mailman/message/37370775/

[2] https://marc.info/?l=webmin-l&m=163481493012920&w=2

[Part 3] Successful Creation of Virtual Server with Virtualmin

Subject: [Part 3] Successful Creation of Virtual Server with Virtualmin

Author: Mr. Turritopsis Dohrnii Teo En Ming (TARGETED INDIVIDUAL)

Country: Singapore

Date: 19 Oct 2021 Tuesday Singapore Time

Type of Publication: Plain Text

Document Version: 20211019.01

About The Series

=================

Part 1 of the series: Teo En Ming’s Notes for Setting Up Web Hosting Control Panel using Virtualmin GPL

Link: https://sourceforge.net/p/webadmin/mailman/message/37368877/

Part 2 of the series: Teo En Ming’s Notes for Configuring DNS and Creating Virtual Server with Virtualmin and Webmin

Link: https://sourceforge.net/p/webadmin/mailman/message/37369606/

This is Part 3 of the series.

DETAILED INSTRUCTIONS

======================

FIRST THING FIRST: Configuring Custom DNS at the Domain Registrar

=================================================================

Login to your domain registrar. In my case it is namecheap.

On the left menu, click Domain List.

Check domain name turritopsis-dohrnii-teo-en-ming.com and click Manage.

Click Advanced DNS.

Scroll down to PERSONAL DNS SERVER.

Click ADD NAMESERVER.

Nameserver: NS1

IP Address: 185.182.9.61

Click DONE.

Click ADD NAMESERVER.

Nameserver: NS2

IP Address: 185.182.9.61

Click DONE.

After adding your two name servers, click the search button to check

if they are added successfully. If so, the glue records will appear at

the bottom of this page.

Now, click the Domain tab.

Under NAMESERVERS, select Custom DNS.

Nameserver 1: ns1.turritopsis-dohrnii-teo-en-ming.com

Nameserver 2: ns2.turritopsis-dohrnii-teo-en-ming.com

Click the green check mark.

Sign out from namecheap.

Delete Manually Configured DNS Zone (which was created with Webmin)

====================================================================

Login to Virtualmin.

Click Webmin at the top left.

Click Servers > BIND DNS Server

Click turritopsis-dohrnii-teo-en-ming.com

Click Delete Selected

Delete Zones

=============

Are you sure you want to delete the 1 selected zones? (turritopsis-dohrnii-teo-en-ming.com)

Click Delete Now

Deleting zone turritopsis-dohrnii-teo-en-ming.com ..

.. done.

Click Return to zone list

Create Virtual Server

======================

Login to Virtualmin.

Click Create Virtual Server on the left menu.

Domain name: turritopsis-dohrnii-teo-en-ming.com

Description: Turritopsis Dohrnii Teo En Ming’s Domain

Administration password: <REMOVED>

SSH public key: No default key

Server configuration template: Default settings

Account Plan: Default Plan

Administration username: Automatic

Enabled features

================

Check Setup DNS zone

Check Setup Apache website

Check Setup Apache SSL website

Check Create MariaDB database

Check Accept mail for domain

Check Setup spam filtering

Check Setup virus filtering

Check Setup Webalizer for web logs

Check Create Webmin login

Check Enable AWstats reporting

Uncheck Setup IP-based virtual FTP

Click Create Server

Setting Up Virtual Server

==========================

In domain turritopsis-dohrnii-teo-en-ming.com

Creating administration group turritopsis-dohrnii-teo-en-ming ..

.. done

Creating administration user turritopsis-dohrnii-teo-en-ming ..

.. done

Creating aliases for administration user ..

.. done

Adding administration user to groups ..

.. done

Creating home directory ..

.. done

Creating mailbox for administration user ..

.. done

Adding new DNS zone ..

.. done

Adding to email domains list ..

.. done

Adding default mail aliases ..

.. done

Adding new virtual website ..

.. done

Adding webserver user apache to server’s group ..

.. done

Performing other Apache configuration ..

.. done

Setting up scheduled Webalizer reporting ..

.. done

Creating SSL certificate and private key ..

.. done

Adding new SSL virtual website ..

.. done

Setting up log file rotation ..

.. done

Creating MariaDB login ..

.. done

Creating MariaDB database turritopsis_dohrnii_teo_en_ming ..

.. done

Setting up spam filtering ..

.. done

Setting up virus filtering ..

.. done

Setting up AWstats reporting ..

.. done

Setting up password protection for AWstats ..

.. done

Creating Webmin user ..

.. done

Saving server details ..

.. done

Re-starting DNS server ..

.. done

Applying web server configuration ..

.. done

Re-starting Webmin ..

.. done

Re-starting Usermin ..

.. done

Re-loading Webmin ..

.. done

Requesting a certificate for turritopsis-dohrnii-teo-en-ming.com, http://www.turritopsis-dohrnii-teo-en-ming.com, mail.turritopsis-dohrnii-teo-en-ming.com, admin.turritopsis-dohrnii-teo-en-ming.com, webmail.turritopsis-dohrnii-teo-en-ming.com from Let’s Encrypt ..

.. request was successful!

Creating initial website index page ..

.. done

Applying web server configuration ..

.. done

Re-starting Webmin ..

.. done

Re-starting Usermin ..

.. done

Click Return to virtual server details

Edit Virtual Server

===================

In domain turritopsis-dohrnii-teo-en-ming.com

Virtual server details

======================

Domain name turritopsis-dohrnii-teo-en-ming.com

Administration username turritopsis-dohrnii-teo-en-ming (For MariaDB database : turritopsis-dohr)

Administration group turritopsis-dohrnii-teo-en-ming

Created on 10/19/2021 3:58:49 PM by root

Home directory /home/turritopsis-dohrnii-teo-en-ming

IP addresses 185.182.9.61 (185.182.9.61 externally)

Domain ID 163465190630155

Click Save Virtual Server

Save Server

===========

In domain turritopsis-dohrnii-teo-en-ming.com

Updating Webmin user ..

.. done

Updating Webmin user ..

.. done

Saving server details ..

.. done

Re-loading Webmin ..

.. done

Mr. Turritopsis Dohrnii Teo En Ming, 43 years old as of 19 Oct 2021, is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant with a Systems Integrator (SI)/computer firm in Singapore. He is an IT enthusiast.

REFERENCES

===========

[1] https://sourceforge.net/p/webadmin/mailman/message/37369722/

[2] https://marc.info/?l=webmin-l&m=163465469616880&w=2