DirectAdmin 1.680

[sewiti]

We are happy to announce the release of DirectAdmin 1.680.

A full release change log is here:

DirectAdmin 1.680​

The update should be automatically available for all installations subscribed to the current release channel.

We appreciate all the feedback on forums and issues reported in the ticketing system.

Thanks!

 

[Richard G]

Thanks.
Can you enlighten this one a bit for me as I'm not native English and I'm not sure what is ment by "mail address" here:

Any forwarder email address can be used as a sender address if the forwarding rule is configured to deliver emails to the main address.

1.) So I have 2 forwarder emails.
One mail going to my ticket system is automatically also forwarded to my normal contact mail address. This keeps working I presume?

2.) Other situation. A customer has [email protected] and has his mail automatically forwarded to [email protected] for example.
Microsoft is often messing with from adresses, but it can also be gmail and this is a forward which is not going to the "main address".

It's not clear to me what happens in these 2 situations or what exactly changes with forwarders, would be nice to have an example for us non-English users.

 

[zEitEr]

One mail going to my ticket system is automatically also forwarded to my normal contact mail address. This keeps working I presume?

If you have an email account [email protected] and forwarders with names [email protected] or [email protected] routing incoming emails to [email protected], then when authenticated in SMTP as [email protected] you can specify your forwarders in From, Reply-To headers. And emails should pass the security check.

 

[LawsHosting]

So, you can log in to the main account, but you can set the From/Reply-To/etc fields to any of your forwarders....

 

[Ohm J]

I have a little question about Exim.
Is this still work if the user is owner of the domain, but can set any sender name, "{any_sproof}@user_domain" ?

 

[sewiti]

To address lingering questions with additional Exim ACL:

• User can always send email from address that was used for authentication.

Example: user authenticated as "[email protected]" can send emails from "[email protected]" address.

• Domain part can be an alias domain that points to the main domain.

Example: if alias domain "alias.example.com" points to "example.com", user authenticated as "[email protected]" can send emails either from "[email protected]" or "[email protected]"

• Local part can be a forwarder address from the main domain if it forwards to his authenticated email address.

Example: if "[email protected]" is forwarded to "[email protected]", user authenticated as "[email protected]" can send emails either from "[email protected]" or "[email protected]"

• If catch-all points to his authenticated email address he can send from any local part within the same domain.

Example: if Catch All E-mail forwards mail to "[email protected]", user authenticated as "[email protected]" can send emails from "{anything}@example.com"

 

[sewiti]

I have a little question about Exim.
Is this still work if the user is owner of the domain, but can set any sender name, "{any_sproof}@user_domain" ?

Yes, domain owner authenticated as "user" (without domain), can send from "{any_sproof}@user_domain" address.

 

[Richard G]

Oke so if I understand correctly, nothing changes as far as it goes for "normal" forwarding as in my 2 examples. Thank you.

 

[sparek]

While this setting can be disabled - which is probably what I will do - it just seems that this "feature" is overstepping the boundaries of SMTP.

In principle I can see where this is beneficial, but it really needs to be part of SMTP and not something that DirectAdmin takes upon itself to implement. I can see this causing a lot of issues for users who have been implementing their own sending policies with a single SMTP Authentication user.

That's just my opinion. But at least this can be disabled.

 

[ericosman]

I think the base of the original issue is:

[email protected] can send mails "from" [email protected] (separate user in Directadmin)
As long as they are on the same server.

So this should prevent this from happening (as far as i understand)

 

[HageHosting]

After server update from directadmin including soft i get the following error

Misdirected Request​

The client needs a new connection for this request as the requested host name does not match the Server Name Indication (SNI) in use for this connection.

 

[djlolito]

Problem with Rocky linux 10, custom build, updating ModSecurity 2
Status code: 404 for https://dl.fedoraproject.org/pub/fe...ackages/y/yajl-devel-2.1.0-23.fc40.x86_64.rpm (IP: 38.145.32.23)

 

[HageHosting]

After a downgrade from apache 2.4.64 to 24.63 the error was over.

 

[Erulezz]

@HageHosting It's in the change log: https://docs.directadmin.com/changelog/version-1.680.html#software-version-changes

 

[smtalk]

After a downgrade from apache 2.4.64 to 24.63 the error was over.

Please make sure you use no custom configs. DA fix this issue on update time, but if you have custom configs, you should add needed configuration code manually, as mentioned by @Erulezz.

 

[zEitEr]

After server update from directadmin including soft i get the following error

Misdirected Request​

The client needs a new connection for this request as the requested host name does not match the Server Name Indication (SNI) in use for this connection.

The error occurs when a location in NGINX (proxy mode) is missing the following newly added directives:

                proxy_ssl_server_name on;
                proxy_ssl_name $host;

see:

[root@srv custom]# grep proxy_ssl /usr/local/directadmin/data/templates/nginx*
/usr/local/directadmin/data/templates/nginx_server_secure.conf:         proxy_ssl_server_name on;
/usr/local/directadmin/data/templates/nginx_server_secure.conf:         proxy_ssl_name $host;
/usr/local/directadmin/data/templates/nginx_server_secure_sub.conf:             proxy_ssl_server_name on;
/usr/local/directadmin/data/templates/nginx_server_secure_sub.conf:             proxy_ssl_name $host;

[root@srv custom]#

you will need to add these directives either in custom templates (if they are used) or in directadmin on a custom httpd page (if only configs for selective domains are customized)

If you don't know how to fix it, contact me for a private assistance, you will be charged a fee in this case.

 

[sirwiz]

Have same issue like HageHosting, think there should be a warning or simple script added by DA if update affects config files in such way in future.

This works form me:

#!/bin/bash

FILES=(
"/usr/local/directadmin/data/templates/custom/nginx_server_secure.conf"
"/usr/local/directadmin/data/templates/custom/nginx_server_secure_sub.conf"
)

for TEMPLATE in "${FILES[@]}"; do
if [[ -f "$TEMPLATE" ]]; then
echo "Processing $TEMPLATE..."
TMPFILE=$(mktemp)

awk '
/location[[:space:]]*\/[[:space:]]*\{/ { loc_open = 1 }
loc_open && /proxy_pass/ {
if (!found_ssl) {
print " proxy_ssl_server_name on;"
print " proxy_ssl_name $host;"
found_ssl = 1
}
}
/}/ { loc_open = 0; found_ssl = 0 }
{ print }
' "$TEMPLATE" > "$TMPFILE"

cp "$TEMPLATE" "$TEMPLATE.bak"
mv "$TMPFILE" "$TEMPLATE"
echo "✓ SNI directives added where needed."
else
echo "Skipped: $TEMPLATE not found."
fi
done

echo "Reloading configuration..."
/usr/local/directadmin/custombuild/build rewrite_confs
systemctl restart nginx
systemctl restart httpd

 

[Imtek]

Have same issue like HageHosting, think there should be a warning or simple script added by DA if update affects config files in such way in future.

This works form me:

Totally agree, even when people have custom configs DA totally just deploys the update without any warning. Still you run the updates yourself but a warning would be nice or unable to update until you fix the warning would be better than just running the install of the new version without warning.