Delete a domain without deleting email?

[Drecca]

Is there any way to delete a domain without deleting the contents of its IMAP folder?

Not the web folder popup, specifically the imap folder.

SSL requests are a bit crazy, DA is trying to renew LE certificates with domains that are straight up not registered anymore, and it's causing problems. But I don't want to delete actual data by attempting to solve this by removing the actual domains.

 

[Richard G]

Is there any way to delete a domain without deleting the contents of its IMAP folder?

Short answer, no.
Why would you want to do that, what is the benefit of keeping the contents of the imap folder?
I think it won't fix your issue with SSL either.

Just for point of interest, you could backup your mail with Mailstore Home (free) for example. Or just copy your imap folder to a folder you create yourself like "backupmail" or something, then you can safely delete your domain and copy back the imap contents afterwards after you re-create the domain.

However, there are multiple options you can use.
If the domain is not registered anymore, you can just click the button to not renew anymore. That will stop retries too.

If it's the autossl setting which is bothering you, then you can disable that via this command:

/usr/local/directadmin/directadmin set admin_ssl_check_retries 0  
service directadmin restart

Be aware that this command will disable autossl for the whole server.

So in fact no need to delete domain to fix ssl problems.

 

[Drecca]

I guess I could have went into a bit more detail

Here are the LE settings in da.conf:

admin_ssl_default_wildcard=0
admin_ssl_install_to_missing=1
admin_ssl_poll_frequency=5m:15m:30m:1h:12h:1d:1w
admin_ssl_replace_all_expired_invalid=1
letsencrypt=1
letsencrypt_disable_renew_after_renew_failure=0
letsencrypt_list=www:mail:ftp:pop:smtp:webmail:cp
letsencrypt_renewal_error_to_users=0
letsencrypt_renewal_failure_notice_after_attempt=0
letsencrypt_renewal_notice_to_admins=0
letsencrypt_renewal_success_notice=0

The problem is domains that are not registered anymore are all being retried over and over.

If I set "admin_ssl_replace_all_expired_invalid" to 0 - then SSL's don't get renewed at all, even on valid domains.

Thoughts on this? Is there something I'm missing?

 

[Richard G]

Thoughts on this? Is there something I'm missing?

I don't see the admin_ssl_check_retries 0 which I suggested to disable autossl. Unless you want autossl for new domains.

Then you have this setting:

admin_ssl_install_to_missing=1

So this will install SSL to where SSL is missing. Which is imho including domains existing on the server but not on registrar anymore.

letsencrypt_disable_renew_after_renew_failure=0

I would set this to 1 to prevent renewal after failure. Otherwise it will also try again after some time.

So the above settings should fix things imho.

If I set "admin_ssl_replace_all_expired_invalid" to 0 - then SSL's don't get renewed at all, even on valid domains.

Exactly, so I woulnd't change this as this is good for valid domains.

But why keep invalid domains and mail, just out of curiosity?

 

[zEitEr]

Hello,

Directadmin retries to renew certificates since you have letsencrypt_disable_renew_after_renew_failure=0

In order to disable Directadmin from renewing certificates you might consider the following options (as well as those options that Richard has already suggested):

- Set letsencrypt_disable_renew_after_renew_failure=1, but not zero (Richard has already mentioned it)
- Make sure renew_letsencrypt_on_suspended_domain=0 is set and then suspend unregistered domains in DirectAdmin
- Remove a certificate from unregistered domains in DirectAdmin
- Rename domains to something that you control (like expired-domain.com to expired-domain-com.hostname.com)

One can automate these actions using DirectAdmin hooks.