[GH-ISSUE #1204] Something wrong with automx configuration #982

New issue

Closed

opened 2026-02-27 11:14:35 +03:00 by kerem · 1 comment

kerem commented 2026-02-27 11:14:35 +03:00

Owner

Copy link

Originally created by @danielsatanik on GitHub (Jul 29, 2017).
Original GitHub issue: https://github.com/modoboa/modoboa/issues/1204

Impacted versions

• Modoboa: 1.8.2
• installer used: Yes (without amavis)
• Webserver: Nginx
• I change the domain infos

Steps to reproduce

$ su - automx
$ source env/bin/activate
$ automx-test automx@automx.com

Current behavior

best is if I just give the output, but it uses the default vhost instead of the autoconf one

Testing Autoconfig ...
Connecting to http://autoconfig.automx.com/mail/config-v1.1.xml?emailaddress= automx@automx.com ...

  HTTP/1.1 307 Temporary Redirect
  Server: nginx/1.10.3 (Ubuntu)
  Date: Sat, 29 Jul 2017 09:58:26 GMT
  Content-Type: text/html
  Content-Length: 196
  Connection: keep-alive
  Location: https://autoconfig.automx.com/mail/config-v1.1.xml?emailaddress=automx@automx.com
  HTTP/1.1 404 Not Found
  Server: nginx/1.10.3 (Ubuntu)
  Date: Sat, 29 Jul 2017 09:58:26 GMT
  Content-Type: text/html
  Content-Length: 178
  Connection: keep-alive
Trying fallback URL ...
Connecting to http://automx.com/.well-known/autoconfig/mail/config-v1.1.xml?emailaddress=automx@automx.com ...

Expected behavior

• email configuration should be resolved

Video/Screenshot link (optional)

here is the current autoconfig.automx.com.conf in /etc/nginx/sites-enabled/
I added the second block because it was completely missing

upstream automx {
    server unix:/run/uwsgi/app/automx_instance/socket fail_timeout=0;
}

server {
    listen 80;
    listen [::]:80;
    server_name autoconfig.automx.com;
    root /srv/automx/instance;

    access_log /var/log/nginx/autoconfig.automx.com-access.log;
    error_log /var/log/nginx/autoconfig.automx.com-error.log;

    location /mail/config-v1.1.xml {
        include uwsgi_params;
        uwsgi_pass automx;
    }
}

server {
    listen 443 ssl http2;
    server_name autodiscover.automx.com;
    root /srv/automx/instance;

    ssl_certificate /etc/letsencrypt/live/automx.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/automx.com/privkey.pem; # managed by Certbot
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:10m;
    ssl_ecdh_curve secp384r1;
    ssl_verify_depth 3;
    ssl_dhparam /etc/ssl/certs/dhparam.pem;
    ssl_session_timeout 10m;
    ssl_session_tickets off;
    ssl_stapling on;
    ssl_stapling_verify on;
    resolver 8.8.8.8 8.8.4.4 valid=300s;
    resolver_timeout 5s;

    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
#    add_header X-Frame-Options DENY;
    add_header X-Content-Type-Options nosniff;

#    client_max_body_size 10M;

    access_log /var/log/nginx/autodiscover.automx.com-access.log;
    error_log /var/log/nginx/autodiscover.automx.com-error.log;

    location /mail/config-v1.1.xml {
        include uwsgi_params;
        uwsgi_pass automx;
    }

    location /mobileconfig {
    	include uwsgi_params;
        uwsgi_pass automx;
    }
}

for clarification I give the default configuration in nginx

# Default server configuration
server {
	listen 80 default_server;
	listen [::]:80 default_server;
	server_name _;
	return 307 https://$host$request_uri;
}

server {
	# SSL configuration
	listen 443 ssl http2 default_server; # managed by Certbot

	set $basepath "/var/www";

	server_name ~^(\w+\.)?\w+\.\w+$;
	if ( -d $basepath/$host/public ) {
		set $rootpath $basepath/$host/public;
	}
	if ( !-d $basepath/$host/public ) {
		set $rootpath $basepath/$host;
	}

	root $rootpath;

	access_log "/var/log/nginx/${host}.access.log";
	error_log "/var/log/nginx/error.log" debug;

	index index.php index.html index.htm index.nginx-debian.html;

	location / {
		try_files $uri $uri/ /index.php?$query_string;
	}

	location ~ \.php$ {
		include snippets/fastcgi-php.conf;
		fastcgi_pass unix:/run/php/php7.0-fpm.sock;
	}

	location ~ /\.ht {
		deny all; 
	}

	location ~ /.well-known {
		allow all;
	}

	ssl_certificate /etc/letsencrypt/live/automx.com/fullchain.pem; # managed by Certbot
	ssl_certificate_key /etc/letsencrypt/live/automx.com/privkey.pem; # managed by Certbot
	# ssl_session_cache shared:le_nginx_SSL:1m; # managed by Certbot
	# ssl_session_timeout 1440m; # managed by Certbot

	ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # managed by Certbot
	ssl_prefer_server_ciphers on; # managed by Certbot

	ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";

	ssl_ecdh_curve secp384r1;
	ssl_session_cache shared:SSL:10m;
	ssl_session_timeout 10m;
	ssl_session_tickets off;
	ssl_stapling on;
	ssl_stapling_verify on;
	resolver 8.8.8.8 8.8.4.4 valid=300s;
	resolver_timeout 5s;
	# disable HSTS header for now
	add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
	add_header X-Frame-Options DENY;
	add_header X-Content-Type-Options nosniff;

	ssl_dhparam /etc/ssl/certs/dhparam.pem;

	gzip off;
}

Originally created by @danielsatanik on GitHub (Jul 29, 2017). Original GitHub issue: https://github.com/modoboa/modoboa/issues/1204 # Impacted versions * Modoboa: 1.8.2 * installer used: Yes (without amavis) * Webserver: Nginx * I change the domain infos # Steps to reproduce ``` $ su - automx $ source env/bin/activate $ automx-test automx@automx.com ``` # Current behavior best is if I just give the output, but it uses the default vhost instead of the autoconf one ``` Testing Autoconfig ... Connecting to http://autoconfig.automx.com/mail/config-v1.1.xml?emailaddress= automx@automx.com ... HTTP/1.1 307 Temporary Redirect Server: nginx/1.10.3 (Ubuntu) Date: Sat, 29 Jul 2017 09:58:26 GMT Content-Type: text/html Content-Length: 196 Connection: keep-alive Location: https://autoconfig.automx.com/mail/config-v1.1.xml?emailaddress=automx@automx.com HTTP/1.1 404 Not Found Server: nginx/1.10.3 (Ubuntu) Date: Sat, 29 Jul 2017 09:58:26 GMT Content-Type: text/html Content-Length: 178 Connection: keep-alive Trying fallback URL ... Connecting to http://automx.com/.well-known/autoconfig/mail/config-v1.1.xml?emailaddress=automx@automx.com ... ``` # Expected behavior * email configuration should be resolved # Video/Screenshot link (optional) here is the current autoconfig.automx.com.conf in `/etc/nginx/sites-enabled/` I added the second block because it was completely missing ``` upstream automx { server unix:/run/uwsgi/app/automx_instance/socket fail_timeout=0; } server { listen 80; listen [::]:80; server_name autoconfig.automx.com; root /srv/automx/instance; access_log /var/log/nginx/autoconfig.automx.com-access.log; error_log /var/log/nginx/autoconfig.automx.com-error.log; location /mail/config-v1.1.xml { include uwsgi_params; uwsgi_pass automx; } } server { listen 443 ssl http2; server_name autodiscover.automx.com; root /srv/automx/instance; ssl_certificate /etc/letsencrypt/live/automx.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/automx.com/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ssl_ecdh_curve secp384r1; ssl_verify_depth 3; ssl_dhparam /etc/ssl/certs/dhparam.pem; ssl_session_timeout 10m; ssl_session_tickets off; ssl_stapling on; ssl_stapling_verify on; resolver 8.8.8.8 8.8.4.4 valid=300s; resolver_timeout 5s; add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; # add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; # client_max_body_size 10M; access_log /var/log/nginx/autodiscover.automx.com-access.log; error_log /var/log/nginx/autodiscover.automx.com-error.log; location /mail/config-v1.1.xml { include uwsgi_params; uwsgi_pass automx; } location /mobileconfig { include uwsgi_params; uwsgi_pass automx; } } ``` for clarification I give the default configuration in nginx ``` # Default server configuration server { listen 80 default_server; listen [::]:80 default_server; server_name _; return 307 https://$host$request_uri; } server { # SSL configuration listen 443 ssl http2 default_server; # managed by Certbot set $basepath "/var/www"; server_name ~^(\w+\.)?\w+\.\w+$; if ( -d $basepath/$host/public ) { set $rootpath $basepath/$host/public; } if ( !-d $basepath/$host/public ) { set $rootpath $basepath/$host; } root $rootpath; access_log "/var/log/nginx/${host}.access.log"; error_log "/var/log/nginx/error.log" debug; index index.php index.html index.htm index.nginx-debian.html; location / { try_files $uri $uri/ /index.php?$query_string; } location ~ \.php$ { include snippets/fastcgi-php.conf; fastcgi_pass unix:/run/php/php7.0-fpm.sock; } location ~ /\.ht { deny all; } location ~ /.well-known { allow all; } ssl_certificate /etc/letsencrypt/live/automx.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/automx.com/privkey.pem; # managed by Certbot # ssl_session_cache shared:le_nginx_SSL:1m; # managed by Certbot # ssl_session_timeout 1440m; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # managed by Certbot ssl_prefer_server_ciphers on; # managed by Certbot ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; ssl_ecdh_curve secp384r1; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; ssl_session_tickets off; ssl_stapling on; ssl_stapling_verify on; resolver 8.8.8.8 8.8.4.4 valid=300s; resolver_timeout 5s; # disable HSTS header for now add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; ssl_dhparam /etc/ssl/certs/dhparam.pem; gzip off; } ```

kerem closed this issue 2026-02-27 11:14:35 +03:00

kerem commented 2026-02-27 11:14:36 +03:00

Author

Owner

Copy link

@tonioo commented on GitHub (Jul 29, 2017):

This issue was moved to modoboa/modoboa-installer#151

<!-- gh-comment-id:318827188 --> @tonioo commented on GitHub (Jul 29, 2017): This issue was moved to modoboa/modoboa-installer#151

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

fix/sievefilters-allow-email-in-rule-name

dependabot/npm_and_yarn/frontend/axios-1.15.0

translations_04c0b653215cb5fa48ab101eae1a1917_ja_JP

translations_5d93982e9fd6dab991db4faf93ce9ded_ja_JP

fix/login-issue-3995

fix/sievefilters-issues

add-vitepress-openapi

2974-dmarc-empty-email

2.3.x

updated-doc-2.3.0

feature/OIDC

delete-all-alarms

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_af_ZA

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_ar

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_ca

1.x

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_sk

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_tr

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_es_ES

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_uk

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_zh_CN

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_de_DE

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_da_DK

1.8.x

1.7.x

1.6.x

1.4.x

1.3.x

1.2.x

2.8.2

2.8.1

2.8.0

2.7.2

2.7.1

2.7.0

2.6.5

2.6.4

2.6.3

2.6.2

2.6.1

2.6.0

2.5.1

2.5.0

2.4.11

2.4.10

2.4.9

2.4.8

2.4.7

2.4.6

2.4.5

2.4.4

2.4.3

2.4.2

2.4.1

2.4.0

2.3.6

2.3.5

2.3.4

2.3.3

2.3.2

2.3.1

2.3.0

2.3.0-beta.4

2.3.0-beta.3

2.3.0-beta.2

2.3.0-beta.1

2.2.4

2.2.3

2.2.2

2.2.1

2.2.0

2.1.2

2.1.1

2.1.0

2.0.5

2.0.4

2.0.3

2.0.2

2.0.1

2.0.0

2.0.0-beta.3

2.0.0-beta.2

2.0.0-beta.1

1.17.0

1.16.1

1.16.0

1.15.0

1.14.0

1.13.1

1.13.0

1.12.2

1.12.1

1.12.0

1.11.1

1.11.0

1.10.7

1.10.6

1.10.5

1.10.4

1.10.3

1.10.2

1.10.1

1.10.0

1.9.1

1.9.0

1.8.3

1.8.2

1.8.1

1.8.0

1.7.4

1.7.3

1.7.2

1.7.1

1.7.0

1.6.3

1.6.2

1.6.1

1.6.0

1.5.3

1.5.2

1.5.1

1.5.0

1.4.5

1.4.4

1.4.3

1.4.2

1.4.1

1.4.0

1.3.5

1.3.4

1.2.2

1.3.3

1.3.2

1.3.1

1.3.0

1.2.1

1.2.0

1.2.0-rc2

1.2.0-rc1

1.1.7

1.1.6

1.1.5

1.1.4

1.1.3

1.1.2

1.1.1

1.1.0

1.0.1

1.0.0

0.9.5

0.9.4

0.9.3

0.9.2

0.9.1

0.9

0.8.8

0.8.7

0.8.6.1

0.8.6

0.8.5

0.8.4

0.8.3

0.8.3-rc1

0.8.2

0.8.1

0.8

0.8-rc2

0.8-rc1

0.7.2

0.7.1

0.7

0.6.1

0.6

0.5

0.3

0.2

0.1

Labels

Clear labels   

bug

  

bug

  

dependencies

  

design

  

documentation

  

duplicate

  

enhancement

  

enhancement

  

enhancement

  

feedback-needed

  

help-needed

  

help-needed

  

installer

  

invalid

  

looking-for-sponsors

  

modoboa-contacts

  

new-ui

  

new-ui

  

pr

  

pull-request

Mirrored from GitHub Pull Request

  

pyconfr

  

python

  

question

  

security

  

stale

  

webmail

  

wontfix

No labels

bug

bug

dependencies

design

documentation

duplicate

enhancement

enhancement

enhancement

feedback-needed

help-needed

help-needed

installer

invalid

looking-for-sponsors

modoboa-contacts

new-ui

new-ui

pr

pull-request

pyconfr

python

question

security

stale

webmail

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/modoboa-modoboa#982

No description provided.