Troubleshooting email in WHM

In this article we will go over the process used to investigate Email delivery issues on a WHM server. This can be helpful when a user is having issues receiving or sending Emails. The Mail Troubleshooter tool provided in WHM works by tracing the route an Email would take when sent to the provided Email address.

  1. With WHM opened in your browser, (a) type ‘Mail Troubleshooter’ into the search box. This will sort the menu options for you, (b) now find and click “Mail Troubleshooter”.
    troubleshoot-email-pt1
  2. Now on the Mail Troubleshooter page you should see a text box labeled as “Email to trace”. Enter the Email address you wish to trace here.
    troubleshoot-email-pt2
  3. Once you click Submit, you will be on the results page.
    troubleshoot-email-pt3

The example above shows a working configuration for a Gmail based email address. If the results show no errors the issue is likely related to improper Email client settings.
Below you will find an example of results showing errors, the issue here is that the domain has DNS problems and is not able to be resolved.

troubleshoot-email-pt4

Import Emails with Webmail on a cPanel Server

When it comes to importing Emails on to a cPanel based server, using Webmail is the easiest method. Currently cPanel-based servers offer three different webmail interfaces [Horde, Squirrel Mail, and RoundCube] for viewing and managing email accounts without the need to setup an email client. This tutorial will focus on how to import emails from your server by utilizing the Horde Webmail interface.

While RoundCube does support email importing, it only allows you to do so with a single email at a time. This may not be an issue for some, but when working to import a large number of emails, this can be an inconvenience. Horde, on the other hand, allows the importing of entire folders, which can speed things up when working to import in bulk.

Pre-flight Checklist

  • These instructions are intended specifically for a managed Liquid Web server with cPanel.
  • The Horde Webmail interface must not be disabled on the server.
  • Access to the cPanel which owns the email address will be necessary.

Import Emails with Horde Webmail

For importing emails via Horde the process is largely the same as when exporting. You will need to start the same by opening the webmail interface for the email account. Once you are logged into the email address and have horde open you can proceed with the importing directions below.

Our example for importing continues from the examples set in exporting found above. Though, in this example we are using a different email account that is currently empty of any Emails.
    1. From the Horde interface of the account you wish to import to, right click the folder you would like emails imported to. We will use the Inbox.

Email Import - Horde Folder Menu

    1. From the folder drop down menu select “Import”

step-two

    1. You will now see a popup to select the file for uploading, select the file by clicking ‘Browse’ to use the file picker.

Email Import - Horde File Select

  1. With a file selected click the “OK” button and Horde will begin the upload and import. After clicking OK you should return to the main Horde interface, there you will begin to see the imported emails to populate.

With this step complete you can now see that the emails were imported. You can see this below by comparing the two screenshots:

Email Export - Horde Interface

Import Results

Export Emails with Webmail on a cPanel Server

When it comes to exporting Emails on a cPanel based server using Webmail is the easiest method. Currently, cPanel-based servers offer three different webmail interfaces [Horde, Squirrel Mail, and RoundCube] for viewing and managing email accounts. Using a webmail client allows you access to your Emails without the need to setup an email client. This tutorial will focus on how to export emails from your server by utilizing the Horde Webmail interface.

While RoundCube does support email exporting, it only allows you to do so with a single email at a time. This may not be an issue for some, but when working to export a large number of emails this can be an inconvenience. On the other hand, Horde allows the exporting of entire folders, this can speed things up when working to export in bulk.

Pre-flight Checklist

  • These instructions are intended specifically for a managed Liquid Web server with cPanel.
  • The Horde Webmail interface must be enabled on the server.
  • Access to the cPanel account which owns the email address will be necessary.

Export Emails with Horde Webmail

  1. Open webmail for the email address you would like to export.
    You can do this by either logging into webmail with the email address directly, or by going in through the cPanel account that owns the email address.

    Open Webmail via cPanel:

    1. Login to the cPanel account that owns the email address you are looking to export.
    2. On the main cPanel page for the account find and click the “Email Accounts” button.
      Email Export Main cPanel
    3. Now on the Email Accounts page, find the email address you’d like to export emails for. Click the “More” button and then find and click “Access Webmail”.
      cPanel Email - Action Menu

    Open Webmail directly:

    1. To open webmail directly you would pull up the webmail login by visiting:
      http://[Server IP]:2097 or http://[Server Hostname]:2097
    2. You should now see a Webmail login page where you can enter the email address and respective password to login.
  2. Once the Webmail login is complete, either by direct login or login via cPanel, you will be presented with a page for Webmail selection.

  3. You should select ‘Horde’ when presented the choice of a Webmail client application. Once Horde is fully loaded you will see an interface similar to the following screenshot:
    Email Export - Horde Interface

    You can choose any folder you would like, for this example we will be using the Inbox.
  4. From Horde, right click ‘Inbox’ and select ‘Export’ from the list.
    Email Export - Horde Folder Menu
  5. You will now see a popup with export options, you can simply click ‘OK’ to get the exported emails in MBOX format.
    Email Export - Horde Download

With that complete you should now see your browser downloading the Emails in the MBOX format. The MBOX file format is a fairly generic format used for backing up Emails. The MBOX format is essentially a plain text file and has a wide range of support with various Email clients.

For more details and information on this file format see the MBOX wikipedia page.

EasyApache 4 & CLI based PHP utilities

With the release of EasyApache 4 in WHM 58 there are various changes to how PHP is managed. The most obvious being that EasyApache 4 brings support for installing multiple PHP versions alongside each other. However with multiple versions of PHP being installed on the server it’s easy to lose track of your command-line based PHP utilities and their PHP requirements.

Certain PHP packages like Composer, Drush, and WP-cli prefer to be run with the latest version of PHP. Unfortunately, having multiple PHP versions can mean not knowing which PHP will execute the utility when you call it directly. This article will detail a few methods to specify which PHP version should be used in instances like this.

Pre-flight Check:

  • These instructions are intended specifically for cPanel-based servers running WHM prior to version 58.
  • Command line access via SSH may be necessary to follow the examples.
  • The server will need to have EasyApache 4 active.
  • PHP 7 will be necessary to follow the provided examples.

Option #1: Directly Call the PHP Binary

The most basic option to workaround these issues is to directly call the PHP binary you need before executing the script. While this can be effective and will work as expected most of the time, certain utilities will not work when using this method.

You may want to attempt this method first and move on to Option #2 if this does not work as expected; generally though, this should work for executing basic PHP code.

/opt/cpanel/ea-php70/root/usr/bin/php someScript.php

The above command will specifically call the 7.0 version of PHP and will execute the someScript.php file within that version of PHP. If they are also installed on the server, the alternative PHP versions can be found at:

  • /opt/cpanel/ea-php55/root/usr/bin/php
  • /opt/cpanel/ea-php56/root/usr/bin/php
  • /opt/cpanel/ea-php70/root/usr/bin/php

Option #2: Use scl to Specify PHP Versions

As mentioned, certain PHP utilities are not provided as basic PHP files and are stored in the PHAR format. These utilities will not execute properly with the above method for specifying the PHP version. For these types of utilities you will need to specify the PHP version using a command called `scl`.

This command is a utility that allows running software in an environment packaged as a ‘Software Collection’. To be brief a ‘Software Collection’ is a way of defining an alternate location to a certain software. Fortunately, WHM provides predefined collections for the various versions of PHP supported by EasyApache 4.

The syntax of this command is as follows:

scl enable {SoftwareCollection} '{CommandToRun}'

Where you replace {SoftwareCollection} with the needed collection [ea-php55, ea-php56, or ea-php70], and you replace {CommandToRun} with the command, utility, or script you need to run.

A good way to highlight this is to review the difference in the following outputs:

root@noms [~]# php -v

PHP 5.6.25 (cli) (built: Aug 25 2016 17:00:38)
Copyright (c) 1997-2016 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies
with the ionCube PHP Loader v4.7.5, Copyright (c) 2002-2014, by ionCube Ltd., and
with Zend Guard Loader v3.3, Copyright (c) 1998-2014, by Zend Technologies
with Zend OPcache v7.0.4-dev, Copyright (c) 1999-2015, by Zend Technologies

root@noms [~]# scl enable ea-php70 'php -v'

PHP 7.0.10 (cli) (built: Aug 25 2016 18:04:55) ( NTS )
Copyright (c) 1997-2016 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2016 Zend Technologies
with Zend OPcache v7.0.10, Copyright (c) 1999-2016, by Zend Technologies

As you can see when calling PHP by itself we get the default version, but when using scl we explicitly called the PHP 7.0 collection and get results to match.

Example #1: Executing a utility [Composer]:

root@noms [~]# scl enable ea-php70 'composer --version'

Composer version 1.2.0 2016-07-19 01:28:52

Example #2: Running a PHP script:

root@noms [~]# scl enable ea-php70 './someScript.php'

With these key tips and tricks you should now be equipped with the necessary tools to run CLI utilities on a server using EasyApache 4. If you have any questions or are not comfortable making these changes yourself, please feel free to contact Heroic Support®.

Enabling Let’s Encrypt for AutoSSL on WHM based Servers

With the recent release of cPanel & WHM version 58 there has been the addition of an AutoSSL feature, this tool can be used to automatically provide Domain Validated SSLs for domains on your WHM & cPanel servers.

Initially this feature was released with support provided for only cPanel (powered by Comodo) based SSL certificates, with the plans to support more providers as things progressed. As of now, cPanel & WHM servers running version 58.0.17, and above, can now also use Let’s Encrypt as an SSL provider. More information on Let’s Encrypt can be found here. Continue reading “Enabling Let’s Encrypt for AutoSSL on WHM based Servers”

What’s New in WHM 58 & What to Look For

In the 58 update of WHM & cPanel several rather large changes have been made to improve upon user experience and to expand available features. As cPanel works to continually expand and improve their offerings, we like to do our best to keep everyone informed and updated. Here are some of the highlights and items to look out for as the 58 update moves to release tier.

What to prepare for?

When large WHM updates, similar to this one, are released, there are often certain items that may exclude a server from being eligible for the update. These are often referred to as ‘update blockers’ within the official documentation. The items here are changes related to these ‘update blockers’.

  • CentOS 5 & CloudLinux 5 are no longer supported by WHM on and after update 58
    • CentOS 5 itself, and therefore CloudLinux 5, are becoming end-of-life status on March 31 of 2017, due to this and software limitations that these OS’s cause, cPanel is removing support preemptively.
  • Servers’ processors must now support 64-bit processing
    • Any older servers with 32-bit (x86) processes will no longer be supported by cPanel/WHM.
  • For a more detailed list of Upgrade Blockers please see: https://confluence2.cpanel.net/display/ALD/58+Release+Notes
  • These update blockers will require a migration in order to update to WHM 58: Feel free to contact our Heroic Support® if you are experiencing these blocks.

What is new?!

On this release cPanel has included a lot of highly-requested features and improvements. This provides for a lot of new opportunities, but with so many changes, it’s easy to lose track of all the great new features that were added. Here are the highlights:

  • Addon Domain to account conversion tool
    • With this new feature you are now able to easily convert an Addon domain into a full-fledged cPanel account.
  • Roundcube is now provided via RPM’s
  • Support for Dovecot’s mdbox storage format
    • Previously email files were stored on a ‘flat file’ manner, one file for each email. Now a user’s complete email storage can use the mdbox file format.
    • For users with large numbers of emails this should help reduce issues and concerns about using up too many disk Inodes.
  • Dovecot now supports email subaddresses
    • Email users can now append their address in a manner that will automatically deliver a message to a specific folder.
    • E.G.: username+Important@email.com will deliver a message directly to the ‘Important’ folder for the username@email.com address.
  • EasyApache 4 has been released
    • It is the default on new WHM installations
      • Existing servers will need to upgrade manually, once upgraded this cannot be reverted.
    • Now fully supports PEAR and PECL
    • EasyApache config tools have been completed as well
      • Provides useful tools to manage EasyApache 4 profiles
    • PHP-FPM support is now included, although it’s not fully refined yet and must be activated outside of WHM.
      • Contact Heroic Support for assistance on setting up and deploying PHP-FPM.
  • Multi-PHP Manager released
    • With EasyApache 4 being released the new Multi-PHP manager has been completed as well.
    • Servers can now operate while providing multiple PHP versions with ease.
  • PHP 7 is now supported and provided via EasyApache 4
  • AutoSSL
    • Free domain-validated SSL certificates are provided by cPanel (powered by Comodo)
    • As of WHM version 58.0.17, and above, AutoSSL now supports Let’s Encrypt as an SSL provider; for more details, see our KB article here.
Free cPanel-provided hostname SSL’s have been provided since WHM release 56 as well.
  • WHM now provides Composer by default
    • Composer is a dependency management tool for PHP-based projects, used frequently in the development and deployment of PHP-based apps, sites, or projects.
    • The WHM provided version does support Composer’s internal update mechanism to stay updated.

What has been changed?

Based on user feedback cPanel will make changes to presets, or default settings, as well as providing updates for 3rd-party tools included in WHM. This section encompases these types of updates.

  • Munin has been updated to provide the 2.0 version
    • Munin is a free system, network, and infrastructure monitoring tool.
  • Reject SPF failures is now enabled by default.
    • This will ensure that servers are checking incoming mail for valid SPF records and will reject Emails which result in a failure.
    • Provides an easier setup for WHM and helps prevent spam.
  • Prevent ‘nobody’ from sending Email now enabled by default.
    • Apache traditionally runs as the ‘nobody’ user and this change to the settings will ensure that by default servers are secure from Apache sending mail.
    • Helps to prevent compromised or unsecure sites for sending outgoing spam.
  • Dovecot now functioning as the local mail delivery agent
    • Exim will now receive inbound messages, connect to Dovecot via LMTP (Local Mail Transfer Protocol) and then deliver the messages.
  • WHM’s internal version of PHP has been updated

What has been removed?

cPanel will often remove redundant, legacy, or unneeded items or features; some of those to keep an eye out for are:

  • Removed ‘Mailserver Selection’ page from WHM
    • In previous releases WHM removed support for Courier and as such this screen is now unused.
  • Bandmin has been removed
    • Bandwidth usages can still be seen and monitored in:
      • Home >> Account Information >> View Bandwidth Usage, or
      • Home >> Metrics >> Bandwidth
  • Stunnel support has been removed
  • Security Advisor has been removed – check on new vs. existing

For more information and details on the various changes coming in the 58 release of WHM and cPanel, please see the official release notes here: https://confluence2.cpanel.net/display/ALD/58+Release+Notes

If you have any questions or are not comfortable making these changes yourself, please feel free to contact Heroic Support®.

A Closer Look at cPanel Notifications

In recent updates, cPanel has modified some of the notification settings for their control panel. As a result, you may find that the priority of certain notification types have changed and you may begin to receive notifications that you previously had not encountered. In particular, the notification options for Security Advisor changed with the release of WHM 56 on April 26, 2016.

The notification changes by cPanel are meant to both help users better manage their servers and also keep them informed of potential security risks, such as those posed by outdated software versions which no longer receive updates.

With some exceptions, many of the notifications are purely informational and not necessarily a cause for alarm. Here are the most common notifications followed up on via support requests:

‘New security advisor notifications with high importance’

WHM’s Security Advisor routinely performs a security scan on the server and alerts you to items it considers potential security risks. For each item flagged, the cPanel notification will clearly explain how to resolve the issue at your convenience. It’s important to note that while some recommendations, such as enabling SMTP Restrictions, Enabling Brute Force Protection, and increasing Password Strength Requirements are worthy of attention in nearly all cases, other recommendations may not be appropriate for your situation. For example, you may prefer not to disable root SSH access or SSH password authentication (and should not unless you have set up and tested SSH keys to connect to your server). To learn more about specific messages, visit our article on cPanel Security Advisor Notices. If you need guidance, feel free to contact Heroic Support®.

‘Your SSL Certificate is now available for download and installation’

Beginning with WHM version 56, cPanel now includes a free signed SSL certificate to cover the hostname (and only the hostname) of the server on which it runs. This feature eliminates warnings and notices associated with using self-signed SSL certificates and protects all connections to server services, such as email and ftp, and is automatically installed and renewed when possible. In order for the automatic installation to occur, however, the server’s hostname must resolve in a browser (that is, it must have a DNS record). Additionally, if you already have purchased an SSL to cover your hostname (either a dedicated SSL or a wildcard) cPanel will not attempt to overwrite it. Only self-signed SSLs installed on the server services (cPanel/WHM, FTP, SMTP, and the Mailserver) will be overwritten. Only if you have a purchased SSL installed on the hostname, and allow it to expire, will cPanel replace it. In any case, no action should be required on your part unless automated installation fails. In that event, you may contact Heroic Support® for assistance.

‘The system will automatically switch the mail server from Courier to Dovecot … in order to continue receiving updates.’

In cPanel/WHM versions up to 11.52, users were able to choose between two mail servers: Courier and Dovecot. Courier was selected by default, and most cPanel users never had reason to switch. However, beginning with cPanel/WHM version 54, Courier has been deprecated. cPanel will no longer support Courier in future releases, and the control panel can not be updated until the mailserver is switched.

If you want to switch the mail server yourself, you can follow our guide. Should you prefer not to switch to Dovecot and would like to continue to use Courier, you will need to change your cPanel update preferences and select the LTS (long-term support) release tier. cPanel will continue to send daily emails until one of these two actions have been taken. If you do not take any action, cPanel will automatically switch the mailserver at the time indicated in the email.

‘The server has POP3 before SMTP enabled’

This means that SMTP authentication is not being strictly enforced on the server. Effectively, any user who has successfully logged in to receive mail is treated as authenticated to also send mail from the same IP address for an hour after their successful incoming login.

The important thing to note is that it allows the IP address from which a successful email login was made to access the SMTP server, not just the specific user or device from which the successful login was made. In a modern home or office environment, a single public IP address typically is shared by many devices on that network. That’s also the case when you’re connected to a public wireless network, such as at a local coffee shop or shopping center.

With POP Before SMTP (also referred to as POP3 Before SMTP) enabled, it’s possible that a malicious user or compromised device connected to the same network — regardless of how well-secured your personal computer, workstation or mobile device may be — could relay mail through your server. Mitigating that potential security risk would be the primary reason for disabling POP Before SMTP on your server.

However, you should be aware that disabling POP Before SMTP means that any email account would be required to use SMTP authentication, and that would need to be configured in each individual mail client used with each email account in order for the account to be able to send mail.

While all modern mail clients such as recent versions of Outlook, Mac Mail and Thunderbird and any recent smartphone have that ability, the setting may not be enabled by default. If that’s the case, the account configuration would need to be adjusted in the email client.

For assistance configuring email clients, see How To Set Up Any Email Client.

‘The server has unmonitored services’/’The service has failed’

Through its ChkServd service, cPanel is able to monitor enabled services and automatically restart them when necessary. This is separate from, and unrelated to, Sonar Monitoring services which you can configure in your Manage dashboard.

While this is not a new capability, cPanel recently began notifying users of it, along with a list of any enabled cPanel services which were not configured already for monitoring. It is recommended, though completely optional, to enable monitoring for all active cPanel services to improve stability and ensure that services can be recovered as quickly as possible. You can enable monitoring in WebHost Manager at Service Manager, under the Service Configuration section in the left menu.

One thing to keep in mind is that cPanel will alert you to any service it has found to be down and automatically restarted via ChkServd, even if the service intentionally was stopped, such as during an update or a required restart of another service upon which it is dependent.

What that means is that you should not immediately assume the worst any time you receive a “Service Failed” or “Service Recovered” alert from cPanel. If you receive only a single notification of a service restarted, and not multiple alerts for the same service over an extended period of time, there generally is no cause for concern. However, should you receive multiple such alerts for a service, or should the alert indicate that the service could not automatically be restarted, please do not hesitate to contact us so that we may investigate.

‘Altered RPMs found’

While the message subject can sound somewhat ominous, it should not automatically be cause for alarm. Typically this message is generated when cPanel performs an update check and discovers that local files are out of date, have become corrupted or have been updated outside of cPanel. Occasionally, it also can occur when both the 32- and 64-bit versions of a service have been installed.

This message will contain the filename of the package it found to be incomplete, corrupted or otherwise broken; running the command referenced in the message (/usr/local/cpanel/scripts/check_cpanel_rpms –fix) should result in it re-downloading the file successfully.

Please note that anytime updates are pushed to your server outside of cPanel, for example when an important security patch is applied to multiple servers simultaneously, this notice also can be triggered. The issue can be easily rectified by updating cPanel’s operating system packages, which support is happy to help with if you’re unable to run the command specified in the cPanel notification.

‘The cPanel & WHM update process failed’

WebHost Manager/cPanel by default checks for updates to its control panel each day. Due the number of servers running cPanel, there can be times when too many servers are checking in with cPanel’s update server simultaneously, causing the request to time out. And occasionally, the cPanel update server itself may be unreachable.

Whenever that happens, cPanel will alert you and automatically try again the next day. You can, however, manually force it to check for updates (and automatically install the update, if one is available) should you prefer not to wait.

You can find instructions for manually updating cPanel at How To Upgrade and Patch cPanel and WHM.

Should a manual update also fail, or should you receive consecutive update failure messages, please do not hesitate to contact our Heroic Support® team.

‘System integrity checking detected a modified system file’

The default notification preferences beginning in WHM/cPanel version 54 can cause this notification to be sent immediately following an update to cPanel/WHM itself.

This notification may alert you to “FAILED” md5sum comparison tests on any server software (and usually on several components at a time), but should not immediately be cause for alarm.

The server message is triggered any time a core file is changed, and makes it clear that it may be the result of an OS update or application upgrade. If you have automatic updates enabled in WHM, have manually updated cPanel/WHM, or have requested that it be updated for you, then you can safely ignore this message. If you don’t have automatic updates enabled and have not recently updated cPanel, please do not hesitate to contact our Heroic Support® team.

Disabling cPanel Notifications or Changing Alert Settings

You can configure settings for all the cPanel alerts you receive in WHM under Contact Manager in the Server Contacts section of the left menu.

The first tab, Communication Type, allows you to set the alert level that will trigger a notification to each of the communication methods: AIM, email, ICQ, Post to a URL, Pushbullet, or SMS.

The second tab, Notifications, allows you to set the minimum priority for each type of event, such as Service failures (ChkServd), Unmonitored Services, or Backup Successful, which will trigger a notification. You also can disable notifications for each event type using the dropdown menu under the Importance category.