Using mail.domain.tld as in and outgoing email. So you can cache domain.tld with the cloudflare proxy

botw44 · December 12, 2022, 5:30pm

SYSTEM INFORMATION
OS type and version	REQUIRED
Webmin version	REQUIRED
Virtualmin version	REQUIRED
Related packages	SUGGESTED

Distributor ID:	Debian
Description:	Debian GNU/Linux 11 (bullseye)
Release:	11
Codename:	bullseye

Webmin version 	2.001
Usermin version 	1.860
Virtualmin version 	7.3-1  
Authentic theme version 	20.01.1:5

So Virtualmin together with Cloudflare is a nice way to set up your servers.

There are a few pain points:

When using the proxy they will block port :10000.
When using mail.domain.tld as IMAP it will still use domain.tld as a certificate

[000.891] 		STARTTLS command works on this server
[001.119] 		Connection converted to SSL
		SSLVersion in use: TLSv1_3
		Cipher in use: TLS_AES_256_GCM_SHA384
		Perfect Forward Secrecy: yes
		Session Algorithm in use: Curve X25519 DHE(253 bits)
		Certificate #1 of 4 (sent by MX):
		Cert VALIDATED: ok
		Cert Hostname DOES NOT VERIFY (mail.nerd.host != nerd.host | DNS:nerd.host)
		So email is encrypted but the host is not verified

Are there any solutions for these problems?

botw44 · December 21, 2022, 1:41pm

To change the port of virtualmin that is easy there is even a youtube tutorial for this:

I used port 8443 as descibed at cloudflare that is okay:

So the question remains how to route all email trough mail.domain.tld instead of domain.tld

Ilia · December 22, 2022, 6:27pm

Use your local hosts file to point your actual server’s IP to your domain.

grant-1972 · December 23, 2022, 12:55pm

I would agree with this. I use Cloudflare for DNS and the first time I login with IP and port 10000 I go to a setting in Webmin and change the port for VM for one of the ports that Cloudflare does allow. That fixes the problem for me.

system · February 21, 2023, 12:56pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.