I moved my maib to a new server (ubuntu 22.04) over a month ago and everything was running well. Today the ssl certificate ended. In my old installation it auto-renewed but now on the new server it did not.
I tried running the ssl_certificates.py script and get:
skipped: mail.zaksmail.com:
The domain name does not resolve to this machine: 2600:3c03::f03c:95ff:fe92:deaa (AAAA)
Maybe IPV6 is the problem Try disabling IPV6 temporaraly and provision manually.
Disable: wlp1s0.is my network interface yours might be some other name sudo sysctl -w net.ipv6.conf.wlp1s0.disable_ipv6=1
I added this to the sysctl.conf file:
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
rebooted and ran âssl_certificates.py mail.zaksmail.comâ and get:
skipped: mail.zaksmail.com:
The domain name does not resolve to this machine: 2600:3c03::f03c:95ff:fe92:deaa (AAAA).
If I go to googleâs toolbox lookup I get this for mail.zaksmail.com: AAAATTL:
1 hour DATA:
2600:3c03::f03c:95ff:fe92:deaa
The check that does this looks at /etc/mailinabox.conf. Whatâs the value of variable PUBLIC_IPV6? If it´s 2600:3c03::f03c:95ff:fe92:deaa, try setting it to nothing. If itâs not, set it to the value you get from DNS.
Also check the other settings for IP in this file.
Thanks - that worked. Funny that it ran fine for a month or two and with nothing changed except the certificate that was installed when I went to the box expired.
But - itâs working now.
Thank you very much for the help, I appreciate it.
leon âŚ
Ok, keep an eye on the Status checks page of the admin portal. It might warn you of other IP shenanigans.
Also, if you feel like diving into this a little bit deeper, can you try the following?
Change folder to your mailinabox installation, then cd management
Then run the following:
~/mailinabox/management$ /usr/local/lib/mailinabox/env/bin/python3
Python 3.10.12 (main, Feb 4 2025, 14:57:36) [GCC 11.4.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from status_checks import query_dns
>>> query_dns("mail.zaksmail.com", "AAAA")
...
>>> quit()
Iâm wondering what the output of the query_dns command is.
(the commands you type are: /usr/local/lib/mailinabox/env/bin/python3 from status_checks import query_dns query_dns("mail.zaksmail.com", "AAAA") quit()
the other stuff is the output you see)
Python 3.10.12 (main, Feb 4 2025, 14:57:36) [GCC 11.4.0] on linux
Type âhelpâ, âcopyrightâ, âcreditsâ or âlicenseâ for more information.
from status_checks import query_dns
query_dns(âmail.zaksmail.comâ, âAAAAâ)
â2600:3c03::f03c:95ff:fe92:deaaâ
quit
Use quit() or Ctrl-D (i.e. EOF) to exit
quit()
NEW root@mail:~/mailinabox/management#
Thatâs it, Iâm stumped Nothing else to try.
Like I said, keep an eye on the status checks, and in 60 days or so, see if the certificate renews properly.
It says it has a TTL 1 hour but yet it lives on other servers. I am wondaring if a mailinabox reinstall will sort everythng out.
If IPV6 is disabled and if you run mailinabox
Thatâs one of the first things I did but it was before disabling ipv6. It shouldnât hurt anything to try and run a reinstall. Iâll give it a try when I get back and let you know.
Nothing else to try.