My Directadmin setup

R

rroethof

Active Member
Nov 22, 2017
7
2
43
46
I saw a lot of methods for directadmin on the forum, but none realy helped me unfortunatly.
As I figured out my personal method for using PMG in combination with DA, I wanted to post my method here, maybe it can help some future users :)

  1. As per standard, I added the IP's of my DA servers in the mynetworks part of PMG, so all mail coming from my DA servers is at least accepted on PMG.
  2. I created a DKIM record in https://PMG:8006/#pmgMailProxyConfiguration:dkim
    with the settings below so that the PMG signs all outgoing mail with DKIM
    1641021798324.png
  3. I added the ssh keys of the DA servers to the PMG servers (limited to the DA IP's) 192 is obvious not my IP ;)
    Code: 
    root@pmg:~# cat .ssh/authorized_keys
from="192.168.0.1" ssh-rsa ...
  4. Now comes the DA tricky part, I had to create a few scripts in DA...
    Code: 
    cd /usr/local/directadmin/scripts/custom
mkdir domain_change_post
mkdir domain_create_post
mkdir domain_destroy_post

    Replace PMG with the hostname of your PMG server
    Replace DA with the hostname of your DA server

    file : domain_change_post/mx02-transport.sh
    Code: 
    #!/bin/sh
echo "Removing $domain from PMG transport map"
ssh PMG /usr/bin/pmgsh delete /config/transport/$domain

echo "Adding $newdomain to PMG transport map"
ssh PMG /usr/bin/pmgsh create /config/transport --domain $newdomain --host DA --comment DA_user_$username

    file : domain_change_post/mx02-relay.sh
    Code: 
    #!/bin/sh
echo "Removing $domain from PMG relay list"
ssh PMG /usr/bin/pmgsh delete /config/domains/$domain

echo "Adding $newdomain to PMG relay list"
ssh PMG /usr/bin/pmgsh create /config/domains --domain $newdomain --comment DA_user_$username

    file : domain_create_post/mx02-transport.sh
    Code: 
    #!/bin/sh
echo "Adding $domain to PMG transport map"
ssh PMG  /usr/bin/pmgsh create /config/transport --domain $domain --host DA --comment DA_user_$username

    file : domain_create_post/mx02-dkim.sh
    Code: 
    #!/bin/sh
echo "Adding $domain to PMG DKIM list"
ssh PMG  /usr/bin/pmgsh create /config/dkim/domains --domain $domain --comment DA_user_$username

    file : domain_create_post/mx02-relay.sh
    Code: 
    #!/bin/sh
echo "Adding $domain to PMG relay list"
ssh PMG  /usr/bin/pmgsh create /config/domains --domain $domain --comment DA_user_$username

    file : domain_destroy_post/mx02-transport.sh
    Code: 
    #!/bin/sh
echo "Removing $domain from PMG transport map"
ssh PMG /usr/bin/pmgsh delete /config/transport/$domain

    file : domain_destroy_post/mx02-relay.sh
    Code: 
    #!/bin/sh
echo "Removing $domain from PMG relay list"
ssh PMG /usr/bin/pmgsh delete /config/domains/$domain
  5. Finally, add the IP's of your PMG servers to the DA server in
    /etc/virtual/whitelist_hosts_ip

    That way, you don't get bullshit on your DA server with SPF rejects..
It's not perfect, I know... It's not finished, or at least,it could be polished up.
But it works, we can create domains in DirectAdmin and not have to worry about manually adding stuff to PMG.
For now, it works realy nice, when people find this usefull and when I make changes, I can post the changes here too :)


Greetz,

Ronny
 
  • Like
Reactions: Wadera and H.c.K
Hi Ronny,

Thank you for informations. I will try it my systems and share the results.
 
rroethof said:
I saw a lot of methods for directadmin on the forum, but none realy helped me unfortunatly.
As I figured out my personal method for using PMG in combination with DA, I wanted to post my method here, maybe it can help some future users :)

  1. As per standard, I added the IP's of my DA servers in the mynetworks part of PMG, so all mail coming from my DA servers is at least accepted on PMG.
  2. I created a DKIM record in https://PMG:8006/#pmgMailProxyConfiguration:dkim
    with the settings below so that the PMG signs all outgoing mail with DKIM
    View attachment 32830
  3. I added the ssh keys of the DA servers to the PMG servers (limited to the DA IP's) 192 is obvious not my IP ;)
    Code: 
    root@pmg:~# cat .ssh/authorized_keys
from="192.168.0.1" ssh-rsa ...
  4. Now comes the DA tricky part, I had to create a few scripts in DA...
    Code: 
    cd /usr/local/directadmin/scripts/custom
mkdir domain_change_post
mkdir domain_create_post
mkdir domain_destroy_post

    Replace PMG with the hostname of your PMG server
    Replace DA with the hostname of your DA server

    file : domain_change_post/mx02-transport.sh
    Code: 
    #!/bin/sh
echo "Removing $domain from PMG transport map"
ssh PMG /usr/bin/pmgsh delete /config/transport/$domain

echo "Adding $newdomain to PMG transport map"
ssh PMG /usr/bin/pmgsh create /config/transport --domain $newdomain --host DA --comment DA_user_$username

    file : domain_change_post/mx02-relay.sh
    Code: 
    #!/bin/sh
echo "Removing $domain from PMG relay list"
ssh PMG /usr/bin/pmgsh delete /config/domains/$domain

echo "Adding $newdomain to PMG relay list"
ssh PMG /usr/bin/pmgsh create /config/domains --domain $newdomain --comment DA_user_$username

    file : domain_create_post/mx02-transport.sh
    Code: 
    #!/bin/sh
echo "Adding $domain to PMG transport map"
ssh PMG  /usr/bin/pmgsh create /config/transport --domain $domain --host DA --comment DA_user_$username

    file : domain_create_post/mx02-dkim.sh
    Code: 
    #!/bin/sh
echo "Adding $domain to PMG DKIM list"
ssh PMG  /usr/bin/pmgsh create /config/dkim/domains --domain $domain --comment DA_user_$username

    file : domain_create_post/mx02-relay.sh
    Code: 
    #!/bin/sh
echo "Adding $domain to PMG relay list"
ssh PMG  /usr/bin/pmgsh create /config/domains --domain $domain --comment DA_user_$username

    file : domain_destroy_post/mx02-transport.sh
    Code: 
    #!/bin/sh
echo "Removing $domain from PMG transport map"
ssh PMG /usr/bin/pmgsh delete /config/transport/$domain

    file : domain_destroy_post/mx02-relay.sh
    Code: 
    #!/bin/sh
echo "Removing $domain from PMG relay list"
ssh PMG /usr/bin/pmgsh delete /config/domains/$domain
  5. Finally, add the IP's of your PMG servers to the DA server in
    /etc/virtual/whitelist_hosts_ip

    That way, you don't get bullshit on your DA server with SPF rejects..
It's not perfect, I know... It's not finished, or at least,it could be polished up.
But it works, we can create domains in DirectAdmin and not have to worry about manually adding stuff to PMG.
For now, it works realy nice, when people find this usefull and when I make changes, I can post the changes here too :)


Greetz,

Ronny
Click to expand...
Hi, how did you solve it with those who have outgoing mail on another server? Those who use PMG incoming and outgoing, but have mail on another server, the transport creates a loop with DA that if the local mail server is disabled.
 
rroethof said:
I saw a lot of methods for directadmin on the forum, but none realy helped me unfortunatly.
As I figured out my personal method for using PMG in combination with DA, I wanted to post my method here, maybe it can help some future users :)

  1. As per standard, I added the IP's of my DA servers in the mynetworks part of PMG, so all mail coming from my DA servers is at least accepted on PMG.
  2. I created a DKIM record in https://PMG:8006/#pmgMailProxyConfiguration:dkim
    with the settings below so that the PMG signs all outgoing mail with DKIM
    View attachment 32830
  3. I added the ssh keys of the DA servers to the PMG servers (limited to the DA IP's) 192 is obvious not my IP ;)
    Code: 
    root@pmg:~# cat .ssh/authorized_keys
from="192.168.0.1" ssh-rsa ...
  4. Now comes the DA tricky part, I had to create a few scripts in DA...
    Code: 
    cd /usr/local/directadmin/scripts/custom
mkdir domain_change_post
mkdir domain_create_post
mkdir domain_destroy_post

    Replace PMG with the hostname of your PMG server
    Replace DA with the hostname of your DA server

    file : domain_change_post/mx02-transport.sh
    Code: 
    #!/bin/sh
echo "Removing $domain from PMG transport map"
ssh PMG /usr/bin/pmgsh delete /config/transport/$domain

echo "Adding $newdomain to PMG transport map"
ssh PMG /usr/bin/pmgsh create /config/transport --domain $newdomain --host DA --comment DA_user_$username

    file : domain_change_post/mx02-relay.sh
    Code: 
    #!/bin/sh
echo "Removing $domain from PMG relay list"
ssh PMG /usr/bin/pmgsh delete /config/domains/$domain

echo "Adding $newdomain to PMG relay list"
ssh PMG /usr/bin/pmgsh create /config/domains --domain $newdomain --comment DA_user_$username

    file : domain_create_post/mx02-transport.sh
    Code: 
    #!/bin/sh
echo "Adding $domain to PMG transport map"
ssh PMG  /usr/bin/pmgsh create /config/transport --domain $domain --host DA --comment DA_user_$username

    file : domain_create_post/mx02-dkim.sh
    Code: 
    #!/bin/sh
echo "Adding $domain to PMG DKIM list"
ssh PMG  /usr/bin/pmgsh create /config/dkim/domains --domain $domain --comment DA_user_$username

    file : domain_create_post/mx02-relay.sh
    Code: 
    #!/bin/sh
echo "Adding $domain to PMG relay list"
ssh PMG  /usr/bin/pmgsh create /config/domains --domain $domain --comment DA_user_$username

    file : domain_destroy_post/mx02-transport.sh
    Code: 
    #!/bin/sh
echo "Removing $domain from PMG transport map"
ssh PMG /usr/bin/pmgsh delete /config/transport/$domain

    file : domain_destroy_post/mx02-relay.sh
    Code: 
    #!/bin/sh
echo "Removing $domain from PMG relay list"
ssh PMG /usr/bin/pmgsh delete /config/domains/$domain
  5. Finally, add the IP's of your PMG servers to the DA server in
    /etc/virtual/whitelist_hosts_ip

    That way, you don't get bullshit on your DA server with SPF rejects..
It's not perfect, I know... It's not finished, or at least,it could be polished up.
But it works, we can create domains in DirectAdmin and not have to worry about manually adding stuff to PMG.
For now, it works realy nice, when people find this usefull and when I make changes, I can post the changes here too :)


Greetz,

Ronny
Click to expand...
Is this currently still working after directadmin updates? Or are you currently no longer using this
 
I get this issue after create a user:


HTML: 
Script output: domain_destroy_post.sh
sh: /usr/local/directadmin/scripts/custom/domain_destroy_post/mx02-relay.sh: Permission denied

sh: /usr/local/directadmin/scripts/custom/domain_destroy_post/mx02-transport.sh: Permission denied
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back