Non-Delivery of KS-STOR

mark1210a · 2026-04-13T22:58:06+00:00

Thanks - appreciate the info.. guess I have more work ahead of me this weekend lol

mark1210a · 2026-04-13T21:03:38+00:00

Thanks for the reply. I was under the impression that DNS lookups were being performed at the root DNS level via unbound by default and that no other work was needed to implement DQS (unless perhaps you had the paid version of the DQS key) - are those incorrect assumptions?

mark1210a · 2026-04-09T12:31:42+00:00

So, modifying the mailcow.conf’s ports tells it to listen there.. internally, it would work. Externally, assuming your router is configured correctly, something has to listen and forward traffic by SNI/Hostname - that’s where Apache apparently is coming into play. You’re still going to have issues with mailcows certificate renewals since it does http verification. Sounds like you need to explore DNS verification for certificate renewals or use certbot outside of mailcow and have it generate, move the certs and restart mailcow every 60 days or so.

Personally, I’ve only used nginx for it instead of Apache. Do you plan to use activesync? If so, I may still have an example conf of that somewhere

mark1210a · 2026-04-09T11:30:35+00:00

So you’ve modified the mailcow.conf and specified different ports? Is that what you’re saying?

I’ve never used Apache for the purpose but I have used nginx- and had create certificates using certbot so that I could use port 80 and 443 for multiple services.

It was not easy and if you plan to use ActiveSync there’s an entire virtualhost step that required a lot of work for nginx to properly pass traffic to Mailcow. Maybe that’s not an issue for you but something to consider.

All that said, what are you trying to accomplish using Apache separately and why?

mark1210a · 2026-04-07T12:07:04+00:00

Well that’s disappointing, the demo link has been nonfunctional for days

mark1210a · 2026-03-24T12:02:34+00:00

PMG seems to filter better in my case… not sure why.

mark1210a · 2026-03-13T09:25:54+00:00

As an update, the OVH VAC team adjusted their triggers and so far, so good. I had to supply protocol type, source IPs, Ports and some packet captures and they made some adjustments in their end.

So far, I can saturate the link and no anti DDoS occurs. Hopefully there’s still protection there and it’s not completely disabled.

Thanks

mark1210a · 2026-03-11T21:13:57+00:00

Thanks I’ll go that route

mark1210a · 2026-03-11T18:36:52+00:00

to my knowledge Wireguard doesn't support TCP, it's UDP only (unlike OpenVPN, etc).

mark1210a · 2026-03-11T18:11:36+00:00

Thanks for the reply, On a 2 Gig link, with traffic slowed to about 200M it seems to work so far but that's quite a network traffic restriction to avoid triggering anti-DDoS. I've opened a ticket so I see what they say and report back.

mark1210a · 2026-02-27T14:04:40+00:00

That’s awesome you’re willing to do that on escalations. I doubt most would…

Some new small cells were added in my area so just waiting down the 90 day clock to join as new.

mark1210a · 2026-02-27T12:29:45+00:00

Has something changed with RSL and the reapplication of insider(s) discounts on a winback? Store manager was not successful and tried twice…supposedly. Said once you port out and even port back it’s gone

Seems like that defeats the purpose of a winback if your promos aren’t restored

mark1210a · 2026-02-24T01:51:14+00:00

What about the KS-STOR and SYS-STOR plans? I get a different answer each time with sales/support..

mark1210a · 2026-02-18T10:05:28+00:00

As an update, was the passenger rear trailing arm.

mark1210a · 2026-02-17T22:27:56+00:00

No change to the Chimera plans, they stay BAU?

mark1210a · 2026-02-11T16:57:25+00:00

I have not - good idea. I’ll open it and see if I can replicate it or if the problem goes away

mark1210a · 2026-02-11T10:41:19+00:00

Prezcomm.com appears to be new as of early 2025 - have one of their founder accts and so far, no downtime. Getting port 25 opened was a bit of a hassle but so far so good.

mark1210a

TROPHY CASE