Hi there, thank you for your message. Trace route just keeps saying “Request timed out” and the two domains are inaccesable but I can get into it by using the IP address. The diagnosis looks okay too, there are a few errors, but I don’t think they would cause this problem could they? Please find the log below.
=================================
Base system (basesystem)
[INFO] Server hardware architecture is kvm amd64
- Server model is QEMU Standard PC (Q35 + ICH9, 2009)
[INFO] Server is running Linux kernel 5.10.0-29-amd64
[INFO] Server is running Debian 11.9
[INFO] Server is running YunoHost 11.2.12 (stable)
- yunohost version: 11.2.12 (stable)
- yunohost-admin version: 11.2.6 (stable)
- moulinette version: 11.2.1 (stable)
- ssowat version: 11.2.1.1 (stable)
=================================
Internet connectivity (ip)
[SUCCESS] Domain name resolution is working!
[SUCCESS] The server is connected to the Internet through IPv4!
- Global IP: xx.xx.xx.xx
- Local IP: 192.168.7.218
=================================
DNS records (dnsrecords)
[SUCCESS] DNS records are correctly configured for domain domain3.tld (category basic)
[WARNING] Some DNS records are missing or incorrect for domain domain3.tld (category mail)
- Please check the documentation at DNS zone configuration | Yunohost Documentation if you need help configuring DNS records.
- The following DNS record does not seem to follow the recommended configuration:
Type: MX
Name: mysecondapp
Current value: [‘4 route1.mx.cloudflare.net.’, ‘98 route3.mx.cloudflare.net.’, ‘27 route2.mx.cloudflare.net.’]
Expected value: 10 domain3.tld.
- The following DNS record does not seem to follow the recommended configuration:
Type: TXT
Name: mysecondapp
Current value: “v=spf1 include:_spf.mx.cloudflare.net ~all”
Expected value: “v=spf1 a mx -all”
- According to the recommended DNS configuration, you should add a DNS record with the following info.
Type: TXT
Name: mail._domainkey.mysecondapp
Value: “v=DKIM1; h=sha256; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCzlv2u46JwVtnXbyVdnwaU3nlX6VoMIMMB5x1E5C8uyWyAo92vUjNDCQM/MqKXsCWipKd/W3xL7KOzV3wbxSLFjX4avV0Cw6Q/r2PFe5mQAaOpfOZoqXZ7BRDgGT3jxWgwSHeCdJIWbxt5RT/gobMqD5a+Qu+D0mIkbrST+NfwdQIDAQAB”
- According to the recommended DNS configuration, you should add a DNS record with the following info.
Type: TXT
Name: _dmarc.mysecondapp
Value: “v=DMARC1; p=none”
[WARNING] Some DNS records are missing or incorrect for domain domain3.tld (category extra)
- Please check the documentation at DNS zone configuration | Yunohost Documentation if you need help configuring DNS records.
- According to the recommended DNS configuration, you should add a DNS record with the following info.
Type: A
Name: *.mysecondapp
Value: xx.xx.xx.xx
- According to the recommended DNS configuration, you should add a DNS record with the following info.
Type: CAA
Name: mysecondapp
Value: 0 issue “letsencrypt.org”
[SUCCESS] DNS records are correctly configured for domain domain2.tld (category basic)
[WARNING] Some DNS records are missing or incorrect for domain domain2.tld (category mail)
- Please check the documentation at DNS zone configuration | Yunohost Documentation if you need help configuring DNS records.
- According to the recommended DNS configuration, you should add a DNS record with the following info.
Type: MX
Name: myfirstapp
Value: 10 domain2.tld.
- According to the recommended DNS configuration, you should add a DNS record with the following info.
Type: TXT
Name: myfirstapp
Value: “v=spf1 a mx -all”
- According to the recommended DNS configuration, you should add a DNS record with the following info.
Type: TXT
Name: mail._domainkey.myfirstapp
Value: “v=DKIM1; h=sha256; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDXx3sYxCsCSaZvJLf1F9zZrytF/JVlaHaNi8njXDWfB2IQOWdXVzC5L1CuZbkXQykcvWM3eibJ/rNWovb6wSauLsOYnPRz7FzEd3zZskfQ7FlwBV80mP0g10SB/7a2MNn0O/e2zRoSvN5xFpguw5D56bwn1Vjv2UX8SJ/YitUU4QIDAQAB”
- According to the recommended DNS configuration, you should add a DNS record with the following info.
Type: TXT
Name: _dmarc.myfirstapp
Value: “v=DMARC1; p=none”
[WARNING] Some DNS records are missing or incorrect for domain domain2.tld (category extra)
- Please check the documentation at DNS zone configuration | Yunohost Documentation if you need help configuring DNS records.
- According to the recommended DNS configuration, you should add a DNS record with the following info.
Type: A
Name: *.myfirstapp
Value: xx.xx.xx.xx
- According to the recommended DNS configuration, you should add a DNS record with the following info.
Type: CAA
Name: myfirstapp
Value: 0 issue “letsencrypt.org”
[SUCCESS] DNS records are correctly configured for domain domain4.tld (category basic)
[WARNING] Some DNS records are missing or incorrect for domain domain4.tld (category mail)
- Please check the documentation at DNS zone configuration | Yunohost Documentation if you need help configuring DNS records.
- According to the recommended DNS configuration, you should add a DNS record with the following info.
Type: MX
Name: upload
Value: 10 domain4.tld.
- According to the recommended DNS configuration, you should add a DNS record with the following info.
Type: TXT
Name: upload
Value: “v=spf1 a mx -all”
- According to the recommended DNS configuration, you should add a DNS record with the following info.
Type: TXT
Name: mail._domainkey.upload
Value: “v=DKIM1; h=sha256; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxqWjcqP0n5rHTTvLhrLOKj8b+HuJbVY2OgrxeHG2raj2RCo2ra/yN7jYD0QWSH66fw+2ET1TTA0WjotIeRPGxEyCKWBNvEIQ/sPdxcvp24Pqwb9AV6zEXAD7/nwWJvt8ZfogNPkuf/uYIFy6hWm9+GqtuKhm7h8c4O5tPPTEWHwIDAQAB”
- According to the recommended DNS configuration, you should add a DNS record with the following info.
Type: TXT
Name: _dmarc.upload
Value: “v=DMARC1; p=none”
[WARNING] Some DNS records are missing or incorrect for domain domain4.tld (category extra)
- Please check the documentation at DNS zone configuration | Yunohost Documentation if you need help configuring DNS records.
- According to the recommended DNS configuration, you should add a DNS record with the following info.
Type: A
Name: *.upload
Value: xx.xx.xx.xx
- According to the recommended DNS configuration, you should add a DNS record with the following info.
Type: CAA
Name: upload
Value: 0 issue “letsencrypt.org”
[SUCCESS] DNS records are correctly configured for domain maindomain.tld (category basic)
[SUCCESS] DNS records are correctly configured for domain maindomain.tld (category mail)
[SUCCESS] DNS records are correctly configured for domain maindomain.tld (category xmpp)
[SUCCESS] DNS records are correctly configured for domain maindomain.tld (category extra)
[SUCCESS] Your domains are registered and not going to expire anytime soon.
=================================
Ports exposure (ports)
[SUCCESS] Port 22 is reachable from the outside.
- Exposing this port is needed for admin features (service ssh)
[SUCCESS] Port 25 is reachable from the outside.
- Exposing this port is needed for email features (service postfix)
[SUCCESS] Port 80 is reachable from the outside.
- Exposing this port is needed for web features (service nginx)
[SUCCESS] Port 443 is reachable from the outside.
- Exposing this port is needed for web features (service nginx)
[SUCCESS] Port 587 is reachable from the outside.
- Exposing this port is needed for email features (service postfix)
[SUCCESS] Port 993 is reachable from the outside.
- Exposing this port is needed for email features (service dovecot)
[SUCCESS] Port 5222 is reachable from the outside.
- Exposing this port is needed for xmpp features (service metronome)
[SUCCESS] Port 5269 is reachable from the outside.
- Exposing this port is needed for xmpp features (service metronome)
=================================
Web (web)
[SUCCESS] Domain domain3.tld is reachable through HTTP from outside the local network.
[SUCCESS] Domain domain2.tld is reachable through HTTP from outside the local network.
[SUCCESS] Domain domain4.tld is reachable through HTTP from outside the local network.
[SUCCESS] Domain maindomain.tld is reachable through HTTP from outside the local network.
=================================
Email (mail)
[SUCCESS] The SMTP mail server is able to send emails (outgoing port 25 is not blocked).
[SUCCESS] The SMTP mail server is reachable from the outside and therefore is able to receive emails!
[ERROR] Reverse DNS is not correctly configured for IPv4. Some emails may fail to get delivered or be flagged as spam.
- Current reverse DNS: MYDNS
Expected value: maindomain.tld
- You should first try to configure reverse DNS with maindomain.tld in your internet router interface or your hosting provider interface. (Some hosting providers may require you to send them a support ticket for this).
- Some providers won’t let you configure your reverse DNS (or their feature might be broken…). If you are experiencing issues because of this, consider the following solutions:
- Some ISP provide the alternative of using a mail server relay though it implies that the relay will be able to spy on your email traffic.
- A privacy-friendly alternative is to use a VPN with a dedicated public IP to bypass this kind of limits. See Advantage of a VPN for self-hosting | Yunohost Documentation
- Or it’s possible to switch to a different provider
[ERROR] Your IP or domain xx.xx.xx.xx is blacklisted on Spamhaus ZEN
[SUCCESS] 0 pending emails in the mail queues
=================================
Services status check (services)
[SUCCESS] Service dnsmasq is running!
[SUCCESS] Service dovecot is running!
[SUCCESS] Service fail2ban is running!
[SUCCESS] Service filebrowser is running!
[SUCCESS] Service filebrowser__2 is running!
[SUCCESS] Service metronome is running!
[SUCCESS] Service mysql is running!
[SUCCESS] Service nginx is running!
[SUCCESS] Service php7.4-fpm is running!
[SUCCESS] Service php8.2-fpm is running!
[SUCCESS] Service postfix is running!
[SUCCESS] Service redis-server is running!
[SUCCESS] Service rspamd is running!
[SUCCESS] Service slapd is running!
[SUCCESS] Service ssh is running!
[SUCCESS] Service yunohost-api is running!
[SUCCESS] Service yunohost-firewall is running!
[SUCCESS] Service yunomdns is running!
=================================
System resources (systemresources)
[SUCCESS] The system still has 11 GiB (93%) RAM available out of 12 GiB.
[SUCCESS] The system has 976 MiB of swap!
- Please be careful and aware that if the server is hosting swap on an SD card or SSD storage, it may drastically reduce the life expectancy of the device.
[SUCCESS] Storage / (on device /dev/mapper/system-root) still has 461 GiB (99.2%) space left (out of 465 GiB)!
[SUCCESS] Storage /boot (on device /dev/sda1) still has 109 MiB (51%) space left (out of 213 MiB)!
=================================
System configurations (regenconf)
[SUCCESS] All configuration files are in line with the recommended configuration!
=================================
Applications (apps)
[SUCCESS] All installed apps respect basic packaging practices