# Session Log — Western Tire (westerntire.com) **Date:** 2026-04-22 **Duration:** Multi-hour session **Type:** Client work — email server migration ## User - **User:** Mike Swanson (mike) - **Machine:** DESKTOP-0O8A1RL - **Role:** admin --- ## Session Summary Completed full email migration for westerntire.com from websvr.acghosting.com to IX (ix.azcomputerguru.com). Work involved account transfer verification, Mailprotector configuration, DNS management, web redirect setup, and user notification. --- ## Infrastructure ### Servers | Server | Hostname | IP | Role | |---|---|---|---| | websvr | websvr.acghosting.com | 162.248.93.81 | Old cPanel host (email was here) | | IX | ix.azcomputerguru.com | 72.194.62.5 | New cPanel host (email now here) | ### Credentials - **websvr SSH:** root / `r3tr0gradE99#` - **IX SSH:** root / `Gptf*77ttb!@#!@#` - **Mailprotector admin:** (managed via Mailprotector portal) ### DNS - **Nameservers:** ns1.azcomputerguru.com, ns2.azcomputerguru.com (authoritative, PowerDNS on websvr) - **A record:** 72.194.62.5 (IX) — TTL 300 - **MX:** `10 westerntire-com.inbound.emailservice.io` (Mailprotector, unchanged) - **SPF:** `v=spf1 +a +mx +ip4:162.248.93.233 +ip4:72.194.62.5 +ip4:184.187.220.69 +include:spf.us.emailservice.io +ip4:72.194.188.146 +ip4:162.248.93.185 +ip4:173.201.39.86 ~all` - **DKIM:** default._domainkey (generated by IX during transfer) - **DMARC:** `v=DMARC1; p=none; rua=mailto:sysadmin@azcomputerguru.com` - **Zone TTL:** 300s (lowered from 14400 this session for easier future changes) ### SSL - Wildcard cert `*.westerntire.com` from Let's Encrypt, valid to 2026-05-30 - Dovecot SNI configured: `mail.westerntire.com` and `*.westerntire.com` → `/var/cpanel/ssl/domain_tls/mail.westerntire.com/combined` --- ## Work Completed ### 1. cpmove Transfer Verification Account `westernt` fully landed on IX: - Home directory: 62GB - Mailboxes present: 30 accounts under westerntire.com - public_html: present (ancient files from 2006-2008 + .htaccess added manually — see below) - MySQL: no databases found under `westernt%` — account does not use MySQL - Confirmed via: `/var/cpanel/users/westernt`, `/etc/localdomains` on IX, DKIM key present at `/var/cpanel/domain_keys/private/westerntire.com` ### 2. DNS Management **Zone backup saved to:** `clients/western-tire/dns-backups/westerntire.com.db.2026-04-22.bak` cpmove had auto-changed the westerntire.com A record from 162.248.93.81 (websvr) to 72.194.62.5 (IX). Initially reverted it to confirm websvr was still correct for web hosting, then after confirming .htaccess redirect was in place on IX, intentionally set A record back to IX. Zone file location on websvr: `/var/named/westerntire.com.db` Reload command: `pdns_control bind-reload-now westerntire.com` Historical zone file backups on websvr: - `/var/named/Backup 2025/westerntire.com.db` (serial 2024122801) - `/var/named/backup/westerntire.com.db` (serial 2024080500) ### 3. Mailprotector Configuration on IX **Files modified:** `/etc/mailprotector_domains`: ``` # MailProtector domains devconllc.com desertrat.com westerntire.com ``` `/etc/exim.conf.local` — smarthost router and relay transport: ``` mailprotector_smarthost: driver = manualroute domains = !+local_domains condition = ${if exists{/etc/mailprotector_domains}{${lookup{$sender_address_domain}lsearch{/etc/mailprotector_domains}{yes}{no}}}{no}} transport = mailprotector_relay route_data = ${tr{$sender_address_domain}{.}{-}}.outbound.emailservice.io mailprotector_relay: driver = smtp port = 25 dkim_domain = ${lookup{$sender_address_domain}lsearch{/etc/localdomains}{$value}{}} dkim_selector = default dkim_private_key = ${lookup{$sender_address_domain}dsearch{/var/cpanel/domain_keys/private}{$value}{}} dkim_canon = relaxed ``` Note: `${tr{}{.}{-}}` used instead of `${sg{}{\\\.}{-}}` because WHM buildeximconf strips backslash levels from exim.conf.local, breaking the sg regex approach. Note: `dsearch` used for DKIM private key path (returns untainted value), avoiding exim 4.94+ tainted data restriction on `$sender_address_domain` in file paths. `/etc/skipsmtpcheckhosts` — all 50 Mailprotector inbound relay IPs added (spf01/spf02.us.emailservice.io ranges). **Mailprotector admin:** - Delivery server changed from `162.248.93.81` (websvr) to `72.194.62.5` (IX) — done manually in portal during this session **Outbound test:** ``` accounting@westerntire.com → westerntire-com.outbound.emailservice.io → mike@azcomputerguru.com Result: 250 2.0.0 Ok: queued as 9AEFC7E015 ``` **Inbound confirmed:** - Live mail arriving at IX from `transport-3.inbound.emailservice.io [52.0.74.211]` at 18:59 ### 4. Web Redirect (.htaccess) westerntire.com 301-redirects to `jackfurriers.com` (with 's' — Jack Furrier's Tire). The .htaccess existed on websvr but was absent from IX after cpmove (file was added/modified after the cpmove archive was built). Added to IX at `/home/westernt/public_html/.htaccess`: ``` RewriteEngine on RewriteCond %{HTTP_HOST} ^.*$ RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$ RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$ RewriteRule ^.*$ "http://jackfurriers.com" [R=301,L] # php -- BEGIN cPanel-generated handler, do not edit AddHandler application/x-httpd-ea-php80 .php .php8 .phtml # php -- END cPanel-generated handler, do not edit ``` ### 5. jackfurrier.com / jackfurriers.com Notes - `jackfurrier.com` (no 's') — live DNS uses Cloudflare + Google Workspace MX. Not on our servers. - `/etc/vdomainaliases/jackfurrier.com` on IX: `jackfurrier.com : westerntire.net` — dormant alias, no inbound mail comes to our servers for this domain - `jackfurriers.com` (with 's') — the actual redirect target from westerntire.com .htaccess. Their main brand site. ### 6. WHM Service Forwarding (websvr) cpmove automatically configured forwarding on websvr: - `/etc/manualmx`: `westerntire.com: ix.azcomputerguru.com` - `/etc/remotedomains`: `westerntire.com` present - WHM service proxy backends: general (72-194-62-5.cprapid.com) + Mail (ix.azcomputerguru.com) - Mail arriving at websvr during DNS lag is forwarded to IX ### 7. User Notification HTML email setup guide created and sent: - Guide file: `clients/western-tire/email-setup-guide.html` - Markdown source: `clients/western-tire/email-setup-guide.md` - Sent from: `support@azcomputerguru.com` via IX exim - Subject: "Important: Update Your Email Settings" - Sent to 23 real user accounts (excluded: donotreply, storealert, integrilogic, receipts, payslips, programs, inventory) New server settings in guide: - IMAP: mail.westerntire.com:993 SSL/TLS - POP3: mail.westerntire.com:995 SSL/TLS - SMTP: mail.westerntire.com:587 STARTTLS - Username: full email address, password unchanged - Webmail: https://mail.westerntire.com Guide includes Gmail-specific section (POP3 fetcher + Send Mail As SMTP update) since many users use Gmail to send/receive westerntire.com mail, same pattern as desertrat.com. ### 8. Syncro Ticket - **Ticket #32199** (ID: 109325058) — "Email migration - websvr to IX (westerntire.com)" - Customer: Western Tire (Mike Furrier, customer_id 391491) - Status: Waiting on Customer - Priority: Normal, assigned to Mike Swanson (1735) - Internal hidden comment added with full migration notes - No billing added yet Note: A duplicate ticket #32198 was inadvertently created and deleted. --- ## Mailbox List (westerntire.com on IX) Real user accounts: `accounting, admin, ap, ap2, ar, chloe, fduarte, heather, jack, jack.furrier, jack_ritter, karen_dwornik, k_crespo, m_bouck, millie_scott, pat_wallace, payroll, pete, purchasing, rachel_riggs, rick, sean, work` Automated/system (not notified): `donotreply, storealert, integrilogic, receipts, payslips, programs, inventory` Large unread counts (likely accumulated, not migration artifact — infrequently checked accounts): - jack.furrier: 737 unread - pat_wallace: 385 unread - millie_scott: 466 unread - jack_ritter: 144 unread - rachel_riggs: 111 unread --- ## Pending Tasks - Monitor for user mail client issues after receiving the setup guide - Bill ticket #32199 when scope is confirmed - westerntire.com SSL cert expires 2026-05-30 — AutoSSL should renew but worth checking - Consider updating Syncro customer properties: "DNS Detail" field still says "Email is on Websvr" — should be updated to reflect IX --- ## Key File Paths | Path | Server | Purpose | |---|---|---| | `/var/named/westerntire.com.db` | websvr | Authoritative DNS zone | | `/etc/exim.conf.local` | IX | Mailprotector relay config | | `/etc/mailprotector_domains` | IX | Domains using Mailprotector outbound | | `/etc/skipsmtpcheckhosts` | IX | Mailprotector inbound IPs bypass | | `/home/westernt/public_html/.htaccess` | IX | Redirect to jackfurriers.com | | `/etc/manualmx` | websvr | Service forwarding to IX | | `/var/cpanel/domain_keys/private/westerntire.com` | IX | DKIM private key | | `clients/western-tire/dns-backups/westerntire.com.db.2026-04-22.bak` | local | Zone backup | | `clients/western-tire/email-setup-guide.html` | local | User notification guide |