---
type: client
name: western-tire
display_name: Western Tire
last_compiled: 2026-05-24
compiled_by: DESKTOP-0O8A1RL/claude-main
sources:
  - clients/western-tire/session-logs/2026-04-22-session.md
---

# Western Tire

## Overview

- **Business type:** Tire retail/service (westerntire.com). Website redirects to jackfurriers.com — Jack Furrier's Tire is the active brand.
- **Syncro Customer ID:** 391491 (Mike Furrier — same record as the Furrier client)
- **Billing model:** Time and materials [unverified — ticket not yet billed as of session end]
- **Billing rate:** Unknown
- **Contract status:** Unknown

> Note: Western Tire and the Furrier client share Syncro customer ID 391491 (Mike Furrier). See [[wiki/clients/furrier.md]].

## Contacts

| Name | Role | Notes |
|---|---|---|
| Mike Furrier | Owner | Primary contact; owns Western Tire and Desert Rat |

### Mailbox users (westerntire.com, 23 notified)

`accounting, admin, ap, ap2, ar, chloe, fduarte, heather, jack, jack.furrier, jack_ritter, karen_dwornik, k_crespo, m_bouck, millie_scott, pat_wallace, payroll, pete, purchasing, rachel_riggs, rick, sean, work`

System/automated (not notified): `donotreply, storealert, integrilogic, receipts, payslips, programs, inventory`

## Infrastructure

### Mail servers

| Server | Hostname | IP | Role | Status |
|---|---|---|---|---|
| IX (current) | ix.azcomputerguru.com | 72.194.62.5 | cPanel email host (new) | Active — all westerntire.com mail lands here |
| websvr (old) | websvr.acghosting.com | 162.248.93.81 | Old cPanel host | Decommissioned for westerntire.com mail; still authoritative DNS; forwards arriving mail to IX during DNS lag |

> [WARNING] Session log contained plaintext SSH credentials for websvr and IX. Use vault only: `vault.sh get-field infrastructure/websvr` and `vault.sh get-field infrastructure/ix`.

### IX — cPanel account

- **cPanel account:** westernt
- **Home dir:** 62 GB
- **Mailboxes:** 30 accounts under westerntire.com
- **MySQL:** None (account does not use MySQL)
- **SSL:** Wildcard `*.westerntire.com` from Let's Encrypt, valid to 2026-05-30 (AutoSSL should renew)

### Key file paths on IX

| Path | Purpose |
|---|---|
| `/etc/exim.conf.local` | Mailprotector relay config (smarthost router + relay transport) |
| `/etc/mailprotector_domains` | Domains using Mailprotector outbound (westerntire.com added) |
| `/etc/skipsmtpcheckhosts` | Mailprotector inbound IPs bypass (50 IPs added) |
| `/home/westernt/public_html/.htaccess` | 301 redirect to jackfurriers.com |
| `/var/cpanel/domain_keys/private/westerntire.com` | DKIM private key |

### Key file paths on websvr

| Path | Purpose |
|---|---|
| `/var/named/westerntire.com.db` | Authoritative DNS zone (PowerDNS) |
| `/etc/manualmx` | Service forwarding → ix.azcomputerguru.com |
| `/etc/remotedomains` | westerntire.com listed as remote domain |

### Local artifacts

| Path | Purpose |
|---|---|
| `clients/western-tire/dns-backups/westerntire.com.db.2026-04-22.bak` | Pre-migration DNS zone backup |
| `clients/western-tire/email-setup-guide.html` | User notification email (sent 2026-04-22) |
| `clients/western-tire/email-setup-guide.md` | Markdown source for above |

## Network

### DNS (westerntire.com)

- **Nameservers:** ns1.azcomputerguru.com, ns2.azcomputerguru.com (PowerDNS on websvr — ACG-authoritative)
- **A record:** 72.194.62.5 (IX) — TTL 300
- **MX:** `10 westerntire-com.inbound.emailservice.io` (Mailprotector — unchanged during migration)
- **SPF:** `v=spf1 +a +mx +ip4:162.248.93.233 +ip4:72.194.62.5 +ip4:184.187.220.69 +include:spf.us.emailservice.io +ip4:72.194.188.146 +ip4:162.248.93.185 +ip4:173.201.39.86 ~all`
- **DKIM:** `default._domainkey` (generated by IX during transfer)
- **DMARC:** `v=DMARC1; p=none; rua=mailto:sysadmin@azcomputerguru.com`
- **Zone TTL:** 300s (lowered from 14400 this session)

### jackfurrier.com / jackfurriers.com

- `jackfurriers.com` (with 's') — active redirect target from westerntire.com .htaccess. Main brand site; not on ACG servers.
- `jackfurrier.com` (no 's') — DNS via Cloudflare + Google Workspace MX. Not on ACG servers.
- `/etc/vdomainaliases/jackfurrier.com` on IX: `jackfurrier.com : westerntire.net` — dormant alias, no active inbound.

## Cloud / M365

*(not documented)*

## GuruRMM

*(not documented)*

## Active Projects / Open Items

| Priority | Item | Owner |
|---|---|---|
| P1 | Monitor for user mail client issues after email setup guide was sent (new IMAP/SMTP settings) | Mike |
| P2 | Bill ticket #32199 when scope is confirmed | Mike |
| P2 | westerntire.com SSL cert (`*.westerntire.com`) expires 2026-05-30 — verify AutoSSL renewed | Mike |
| P3 | Update Syncro customer property "DNS Detail" field — currently says "Email is on Websvr" (now IX) | Mike |

### User mail client settings (from setup guide sent 2026-04-22)

- **IMAP:** mail.westerntire.com:993 SSL/TLS
- **POP3:** mail.westerntire.com:995 SSL/TLS
- **SMTP:** mail.westerntire.com:587 STARTTLS
- **Username:** full email address; password unchanged
- **Webmail:** https://mail.westerntire.com

## Key Events / History

### 2026-04-22 — Full email migration websvr → IX

**Syncro ticket #32199** (ID: 109325058) — Status: Waiting on Customer. Not yet billed.

Migration completed in one session:
1. Verified cpmove account transfer (62 GB home dir, 30 mailboxes) on IX.
2. Managed DNS A record transition (websvr → IX); backed up zone file.
3. Configured Mailprotector SBR on IX (`/etc/mailprotector_domains`, exim smarthost router).
4. Added all 50 Mailprotector inbound IPs to `/etc/skipsmtpcheckhosts` on IX.
5. Updated Mailprotector admin portal delivery server from 162.248.93.81 to 72.194.62.5.
6. Added missing `.htaccess` 301 redirect to jackfurriers.com on IX (was absent post-cpmove).
7. Confirmed websvr service forwarding in place for DNS lag period.
8. Sent HTML email setup guide to 23 real user accounts.

Outbound test confirmed: `accounting@westerntire.com → westerntire-com.outbound.emailservice.io` — 250 OK.
Inbound confirmed: live mail arriving from Mailprotector inbound relay at 18:59.

A duplicate ticket #32198 was inadvertently created and deleted.

### Accounts with high unread counts (pre-existing, not migration artifact)

- jack.furrier: 737 unread
- millie_scott: 466 unread
- pat_wallace: 385 unread
- jack_ritter: 144 unread
- rachel_riggs: 111 unread

## Anti-Patterns / Warnings

- [WARNING] Plaintext SSH credentials for websvr and IX appeared in session log. Always retrieve from vault — never hardcode.
- [WARNING] SSL cert `*.westerntire.com` expires 2026-05-30 — check AutoSSL renewal immediately if it's past that date.
- Do NOT use `${sg{}{\\\.}{-}}` in exim.conf.local on WHM servers — WHM buildeximconf strips backslash levels and breaks the regex. Use `${tr{}{.}{-}}` instead.
- Do NOT use tainted `$sender_address_domain` directly in file path lookups in exim 4.94+ — use `dsearch` (returns untainted value) for DKIM private key paths.
- Do NOT look for westerntire.com mail on websvr — migration is complete; mail lives on IX.
- Syncro "DNS Detail" field is stale — it still says "Email is on Websvr" as of 2026-04-22.

## Backlinks

- [[wiki/clients/furrier.md]] — Same Syncro customer (Mike Furrier, ID 391491); desertrat.com email infrastructure on same websvr