I’ve been using SpamControl (http://www.fehcom.de/qmail/spamcontrol.html) in Qmail for a long time. But recently I came across a feature that’s just awesome. When you have SpamControl patch applied to your Qmail you can use some Control files to Control the flow of emails. Such a Control file is badmailfrom which normally resides in /var/qmail/control. Using this file we can reject any envelope sender. Very recently I found out that we can Reject email having From email address of your own domain but Originated from different source which is called Mail address spoofing. Normally it’s used to send Virus / Trojan / Ransomware. When you use this feature Mails having From@yourdomain.tld and having Relay entries in /etc/tcp.smtp will only be delivered and others will be Rejected. So Any Mail from Other IP’s which are not mentioned in the /etc/tcp.smtp and having From@yourdomain.tld will be rejected. I have implemented this and working for over a month now. Hope this will help someone else as well.

Sample badmailfrom file :

*@abc.net
!info@abc.net
@mydomain.tld+

This will reject all mail from abc.net except from info@abc.net.
@mydomain.tld+ , the address is appended with a ‘+’. If RELAYCLIENT (/etc/tcp.smtp) is not set and the sender address matches a corresponding entry (@mydomain.tld).

The WordPress.com stats helper monkeys prepared a 2014 annual report for this blog.

Here’s an excerpt:

A San Francisco cable car holds 60 people. This blog was viewed about 2,500 times in 2014. If it were a cable car, it would take about 42 trips to carry that many people.

Click here to see the complete report.

This problem occurs when we try to Migrate a VM from one Host to another host. After Moving when we boot up the OS it shows this error while trying to activate the Ethernet connections : Device ethX does not seem to be present, delaying initialisation.

Here is a solution to this problem.

Remove the kernel’s networking interface rules file so that it can be regenerated at the next boot.
# rm -f /etc/udev/rules.d/70-persistent-net.rules
Restart the VM

UPDATE your interface configuration file
/etc/sysconfig/networking/devices/ifcfg-ethX

Remove the MACADDR entry or update it to the new MACADDR for the interface (listed in this file: /etc/udev/rules.d/70-persistent-net.rules).
Remove the UUID entry

Save and exit.

Restart the networking service
# service network restart

This will solve the issue. Solution tested and shared by Mr. Shah Paran ( PHP Group ). Hope this will be helpfull to someone.

Qmail Installation Script with JMS ( http://qmail.jms1.net ) Combined Patch 7.10

I have tested this on CentOS 5.5 and CentOS 5.8. Now also tested in CentOS 6.4 64bit.

1) Qmail with RBL, SMTP Authentication ( 25 Port & 465 Port ), ValidRecipientto, LocalMFCCheck
2) VPOPMail
3) EZMLM Mailing List
4) QmailAdmin
5) Webmail with Password Change Option
6) ClamAV
7) SpamAssassin
8) SimScan

* Before Using this Automated Script Please get to know the qmail installation process manually. Best way is to follow the steps manuly atlist once. This script was made just to ease my workload of installing a Qmail Server and stop forgetting some process that is repeated in every installation. Sorry for any Bug in the script. Keep updating it whenever I found one. If you find a bug you are welcome to drop me a mail or modify it on your own.

Download the Package from here.

I’m using Qmail for a long time now. In recent times I have seen lot’s of Password Hacking attacks via POP3 or SquirellMail and also for the SSHD. I was looking for a solution to block such type of attacks. Then Google gave me this awesome application Fail2Ban. I’m using this in my CentOS system. You can download the tar.gz package from online ( Fail2Ban ). Extract and Install. You need to set this up for different purpose as per your needs. It maily checks log file of different services and and detects the IP address from where the request originated and Blocks it for a specified time using IPTables. It even send Mail reports to let you know which IP’s have been blocked. For Different services you need to setup the /etc/fail2ban/jail.conf file and also a RegEx conf file under /etc/fail2ban/filter.d/. I’ll give some example configuration for some services which will help you to configure it in the first time. Here is a Sample for jail.conf file. And also two filter.d files for VPOPMail and Squirrelmail. The Fail2Ban wesite also describes this process very well. Just Read it and you will understand. I have implemented this for almost 2 months now and working very well in  me server. Hope you will find this useful also.

When I configured secondary DNS server in CentOS 5.5 (bind-9.3.6), I ran into some problem. At the first run all the zones where successfully pulled from Primary server and the Secondary DNS server was working fine. Later when I updated some Zone files in the primary with proper incremented serial number the corresponding zones in the secondary DNS server was not updated. They had the initial zone file that was created at the first run. Then I found out you have to define the “allow-transfer” also in the secondary zone declaration in named.conf. For the older version only declaring it in primary DNS was enough. I’ll just give an example :

zone “linuxcourse.com” {
type slave;
masters { 192.168.103.2; };
allow-transfer {192.168.103.2; };
file “slaves/linuxcourse.com”;
};

After this when i restarted named then the secondary DNS was properly updating it zone file comparing with primary DNS.

Normally secondary zone files will be refreshed after the time interval that you have set in the Zone file in your primary DNS zone. To force a refresh you can use this command :

rndc reload zonename     ex. rndc reload linuxcourse.com

Hope this will be helpful to someone. Everyday learning new things as they are changing so rapidly……

Normally when you setup Nagios email notification mail are sent from “anonymous@hostname”. But if you want the mail sent from a specific account please do the following :

1) Open the main Nagios config file nagios.cfg and edit the line containing “admin_email=nagios@localhost” to something like “admin_email=nagios@mahin.com”.

2) Now open the commands.cfg file and edit “notify-host-by-email” command like this :

command_line    /usr/bin/printf “%b” “***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n” | /bin/mail -s “** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **” $CONTACTEMAIL$ — -f$ADMINEMAIL$

“— -f$ADMINEMAIL$” is added at the end of the command. Please note that there is no space in between -f and $ADMINMAIL$

3) Do the same for “notify-service-by-email” so it looks like this :

command_line    /usr/bin/printf “%b” “***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$\n” | /bin/mail -s “** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **” $CONTACTEMAIL$ — -f$ADMINEMAIL$

** You can directly specify email id like this also ” — -fnagios@mahin.com “, in that case you don’t need to edit the nagios.cfg file.

4) Reload the Nagios service and your done. From now onward you will get Nagios email from nagios@mahin.com.

Some times you will find it very useful to see the output of the history command with time stamp. For this you need to set up the HISTTIMEFORMAT in your bash_profile. Please edit the /root/.bash_profile file and edit this line :

export PATH

to

export PATH HISTTIMEFORMAT=’%F %T ‘

Save the file and then issue the history command. the output will be like this :

1  2012-06-12 11:13:08 clear
2  2012-06-12 11:13:09 iptables -vL FORWARD
3  2012-06-12 11:13:16 history
4  2012-06-12 11:13:30 exit

So it will show you the time when the command was executed. Remember it will show you updated timestamps only after you have set the  HISTTIMEFORMAT. Any command before setting this will have the current Timestamp.

This example will show you how to configure Reverse Proxy with Apache Virtual Hosting. This is in addition to my last Reverse Proxy post.

########################

NameVirtualHost *:80

<VirtualHost *:80>
ServerAdmin abc@xyz.com
DocumentRoot /var/www/html/
ServerName abc.xyz.com
</VirtualHost>

<VirtualHost *:80>
ServerAdmin abc@xyz.com
ServerName revprx.xyz.com

<Proxy *>
Order allow,deny
Allow from all
</Proxy>

ProxyPass / http://192.168.105.5/ nocanon
ProxyPassReverse / http://192.168.105.5/

</VirtualHost>

##########

This way you can have any Number of Virtual Host with Local Content and also with Reverse Proxy enabled. Hope this Helps.

If you are using Squid in Transparent mode you can use many features to restrict your users. I’ll tell you about 2 scenarios with example.

1) You want Block some IP’s to restrict access to some specific sites. Please follow this steps to do that :

Add this Lines to your Squid.conf File.

acl block_ip src “/usr/local/src/block_ip”

acl block_ip_site url_regex “/usr/local/src/block_ip_site”

http_access deny block_ip block_ip_site

Now create /usr/local/src/block_ip file with the IP address you want to restrict. Put one IP in each line. Also create /usr/local/src/block_ip_site file with the Site URL you want to restrict. Put one URL in each line. Now Restart Squid service and see the rules working as you configured.

2) You want Allow some IP’s to allow access to some specific sites. Please follow this steps to do that :

Add this Lines to your Squid.conf File.

acl allow_ip src “/usr/local/src/allow_ip”

acl allow_ip_site url_regex “/usr/local/src/block_ip_allow”

http_access allow allow_ip allow_ip_site

Now create /usr/local/src/allow_ip file with the IP address you want to allow. Put one IP in each line. Also create /usr/local/src/allow_ip_site file with the Site URL you want to allow. Put one URL in each line. Now Restart Squid service and see the rules working as you configured.