Rss

  • youtube
  • linkedin
  • google

Archives for : DevOps

Antispam para Servidores de E-mail

Já publiquei um tempo atrás um artigo mostrando como montei um servidor e e-mail utilizando as ferramentas mais comuns para ambiente OpenSource em Linux. Usei Postfix, Dovecot, Postfixadmin, Roundcube e Spamassassin.

Agora vou mostrar uma outra ferramenta que é uma alternativa ao Spamassassin que é o MailCleaner.



Continue Reading >>

Servidor de Email –; Part 4 ; Postfix 3

Part 1 ; Configure main.cf file

This is the third part of the process of creating the mail server on a CentOS 7 and the first part of the Postfix configuration. If you came here by accident, better read one of the publications below first:

Part 1 ; Instalação dos Pacotes

Part 2 ; Configuração do MariaDB

Part 3 ; Configuração do Dovecot

Postfix is the most important part of our mail server. He will be responsible for talking with other MTAs for you to receive and send e-mail messages and so that it can be reached it is necessary that he be identifiable by the name of the server or your hostname.



Continue Reading >>

Servidor de Email –; Part 3 ; Dovecot

This is the third part of the process of creating the mail server on a CentOS 7. If you came here by accident, You should read first the previous publications

Part 1 ; Instalação dos Pacotes

Part 2 ; Configurar MariaDB

Dovecot is an MDA (Mail Delivery Agent) means is an agent that transport messages from Postfix to virtual message boxes. In this section we will configure the Dovecot installation to force users to use SSL when they connect, in this way never sending passwords in plain text mode.

I always like to keep the original files of any definition for if I end up getting lost while changing settings. I can say that this step is not needed if you are doing this tutorial entirely, However, If you already have a previous configuration and is just improving it I strongly suggest you make copies of your files.

In our case, the configuration files will be in /etc/dovecot/conf.d/. We can then make copies with the command:



Continue Reading >>

Correcting modules not loaded error on Centos 6. x

A common problem after upgrading a kernel via yum on Centos is not creating the new kernel modules.
An example of this error happens when you try to use grep as in the print below.


# iptables-L-n | grep "my ip"
FATAL: Could not load/lib/modules/2.6.32-042stab123.9/modules.dep: No such file or directory


#
This indicates that the directory 2.6.32-042stab 123.9 and therefore any module in your content can be loaded.

To correct this problem, the simplest way is this recipe:


# mkdir -p /lib/modules/uname -r


# cd /lib/modules/uname -r
[root@vps3 2.6.32-042stab123.9]# depmod
[root@vps3 2.6.32-042stab123.9]# ls -lah
total 64K
drwxr-xr-x 2 root root 4.0K Oct 18 16:11 .
dr-xr-xr-x 10 root root 4.0K Oct 18 16:11 ..
-rw-r--r-- 1 root root 45 Oct 18 16:11 modules.alias
-rw-r--r-- 1 root root 12 Oct 18 16:11 modules.alias.bin
-rw-r--r-- 1 root root 69 Oct 18 16:11 modules.ccwmap
-rw-r--r-- 1 root root 0 Oct 18 16:11 modules.dep
-rw-r--r-- 1 root root 12 Oct 18 16:11 modules.dep.bin
-rw-r--r-- 1 root root 73 Oct 18 16:11 modules.ieee1394map
-rw-r--r-- 1 root root 141 Oct 18 16:11 modules.inputmap
-rw-r--r-- 1 root root 81 Oct 18 16:11 modules.isapnpmap
-rw-r--r-- 1 root root 74 Oct 18 16:11 modules.ofmap
-rw-r--r-- 1 root root 99 Oct 18 16:11 modules.pcimap
-rw-r--r-- 1 root root 43 Oct 18 16:11 modules.seriomap
-rw-r--r-- 1 root root 131 Oct 18 16:11 modules.softdep
-rw-r--r-- 1 root root 49 Oct 18 16:11 modules.symbols
-rw-r--r-- 1 root root 12 Oct 18 16:11 modules.symbols.bin
-rw-r--r-- 1 root root 189 Oct 18 16:11 modules. usbmap
[root@vps3 2.6.32-042stab123.9]# iptables-L-n | grep "my ip"
[root@vps3 2.6.32-042stab123.9]#
This will create the directory and dependencies to modules for the kernel currently in use (uname -r).

If the problem is not resolved with the above commands. Try to reinstall the kernel via yum with the commands below.

mv /boot/grub/grub.conf /boot/grub/grub.conf.bak yum -y reinstall kernel

And then try the commands listed earlier.

I hope you find it useful both when it was for me.

How to clear deferred messages from Postfix Queue

Today I was watching the log file from Postfix (in CentOS 6.X default is /var/log/maillog) and saw a lot of messages being deferred.

Jan 5 15:02:03 vps3 postfix/smtp[27441]: 3187E2180015: to=<undesired@domain.com>, relay=domain.com[167.114.XXX.XXX]:25, delay=254553, delays=254538/0.2/15/0, dsn=
4.4.2, status=deferred (conversation with domain.com[167.114.XXX.XXX] timed out while receiving the initial server greeting)
Jan 5 15:02:03 vps3 postfix/smtp[27442]: CDED02180014: to=<undesired@domain.com.br>, relay=domain.com[167.114.XXX.XXX]:25, delay=258753, delays=258738/0.13/15/0, dsn
=4.4.2, status=deferred (conversation with domain.com[167.114.XXX.XXX] timed out while receiving the initial server greeting)
Jan 5 15:02:03 vps3 postfix/smtp[27443]: C8EE72180012: to=<undesired@domain.com.br>, relay=domain.com[167.114.XXX.XXX]:25, delay=258753, delays=258738/0.14/15/0, dsn
=4.4.2, status=deferred (conversation with domain.com[167.114.XXX.XXX] timed out while receiving the initial server greeting)
Jan 5 15:02:03 vps3 postfix/smtp[27444]: CDCE32180013: to=<undesired@domain.com.br>, relay=domain.com[167.114.XXX.XXX]:25, delay=258753, delays=258738/0.15/15/0, dsn
=4.4.2, status=deferred (conversation with domain.com[167.114.XXX.XXX] timed out while receiving the initial server greeting)

and these messages did repeat from time to time.

Continue Reading >>

Servidor de Email –; Part 1 ; Necessary facilities

I have my own mail server using Postfix, Dovecot, MariaDB, SpamAssassin, ClamAV, Amavisd-new, fail2ban, nginx, postfixadmin and RoundCube under CentOS 7.
Although it has several recipes for how to configure this package, It took me many hours to figure out how to keep the service running correctly, each setting in main.cf and master.cf and in order to achieve in reducing the flood of spam that arrives every minute.
And anti-spam is the focus of this publication. I have suffered and still suffer with the constant attempts to use my services as a zombie or shedding of viruses, fraud and everything else you can.

I lost count of how many times my DNS service stopped by excess of connection attempts to entupiam the memory and forced the s.. cutting processes to conserve resources and the named was chosen for being the weakest link.
So, This article has focus in the proper configuration for private mail services, a few users and few domains. Certainly a lot of what is in this short manual serves to world-class services, but I believe that for these cases the use of tools or dedicated and specialized services should always be taken into consideration.



Continue Reading >>