Postfix, postgrey, and targrey. How’s that for a boring title, yay!
YupYup,
installed postgrey & targrey today:
wget http://postgrey.schweikert.ch/pub/postgrey-1.32.tar.gz tar xvfz postgrey-1.32.tar.gz cd postgrey-1.32 wget http://k2net.hakuba.jp/pub/targrey-0.31-postgrey-1.32.patch cp ./postgrey postgrey.orig patch < targrey-0.31-postgrey-1.32.patch cp ./postgrey /usr/sbin/ cp ./postgrey_whitelist_clients /etc/postfix cp ./postgrey_whitelist_recipients /etc/postfix groupadd mail useradd -g mail -d /home/postgrey -m -s /bin/false postgrey mkdir /var/run/postgrey/ chown -R postgrey:mail /var/run/postgrey/ mkdir /var/spool/postfix/postgrey chown postgrey:mail /var/spool/postfix/postgrey -R
Now create an init file:
vi /etc/init.d/postgrey
and put this in it:
#!/bin/bash
#
# Init file for postgrey server daemon
#
# chkconfig: 2345 79 30
# description: postgrey server daemon
#
# processname: postgrey
case "$1" in
start)
# Start Postgrey
/usr/sbin/postgrey --inet=127.0.0.1:60000 --daemonize --pidfile=/var/run/postgrey/postgrey.pid --whitelist-clients=/etc/postfix/postgrey_whitelist_clients --whitelist-recipients=/etc/postfix/postgrey_whitelist_recipients --greylist-action=451 --delay=420 --max-age=40 --lookup-by-subnet --auto-whitelist-clients=10 --user=postgrey --group=mail
;;
stop)
# Stop Postgrey
killall /usr/sbin/postgrey
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
;;
esac
make it executable:
chown 754 /etc/init.d/postgrey
and tell your system to start it when the system starts
Debian:
update-rc.d postgrey defaults
Redhat:
chkconfig --add postgrey
now tell postfix to use it, edit /etc/postfix/main.cf and add
check_policy_service inet:60000
to the end of the smtpd_recipient_restrictions and smtpd_data_restrictions statements, so they look something like this:
smtpd_recipient_restrictions =
permit_mynetworks
permit_sasl_authenticated
reject_unauth_destination
...(whitelist and other filter)
check_client_access regexp:$config_directory/permit_client_nots25r
check_policy_service inet:60000
...
permit
smtpd_data_restrictions =
permit_mynetworks
permit_sasl_authenticated
...(whitelist)
check_client_access regexp:$config_directory/permit_client_nots25r
check_policy_service inet:60000
permit
And that's your lot.
Screen and the delete key – .screenrc
After a bit of poking around the interwebs i came across this little gem for getting screen to behave a bit better with the delete key.
Put this in your ~/.screenrc
termcapinfo xterm-color kD=\E[3~
the best thing is that you don't even have to restart the screen to get it, just reattach.
Automate a Remote Login Using SSH-Agent
When it comes to remote logins, SSH is a wonderful tool. Not only is it
secure, it supports public/private key logins. Depending on public and
private keys mean even if someone gets your password, without your
private key it won't do them any good (and vice versa).
see full article here
iplist – block bad p2p traffic HOWTO on a headless server.
iplist is cool. It sits inline with any current firewall that you have and filters selected (government, bad trackers, etc) traffic.
This is how i installed it on a headless edgy server.
apt-get install libnetfilter-queue1sun-java5-jre libnfnetlink1 cd /tmp wget http://downloads.sourceforge.net/iplist/iplist_0.19-0etch1_i386.deb dpkg --force-depends -i iplist_0.19-0etch1_i386.deb sed -i 's/AUTOSTART="No"/AUTOSTART="Yes"/' /etc/ipblock.conf update-rc.d ipblock defaults ipblock -u /etc/init.d/ipblock start
Rename hardware devices (like eth0) using udev for linux
shamelesly stolen
udev is a daemon which dynamically creates and removes
device nodes from /dev/, handles hotplug events and loads drivers at
boot time. It replaces the hotplug package and requires a kernel not
older than 2.6.12.udev - /dev/ and hotplug management daemon
rtorrent with wtorrent on debian etch complete HOWTO
This howto will show you how to install rtorrent with wtorrent web interface on debian etch, with samba allowing us to grab the downloaded files from windoze boxes. It is intended as a complete guide from nothing to downloading torrents, so it's ideal for that old box that you have sitting in the corner. If you want to use the box for multiple things then you should only use this for reference. We will be using the debian netinst CD, available from the debian mirrors. As this covers pretty much everything, including installing deb, you might want to jump to he meat of the configuration. This run through should also work with ubuntu, but I havent tried it.
Centos & redhat persistent static routes
On redhat centos
For each device, (say eth0) create the file: /etc/sysconfig/network-scripts/route-eth0
And the contents should be something like:
10.0.1.0/24 via 192.168.2.4 dev eth0
10.0.4.0/24 via 192.168.2.2 dev eth0
How to set up a virtualbox client from the console.
VBoxManage createvm -name “Your VM” -register VBoxManage modifyvm “Your VM” -memory “128MB” -acpi on -boot1 dvd -nic1 intnet VBoxManage createvdi -filename “VM.vdi” -size 4000 -register VBoxManage modifyvm “Your VM” -hda “VM.vdi” VBoxManage registerimage dvd /full/path/to/iso.iso VBoxManage modifyvm “Your VM” -dvd /full/path/to/iso.iso VBoxManage modifyvm “Your VM” -vrdpport 3390 VBoxVRDP -startvm “Your VM”
Sawmill LITE log file analasys
I recently heard a colleague advocating Sawmill LITE, an thought i'd give it a go.
Howto replace duplicate files with hard links.
Like most people I have multiple backups of the same files, stored in an ad-hoc structure. I went hunting fir a good utility to remove duplicates, and replace them with hard links.
It surprised me that there is a tool for doing this on NTFS volumes under windows. Update: and another free one!
I found a perl script called trimtrees.pl You can find it in CPAN, it's describes itself such:
Traverse all directories named on the command line, compute MD5
checksums and find files with identical MD5. IF they are equal, do a
real comparison if they are really equal, replace the second of two
files with a hard link to the first one.Special care is taken to cope with C
error conditions.
The inode that is overbooked in such a way, is taken out of the pool
and replaced with the another one such that the minimum of files
needed is kept on disk.The C< --maxlinks> option can be used to reduce the linkcount on all
files within a tree, thus preparing the tree for a subsequent call to
C. This operation can be thought of the reverse of the normal
trimtrees operation (--maxlinks=1 produces a tree without hard links).