Category Archives: Linux howto

Squid-2.6 transparent + SquidGuard

Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

Its a tired long day for today as I spend almost half a day to setup the Squid-2.6 in transparent mode with squidGuard and I think most of you will think that I’m that dumb takes so long to configure that. It’s a very good experience to learn that you always need to keep up to the latest update on Linux as if you have stopped playing with it you will loose out.

That’s why it took me so long till I found out what’s the problem. First there was problem with squidGuard that all the configuration was done perfectly but the filtering was not working, end up manage to find the problem was the blacklist was not build with .db format. Second problem was the new Squid configuration for transparent mode was different from the older version and much more simpler. Below I write up all the steps to configure transparent proxy with squidGuard.

Continue reading Squid-2.6 transparent + SquidGuard

Migrate Linux email to Mdaemon

Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

I was given a migration project to migrate Debian mail server to Mdaemon mail server. This project include setting up the Mdaemon mail server and migrate email over 600+ mailbox on Debian mail server, at first this project seem to be very straight forward as from the first meeting with the customer they mention is 90% of the user is using outlook express. This sound like all the email will be store on the client rather than in debian mailserver right? By the time we do the installation only we found out they given us the wrong info, where 90% of the user is using webmail…. !@#$#$%#% .

Continue reading Migrate Linux email to Mdaemon

Sendmail listen on port 587

Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

Due to our country new policy of blocking all dynamic IP broadband  user from being spammer where they have blocked port 25 and force to used the broadband  provider smtp to send all the email out. It also affect those SOHO office that host their email in third party hosting and most of the provider have change to different port to cater this problem.

Here I’ll show you on how to set sendmail to listen on port other then 25 or using the MSA port 587.  This how-to based on “Centos 5.0”

Requirement

sendmail-cf-8.13.8-2.el5
sendmail-8.13.8-2.el5

1. Make sure you have the 2 packages installed on your Linux machine. It can be any version as all the setting is done through the .mc files. To check if the packages is install by issuing this command:-

 # rpm -qa | grep sendmail

2.  Go to the “/etc/mail” folder and edit the sendmail.mc file.

# cd /etc/mail
# vi sendmail.mc

After edit the “sendmail.mc” file, look for the following lines:-

dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea’)dnl

to activate this option, remove the word “dnl” infront of the statement like:-

DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea’)dnl

Save the file.

3. Backup your sendmail.cf configuration file first before you make the new sendmail.cf file.

# cp /etc/mail/sendmail.cf /etc/mail/sendmail.cf.<date>

then you can run the following command to create the new sendmail.cf file

# make -C /etc/mail

now restart your sendmail

# /sbin/service sendmail restart

Shutting down sm-client:                                   [  OK  ]
Shutting down sendmail:                                    [  OK  ]
Starting sendmail:                                         [  OK  ]
Starting sm-client:                                        [  OK  ]

4. Test to telnet to port 587 and see if its working

# telnet localhost 587

[root@mmix mail]# telnet localhost 587
Trying 127.0.0.1…
Connected to localhost.localdomain (127.0.0.1).
Escape character is ‘^]’.
220 abc.com.my ESMTP Sendmail 8.13.8/8.13.8; Fri, 7 Dec 2007 03:41:16 +0800

once you can see the above msg, that’s mean your sendmail now is accepting both port 25 and 587. My friend Wing loon, have another how-to on using IPTABLES to redirect port 25 to another port.

Source : Sendmail.org | Wingloon.com 

Sendmail with SMTP AUTH

The purpose of this SMTP AUTH is to block spammer to use your mail server to be a spam server and only authenticated user will be able to send email out from your mail server. The following guide will show you how to enable the Authentication module and is using plain text during the authentication.

In this guide, I will not go details into the basic sendmail configuration as I assume you’re familiar with the basic sendmail setup. I will more concentrate on the SMTP AUTH module and this guide can be applied to either Centos 4.x or Centos 5.x.

Continue reading Sendmail with SMTP AUTH

Securing SSH with Denyhost

Denyhost is a script intended to run by linux system administrators to help thwart SSH server attacks (also known as dictionary based attacks and brute force attacks).

If you’ve ever looked at your ssh log (/var/log/secure on Redhat, /var/log/auth.log on Mandrake, etc…) you may be alarmed to see how many hackers attempted to gain access to your server. Hopefully, none of them were successful (but then again, how would you know?). Wouldn’t it be better to automatically prevent that attacker from continuing to gain entry into your system?

Continue reading Securing SSH with Denyhost

Mounting Windows share into Ubuntu Linux

Today my friend (Yeoh) ask me to help him to mount a windows share folder in to a Linux box running on VMware. He is using Ubuntu 7.02 with Deluge installed to download torrent. He don’t want to save the downloaded torrent file into the VMware but into the windows share folder.

So he ask me to help him to do the auto mount the windows share folder. To start off the configuration, make sure the windows pc have set as below:-

1) Windows firewall enable the “File and Printer Sharing”

2) Have share a folder with “Full access” and make sure there is no space in the shared name, try to use simple name.

If you have those set in the windows PC, then you can head to the Ubuntu box and mount the windows shared drive. If your Ubuntu does not have the smbfs type the following to install it:-

# apt-get install smbfs

after install then we create a mount point folder in “/mnt ” called download

# mkdir /mnt/download

# smbmount //<computer name>/<shared folder> /mnt/download -o password=””,rw,dmask=0775

This will mount the windows share folder into /mnt/download folder but will not auto mount after reboot, in order to do that i use the “/etc/rc.local” file to auto mount it. Add the following command in the file.

# /usr/bin/smbmount //<computer name>/<shared folder> /mnt/download -o password=””,rw,dmask=0775

if your windows share folder need username and password then use the following:-

# /usr/bin/smbmount //<computer name>/<shared folder> /mnt/download -o username=<username>,password=<password>,rw,dmask=0775

That’s all, now you can start using the /mnt/download folder.