[P]Delete

Here is a small post on how to setup pflogsumm on your CentOS mail server running Postfix.  It takes advantage of logrorate being called nightly by cron. 1. Install pflogsumm # wget http://jimsun.linxnet.com/downloads/pflogsumm-1.1.3.tar.gz # tar zxvf pflogsumm-1.1.3.tar.gz 2. Run a test # cat /var/log/maillog | ./pflogsumm.pl 3. Update /etc/logrotate.d/syslog.  Add the following: prerotate cat /var/log/maillog | ./path_to_pflogsumm/pflogsumm.pl | mail -s "Postfix Logs Summary `date`" your-email-address endscript

Create file ansible_hosts with below content: [server] 104.207.128.XX  ansible_ssh_port=22   ansible_ssh_user=root   ansible_ssh_pass=133112 52.74.36.XX   ansible_ssh_port=22   ansible_ssh_user=ec2-user   ansible_ssh_pass=133112 [webserver] 104.207.128.XX  ansible_ssh_port=22   ansible_ssh_user=root   ansible_ssh_pass=133112 [email] 52.74.36.XX   ansible_ssh_port=22   ansible_ssh_user=ec2-user   ansible_ssh_pass=133112 Then run the ansible-playbook command # ansible-playbook -i ansible_hosts ping.yml

Create SSH User [root@localhost ~]# useradd test [root@localhost ~]# passwd test Create Keypair using PyttyGen    Copy Public key and paste into authorized_keys file [root@localhost test]# mkdir /home/test/.ssh [root@localhost .ssh]# vi /home/test/.ssh/authorized_keys Paste the Public key [root@localhost home]# chown test:test -R test/.ssh/ Save Private key Using putty to connect Server

I have a condition where my customers cannot sending email for some domain by directly. I give an advice to them for using Relay for all external delivery. But they do not want all external delivery using relay for security reason. They want just some domain receiver for using relay. Okay, because them using Zimbra 8.5/8.6, i can do relay for some domain only. # Create transport for domain receiver that would be relay   su - zimbra vi /opt/zimbra/postfix/conf/transportfile Fill with the following example   domain1.com       :[relay.example.com] domain2.com       :[relay.example.com] user1@domain3.com :[relay.example.com] The above example, every sending email to domain1.com and domain2.com or user1@domain3.com , will be relay to relay.example.com . If your relay server using port such as 465, 587 or another port, you can change like this  [relay.example.com]:587 # Postmap Transport postmap /opt/zimbra/postfix/conf/transportfile # Adding

On previous post, we can relay email based on user/domain receiver . But, on this guidance is reverse from previous post. ie the relay based on user/domain sender. Zimbra supported for multi domain. You can have many domain in one Zimbra server. I have condition where either domain cannot sending to some domains. For example, i have 2 domains in Zimbra server, domain1.com and domain2.com. domain1.com can sending email to domain3.com but domain2.com cannot sending email to domain3.com. Whereas domain1.com and domain2.com are in one Zimbra server. it is rather strange indeed. For be able sending to domain3.com from domain2.com, i am decide to relay every sending email from domain2.com. For do that, i do the following guidance # Add the following configuration in /opt/zimbra/postfix/conf/main.cf   sender_dependent_relayhost_maps = lmdb:/opt/zimbra/postfix/conf/bysender # Create file above and adding users/domains would be relay vi /opt/zimbra/postfix/conf/bysend

If using Zimbra 8.5, you can following this instruction su - zimbra zmprov mcf zimbraMtaSmtpdSenderLoginMaps proxy:ldap:/opt/zimbra/conf/ldap-slm.cf +zimbraMtaSmtpdSenderRestrictions reject_authenticated_sender_login_mismatch Above configuration will not accept the user to relay emails using a different email address from user to authenticate with smtp open file  /opt/zimbra/conf/zmconfigd/smtpd_sender_restrictions.cf  and add  reject_sender_login_mismatch  after  permit_mynetworks permit_mynetworks, reject_sender_login_mismatch Above configuration will not accept if user not use authentication/password. After a minute, zmconfigd will update the postfix configuration automatically and apply the new rules. The following is example test use telnet after improve configuration sender must login/anti fake mail ahmad:~ # telnet mail.myemailserver.net 25 Trying 103.xxx.xxx.xxx Connected to mail.myemailserver.net. Escape character is '^]'. 220 mail.myemailserver.net ESMTP

Issues         Starting zmconfigd...Failed. Starting zmconfigd...failed. Issue is /etc/hosts having 127.0.0.1 and ::1 zmconfigd was listening to ipv4, nc was trying to talk to ::1 Resolve - Disable IPv6 in /etc/hosts Commented out ::1 in /etc/hosts - Disable IPv6 in /etc/sysctl.conf vi /etc/sysctl.conf Add in the bottom net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 Apply the change sysctl -p

CBPolicyD has some modules and one of them is module accounting. What is usability of module accounting? with module accounting, we can rate limit sending/receipt email with daily, weekly and monthly method. Even Gmail, Yahoo or other email also limit sending/receipt email perday. You can see that information at this link :  http://www.yetesoft.com/free-email-marketing-resources/email-sending-limit/. Now, how we can also make like Gmail or Yahoo to limit sending email/receipt per day, per week or per month? with CBPolicyD accounting module, we also can do that. Previously, you should be enable CBPolicyD on your Zimbra mail server. If you are using Zimbra 8.5, you can use this guidance :  http://imanudin.net/2014/09/08/how-to-install-policyd-on-zimbra-8-5/ For activating module accounting, open webui via browser, choose accounting | configure. Select add, and fill with the following example   Name : Rate limit perday Link to policy : Default Track : Sender:@domain . You

After formerly i am doing email blacklist based on subject , now i am often receive email spam who ask to me to fill the information of username and password. Besides, he claimed as administrator account of email server. Whereas, i am is an administrator of email and never sending email like that  . The following is example email that received by me Many of my users got similar email and ask to me as administrator email whether this email from me or not. I am say and sending email to all my users for not give any information if receive email like that and always ask to me firstly. Because many similar email received from random sender, finally i am blacklist email based on body email. This is what i do on my email server # Open file salocal.cf.in vi /opt/zimbra/conf/salocal.cf. in adding on the bottom the following line body LOCAL_RULE1 /Your email has/i score LOCAL_RULE1 40.0 body LOCAL_RULE2 /System Administrator/i score LOCAL_R

Recently, i am often receive email with subject “me new photo” which is contains spam and fake link. i am try to blacklist sender but still receive that email spam with another sender. Finally i am try to blacklist email by subject and it work’s for me. i am not again receive email with subject “me new photo” even though with random sender. This is what i do on my Zimbra server. # Create file chandu.cf in spamassassin folder as  root vi /opt/zimbra/data/spamassassin/rules/chandu.cf Fill with the following example header SPAM_BANNED Subject =~ /me new photo/i describe SPAM_BANNED Subject contains me new photo score SPAM_BANNED 40.0 Note : SPAM_BANNED is name of ACL who created. me new photo is subject who want to blacklisted and score 40.0 is score who given if subject meet with the ACL. If you want to create blacklist to other word/subject, don’t use the same name of ACL and create another ACL name. # Save and give owner for user

Policyd has module access control. This module can use for some aims as improving anti spam reject unlisted domain like article has been wrote before. Module access control also can use for restrict users sending to certain users/domains and this article will explain how to apply. Assume you have been install and configure policyd like the following article  How To Install PolicyD on Zimbra 8.5 . For information, i have user with name user1@imanudin.net. This user can sending to domain local only (imanudin.net) and deny to other domain. Open policyd webui on http://ZimbraServer:7780/webui/index.php . First, create users and domains group. Select Groups. Add new group and given name users_local_only . Add member users to group users_local_only . Don’t forget to change status disable yes become no . Add new group and given name list_domain . Add member domains to group list_domain . Don’t forget to change status disable yes become no.  See the following pictures

Yesterday, i have been wrote article about how to install/enable Policyd on Zimbra 8.5. Now., i am will describe how to configure rate limit sending message with Policyd. Why we must configuring rate limit sending message? If there user have compromised password, spammer will sending email to outside with random email address receipt  and very much email have been sent. Usually, public IP address will have blacklisted on any RBL and cannot sending email to outside. To prevent it, we can use Policyd and configure rate limit sending message with quotas modules on Policyd. Quotas modules can prevent user@domain or other configuration can sending some email per minutes or per hours. For example, per users can sending maximum 200 emails per hours How to configure it? This is step by step how to configure it. Assuming you have been install/enable Policyd. Access Policyd WebUI via browser http://zimbraserver:7780/webui/index.php . Ensure your Zimbra service apache have been

Reject unlisted domain is one of many method to improve anti spam on email server, especially Zimbra mail server. On Zimbra, we can setup any IP address to listed as trusted network. IP address listed on trusted network, can sending email without authentication or prompt asking. In other words, listed ip address on trusted network can sending email with any domain, although is not listed on Zimbra. If you have email server with domain example.com, email server should be sending email to outside with example.com domain, if not, then it should be rejected. This article, will describe step by step how to reject unlisted domain on Zimbra with Policyd. Assuming you have install and enable Policyd. If not, you can following this article to enable it. Access Policyd WebUI via browser http://zimbraserver:7780/webui/index.php . Make sure your Zimbra service apache have been running Select Policies | Groups . Select action and add groups. given name list_domain . On comment ,

Still talking about Policyd. When you access policyd webui, it’s not asking username and password. So, everyone can access policyd configuration via webui. To protect policyd webui, we can use three ways. First, we can stopping Apache service Zimbra with zmapachectl stop . Second, we can use firewall to protect and third, we can use login username and password  with htaccess. From three options available, i am recommended to using third option. This is how to protect policyd webui using username and password with htaccess. cd /opt/zimbra/cbpolicyd/share/webui/ vi .htaccess fill with the following lines AuthUserFile /opt/zimbra/cbpolicyd/share/webui/.htpasswd AuthGroupFile /dev/null AuthName "User and Password" AuthType Basic   <LIMIT GET> require valid-user < /LIMIT> create htpasswd file, username and password touch .htpasswd /opt/zimbra/httpd/bin/htpasswd -cb .htpasswd USERNAME PASSWORD change usernam

What is Policyd? Policyd is an anti spam plugin. Policyd have some module like quotas, access control, spf check, greylisting and others. Zimbra Collaboration Suite is an email server who use Postfix as engine for MTA. By default, policyd have been bundled with Zimbra from Zimbra version 7. Why we must use Policyd? Policyd have module quotas. This module can use for limit sending/receipt email. As example just allow sending/receipt email 200 emails/hours/users. If your email server attacked by spam or compromised password some users and used by spammer, the maximum email can be sent as many as 200 emails per hour. This policy will safe your IP public from blacklist on RBL. Besides, you can check who user send email with many email How To Install Policyd on Zimbra 8.5? This guidance is step by step how to install policyd on Zimbra 8.5. # Activate Policyd   su - zimbra zmprov ms `zmhostname` +zimbraServiceInstalled cbpolicyd +zimbraServiceEnabled cbpolicy

Installing Ansible from source is the best way to make sure that you have all the latest features and bug fixes. Fortunately, it’s nice and easy to do too. First, make sure you have any dependencies installed: sudo yum install python - 2.7 gcc-c++ python-setuptools python-devel python - yaml python - paramiko python - jinja2 python - httplib2 Next, download the code: wget http://releases.ansible.com/ansible/ansible-latest.tar.gz Then we want to install it: cd ansible- latest && make && sudo make install Now, Ansible should be installed which ansible => / usr / local / bin / ansible   [root@localhost ansible-1.9.2]# ansible --version ansible 1.9.2   Test command: # echo "127.0.0.1" > /tmp/ansible_hosts # ansible all -m ping --ask-pass -i /tmp/ansible_hosts Are you sure you want to continue connecting (yes/no)? yes 127.0.0.1 | success >> { "changed": false, "ping": "pong" }    Ins