How remove a lot of mail from mailq with few cli comands.

Hello,

We have a lot of mail with errors like:

D7AF9121256 34341 Tue Nov 21 11:19:27 MAILER-DAEMON ……….

We want to remove them.

First commands:

mailq | grep MAILER-DAEMON | awk ‘{ print $1 }’ > /root/mailq-201711.txt

Here we catch the ID like D7AF9121256 each mail and save in file /root/mailq-201711.txt.

cat /root/mailq-201711.txt

F0DFF124FDB*
D79941257D6*
75668125191*
5879A1256F4*
4A9DB124CA3*
489E6124A01*
C7DC9124A8A*
3EE891252EC*
7E956125735*
69B0E124DAA*
58F9E12535D*
8DBF71255A0*
8D633125035*
08A411254DE*
549C9124902*
8144B12537B*
D927512497A*
6606C125774*
E09BA125439*
538091259BD*
1F749125973*
8A9CB1255DC*
1D949124DD7*
13B1812546E*

Now we have to remove caracacter * from each ID because we get error to next commands.
Open file /root/mailq-201711.txt with vim and execute commands :1,$ s/*/<space>/g   where 1 it’s first line and $ last line.   Save file and exit ( :wq )

And now delete mails form mailq with:

while read i; do postsuper -d $i; done </root/mailq-201711.txt

After read each line I delete ID with postsuper -d $i and read next line.   Enjoy!

Config for Samba to allow login Windows XP

Today I found a solution for Samba 4.6.2 in Centos 7.4 for all versions of Windows from 7 upwards are able to connect less Windows XP.

Word in smb.conf

lanman auth = yes
ntlm auth = yes

That’s how the config looks:

[global]
workgroup = SAMBA
server string = Samba
netbios name = Samba
interfaces = 192.168.22.250/24 192.168.0.250/24
hosts allow = 127. 192.168.22. 192.168.0.
max protocol = SMB2
socket options = TCP_NODELAY
read raw = no
log file = /var/log/samba/log.%m
max log size = 500

lanman auth = yes
ntlm auth = yes

security = user
map to guest = bad user

passdb backend = tdbsam

local master = yes
os level = 255
preferred master = yes
printing = cups
printcap name = cups
load printers = no
cups options = bsd

I think this information will help you if you have Windows XP computers on your network.

Imapsync script or How to move more email account easy.

Today I will post a script that show you how to move easy more email account from old mail server to new server.
The story: We have have many account and we now details about every account ( user and password ).

The script

#!/bin/bash
# Example for imapsync massive migration on Unix systems.
# 
# Data is supposed to be in file.txt in the following format
# user001_1;password001_1;user001_2;password001_2
#
# Do not forget to put absolute path
#
# Separator is character semi-colon ; it can be changed
# by any character changing IFS=';'
# Each data line contains 4 columns, columns are 
# parameters for --user1 --password1 --user2 --password2
#
# Replace "imap.server1.org" and "imap.server2.org" 
# with your own hostname values. 
 
# This loop will also create a log file called 
# LOG/log_${u2}_$NOW.txt for each account transfer
# where u2 is just a variable containing the user2 
# account name, and NOW is the current date_time

mkdir -p LOG
 
{ while IFS=';' read  u1 p1 u2 p2
    do 
         { echo "$u1" | egrep "^#" ; } > /dev/null && continue
         NOW=`date +%Y_%m_%d_%H_%M_%S` 
         echo syncing to user "$u2"
         imapsync --host1 imap.server1.org -addheader  --user1 "$u1" --password1 "$p1" \
                  --host2 imap.server2.org --user2 "$u2" --password2 "$p2" \
                  > LOG/log_${u2}_$NOW.txt 2>&1
    done 
} < /etc/rc.d/file.txt
### Do not forget to put absolute path to your file "file.txt" or what ever you name it.

Example for file.txt. ( I put diferent example of user and password )

user001_1;password001_1;user001_2;password001_2
user011_1;password011_1;user022_3;password003_4
sales;passwSals34;sales@ceae.info;passSale7634 

Hope will help you this page!

How to Change WebUI Port on Edge Router – Ubiquiti EdgeRouter

Today we show you how to change default WebUI port for Ubiquiti EdgeRouter.

1. Log into router via ssh

# ssh  ubnt@192.168.0.1

2. Enter configure mode

ubnt@Edge-ROUTER:~$ configure
[edit]
ubnt@Edge-ROUTER#

3. Set the Web UI port; change 7443 to whatever you would like

set service gui https-port 7443

4. Commit and save your change

 commit
save

If you require access to the Web GUI from an external location, you will need to create a firewall rule to allow the traffic.
5. Create the firewall rule to allow inbound traffic

edit firewall name WAN_LOCAL rule 55
set description "Inbound traffic to WEB GUI"
set action  accept
set log disable
set protocol tcp_udp
set destination port 7443

And do not forget to commit and save !

Source: https://blog.laslabs.com/2013/04/change-webui-port-ubiquiti-edge-router-lite/

How to setup PureFTPD with mysql user.

Now we setup pure-ftpd with mysqld user.
1. Install packet:

# yum install epel-release
# yum install pure-ftpd

2. Now we create user and group for Pure-FTPD

# groupadd -g 3800 grupftp 
# useradd -u 3800 -s /bin/false -d /bin/null -c "User Purefptd" -g grupftp userftp

3. Create database

CREATE DATABASE pureftpd;
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON pureftpd.* TO 'pureftpd'@'localhost' IDENTIFIED BY 'ftpdpass';
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON pureftpd.* TO 'pureftpd'@'localhost.localdomain' IDENTIFIED BY 'ftpdpass';
FLUSH PRIVILEGES;

USE pureftpd;

CREATE TABLE ftpd (
User varchar(16) NOT NULL default '',
status enum('0','1') NOT NULL default '0',
Password varchar(64) NOT NULL default '',
Uid varchar(11) NOT NULL default '-1',
Gid varchar(11) NOT NULL default '-1',
Dir varchar(128) NOT NULL default '',
ULBandwidth smallint(5) NOT NULL default '0',
DLBandwidth smallint(5) NOT NULL default '0',
comment tinytext NOT NULL,
ipaccess varchar(15) NOT NULL default '*',
QuotaSize smallint(5) NOT NULL default '0',
QuotaFiles int(11) NOT NULL default 0,
vizibil enum('0','1') NOT NULL DEFAULT '1',
parola varchar(255) NOT NULL,
PRIMARY KEY (User),
UNIQUE KEY User (User)
) TYPE=MyISAM;

If you use mariadb database:

CREATE TABLE ftpd ( User varchar(16) NOT NULL default '', status enum('0','1') NOT NULL default '0', Password varchar(64) NOT NULL default '', Uid varchar(11) NOT NULL default '-1', Gid varchar(11) NOT NULL default '-1', Dir varchar(128) NOT NULL default '', ULBandwidth smallint(5) NOT NULL default '0', DLBandwidth smallint(5) NOT NULL default '0', comment tinytext NOT NULL, ipaccess varchar(15) NOT NULL default '*', QuotaSize smallint(5) NOT NULL default '0', QuotaFiles int(11) NOT NULL default 0, vizibil enum('0','1') NOT NULL DEFAULT '1', parola varchar(255) NOT NULL, PRIMARY KEY (User), UNIQUE KEY User (User) ) ENGINE = MyISAM;

4. Edit /etc/pure-ftpd/pure-ftpd.conf

# vim /etc/pure-ftpd/pure-ftpd.conf
 [...]
ChrootEveryone              yes
[...]
MySQLConfigFile               /etc/pure-ftpd/pureftpd-mysql.conf
[...]
CreateHomeDir               yes
[...]

5. Next step you have to edit /etc/pure-ftpd/pureftpd-mysql.conf

 MYSQLSocket      /var/lib/mysql/mysql.sock
MYSQLUser       pureftpd
MYSQLPassword   ftpdpass
MYSQLDatabase   pureftpd
MYSQLCrypt      md5
MYSQLGetPW      SELECT Password FROM ftpd WHERE User="\L" AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")
MYSQLGetUID     SELECT Uid FROM ftpd WHERE User="\L" AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")
MYSQLGetGID     SELECT Gid FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")
MYSQLGetDir     SELECT Dir FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")
MySQLGetBandwidthUL SELECT ULBandwidth FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")
MySQLGetBandwidthDL SELECT DLBandwidth FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")
MySQLGetQTASZ   SELECT QuotaSize FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")
MySQLGetQTAFS   SELECT QuotaFiles FROM ftpd WHERE User="\L"AND status="1" AND (ipaccess = "*" OR ipaccess LIKE "\R")

6. Add user to database:

 INSERT INTO `ftpd` (`User`, `status`, `Password`, `Uid`, `Gid`, `Dir`, `ULBandwidth`, `DLBandwidth`, `comment`, `ipaccess`, `QuotaSize`, `QuotaFiles`,`vizibil`,`parola`) VALUES ('usertest', '1', MD5('newparola'), '3800', '3800', '/srv/ftp/testuser', '100', '100', '', '*', '50', '0','1','newparola');

Add user without limit quota:

 INSERT INTO `ftpd` (`User`, `status`, `Password`, `Uid`, `Gid`, `Dir`, `ULBandwidth`, `DLBandwidth`, `comment`, `ipaccess`, `QuotaSize`, `QuotaFiles`,`vizibil`,`parola`) VALUES ('userboss', '1', MD5('bosspass'), '3800', '3800', '/srv/ftp', '0', '0', '', '*', '0', '0','1','bosspass');

7. Few tips.
How we change password one user already exist

 update ftpd set password=MD5('NewPass8634word') where User='USERFTP';

8. Start and enable service

# systemctl status pure-ftpd.service 
# systemctl enable pure-ftpd.service
# systemctl start pure-ftpd.service

For centos 6

# chkconfig on pure-ftpd 
# service pure-ftpd start
# service pure-ftpd status 

Enjoy, that it is!

How to buy a cheap linux vps.

How to buy a cheap linux vps?
This it is the topic of this days.

The first thing you can look for a discount code on www.retailmenot.com
You cand find free discount code to buy VPS server on Linode or cheap domain on godaddy.com.  Other tips, you can search on Google “promo code provider” Ex: promo code godaddy, promo code linode, promo code ovh …… and so on.

  1. Hetzner Germany, from 3.9 Euro to 49.9 Euro, you have Control Panel to control your VPS. Transfer Limit from 2 TB to 30 TB.  If you are from other country than Germany you can pay with TransferGO.
  2. Linode Germany. Price from 5$/month to 960 $/month. Transfer limit from 1 TB to 9 TB.  Very good CPU on VPS hosting.  You can buy cheap with “promote code”.
  3. OVH Price from 2.99 to 11.99. Unlimited traffic 
  4. A2hosting VPS, I suggest to buy Unmanaged VPS Hosting and you will config you services in your server. Price from 4.45 Euro to 13.36 Euro. Transfer limit just 2 TB.
  5. Google Cloud Platform, I like this inteface, eazy to setup, you can try it free ( you will receive $300 credit for free ) for first month.

You can look to Amazon AWS or Digital Ocean but you can waste your time. ( they are good but not cheap )

From now this it is what I found.

Samba Tips

Hello, in this page we show few tips for samba.

Q: How to force the master browser to re-run?
A: Run next command

# smbcontrol nmbd force-election

Q: How do we find out who the master browser is in the network ?
A: Run next command

 # nmblookup -M -- -
querying __MSBROWSE__ on 192.168.1.255
192.168.1.130 __MSBROWSE__
192.168.1.1 __MSBROWSE__
192.168.1.22 __MSBROWSE__
192.168.1.66 __MSBROWSE__

In this case I found some master computer browser.
Q: How do you know the name of netbios if you know IP address ?
A: Run next command

# nmblookup -A 192.168.3.28
Looking up status of 192.168.3.28
        OTL-DEPOZIT-2   -         B 
        OTL           -  B 
        OTL-DEPOZIT-2   -         B 
        OTL           -  B 

        MAC Address = 50-E5-49-90-E2-03

Q: And vice versa ?
A: See next

nmblookup -S OTL-DEPOZIT-2
querying ORSH-DEPOZIT-2 on 192.168.3.255
192.168.3.28 OTL-DEPOZIT-2
Looking up status of 192.168.3.28
        OTL-DEPOZIT-2   -         B 
        OTL           -  B 
        OTL-DEPOZIT-2   -         B 
        OTL           -  B 

        MAC Address = 50-E5-49-90-E2-03

Other userful command, smbtree, smbstatus.

NOTE: If you do not have any of the above packages installed, ensure that the samba-client is installed.

Enjoy.

Renewing a SSL Certificate on Centos

We receive a mail with next message in mail:

Certificate for hostname 'server.domain.com', in file (or by nickname):
     /etc/pki/tls/certs/ca.crt

The certificate needs to be renewed; this can be done
  using the 'genkey' program.

We find files in:

 [root@server ~]# ls -lh /etc/pki/tls/private/ca.key
-rw------- 1 root root 1,7K ian 29  2016 ca.key

Now we renew certificate:

# openssl req -new -days 365 -x509 -nodes -newkey rsa:2048 -out /etc/pki/tls/certs/ca.crt -keyout /etc/pki/tls/private/ca.key

We need to update their permissions.

chmod 600 /etc/pki/tls/certs/ca.crt
chmod 600 /etc/pki/tls/private/ca.key

How to see details about new certificate?
A: type this

 # openssl x509 -text -in /etc/pki/tls/certs/ca.crt

Enhoy !

How to compile latest version of bind in Centos 7

We want to add latest version of bind in Centos 7.

First Step.  Install builds require the GeoIP, python-argparse and python-ply packages, available from the epel repositories.

# yum install openssl-devel libcap-devel libidn-devel krb5-devel  krb5-devel docbook-style-xsl GeoIP-devel python-ply perl-Net-DNS-Nameserver fstrm-devel

Now we have to download source rpm of new bind.

# wget http://www.five-ten-sg.com/util/bind-9.11.1-0.1.el6.src.rpm

This version contains two patches for Python 2.4 compatibility required to run on Centos 5. It can be built via:

 EL5:
rpmbuild --rebuild --define 'dist .el5' \
bind-9.11.1-0.1.el6.src.rpm

EL6:
rpmbuild --rebuild --define 'dist .el6' \
bind-9.11.1-0.1.el6.src.rpm

EL7:
rpmbuild --rebuild --define 'dist .el7' \
bind-9.11.1-0.1.el6.src.rpm

And now you have to wait few hours to compile new rpm.

Enjoy!
Source: http://www.five-ten-sg.com/mapper/bind