Nix World

blog

Archive for the ‘Sendmail’ category

OpenEmm — Mass Mailing ,Compain server

June 17th, 2010

yum install mysql-server sendmail-cf MySQL-python libxml2

Download Jdk latest version from: wget http://cds.sun.com/is-bin/INTERSHOP.enfinity/WFS/CDS-CDS_Developer-Site/en_US/-/USD/VerifyItem-Start/jdk-6u20-linux-

i586.bin?BundledLineItemUUID=Er9IBe.oOf0AAAEoay9bNk7a&OrderID=gddIBe.oe.0AAAEoXi9bNk7a&ProductID=guBIBe.oc_wAAAEnaDJHqPYe&FileName=/jdk-6u20-linux-i586.bin

mv jdk-6u20-linux-i586.bin?AuthParam=1272633583_0b435f520fad540d314411f50a185d7a&TicketId=B%2Fw4khmGSVNITB1FPFVTkwPl&GroupName=CDS&FilePath=%2FESD6%2FJSCDL%2Fjdk%2F6u20-b02%2Fjdk-6u20-linux-i586.bin&File=jdk-6u20-linux-i586.bin jdk-6u18-linux-i586.bin

Download openemm source file from : http://sourceforge.net/projects/openemm/files/OpenEMM%20software/OpenEMM%206.0.1/OpenEMM-6.0.1-bin.tar.gz/download

Create the ‘openemm’ User

Create a special group and user for OpenEMM:

groupadd openemm

useradd -m -g openemm -d /home/openemm -c “OpenEMM 6.x.y” openemm

Installation: Sun Java JDK

Copy the file to your /tmp directory: cp jdk-6u18-linux-i586.bin /tmp

- Change to the /tmp directory: cd /tmp

- Grant the file execution permission: chmod u+x jdk-6u18-linux-i586.bin

- Execute the file:
./jdk-6u18-linux-i586.bin

- Follow the onscreen instructions and confirm the license agreement

- Create a directory:
mkdir -p /opt/openemm.org/software

- Move the JDK-directory in there: mv jdk1.6.0_18 /opt/openemm.org/software

- Change to that directory:
cd /opt/openemm.org/software

- Create a symbolic link for the JDK:
ln -s jdk1.6.0_18 java

- Test the JDK: /opt/openemm.org/software/java/bin/java -version

You should get an output like this:

java version “1.6.0_18″

Java(TM) SE Runtime Environment (build 1.6.0_18-b01)

Java HotSpot(TM) Client VM (build 14.2-b01, mixed mode, sharing)

Installation of OpenEMM:

cd /home/openemm

tar xzvpf /tmp/OpenEMM-6.0.1.bin.tar.gz

mkdir -p /usr/share/doc/OpenEMM-6.0.1

mv USR_SHARE/* /usr/share/doc/OpenEMM-6.0.1

Read Access to Maillog

chmod 604 /var/log/maillog

chkconfig mysqld on

service mysqld start

give the root password for mysql: .

mysqladmin -u root password root123

Create data base for openemm:

mysqladmin -u root -p create openemm

mysql -u root -p openemm_cms < openemm_cms.sql

Replace the generic string “http://localhost:8080″ with the domain name of

your server (like “http://www.domain.com:8080″) in these files:

- /usr/share/doc/OpenEMM-6.0.1/openemm-6.0.1.sql (once)

- /home/openemm/webapps/core/WEB-INF/classes/emm.properties (twice)

o /home/openemm/webapps/core/WEB-INF/classes/cms.properties (once)

Add the data from sql file:

mysql -u root -p openemm_cms < /usr/share/doc/OpenEMM-6.0.1/openemm_cms.sql

Give full permission to user for acces the data bases:/

mysql -u root -p
GRANT DELETE, INSERT, UPDATE, LOCK TABLES, SELECT, ALTER, INDEX, CREATE TEMPORARY TABLES, DROP, CREATE ON openemm.* TO ‘agnitas’@'localhost’ IDENTIFIED BY ‘openemm’;
FLUSH PRIVILEGES;
quit

Change the line on sendmail:.

Open file /etc/mail/sendmail.mc and change the line

DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA’)dnl

to

dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA’)dnl

This will enable Sendmail to listen on all available network interfaces. By default Sendmail is listing only on the local interface lo0 for connections.

Add the following line at the end of the file:

INPUT_MAIL_FILTER(`bav’, `S=unix:/home/openemm/var/run/bav.sock, F=T’)dnl

This will enable the dynamic mail loop required by the bounce management to process delayed bounces.

If file /etc/mail/relay-domains does not exist, create the file – for example by

touch relay-domains

and add a line at the end of the file which specifies your DNS entry for the sender hostname (FQDN). In our example it is simply:

newsletter.pawan.in

open file /etc/mail/mailertable and add a line at the end which activates the bounce management for that FQDN:

news.openemm.org procmail:/home/openemm/conf/bav/bav.rc

to activate all Sendmail changes, run the following commands:

cd /etc/mail

make

and restart the Sendmail service by

/etc/init.d/sendmail restart

Launch OpenEMM

su – openemm

cd bin

sh OpenEMM.sh start

exit

View Comments »

Posted in Linux, Mail Servers, Security, Sendmail

Tags: Compain Server Marketing using Mass Mails Mass Mailing OpenEmm

SMTP Redirection using Xinetd

June 2nd, 2010

1. Service sendmail stop
2.Create New File in /etc/xinetd.d/smtp
Insert the following contents

service smtp
{
disable = no
socket_type = stream
protocol = tcp
user = nobody
wait = no
server = /bin/nc
server_args = -w 2 xx.xx.xx.xx 25
}

Save and Close , also make sure to replace xxx with the SMTP server ip address.
/etc/xinetd.d/smtp file shows
how I forwarded incoming SMTP connections to the new host:

This causes all incoming connections on port 25 to be seamlessly redirected to the new host .

This Trick is used where , SMTP host is hidden from Users and
It removes worry about the delay in DNS propogation.

Thanks
Pawan Kumar

View Comments »

Posted in CentOS, Mail Servers, Sendmail

Tags: Smtp Forwarder SMTP proxy SMTP redirection

Zimbra migration from 5.0.8 to 6.0.8, Accounts,Zimlets,Passwords

May 29th, 2010

Zimbra Migration Document

Source Server# Zimbra colloboration Suite (ZCS) version 5.0.8 — Hostname: mail ,Domain: abc.com
Destination Server # Zimbra colloboration Suite (ZCS)version 6.0.6—-Hostname: mail ,Domain: xyz.com

In this migration i will migrate all userdata base ,password ,zimlet setting ,ldap settings

a. Dump LDAP database on the source Zimbra i.e. mail.abc.com

Go to the primary mail server and become zimbra user. Then, in the /opt/zimbra directory, run the following command:

$ ./openldap/sbin/slapcat -f /opt/zimbra/conf/slapd.conf -l /root/ldap.ldif
The first database does not allow slapcat; using the first available one (2)

After this, you’ll have a file ldap.ldif in your /home directory which contains all the information about your users.Copy this file to mail.xyz.com server before making any changes.

b. Modify domain names

You should modify domain and host names in LDIF, otherwise Zimbra won’t work.

$sed ‘s/dmz.domain.local/dr.domain.local/g’ ldap.ldif > ldap.ldif.mail

Note that it might become more complex that this because of the way Zimbra stores aliases into LDAP. For example,there is a separate tree in LDAP, dc=mail,dc=abc,dc=com which won’t be affected by the grep command and you’ll have to either write script to handle this or manually edit the ldif file.
So better if you change all entries manually.

c. Stop the target Zimbra on mail.xyz.com

$ zmcontrol stop

Just in case, check if LDAP is running. If so kill it using the kill command

d. Clean /opt/zimbra/data/ldap/hdb/db directory. DO NOT remove logs and DB_CONFIG file!

e. Import ldif database on mail.xyz.com

$ cd /opt/zimbra
$ ./openldap/sbin/slapadd -F /opt/zimbra/data/ldap/config -l /tmp/ldap.ldif.mail
The first database does not allow slapadd; using the first available one (2)

The warning you see is the only one you should see and I think you can safely ignore it.
f. Get LDAP passwords from source Zimbra(mail.abc.com) using:

$ zmlocalconfig -s ldap_amavis_password ldap_postfix_password ldap_replication_password ldap_root_password zimbra_ldap_password
ldap_amavis_password = password
ldap_postfix_password = password
ldap_replication_password = password
ldap_root_password = password
zimbra_ldap_password = password

All the passwords are same.

g. You should start Zimbra on DR mail server now because otherwise it is not possible to change password. Note that there will be errors but we ignore them:

$ zmcontrol start
Host mail.xyz.com
Starting ldap…Done.
Unable to determine enabled services from ldap.
Unable to determine enabled services. Cache is out of date or doesn’t exist.

h. Now modify all the passwords:

$ zmldappasswd
Updating local config and directory
$ zmldappasswd -l
Updating local config and directory
$ zmldappasswd -p
Updating local config and directory
$ zmldappasswd -a
Updating local config and directory
$ zmldappasswd -r
Updating local config and directory
Updating slapd.conf

i. Now stop and start Zimbra again and it should work normally. Here is how netstat -ltn output should look:

$ netstat -ltn
Active Internet connections Proto Recv-Q Send-Q Local Address tcp 0 0 192.168.1.218:389 tcp 0 0 127.0.0.1:10024 tcp 0 0 127.0.0.1:10025 tcp 0 0 127.0.0.1:7306 tcp 0 0 127.0.0.1:7307 tcp 0 0 0.0.0.0:3310 tcp 0 0 0.0.0.0:465 tcp 0 0 192.168.1.218:53 tcp 0 0 127.0.0.1:53 tcp 0 0 0.0.0.0:25 tcp 0 0 127.0.0.1:953 tcp 0 0 :::7072 tcp 0 0 :::7777 tcp 0 0 :::993 tcp 0 0 :::995 tcp 0 0 :::7780 tcp 0 0 :::5222 tcp 0 0 :::5223 tcp 0 0 :::7335 tcp 0 0 :::110 tcp 0 0 :::143 tcp 0 0 :::80 tcp 0 0 :::7025 tcp 0 0 :::5269 tcp 0 0 :::22 tcp 0 0 ::1:953 tcp 0 0 :::443 tcp 0 0 :::7071 (only servers)
Foreign Address State
0.0.0.0:* LISTEN
0.0.0.0:* LISTEN
0.0.0.0:* LISTEN
0.0.0.0:* LISTEN
0.0.0.0:* LISTEN
0.0.0.0:* LISTEN
0.0.0.0:* LISTEN
0.0.0.0:* LISTEN
0.0.0.0:* LISTEN
0.0.0.0:* LISTEN
0.0.0.0:* LISTEN
:::* LISTEN
:::* LISTEN
:::* LISTEN
:::* LISTEN
:::* LISTEN
:::* LISTEN
:::* LISTEN
:::* LISTEN
:::* LISTEN
:::* LISTEN
:::* LISTEN
:::* LISTEN
:::* LISTEN
:::* LISTEN
:::* LISTEN
:::* LISTEN
:::* LISTEN

Few notes to be aware of:

1. You should be aware that by copying LDAP you also copied SSH keys and possibly other configuration data which you might prefer to be different. For SSH keys use zmsshkeygen.
2. During migration process you probably removed default domain, so you have to log in to administration console using admin@xyz.com username and set default domain to either mail.xyz.com or xyz.com.

After user migration, in order for the mail routing to work properly, you should add to each user an alias of the form username@xyz.com. You can use the following simple script to do that for each user:

#!/bin/bash

USERS=`zmprov -l gaa olddomain`

# First, add new domain
zmprov cd xyz.com

# Then, for each user add new alias
for i in $USERS
do
echo “Processing user $i”
zmprov aaa $i ${i/olddomain/xyz.com}
done

In order to set up routing I suggest you first modify only several users to test the installation, and when it’s proven to work correctly then modify all the users using a simple shell script.

Thanks
Manoj

View Comments »

Posted in Apache, CentOS, Linux, Mail Servers, Sendmail

Tags: Accounts migration Passwords postfix ZCS Zimbra Zimbra migration Zimlets

Backtracking EMAIL Messages

May 10th, 2010

Introduction:-

Tracking email back to its source: Twisted Evil
cause i hate spammers… Evil or Very Mad

Ask most people how they determine who sent them an email message and the response is almost universally, “By the From line.” Unfortunately this symptomatic of the current confusion among internet users as to where particular messages come from and who is spreading spam and viruses. The “From” header is little more than a courtesy to the person receiving the message. People spreading spam and viruses are rarely courteous. In short, if there is any question about where a particular email message came from the safe bet is to assume the “From” header is forged.

So how do you determine where a message actually came from? You have to understand how email messages are put together in order to backtrack an email message. SMTP is a text based protocol for transferring messages across the internet. A series of headers are placed in front of the data portion of the message. By examining the headers you can usually backtrack a message to the source network, sometimes the source host. A more detailed essay on reading email headers can be found .

If you are using Outlook or Outlook Express you can view the headers by right clicking on the message and selecting properties or options.

Below are listed the headers of an actual spam message I received. I’ve changed my email address and the name of my server for obvious reasons. I’ve also double spaced the headers to make them more readable.

Return-Path: <s359dyxtt@yahoo.com>

X-Original-To: davar@example.com

Delivered-To: davar@example.com

Received: from 12-218-172-108.client.mchsi.com (12-218-172-108.client.mchsi.com [12.218.172.108])
by mailhost.example.com (Postfix) with SMTP id 1F9B8511C7
for <davar@example.com>; Sun, 16 Nov 2003 09:50:37 -0800 (PST)

Received: from (HELO 0udjou) [193.12.169.0] by 12-218-172-108.client.mchsi.com with ESMTP id <536806-74276>; Sun, 16 Nov 2003 19:42:31 +0200

Message-ID: <n5-l067n7z$46-z$-n@eo2.32574>

From: “Maricela Paulson” <s359dyxtt@yahoo.com>

Reply-To: “Maricela Paulson” <s359dyxtt@yahoo.com>

To: davar@example.com

Subject: STOP-PAYING For Your PAY-PER-VIEW, Movie Channels, Mature Channels…isha

Date: Sun, 16 Nov 2003 19:42:31 +0200

X-Mailer: Internet Mail Service (5.5.2650.21)

X-Priority: 3

MIME-Version: 1.0

Content-Type: multipart/alternative; boundary=”MIMEStream=_0+211404_90873633350646_4032088448″

According to the From header this message is from Maricela Paulson at s359dyxxt@yahoo.com. I could just fire off a message to abuse@yahoo.com, but that would be waste of time. This message didn’t come from yahoo’s email service.

The header most likely to be useful in determining the actual source of an email message is the Received header. According to the top-most Received header this message was received from the host 12-218-172-108.client.mchsi.com with the ip address of 21.218.172.108 by my server mailhost.example.com. An important item to consider is at what point in the chain does the email system become untrusted? I consider anything beyond my own email server to be an unreliable source of information. Because this header was generated by my email server it is reasonable for me to accept it at face value.

The next Received header (which is chronologically the first) shows the remote email server accepting the message from the host 0udjou with the ip 193.12.169.0. Those of you who know anything about IP will realize that that is not a valid host IP address. In addition, any hostname that ends in client.mchsi.com is unlikely to be an authorized email server. This has every sign of being a cracked client system.

Here’s is where we start digging. By default Windows is somewhat lacking in network diagnostic tools; however, you can use the tools at to do your own checking.

davar@nqh9k:[/home/davar] $whois 12.218.172.108

AT&T WorldNet Services ATT (NET-12-0-0-0-1)
12.0.0.0 – 12.255.255.255
Mediacom Communications Corp MEDIACOMCC-12-218-168-0-FLANDREAU-MN (NET-12-218-168-0-1)
12.218.168.0 – 12.218.175.255

# ARIN WHOIS database, last updated 2003-12-31 19:15
# Enter ? for additional hints on searching ARIN’s WHOIS database.

I can also verify the hostname of the remote server by using nslookup, although in this particular instance, my email server has already provided both the IP address and the hostname.

davar@nqh9k:[/home/davar] $nslookup 12.218.172.108

Server: localhost
Address: 127.0.0.1

Name: 12-218-172-108.client.mchsi.com
Address: 12.218.172.108

Ok, whois shows that Mediacom Communications owns that netblock and nslookup confirms the address to hostname mapping of the remote server,12-218-172-108.client.mchsi.com. If I preface a www in front of the domain name portion and plug that into my web browser, http://www.mchsi.com, I get Mediacom’s web site.

There are few things more embarrassing to me than firing off an angry message to someone who is supposedly responsible for a problem, and being wrong. By double checking who owns the remote host’s IP address using two different tools (whois and nslookup) I minimize the chance of making myself look like an idiot.

A quick glance at the web site and it appears they are an ISP. Now if I copy the entire message including the headers into a new email message and send it to abuse@mchsi.com with a short message explaining the situation, they may do something about it.

But what about Maricela Paulson? There really is no way to determine who sent a message, the best you can hope for is to find out what host sent it. Even in the case of a PGP signed messages there is no guarantee that one particular person actually pressed the send button. Obviously determining who the actual sender of an email message is much more involved than reading the From header. Hopefully this example may be of some use to other forum regulars.

Thanks
Manoj Chauhan

View Comments »

Posted in CentOS, Linux, Mail Servers, Security, Sendmail

Tags: Backtracking EMAIL Messages determine who sent them an email messag Tracking email back to its source

Running multiple sendmail instances on same server

February 21st, 2010

Situation:

We want to separate core mail from “higher-risk” mail (i.e. mail sent from application servers in a DMZ) on our sendmail servers. In the event that one of our DMZ servers for which we relay mail is compromised, we do not want our mail server placed on a DNS blacklist. Therefore, we will have separate IP addresses for core mail and “higher-risk” mail. In this example, the system has only one physical network interface, so we will create and enable a virtual interface for “higher-risk” mail.

To setup multiple instances we need to have multiple IP address. We can add the multiple IPs in the linux server by using multiple network cards or by creating network card aliases. Network Aliases can be created by using the following way

1. Copy ifcfg-eth0 to ifcfg-eth0:0 (cp ifcfg-eth0 ifcfg-eth0:0)
2. Modify ifcfg-eth0:0 accordingly and assign new IP address. We can modify to ifcfg-eth0:0 same as below

# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth0:0
BOOTPROTO=static
BROADCAST=172.16.31.255
IPADDR=172.16.23.168
GATEWAY=172.16.16.1
NETMASK=255.255.240.0
NETWORK=172.16.16.0
ONBOOT=yes

3. Then up the newly created the network aliases, we can up it by using this command
# ifup ifcfg-eth0:0
4. To down the network aliases use this command #ifdown ifcfg-eth0:0
5. To verify newly created network aliases we can use the following command
# /sbin/ifconfig

By default, the sendmail mail submission agent (MSA, used to submit mail on the local system to an MTA) attempts to connect to an MTA on the localhost (127.0.0.1) interface. The second line above binds the primary sendmail instance to the localhost interface in addition to its IP address. The MSA configuration file, submit.mc, could have instead been modified to use the MTA on the primary interface or the virtual interface.

1. create copy of main sendmail.mc file to new file mx2snalert.cf
2. Modify mx2snalert.mc accordingly and add the following line in the mx2snalert.mc

define(`QUEUE_DIR’,`/var/spool/mqueue/mx2snalert/q*’)dnl
define(`confPID_FILE’,`/var/run/sendmail_mx2snalert.pid’)dnl
define(`confDOMAIN_NAME’,`mx2.snalert.net’)dnl
CLIENT_OPTIONS(`Addr=172.16.23.168′)dnl
DAEMON_OPTIONS(`Addr=172.16.23.168′)dnl

3. Save the mx2snalert.mc after modification
4. Create mx2snalert.cf file by using mx2snalert.mc. We can convert the mx2snalert.mc to mx2snalert.cf file by using the following command

#m4 /etc/mail/mx2snalert.mc > /etc/mail/mx2snalert.cf

5. Before starting the new instance we need to create the individual queue for individual instance.
6. We can create the individual queue by using the following commands
#mkdir /var/spool/mqueue/mx2snalert/
# mkdir /var/spool/mqueue/mx2snalert/q{1,2,3,4,5,6,7,8}
# Change the ownership of mqueue folder.
#chown -R root:mail /var/spool/mqueue/
Also change the permission of the queue folder i.e. mqueue
#chmod –R 777 /var/spool/mqueue/

7. Reread the configuration file of the main sendmail instance.
# kill -HUP `head -1 /var/run/sendmail.pid`
8. Start the second sendmail instance.
# sendmail -L mx2snalert -C /etc/mail/ mx2snalert.cf -bd -q30m
9. We can check the status of the newly created instances by using following command

# netstat -an | grep 25
tcp 0 0 172.16.23.170:25    0.0.0.0:* LISTEN
tcp 0 0 172.16.23.169:25    0.0.0.0:* LISTEN
tcp 0 0 172.16.23.168:25    0.0.0.0:* LISTEN
tcp 0 0 172.16.23.167:25    0.0.0.0:* LISTEN

10. Now we can test new instance by sending test mail, we can send the mail by using telnet command

telnet 172.16.23.168 25
helo companydomain.net
mail from: adp@domain.com
rcpt to: mchauhan@onaxer.com
data
subject: Testing
message body
. (Enter dot to terminate the message body)

11. We can create multiple sendmail instances by using the above steps.

Thanks
Manoj Chauhan

View Comments »

Posted in CentOS, Linux, Mail Servers, Sendmail

Tags: multiple sendmail instances Running multiple sendmail instances

How to enable Sendmail Multiple Queues

February 21st, 2010

Sendmail will use by default a single mail queue. This is what most users will need, and if you don’t have any special requirement you will not care about this. Still for high traffic mail servers it might be useful to split the queue over several directories, as thousands of files in a single directory will become a performance penalty at some point and also processing the queue sequentially will become very slow. This post will show how we can implement multiple mail queues with modern sendmail versions.

Let’s start by assuming we want to use 8 mail queues. First thing is to create the actual directories as sendmail will not do this by default:
mkdir /var/spool/mqueue/q{1,2,3,4,5,6,7,8}

And fix the permissions to the ones of the original folder /var/spool/mqueue. For ex. this might look like:
chown -R smmta:smmsp /var/spool/mqueue/q*

using a default sendmail install running on debian. Fix the users to the specific ones found on your system (ls -al /var/spool/mqueue if you are uncertain of this).
Next, we need to enable the multiple queues in the sendmail configuration. For this we will edit sendmail.mc (normally found under /etc/mail) and append one line:

define(`QUEUE_DIR’, `/var/spool/mqueue/q*’)dnl

and now regenerate sendmail.cf; this is done normally running:
m4 sendmail.mc > /etc/mail/sendmail.cf

(fix your paths appropriately), or if you are using debian sendmail you can just run make all in /etc/mail.
After restarting sendmail, it will start using the multiple queues we defined. Running mailq will output each of the queues:
mailq
/var/spool/mqueue/q6 is empty
/var/spool/mqueue/q4 is empty
/var/spool/mqueue/q3 is empty
/var/spool/mqueue/q2 is empty
/var/spool/mqueue/q5 is empty
/var/spool/mqueue/q1 is empty
/var/spool/mqueue/q7 is empty
/var/spool/mqueue/q8 is empty
Total requests: 0

Thanks
Manoj Chauhan

View Comments »

Posted in CentOS, Linux, Mail Servers, Sendmail

Tags: Create Sendmail Multiple Queues enable Sendmail Multiple Queues Sendmail Multiple Queues