Professional Documents
Culture Documents
h!!=:''"""*linuxhomene!"orking*com'"iki'in$ex*=h='QuickFH***
Con!en!s
1 #n!ro$uc!ion 2 %e&ian ' (&un!u %ifferences ) Configuring Sen$mail )*1 Ho" Sen$mail Works )*1*1 #ncoming Mail )*1*2 Ou!going Mail )*1*) Sen$mail Macros )*2 #ns!alling Sen$mail )*) Managing !he sen$mail Server )*+ Ho" To ,es!ar! Sen$mail -f!er .$i!ing /our Configura!ion Files )*0 The 'e!c'mail'sen$mail*mc File )*0*1 Ho" !o 1u! Commen!s in sen$mal*mc )*2 Configuring % S for sen$mail )*2*1 Configure /our Mail Server3s ame #n % S )*2*2 Configure The 'e!c'resolv*conf File )*2*) The 'e!c'hos!s File )*4 Ho" To Configure Linux Sen$mail Clien!s )*5 Conver!ing From a Mail Clien! !o a Mail Server )*5*1 - 6eneral 6ui$e To (sing The sen$mail*mc File )*5*2 The 'e!c'mail'rela78$omains File )*9 The 'e!c'mail'access File )*9*1 The 'e!c'mail'local8hos!8names File )*1: Which (ser Shoul$ ,eall7 ,eceive The Mail; )*1:*1 The 'e!c'mail'vir!user!a&le file )*1:*2 The 'e!c'aliases File )*11 Sen$mail Mas<uera$ing .x=laine$ )*11*1 Configuring mas<uera$ing )*11*2 Tes!ing Mas<uera$ing )*11*) O!her Mas<uera$ing o!es )*12 (sing Sen$mail !o Change !he Sen$er3s .mail -$$ress )*1) Trou&leshoo!ing Sen$mail )*1)*1 Tes!ing TC1 connec!ivi!7 )*1)*2 Fur!her Tes!ing of TC1 connec!ivi!7 )*1)*) The 'var'log'maillog File )*1)*+ Common .rrors %ue To #ncom=le!e ,1M #ns!alla!ion )*1)*0 #ncorrec!l7 Configure$ 'e!c'hos!s Files + Figh!ing S1-M +*1 (sing 1u&lic S1-M >lacklis!s Wi!h Sen$mail +*2 S=amassassin +*2*1 %o"nloa$ing -n$ #ns!alling S=amassassin +*2*2 Managing !he s=amassassin Server +*2*) Configuring =rocmail for s=amassassin +*2*+ Configuring S=amassassin +*2*0 Tes!ing s=amassassin +*2*2 Tuning s=amassassin +*2*4 (=$a!ing S=amassassin?s >uil!8in ,ules +*) (sing 6re7lis!ing +*)*1 %o"nloa$ing an$ #ns!alling mil!er8gre7lis! +*)*2 Configuring mil!er8gre7lis! +*)*) Configuring mil!er8gre7lis! +*+ - Sim=le 1.,L Scri=! To Hel= S!o= S1-M 0 Configuring /our %oveco! 1O1 ' #M-1 Mail Server 0*1 #ns!alling %oveco! 0*2 S!ar!ing %oveco! 0*) %oveco! Configura!ion Files 0*+ Choice of 1ro!ocols 0*+*1 @ersion 1*x 0*+*2 @ersion 2*x an$ e"er 0*0 @erifi7ing Whe!her %oveco! is Lis!ening 0*2 Configuring SSL Cer!ifica!es for 1O1)S an$ #M-1S 0*2*1 Configuring SSL Cer!ifica!es for 1O1)S an$ #M-1S 0*4 %oveco! Mail&oxes 0*4*1 Configuring %oveco! for m&ox
Linux DMin!E can3! access Fe$ora Server DLinux LH Linux Forums 8 La!es! Threa$s #n!ro$uc!ion !o e!"orking Linux e!"orking Sim=le e!"ork Trou&leshoo!ing Trou&leshoo!ing Linux "i!h S7slog #ns!alling Linux Sof!"are The Linux >oo! 1rocess Configuring !he %HC1 Server Linux (sers an$ su$o Win$o"sA Linux an$ Sam&a Sharing ,esources "i!h Sam&a Sam&a Securi!7 an$ Trou&leshoo!ing Linux Wireless e!"orking Linux Fire"alls (sing i=!a&les Linux FT1 Server Se!u= Telne!A TFT1 an$ xine!$ Secure ,emo!e Logins an$ File Co=7ing Configuring % S %7namic % S The -=ache We& Server Configuring Linux Mail Servers Moni!oring Server 1erformance -$vance$ M,T6 For Linux The T1 Server e!"ork8>ase$ Linux #ns!alla!ion Linux Sof!"are ,-#% .x=an$ing %isk Ca=aci!7 Managing %isk (sage "i!h Quo!as ,emo!e %isk -ccess "i!h FS Configuring #S Cen!raliBe$ Logins (sing L%-1 an$ ,-%#(S Con!rolling We& -ccess "i!h S<ui$ Mo$if7ing !he Cernel !o #m=rove 1erformance >asic M7SQL Configura!ion O!her Linux Home e!"orking To=ics
1 of 10
15':+'2:1+ 0:14 1M
h!!=:''"""*linuxhomene!"orking*com'"iki'in$ex*=h='QuickFH***
0*4*2 Configuring %oveco! for mail$ir 0*5 Configuring /our Mail Clien!s 0*9 Ho" !o han$le overla==ing email a$$resses* 0*1: Trou&leshoo!ing %oveco! Mail 0*1:*1 -l"a7s S!ar! "i!h Logging 2 Conclusion
8 Har$"areA e!"orking O Securi!7E # have a fresh LinuxMin! D(&un!u varian!E ins!all on m7 la=!o=A an$ nee$ !o access !he music files on m7 @or!ex&ox a==liance running Fe$ora* # can*** 1ro&lem "i!h Cisco .HW#C8+.S6 D6eneral Cha!E Pus! "on$ering if !he .HW#C8+.S6 D(,L &e use$ in a Cisco 5:: rou!er*# "an! !o a$$ a! leas! one*** (&un!u 12*:+ LTS Se!!ing (= e!"ork
#n!ro$uc!ion
.mail is an im=or!an! =ar! of an7 We& si!e 7ou crea!e* #n a home environmen!A a free "e& &ase$ email service ma7 &e sufficien!A &u! if 7ou are running a &usinessA !hen a $e$ica!e$ mail server "ill =ro&a&l7 &e re<uire$* This cha=!er "ill sho" 7ou ho" !o use sen$mail !o crea!e a mail server !ha! "ill rela7 7our mail !o a remo!e user3s mail&ox or incoming mail !o a local mail &ox* /ou3ll also learn ho" !o re!rieve an$ sen$ mail via 7our mail server using a "i!h mail clien! such as Ou!look .x=ress or .volu!ion*
&e!"een K='4 an$ (&un!u 12*:+LTS DLinux 8 Har$"areA e!"orking O Securi!7E i am a -&solu!e e"&ie a! Linux i "oul$ like !o have i! "here !he "in$o"s com=u!ers see an$ !ransfer files "i!h !he linux &ox an$ see an$ !ransfer*** Cisco Ca!al7s! 292:K .!herne! S"i!ch D6eneral Cha!E G# "an! !o &u7 Ca!al7s! 292:8K series s"i!ches like WS8C292:K82+1S8LAWS8C292:K8 2+1%8LA &u7 #3m no! ver7 "ell kno" a&ou! c292:x series* Can someone*** Linux v=n clien! DLinux 8 Sof!"areA -==lica!ions O 1rogrammingE Our com=an7 has one v=n serverAi! is C#SCO29:1'C9 rou!er* We can conn!ec! i! "i!h cisco v=n !ools in "in$o"s machine*>u! a&ou! linux clien!A "e have*** orihan Tali& HereQ D6eneral Cha!E Hello .ver7one m7 name is orihan Tali& i Roine$ !his forum !o make ne" connec!ions on frien$s see 7ou all on !he &oar$s 1eni=u %r* O&ai$ >usi! Legal Consul!an!sQ ne" mem&er =os!** D6eneral Cha!E Hello !o all forum mem&ers**** # am %r* O&ai$ >usi! ne" mem&er hereQ Ho=e ever7one is fine an$ enRo7 &eing hereQ ,egar$s %r* O&ai$ >usi! hani $al<amouni hereQ D6eneral Cha!E hello ever7&o$7Q i am hani $al<amouni*** i am ne" !o !his forum ann$ i am ha==7 !o Roin here !o mee! ne" frien$s an$ !o sahre in!eres!s "i!h 7ou*** >es! "a7 !o kno" Cisco Ca!al7s! 2+81or! e!"ork S"i!ch WS8C292:82+TC8L DLinux 8 Har$"areA e!"orking O Securi!7E Cisco 292:8S s"i!ches are !he lea$ing fixe$8 configura!ion La7er 2 e$ge access s"i!ches an$ 292:8S mos! =or!s are 6.*The Ca!al7s! 292:8S Series*** hello**,o&er! %i$iana here** D6eneral Cha!E iam gla$ !o &e a =ar! of !his forum i! seems like a =re!!7 cool communi!7 !ha! is ran here an$ # can !ell !here3s goo$ a$minis!ra!ion Rus! &7*** Pack ,afael 6oro$eBk7 Mirsk7 ne"&ie hereQ D6eneral Cha!E M7 name is Pack ,afael 6oro$eBk7 as 7ou can see i am a ne" mem&er of !he forum* # am in!eres!e$ !o mee! ne" like
Here is an exam=le of ho" !o !em=oraril7 &ecome roo! !o run a s=ecific comman$* The firs! a!!em=! !o ge! a $irec!or7 lis!ing fails $ue !o insufficien! =rivileges* The secon$ a!!em=! succee$s "hen !he su$o ke7"or$ is inser!e$ &efore !he comman$*
user@ubuntu:~$ ls -l /var/lib/mysql/mysql ls: cannot access /var/lib/mysql/mysql: Permission denied user@ubuntu:~$ sudo ls -l /var/lib/mysql/mysql [sudo] password for peter: total 964 -rw-rw---- 1 mysql mysql 8820 2010-12-19 23:09 columns_priv.frm -rw-rw---- 1 mysql mysql 0 2010-12-19 23:09 columns_priv.MYD -rw-rw---- 1 mysql mysql 4096 2010-12-19 23:09 columns_priv.MYI -rw-rw---- 1 mysql mysql 9582 2010-12-19 23:09 db.frm ... ... ... user@ubuntu:~$
o" !ha! 7ou have go! !his s!raigh!A le!?s con!inue "i!h !he $iscussion*
Configuring Sen$mail
One of !he !asks in se!!ing u= % S for 7our $omain Dm78si!e*comE is !o use !he MK recor$ in !he configura!ion Bone file !o s!a!e !he hos!name of !he server !ha! "ill han$le !he mail for !he $omain* The mos! =o=ular (nix mail !rans=or! agen! is sen$mailA &u! o!hersA such as =os!fix an$ <mailA are also gaining =o=ulari!7 "i!h Linux* The s!e=s use$ !o conver! a Linux &ox in!o a sen$mail mail server "ill &e ex=laine$ here*
#ncoming Mail
(suall7 each user in 7our home has a regular Linux accoun! on 7our mail server* Mail sen! !o each of !hese users DusernameLm78si!e*comE even!uall7 arrives a! 7our mail server an$ sen$mail !hen =rocesses i! an$ $e=osi!s i! in !he mail&ox file of !he user3s Linux accoun!* Mail isn3! ac!uall7 sen! $irec!l7 !o !he user3s 1C* (sers re!rieve !heir mail from !he mail server using clien! sof!"areA such as Microsof!3s Ou!look or Ou!look .x=ressA !ha! su==or!s ei!her !he 1O1 or #M-1 mail re!rieval =ro!ocols* Linux users logge$ in!o !he mail server can rea$ !heir mail $irec!l7 using a !ex!8&ase$ clien!A such as mailA or a 6(# clien!A such as .volu!ion* Linux "orks!a!ion users can use !he same =rograms !o access !heir mail remo!el7*
Ou!going Mail
The =rocess is $ifferen! "hen sen$ing mail via !he mail server* 1C an$ Linux "orks!a!ion users configure !heir e8mail sof!"are !o make !he mail server !heir ou!&oun$ SMT1 mail server* #f !he mail is $es!ine$ for a local user in !he m7si!e*com $omainA !hen sen$mail =laces !he message in !ha! =erson3s mail&ox so !ha! !he7 can re!rieve i! using one of !he me!ho$s a&ove* #f !he mail is &eing sen! !o ano!her $omainA sen$mail firs! uses % S !o ge! !he MK recor$ for !he o!her $omain* #! !hen a!!em=!s !o rela7 !he mail !o !he a==ro=ria!e $es!ina!ion mail server using !he Sim=le Mail Trans=or! 1ro!ocol DSMT1E* One of !he main a$van!ages of mail rela7ing is !ha! "hen a 1C user - sen$s mail !o user > on !he #n!erne!A !he 1C of user - can $elega!e !he SMT1 =rocessing !o !he mail server* o!e: #f mail rela7ing is no! configure$ =ro=erl7A !hen 7our mail server coul$ &e comman$eere$ !o rela7 s=am* Sim=le sen$mail securi!7 "ill &e covere$ la!er*
Sen$mail Macros
When mail =asses !hrough a sen$mail server !he mail rou!ing informa!ion in i!s hea$er is anal7Be$A an$ some!imes mo$ifie$A accor$ing !o !he $esires of !he s7s!ems a$minis!ra!or* (sing a series of highl7 com=lica!e$ regular ex=ressions lis!e$ in !he 'e!c'mail'sen$mail*cf fileA sen$mail ins=ec!s !his hea$er an$ !hen ac!s accor$ingl7* #n recogni!ion of !he com=lexi!7 of !he 'e!c'mail'sen$mail*cf fileA a much sim=ler file name$ 'e!c'sen$mail*mc "as crea!e$A an$ i! con!ains more un$ers!an$a&le ins!ruc!ions for s7s!ems a$minis!ra!ors !o use* These are !hen in!er=re!e$ &7 a num&er of macro rou!ines !o crea!e !he sen$mail*cf file* -f!er e$i!ing sen$mail*mcA 7ou mus! al"a7s run !he macros an$ res!ar! sen$mail for !he changes !o !ake effec!* .ach sen$mail*mc $irec!ive s!ar!s "i!h a ke7"or$A such as %OM-# A F.-T(,.A or OST/1.A follo"e$ &7 a su&$irec!ive an$ in some cases argumen!s* - !7=ical exam=le is* -s s!a!e$ &eforeA sen$mail can han$le &o!h incoming an$ ou!going mail for 7our $omain* Take a closer look*
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
The ke7"or$s usuall7 $efine a su&$irec!or7 of 'usr'share'sen$mail8cf in "hich !he macro ma7 &e foun$ an$ !he su&$irec!ive is usuall7 !he name of !he macro file i!self* So in !he exam=leA !he macro name is 'usr'share'sen$mail8cf'fea!ure'vir!user!a&le*m+A an$ !he ins!ruc!ion MN hash 8o 'e!c'mail'vir!user!a&le*$&3 is &eing =asse$ !o i!* o!ice !ha! sen$mail is sensi!ive !o !he <uo!a!ion marks use$ in !he m+ macro $irec!ives* The7 o=en "i!h a grave mark an$ en$ "i!h a single <uo!e*
FEATURE(`masquerade_envelope')dnl
2 of 10
15':+'2:1+ 0:14 1M
h!!=:''"""*linuxhomene!"orking*com'"iki'in$ex*=h='QuickFH***
Some ke7"or$sA such as $efine for !he $efini!ion of cer!ain sen$mail varia&les an$ M-SQ(.,-%.F%OM-# A have no corres=on$ing $irec!ories "i!h ma!ching macro files* The macros in !he 'usr'share'sen$mail8cf'm+ $irec!or7 $eal "i!h !hese* Once 7ou finish e$i!ing !he sen$mail*mc fileA 7ou can !hen execu!e !he make comman$ "hile in !he 'e!c'mail $irec!or7 !o regenera!e !he ne" sen$mail*cf file*
[root@bigboy tmp]# cd /etc/mail [root@bigboy mail]# make
#f !here have &een no changes !o !he files in 'e!c'mail since !he las! !ime make "as runA !hen 7ou3ll ge! an error like !his:
[root@bigboy mail]# make make: Nothing to be done for `all'. [root@bigboy mail]#
The make comman$ ac!uall7 genera!es !he sen$mail*cf file using !he m+ comman$* The m+ usage is sim=leA 7ou Rus! s=ecif7 !he name of !he macro file as !he argumen!A in !his case sen$mail*mcA an$ re$irec! !he ou!=u!A "hich "oul$ normall7 go !o !he screenA !o !he sen$mail*cf file "i!h !he GJG re$irec!or s7m&ol*
[root@bigboy tmp]# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
#3ll $iscuss man7 of !he fea!ures of !he sen$mail*mc file la!er in !he cha=!er*
#ns!alling Sen$mail
Mos! ,e$Ha! an$ Fe$ora Linux sof!"are =ro$uc! =ackages are availa&le in !he ,1M forma!A "hereas %e&ian an$ (&un!u Linux use %.> forma! ins!alla!ion files* When searching for !hese =ackages remem&er !ha! !he filename usuall7 s!ar!s "i!h !he sof!"are =ackage name an$ is follo"e$ &7 a version num&erA as in sen$mail85*12*1:81*1*1*i)52*r=m* DFor hel= on $o"nloa$ing an$ ins!alling !he re<uire$ =ackagesA see Cha=!er 2A #ns!alling Linux Sof!"areE* o!e: /ou "ill nee$ !o make sure !ha! !he sen$mailA sen$mail8cfA an$ m+ =ackages are ins!alle$*
#! firs! runs !he make comman$A "hich crea!es a ne" sen$mail*cf file from !he sen$mail*mc file an$ com=iles su==or!ing configura!ion files in !he 'e!c'mail $irec!or7 accor$ing !o !he ins!ruc!ions in !he file 'e!c'mail'Makefile* #! !hen genera!es ne" e8mail aliases "i!h !he ne"aliases comman$A D!his "ill &e covere$ la!erEA an$ !hen res!ar!s sen$mail* The scri=! also res!ar!s s=amassassinA a =ackage !ha! "ill &e $iscusse$ la!er* (se !his comman$ !o make !he scri=! execu!a&le*
[root@bigboy tmp]# chmod 700 /usr/local/bin/activate-sendmail.sh
/ou3ll nee$ !o run !he scri=! each !ime 7ou change an7 of !he sen$mail configura!ion files $escri&e$ in !he sec!ions !o follo"*
[root@bigboy tmp]# /usr/local/bin/activate-sendmail.sh
#n a =ro$uc!ion s7s!em 7ou ma7 "an! !o &e more selec!ive an$ onl7 res!ar! !he s=ecific a==lica!ions on "hich 7ou are "orking* # inclu$e$ all of !hem in !he scri=! so 7ou $on3! forge!*
o!e: ,emem&er !o run !he ac!iva!e8sen$mail*sh scri=! !o ac!iva!e an7 configura!ion changes*
) of 10
15':+'2:1+ 0:14 1M
h!!=:''"""*linuxhomene!"orking*com'"iki'in$ex*=h='QuickFH***
,emem&er !ha! 7ou "ill never receive mail unless 7ou have configure$ % S for 7our $omain !o make 7our ne" Linux &ox mail server !he !arge! of !he % S $omain3s MK recor$* See ei!her Cha=!er 15A GConfiguring % SGA or Cha=!er 19A G%7namic % SGA for $e!ails on ho" !o $o !his*
/ou "ill nee$ !o fix 7our % S server3s en!ries if !he resolu!ion isn3! correc!*
-n incorrec!l7 configure$ resolv*conf file can lea$ !o errors "hen running !he m+ comman$ !o =rocess !he informa!ion in 7our sen$mail*mc file*
WARNING: local host name (smallfry) is not qualified; fix $j in config file
The en!r7 for 124*:*:*1 mus! al"a7s &e follo"e$ &7 !he full7 <ualifie$ $omain name DFQ% E of !he server* #n !he case a&ove i! "oul$ &e &ig&o7*m78si!e*com* Then 7ou mus! have an en!r7 for localhos! an$ localhos!*local$omain* Linux $oes no! func!ion =ro=erl7 if !he 124*:*:*1 en!r7 in 'e!c'hos!s $oesn3! also inclu$e localhos! an$ localhos!*local$omain* Finall7 7ou can a$$ an7 o!her aliases 7our hos! ma7 have !o !he en$ of !he line*
#f 7ou $on3! have a mail server on 7our ne!"orkA 7ou can ei!her crea!e oneA or use !he one offere$ &7 7our #S1* Once !his is $oneA 7ou nee$ !o =rocess !he sen$mail*mc file an$ res!ar! sen$mail* To $o !hisA run !he res!ar!ing scri=! "e from earlier in !he cha=!er* #f !he sen$mail server is a Linux serverA !hen !he 'e!c'hos!s file "ill also have !o &e correc!l7 configure$ !oo* o!e: ,emem&er !o run !he ac!iva!e8sen$mail*sh scri=! sho"n a! !he &eginning of !he cha=!er !o ac!iva!e an7 configura!ion changes*
2E .$i! sen$mail*mc !o make sen$mail lis!en on all in!erfaces* #f sen$mail is lis!ening on !he loo=&ack in!erface onl7A 7ou shoul$ commen! ou! !he $aemonFo=!ions line in !he 'e!c'mail 'sen$mail*mc file "i!h $nl s!a!emen!s* #! is also goo$ =rac!ice !o !ake =recau!ions agains! s=am &7 no! acce=!ing mail from $omains !ha! $on3! exis! &7 commen!ing ou! !he acce=!Funresolva&leF$omains fea!ure !oo* See !he four!h an$ nex! !o las! lines in !he exam=le*
dnl dnl dnl dnl dnl dnl dnl ... ... ... dnl dnl dnl dnl dnl dnl dnl dnl
This changes sendmail to only listen on the loopback device 127.0.0.1 and not on any other network devices. Comment this out if you want to accept email over the network. DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')
We strongly recommend to comment this one out if you want to protect yourself from spam. However, the laptop and users on computers that do not have 24x7 DNS do need this. FEATURE(`accept_unresolvable_domains')dnl FEATURE(`relay_based_on_MX')dnl
o!e: /ou nee$ !o &e careful "i!h !he acce=!Funresolva&leFnames fea!ure* #n !he sam=le ne!"orkA &ig&o7 !he mail server $oes no! acce=! e8mail rela7e$ from an7 of !he o!her 1Cs on 7our ne!"ork if !he7 are no! in % S* Cha=!er 15A GConfiguring % SGA sho"s ho" !o crea!e 7our o"n in!ernal $omain Rus! for !his =ur=ose* o!e: #f 7our server has mul!i=le #Cs an$ 7ou "an! i! !o lis!en !o one of !hemA !hen 7ou can uncommen! !he localhos! %-.MO FO1T#O S en!r7 an$ a$$ ano!her one for !he #1 a$$ress of !he #C on "hich !o "ish !o acce=! SMT1 !raffic* )E Commen! ou! !he SM-,TFHOST .n!r7 in sen$mal*mc* The mail server $oesn3! nee$ a SM-,TFHOST en!r7 in i!s sen$mail*mc file* Commen! !his ou! "i!h a $nl a! !he &eginning*
dnl define(`SMART_HOST',`mail.my-site.com')
+E ,egenera!e !he sen$mail*cf fileA an$ res!ar! sen$mail* -gainA 7ou can $o !his "i!h !he ac!iva!e8sen$mail*sh scri=! from !he &eginning of !he cha=!er* 0E Make sure sen$mail is lis!ening on all in!erfaces D:*:*:*:E*
[root@bigboy tmp]# netstat -an | grep :25 | grep tcp tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN [root@bigboy tmp]#
/ou have no" com=le!e$ !he firs! =hase of conver!ing 7our Linux server in!o a sen$mail server &7 ena&ling i! !o lis!en !o SMT1 !raffic on i!s in!erfaces* The follo"ing sec!ions "ill sho" 7ou
+ of 10
15':+'2:1+ 0:14 1M
h!!=:''"""*linuxhomene!"orking*com'"iki'in$ex*=h='QuickFH***
One $isa$van!age of !his file is !ha! con!rols mail &ase$ on !he source $omain onl7A an$ source $omains can &e s=oofe$ &7 s=am e8mail servers* The 'e!c'mail'access file has more ca=a&ili!iesA such as res!ric!ing rela7ing &7 #1 a$$ress or ne!"ork range an$ is more commonl7 use$* #f 7ou $ele!e 'e!c'mail'rela78$omainsA !hen rela7 access is full7 $e!ermine$ &7 !he 'e!c'mail'access file* o!e: >e sure !o run ac!iva!e8sen$mail*sh scri=! from !he &eginning of !he cha=!er for !hese changes !o !ake effec!*
o!e: /ou3ll no" have !o conver! !his !ex! file in!o a sen$mail rea$a&le $a!a&ase file name$ 'e!c'mail'access*$&* The ac!iva!e8sen$mail*sh scri=! "e configure$ a! !he &eginning of !he cha=!er $oes !his for 7ou !oo* ,emem&er !ha! !he rela7 securi!7 fea!ures of !his file ma7 no! "ork if 7ou $on3! have a correc!l7 configure$ 'e!c'hos!s file*
#n !his caseA remem&er !o mo$if7 !he MK recor$ of !he ano!her8si!e*com % S Bonefile =oin! !o m78si!e*com* Here is an exam=le D,emem&er each G*G is im=or!an!E:
; Primary Mail Exchanger for another-site.com another-site.com. MX 10 mail.my-site.com.
o!e: >e sure !o run !he ac!iva!e8sen$mail*sh scri=! from !he &eginning of !he cha=!er for !hese changes !o !ake effec!*
#n !his exam=leA mail sen! !o: "e&mas!erLano!her8si!e*com "ill go !o local user Dor mailing lis!E "e&mas!ersA all o!her mail !o ano!her8si!e*com "ill go !o local user marc* sales a! m78si!e*com "ill go !o !he sales $e=ar!men! a! m78o!hersi!e*com* =aul an$ finance a! m78si!e*com goes !o local user Dor mailing lis!E =aul -ll o!her users a! m78si!e*com receive a &ounce &ack message s!a!ing G(ser unkno"nG*
0 of 10
15':+'2:1+ 0:14 1M
h!!=:''"""*linuxhomene!"orking*com'"iki'in$ex*=h='QuickFH***
o!ice !ha! !here are no s=aces &e!"een !he mailing lis! en!ries for roo!: /ou "ill ge! errors if 7ou a$$ s=aces* o!e: The $efaul! 'e!c'aliases file ins!alle$ "i!h ,e$Ha! ' Fe$ora has !he las! line of !his sam=le commen!e$ ou! "i!h a SA 7ou ma7 "an! !o $ele!e !he commen! an$ change user marc !o ano!her user* -lso af!er e$i!ing !his fileA 7ou3ll have !o conver! i! in!o a sen$mail rea$a&le $a!a&ase file name$ 'e!c'aliases*$&* Here is !he comman$ !o $o !ha!:
[root@bigboy tmp]# newaliases
#n !his sim=le mailing lis! exam=leA mail sen! !o roo! ac!uall7 goes !o user accoun! marc an$ "e&mas!erLm78si!e*com* >ecause aliases can &e ver7 usefulA here are a fe" more lis! exam=les for 7our 'e!c'aliases file* Mail !o G$irec!orsLm78si!e*comG goes !o users G=e!erGA G=aulG an$ Gmar7G*
# Directors of my SOHO company directors: peter,paul,mary
grandma,brother,sister
Mail sen! !o a$min8lis! ge!s sen! !o all !he users lis!e$ in !he file 'home'mailings'a$min8lis!*
# My mailing list file admin-list: ":include:/home/mailings/admin-list"
The a$van!age of using mailing lis! files is !ha! !he a$min8lis! file can &e a file !ha! !rus!e$ users can e$i!A user roo! is onl7 nee$e$ !o u=$a!e !he aliases file* %es=i!e !hisA !here are some =ro&lems "i!h mail reflec!ors* One is !ha! &ounce messages from faile$ a!!em=!s !o &roa$cas! go !o all users* -no!her is !ha! all su&scri=!ions an$ unsu&scri=!ions have !o &e $one manuall7 &7 !he mailing lis! a$minis!ra!or* #f ei!her of !hese are a =ro&lem for 7ouA !hen consi$er using a mailing lis! managerA such as maRor$omo* One im=or!an! no!e a&ou! !he 'e!c'aliases file: >7 $efaul! 7our s7s!em uses sen$mail !o mail s7s!em messages !o local user roo!* When sen$mail sen$s e8mail !o a local userA !he mail has no To: in !he e8mail hea$er* #f 7ou !hen use a mail clien! "i!h a s=am mail fil!ering rule !o reRec! mail "i!h no To: in !he hea$erA such as Ou!look .x=ress or .volu!ionA 7ou ma7 fin$ 7ourself $um=ing legi!ima!e mail* To ge! aroun$ !hisA !r7 making roo! have an alias for a user "i!h a full7 <ualifie$ $omain nameA !his forces sen$mail !o inser! !he correc! fiel$s in !he hea$erT for exam=le:
# Person who should get root's mail root: webmaster@my-site.com
o!e: >e sure !o run !he ne"aliases comman$ for !hese changes !o !ake effec!*
Configuring mas<uera$ing
#n !he % S configura!ionA 7ou ma$e &ig&o7 !he mail server for !he $omain m78si!e*com* /ou no" have !o !ell &ig&o7 in !he sen$mail configura!ion file sen$mail*mc !ha! all ou!going mail origina!ing on &ig&o7 shoul$ a==ear !o &e coming from m78si!e*comT if no!A &ase$ on our se!!ings in !he 'e!c'hos!s fileA mail "ill a==ear !o come from mail*m78si!e*com* This isn3! !erri&leA &u! 7ou ma7 no! "an! 7our We& si!e !o &e remem&ere$ "i!h !he "or$ GmailG in fron! of i!* #n o!her "or$s 7ou ma7 "an! 7our mail server !o han$le all email &7 assigning a consis!en! re!urn a$$ress !o all ou!going mailA no ma!!er "hich server origina!e$ !he email* /ou can solve !his &7 e$i!ing 7our sen$mail*mc configura!ion file an$ a$$ing some mas<uera$ing comman$s an$ $irec!ives:
FEATURE(always_add_domain)dnl FEATURE(`masquerade_entire_domain')dnl FEATURE(`masquerade_envelope')dnl FEATURE(`allmasquerade')dnl MASQUERADE_AS(`my-site.com')dnl MASQUERADE_DOMAIN(`my-site.com.')dnl MASQUERADE_DOMAIN(localhost)dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl
The resul! is !ha!: The M-SQ(.,-%.F-S $irec!ive makes all mail origina!ing on &ig&o7 a==ear !o come from a server "i!hin !he $omain m78si!e*com &7 re"ri!ing !he email hea$er* The M-SQ(.,-%.F%OM-# $irec!ive makes mail rela7e$ via &ig&o7 from all machines in !he ano!her8si!e*com an$ local$omain $omains a==ear !o come from !he M-SQ(.,-%.F-S $omain of m78si!e*com* (sing % SA sen$mail checks !he $omain name associa!e$ "i!h !he #1 a$$ress of !he mail rela7 clien! sen$ing !he mail !o hel= i! $e!ermine "he!her i! shoul$ $o mas<uera$ing or no!* F.-T(,. mas<uera$eFen!ireF$omain makes sen$mail mas<uera$e servers name$ Um78si!e*comA an$ Uano!her8si!e*com as m78si!e*com* #n o!her "or$sA mail from sales*m78si!e*com "oul$ &e mas<uera$e$ as m78si!e*com* #f !his "asn3! selec!e$A !hen onl7 servers name$ m78si!e*com an$ m78o!hersi!e*com "oul$ &e mas<uera$e$* (se !his "i!h cau!ion "hen 7ou are sure 7ou have !he necessar7 au!hori!7 !o $o !his* F.-T(,. allmas<uera$e makes sen$mail re"ri!e &o!h reci=ien! a$$resses an$ sen$er a$$resses rela!ive !o !he local machine* #f 7ou cc: 7ourself on an ou!going mailA !he o!her
2 of 10
15':+'2:1+ 0:14 1M
h!!=:''"""*linuxhomene!"orking*com'"iki'in$ex*=h='QuickFH***
reci=ien! sees a cc: !o an a$$ress he kno"s ins!ea$ of one on localhos!*local$omain* o!e: (se F.-T(,. allmas<uera$e "i!h cau!ion if 7our mail server han$les email for man7 $ifferen! $omains an$ !he mail&oxes for !he users in !hese $omains resi$e on !he mail server* The allmas<uera$e s!a!emen! causes all mail $es!ine$ for !hese mail&oxes !o a==ear !o &e $es!ine$ for users in !he $omain $efine$ in !he M-SQ(.,-%.F-S s!a!emen!* #n o!her "or$sA if M-SQ(.,-%.F-S is m78si!e*com an$ 7ou use allmas<uera$eA !hen mail for =e!erLano!her8si!e*com en!ers !he correc! mail&ox &u! sen$mail re"ri!es !he To:A making !he e8mail a==ear !o &e sen! !o =e!erLm78s!e*com originall7* F.-T(,. al"a7sFa$$F$omain al"a7s mas<uera$es email a$$ressesA even if !he mail is sen! from a user on !he mail server !o ano!her user on !he same mail server* F.-T(,. mas<uera$eFenvelo=e re"ri!es !he email envelo=e Rus! as M-SQ(.,-%.F-S re"ro!e !he hea$er* Mas<uera$ing is an im=or!an! =ar! of an7 mail server configura!ion as i! ena&les s7s!ems a$minis!ra!ors !o use mul!i=le ou!&oun$ mail serversA each =rovi$ing onl7 !he glo&al $omain name for a com=an7 an$ no! !he full7 <ualifie$ $omain name of !he server i!self* -ll email corres=on$ence !hen has a uniform email a$$ress forma! !ha! com=lies "i!h !he com=an73s &ran$ marke!ing =olicies* o!e: .8mail clien!sA such as Ou!look .x=ressA consi$er !he To: an$ From: s!a!emen!s as !he e8mail hea$er* When 7ou choose ,e=l7 or ,e=l7 -ll in Ou!look .x=ressA !he =rogram au!oma!icall7 uses !he To: an$ From: in !he hea$er* #! is eas7 !o fake !he hea$erA as s=ammers of!en $oT i! is $e!rimen!al !o e8mail $eliver7A ho"everA !o fake !he envelo=e* The e8mail envelo=e con!ains !he To: an$ From: use$ &7 mailservers for =ro!ocol nego!ia!ion* #! is !he envelo=e3s From: !ha! is use$ "hen e8mail reRec!ion messages are sen! &e!"een mail servers* o!e: >e sure !o run !he ac!iva!e8sen$mail*sh scri=! from !he &eginning of !he cha=!er for !hese changes !o !ake effec!*
Tes!ing Mas<uera$ing
The &es! "a7 of !es!ing mas<uera$ing from !he Linux comman$ line is !o use !he Gmail 8v usernameG comman$* # have no!ice$ !ha! Gsen$mail 8v usernameG ignores mas<uera$ing al!oge!her* /ou shoul$ also !ail !he 'var'log'maillog file !o verif7 !ha! !he mas<uera$ing is o=era!ing correc!l7 an$ check !he envelo=e an$ hea$er of !es! email receive$ &7 !es! email accoun!s*
comman$ in 'e!c'mail'sen$mail*mc* /ou can commen! !his ou! if 7ou like "i!h a G$nlG a! !he &eginning of !he line an$ running !he sen$mail s!ar! scri=!*
2E Crea!e a 'e!c'mail'generics8$omains file !ha! is Rus! a lis! of all !he $omains !ha! shoul$ &e ins=ec!e$* Make sure !he file inclu$es 7our server3s canonical $omain nameA "hich 7ou can o&!ain using !he comman$:
sendmail -bt -d0.1 </dev/null
)E Crea!e 7our 'e!c'mail'generics!a&le file* Firs! sen$mail searches !he 'e!c'mail'generics8$omains file for a lis! of $omains !o reverse ma=* #! !hen looks a! !he 'e!c'mail'generics!a&le file for an in$ivi$ual email a$$ress from a ma!ching $omain* The forma! of !he file is
linux-username username@new-domain.com
/our e8mails from linux8username shoul$ no" a==ear !o come from usernameLne"8$omain*com* Here are some o!her exam=les:
alert peter apache security-alert@my-site.com urgent-message@my-site.com mailer@my-site.com
o!e: >e sure !o run !he ac!iva!e8sen$mail*sh scri=! from !he &eginning of !he cha=!er for !hese changes !o !ake effec!*
Trou&leshoo!ing Sen$mail
There are a num&er of "a7s !o !es! sen$mail "hen i! $oesn3! a==ear !o "ork correc!l7* Here are a fe" me!ho$s 7ou can use !o fix some of !he mos! common =ro&lems*
#f !his &asic s!e= failsA 7ou =ro&a&l7 have a connec!ion =ro&lem !ha! coul$ &e !he resul! of !7=ical ne!"ork issues ou!line$ in Cha=!er +A GSim=le e!"ork Trou&leshoo!ingG* ,evie" !his cha=!er if 7ou fin$ 7ourself having =ro&lems rela!e$ !o &asic connec!ivi!7*
4 of 10
15':+'2:1+ 0:14 1M
h!!=:''"""*linuxhomene!"orking*com'"iki'in$ex*=h='QuickFH***
2E (se !he hello comman$ !o !ell !he mail server !he $omain 7ou &elong !o* /ou shoul$ receive a message "i!h a successful s!a!us 20: co$e a! !he &eginning of !he res=onse*
helo another-web-site.org 250 mail.my-site.com Hello c-24-4-97-110.client.comcast.net [24.4.97.110], pleased to meet you.
)E #nform !he mail server from "hich !he !es! message is coming "i!h !he M-#L F,OM: s!a!emen!*
MAIL FROM:sender@another-web-site.org 250 2.1.0 sender@another-web-site.org... Sender ok
+E Tell !he mail server !o "hom !he !es! message is going "i!h !he G ,C1T TO:G s!a!emen!*
RCPT TO: user@my-site.com 250 2.1.5 user@my-site.com... Recipient ok
0E 1re=are !he mail server !o receive $a!a "i!h !he %-T- s!a!emen!
DATA 354 Enter mail, end with "." on a line by itself
2E T7=e !he s!ring Gsu&Rec!:G !hen !7=e a su&Rec!* T7=e in 7our !ex! messageA en$ing i! "i!h a single =erio$ on !he las! line* For exam=le*
Subject: Test Message Testing sendmail interactively . 250 2.0.0 iA75r9si017840 Message accepted for delivery
o" verif7 !ha! !he in!en$e$ reci=ien! receive$ !he messageA an$ check !he s7s!em logs for an7 mail a==lica!ion errors*
This !ac!ic "ill make i! much easier !o !rou&leshoo! an7 issues 7ou ma7 fin$ in sen$mail*
#f !hese errors occurA make sure 7our m+A sen$mail an$ senmail8cf ,1M =ackages are ins!alle$ correc!l7*
(nfor!una!el7 in !his configura!ionA sen$mail "ill !hink !ha! !he server3s FQ% is &ig&o7A "hich i! "ill i$en!if7 as &eing invali$ &ecause !here is no ex!ension a! !he en$A such as *com or *ne!* #! "ill !hen $efaul! !o sen$ing e8mails in "hich !he $omain is localhos!*local$omain* The 'e!c'hos!s file is also im=or!an! for configuring mail rela7* /ou can crea!e =ro&lems if 7ou fail !o =lace !he server name in !he F%Q for 124*:*:*1 en!r7* Here sen$mail !hinks !ha! !he server3s F%Q "as m78si!e an$ !ha! !he $omain "as all of *com*
127.0.0.1 my-site.com localhost.localdomain localhost # (Wrong!!!)
The server "oul$ !herefore &e o=en !o rela7 all mail from an7 *com $omain an$ "oul$ ignore !he securi!7 fea!ures of !he access an$ rela78$omains files #3ll $escri&e la!er* -s men!ione$A a =oorl7 configure$ 'e!c'hos!s file can make mail sen! from 7our server !o !he ou!si$e "orl$ a==ear as if i! came from users a! localhos!*local$omain an$ no! &ig&o7*m78 si!e*com* (se !he sen$mail =rogram !o sen$ a sam=le e8mail !o someone in ver&ose mo$e* .n!er some !ex! af!er issuing !he comman$ an$ en$ 7our message "i!h a single =erio$ all &7 i!self on !he las! lineA for exam=le:
[root@bigboy tmp]# sendmail -v example@another-site.com test text test text . example@another-site.com... Connecting to mail.another-site.com. via esmtp... 220 ltmail.another-site.com LiteMail v3.02(BFLITEMAIL4A); Sat, 05 Oct 2002 06:48:44 -0400 >>> EHLO localhost.localdomain 250-mx.another-site.com Hello [67.120.221.106], pleased to meet you 250 HELP >>> MAIL From:<root@localhost.localdomain> 250 <root@localhost.localdomain>... Sender Ok >>> RCPT To:<example@another-site.com> 250 <example@another-site.com>... Recipient Ok >>> DATA 354 Enter mail, end with "." on a line by itself >>> . 250 Message accepted for delivery example@another-site.com... Sent (Message accepted for delivery) Closing connection to mail.another-site.com. >>> QUIT [root@bigboy tmp]#
5 of 10
15':+'2:1+ 0:14 1M
h!!=:''"""*linuxhomene!"orking*com'"iki'in$ex*=h='QuickFH***
localhos!*local$omain is !he $omain !ha! all com=u!ers use !o refer !o !hemselvesA i! is !herefore an illegal #n!erne! $omain* Consi$er an exam=le: Mail sen! from com=u!er 1C1 !o 1C2 a==ears !o come from a user a! localhos!*local$omain on 1C1 an$ is reRec!e$* The reRec!e$ e8mail is re!urne$ !o localhos!*local$omain* 1C2 sees !ha! !he mail origina!e$ from localhos!*local$omain an$ !hinks !ha! !he reRec!e$ e8mail shoul$ &e sen! !o a user on 1C2 !ha! ma7 no! exis!* /ou en$ u= "i!h an error in 'var'log'maillog:
Oct 16 10:20:04 bigboy sendmail[2500]: g9GHK3iQ002500: SYSERR(root): savemail: cannot save rejected email anywhere Oct 16 10:20:04 bigboy sendmail[2500]: g9GHK3iQ002500: Losing ./qfg9GHK3iQ002500: savemail panic
/ou ma7 also ge! !his error if 7ou are using a s=am =reven!ion =rogramA such as a scri=! &ase$ on !he 1.,L mo$ule Mail::-u$i!* -n error in !he scri=! coul$ cause !his !7=e of message !oo* -no!her se! of !ell !ale errors cause$ &7 !he same =ro&lem can &e genera!e$ "hen !r7ing !o sen$ mail !o a user D!he exam=le uses roo!E or crea!ing a ne" alias $a!a&ase file* D#3ll ex=lain !he ne"aliases comman$ la!er*E
[root@bigboy tmp]# sendmail -v root WARNING: local host name (bigboy) is not qualified; fix $j in config file [root@bigboy tmp]# newaliases WARNING: local host name (bigboy) is not qualified; fix $j in config file [root@bigboy tmp]#
When 7ou have go! sen$mail finall7 "orking i! "ill &e !ime !o focus 7our a!!en!ion on figh!ing un"an!e$ emailA or S1-M* This "ill &e covere$ nex!*
Figh!ing S1-M
(nsolici!e$ Commercial .mail D(C. or S1-ME can &e anno7ingA !ime consuming !o $ele!e an$ in some cases $angerous "hen !he7 con!ain viruses an$ "orms* For!una!el7 !here are "a7s 7ou can use 7our mail server !o com&a! S1-M*
o!e: @isi! !he (,Ls lis!e$ in each F.-T(,. comman$ !o learn more a&ou! !he in$ivi$ual services* >e sure !o run !he ac!iva!e8sen$mail*sh scri=! from !he &eginning of !he cha=!er for !hese changes !o !ake effec!*
S=amassassin
Once sen$mail receives an e8mail messageA i! han$s !he message over !o =rocmailA "hich is !he a==lica!ion !ha! ac!uall7 =laces !he e8mail in user mail&oxes on !he mail server* /ou can make =rocmail !em=oraril7 han$ over con!rol !o ano!her =rogramA such as a s=am fil!er* The mos! commonl7 use$ fil!er is s=amassassin* s=amassassin $oesn3! $ele!e s=amA i! merel7 a$$s !he "or$ Gs=amG !o !he &eginning of !he su&Rec! line of sus=ec!e$ s=am e8mails* /ou can !hen configure !he e8mail fil!er rules in Ou!look .x=ress or an7 o!her mail clien! !o ei!her $ele!e !he sus=ec! message or s!ore i! in a s=ecial S=am fol$er*
9 of 10
15':+'2:1+ 0:14 1M
h!!=:''"""*linuxhomene!"orking*com'"iki'in$ex*=h='QuickFH***
Configuring S=amassassin
The s=amassassin configura!ion file is name$ 'e!c'mail's=amassassin'local*cf* - full lis!ing of all !he o=!ions availa&le in !he local*cf file can &e foun$ in !he Linux man =ages using !he follo"ing comman$:
[root@bigboy tmp]# man Mail::SpamAssassin::Conf
/ou can cus!omiBe !his full7 commen!e$ sam=le configura!ion file !o mee! 7our nee$s*
################################################################### # See 'perldoc Mail::SpamAssassin::Conf' for # details of what can be adjusted. ################################################################### # # These values can be overridden by editing # ~/.spamassassin/user_prefs.cf (see spamassassin(1) for details) # # How many hits before a message is considered spam. The lower the # number the more sensitive it is. required_hits 5.0
# Enable or disable network checks (1=Yes, 0=No) skip_rbl_checks 0 use_razor2 1 use_dcc 1 use_pyzor 1
# Mail using languages used in these country codes will not be marked # as being possibly spam in a foreign language. # - english ok_languages en
# Mail using locales used in these country codes will not be marked # as being possibly spam in a foreign language. ok_locales en
o!e: >e sure !o run !he ac!iva!e8sen$mail*sh scri=! from !he &eginning of !he cha=!er for !hese changes !o !ake effec!*
Tes!ing s=amassassin
/ou can !es! !he vali$i!7 of 7our local*cf file &7 using !he s=amassassin comman$ "i!h !he 88lin! o=!ion* This "ill lis! an7 s7n!ax =ro&lems !ha! ma7 exis!* #n !his exam=le !"o errors "ere foun$ an$ correc!e$ &efore !he comman$ "as run again*
[root@bigboy tmp]# spamassassin -d --lint Created user preferences file: /root/.spamassassin/user_prefs config: SpamAssassin failed to parse line, skipping: use_terse_report 0 config: SpamAssassin failed to parse line, skipping: auto_learn 1 lint: 2 issues detected. please rerun with debug enabled for more information. [root@bigboy tmp]# vi /etc/mail/spamassassin/local.cf ... ... ... [root@bigboy tmp]# spamassassin -d --lint [root@bigboy tmp]
Tuning s=amassassin
/ou can !une !he sensi!ivi!7 of s=amassassin !o !he !7=e of s=am 7ou receive &7 a$Rus!ing !he re<uire$Fhi!s value in !he local*cf file* This can &e ma$e easier &7 vie"ing !he score s=amassassin assigns a message in i!s hea$er* #n mos! 6(# &ase$ email clien!s !his can &e $one &7 looking a! !he email3s =ro=er!ies* #n !his caseA a igerian email scam s=am "as $e!ec!e$ an$ given a score of 2:*1 an$ marke$ as s=am*
X-Spam-Status: Yes, score=20.1 required=2.1 tests=DEAR_FRIEND, DNS_FROM_RFC_POST,FROM_ENDS_IN_NUMS,MSGID_FROM_MTA_HEADER,NA_DOLLARS, NIGERIAN_BODY1,NIGERIAN_BODY2,NIGERIAN_BODY3,NIGERIAN_BODY4, RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_SBL,RISK_FREE,SARE_FRAUD_X3, SARE_FRAUD_X4,SARE_FRAUD_X5,US_DOLLARS_3 autolearn=failed version=3.0.4 X-Spam-Report: * 0.5 FROM_ENDS_IN_NUMS From: ends in numbers * 0.2 RISK_FREE BODY: Risk free. Suuurreeee.... * 0.4 US_DOLLARS_3 BODY: Mentions millions of $ ($NN,NNN,NNN.NN) * 0.8 DEAR_FRIEND BODY: Dear Friend? That's not very dear! * 2.2 NA_DOLLARS BODY: Talks about a million North American dollars * 1.8 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net * [Blocked - see <http://www.spamcop.net/bl.shtml?213.185.106.3>] * 1.1 RCVD_IN_SBL RBL: Received via a relay in Spamhaus SBL * [213.185.106.3 listed in sbl-xbl.spamhaus.org] * 1.4 DNS_FROM_RFC_POST RBL: Envelope sender in postmaster.rfc-ignorant.org * 1.9 NIGERIAN_BODY3 Message body looks like a Nigerian spam message 3+ * 2.9 NIGERIAN_BODY1 Message body looks like a Nigerian spam message 1+ * 1.4 NIGERIAN_BODY4 Message body looks like a Nigerian spam message 4+ * 1.7 SARE_FRAUD_X5 Matches 5+ phrases commonly used in fraud spam * 0.5 NIGERIAN_BODY2 Message body looks like a Nigerian spam message 2+ * 1.7 SARE_FRAUD_X3 Matches 3+ phrases commonly used in fraud spam * 1.7 SARE_FRAUD_X4 Matches 4+ phrases commonly used in fraud spam * 0.0 MSGID_FROM_MTA_HEADER Message-Id was added by a relay
#f S1-M sli=s !hrough 7our s=amassassin s7s!emA 7ou can use !his me!ho$ !o a$Rus! 7our rules !o re$uce !he risk in fu!ure*
(sing 6re7lis!ing
To maximiBe !he effec! of !heir effor!sA s=ammers !r7 !o sen$ email as <uickl7 as =ossi&le* The7 !ake no!e of !he emails !ha! &ounceA so !ha! !he7 kno" "hich a$$resses !o remove from !heir lis!s !o make !heir nex! mailing more efficien!*
1: of 10
15':+'2:1+ 0:14 1M
h!!=:''"""*linuxhomene!"orking*com'"iki'in$ex*=h='QuickFH***
When mail servers receive mail !oo ra=i$l7 for !hem !o han$leA !he7 can ask !he sen$er !o !r7 again la!er* S=ammers of!en vie" resen$ing emails !o vali$ a$$resses as a "as!e of com=u!ing !ime !ha! coul$ &e use$ !o sen$ mail !o &ran$ ne" a$$resses !ha! &elong !o fas!er mail servers* .mails !ha! nee$ !o &e resen! are usuall7 a&an$one$* Some emails nee$ relia&le $eliver7 !o &e effec!ive an$ !he sen$ers of !hese !7=es of messages are "illing !o resen$* These inclu$e &ank s!a!emen! no!ifica!ionsA ecommerce =urchase confirma!ionsA an$ su&scri=!ion ne"sle!!ers* #n a =revious sec!ion "e sa" "here s=amassassin al"a7s reRec!s emails from &lacklis!e$ sources* Wi!h gre7lis!ingA sources are Rus! aske$ !o resen$* One of !he mos! =o=ular gre7lis! mail fil!er Dmil!erE =ro$uc!s is !he mil!er8gre7lis! =ackage "hich also "orks seamlessl7 "i!h s=amassassin* #! is eas7 !o use an$ #?ll $iscuss ho" can &e configure$ on 7our mail server*
Configuring mil!er8gre7lis!
Configuring mil!er8gre7lis! re<uires !hese four <uick s!e=s: 1* -$$ !he mil!er8gre7lis! s!a!emen!s lis!e$ in !he ,.-%M. file !o 7our 'e!c'mail'sen$mail*mc file:
INPUT_MAIL_FILTER(`greylist',`S=local:/var/milter-greylist/milter-greylist.sock') define(`confMILTER_MACROS_CONNECT', `j, {if_addr}') define(`confMILTER_MACROS_HELO', `{verify}, {cert_subject}') define(`confMILTER_MACROS_ENVFROM', `i, {auth_authen}') define(`confMILTER_MACROS_ENVRCPT', `{greylist}')
2* The =revious s!e= reference$ !he file 'var'mil!er8gre7lis!'mil!er8gre7lis!*sock "hich no" has !o &e crea!e$ an$ o"ne$ &7 !he grmil!er user* /ou can $o !his &7 firs! searching for !he grmil!er user in 'e!c'=ass"$A !o $ou&le check !ha! !he user firs! exis!s an$ !ha! !he $irec!or7 is o"ne$ &7 !his user also* ex! crea!e !he file an$ change i!s o"nershi=* The me!ho$ can &e seen here*
[root@bigboy tmp]# grep grey /etc/passwd grmilter:x:495:494:Greylist-milter user:/var/lib/milter-greylist:/sbin/nologin [root@bigboy tmp]# touch /var/lib/milter-greylist/milter-greylist.sock [root@bigboy tmp]# chown grmilter:grmilter \ /var/lib/milter-greylist/milter-greylist.sock [root@bigboy tmp]# ll /var/lib/milter-greylist/milter-greylist.sock -rw-r--r-- 1 grmilter grmilter 0 Dec 12 00:26 /var/lib/milter-greylist/milter-greylist.sock [root@bigboy tmp]#
)* Configure 6re7lis! !o s!ar! au!oma!icall7 on re&oo!* Fe$ora ' Cen!OS ' ,e$Ha!
[root@bigboy tmp]# chkconfig spamassassin on
+* .$i! !he 'e!c'mail'gre7lis!*conf configura!ion file* Here "e se! !he V!r7 again la!erW !o five minu!es an$ use !he "hi!elis! comman$ !o $eac!iva!e !he !imer for !rus!e$ ne!"orks so !ha! mail is $elivere$ imme$ia!el7*
# # File: /etc/mail/greylist.conf # # How long a client has to wait before we accept # the messages it retries to send. Here, 1 hour. # greylist 5m # # Whitelist addresses within my own home/office network # acl whitelist addr 192.168.0.0/16
0* ,un !he ac!iva!e8sen$mail*sh scri=! for !he ne" se!!ings !o !ake effec!* /our ne" s=am mi!iga!ion !ool shoul$ no" &e full7 func!ional* /ou are rea$7 !o goQ
Configuring mil!er8gre7lis!
o" !ha! "e have mil!er8gre7lis! ins!alle$A "e nee$ !o &e a&le !o $o some &asic !rou&leshoo!ing* The 'var'log'maillog file shoul$ &e use$ !o $e!ermine "ha! is ha==ening !o 7our mail* Here are !"o sam=les of "ha! !o ex=ec!:
Dec 24 00:32:31 bigboy sendmail[28847]: jBO8WVnG028847: Milter: to=<spamvictim@my-web-site.org>, reject=451 4.7.1 Greylisting in action, please come back in 00:05:00 Dec 23 20:40:21 bigboy milter-greylist: jBO4eF2m027418: addr 211.115.216.225 from <slashdot@slashdot.org> rcpt <spamvictim@my-web-site.org>: autowhitelisted for 24:00:00
#n !he firs! en!r7A !he email receive$ is given a !ag DR>O5W@n6:255+4E &ase$ on ke7 charac!eris!ics in !he mail hea$er an$ a re<ues! is sen! !o !he sen$er !o resen$ !he email in five minu!es* -n7 email !ha! is receive$ "i!h !he same calcula!e$ ke7 "i!hin !he au!o"hi!e =erio$ configure$ in !he gre7lis!*conf file "ill !hen &e au!oma!icall7 acce=!e$ "i!hou! $ela7* #n !he secon$ en!r7A !he email has &een resen! an$ imme$ia!el7 acce=!e$* -n7 o!her email from !ha! source "i!hin !he nex! 2+ hours "ill &e acce=!e$ "i!hou! $ela7* o!e: 6re7lis!ing is ver7 effec!iveA &u! 7ou "ill have !o !ne i!s o=era!ion !o make sure cri!ical emails are no! $ela7e$ a! all* One solu!on is !o se! !he au!o"hi!e =erio$ in 'e!c'mail'gre7lis!*conf !o sligh!l7 more !han 2+ hours es=eciall7 if 7ou ge! mail from cer!ain reci=ien!sA such as ne"sle!!ersA on a $ail7 &asis* This makes !hem arrive "i!hou! in!erru=!ion*
11 of 10
15':+'2:1+ 0:14 1M
h!!=:''"""*linuxhomene!"orking*com'"iki'in$ex*=h='QuickFH***
#ns!alling %oveco!
Mos! ,e$Ha! an$ Fe$ora Linux sof!"are =ro$uc! =ackages are availa&le in !he ,1M forma!A "hereas %e&ian an$ (&un!u Linux use %.> forma! ins!alla!ion files* When searching for !hese =ackages remem&er !ha! !he filename usuall7 s!ar!s "i!h !he sof!"are =ackage name an$ is follo"e$ &7 a version num&erA as in $oveco!8:*99*1181*FC)*+*i)52*r=m* DFor hel= on $o"nloa$ing an$ ins!alling !he re<uire$ =ackagesA see Cha=!er 2A #ns!alling Linux Sof!"areE*
S!ar!ing %oveco!
The me!ho$ologies var7 $e=en$ing on !he varian! of Linux 7ou are using as 7ou?ll see nex!* Fe$ora ' Cen!OS ' ,e$Ha! Wi!h !hese flavors of Linux 7ou can use !he chkconfig comman$ !o ge! $oveco! configure$ !o s!ar! a! &oo!:
[root@bigboy tmp]# chkconfig dovecot on
To s!ar!A s!o=A an$ res!ar! $oveco! af!er &oo!ing use !he service comman$:
[root@bigboy tmp]# service dovecot start [root@bigboy tmp]# service dovecot stop [root@bigboy tmp]# service dovecot restart
To $e!ermine "he!her $oveco! is running 7ou can issue ei!her of !hese !"o comman$s* The firs! "ill give a s!a!us message* The secon$ "ill re!urn !he =rocess #% num&ers of !he $oveco! $aemons*
[root@bigboy tmp]# service dovecot status [root@bigboy tmp]# pgrep spam
o!e: ,emem&er !o run !he chkconfig comman$ a! leas! once !o ensure $oveco! s!ar!s au!oma!icall7 on 7our nex! re&oo!* (&un!u ' %e&ian Wi!h !hese flavors of Linux !he comman$s are $ifferen!* Tr7 ins!alling !he s7sv8rc8conf an$ s7svini!8u!ils %.> =ackages as !he7 =rovi$e comman$s !ha! sim=lif7 !he =rocess* DFor hel= on $o"nloa$ing an$ ins!alling !he =ackagesA see Cha=!er 2A #ns!alling Linux Sof!"areE /ou can use !he s7sv8rc8conf comman$ !o ge! $oveco! configure$ !o s!ar! a! &oo!:
user@ubuntu:~$ sudo sysv-rc-conf dovecot on
To s!ar!A s!o=A an$ res!ar! $oveco! af!er &oo!ing !he service comman$ is !he same:
user@ubuntu:~$ sudo service dovecot start user@ubuntu:~$ sudo service dovecot stop user@ubuntu:~$ sudo service dovecot restart
To $e!ermine "he!her $oveco! is running 7ou can issue ei!her of !hese !"o comman$s* The firs! "ill give a s!a!us message* The secon$ "ill re!urn !he =rocess #% num&ers of !he $oveco! $aemons*
user@ubuntu:~$ sudo service dovecot status user@ubuntu:~$ pgrep dovecot
o!e: ,emem&er !o run !he s7sv8rc8conf comman$ a! leas! once !o ensure $oveco! s!ar!s au!oma!icall7 on 7our nex! re&oo!*
Choice of 1ro!ocols
/ou can selec! one of !"o =ro!ocols in 7our %oveco! configura!ion: #M-1 an$ 1O1)* Wi!h 1O1) 7our mail is $o"nloa$e$ !o 7our com=u!er so !ha! 7ou can "ork "i!h i! offline* #f 7ou access an$ re=l7 !o 1O1) mail from $ifferen! com=u!ers i! "ill &e $ifficul! !o ge! a com=le!e =ic!ure of some !hrea$s as !he re=lies sen! on one com=u!er "on?! &e visi&le on !he o!her* Wi!h #M-1 7our mail al"a7s remains on 7our mail server "hich elimina!es !his =ro&lem* #! also allo"s 7ou !o crea!e fol$ers for 7our email "hich makes i! eas7 !o organiBe 7our e8mail an$ access i! from an7"here* .ach of !hese =ro!ocols o=era!e on a $ifferen! TC1 =or! as sho"n in Ta&le 2181*
1ro!ocol TC1 1or! 1O1 1O1S #M-1 #M-1S 11: 990 1+) 99)
This informa!ion "ill &e re<uire$ for 7our configura!ion file as 7ou "ill soon see* /ou shoul$ also make sure 7our fire"all rules allo" !raffic !o access 7our server on !hese =or!s*
@ersion 1*x
#n !his versionA %oveco! "oul$ &7 $efaul! ac! as a server for #M-1A secure encr7=!e$ #M-1 D#M-1SEA 1O1 an$ secure encr7=!e$ 1O1 D1O1SE* /ou coul$ limi! !his lis! &7 e$i!ing !he =ro!ocols line in !he 'e!c'$oveco!*conf file an$ !hen res!ar!ing $oveco! for !he change !o !ake effec!*#n !he exam=le &elo" $oveco! is configure$ !o serve onl7 1O1)* o!e: (nfor!una!el7 !he 1O1) an$ #M-1 =ro!ocols sen$ 7our username an$ =ass"or$ unencr7=!e$ "hich ex=oses 7our users !o a!!acks* %oveco! ex=ec!s 7ou !o use !he more secure 1O1)S or #M-1S me!ho$s an$ !herefore $isa&les !he use of =lain !ex! =ass"or$s &7 $efaul!* To ena&le !he acce=!ance of =lain !ex! au!hen!ica!ion !he $isa&leF=lain!ex!Fau!h comman$ nee$s !o &e se! !o VnoWA as !he exam=le also sho"s*
# # File /etc/dovecot.conf sample # # Protocols we want to be serving imap imaps pop3 pop3s #protocols = imap imaps pop3 pop3s protocols = pop3 disable_plaintext_auth = no
/ou shoul$ al"a7s !r7 !o use secure 1O1)S or #M-1S for &e!!er =eace of min$* More $e!ails on ho" !o $o !his "i!h ne"er versions of %oveco! "ill &e covere$ nex!*
12 of 10
15':+'2:1+ 0:14 1M
h!!=:''"""*linuxhomene!"orking*com'"iki'in$ex*=h='QuickFH***
service pop3-login { inet_listener pop3 { port = 0 } inet_listener pop3s { port = 995 address = 192.168.1.100 } } service imap-login { inet_listener imap { address = 127.0.0.1 port = 143 } inet_listener imaps { port = 0 } }
#M-1S an$ 1O1)S commonl7 rel7 on !he use of SSL cer!ifica!es for encr7=!ion* /ou make %oveco! a"are !ha! 7ou in!en$ !o use !his me!ho$ "i!h !he ssl comman$* This is also sho"n in !he exam=le* #! is an im=or!an! s!e=* o!e: -l"a7s remem&er !o res!ar! %oveco! in or$er for !hese se!!ings !o !ake effec!*
LISTEN LISTEN
#! is of!en insufficien! !o use !his as 7our onl7 !es!* Tr7 using !he !elne! comman$ from ano!her loca!ion !o verif7 !ha! remo!e clien! can con!ac! 7our mail server on !he correc! =or!s* #f !he7 canno!A 7ou ma7 have a rou!ing or fire"all issueA or $oveco! ma7 no! &e running* #n !his exam=le "e are !es!ing on !he 1O1S =or!A 990*
[root@bigboy tmp]# telnet mail.my-site.com 995 Trying 192.168.1.100... Connected to mail.simiya.com. Escape character is '^]'. ^] telnet> quit Connection closed. [root@bigboy tmp]#
Connec!ion =ro&lems coul$ also &e !he resul! of !7=ical ne!"ork issues ou!line$ in Cha=!er +A GSim=le e!"ork Trou&leshoo!ingG* ,evie" !his cha=!er if 7ou fin$ 7ourself having =ro&lems rela!e$ !o &asic connec!ivi!7*
/ou can verif7 !hese comman$s are lis!e$ in 7our %oveco! configura!ion file !ree* This can &e $one "i!h a sim=le recursive gre= comman$ "hich searches 'e!c'$oveco! an$ i!s su&$irec!ories for files "i!h !he s!ring $oveco!*=em in !hem* #n !his case !he s!a!emen!s are foun$ in !he 1:8ssl*conf file in !he 'e!c'$oveco!'conf*$ $irec!or7*
[root@bigboy tmp]# grep -ir dovecot.pem /etc/dovecot/ /etc/dovecot/conf.d/10-ssl.conf:ssl_cert = </etc/pki/dovecot/certs/dovecot.pem /etc/dovecot/conf.d/10-ssl.conf:ssl_key = </etc/pki/dovecot/private/dovecot.pem [root@bigboy tmp]#
-f!er fin$ing !he references 7ou shoul$ verif7 !ha! !he files exis!* This can &e $one "i!h !he loca!e comman$* Here "e see !he file loca!ions =reviousl7 lis!e$ in !he configura!ion file ma!ch files !ha! ac!uall7 resi$e in !he files7s!em*
[root@bigboy tmp]# locate dovecot.pem /etc/pki/dovecot/certs/dovecot.pem /etc/pki/dovecot/private/dovecot.pem [root@bigboy tmp]#
Wha! $o 7ou $o if 7ou $on?! have !hese files; %on?! "orr7A 7ou can easil7 crea!e !hem an$ !his "ill &e covere$ nex!*
Though !he con!en!s of !he $oveco!8o=enssl*cnf file "ill &e sufficien! !o gen!era!e !he SSL cer!ifica!esA 7ou ma7 "an! !o cus!omiBe i! !o mee! !he nee$s of 7our organiBa!ion as seen here*
# # File: dovecot-openssl.cnf # [ req_dn ] # country (2 letter code) C=US # State or Province Name (full name) ST=California # Locality Name (eg. city) L=San Francisco # Organization (eg. company) O=My-Site Inc # Organizational Unit Name (eg. section) OU=My-Site IT Department # Common Name (*.example.com is also possible) CN=mail.my-site.com # E-mail contact emailAddress=postmaster@my-site.com
The nex! s!e= is !o !un !he mkcer!*sh scri=! an$ make sure !he ke7s are in !he righ! loca!ion*
1) of 10
15':+'2:1+ 0:14 1M
h!!=:''"""*linuxhomene!"orking*com'"iki'in$ex*=h='QuickFH***
[root@bigboy tmp]# /usr/libexec/dovecot/mkcert.sh Generating a 1024 bit RSA private key ...........++++++ ......................++++++ writing new private key to '/etc/pki/dovecot/private/dovecot.pem' ----subject= /OU=My-Site IT Department/CN=mail.my-site.com/emailAddress=postmaster@my-site.com SHA1 Fingerprint=A0:F9:95:1B:90:21:B9:B2:45:5B:CC:DF:20:2C:9E:25:74:69:F1:DD [root@bigboy tmp]#
o" !ha! 7our cer!ifica!es have &een crea!e$ 7ou shoul$ &e rea$7 !o s!ar! serving secure email !o 7our users* %oveco! uses i!s o"n cer!ifica!es an$ !he me!ho$ $escri&e$ here sho"s 7ou ho" !o crea!e 7our o"n* #f 7ou are =ar! of an en!er=rise "i!h i!s o"n $omainA 7ou shoul$ inves! in ge!!ing 7our SSL cer!ifica!es crea!e$ &7 an official cer!ifica!e au!hori!7 like @erisign* -ll email clien!s recogniBe organiBa!ions like !hese an$ "ill o=era!e using 1O1S an$ #M-1S "i!hou! $is=la7ing an error message s!a!ing !ha! !he cer!ifica!e comes from an un!rus!e$ source* For a$$i!ional securi!7 7ou can ins!all a se=ara!e cer!ifica!e on all !he clien! com=u!ers an$ configure %oveco! !o onl7 in!erac! "i!h clien!s !hese kno"n cre$en!ials* Ho" $o !his is &e7on$ !he sco=e of !his &ookA &u! shoul$ &e inves!iga!e$ !o re$uce 7our securi!7 risk*
%oveco! Mail&oxes
Though sen$mail sen$s 7our email !o a local user accoun!A Linux ma7 s!ore !he con!en! of !he mail in one of man7 forma!s* T"o common me!ho$s are m&ox an$ mail$ir* %oveco! uses !he mailFloca!ion $irec!ive !o $efine !he !7=e of mail forma! an$ !he loca!ion of i!s files* This $irec!ive ma7 &e foun$ in ei!her 7our $oveco!*conf file or one of i!s $augh!er configura!ion files in !he 'e!c'$oveco!'conf*$ $irec!or7* #! ma7 also &e commen!e$ ou!* @erif7 !ha! !hese $irec!ives are lis!e$ in 7our %oveco! configura!ion file !ree* This can &e $one "i!h a sim=le recursive gre= comman$ "hich searches 'e!c'$oveco! an$ i!s su&$irec!ories for files "i!h !he s!ring mailFloca!ion in !hem* #n !his case !he s!a!emen!s are foun$ in !he 1:8mail*conf file in !he 'e!c'$oveco!'conf*$ $irec!or7*
[root@bigboy tmp]# grep -ir mail_location /etc/dovecot /etc/dovecot/conf.d/10-mail.conf:# mail_location = maildir:~/Maildir /etc/dovecot/conf.d/10-mail.conf:# mail_location = mbox:~/mail:INBOX=/var/mail/%u /etc/dovecot/conf.d/10-mail.conf:# mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n /etc/dovecot/conf.d/10-mail.conf:#mail_location = /etc/dovecot/conf.d/10-mail.conf:#mail_location = mbox:~/mail:INBOX=/var/mail/%u [root@bigboy tmp]#
#f 7ou look closel7A 7ou "ill no!ice !ha! !he references are all commen!e$ ou!* The follo"ing sec!ions "ill sho" 7ou ho" !o $e!ermine "hich me!ho$ !o use* #f 7ou selec! !he incorrec! me!ho$A !hen 7ou "on?! &e a&le !o $o"nloa$ 7our mailA &ecause %oveco! "ill &e looking for i! in !he "rong loca!ionQ
The configura!ion for m&ox re<uires !he a$$i!ion of !his line !o 7our $oveco!*conf fileA or as in our caseA uncommen!ing a similar line from !he 1:8mail*conf file* .i!her me!ho$ "ill "ork*
mail_location = mbox:~/mail:INBOX=/var/mail/%u
o!e: ,emem&er !o res!ar! %oveco! for !his se!!ing !o &e ac!iva!e$* o" i! is !ime !o !ake a look a! !he mail$ir me!ho$*
o!e: ,emem&er !o res!ar! %oveco! for !his se!!ing !o &e ac!iva!e$* /ou are $oneQ Tha! "as eas7* %ifferen! $is!ri&u!ions of Linux use $iffering me!ho$s of s!oring email* #f nei!her m&ox or mail$ir seems !o &e !he me!ho$ 7our s7s!em is using !hen check !he %oveco! "e&si!e a! $oveco!*org for fur!her $e!ails*
1+ of 10
15':+'2:1+ 0:14 1M
h!!=:''"""*linuxhomene!"orking*com'"iki'in$ex*=h='QuickFH***
The file has man7 sec!ions !ha! allo" 7ou !o !urn on ver7 ver&ose $e&ugging level messages for au!hen!ica!ionA SSLA an$ general messaging* #! is an invalua&le source of !rou&leshoo!ing informa!ion* %oveco! logs !o !he 'var'log'maillog file* For $e!ails on se!!ing u= Linux logging refer !o Cha=!er 0A GTrou&leshoo!ing "i!h s7slog*G Here are some goo$ exam=les: #n !his case !he Mail$ir mailFloca!ion me!ho$ "as incorrec!l7 chosen an$ !he ex=ec!e$ mail files "ere no! foun$
Dec Dec 5 20:49:47 bigboy dovecot: pop3(mail-user1): Debug: maildir: access(/home/users/mail-user1/Maildir, rwx): failed: No such file or directory 5 20:49:47 bigboy dovecot: pop3(mail-user1): Debug: maildir: couldn't find root dir
#n !his case %oveco!?s au!o$e!ec!ion me!ho$ faile$ !o $e!ermine !he correc! mailFloca!ion* The $irec!ive ha$ !o &e manuall7 a$$e$*
Dec 5 09:10:26 bigboy dovecot: pop3(mail-user2): Error: user lhn-mail: Initialization failed: mail_location not set and autodetection failed: Mail storage autodetection failed with home=/home/users/mail-user2
Whenever !here is an7 $ou&!A look for !he error message in !he log fileA !r7 !o un$ers!an$ "ha! i! means an$ "ha! coul$ &e $one !o fix !he =ro&lem* ,emem&erA fin$ing hel= for 7our =ro&lem on !he #n!erne! "ill &e much easier if 7ou search for ke7 =ar!s of 7our log message*
Conclusion
.8mail is an im=or!an! =ar! of an7 We& si!eA an$ 7ou nee$ !o =lan i!s configura!ion carefull7 !o make i! a seamless =ar! of !he We& ex=erience of 7our visi!ors* Wi!hou! i!A 7our We& si!e "on3! seem com=le!e* - full7 func!ioning We& si!e is Rus! !he &eginning* #! nee$s !o &e main!aine$ !o re$uce !he risk of failure an$ moni!ore$ !o hel= $e!ec! =o!en!ial =ro&lems* Cha=!er 22A G Moni!oring Server 1erformanceGA $iscusses man7 Linux8&ase$ !ools !ha! 7ou can &e use !o !rack !he heal!h of 7our Linux server* ,e!rieve$ from Gh!!=:''"""*linuxhomene!"orking*com'"iki'in$ex*=h=;!i!leZQuickFHOWTOF:FCh21F:FConfiguringFLinuxFMailFServersOol$i$Z+))1G
This =age "as las! mo$ifie$ on 1: -ugus! 2:12A a! :2:29* Con!en! is availa&le un$er -!!ri&u!ion8 onCommercial8 o%erivs 2*0 *
10 of 10
15':+'2:1+ 0:14 1M