Qmail SMTP Relay

If you have a Qmail server and you want to allow a specific IP to send emails (relay) through Qmail all you have to do is to add in /etc/tcprules.d/tcp.smtp :

IP:allow,RELAYCLIENT=””,RBLSMTPD=””,NOP0FCHECK=”0″,DKSIGN=”/var/qmail/control/domainkeys/domain.com/dkim1″

Where IP is the IP of your remote email server. You can even specify something like : aaa.bbb.ccc.:allow,RELAYCLIENT=””

After this you have to run :

tcprules /etc/tcprules.d/tcp.smtp.cdb /etc/tcprules.d/tcp.smtp.tmp < /etc/tcprules.d/tcp.smtp

Nginx + php 5.2.17 + php-fpm

Download the needed packages and store them in /usr/src:

http://us.php.net/distributions/php-5.2.17.tar.gz
http://php-fpm.org/downloads/php-5.2.17-fpm-0.5.14.diff.gz
http://nginx.org/download/nginx-1.1.0.tar.gz

Then run :

tar -xvzf php-5.2.17.tar.gz
gzip -cd php-5.2.17-fpm-0.5.14.diff.gz | sudo patch -d php-5.2.17 -p1
cd php-5.2.17
./configure --enable-fastcgi --enable-fpm --with-mcrypt --with-zlib --enable-mbstring --enable-pdo --with-curl --disable-debug --with-pic --disable-rpath --enable-inline-optimization --with-bz2 --enable-xml --with-zlib --enable-sockets --enable-sysvsem --enable-sysvshm --enable-pcntl --enable-mbregex --with-mhash --with-xsl --enable-zip --with-pcre-regex --with-gd --without-pdo-sqlite --with-pdo-mysql --without-sqlite --with-jpeg-dir=/usr/lib --with-png-dir=/usr/lib --with-mysql --enable-bcmath --enable-calendar --enable-exif --enable-ftp --with-gettext --with-imap --with-mysqli --with-openssl --with-kerberos --with-imap-ssl --enable-dbase --with-gmp --enable-shmop --enable-wddx

make all install

Note that you can add —prefix to install the binaries in a different location than the default one.

After compilation is done :

strip /usr/local/bin/php-cgi
cp sapi/cgi/fpm/php-fpm /etc/init.d/
chmod +x /etc/init.d/php-fpm

cp /usr/src/php-5.2.17/php.ini-recommended /usr/local/lib/php.ini
mkdir /etc/php/
ln -s /usr/local/lib/php.ini /etc/php/php.ini
ln -s /usr/local/etc/php-fpm.conf /etc/php/php-fpm.conf

Make sure you edit /etc/php/php-fpm.conf and set the proper user/group (and permissions if its the case).

Then compile Nginx:

tar zxvf nginx-1.1.0.tar.gz
./configure --sbin-path=/usr/local/sbin --with-http_ssl_module --without-mail_pop3_module --without-mail_imap_module --without-mail_smtp_module --with-http_stub_status_module
make && sudo make install

The same you can modify the –prefix here.

Authentication Token Manipulation Error

You may get an error, such as Authentication Token Manipulation Error, while trying to change passwords for a user. For example:

#passwd user
Authentication Token Manipulation Error
#

This error is being produced because you are using shadowed password files and the shadow doesn’t have entry for this user. i.e, passwd file has an entry for this user, but shadow file doesn’t.

In order to resolve this, you can either add the entry manually or recreate the shadow file. You can use pwconv to recreate the shadow file. See the manpage for more details on this.

How to clear SWAP

It happens for swap to be used from time to time :

root@servcorp:~# free -m
total used free shared buffers cached
Mem: 4011 759 3252 0 4 53
-/+ buffers/cache: 702 3309
Swap: 8191 15 8176

To clear the swap run :

root@servcorp:~# swapoff -a && swapon -a

And free shows :

root@servcorp:~# free -m
total used free shared buffers cached
Mem: 4011 746 3265 0 4 55
-/+ buffers/cache: 686 3325
Swap: 8191 0 8191

Using mod_proxy in Plesk to redirect to a different site

Scenario:

Site1 : www.site.com
Site2 : shop.site2.com

The idea is to make a proxy redirect so if I access www.site.com/shop to be redirected to shop.site2.com and keep the URL in the browser.
This can be done either by using mod_rewrite (if both sites are on the same server) or by using mod_proxy. In my case I had to do this on a Plesk server.

I’ve created in /var/www/vhosts/site.com/conf a file called vhost.conf that contains:

ProxyRequests off
Order deny,allow
Allow from all

ProxyPass /shop http://shop.site2.com
ProxyPassReverse /shop http://shop.site2.com
SetEnv force-proxy-request-1.0 1
SetEnv proxy-nokeepalive 1


Order allow,deny
Allow from all

Then I ran:

/usr/local/psa/admin/bin/websrvmng -a -v

Verify httpd.include to see if there is any Include directive.

Now if you go to www.site.com/shop/ you should be redirected to shop.site2.com. Notice the trailing slash after (../shop/). That needs to be there otherwise it won’t load the images properly.

This can be fixed by adding in vhost.conf a Rewrite rule like:
RewriteEngine on
RewriteRule ^/shop$ /shop/ [R]

Install Dante socks proxy

Dante socks install :

Download Dante from : ftp://ftp.inet.no/pub/socks/dante-1.2.0.tar.gz

tar zxvf dante-1.2.0.tar.gz
cd dante-1.2.0
yum install gcc make
./configure
make -j4
make install

ifconfig -a |  grep inet | awk ‘{print $2}’ | awk -F ‘:’ ‘{print $2}’ | grep -v 127.0.0.1 >  /root/ips

for i in cat ips ;do echo “internal: $i port = 6060” >> /root/sockd.conf ;done

Example of sockd.conf :

logoutput: stderr
method: username none
external: externalIPtouse
client pass {
from: 0.0.0.0/0 port 1-65535 to: 0.0.0.0/0
}
pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
method: username
protocol: tcp udp
}

Launch using :

sockd -f /root/sockd.conf -d