ProcMail Installation and Configuration Guide
ProcMail stands for Mail Processing, it allows you to process your incoming mail and then sort it into separate folders/file. ProcMail can be used to setup a vacation message or to forward your mail to another email address. All in all, it can be used for many things and I don't even know them all :) I will break this guide into two parts: install and setup.
1) Install ProcMail
Download the source from the following URL: http://www.procmail.org. You should get a file that looks similar to this procmail-3.22.tar.gz. Now let's begin installing :)
mv procmail-3.22.tar.gz /tmp; cd /tmp tar xzf procmail-3.22.tar.gz; cd procmail-3.22 make make BASENAME=/usr/local/procmail install
Continue reading 'ProcMail Installation and Configuration Guide'
Apache Bandwidth Throttling guide has been completed
I never had the time to finish the Apache Bandwidth Throttling guide. In addition, one module that was listed in the guide has been discontinued and the source code is not available anymore, so I decided to update the guide and finally finish it. If you have a busy server that gets abused by evil downloaders, this guide will definitely help you out. I have been using this setup for years and never had a problem, so I hope you will find it useful as well.
Qmail Guide has been updated
I finally updated the Qmail Guide after a long while. Since my last update there have been lots of additions and patches to Qmail and there is a lot of useful stuff out there. New anti-spam techniques such as Greylisting, SPF and SRS are being introduced to Qmail. I did not have much time, so none of these patches are incorporated into the guide.
Apache Install Guide Updated
The Apache Install Guide has been updated with the latest software releases. PHP4 option has now been removed - the guide is only for PHP5 in production environments. Hopefully other guides will be updated soon as well.
Qmail Quickstarter – Book Review
I have been using qmail for many years and put a lot of effort in keeping my Qmail Howto up to date. I haven't been making many changes to the guide, since qmail is one of those things that once installed, you can leave it running until the mail server is ready to be decommissioned. So, I go back and update the guide whenever I need to install qmail on a brand new server.
Anyway, I was recently approached by Packt Publishing and they requested me to review their newly released book titled "Qmail Quickstarter" by Kyle Wheeler. I received the book in mail within a week or two after I agreed to review it and decided to check it out over the weekend - here is a very short review of the book.
Despite the fact that qmail is the second most popular MTA on the Internet, there are not that many good books on qmail out there. So, it was exciting to review an addition to the short list of qmail literature. In about 130 pages, the author covers everything from compiling and installing qmail to important patches, qmail configuration and monitoring. The book is easy to read for those who are familiar with *nix, so it is definitely a good reference for mail administrators. There is plenty of information on qmail and third party addons (including vpopmail and VMailMgr) and the author does a good job in explaining basic qmail functionality. However, I felt that the book was a little incomplete, because many topics are touched upon, but not in enough detail. For example, in Chapter 6 "Filtering", the author mentions the most popular anti-virus engines, but does not show how to hook any of them up to qmail. In all honesty, it is a little misleading to call it a "step-by-step" guide, because it is not detailed enough to be called that. Personally, I would rename it to something like "Qmail Reference Guide". At the same time, I also understand that putting too many details into such book would make it hard to read and follow, especially with qmail, since it is NOT a simple or intuitive program to learn.
Overall, I really enjoyed reading the book and I can say that it definitely deserves a spot in a system administrator's bookshelf.
Apache Guide has been updated
Just updated the "Apache, PHP, GD & Mod_Perl Guide" for the latest versions of Apache (1.3.39) and PHP (5.2.4). Compiled it on this server and so far everything has been running great! :)
Invalid round-robin iptables rule causes kernel panic on FC6
I was experimenting with round-robin capabilities of iptables and ended up crashing my firewall server. The original rule was set to:
iptables -A PREROUTING --destination x.x.x.x -i eth0 -p tcp --dport 25 -j DNAT --to-destination 10.10.10.1-10.10.10.5
All I'm doing is routing a single external IP SMTP traffic to multiple hosts within my internal network for load balancing purposes. What killed the server and caused a kernel panic was this change:
iptables -A PREROUTING --destination x.x.x.x -i eth0 -p tcp --dport 25 -j DNAT --to-destination 10.10.10.5-10.10.10.1
Error was reproduced on another FC6 machine with the same kernel.
Kernel version: Linux version 2.6.20-1.2962.fc6
Linux as a desktop OS (again)
After Fedora Core 6 came out (which was supposed to be the most stable build so far) I decided to give it another chance as a desktop OS. Of course I didn't have the courage to try it on my home PC, but I went ahead and installed it on my Dell Inspiron 6400 laptop.
First impressions:
- Fedora Core 6 is definitely more stable than FC5.
- For some reason FC6 installed the 586 kernel instead of 686. I noticed this while I was installing additional kernel modules. I found the right kernel RPM files and manually installed them. Then, rebooted the machine with the new kernel and removed the 586 version.
- Hibernate and suspend functions work out of the box, but wireless functions die after the laptop resumes. Restarting the NetworkManager works for now.
- Sound and video functions worked without any extra configuration, although I did have to install the latest Nvidia drivers for my GeForce Go 7300 (desktop effects with wobbles are cool).
- Haven't really tested bluetooth, but it seems to be working.
- Getting wireless to work was the biggest pain. Compiling ipw3945 with WPA2 support and making it work with NetworkManager was pretty ugly and I ended up using a pre-compiled dkms package from freshrpms.
- Gnome doesn't seem to crash as often and it is much better in terms of performance and stability.
- Customizable panels and themes are sweet.
I must say I'm very impressed with Fedora Core 6, despite the fact that it needs some improvements and bugs to be worked on. I have been waiting for an alternative stable desktop operating system that works out of the box and FC6 is definitely a good candidate so far. Of course not everything I need is currently available for Linux, but I'm sure that companies are starting to realize that Linux is getting more popular every day and hopefully they will start writing commercial software for Linux as well. Linux community needs software that works on Linux, without the need to rely on various emulators and Wine.
Thumbs up for Fedora Community!
Check out my desktop screenshot below.
L2TP vs OpenVPN
I have been spending quite some time lately comparing L2TP VPN on Linux versus OpenVPN. After doing a lot of testing I came to the conclusion that not only OpenVPN is faster than L2TP, but also much easier to set up and configure.
Pros and cons of each:
L2TP VPN Pros:
- Works with the Windows XP VPN client
- Because of native support allows a remote user to join a domain via "dial-ip" connection feature of XP
- Feature-rich backend allows complicated configurations with SSL or PSKs
L2TP VPN Cons:
- Unstable L2TP code; l2tpd requires heavy patching with the latest kernels; kernel recompilation with TTY support is preferable
- Unexpected crashes when the client connection is not closed properly
- Hard to configure; requires good linux skills along with solid understanding of networking and VPN technology
- Slower than OpenVPN
- Almost no support from the community
OpenVPN Pros:
- Easy to configure and install
- Does not require any kernel recompilation, works perfectly with the latest Linux distros
- Can be configured on any TCP or UDP port; excellent performance even when port forwarding
- Considerably faster than L2TP
- OpenVPN works on any version of Windows, Mac and Linux/Unix; a free GUI version is readily available for Windows
- Excellent support from the open source community
- Allows virtual point-to-point IP connections (tun) as well as virtual ethernet connections (tap)
OpenVPN Cons:
- Does not work with native Windows XP VPN client
As you can see, I couldn't really find cons for OpenVPN, thanks to its speed and ease of use. I have also been very thankful to guys at DD-WRT who embedded an OpenVPN client into my Linksys WRT-54GL firmware. Now I have my workplace easily accessible from home, without having to manually connect via VPN :)
Dependencies suck!
I've been running Redhat Linux 9 on one of my dedicated servers (don't ask me why I haven't upgraded). I went through the pain of installing the newest version of kernel, openssl, openssh and apache last week and it seemed to go smoothly. Except I just noticed that Apache SSL stopped working. It was a weird error and debugging the process revealed that Apache was still using the old openssl shared library. Oh well, I thought, I'll just remove the old version of openssl completely and reinstall Apache + point to the new openssl path. I was wrong. After I removed old openssl many things stopped working such as su, perl, wget, lynx and much more. I had to move the old shared libraries back to where they were to get things back to normal. There are ways to get this working, but I don't want to recompile all those packages! What a nightmare...
