Keep the spamassassin filter rules up to date in ISPConfig 3

To update the spamassassin rules regularily on your ISPConfig 3 server, add the following line to the root crontab by running:

crontab -e

then insert the following line:

23 4 */2 * * /usr/bin/sa-update --no-gpg &> /dev/null

and save the file. The path to the sa-update script is /usr/bin/sa-update on Ubuntu and Debian Linux, if you use a different linux distrubution, run the command:

which sa-update

to find the location of the sa-update script and adjust the path in the crontab line above so that it matches the path on your system.

How to kill processes in “D” state in Linux?

If a process is shown with process state "D" in tools like ps or top, then its a zombie process. Example:

ps axl | grep D

4   104  2579  9109  20   0   5024  2116 refrig D    ?          0:00 cleanup -z -t unix -u -c

Zombie processes can not be killed with the normal commands like "kill -9 PID", you will have to reboot the system to kill them.

How to use apt-file to find which .deb package contains a specific file

Sometimes you need to know which debian package contains a specific file e.g. because you deleted a system file accidently or you try to install a new software that requires this file. The apt package management utility which is used in Debian and Ubuntu comes with a handy tool called apt-file which allows a saerch for filenames in the package database.

Install apt-file

apt-get install apt-file

Update the apt-file database

apt-file update

Search for a specific file name, e.g. "lcrypto"

apt-file search /bin/bash

apt-file search /bin/bash
bash: /bin/bash
bash: /usr/bin/bashbug
bash-minimal: /bin/bash-minimal
bash-static: /bin/bash-static
bashdb: /usr/bin/bashdb
mybashburn: /usr/bin/bashburn

How to fix the spamassassin bug with the FH_DATE_PAST_20XX rule

Since january 1 2010, spamassassin is falsely marking non spam emails as spam due to an error in the regular expression of the FH_DATE_PAST_20XX rule.

Description of the bug:

To fix this, run the following command on the shell as root user:


If you use the software ISPConfig 2 on your server, run this command:


How to renew the SSL certificate for dovecot on CentOS

Make a backup of the old key and certificate file

mv /etc/ssl/certs/dovecot.pem /etc/ssl/certs/dovecot.pem.old
mv /etc/ssl/private/dovecot.key /etc/ssl/private/dovecot.key.old

Create the new SSL certificate

openssl genrsa -out /etc/ssl/private/dovecot.key 1024
openssl req -new -x509 -key /etc/ssl/private/dovecot.key -out /etc/ssl/certs/dovecot.pem -days 730

Restart Dovecot:

/etc/init.d/dovecot restart

Optimize MySQL performance with mysqltuner

The following tutorial describes the steps to optimize the performance of a MySQL database with the mysqltuner script.

Login to your server on the shell, then execute the following commands:

Download the mysqltuner script:

cd /usr/local/bin
chmod +x

Run mysqltuner


Then enter root as username and the mysql root password.

You will get a output similar to this:

root@v221:/usr/local/bin# /usr/local/bin/

>>  MySQLTuner 1.0.1 - Major Hayden <[email protected]>
>>  Bug reports, feature requests, and downloads at
>>  Run with '--help' for additional options and output filtering
Please enter your MySQL administrative login: root
Please enter your MySQL administrative password:

-------- General Statistics --------------------------------------------------
[--] Skipped version check for MySQLTuner script
[OK] Currently running supported MySQL version 5.0.51a-24+lenny2
[!!] Switch to 64-bit OS - MySQL cannot currently use all of your RAM

-------- Storage Engine Statistics -------------------------------------------
[--] Status: +Archive -BDB -Federated +InnoDB -ISAM -NDBCluster
[--] Data in MyISAM tables: 26M (Tables: 215)
[!!] InnoDB is enabled but isn't being used
[!!] Total fragmented tables: 33

-------- Performance Metrics -------------------------------------------------
[--] Up for: 96d 23h 3m 41s (10M q [1.239 qps], 686K conn, TX: 701M, RX: 1B)
[--] Reads / Writes: 44% / 56%
[--] Total buffers: 58.0M global + 2.6M per thread (100 max threads)
[OK] Maximum possible memory usage: 320.5M (12% of installed RAM)
[OK] Slow queries: 0% (20/10M)
[OK] Highest usage of available connections: 33% (33/100)
[OK] Key buffer size / total MyISAM indexes: 16.0M/8.5M
[OK] Key buffer hit rate: 99.9% (57M cached / 30K reads)
[OK] Query cache efficiency: 78.6% (5M cached / 6M selects)
[!!] Query cache prunes per day: 483
[OK] Sorts requiring temporary tables: 0% (0 temp sorts / 408K sorts)
[!!] Temporary tables created on disk: 36% (269K on disk / 745K total)
[OK] Thread cache hit rate: 99% (427 created / 686K connections)
[!!] Table cache hit rate: 2% (64 open / 3K opened)
[OK] Open file limit used: 11% (120/1K)
[OK] Table locks acquired immediately: 99% (3M immediate / 3M locks)

-------- Recommendations -----------------------------------------------------
General recommendations:
Add skip-innodb to MySQL configuration to disable InnoDB
Run OPTIMIZE TABLE to defragment tables for better performance
Enable the slow query log to troubleshoot bad queries
When making adjustments, make tmp_table_size/max_heap_table_size equal
Reduce your SELECT DISTINCT queries without LIMIT clauses
Increase table_cache gradually to avoid file descriptor limits
Variables to adjust:
query_cache_size (> 16M)
tmp_table_size (> 32M)
max_heap_table_size (> 16M)
table_cache (> 64)

The script recommends to adjust or add the following variables in the mysql my.cnf file. The location of my.cnf is normally /etc/my.cnf or /etc/mysql/my.cnf depending on the Linux distribution that is installed on your server.

Open the my.cnf file:

vi /etc/mysql/my.cnf

and increase or set the variables in the [mysqld] section of the file. Mine looks now like this:

# * Basic Settings
user            = mysql
pid-file        = /var/run/mysqld/
socket          = /var/run/mysqld/mysqld.sock
port            = 3306
basedir         = /usr
datadir         = /var/lib/mysql
tmpdir          = /tmp
language        = /usr/share/mysql/english
# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
bind-address            =
# * Fine Tuning
key_buffer              = 16M
max_allowed_packet      = 16M
thread_stack            = 128K
thread_cache_size       = 8
# This replaces the startup script and checks MyISAM tables if needed
# the first time they are touched
myisam-recover          = BACKUP
#max_connections        = 100
table_cache            = 128
#thread_concurrency     = 10
# * Query Cache Configuration
query_cache_limit       = 1M

query_cache_size        = 32M
tmp_table_sizee        = 64M
max_heap_table_sizee        = 32M

Then save the file and restart mysql. After a few hours, rerun mysqltuner and check again if the values are fine now or if the have to be increased to a higher value.

How to renew the SSL certificate for dovecot on Ubuntu Linux

To create new SSL certificates for the dovecot pop3 and imap server on Ubuntu, follow these steps:

Make a backup copy of the old key and certificate file

sudo cp /etc/ssl/private/dovecot.key /etc/ssl/private/dovecot.key.old
sudo cp /etc/ssl/certs/dovecot.pem /etc/ssl/certs/dovecot.pem.old

Create the new key file

openssl genrsa -out /etc/ssl/private/dovecot.key 1024

Create the new certificate file, valid for 2 years

openssl req -new -x509 -key /etc/ssl/private/dovecot.key -out /etc/ssl/certs/dovecot.pem -days 730

Then restart dovecot

/etc/init.d/dovecot restart

Manage the postfix mailqueue with postsuper, postqueue and mailq

Postfix provides with postsuper, postqueue and mailq some  shell utilitys to manage the mailqueue.

Here are some examples for common tasks:

List all messages that are in the mailqueue

postqueue -p

The output looks like this:

root@server:/# postqueue -p
 -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
 501CA23B43DB     2182 Thu Dec  3 14:24:39  [email protected]
 (Host or domain name not found. Name service error for type=MX: Host not found, try again)
 [email protected]
-- 8 Kbytes in 1 Requests.

Delete a message by message ID

postsuper -d MessageID

replace MessageID with the ID of the message, e.g. 501CA23B43DB

root@server:/# postsuper -d 501CA23B43DB
 postsuper: 501CA23B43DB: removed
 postsuper: Deleted: 1 message

Remove emails by sender

mailq | tail +2 | awk 'BEGIN { RS = "" }
 # $7=sender, $8=recipient1, $9=recipient2
 { if ($7 == "[email protected]" && $9 == "")
 print $1 }
 ' | tr -d '*!' | postsuper -d -

replace "[email protected]" with the sender email address.

Remove emails by recipient

mailq | tail +2 | awk 'BEGIN { RS = "" }
 # $7=sender, $8=recipient1, $9=recipient2
 { if ($8 == "[email protected]" && $9 == "")
 print $1 }
 ' | tr -d '*!' | postsuper -d -

replace [email protected] with the recipient email address.

Remove emails by sender hostname

mailq | grep senderhostname | awk ‘{ print $1′} | postsuper -d -

replace the word "senderhostname" with the hostname of the email sender.

If your server has very high load and you want to temporarily move all message from the incoming queue to the hold queue, use the command:

postsuper -h ALL

to move the messages back to the incoming queue, use the command:

postsur -r ALL

Instead of the word "ALL" you can also provide a specific message ID to move only one message to or from the hold queue. Message in the hold queue will not processed by postfix until they were requeued with postsuper -r.