Archive for the ‘Email’ Category
How to disable spamfilter- and antivirus functions in ISPConfig 3
If you use a mailserver wil very low ram (< 500 MB) and a slow CPU then it might be nescessary to disable the spam- and antivirus filter functions in ISPConfig 3 as amavisd and clamav might be too heavy for your server hardware. The steps to disable clamav and amavisd are:
Edit postfix main.cf file
vi /etc/postfix/main.cf
and comment out these lines by adding a “#” in front of them:
# content_filter = amavis:[127.0.0.1]:10024 # receive_override_options = no_address_mappings
Then restart postfix:
/etc/init.d/postfix restart
Now stop and disable the services. The following commands are for Debian and Ubuntu, the commands for other Linux distributions may vary
/etc/init.d/clamav-daemon stop /etc/init.d/clamav-freshclam stop /etc/init.d/amavis stop
update-rc.d -f clamav-daemon remove update-rc.d -f clamav-freshclam remove update-rc.d -f amavis remove
P The normal mail receive and send functions will still work after this modification. But please be aware that disabling amavisd and clamav will disable all spam- and antivirus filtering so that the spamfiltering options that can be configured in the ispconfig interface will have any effect on mail delivery and no spam and viruses will get filtered.
The changes in postfix main.cf will get overwitten by a ispconfig software update when you select to reconfigure services during upadte, so you should comment out the lines again after you install a ispconfig update.
How to update Spamassassin on ISPConfig 2
The spamassassin installation on a ISPConfig 2 server is normally updated together with ISPConfig. Here are the steps iIf you want to update spamassassin manually without updating ISPConfig 2:
Download the latest Spamassassin sources and unpack the tar.gz file
cd /tmp wget http://ftp.fernuni-hagen.de/ftp-dir/pub/mirrors/\ www.apache.org/spamassassin/source/Mail-SpamAssassin-3.3.1.tar.gz tar xfz Mail-SpamAssassin-3.3.1.tar.gz
Configure, make and install spamassassin
cd Mail-SpamAssassin-3.3.1 perl Makefile.PL PREFIX=/home/admispconfig/ispconfig/tools/\ spamassassin/usr SYSCONFDIR=/home/admispconfig/ispconfig/\ tools/spamassassin/etc make make install
Cleanup
cd .. rm -f Mail-SpamAssassin-3.3.1.tar.gz rm -rf Mail-SpamAssassin-3.3.1
How to enable port 587 (submission) in postfix
Some internet access providers have port 25 disabled in their routers to prevent spam. If you run your own mailserver in a datacenter, you might have to enable the submission port (587) in postfix to be able to send emails from your local email client to your own mailserver.
To enable port 587, edit the file /etc/postfix/master.cf
vi /etc/postfix/master.cf
and remove the # in front of the line:
#submission inet n - n - - smtpd
so that it looks like this:
submission inet n - n - - smtpd
and restart postfix:
/etc/init.d/postfix restart
How to solve the ClamAV error “This version of the ClamAV engine is outdated” on Debian 5.0 (Lenny)
As of today, all ClamAV 0.94 or older installs will stop working. The Debian project has not released updates for their current stable release (5.0) yet to solve this, but there is a workaround. The Debain volatile project provides newer clamav versions. The installation steps to install ClamAV 0.95.3 on Debian lenny are:
1) Add the debian volatile repository to the sources list:
echo "deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-free" >> /etc/apt/sources.list
2) Update the sources and install the new clamav package:
apt-get update apt-get install clamav apt-get -u upgrade
3) If you use amavisd-new (e.g. if you use a ISPConfig 3 server) then restart amavisd:
/etc/init.d/amavis restart
Keep the spamassassin filter rules up to date in ISPConfig 3
To update the spamassassin rules regularily on your ISPConfig 3 server, add the following line to the root crontab by running:
crontab -e
then insert the following line:
23 4 */2 * * /usr/bin/sa-update --no-gpg &> /dev/null
and save the file. The path to the sa-update script is /usr/bin/sa-update on Ubuntu and Debian Linux, if you use a different linux distrubution, run the command:
which sa-update
to find the location of the sa-update script and adjust the path in the crontab line above so that it matches the path on your system.
How to fix the spamassassin bug with the FH_DATE_PAST_20XX rule
Since january 1 2010, spamassassin is falsely marking non spam emails as spam due to an error in the regular expression of the FH_DATE_PAST_20XX rule.
Description of the bug:
https://secure.grepular.com/blog/index.php/2010/01/01/spamassassin-2010-bug/
To fix this, run the following command on the shell as root user:
sa-update
If you use the software ISPConfig 2 on your server, run this command:
/home/admispconfig/ispconfig/tools/spamassassin/usr/bin/sa-update
How to renew the SSL certificate for dovecot on CentOS
Make a backup of the old key and certificate file
mv /etc/ssl/certs/dovecot.pem /etc/ssl/certs/dovecot.pem.old mv /etc/ssl/private/dovecot.key /etc/ssl/private/dovecot.key.old
Create the new SSL certificate
openssl genrsa -out /etc/ssl/private/dovecot.key 1024 openssl req -new -x509 -key /etc/ssl/private/dovecot.key -out /etc/ssl/certs/dovecot.pem -days 730
Restart Dovecot:
/etc/init.d/dovecot restart
How to renew the SSL certificate for dovecot on Ubuntu Linux
To create new SSL certificates for the dovecot pop3 and imap server on Ubuntu, follow these steps:
Make a backup copy of the old key and certificate file
sudo cp /etc/ssl/private/dovecot.key /etc/ssl/private/dovecot.key.old sudo cp /etc/ssl/certs/dovecot.pem /etc/ssl/certs/dovecot.pem.old
Create the new key file
openssl genrsa -out /etc/ssl/private/dovecot.key 1024
Create the new certificate file, valid for 2 years
openssl req -new -x509 -key /etc/ssl/private/dovecot.key -out /etc/ssl/certs/dovecot.pem -days 730
Then restart dovecot
/etc/init.d/dovecot restart
Manage the postfix mailqueue with postsuper, postqueue und mailq
Postfix provides with postsuper, postqueue and mailq some shell utilitys to manage the mailqueue.
Here are some examples for common tasks:
List all messages that are in the mailqueue
postqueue -p
The output looks like this:
root@server:/# postqueue -p -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient------- 501CA23B43DB 2182 Thu Dec 3 14:24:39 test@yourdomain.com (Host or domain name not found. Name service error for name=otherdomain.com type=MX: Host not found, try again) info@otherdomain.com -- 8 Kbytes in 1 Requests. <strong>Delete a message by message ID</strong> <p class="command">postsuper -d MessageID
replace MessageID with the ID of the message, e.g. 501CA23B43DB
root@server:/# postsuper -d 501CA23B43DB postsuper: 501CA23B43DB: removed postsuper: Deleted: 1 message <strong>Remove emails by sender</strong> <p class="command">mailq | tail +2 | awk 'BEGIN { RS = "" } # $7=sender, $8=recipient1, $9=recipient2 { if ($7 == "info@otherdomain.com" && $9 == "") print $1 } ' | tr -d '*!' | postsuper -d - replace "info@otherdomain.com" with the sender email address. <strong>Remove emails by recipient</strong> <p class="command">mailq | tail +2 | awk 'BEGIN { RS = "" } # $7=sender, $8=recipient1, $9=recipient2 { if ($8 == "you@yourdomain.com" && $9 == "") print $1 } ' | tr -d '*!' | postsuper -d - replace you@yourdomain.com with the recipient email address. <strong>Remove emails by sender hostname</strong> <p class="command">mailq | grep senderhostname | awk ‘{ print $1′} | postsuper -d -
replace the word “senderhostname” with the hostname of the email sender.
If your server has very high load and you want to temporarily move all message from the incoming queue to the hold queue, use the command:
postsuper -h ALL
to move the messages back to the incoming queue, use the command:
postsuper -r ALL
Instead of the word “ALL” you can also provide a specific message ID to move only one message to or from the hold queue. Message in the hold queue will not processed by postfix until they were requeued with postsuper -r.
How to enable port 465 (smtps) in postfix mailserver
More and more internet access providers are closing port 25 to reduce spam except for connections to their own mailservers. If you run your own mailserver and have problems to connect to it on port 25, you can enable port 465 (smtps) in postfix as a workaround. Edit the /etc/postfix/master.cf file:
vi /etc/postfix/master.cf
and remove the # in front of the smtps line. Example for Debain 5, change the line:
#smtps inet n - - - - smtpd
to:
smtps inet n - - - - smtpd
and restart postfix:
/etc/init.d/postfix restart