El blog de LandM

get into mysql as root

and execute:

purge binary logs before ''''2008-12-31'''';
exit

That”’’s all!!!

You save a lot of disk space.

Tags: mysql purge bin-log logs

Last week Lucas my co-worker Lucas noticed that in one of our servers didn’t have a swap partition, until now things were going ok because server didn’t have much RAM usage, but now servers is getting more traffic each day and sometimes free ram gets extremely low.

In a normal situation the process here should be, reboot the server, and using gparted or similar create a small amount of free space and allocate that as a swap partition. Fortunately this not needed nowadays, since Kernel 2.6 swap file performance has increased dramatically so the possible benefits from having a dedicated swap partition against a swap file are so small that in some situations it is preferable to have a swap file in case you wan’t to increase / decrease it’s size.

The process for building this kind of swap files is very simple:

# dd if=/dev/zero of=/home/swap bs=1M count=1024

Replacing 1024 with the number of megabytes you want will change the swap file size.

Now that we have the size we want on disk we can prepare it for usage as a swap partition:

# mkswap /home/swap

Now the swap file has being built you must introduce the following line in /etc/fstab file so this partition get’s mounted once the system is rebooted:

/home/swap swap swap defaults 0 0

And finally to test the swap file you should type, which would activate all the partitions marked as “swap” in /etc/fstab

# swapon –a

Now finally we can check that the swap partition has being activated:

# free -m
total used free shared buffers cached
Mem: 2028 1719 308 0 132 1119
-/+ buffers/cache: 468 1559
Swap: 1023 0 1023

Finally there are two useful commands you should be aware if you are playing around with swap files:

# swapon | swapoff

This commands activate and deactivate the usage of swap file.

Tags: swap, swapfile

Life is easier since we use qpsmtpd. So we want to write some little tips about it.

• How to queue messages ?

The easiest way to queue messages is use qmail-queue, but if you don’t have qmail, use your actual mail server in localhost and plugin smtp-forward:

queue/smtp-forward 127.0.0.1 25

Don’t forget to accept all mail from localhost and remove spam and antivirii from your mail server. Now your mail server is acting as MDA. Let qpsmtpd do all filters (antispam, antivirii, …).

• Auth plugins

Try to use standard method like smtpd or imap. It will allow you to change any piece of software whenever without affect your qpsmtpd setup.

auth/auth_imap 127.0.0.1 993

auth/auth_smtpd 127.0.0.1 25

• Check valid rcptto

Maybe the most important plugin to avoid dictionary attacks. There are scripts to extract valid users from qmail installation: John M. Simpson has some scripts to dump all users to a cdb file. Link

But if you don’t have qmail you have to do two things in order to have qpsmtpd workproperly:

1. Dump all domains into config/rcpthosts file. Use shell or perl scripts.
2. Dump all valid users into validrcptto.cdb file. Don’t forget this file is a cdb. There are tools (like cdbmake) to help you to build a cdb file. Send the valid list to a pipe like this :

E.g.: perl getValidUsers.pl |/usr/local/bin/cdbmake-12 /opt/qpsmtpd/config/validrcptto.cdb /opt/qpsmtpd/validrcptto.tmp

And you will have a validrcptto.cdb file. Be careful and don’t forget mailing lists!!!.

When you have the file generated add this line:

check_validrcptto_cdb /opt/qpsmtpd/config/validrcptto.cdb -

before rcpt_ok plugin

• How to stop mails from an address to a valid users.

Use this plugin: check_badmailfromto

Create a file (config/badmailfromto) with two columns: from to (separated with ab)

That’s all. Easy as qpsmtpd.

• How to accept mails from a relay client.

First of all be sure the relay client is a trust client. To accept all mail from the ip, include the ip in config/relayclients file. But the best way to do it is authenticate the client via standard method.

• How to accepts mails from servers that don’t use rfc.
  

Strange?, not at all. We are in Spain where an official mail server (Seguridad Social) doesn’t respect rfc. So we had to remove rhsbl plugin from our config.

• How to avoid spamassassin for relay clients.

Just add this lines in hook_data_post method, after this line:

return (DECLINED) if $transaction->data_size > 500_000;

The code:

…

if ( $self->qp->connection->relay_client ) {
# failsafe
$self->log(LOGALERT, “Allowing relay client past spamassassin”);
return (DECLINED);
}

…

So, if it is a relayed client it doesn’t send the message to spamassassin daemon. Continue Reading »

Tags: auth, auth_imap, auth_smtpd, badmailfromto, cdb, message, plugin, qpsmtpd, queue, relay client, relayclients, rfc, rhsbl, smtp-forward, validrcptto