EnsimFixes.com

Sadly the spammers are winning and they have learned that a lot of servers have catch-alls. That means all mail to a domain (as long as it’s a valid domain) will deliver that spam no matter what. Here is what we do to turn off catch-alls.

wget http://www.customensimbackup.com/download/fix_aliases
chmod +x fix_aliases
./fix_aliases

Now we are going to edit the /etc/appliance/customization/virtDomain.sh file so that it doesn’t come back. Here is what mine looks like:

#!/bin/bash

DOMAIN=$1
SITE_ADMIN=$2
LOGFILE="/var/log/virtDomain.log"
NOW=`date -R`

fix_aliases() {
# Fix and add aliases
CMD1="/usr/lib/opcenter/virtualhosting/VirtSiteOperation"
CMD2="/usr/lib/opcenter/sendmail/update_alias"
echo $CMD1 $DOMAIN $CMD2 catch-all | at now +2 minutes
echo -e "$NOW\tAliases configured for $DOMAIN" >> $LOGFILE
}

# modified for fixing the catch-all in aliases
# make sure this is at the very end
fix_aliases

Edit yours, or create it and put that in there. Make sure you make it executable when your finished with your edits.

chmod +x /etc/appliance/customization/virtDomain.sh

No Comments »

From an admin’s point of view, there isn’t really a good way to find out who is using what as far as mail goes. So I wrote this little number so I can find out just where all that mail is hiding.

wget http://www.customensimbackup.com/download/check_mailboxes
chmod +x check_mailboxes
./check_mailboxes | more

You can also make a wrapper script for cron and use the command

./check_mailboxes --report

or to redirect the output to a file

./check_mailboxes --report >> mailbox_check.txt

Enjoy.

8 Comments »

Ensim Compatable Backup Script (5.8.06-1)

Features for version 5.8.06

This script does not use ftp during the backup to speed up the backup process. There is an optional FTP transfer afterwards if desired

Note 1: Certified to work with CentOS 4.4 / RHEL 4.4 – Ensim 10.x / Ensim 4.x and down to Ensim 3.5
Note 2: REMOVE ALL BACKUP SCRIPTS AND THEIR CRONTAB SCHEDULERS PRIOR TO INSTALLATION

wget http://www.customensimbackup.com/download/EnsimBackup-5.8.06-1.noarch.rpm
rpm -Uvh EnsimBackup*.rpm
cd /root/EnsimBackup
pico -w EnsimBackup

Edit the ” Configurable Variables” and then CTR-X to save your work

./EnsimBackup -h

This will display all the options available and what they do
No options “defaults” to Backup Everything
pico -w /etc/cron.d/EnsimBackup and either uncomment out the line or add your own using that as a template

Run the script!

If backup was unsuccessful, then recheck your edits.

Warnings:

1. Ensim has the backup files in a tar/gzip format. Although they are unarchivable, and can be used to copy and paste things from there, I don’t recommend doing it. It knows what files are there, and puts a signature on them. If tampered with, it will not restore those files. The site databases dump files are also in those files. Ensim puts it under a hidden directory for some reason. Bottom line is don’t play with the files and they will serve you well.
2. Unless you have done lots of restores with Ensim, and know what your doing I suggest getting in touch with me before doing anything as far as disaster recovery. There is a set order of doing things, and a set procedure. If you find your self in that situation, don’t change anything on the newly created drive, or freshly restored OS. CONTACT ME. I’m usually always around, and can save you a world of grief.
3. When Ensim does it databases dump, it won’t care if it fails or not. Head the warning error messages the table checks generate. If tables are corrupted, then have the owners fix their databases or notify their owners that they are responsible for them. A busy table, or tables missing isn’t a database error. It just means it’s busy or missing.
4. If your backups are taking 22 hours to complete, your server is severly stressed out. Two documented examples that I have on record: a: A client with 58 sites was taking 22 hours for backups to complete. 2 sites had about 5GB’s worth of jpgs. He moved from a p4 2.4 to a dual xeon machine and dropped from that 22 hour backup to all of 2 hours. b: The other example had about 380 sites on a p4 3.0 server, and was able to get away with just adding memory. My commercial version can stagger out these backups by breaking it into thirds, but bottom line is that you have to look at the machines limitations.

**************************************************

Check your cron reports in the morning to make sure everything is working correctly ie like you really do have backup files in /home/vhbackup or where ever you decided to back them up to.

NOTE 1: I have written and tested this on an Ensim 4.0.4 (CentOS 4.1) machine. Should work with all flavors of Ensim 3.5 and above.
NOTE 2: Usual disclaimers, warranties etc. apply. No guarantees. This is an “as-is” product. It will not fix what is broken.
NOTE 3: Bug reporting contact information in the header of the script file.
NOTE 4: If you don’t have an offsite location, you should contact me about getting one, or at the very least, downloading those files in /home/vhbackup onto another machine somewhere or another hard drive. Backup, Backup, Backup! Heed the warning cause WHEN your hard drive does die, you won’t be crying into your crying towel. You will be up and running as fast as that hard drive can be replaced. Trust me … angry clients can be MEAN! The ftp feature is optional, use it if you want to, but its not required.
NOTE 5: If you like this script, consider purchasing the commercial version at http://www.customensimbackup.com

ENJOY!

3 Comments »

This is a real quick fix for this issue.

replace "#Lock Type = flock" "Lock Type = posix" -- /etc/MailScanner/MailScanner.conf
service MailScanner restart

Enjoy!

4 Comments »

Tripwire is a form of intrusion detection. It’s like the James Bond trick of putting a hair on the doorknob. It lets you know if somebody’s been doing things inside your system, however it can only make it’s report ***AFTER*** the break-in.

Tripwire has been around for a while, and has gone commercial. However, there is a free gpl version available for use and installation. Here are the directions that you can use to install tripwire. This is not a tutorial on it’s use, or the results it produces.

wget http://www.nightowlsnetwork.net/repos/tripwire-2.4.0.1-1.i386.rpm
rpm -Uvh tripwire-2.4.0.1-1.i386.rpm
cd /etc/tripwire
wget http://www.customensimbackup.com/download/tweak_tripwire
chmod +x tweak_tripwire
./tweak_tripwire

Now you need to edit the policy file, and make sure you need to add or remove any checks or just leave the defaults I have set.

pico -w twpol.txt

Answer the following 4 password questions with something that you know very well.

/usr/sbin/tripwire-setup-keyfiles

Now to get things setup.

wget http://www.customensimbackup.com/download/tweak_tripwire2
chmod +x tweak_tripwire2
./tweak_tripwire2

Feel free to change the time of the cron job if you desire after your sure it’s running. I have the report to run at 5:30AM
The docs are freely available on the web, so let Google be your friend. A good article can be found here: http://www.barryodonovan.com/misc/publications/lg/106/

2 Comments »

This “error” is caused by the use of a “non-standard partitioning scheme” done by lots of places on a server’s hard drive.

wget http://www.customensimbackup.com/download/fix_cross_link
chmod +x fix_cross_link
./fix_cross_link

Enjoy.

4 Comments »