Check this out!
Month: May 2006
up at 5am!
]]>
dream about being back in school again…
I don’t think I’ll ever do it.]]>
Good Links for this Forum
http://www.yolinux.com – cool tutorials on linux http://www.freshmeat.net – almost every single application written for open source http://www.rpmfind.net – most rpms http://sysunconfig.net/unixtips/solaris.html – Solaris tips/tricks]]>
PIPE channel in iMS
iMS 5.x – Setting up Program Delivery through the PIPE channel
The purpose of this article is so that you will be able to send email to an script or program like procmail and do something with it.
1. Make sure that your mailsrv user has a home directory that he can write to. /tmp will work just fine. The user does not need to have a valid shell, so /bin/false will work.
2. Write the program and put it in msg-
In my case, I will be creating symbolic link to cat.
# cd msg-
# ln -s /usr/bin/cat cat
3. register cat into the MTA program list.
# ./imsimta program -a -p cat -m catter -g ‘>>/tmp/alton_mails’ -e user
4. list programs to see that your program is there:
#./imsimta program -l
==================================================
Method_name : catter
Program_name : /opt/iMS5.1/msg-goofy/imta/programs/cat
Argument_list : >>/tmp/alton_mails
Execute Permission : User
==================================================
5. add program delivery attributes to your user ldap entries:
mailprogramdeliveryinfo: catter
maildeliveryoption: program
6. execute “imsimta dirsync -F” if necessary.
7. run ./imsimta test -rewrite
Submitted address list:
ims-ms
program1@ims-ms-daemon (orig [email protected], inter [email protected], host ims-ms-daemon) *NOTIFY-FAILURES* *NOTIFY-DELAYS*
pipe
[email protected]-daemon (orig [email protected], inter [email protected], host catter.pipe-daemon) *NOTIFY-FAILURES* *NOTIFY-DELAYS*
8. Send mail to the user and test it!
Mission Impossible 3
mysql commands – create database / set permissions
/usr/bin/mysqladmin -u root password ‘new-password’
/usr/bin/mysqladmin -u root -h chunli.shocknetwork.com password ‘new-password’
mysql -u root -p -e “create database <dbname>”
mysql -u root -p -e “grant all on <dbname>.* to <user>@localhost identified by ‘<password>'”
VMware – migrating virtual disk from GSX to ESX
Here are the steps for importing a GSX VM to ESX:
1) Here’s how to convert the vmdk file into 2gb chunks:
vmware-vdiskmanager -r sourceDisk.vmdk -t 0 targetDisk.vmdk
2) Share the folder of the new targetDisk with Windows.
3) Make temp directory and mount Windows shared folder on the ESX server:
a) mkdir /mnt/tempwindowsmountpoint
b) mount -t smbfs -o username //gsxserver/sharename /mnt/tempwindowsmountpoint
4) Import vmdk
vmkfstools -i /mnt/tempwindowsmountpoint/targetDisk.vmdk /vmfs/vmfs/newtargetDisk.vmdk
5) Create new VM in ESX and point to the newtargetDisk.vmdk
6) Start up new VM.
Regards,
Alton
Sendmail routing through Microsoft Active Directory
Sendmail routing through Microsoft Active Directory
To give credit where credit is due, the attachment was sent to me from Randy Fox from csgsystems. There’s one bug with public folders. The workaround is to create a mailing list by the same name and make the public folder a member of the list.
If you’re reading this, you are probably running a Microsoft Exchange
Server or probably currently already have sendmail relaying to an Exchange
Server and want to improve your setup.
Most sendmail to exchange setups will take mail and blindly relay the mail
over. If yours is like this, you will know that you get email bounces that
can go nowhere because most of the initial intentions of the emails were
for spam and they would just send messages to users that they don’t know
even exist. A major problem with this is that it will hold up your sendmail
queue and hinder your performance as it will try to send these emails just
as much as the ones that are important and need to be sent out immediately.
This article will show you how to use sendmail’s ldap features to look into
the Active Directory to see where the mail should go and have sendmail send
it there. By having sendmail look into the Active Directory, it will know
whether users exist and will stop immediately after the “RCPT TO†in the
envelope if users don’t exist, eliminating the useless, bounce emails that
never get anywhere.
This procedure is not fully supported by Sun support because of the amount
of customization required.
First off, you will need a version of sendmail that has ldap capabilities
compiled into it. You can check this with:
/usr/lib/sendmail -d0.11 < /dev/null
Version 8.12.8+Sun
Compiled with: DNSMAP LDAPMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8
When you see LDAPMAP, you know that it will work. Solaris 7-9 should all
work. Patches are available for those that don’t.
The Microsoft Active Directory is a different ldap server than your typical
ldap server, so you will want to browse the directory and learn more about
how it’s designed. You will need to find or create a user that can browse
the Active Directory.
For the sake of simplicity, this example will use the Administrator userid
and his password to bind to the Active Directory server and find view its
contents.
For Solaris 8-9, if you have the SUNWlldap package installed, you can use
the ldapsearch command located /usr/bin. Run something like:
/usr/bin/ldapsearch -L -D “cn=Administrator, cn=Users, dc=domain, dc=com” \
-h domaincontroller.domain.com -b “dc=domain,dc=com” objectclass=* \
> /tmp/active_directory.ldif
It will ask you for a password. You want to input the Windows
Administrator’s password there. You can open the /tmp/active_directory.ldif
file and read it and you can find a lot of the information in the directory
server.
If you do not have the ldapsearch command, while logged in as Administrator
on the Exchange server, you can achieve a similar result in Windows with
ldifde -f c:\temp\export.ldif -v
Upon knowing what’s in the Active Directory, you can proceed to plug this
data into your sendmail configuration.
Because the Active Directory is a little different from your standard ldap
server, some hacks are required to make sendmail work.
You want to go into your /usr/lib/mail/hack directory. You can create it if
the directory isn’t there. (The files are attached.) In there, you want to create a file called
AD_ldap_routing.m4 and inside of it have:
divert(-1) # # Copyright (c) 1999-2001 Sendmail, Inc. and its suppliers. # All rights reserved. # # By using this file, you agree to the terms and conditions set # forth in the LICENSE file which can be found at the top level of # the sendmail distribution. # # divert(0) VERSIONID(`$Id: ldap_routing.m4,v 8.8 2001/06/27 21:46:31 gshapiro Exp $') divert(-1) # Check first two arguments. If they aren't set, may need to warn in proto.m4 ifelse(len(X`'_ARG1_), `1', `define(`_LDAP_ROUTING_WARN_', `yes')') ifelse(len(X`'_ARG2_), `1', `define(`_LDAP_ROUTING_WARN_', `yes')') # Check for third argument to indicate how to deal with non-existant # LDAP records ifelse(len(X`'_ARG3_), `1', `define(`_LDAP_ROUTING_', `_PASS_THROUGH_')', _ARG3_, `passthru', `define(`_LDAP_ROUTING_', `_PASS_THROUGH_')', `define(`_LDAP_ROUTING_', `_MUST_EXIST_')') # Check for fouth argument to indicate how to deal with +detail info ifelse(len(X`'_ARG4_), `1', `', _ARG4_, `strip', `define(`_LDAP_ROUTE_DETAIL_', `_STRIP_')', _ARG4_, `preserve', `define(`_LDAP_ROUTE_DETAIL_', `_PRESERVE_')') LOCAL_CONFIG # LDAP routing maps Kldapmh ifelse(len(X`'_ARG1_), `1', `ldap -1 -v msExchHomeServerName,msExchExpansionServerName -k (|(mail=%0)(proxyaddresses=smtp:%0))', `_ARG1_') Kldapmra ifelse(len(X`'_ARG2_), `1', `ldap -1 -v targetAddress -k (|(mail=%0)(proxyaddresses=smtp:%0))', `_ARG2_')
The next step is to make the modifications to your .mc file.
The first feature we should add is a mailertable to tell sendmail where to
send mail with different ldapsearch results.
So we add the line:
FEATURE(`mailertable’)
To add the ldap features into sendmail. Add the lines (of course, you put
in your domains):
HACK(`AD_ldap_routing')
LDAPROUTE_DOMAIN(`domain.com')dnl # what domain to do ldap lookups for.
LDAPROUTE_DOMAIN(`secondarydomain.com')dnl # alternate domain to do ldap lookups for.
You then need to specify your Active Directory settings (this all fits on
one line). You will also need to create the file /etc/mail/ldap.passwd. (We
will do this later)
define(`confLDAP_DEFAULT_SPEC',`-h domaincontroller.domain.com -M simple -d "cn=Administrator, cn=Users, dc=domain, dc=com" -P /etc/mail/ldap.passwd -p 389 -b "dc=domain, dc=com"')
We will now have to add some custom rulesets. There’s also one line you need to change here:
R<> </ o=CSG Systems , Inc . / ou=CSG / cn=Configuration / cn=Servers / $+> <$+> <$+> <$*> $>LDAPMailertable <$1> $2
Make it match your organzation. You can find this by looking at your
active_directory.ldif file and seeing
the msExchHomeServerName attribute. Every user entry should have something
like:
msExchHomeServerName: /o=Domain/ou=First Administrative Group/cn=Configuration/cn=Servers/cn=domaincontroller
With that, you just strip off the last cn= and make spaces in between.
LOCAL_NET_CONFIG R$* < @ $=m . > $* $#esmtp $@ $2 $: $1 < @ $2 . > $3 internal addr delivered to host R$* < @ $+ . $=m . > $* $#esmtp $@ $2 . $3 $: $1 < @ $2 .$3 . > $4 internal w/host # Begin custom LDAP rule set. # the following lines are essentually copied from the proto.m4 file. They are entered here to maintain the proper, # original flow control but process the Active Directory response properly. # pass names that still have a host to a smarthost (if defined) R$* < @ $* > $* $: $>MailerToTriple < $S > $1 < @ $2 > $3 glue on smarthost name # deal with other remote names R$* < @$* > $* $#esmtp $@ $2 $: $1 < @ $2 > $3 [email protected] # handle locally delivered names R$=L $#local $: @ $1 special local names R$+ $#local $: $1 regular local names SLDAPExpand #do the LDAP lookup for the Exchange Mail Host R<$+><$+><$*> $: <$(ldapmra $2 $: $)> <$(ldapmh $2 $: $)> <$1> <$2> <$3> # if mailRoutingAddress (targetAddress) and local or non-existant mailHost, # return the new mailRoutingAddress R<$+> <$=w> <$+> <$+> <$*> $@ $>Parse0 $>canonify $1 R<$+> <> <$+> <$+> <$*> $@ $>Parse0 $>canonify $1 # fix hostname in Mailertable, relay from there R<$+> <$+> <$+> <$+> <$*> $>LDAPMailertable <$2> $>canonify $1 # if no mailRoutingAddress and local mailHost, # return original address R<> <$=w> <$+> <$+> <$*> $@ $2 # if no mailRoutingAddress and non-local mailHost, # relay to mailHost (Exchange Server) with original address # "de-AD" response at same time # You'll need to do the query manually the find the proper stuff to pull out R<> </ o=CSG Systems , Inc . / ou=CSG / cn=Configuration / cn=Servers / $+> <$+> <$+> <$*> $>LDAPMailertable <$1> $2 # if still no mailRoutingAddress and no mailHost, # try @domain R<> <> <$+> <$+ @ $+> <$*> $@ $>LDAPExpand <$1> <@ $3> <$4> # if no mailRoutingAddress and no mailHost and this was a domain attempt, # return the original address R<> <> <$+> <@ $+> <$*> $@ $1 # End of custom LDAPExpand rule set
You now want to create your cf file.
/usr/ccs/bin/m4 ../m4/cf.m4 file.mc > file.cf
Now that we’re done with the cf file, we need to supply the other files to
the configuration.
Create the ldap.passwd file:
echo “activedirectorypassword” > /etc/mail/ldap.passwd
Create the mailertable to tell sendmail where to send the mail. When we
stripped the last cn= off of the msExchHomeServerName, we will take that
and put it here. So my /etc/mail/mailertable will look like:
cn=domaincontroller esmtp:exchangeserver.domain.com
After you create this file, you will need to put it in the database for
sendmail to read it. Do this by running the command:
makemap -v hash /etc/mail/mailertable < /etc/mail/mailertable
You will also need to tell sendmail that you take mail for the domain as
well, so you want to put your domain in /etc/mail/local-host-names.
echo “domain.com” > /etc/mail/local-host-names
Now we will need to restart sendmail and test it. Run a command like this
for a user in the Active Directory:
/usr/lib/sendmail -bv [email protected]
You should see: [email protected]… deliverable: mailer esmtp, host
domaincontroller.domain.com, user [email protected]
If you run the same command on a user that’s not in the Active Directory,
you should get:
/usr/lib/sendmail -bv [email protected]
[email protected]… User unknown
Once you’ve got this, you’re all set!
————————————————————————————————————-
Some ideas on troubleshooting:
If you see
/usr/sbin/sendmail -bv [email protected]
[email protected]… deliverable: mailer relay, host cn=exchangeserver, user
[email protected]
You probably forgot the mailertable. The mailertable translates the cn=host
to the actual host and tells it which protocol to use to send the mail. In
our case, we use esmtp.
If you see something like this:
/usr/sbin/sendmail -bv [email protected]
[email protected]… deliverable: mailer esmtp, host domain.com., user
>/o=domain/ou=First.Administrative.Group/cn=Configuration/cn=Servers/[email protected]@domain.com<
You have the wrong data in the area where it says:
# relay to mailHost (Exchange Server) with original address
# “de-AD” response at same time
in the sendmail.mc file.
Because it’s hard to read the .mc file stuff in the text, you can download the files here: AD_Routing.tar
qmail setup – install + log
changed conf-home
changed /usr/local to /usr
changed error.h
replace the line “extern int errno;” with “#include
ran: make
make setup check
install of checkpassword-0.90.tar.gz
changed conf-cc to:
gcc -O2 -march=i586 -mcpu=i586 -funroll-loops -fomit-frame-pointer
changed error.h
replace the line “extern int errno;” with “#include
ran: make
make setup check
install of qmail-1.03.tar.gz
changed conf-cc to:
gcc -O2 -march=i586 -mcpu=i586 -funroll-loops -fomit-frame-pointer
changed error.h
replace the line “extern int errno;” with “#include
groupadd nofiles
useradd qmaild -g nofiles -d /var/qmail -s /bin/false
useradd alias -g nofiles -d /var/qmail/alias -s /bin/false
useradd qmaill -g nofiles -d /var/qmail -s /bin/false
useradd qmailp -g nofiles -d /var/qmail -s /bin/false
groupadd qmail
useradd qmailq -g qmail -d /var/qmail -s /bin/false
useradd qmailr -g qmail -d /var/qmail -s /bin/false
useradd qmails -g qmail -d /var/qmail -s /bin/false
ran: make
make setup check
ln -s /var/qmail/bin/sendmail /usr/lib/sendmail
ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail
mv -f /var/qmail/bin/maildir2mbox /usr/bin
mv -f /var/qmail/bin/maildirmake /usr/bin
mv -f /var/qmail/bin/maildirwatch /usr/bin
mv -f /var/qmail/bin/qmail-qread /usr/bin
mv -f /var/qmail/bin/qmail-qstat /usr/bin
chmod 444 /var/qmail/man/man1/*
chmod 444 /var/qmail/man/man5/*
chmod 444 /var/qmail/man/man7/*
chmod 444 /var/qmail/man/man8/*
mv -f /var/qmail/man/man1/* /usr/share/man/man1
mv -f /var/qmail/man/man5/* /usr/share/man/man5
mv -f /var/qmail/man/man7/* /usr/share/man/man7
mv -f /var/qmail/man/man8/* /usr/share/man/man8
rm -rf /var/qmail/man/
rm -rf /var/qmail/doc/
maildirmake /etc/skel/Maildir
./config-fast kitana.shocknetwork.com
cd ~alias
touch .qmail-postmaster
touch .qmail-mailer-daemon
touch .qmail-root
touch .qmail-postmaster
chmod 644 ~alias/.qmail-*
cat /etc/dot-qmail
./Maildir/
|qbiff
cat /etc/tcp.smtp
192.168.0.:allow,RELAYCLIENT=””
tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
chmod 644 /etc/tcp.smtp*
—————————————————————————————-
tar zxvf ucspi-tcp-0.88.tar.gz
cd ucspi-tcp-0.88
vi conf-home
make
vi error.h
cd ..
rm -rf ucspi-tcp-0.88
tar zxvf ucspi-tcp-0.88.tar.gz
cd ucspi-tcp-0.88
vi conf-home
vi conf-cc
vi error.h
make
vi error.h
make
cd
find /* > ucspitcp1
cd –
make setup check
cd –
find /* > ucspitcp2
diff ucspitcp1 ucspitcp2 > ucspitcp_install
cat ucspitcp_install
file /usr/bin/who
mcs
who -r
pwd
cd
tar zxvf checkpassword-0.90.tar.gz
cd checkpassword-0.90
cat conf-cc
cp ../ucspi-tcp-0.88/conf-cc .
cat conf-cc
make
vi error.h
make
cd
find /* > checkpass1
cd –
make setup check
cd –
find /* > checkpass2
diff checkpass1 checkpass2 > checkpass_install
cat checkpass_install
tar zxvf qmail-1.03.tar.gz
cd qmail-1.03
vi conf-cc
cat ../ucspi-tcp-0.88/conf-cc
cp ../ucspi-tcp-0.88/conf-cc .
cat conf-cc
cd
find /* > pre_qmail
init 0
uname -a
ps -ef
cd /var/log
ls -lrt
tail -f messages
groupadd nofiles
useradd qmaild -g nofiles -d /var/qmail -s /bin/false
useradd alias -g nofiles -d /var/qmail/alias -s /bin/false
useradd qmaill -g nofiles -d /var/qmail -s /bin/false
useradd qmailp -g nofiles -d /var/qmail -s /bin/false
groupadd qmail
useradd qmailq -g qmail -d /var/qmail -s /bin/false
useradd qmailr -g qmail -d /var/qmail -s /bin/false
useradd qmails -g qmail -d /var/qmail -s /bin/false
cd
ls
cd checkpass
cd checkpassword-0.90
cat conf-home
cat conf-cc
cd ../ucspi-tcp-0.88
cat conf-home
cat conf-cc
which checkpassword
cd ~
cd qmail-1.03
./config
vi /etc/hosts
./config
./config-fast kitana.shocknetwork.com
cat /var/qmail/control/rcpthosts
vi /var/qmail/control/rcpthosts
grep cy *
grep cr.yp *
pwd
ls -l
ls
pwd
cd /var/qmail/control/
ls
ls -l
cat *
pwd
cd ..
ls
cd –
cd ~/qmail-1.03
cat headerbody.c
cat headerbody.h
grep cr.yp.to *
grep pobox.com *
grep qmail.html *
clear
clear
grep qmail.html *
vi qmail-smtpd.c
make setup check
cd ~alias
touch .qmail-postmaster
touch .qmail-mailer-daemon
touch .qmail-root
touch .qmail-postmaster
chmod 644 ~alias/.qmail-*
cd
cd qmail-1.03
ls
grep qmail *
grep ‘invoked by uid’ *
vi qmail-header.
vi qmail-header.0
grep ‘invoked by uid’ *
vi qmail-header.5
pwd
cd
cd /var/qmail/control/
ls
cd ../queue/
ls
cd remote/
ls
ls -R
ls -l
cd ..
ls
cd ..
ls
cd boot/
ls
cd ../boot/
ls
cd ../alias/
ls
cd ..
ls
man qmail-qstat
ls
cd qmail-1.03
ls -l
ls
cat conf-cc
more config.sh
ls
ls
make setup check
vi error.h
make setup check
which sendmail
/usr/lib/sendmail
cd /var/qmail/bin/
ls -l
file sendmail
for i in *; do file $i; done
history
ls -lR /var/qmail/man/
ls -lRd /var/qmail/man/
ls -ld /var/qmail/man/
ls -ld /var/qmail/man/*
ls -l /usr/share/man/
ls -l /usr/share/man/*
ls -l /usr/share/man/
ls -l /usr/share/man/*
ls -ld /var/qmail/man/*
ls -ld /var/qmail/man/*/*
ln -s /var/qmail/bin/sendmail /usr/lib/sendmail
ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail
mv -f /var/qmail/bin/maildir2mbox /usr/bin
mv -f /var/qmail/bin/maildirmake /usr/bin
mv -f /var/qmail/bin/maildirwatch /usr/bin
mv -f /var/qmail/bin/qmail-qread /usr/bin
mv -f /var/qmail/bin/qmail-qstat /usr/bin
chmod 444 /var/qmail/man/man1/*
chmod 444 /var/qmail/man/man5/*
chmod 444 /var/qmail/man/man7/*
chmod 444 /var/qmail/man/man8/*
mv -f /var/qmail/man/man1/* /usr/share/man/man1
mv -f /var/qmail/man/man5/* /usr/share/man/man5
mv -f /var/qmail/man/man7/* /usr/share/man/man7
mv -f /var/qmail/man/man8/* /usr/share/man/man8
rm -rf /var/qmail/man/
rm -rf /var/qmail/doc/
maildirmake /etc/skel/Maildir
which sendmail
file sendmail
strings sendmail
man qmail-qread
mailq
cd
find /* > post_qmail
diff pre_qmail post_qmail
diff pre_qmail post_qmail > qmail_install
ls -l
dig collegetext.com mx
telnet mail.collegetext.com. 25
dig dekluge.com mx
telnet mail.dekluge.com 25
dig yahoo.com mx
telnet mx2.mail.yahoo.com 25
telnet mx3.mail.yahoo.com 25
telnet mx4.mail.yahoo.com 25
dig openna.com mx
telnet smtp.openna.com 25
dig sill.org mx
telnet mail.sill.org 25
cd
wget http://www.lifewithqmail.org/qmailctl-script-dt70
cat qmailctl-script-dt70
sh qmailctl-script-dt70 start
bash qmailctl-script-dt70 start
rm qmailctl-script-dt70
pwd
lynx ftp://ftp.openna.com/ConfigFiles-v2.0
lynx ftp://ftp.openna.com/
ftp ftp.openna.com
ftp ftp.openna.com
ftp ftp.openna.com
ls -l
bunzip2 ConfigFiles-v2.0.tar.bz2
tar xvf ConfigFiles-v2.0.tar
cd ConfigFiles-v2.0.tar
cd ConfigFiles-v2.0
ls
tar zxvf floppy-2.0.tgz
ls -l
cd floppy
ls
cd Qmail/
ls
cd init.d/
ls
sh qmail start
vi /etc/dot-qmail
man qbiff
sh qmail start
ps -ef | grep qmail
telnet 0 25
telnet 192.168.0.2 25
sh qmail stop
sh qmail stop
sh qmail start
sh qmail stop
sh qmail stop
cat /etc/dot-qmail
sh qmail start
netstat -an | grep 25
telnet 192.168.0.2 25
ifconfig -a
netstat -apn | grep 25
sh qmail stop
vi /etc/tcp.smtp
cat /etc/tcp.smtp
tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
sh qmail start
telnet 192.168.0.2 25
sh qmail stop
chmod 644 /etc/tcp.smtp*
sh qmail start]]>