digitalmurph.com

Steve from work does Santa Claus!

Test post from my iPhone

So I have a business. It’s a web-based CRM platform for Auto Dealerhips. My partner and I plugged away for about 4 years trying to build and grow it. Somewhere along the way I got fed up with our dedicated host, who shall remain nameless. Constant downtime, awful service, and an account management portal that just plain sucked. In the end, a massive exploit ruined our server, along with every other server configured similarly near our rack. Try and get them on the phone? We lost a client as a result, and frankly I didn’t blame them for leaving. I felt like an amateur.

Enter Softlayer.

From day one, I have been simply amazed at the level of expertise and service these folks provide. My server was provisioned and ready for business within one hour of my ordering it.. on a Sunday… at 2am.

Since that time about 2 years ago, I literally have had exactly zero issues. No downtime. No problems. No nothing. Beautiful. Every request I have submitted was immediately addressed by their impeccable customer support. Their customer account interface and accompanying forum portal are simply the best I have ever encountered from any host, not that I ever really have to use it since I rarely, if ever, have any kind of problem. Now I feel like an expert. And most importantly, my clients feel that way too.

About 6 months ago, my partner and I gave up the dream of our business and went back to full-time jobs. We still enjoy and fully support our existing client base, and one of the main reasons is Softlayer. Today it dawned on me that the server, the sites, all the email accounts, everything.. has been simply sitting there on a rack in one of their many datacenters just doing what it is supposed to be doing.I expect it will continue to do just that for some time to come.

Thanks, SoftLayer.

Cheers,

Murph

Measuring 27km in circumference, it will become the world’s largest particle accelerator when it inaugurates in July.

Related stories:

http://physicsworld.com/cws/article/news/33600

http://gizmodo.com/374066/large-hadron-collider-wont-destroy-earth-of-course-not

On the iPhone:

1. Select Settings, Mail
2. Select Add Account…
3. Select Other
4. Enter all of your relevant email account details. Be sure to select IMAP or POP before you “Cancel” and “Save.” You can’t adjust that setting when modifying the account later.
5. Select the Save button. At this point, you will be presented with an ‘invalid certificate’ warning.
6. Select the Cancel button; you will be returned to the account details screen
7. Select the Save button; ignore the warning that ‘you may not be able to send email’
8. Open the settings for your new mail account and select the Advanced button
9. Use the sliders to disable SSL for mail receiving/sending. Be sure to check the port numbers to ensure they’re valid for your particular email server

lifted from here

HOWTO to setup an SSL certificate on a Plesk server so that it will be used when people connect through secure pop, smtp and imap.

First, you will need a certificate. It can be self signed or CA signed. Using a self-signed cert will of course result in some browser warnings for those who have not added the certificate as locally trusted on their computer.

You will want a copy of your cert in PEM format. If you don’t have this already, just create a single file with the private key followed by the certificate. That’s it. For example, just run the following (using correct paths to your private key and certificate files):

touch host.pem
chmod 600 host.pem
cat host.key host.crt > host.pem

and you’ll now have a PEM file. It should look like this:

—–BEGIN CERTIFICATE—–
…
—–END CERTIFICATE—–
—–BEGIN RSA PRIVATE KEY—–
…
—–END RSA PRIVATE KEY—–

Courier-IMAP (pop3s and imaps)

The first step is to set it up for pop3s and imaps by backing up and replacing the certs at:

/usr/share/courier-imap/pop3d.pem

and

/usr/share/courier-imap/imapd.pem

with your PEM file.

If you have a chained cert, you need to do one more thing. You need to tell courier-imap about it. Backup and edit both of the following files:

/etc/courier-imap/pop3d-ssl

/etc/courier-imap/imapd-ssl

and set the value TLS_TRUSTCERTS in each file to the path to the certificate chain. For example, drop a copy of the certificate chain into a file at:

/usr/share/courier-imap/chain.crt

and then set the value for TLS_TRUSTCERTS in the pop3d-ssl and imapd-ssl files like so:

TLS_TRUSTCERTS=/usr/share/courier-imap/chain.crt

now restart courier-imap:

service courier-imap restart

Qmail (smtps)

To setup your certificate for use with smtps, copy your PEM file to:

/var/qmail/control/servercert.pem

and if you have a CA certs, append them to that same file (so you should have all of the CA chained certs right after your own certificate in that file).

now restart qmail:

service qmail restart

Test everything

You can test these newly installed certificates to make sure everything is working with the following:

openssl s_client -connect [host]:993
openssl s_client -connect [host]:995
openssl s_client -connect [host]:465

Note that the imaps test (port 465) can take a while to respond when testing like this.

And, of course, you can test these (and should) by trying to use an actual email account to send and receive mail using these protocols.

Copy /etc/xinetd.d/smtp_psa to smtp2_psa

In the new file, REPLACE service smtp WITH service smtp2

Then modify /etc/services and add the smtp2 service (port 26 in this example).

smtp2 26/tcp mail
smtp2 26/udp mail

Then restart xinetd
/etc/init.d/xinetd restart

Check that the new port is now listening
# netstat -plunt |grep :26

That should return something similar to

tcp 0 0 0.0.0.0:26 0.0.0.0:* LISTEN 2345/xinetd

Test connection by telnetting from an outside box to port 26 on the server:
telnet 123.123.123.123 26

lifted from here

Qmail Log Location in Plesk:

/usr/local/psa/var/log/maillog

Ignore Mail to unkown user instead of bouncing:

One domain at a time:

edit /var/qmail/mailnames/<domain.goes.here.com>/.qmail-default and replace its contents with: |true

to change for all domains:

find /var/qmail/mailnames/ | grep .qmail-default | xargs replace “|bouncesaying ‘This address no longer accepts mail.’” ‘|/bin/true‘ –

“Representing a narrow “keyhole” view stretching to the visible horizon of the universe, the Hubble Deep Field image covers a speck of the sky only about the width of a dime 75 feet away. Though the field is a very small sample of the heavens, it is considered representative of the typical distribution of galaxies in space, because the universe, statistically, looks largely the same in all directions. Gazing into this small field, Hubble uncovered a bewildering assortment of at least 1,500galaxies at various stages of evolution.”

Hubblesite

As root from SSH term:

wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz
tar -xvzf apf-current.tar.gz
cd apf-*/
./install.sh

Check for install errors

Installation Details:

• Install path: /etc/apf/
• Config path: /etc/apf/conf.apf
• Executable path: /usr/local/sbin/apf
• AntiDos install path: /etc/apf/ad/
• AntiDos config path: /etc/apf/ad/conf.antidos
• DShield Client Parser: /etc/apf/extras/dshield/

Edit the config file:

vi /etc/apf/conf.apf

Turn on DShield.org blocklist

USE_DS=”1″

Allow Plesk Ports (add or remove the ports relevant to your configuration here)

IG_TCP_CPORTS=”20,21,22,25,53,80,110,143,443,465,993,995,8443″
IG_UDP_CPORTS=”37,53,873″

EGF=”1″
EG_TCP_CPORTS=”20,21,22,25,53,37,43,80,113,443,465,873,5224″
EG_UDP_CPORTS=”53,873″

Run in debug mode first, and check to make sure everything is open/blocked appropriately, then turn debug mode off.