May 12 2008

jDome 3d Immersion

Published by tm under miscellaneous

Neat stuff.

More info at http://www.jdome.com/

No responses yet

Mar 31 2008

CERN LHC going live soon!

Published by tm under the universe

Measuring 27km in circumference, it will become the world’s largest particle accelerator when it inaugurates in July.

Related stories:

http://physicsworld.com/cws/article/news/33600

http://gizmodo.com/374066/large-hadron-collider-wont-destroy-earth-of-course-not

No responses yet

Mar 12 2008

Bypass SSL Certificate Errors when connecting an iPhone to Plesk Mail Account

Published by tm under plesk

On the iPhone:

  1. Select Settings, Mail
  2. Select Add Account…
  3. Select Other
  4. Enter all of your relevant email account details
  5. Select the Save button. At this point, you will be presented with an ‘invalid certificate’ warning.
  6. Select the Cancel button; you will be returned to the account details screen
  7. Select the Save button; ignore the warning that ‘you may not be able to send email’
  8. Open the settings for your new mail account and select the Advanced button
  9. Use the sliders to disable SSL for mail receiving/sending. Be sure to check the port numbers to ensure they’re valid for your particular email server

No responses yet

Mar 12 2008

SSL certificate setup for pop3s, imaps, smtps on Plesk

Published by tm under plesk

lifted from here

HOWTO to setup an SSL certificate on a Plesk server so that it will be used when people connect through secure pop, smtp and imap.

First, you will need a certificate. It can be self signed or CA signed. Using a self-signed cert will of course result in some browser warnings for those who have not added the certificate as locally trusted on their computer.

You will want a copy of your cert in PEM format. If you don’t have this already, just create a single file with the private key followed by the certificate. That’s it. For example, just run the following (using correct paths to your private key and certificate files):

touch host.pem
chmod 600 host.pem
cat host.key host.crt > host.pem

and you’ll now have a PEM file. It should look like this:

—–BEGIN CERTIFICATE—–

—–END CERTIFICATE—–
—–BEGIN RSA PRIVATE KEY—–

—–END RSA PRIVATE KEY—–

Courier-IMAP (pop3s and imaps)

The first step is to set it up for pop3s and imaps by backing up and replacing the certs at:

/usr/share/courier-imap/pop3d.pem

and

/usr/share/courier-imap/imapd.pem

with your PEM file.

If you have a chained cert, you need to do one more thing. You need to tell courier-imap about it. Backup and edit both of the following files:

/etc/courier-imap/pop3d-ssl

/etc/courier-imap/imapd-ssl

and set the value TLS_TRUSTCERTS in each file to the path to the certificate chain. For example, drop a copy of the certificate chain into a file at:

/usr/share/courier-imap/chain.crt

and then set the value for TLS_TRUSTCERTS in the pop3d-ssl and imapd-ssl files like so:

TLS_TRUSTCERTS=/usr/share/courier-imap/chain.crt

now restart courier-imap:

service courier-imap restart

Qmail (smtps)

To setup your certificate for use with smtps, copy your PEM file to:

/var/qmail/control/servercert.pem

and if you have a CA certs, append them to that same file (so you should have all of the CA chained certs right after your own certificate in that file).

now restart qmail:

service qmail restart

Test everything

You can test these newly installed certificates to make sure everything is working with the following:

openssl s_client -connect [host]:993
openssl s_client -connect [host]:995
openssl s_client -connect [host]:465

Note that the imaps test (port 465) can take a while to respond when testing like this.

And, of course, you can test these (and should) by trying to use an actual email account to send and receive mail using these protocols.

No responses yet

Mar 12 2008

SMTP on different Port in Plesk

Published by tm under plesk

Copy /etc/xinetd.d/smtp_psa to smtp2_psa

In the new file, REPLACE service smtp WITH service smtp2

Then modify /etc/services and add the smtp2 service (port 26 in this example).

smtp2 26/tcp mail
smtp2 26/udp mail

Then restart xinetd
/etc/init.d/xinetd restart

Check that the new port is now listening
# netstat -plunt |grep :26

That should return something similar to

tcp 0 0 0.0.0.0:26 0.0.0.0:* LISTEN 2345/xinetd

Test connection by telnetting from an outside box to port 26 on the server:
telnet 123.123.123.123 26

2 responses so far

Feb 17 2008

Plesk qmail notes

Published by tm under plesk

lifted from here

Qmail Log Location in Plesk:

/usr/local/psa/var/log/maillog

Ignore Mail to unkown user instead of bouncing:

One domain at a time:

edit /var/qmail/mailnames/<domain.goes.here.com>/.qmail-default and replace its contents with: |true

to change for all domains:

find /var/qmail/mailnames/ | grep .qmail-default | xargs replace “|bouncesaying ‘This address no longer accepts mail.’” ‘|/bin/true‘ –


                    			

No responses yet

Jan 18 2008

Hubble Deep Field Video

Published by tm under the universe

“Representing a narrow “keyhole” view stretching to the visible horizon of the universe, the Hubble Deep Field image covers a speck of the sky only about the width of a dime 75 feet away. Though the field is a very small sample of the heavens, it is considered representative of the typical distribution of galaxies in space, because the universe, statistically, looks largely the same in all directions. Gazing into this small field, Hubble uncovered a bewildering assortment of at least 1,500galaxies at various stages of evolution.”

Hubblesite

You need to a flashplayer enabled browser to view this YouTube video

No responses yet

Sep 29 2007

Linux / Plesk / APF Quick and Dirty Howto

Published by tm under plesk

As root from SSH term:

wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz
tar -xvzf apf-current.tar.gz
cd apf-*/
./install.sh

Check for install errors

Installation Details:

  • Install path: /etc/apf/
  • Config path: /etc/apf/conf.apf
  • Executable path: /usr/local/sbin/apf
  • AntiDos install path: /etc/apf/ad/
  • AntiDos config path: /etc/apf/ad/conf.antidos
  • DShield Client Parser: /etc/apf/extras/dshield/

Edit the config file:

vi /etc/apf/conf.apf

Turn on DShield.org blocklist

USE_DS=”1″

Allow Plesk Ports (add or remove the ports relevant to your configuration here)

IG_TCP_CPORTS=”20,21,22,25,53,80,110,143,443,465,993,995,8443″
IG_UDP_CPORTS=”37,53,873″

EGF=”1″
EG_TCP_CPORTS=”20,21,22,25,53,37,43,80,113,443,465,873,5224″
EG_UDP_CPORTS=”53,873″

Run in debug mode first, and check to make sure everything is open/blocked appropriately, then turn debug mode off.

No responses yet

Aug 29 2007

Plesk: Train SpamAssassin and apply to all accounts server-wide

Published by tm under plesk

Ripped from here

chose an email account on the server to act as the model for SpamAssassin training. Using IMAP, create a SPAM and a HAM folder for this account. Copy messages that are spam into the SPAM folder and likewise for HAM. Run the following commands on the command-line, substituting the domain and user names where appropriate:

sa-learn –spam /var/qmail/mailnames/domain/user/Maildir/.SPAM/*

sa-learn –ham /var/qmail/mailnames/domain/user/Maildir/.HAM/*

After sufficient training, you’ll need to copy the resulting bayes_* files into each email account directory on the server (if you want to use this model’s training data server-wide, of course). Consider using the following one-liner to do this:

find /var/qmail/mailnames -type d -mindepth 2 -maxdepth 2 -exec cp -f /var/qmail/mailnames/domain/user/.spamassassin/bayes_* {}/.spamassassin/ \;

The above assumes a .spamassassin directory for each user

One response so far

May 23 2007

Plesk: Configure domain to use external mail server

Published by tm under plesk

From inside the control panel at the domain’s DNS section:

Remove the default CNAME record for mail.domain.com.

Then create an A record for mail.domain.com to point to the IP address of the external mail server.

Since remote mailserver functionality is not currently supported by PSA, all instances of that domain must be removed from the virtualdomains and rcpthosts files located in the /usr/local/psa/qmail/control/ directory. These files are located in the /var/qmail/control/ directory for the RPM build.

Once the changes have been made PSA needs to be stopped then started.

One response so far

Next »