Most of the renowned ESPs such as gmail or hotmail or yahoo do not like
to mailed to from the same address multiple times in a short span. If
they detect (and they will) that a server's IP is sending out bursts of
emails in short span of time or over a single connection, they will most
certainly block your IP.
Here is how we can negate this block by rate limiting on the server side
so that the server IP(s) remain clean and unblocked. We can configure
postfix to rate limit the mails based on their recipient domains.
Suppose we need to rate limit mails to gmail to 1000 per hour, this can
be achieved using the following steps.
We will use custom transports in postfix configuration to achieve this
rate limiting. Custom transports are supported in postfix > v2.5.
Check your postfix version using the following command:
[root@smtp01 ~]# postconf mail_version
mail_version = 2.8.5
If postfix is older than 2.5, upgrade it.
Now, define required additional transport in postfix master.cf file:
smtp-gmail unix - - n - 1 smtp
-o syslog_name=smtp-gmail
share everything
Tuesday, May 14, 2013
More tips on tunning postfix
These are from python.org server
default_destination_concurrency_limit=50
default_destination_recipient_limit=50
default_process_limit=200
smtp_mx_session_limit=100
smtpd_client_connection_count_limit=100
smtp_destination_concurrency_limit=100
maximal_backoff_time = 1000s
minimal_backoff_time = 300s
Monday, May 13, 2013
Friday, May 10, 2013
Cut Command
1. Introduction
If you think that you can do Linux System administration without cut command, then you are absolutely right. However, mastering this fairly simple command line tool will give you a great advantage when it comes to the efficiency of your work on a user as well administration level. To simply put, cut command is one of many text-filtering command line tools that Linux Operation System has to offer. It filters standard STDIN from another command or input file and sends the filtered output to STDOUT.2. Frequently used options
Without too much talk let's start by introducing main and the most commonly used cut command line options.- -b, --bytes=LIST
Cuts the input file using list of bytes specified by this option - -c, --characters=LIST
Cuts the input file using list of characters specified by this option - -f, --fields=LIST
Cuts the input file using list of field. The default field to be used TAB. The default behavior can be overwritten by use of -d option. - -d, --delimiter=DELIMITER
Specifies a delimiter to by used as a field. As mentioned previously default field is TAB and this option overwrites this default behavior.
Limit Mail With Policyd
This document is geared towards using Policyd (cluebringer) on Ubuntu to limit mail with Postfix.
As the name implies, Policyd is a policy server for MTAs. From their website:
Currently, I only use the Quota module with Policyd, which allows for limiting the rate of mail based on its attributes.
This document is written for Ubuntu 12.04 LTS Server. Older versions of Ubuntu (10.04 at least), used the older version of policyd, which will not be covered.
Policyd v2 (codenamed “cluebringer”) is a multi-platform policy server for popular MTAs. This policy daemon is designed mostly for large scale mail hosting environments. The main goal is to implement as many spam combating and email compliance features as possible while at the same time maintaining the portability, stability and performance required for mission critical email hosting of today. Most of the ideas and methods implemented in Policyd v2 stem from Policyd v1 as well as the authors’ long time involvement in large scale mail hosting industry.Even if you don’t have a “large scale mail hosting environment”, you can still greatly benefit from Policyd.
Currently, I only use the Quota module with Policyd, which allows for limiting the rate of mail based on its attributes.
This document is written for Ubuntu 12.04 LTS Server. Older versions of Ubuntu (10.04 at least), used the older version of policyd, which will not be covered.
Table of Contents
- 1 What this guide is
- 2 Install the prerequisites
- 3 Download the source
- 4 Setup SQL
- 5 Setup Config Files
- 6 Install Program
- 7 Configure it
- 8 Start the daemon
- 9 Install WebUI
- 10 Integrate with Postfix
- 11 Completion
- 12 Creating policies
Postfix limit outgoing mail
You have some postfix based
relays in the corporation environment, with thousands of very important
email messages. System works properly One day developer wants to test a
script or program for sending outbound mail. He asks you about SMTP
connection credentials and warn you that there is a chance of mistake,
so his software may send thousands messages instead of few.
Anvil will help us to prevent the system from overloading
Note: This features are available in Postfix 2.2 and later.
Open postfix config file in your favourite text editor
Anvil will help us to prevent the system from overloading
Note: This features are available in Postfix 2.2 and later.
Open postfix config file in your favourite text editor
CentOS server setup, install, configuration HowTo RHEL 5 ftp server setup config example
VSFTPD Virtual users configuration (with MySQL) CentOS 5.x / RHEL 5 - HowTO example
vsFTPd Virtual Users configuration with MySQL, CentOS example, How To Set Up VSFTPD virtual users,
Setup Virtual Users and Directories in VSFTPd on CentOS 5.x/6.x, RHEL 5/6 (in my case it was CentOS 5.4 x86 32bit).
( based on Virtual Hosting With vsftpd And MySQL On Debian Etch)
Someone might find this useful, so you don't have to lose a day or two for getting it work... (as I did)...
Setup Virtual Users and Directories in VSFTPd on CentOS 5.x/6.x, RHEL 5/6 (in my case it was CentOS 5.4 x86 32bit).
( based on Virtual Hosting With vsftpd And MySQL On Debian Etch)
Someone might find this useful, so you don't have to lose a day or two for getting it work... (as I did)...
Advantages
1. Storing users and passwords into one database is easier to maintain and you avoid having local accounts for all the users you might need to give them FTP access, so the security risk of hacking user accounts is minimized. All users are located in one directory with user specific settings if needed.
2. MySQL protects databases with user specific permissions granted by MySQL root (a superuser for databases, giving them access, permissions to read, write, modify...)
1. Storing users and passwords into one database is easier to maintain and you avoid having local accounts for all the users you might need to give them FTP access, so the security risk of hacking user accounts is minimized. All users are located in one directory with user specific settings if needed.
2. MySQL protects databases with user specific permissions granted by MySQL root (a superuser for databases, giving them access, permissions to read, write, modify...)
So the MySQL superuser root should have its own MySQL password (not the same as account 'root') in case of exploits to mysql and hacking the local 'root' account to get access to the server ( some more MySQL basics )
Subscribe to:
Posts (Atom)