The Craving Mind

  A "valid" PTR record is one which resolves to a name which resolves back to the address. For this reason, your PTR records shouldn't use names that resolve back to multiple addresses. Reasoning behind all this (read on only if you care):   There's no rule in the RFC's saying that there must be a PTR record for every A record, though it is listed as a design goal. It also never says that you can't have multiple PTR records for a given address; unfortunately, doing so creates havoc. The reason for this is the way that records are reported and recognized. Suppose you have multiple PTR records for a given address. Then this happens:   1) A request is made for PTR records for the address, by something trying to verify one of the hostnames.   2) The server treats the set of PTR records in round-robin, "load sharing" the results. In effect, it reorders the records in an essentially random permutation, and reports them all.   3) The requester sees a stack ...

Problem: zimbra@mail:/home/bolcorp$ zmcontrol status Host mail.domain.com         amavis                  Stopped                 amavisd is not running.         antispam                Stopped                 zmamavisdctl is not running         antivirus               Stopped                 zmamavisdctl is not running                 zmclamdctl is not running ...

The basic configuration file of Fail2ban is available at   /etc/fail2ban/local.conf . However, to make customization we need to use a local config file called   /etc/fail2ban/jail.local To configure Fail2ban for Postfix SASL, add the following section in the  jail.local  file. [sasl] enabled = true port = smtp filter = postfix-sasl logpath = /var/log/mail.log maxretry = 5   Additionally, we need to configure Fail2Ban filter for postfix authentication failures in  /etc/fail2ban/filter.d/postfix-sasl.conf . A working  postfix-sasl.conf  contains the following details: # Fail2Ban filter for postfix authentication failures [INCLUDES] before = common.conf [Definition] _daemon = postfix/smtpd failregex = ^%(__prefix_line)swarning: [-._\w]+\[<HOST>\]: SASL (?:LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed(: [ A-Za-z0-9+/]*={0,2})?\s*$ Ref: https://bobcares.com/blog/fail2ban-postfix-sasl/

#apt-get update #apt-get install fail2ban -y #service fail2ban restart #service fail2ban status   #vi /etc/fail2ban/jail.local [DEFAULT] ignoreip = 127.0.0.1/8 YOUR_PREFERRED_IP/32 ::1 bantime = 3600 findtime = 600 maxretry = 5 [sshd]  enabled = true port = ssh,78 filter = sshd logpath = /var/log/auth.log maxretry = 2   #service fail2ban restart #service fail2ban status #fail2ban-client status #fail2ban-client status sshd   # fail2ban-client set sshd unbanip selected_ip     Ref: https://www.liquidweb.com/kb/install-configure-fail2ban-ubuntu-server-16-04/        

Assuming the system is Centos / Redhat system. Steps: Step 1:  Create virtual file lets say “all_email_forwarder”  for email forwarding inside /etc/postfix/ vi /etc/postfix/all_email_forwarder To forward all outgoing emais, lets say ” myemail@domain.com”, please do the following: /.+@.+/  myemail@domain.com Step 2: Edit /etc/postfix/main.cf file and add /edit virtual_maps variable with the following: virtual_maps = regexp:/etc/postfix/all_email_forwarder Step 3: restart postfix service: service postfix restart

Postfix by default installation allows emails can be sent without authentication. So anyone can send email with any email address using postfix server with default settings. This will allow spammers to use your servers to send emails and even malware /virus. Receiver will see your server as the MTA and will result ip in spam list. There are three main curtial settings in /etc/postfix/main.cf: smtpd_sender_restrictions:  Restrict sender for sending email only if given criteria matched. Best two options are reject_unknown_sender_domain and permit_sasl_autheticated. Which only allows domains in your servers are allowed to send emails and authentication is required to send email. You can also add more options as below: 1 2 3 4 5 6 7 8 9 10 smtpd_sender_restrictions =          reject_sender_login_mismatch,          reject_non_fqdn_sender,          reject_unlisted_sende...

IM – Instant Messaging for Zimbra 8.6. 1. To Check the status for enabled or disabled: # zmprov gacf zimbraXMPPEnabled # zmprov gc default zimbraFeatureIMEnabled # zmprov gc default zimbraFeatureInstantNotify If it returns FALSE IM was disabled, else TRUE means enabled. 2. To enable for Instant Messaging: # zmprov -l -v mcf zimbraXMPPEnabled TRUE # zmprov -v mc default zimbraFeatureIMEnabled TRUE # zmprov -v mc default zimbraFeatureInstantNotify TRUE 3. To disable for Instant Messaging: # zmprov -l -v mcf zimbraXMPPEnabled FALSE # zmprov -v mc default zimbraFeatureIMEnabled FALSE # zmprov -v mc default zimbraFeatureInstantNotify FALSE 4. Need to restart the zimbra: # zmcontrol stop # zmcontrol start Ref: https://dilliganesh.wordpress.com/2016/09/21/instant-messaging-for-zimbra-8-6/

How to add RBLs and RHSBLs on zimbra server To verify already updated policies in host [root@mail ]# su zimbra [zimbra@mail ]$ zmprov gacf | grep zimbraMtaRestriction zimbraMtaRestriction: reject_invalid_helo_hostname zimbraMtaRestriction: reject_non_fqdn_sender To add RBL server [zimbra@mail /]$ zmprov mcf +zimbraMtaRestriction “reject_rbl_client zen.spamhaus.org” [zimbra@mail /]$ zmprov mcf +zimbraMtaRestriction “reject_rbl_client psbl.surriel.com” [zimbra@mail /]$ zmprov mcf +zimbraMtaRestriction “reject_rbl_client b.barracudacentral.org” or [zimbra@mail /]$ zmprov mcf \ zimbraMtaRestriction “reject_rbl_client zen.spamhaus.org” \ zimbraMtaRestriction “reject_rbl_client psbl.surriel.com” \ zimbraMtaRestriction “reject_rbl_client b.barracudacentral.org” \ zimbraMtaRestriction “reject_rbl_client bl.spamcop.net” To add RHSBLs [zimbra@mail /]$ zmprov mcf \ zimbraMtaRestriction “reject_rhsbl_client dbl.spamhaus.org” \ zimbraMtaRestriction “reject_rhsbl_client multi.uribl.com” \ zimbraMtaR...

If you will get a prompt stating something like “Port conflict detected: 53 (zimbra-dnscache)” with a prompt to hit ENTER to continue, you can just hit enter and let the installation/upgrade run out. Once everything is running, you will see that the Zimbra DnsCahe service is in a stopped state. To fix this error, all you have to do is # zmcontrol status # zmprov ms `zmhostname` -zimbraServiceEnabled dnscache # zmprov ms `zmhostname` -zimbraServiceInstalled dnscache # zmcontrol status You will see that the service is removed from Zimbra’s Services. [zimbra@mail root]$ zmcontrol status Ref: https://dilliganesh.wordpress.com/2018/08/13/how-to-remove-dnscache-from-zimbra-services/

This will transform a normal existed user account into an admin account # zmprov ma account_name@domain.com zimbraIsAdminAccount TRUE