The Craving Mind

Scenario: Server:1 192.168.1.211 Server:1 192.168.1.222 Objective: Enable passwordless rsync from server1 to server2 Steps: 1. Enable root login 2. set root password 3. check current ssh status ssh -p 22 root@192.168.1.222 4. create your SSH key pair ssh-keygen -t rsa -b 4096 5. locate keys ls -ll /root/.ssh -rw------- 1 root root 3243 Jul 31 13:58 id_rsa -rw-r--r-- 1 root root 737 Jul 31 13:58 id_rsa.pub 6. ssh-copy-id root@192.168.1.222 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@192.168.1.222's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@192.168.1.222'" and check to make sure that only the key(s) you wanted were added. 7. Job is don...

Issue: ERROR: zclient.IO_ERROR (invoke sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target, server: localhost) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.ce rtpath.SunCertPathBuilderException: unable to find valid certification path to requested target). Solution: 1. Create and deploy selfsigned certificate – Run as zimbra user: [root@mail zimbra]$ /opt/zimbra/bin/zmcertmgr createca -new [root@mail zimbra]$ /opt/zimbra/bin/zmcertmgr deployca [root@mail zimbra]$ /opt/zimbra/bin/zmcertmgr createcrt -new -days 365 [root@mail zimbra]$ /opt/zimbra/bin/zmcertmgr deploycrt self 2. Verify Deployed certificate: [root@mail zimbra]$ /opt/zimbra/bin/zmcertmgr viewdeployedcrt 3. Restart Zimbra services: [zimbra@mail ~]$ zmcontrol restart Ref: http://www.snapshotsofthemind...

Step: 01 vi /tmp/topmailbox.sh #!/bin/bash input=$(mktemp) output=$(mktemp) email=$(mktemp) sender="adminx@drbdtest.com" recipients="bolcorp@drbdtest.com" number=10 date=$(date +"%a, %d %b %Y %H:%M:%S %z (%Z)") datef="$(date +%F)" /opt/zimbra/bin/zmprov getQuotaUsage `zmhostname` | awk {'print $1" "$3" "$2'} >> ${input} cat $input | sort -rn -k 2 | while read line do usage=`echo $line | cut -f2 -d " "` quota=`echo $line | cut -f3 -d " "` user=`echo $line | cut -f1 -d " "` echo "`expr $usage / 1024 / 1024` of `expr $quota / 1024 / 1024` MB $user" >> ${output} done cat << EOF > ${email} Date: ${date} From: ${sender} To: ${recipients} Subject: Daily quota report for ${datef} top ${number} mailboxes by disk usage (quota) -------------------------------------- EOF head -${number} ${output} >> ${email} cat ${email} | /opt/zimbra/common/sbin/sendmail -t ${reci...

Step: 01 vi /tmp/zimbra_size.sh #!/bin/bash # script to report zimbra mailbox size per folder for a specific user # based on info at http://www.zimbra.com/forums/administrators/23655-per-folder-size-command-line.html#post121758 # stsimb feb 2014 PATH=/opt/zimbra/bin:/bin:/usr/bin if [ "$(id -un)x" != "zimbrax" ]; then echo "Fatal error: This script needs to run as user zimbra." exit 1 fi if [ $# == 0 ] ; then echo "Report zimbra mailbox size per folder for a specific user" echo echo "Usage = $0 username" echo exit 1 fi USER=$1 backend="$(zmprov ga ${USER} zimbraMailHost | tail -2 | awk '{print $2}')" if [ "${backend}x" != "$(zmhostname)x" ]; then echo "Fatal error: need to run on ${backend} for ${USER}." exit 1 fi quota="$(expr `zmprov ga ${USER} zimbraMailQuota | tail -2 | awk '{print $2}'` / 1024 / 1024)" size="$(zmmailbox -z -m ${USER} gm...

Issue:  Fixing Corrupted Mailbox Index Statement: Mail messages and attachments are automatically indexed before messages are deposited in a mailbox.  Each mailbox has an index file associated with it. This index file is required to retrieve search results from the mailbox. If a mailbox’s index file becomes corrupt or is accidentally deleted, you can re-index the messages in the mailbox from the Administration Console. Description: Text searches on an account might or might not fail with errors when the index is corrupt.  You cannot count on a user reporting a failed text search to identify that the index is corrupt.  You must monitor the index log for messages about corrupt indexes. If the server detects a corrupt index,  a message is logged to the Zimbra mailbox.log at the WARN logging level. The message starts with Possibly corrupt index.  When this message is displayed, the administrator must correct the problem. In many cases correcting the problem mig...

Step: 01 vi /tmp/pflog.pl #!/usr/bin/perl -w # # ***** BEGIN LICENSE BLOCK ***** # Zimbra Collaboration Suite Server # Copyright (C) 2009, 2010 Zimbra, Inc. # # The contents of this file are subject to the Zimbra Public License # Version 1.3 ("License"); you may not use this file except in # compliance with the License. You may obtain a copy of the License at # http://www.zimbra.com/license. # # Software distributed under the License is distributed on an "AS IS" # basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. # ***** END LICENSE BLOCK ***** # eval 'exec perl -S $0 "$@"' if 0; =head1 NAME pflogsumm.pl - Produce Postfix MTA logfile summary Copyright (C) 1998-2007 by James S. Seymour, Release 1.1.1. =head1 SYNOPSIS pflogsumm.pl -[eq] [-d <today|yesterday>] [-h <cnt>] [-u <cnt>] [--verp_mung[=<n>]] [--verbose_msg_detail] [--iso_date_time] [-m|--uucp_mung] [-i|--ignore_case] [--smtpd_stats] [...

Step: 01 vi /root/totalmail.pl #!/usr/bin/perl# # usage: totalEmail.pl # summary: count the number of recipients that each accounts has sent email to # %sender_list = (); #ip list chdir "/var/log"; for (glob 'zimbra.log*') #for (glob 'zimbra.log') { # audit.log is always todays stuff #print "***** Opening file $_","\n"; if ($_ eq 'zimbra.log') { $audit_log = 1; open (IN, sprintf("cat %s |", $_)) or die("Can't open pipe from command 'zcat $filename' : $!\n"); } else { $audit_log = 0; open (IN, sprintf("zcat %s |", $_)) or die("Can't open pipe from command 'zcat $filename' : $!\n"); } while (<IN>) { if (m#RelayedOutbound#) { my $recipcnt = 0; next if (m#dkim_s#); # messasges are listed twice (first via clamav then dkim signed) ($sender, $recipients) = m#[^<]+<([^>]+)>[^<...

Step: 01 vi /tmp/mon.sh #!/bin/bash # Script monitoring status ZCS clear LISTZIMBRA="mail.drbdtest.com"; for ZCS in $LISTZIMBRA; do # Delete files before filling yes | rm /tmp/status-$ZCS-current.txt yes | rm /tmp/status-$ZCS.txt # Check the service status and enter it in the file su - zimbra -c 'zmcontrol status' > /tmp/status-$ZCS-current.txt su - zimbra -c '/opt/zimbra/check_zimbra.pl' > /tmp/status-$ZCS.txt # Parameter cek status LDAP ldap=`grep -wi "ldap:STOPPED" /tmp/status-$ZCS.txt | cut -d ":" -f2`; # Check LDAP service if [[ "$ldap" == STOPPED* ]]; then echo "Restart service Zimbra" su - zimbra -c 'zmcontrol restart' # Regenerate Zimbra status su - zimbra -c '/opt/zimbra/check_zimbra.pl' > /tmp/status-$ZCS.txt else echo "Status service ldap OK" fi amavis=`grep -wi "amavis:STOPPED" /tmp/status-$ZCS.txt | cut -d ":" -f2`; antispam=`grep -wi "antispam:STOP...

Step: 01 wget https://jimsun.linxnet.com/downloads/pflogsumm-1.1.3.tar.gz  tar xvf pflogsumm-1.1.3.tar.gz  cd pflogsumm-1.1.3/ sudo  cp pflogsumm.pl /usr/local/bin/pflogsumm Step: 02 # cat /var/log/mail.log | pflogsumm | more Ref:  https://computingforgeeks.com/how-to-get-postfix-mail-statistics-from-logs/

Step: 01 mkdir -p /var/adm/bin Step: 02 vi /var/adm/bin/posttrace.sh #!/bin/bash export LC_ALL=C while getopts ":f:t:l:" opt; do case $opt in f) from="${OPTARG}" ;; t) to="${OPTARG}" ;; l) l="${OPTARG}" ;; \?) echo "Invalid option: -$OPTARG" >&2 exit 1 ;; :) echo "Option -$OPTARG requires an argument" >&2 exit 1 ;; esac done usage() { cat << EOF posttrace [-l </path/to/logfile>] [ -f <sender@domain.com> ] [ -t <recipient@domain.com> ] EOF } if [ -z "${from}" ] && [ -z "${to}" ] then usage exit 1 fi configure() { this_script=$(basename "$(test -L "$0" && readlink "$0" || echo "$0")") p=$(echo "${this_script}" | awk -F'.' '{print $1}') d=/tmp if [ -z "${l}" ] then l=/var/log/maillog fi blk=$(echo "scale=0;`stat --printf=\"%s\" ${l}`/`grep -c ^processor /proc/cpuinfo...

Steps1: stop zimbra services Steps2: Add following rules to iptables services vi /etc/init.d/iptables #!/bin/bash ##################### FOR DDOS PROTECTION ################ iptables -A INPUT -s server_ip -p tcp -m tcp --dport 11211 -j ACCEPT iptables -A INPUT -s server_ip -p udp -m udp --dport 11211 -j ACCEPT iptables -A INPUT -s localhost -p tcp -m tcp --dport 11211 -j ACCEPT iptables -A INPUT -s localhost -p udp -m udp --dport 11211 -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 11211 -j DROP iptables -A INPUT -p udp -m udp --dport 11211 -j DROP iptables -A OUTPUT -s server_ip -p tcp -m tcp --sport 11211 -j ACCEPT iptables -A OUTPUT -s server_ip -p udp -m udp --sport 11211 -j ACCEPT iptables -A OUTPUT -s localhost -p tcp -m tcp --sport 11211 -j ACCEPT iptables -A OUTPUT -s localhost -p udp -m udp --sport 11211 -j ACCEPT iptables -A OUTPUT -p tcp -m tcp --sport 11211 -j DROP iptables -A OUTPUT -p udp -m udp --sport 11211 -j ...

  Step 1 Create delegated admin account with required AdminConsole UI component. zmprov ca DELEGATED-ADMIN@DOMAIN.COM <PASSWORD> zimbraIsDelegatedAdminAccount TRUE zimbraAdminConsoleUIComponents accountListView zimbraAdminConsoleUIComponents downloadsView zimbraAdminConsoleUIComponents DLListView zimbraAdminConsoleUIComponents aliasListView zimbraAdminConsoleUIComponents resourceListView Step 2 Now assign following grants. zmprov grr global usr DELEGATED-ADMIN@DOMAIN.COM adminLoginCalendarResourceAs zmprov grr global usr DELEGATED-ADMIN@DOMAIN.COM domainAdminZimletRights zmprov grr domain DOMAIN.COM usr DELEGATED-ADMIN@DOMAIN.COM domainAdminRights zmprov grr domain DOMAIN.COM usr DELEGATED-ADMIN@DOMAIN.COM domainAdminConsoleRights zmprov grr domain DOMAIN.COM usr DELEGATED-ADMIN@DOMAIN.COM adminConsoleAliasRights zmprov grr domain DOMAIN.COM usr DELEGATED-ADMIN@DOMAIN.COM modifyAccount zmprov grr domain DOMAIN.COM usr DELEGATED-ADMIN@DOMAIN.COM countAlias zmprov grr domain DO...

For ZCS 8.0, SpamAssassin scans for all *.cf files in /opt/zimbra/conf/sa and loads them in alphabetical order. If you create a sauser.cf file, it will be loaded after salocal.cf is loaded. This is the supported method for doing customizations of SpamAssassin for ZCS 8. Note that only the sauser.cf file will be migrated when upgrading to later releases. Check if all values are set to true or not: $ zmlocalconfig antispam_enable_rule_updates antispam_enable_rule_updates = false $ zmlocalconfig antispam_enable_restarts antispam_enable_restarts = false set the value to true: $ zmlocalconfig -e antispam_enable_rule_updates=true $ zmlocalconfig -e antispam_enable_restarts=true $ zmamavisdctl restart $ zmmtactl restart Ref:  https://wiki.zimbra.com/wiki/Anti-spam_Strategies

https://gallery.zetalliance.org/extend/items/view/x-spam https://gallery.zetalliance.org/extend/items/view/domain-signature-disclaimer https://gallery.zetalliance.org/extend/items/view/birthday-reminder-new https://gallery.zetalliance.org/extend/items/view/block-hyperlink https://gallery.zetalliance.org/extend/items/view/bsmtp https://gallery.zetalliance.org/extend/items/view/bulk-reply https://gallery.zetalliance.org/extend/items/view/zi-knock

Follow below mentioned steps: 1. Download the zimlet from https://gallery.zetalliance.org/extend/items/view/undo-send-zimlet---delays-email-send-upto-30-seconds 2. Upload it into the Zimbra server at /opt/Zimbra/zimlet/ 3. su Zimbra 4. zmzimletctl install it_wordpower_undosend.zip 5. zmzimletctl deploy it_wordpower_undosend.zip 6. zmzimletctl enable it_wordpower_undosend.zip 7. Zimbra Admin Panel > Configure > COS > default > zimlets      UndoSend [Enable | Set Time] 8. Restart Zimbra Services 9. Login into a account and check if the zimlet is available or not. 10. Send receive an email to test the settings. Ref:  https://gallery.zetalliance.org/extend/items/view/undo-send-zimlet---delays-email-send-upto-30-seconds

Follow below mentioned steps: 1. Download the zimlet from https://gallery.zetalliance.org/extend/items/view/request-read-receipt 2. Upload it into the Zimbra server at /opt/Zimbra/zimlet/ 3. su Zimbra 4. zmzimletctl install com_zimbra_p11_request_read_receipt.zip 5. zmzimletctl deploy com_zimbra_p11_request_read_receipt.zip 6. zmzimletctl enable com_zimbra_p11_request_read_receipt 7. Zimbra Admin Panel > Configure > COS > default > zimlets      com_zimbra_p11_request_read_receipt [set-available|enabled] 8. Login into a account and check if the zimlet is available or not. 9. Send receive an email to test the settings. Ref:  https://gallery.zetalliance.org/extend/items/view/request-read-receipt

First place zip file in: /opt/zimbra/zimlets To install: su zimbra zmzimletctl install zimlet_archive_name.zip zmzimletctl deploy zimlet_archive_name.zip zmzimletctl enable zimlet_archive_name To uninstall: su zimbra cd /opt/zimbra/zimlets zmzimletctl disable zimlet_name zmzimletctl undeploy zimlet_name Others: zmzimletctl listZimlets zmzimletctl info zimlet_name Ref: https://blog.devget.net/misc/how-to-installuninstall-zimlets-in-zimbra-8/

Tip: 01 Check the queue status #/opt/zimbra/libexec/zmqstat OR $mailq|grep ^[A-F0-9]|cut -c 42-80|sort |uniq -c|sort -n|tail Tip: 02 First of all hold the queue su - zimbra /opt/zimbra/common/sbin/postsuper -h ALL watch --interval=1 'tail -n1000 /var/log/auth.log | grep 'auth_zimbra:'' Tip: 03 check which user has compromised and used that email address for spamming grep sasl_user /var/log/zimbra.log | sed 's/.*sasl_username=//g' | sort | uniq -c | sort -nr | head Tip: 04 Finding originating IP using “From Address” grep "from=<user1@domain.tld>" /var/log/zimbra.log | awk '{print $10}' |sort -nr -k 1 | sed -rn 's/.*\[//;s/\].*//p' | uniq -c | sort -nr -k 1 Tip: 05 Finding originating IP using Authentication. grep sasl_user /var/log/zimbra.log | grep user1@domain.tld | awk '{print $7}' |sed -rn 's/.*\[//;s/\].*//p'  | sort -nr -k 1 | uniq -c |sort -nr -k 1 Tip: 06 Blacklist all these IPs on Zimbra Create a file /opt/...