roberto puzzanghera's blog

Greetdelay for qmail

  • Download here
  • Author of the patch: John Simpson (?)

I replaced the original greetdelay by Erwin Hoffmann with the patch by John Simpson. Now communications trying to send commands before the greeting will be closed provided that you declare DROP_PRE_GREET; premature disconnections will be logged as well.This is the log line you will get:

Configuring moreipme

The qmail-moreipme patch by Scott Gifford prevents a problem caused by an MX or other mail routing directive instructing qmail to connect to itself without realizing it's connecting to itself, saving CPU time and in  the most critical cases it takes away from a possible Denial of Service.

Expunging expired Junk and Trash emails with dovecot

Of course we want to delete old Junk and Trash emails to save hard disk space. To do that, with dovecot 2.0, you don't have to enable the expire-plugin, unless you have to manage a very big server, in which case you may consider to enable it in conjunction with the dictionary service, to store the timestamps in a database.

Running two php/mysql/mariadb versions on the same apache web server

In a web server  very old applications must coexist with new ones. Usually old applications are no more mantained and still require old versions of php and mysql, while recent apps claim to use the latest features of your apache, php and database servers. In addition you may want to switch from MySQL to mariaDB, which is going to quickly supersede its progenitor program.

That said, how to build a web server which mounts on the same apache a variety of php/mysql/mariadb configurations? Let's consider a simple case and suppose to have an apache 2.4.x already installed and two database server, let's say mysql-5.5 and mariadb-5.5, listening on two different IPs. We would like to have two separate php versions available, let's say 5.3.x and 5.4.x, living together and connecting to mysql and mariadb respectively. Of course this procedure can be modified as you like for any number of configurations you like.

I will show how to achieve this configuring php in the usual mod_php manner and and by means of mod_cgid, an apache module which starts php requests as a CGI program, delivering very similar performance as mod_php. I will show how to select the proper php.ini file as well.

Installing mariaDB from source

These days many different popular Linux distributions (at the time I'm writing Slackware, Fedora, Arch, OpenSuse, Gentoo among the others) are switching to mariaDB, replacing mysql as the default db server.

mariaDB is a fork of mysql, created by the former  mysql's main developer under the GNU GPL, as opposed to any uncertainty of MySQL's license status under its current ownership by Oracle. It's not even sure if Oracle will release any security documentation in the future, so the compatibility with future versions of mysql is not garanteed. Anyway mariaDB-5.5 is totally compatible with mysql-5.5.

Since I have a server of my own I don't rely on hosting providers decisions; this is why I'm installing mariadb on a virtual server which will serve all my future applications.

Setting up and upgrading MySQL 5.x

I have tested the following guide when installing mysql 5.6, 5.5, 5.1, 5.0 version. At the time I'm writing the latest stable version is 5.6.10.

Installing from source

You may want to install from source when the distributed binaries were compiled against a glibc version which is different from the one installed in your system.

cd /usr/local/mysql
wget latest mysql source
tar zxvf mysql-VERSION.tar.gz
cd mysql-VERSION
cmake .
make
make install
cd /usr/local
mv mysql mysql-VERSION
ln -s mysql-VERSION mysql

This will install mysql in /usr/local/mysql.

Installing from binaries

Download the binaries and extract the tarball where you want, /usr/local is always good.

cd /usr/local
wget mysql binaries
tar xzf mysql-VERSION.tar.gz
ln -s mysql-VERSION mysql

daemontools

daemontools is a collection of tools for managing UNIX services. It monitors qmail services and saves error messages to one or more logs.

Slackware RSS feeds

Slackware

A new collection of Slackware RSS feeds starting from v. 12.1 to -current are now available at http://slackfeeds.sagredo.eu/. They are generated by Slacklog, which provides a program and a library to convert a Slackware ChangeLog into other formats like RSS.

The Slackware changelogs are checked every 10 minutes against http://ftp.osuosl.org/pub/slackware mirror.

Testing Dovecot

Testing POP3

Remember that plain text login is allowed only from localhost.

# telnet [your-IP] 110
Trying [your-IP]...
Connected to [your-IP].
Escape character is '^]'.
+OK Dovecot ready.
user test@yourdomain.net
+OK
pass [PASSWORD]
+OK Logged in.
quit
+OK Logging out.
Connection closed by foreign host.

Check also the secure POP connection on port 995

openssl s_client -connect [your-IP]:995

Testing IMAP

Now let's test the IMAP server. This plain text login test is allowed only from localhost.

Running Dovecot

I have adjusted the startup script distributed by Dovecot and saved it as /usr/local/bin/dovecotctl:

Pages