My New home

http://www.linuxdict.com

新站

http://www.linuxdict.com

How To Relay Email On A Postfix Server

Introduction
For two small businesses I set up a debian lenny installation on their "home" dsl connection. The problem is that they have dynamic ip addresses and most mailservers will not accept incoming mail from a server on a dynamic ip address. The solution is rather simple. Set up postfix in a way that it will relay the outgoing email through the actual ISP. In this short howto I'll show you how to do that.

1. Prerequisites
I assume that you already have set up a working postfix server and that you have an email account at your ISP which you can access. So you will need to have a login for your IPS's email account.


2. Edit the postfix config
First you need to edit your postfix config...

nano /etc/postfix/main.cf

... and add the following code at the end of your config:

smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/saslpasswd
smtp_always_send_ehlo = yes
relayhost = smtp.yourisp.com
Of course replace smtp.yourisp.com with the actual smtp server of your ISP. Also SASL must be working. If you followed the perfect howtos for setting up a server as provided by Falko then you don't have to worry about it. Then save and close the file.

If your ISP requires you to use a special port for sending email, then use a line like this instead:

relayhost = [smtp.yourisp.com]:PORT
In one of the cases that I have used this, I had to enter this:

relayhost = [smtpauth.bluewin.ch]:587


3. Edit /etc/postfix/saslpasswd
After having extended the postfix config you'll still need to add the credentials to the /etc/postfix/saslpasswd file, so that you can authorize yourself at your ISP.

nano /etc/postfix/saslpasswd

and then add this:

smtp.yourisp.com yourlogin:yourpassword
Of course replace yourlogin / yourpassword with the actual username and password provided by your ISP. You don't need to add the port there.



4. Hash /etc/postfix/saslpasswd
Before postfix can use that file, it needs to be hashed by postmap:

postmap /etc/postfix/saslpasswd

5. Restart postfix

Finally you need to restart postfix to use the new config:

/etc/init.d/postfix restart

telnet 25/110测试mail服务器

telnet test.com 25
R: 220 SU-SCORE.ARPA Simple Mail Transfer Service Ready
S: HELO MIT-MC.ARPA
R: 250 SU-SCORE.ARPA
S: VRFY Crispin
R: 250 Mark Crispin
S: SEND FROM:
R: 250 OK
S: RCPT TO:
R: 250 OK

S: DATA
R: 354 Start mail input; end with .
S: Blah blah blah...
S: ...etc. etc. etc.
S: .
R: 250 OK
S: QUIT
R: 221 SU-SCORE.ARPA Service closing transmission channel


telnet test.com 110
POP3 Commands:

USER name valid in the AUTHORIZATION state
PASS string
QUIT

STAT valid in the TRANSACTION state
LIST [msg]
RETR msg
DELE msg
NOOP
RSET
QUIT

Optional POP3 Commands:

APOP name digest valid in the AUTHORIZATION state

TOP msg n valid in the TRANSACTION state
UIDL [msg]

POP3 Replies:
+OK
-ERR

More Details
http://www.ietf.org/rfc/rfc1939.txt
http://www.ietf.org/rfc/rfc0821.txt

zabbix系统监控首选

最近研究了一下zabbix，它在监控上确实做得很不错

可以监控一下内容。
system.localtime
system.run 远程执行系统命令
web.page.get[localhost,,80]
Date:
Server:
Last-Modified:
ETag:
Accept-Ranges:
Content-Length:
Vary:
Connection:
Content-Type:
web.page.perf[localhost,,80]
web.page.regexp[localhost,,80,OK]
vfs.file.exists[/etc/passwd]
vfs.file.time[/etc/passwd,modify]
vfs.file.size[/etc/passwd]
vfs.file.regexp[/etc/passwd,root]
vfs.file.regmatch[/etc/passwd,root] 搜索文件中内容
vfs.file.cksum[/etc/passwd]
vfs.file.md5sum[/etc/passwd]
net.tcp.dns[127.0.0.1,localhost]
net.tcp.port[,80]
system.hostname
system.uname
system.users.num
log[logfile]
eventlog[system]
kernel.maxfiles
kernel.maxproc

文件系统监控
vfs.fs.size[/,free]
vfs.fs.inode[/,free]
vfs.dev.read[sda,operations]
vfs.dev.write[sda,sectors]
net.tcp.listen[80]

网络流量监控
net.if.in[lo,bytes]
net.if.out[lo,bytes]
net.if.total[lo,bytes]
net.if.collisions[lo]

CPU/内存使用监控
vm.memory.size[total]
proc.num[inetd,,,]
proc.mem[inetd,,]
system.cpu.switches
system.cpu.intr
system.cpu.util[all,user,avg1]
system.cpu.load[all,avg1]
system.cpu.num[online]
system.swap.size[all,free]
system.swap.in[all]
system.swap.out[all]
system.uptime
system.boottime

服务监控
net.tcp.service[ssh,127.0.0.1,22]
net.tcp.service.perf[ssh,127.0.0.1,22]

推荐Linux系统管理员使用

网址：http://www.zabbix.com/

自动部署之Puppet

Puppet在自动部署上是一个很不错的选择，可以定义不同的节点。
并且在不同节点上进行各种操作，包括软件安装，配置文件修改，服务管理等

具体参考：
http://www.howtoforge.com/installing_puppet_on_ubuntu

更多应用：
http://reductivelabs.com/trac/puppet

VirtualBox的主机访问客户机

以前用Vmware从宿主访问客户机没有问题，可是VirtualBox就有问题。
因为Vmware它自己创建一套内网，所以用Host Interface是可以内外访问都没问题

现在一直用Virtualbox＋OpenVZ,Virtualbox主要是运行XP，很少用来运行CentOS或者Fedora等
OpenVZ基本上够测试Centos用了，也没怎么叨咕。今天因为要从宿主访问客户机。

网上查到一个方案，就是创建一个虚拟网络，模拟Vmware的方法。

http://wandering.blog.51cto.com/467932/103994

成功访问。以后可以“告别”Vmware了。记得前一阵子用Vmware Server是免费的了。
反正以前在Windows下用都是要收费的。