Astaga.com lifestyle on the net

Astaga.com lifestyle on the netNeed to monitor Linux server performance? Try these built-in command and a few add-on tools. Most Linux distributions are equipped with tons of monitoring. These tools provide metrics which can be used to get information about system activities. You can use these tools to find the possible causes of a performance problem. The commands discussed below are some of the most basic commands when it comes to system analysis and debugging server issues such as:

1. Finding out bottlenecks.
2. Disk (storage) bottlenecks.
3. CPU and memory bottlenecks.
4. Network bottlenecks.

#1: top - Process Activity Command

The top program provides a dynamic real-time view of a running system i.e. actual process activity. By default, it displays the most CPU-intensive tasks running on the server and updates the list every five seconds.

Fig.01: Linux top command

Commonly Used Hot Keys

The top command provides several useful hot keys:

Hot Key	Usage

=> Related: How do I Find Out Linux CPU Utilization?

#2: vmstat - System Activity, Hardware and System Information

The command vmstat reports information about processes, memory, paging, block IO, traps, and cpu activity.
# vmstat 3
Sample Outputs:

procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu------  r  b   swpd   free   buff  cache   si   so    bi    bo   in   cs us sy id wa st  0  0      0 2540988 522188 5130400    0    0     2    32    4    2  4  1 96  0  0  1  0      0 2540988 522188 5130400    0    0     0   720 1199  665  1  0 99  0  0  0  0      0 2540956 522188 5130400    0    0     0     0 1151 1569  4  1 95  0  0  0  0      0 2540956 522188 5130500    0    0     0     6 1117  439  1  0 99  0  0  0  0      0 2540940 522188 5130512    0    0     0   536 1189  932  1  0 98  0  0  0  0      0 2538444 522188 5130588    0    0     0     0 1187 1417  4  1 96  0  0  0  0      0 2490060 522188 5130640    0    0     0    18 1253 1123  5  1 94  0  0

Display Memory Utilization Slabinfo

# vmstat -m

Get Information About Active / Inactive Memory Pages

# vmstat -a
=> Related: How do I find out Linux Resource utilization to detect system bottlenecks?

#3: w - Find Out Who Is Logged on And What They Are Doing

w command displays information about the users currently on the machine, and their processes.
# w username
# w vivek
Sample Outputs:

 17:58:47 up 5 days, 20:28,  2 users,  load average: 0.36, 0.26, 0.24 USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT root     pts/0    10.1.3.145       14:55    5.00s  0.04s  0.02s vim /etc/resolv.conf root     pts/1    10.1.3.145       17:43    0.00s  0.03s  0.00s w

#4: uptime - Tell How Long The System Has Been Running

The uptime command can be used to see how long the server has been running. The current time, how long the system has been running, how many users are currently logged on, and the system load averages for the past 1, 5, and 15 minutes.
# uptime
Output:

 18:02:41 up 41 days, 23:42,  1 user,  load average: 0.00, 0.00, 0.00

1 can be considered as optimal load value. The load can change from system to system. For a single CPU system 1 - 3 and SMP systems 6-10 load value might be acceptable.

#5: ps - Displays The Processes

ps command will report a snapshot of the current processes. To select all processes use the -A or -e option:
# ps -A
Sample Outputs:

  PID TTY          TIME CMD     1 ?        00:00:02 init     2 ?        00:00:02 migration/0     3 ?        00:00:01 ksoftirqd/0     4 ?        00:00:00 watchdog/0     5 ?        00:00:00 migration/1     6 ?        00:00:15 ksoftirqd/1 .... .....  4881 ?        00:53:28 java  4885 tty1     00:00:00 mingetty  4886 tty2     00:00:00 mingetty  4887 tty3     00:00:00 mingetty  4888 tty4     00:00:00 mingetty  4891 tty5     00:00:00 mingetty  4892 tty6     00:00:00 mingetty  4893 ttyS1    00:00:00 agetty 12853 ?        00:00:00 cifsoplockd 12854 ?        00:00:00 cifsdnotifyd 14231 ?        00:10:34 lighttpd 14232 ?        00:00:00 php-cgi 54981 pts/0    00:00:00 vim 55465 ?        00:00:00 php-cgi 55546 ?        00:00:00 bind9-snmp-stat 55704 pts/1    00:00:00 ps

ps is just like top but provides more information.

Show Long Format Output

# ps -Al
To turn on extra full mode (it will show command line arguments passed to process):
# ps -AlF

To See Threads ( LWP and NLWP)

# ps -AlFH

To See Threads After Processes

# ps -AlLm

Print All Process On The Server

# ps ax
# ps axu

Print A Process Tree

# ps -ejH
# ps axjf
# pstree

Print Security Information

# ps -eo euser,ruser,suser,fuser,f,comm,label
# ps axZ
# ps -eM

See Every Process Running As User Vivek

# ps -U vivek -u vivek u

Set Output In a User-Defined Format

# ps -eo pid,tid,class,rtprio,ni,pri,psr,pcpu,stat,wchan:14,comm
# ps axo stat,euid,ruid,tty,tpgid,sess,pgrp,ppid,pid,pcpu,comm
# ps -eopid,tt,user,fname,tmout,f,wchan

Display Only The Process IDs of Lighttpd

# ps -C lighttpd -o pid=
OR
# pgrep lighttpd
OR
# pgrep -u vivek php-cgi

Display The Name of PID 55977

# ps -p 55977 -o comm=

Find Out The Top 10 Memory Consuming Process

# ps -auxf | sort -nr -k 4 | head -10

Find Out top 10 CPU Consuming Process

# ps -auxf | sort -nr -k 3 | head -10

#6: free - Memory Usage

The command free displays the total amount of free and used physical and swap memory in the system, as well as the buffers used by the kernel.
# free
Sample Output:

            total       used       free     shared    buffers     cached Mem:      12302896    9739664    2563232          0     523124    5154740 -/+ buffers/cache:    4061800    8241096 Swap:      1052248          0    1052248

=> Related: :

1. Linux Find Out Virtual Memory PAGESIZE
2. Linux Limit CPU Usage Per Process
3. How much RAM does my Ubuntu / Fedora Linux desktop PC have?

#7: iostat - Average CPU Load, Disk Activity

The command iostat report Central Processing Unit (CPU) statistics and input/output statistics for devices, partitions and network filesystems (NFS).
# iostat
Sample Outputs:

Linux 2.6.18-128.1.14.el5 (www03.nixcraft.in) 	06/26/2009  avg-cpu:  %user   %nice %system %iowait  %steal   %idle            3.50    0.09    0.51    0.03    0.00   95.86  Device:            tps   Blk_read/s   Blk_wrtn/s   Blk_read   Blk_wrtn sda              22.04        31.88       512.03   16193351  260102868 sda1              0.00         0.00         0.00       2166        180 sda2             22.04        31.87       512.03   16189010  260102688 sda3              0.00         0.00         0.00       1615          0

=> Related: : Linux Track NFS Directory / Disk I/O Stats

#8: sar - Collect and Report System Activity

The sar command is used to collect, report, and save system activity information. To see network counter, enter:
# sar -n DEV | more
To display the network counters from the 24th:
# sar -n DEV -f /var/log/sa/sa24 | more
You can also display real time usage using sar:
# sar 4 5
Sample Outputs:

Linux 2.6.18-128.1.14.el5 (www03.nixcraft.in) 		06/26/2009  06:45:12 PM       CPU     %user     %nice   %system   %iowait    %steal     %idle 06:45:16 PM       all      2.00      0.00      0.22      0.00      0.00     97.78 06:45:20 PM       all      2.07      0.00      0.38      0.03      0.00     97.52 06:45:24 PM       all      0.94      0.00      0.28      0.00      0.00     98.78 06:45:28 PM       all      1.56      0.00      0.22      0.00      0.00     98.22 06:45:32 PM       all      3.53      0.00      0.25      0.03      0.00     96.19 Average:          all      2.02      0.00      0.27      0.01      0.00     97.70

=> Related: : How to collect Linux system utilization data into a file

#9: mpstat - Multiprocessor Usage

The mpstat command displays activities for each available processor, processor 0 being the first one. mpstat -P ALL to display average CPU utilization per processor:
# mpstat -P ALL
Sample Output:

Linux 2.6.18-128.1.14.el5 (www03.nixcraft.in)	 	06/26/2009  06:48:11 PM  CPU   %user   %nice    %sys %iowait    %irq   %soft  %steal   %idle    intr/s 06:48:11 PM  all    3.50    0.09    0.34    0.03    0.01    0.17    0.00   95.86   1218.04 06:48:11 PM    0    3.44    0.08    0.31    0.02    0.00    0.12    0.00   96.04   1000.31 06:48:11 PM    1    3.10    0.08    0.32    0.09    0.02    0.11    0.00   96.28     34.93 06:48:11 PM    2    4.16    0.11    0.36    0.02    0.00    0.11    0.00   95.25      0.00 06:48:11 PM    3    3.77    0.11    0.38    0.03    0.01    0.24    0.00   95.46     44.80 06:48:11 PM    4    2.96    0.07    0.29    0.04    0.02    0.10    0.00   96.52     25.91 06:48:11 PM    5    3.26    0.08    0.28    0.03    0.01    0.10    0.00   96.23     14.98 06:48:11 PM    6    4.00    0.10    0.34    0.01    0.00    0.13    0.00   95.42      3.75 06:48:11 PM    7    3.30    0.11    0.39    0.03    0.01    0.46    0.00   95.69     76.89

=> Related: : Linux display each multiple SMP CPU processors utilization individually.

#10: pmap - Process Memory Usage

The command pmap report memory map of a process. Use this command to find out causes of memory bottlenecks.
# pmap -d PID
To display process memory information for pid # 47394, enter:
# pmap -d 47394
Sample Outputs:

47394:   /usr/bin/php-cgi Address           Kbytes Mode  Offset           Device    Mapping 0000000000400000    2584 r-x-- 0000000000000000 008:00002 php-cgi 0000000000886000     140 rw--- 0000000000286000 008:00002 php-cgi 00000000008a9000      52 rw--- 00000000008a9000 000:00000   [ anon ] 0000000000aa8000      76 rw--- 00000000002a8000 008:00002 php-cgi 000000000f678000    1980 rw--- 000000000f678000 000:00000   [ anon ] 000000314a600000     112 r-x-- 0000000000000000 008:00002 ld-2.5.so 000000314a81b000       4 r---- 000000000001b000 008:00002 ld-2.5.so 000000314a81c000       4 rw--- 000000000001c000 008:00002 ld-2.5.so 000000314aa00000    1328 r-x-- 0000000000000000 008:00002 libc-2.5.so 000000314ab4c000    2048 ----- 000000000014c000 008:00002 libc-2.5.so ..... ...... .. 00002af8d48fd000       4 rw--- 0000000000006000 008:00002 xsl.so 00002af8d490c000      40 r-x-- 0000000000000000 008:00002 libnss_files-2.5.so 00002af8d4916000    2044 ----- 000000000000a000 008:00002 libnss_files-2.5.so 00002af8d4b15000       4 r---- 0000000000009000 008:00002 libnss_files-2.5.so 00002af8d4b16000       4 rw--- 000000000000a000 008:00002 libnss_files-2.5.so 00002af8d4b17000  768000 rw-s- 0000000000000000 000:00009 zero (deleted) 00007fffc95fe000      84 rw--- 00007ffffffea000 000:00000   [ stack ] ffffffffff600000    8192 ----- 0000000000000000 000:00000   [ anon ] mapped: 933712K    writeable/private: 4304K    shared: 768000K

The last line is very important:

• mapped: 933712K total amount of memory mapped to files
• writeable/private: 4304K the amount of private address space
• shared: 768000K the amount of address space this process is sharing with others

=> Related: : Linux find the memory used by a program / process using pmap command

#11 and #12: netstat and ss - Network Statistics

The command netstat displays network connections, routing tables, interface statistics, masquerade connections, and multicast memberships. ss command is used to dump socket statistics. It allows showing information similar to netstat. See the following resources about ss and netstat commands:

• ss: Display Linux TCP / UDP Network and Socket Information
• Get Detailed Information About Particular IP address Connections Using netstat Command

#13: iptraf - Real-time Network Statistics

The iptraf command is interactive colorful IP LAN monitor. It is an ncurses-based IP LAN monitor that generates various network statistics including TCP info, UDP counts, ICMP and OSPF information, Ethernet load info, node stats, IP checksum errors, and others. It can provide the following info in easy to read format:

• Network traffic statistics by TCP connection
• IP traffic statistics by network interface
• Network traffic statistics by protocol
• Network traffic statistics by TCP/UDP port and by packet size
• Network traffic statistics by Layer2 address

Fig.02: General interface statistics: IP traffic statistics by network interface

Fig.03 Network traffic statistics by TCP connection

#14: tcpdump - Detailed Network Traffic Analysis

The tcpdump is simple command that dump traffic on a network. However, you need good understanding of TCP/IP protocol to utilize this tool. For.e.g to display traffic info about DNS, enter:
# tcpdump -i eth1 'udp port 53'
To display all IPv4 HTTP packets to and from port 80, i.e. print only packets that contain data, not, for example, SYN and FIN packets and ACK-only packets, enter:
# tcpdump 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'
To display all FTP session to 202.54.1.5, enter:
# tcpdump -i eth1 'dst 202.54.1.5 and (port 21 or 20'
To display all HTTP session to 192.168.1.5:
# tcpdump -ni eth0 'dst 192.168.1.5 and tcp and port http'
Use wireshark to view detailed information about files, enter:
# tcpdump -n -i eth1 -s 0 -w output.txt src or dst port 80

#15: strace - System Calls

Trace system calls and signals. This is useful for debugging webserver and other server problems. See how to use to trace the process and see What it is doing.

#16: /Proc file system - Various Kernel Statistics

/proc file system provides detailed information about various hardware devices and other Linux kernel information. See Linux kernel /proc documentations for further details. Common /proc examples:
# cat /proc/cpuinfo
# cat /proc/meminfo
# cat /proc/zoneinfo
# cat /proc/mounts

17#: Nagios - Server And Network Monitoring

Nagios is a popular open source computer system and network monitoring application software. You can easily monitor all your hosts, network equipment and services. It can send alert when things go wrong and again when they get better. FAN is ”Fully Automated Nagios”. FAN goals are to provide a Nagios installation including most tools provided by the Nagios Community. FAN provides a CDRom image in the standard ISO format, making it easy to easilly install a Nagios server. Added to this, a wide bunch of tools are including to the distribution, in order to improve the user experience around Nagios.

18#: Cacti - Web-based Monitoring Tool

Cacti is a complete network graphing solution designed to harness the power of RRDTool’s data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices. It can provide data about network, CPU, memory, logged in users, Apache, DNS servers and much more. See how to install and configure Cacti network graphing tool under CentOS / RHEL.

#19: KDE System Guard - Real-time Systems Reporting and Graphing

KSysguard is a network enabled task and system monitor application for KDE desktop. This tool can be run over ssh session. It provides lots of features such as a client/server architecture that enables monitoring of local and remote hosts. The graphical front end uses so-called sensors to retrieve the information it displays. A sensor can return simple values or more complex information like tables. For each type of information, one or more displays are provided. Displays are organized in worksheets that can be saved and loaded independently from each other. So, KSysguard is not only a simple task manager but also a very powerful tool to control large server farms.

Fig.05 KDE System Guard {Image credit: Wikipedia}

See the KSysguard handbook for detailed usage.

#20: Gnome System Monitor - Real-time Systems Reporting and Graphing

The System Monitor application enables you to display basic system information and monitor system processes, usage of system resources, and file systems. You can also use System Monitor to modify the behavior of your system. Although not as powerful as the KDE System Guard, it provides the basic information which may be useful for new users:

• Displays various basic information about the computer’s hardware and software.
• Linux Kernel version
• GNOME version
• Hardware
• Installed memory
• Processors and speeds
• System Status
• Currently available disk space
• Processes
• Memory and swap space
• Network usage
• File Systems
• Lists all mounted filesystems along with basic information about each.

Fig.06 The Gnome System Monitor application

Bounce: Additional Tools

A few more tools:

• nmap - scan your server for open ports.
• lsof - list open files, network connections and much more.
• ntop web based tool - ntop is the best tool to see network usage in a way similar to what top command does for processes i.e. it is network traffic monitoring software. You can see network status, protocol wise distribution of traffic for UDP, TCP, DNS, HTTP and other protocols.
• Conky - Another good monitoring tool for the X Window System. It is highly configurable and is able to monitor many system variables including the status of the CPU, memory, swap space, disk storage, temperatures, processes, network interfaces, battery power, system messages, e-mail inboxes etc.
• GKrellM - It can be used to monitor the status of CPUs, main memory, hard disks, network interfaces, local and remote mailboxes, and many other things.
• vnstat - vnStat is a console-based network traffic monitor. It keeps a log of hourly, daily and monthly network traffic for the selected interface(s).
• htop - htop is an enhanced version of top, the interactive process viewer, which can display the list of processes in a tree form.
• mtr - mtr combines the functionality of the traceroute and ping programs in a single network diagnostic tool.

Did I miss something? Please add your favorite system motoring tool in the comments.

source : Cyberciti

According to RFC2821 the lowest-numbered records are the most preferred MX for domain. So I’ve a target Postfix backup server to keep the messages in a queue waiting for the primary server to become available. This ensures that if my primary MX goes down I do not loss any emails. However, spammers are connecting to my backup MX to avoid anti spam filters that are running on the primary MX server. This also hides their real IP from my primary MX. How do I configure anti-spam for my backup RHEL / CentOS 5.3 based Postfix mx server?

This is well known issue. Make sure your backup MX runs the same config in terms of spam rejection as your primary server. Try the following to improve backup eMail server anti spam configuration.

If the backup MX acts as a store-and-forward mail server

Consider the following example:

nixcraft.com.	86400	IN	MX 	10 mx01.nixcraft.net.in.
nixcraft.com.	86400	IN 	MX 	20 mx02.nixcraft.net.in.

nixcraft.com email handled by two email servers. mx02.nixcraft.net.in is your backup server. Open main.cf and append the following restrictions on mx02.nixcraft.net.in.

Only allow your own domain to accept email

Use relay_domains to relay email for two domain called nixcraft.com and cyberciti.com. Also, set lookup tables with all valid addresses in the domains that match $relay_domains i.e. only accept email for valid email address.
# vi /etc/postfix/main.cf
Modify settings as follows:

relay_domains = nixcraft.com, cyberciti.com, $mydestination
relay_recipient_maps = hash:/etc/postfix/relay_recipients

Create /etc/postfix/relay_recipients to accept email for vivek@nixcraft.com, vivek@cyberciti.com, user3@nixcraft.com and so on..

vivek@nixcraft.com   OK
vivek@cyberciti.com   OK
user3@nixcraft.com    OK

Save and close the file. Finally, update your db:
# postmap hash:/etc/postfix/relay_recipients

Anti spam via RBL

Now, add following lines main.cf to check spammer IP address using RBLs. Reject all email if they do not have a valid hostname or proper email address:

smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks,
  reject_non_fqdn_hostname,
  reject_non_fqdn_sender,
  reject_non_fqdn_recipient,
  reject_unauth_destination,
  reject_unauth_pipelining,
  reject_invalid_hostname,
  reject_rbl_client zen.spamhaus.org
# helo required
smtpd_helo_required = yes
# disable vrfy command
disable_vrfy_command = yes

smtpd_data_restrictions =
            reject_unauth_pipelining,
            permit

Save and close the file. Restart / reload postfix:
# service postfix reload
There are other anti UCE settings, see Postfix anti UCE cheat sheet for more information.

Nolisting mx A entry

Spammers email software does not retry higher-priority MX records. So all you have to do is create a non-existent primary mail server and a working secondary mail server, attempts to contact the primary mail server will always fail. This technique uses a non-existent primary mail server, which is compatible with all correctly configured mail servers such as Sendmail, MS-Exchange, Postfix, Qmail, Exim etc. Create BIND dns configuration as follows:

nixcraft.com.	86400	IN	MX 	10 mx01.nixcraft.net.in.
nixcraft.com.	86400	IN 	MX 	20 mx02.nixcraft.net.in.
nixcraft.com.	86400	IN 	MX 	30 mx03.nixcraft.net.in.
nixcraft.com.	86400	IN 	MX 	40 mx04.nixcraft.net.in.

Where,

• mx02.nixcraft.net.in - Runs your actual primary MX with anti spam and anti virus configurations.
• mx03.nixcraft.net.in - Your backup mx server with anti spam / virus and act as store and forward server for mx02.nixcraft.net.in.
• mx01.nixcraft.net.in and mx04.nixcraft.net.in are nolist MX servers. They can either be dead (or point to non existing IP) or you can run SMTP on port 25 that always returns 4xx error so that legitimate MTA to retry on a lower numbered MX server. nolist MX servers can also used to get more information about spammers to blacklist them. Google for “spam filtering services that offer free nolist servers” specifically for botnet data harvesting.

Greylisting Backup MX

Postfix can be configured to temporarily reject any email from a sender it does not recognize. If the mail is legitimate, the originating server will try again and the email is accepted. If the mail is from a spammer it will probably not be retried since a spammer goes through thousands of email addresses and cannot afford the time delay to retry. See how to configure postfix greylist policy server.

Spamassassin+Amavis+Clamd For Backup MX Server

Spamassassin is open source mail filter, to identify spam using a wide range of heuristic tests on mail headers and body text. You can install Spamassassin spam checking on your backup server. Emails found to be Spam (with higher spam score) will be drop out before reaching your primary email server. You can also use Clamav / Amavis to scan email and drop or forward infected emails. Install spamassassin, clamd and amavisd-new using yum or apt-get commands (turn onEPEL repo under RHEL / CentOS to install the following packages):
# yum install clamav-server amavisd-new spamassassin

• clamav-server : Clam Antivirus scanner server
• amavisd-new : amavisd-new is a high-performance and reliable interface between Postfix and virus scanners, and/or
  Mail::SpamAssassin Perl module.
• spamassassin : Spam filter for email which can be invoked from mail delivery agents or in our case via amavisd-new

Once done, add as the following to your /etc/postfix/main.cf:

content_filter=smtp-amavis:[127.0.0.1]:10024

Save and close the file. Open /etc/postfix/master.cf and add the following settings:

smtp-amavis unix - - n - 2 smtp
  -o smtp_data_done_timeout=2400
  -o smtp_send_xforward_command=yes
  -o disable_dns_lookups=yes
  -o max_use=20
127.0.0.1:10025 inet n - n - - smtpd
  -o content_filter=
  -o local_recipient_maps=
  -o relay_recipient_maps=
  -o smtpd_restriction_classes=
  -o smtpd_delay_reject=no
  -o smtpd_client_restrictions=permit_mynetworks,reject
  -o smtpd_helo_restrictions=
  -o smtpd_sender_restrictions=
  -o smtpd_recipient_restrictions=permit_mynetworks,reject
  -o mynetworks_style=host
  -o mynetworks=127.0.0.0/8
  -o strict_rfc821_envelopes=yes
  -o smtpd_error_sleep_time=0
  -o smtpd_soft_error_limit=1001
  -o smtpd_hard_error_limit=1000
  -o smtpd_client_connection_count_limit=0
  -o smtpd_client_connection_rate_limit=0
  -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_address_mappings

Save and close the file. Also, update /etc/amavisd/amavisd.conf with required settings.

$daemon_user  = 'amavis';     # (no default;  customary: vscan or amavis), -u
$daemon_group = 'amavis';     # (no default;  customary: vscan or amavis), -g
$mydomain = 'nixcraft.net.in';   # a convenient default for other settings
$log_level = 1;              # verbosity 0..5, -d
$DO_SYSLOG = 1;              # log via syslogd (preferred
$inet_socket_port = 10024;   # listen on this local TCP port(s) (see $protocol)
$sa_tag_level_deflt  = -999;  # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.31; # triggers spam evasive actions
$sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent
$virus_admin               = 'postmaster@nixcraft.net.in';                    # notifications recip.
$mailfrom_notify_admin     = 'postmaster@nixcraft.net.in';                    # notifications sender
$mailfrom_notify_recip     = 'postmaster@nixcraft.net.in';                    # notifications sender
$mailfrom_notify_spamadmin = 'postmaster@nixcraft.net.in';                    # notifications sender
$mailfrom_to_quarantine = 'postmaster@nixcraft.net.in'; # null return path; uses original sender if undef
$sa_spam_subject_tag = '***SPAM*** ';
$myhostname = 'mx02.nixcraft.net.in';  # must be a fully-qualified domain name!
$notify_method  = 'smtp:[127.0.0.1]:10025';
$forward_method = 'smtp:[127.0.0.1]:10025';  # set to undef with milter!
# add your server public ip, private ip,
@inet_acl = qw( 203.1.2.3 127/8  10.10.29.11);

Save and close the file. Update spamassassin settings in /var/spool/amavisd/:
# usermod -s /bin/bash amavis
# passwd amavis
# su - amavis
$ razor-admin -discover
$ razor-admin -create
$ razor-admin -register -l -user=vivek@nixcraft.co.in -pass=somePassword
$ cd .spamassassin
$ cp /usr/share/spamassassin/user_prefs.template user_prefs
$ exit
# usermod -s /sbin/nologin amavis
Update /etc/clamd.d/amavisd.conf as follows:

# Use system logger.
LogSyslog yes

# Specify the type of syslog messages - please refer to 'man syslog'
# for facility names.
LogFacility LOG_MAIL

# This option allows you to save a process identifier of the listening
# daemon (main thread).
PidFile /var/run/amavisd/clamd.pid

# Remove stale socket after unclean shutdown.
# Default: disabled
FixStaleSocket yes

# Run as a selected user (clamd must be started by root).
User amavis

# Path to a local socket file the daemon will listen on.
LocalSocket /var/spool/amavisd/clamd.sock

Update /etc/mail/spamassassin/local.cf as follows:

required_hits 6.31
report_safe 1
rewrite_subject         0
# Enable the Bayes system
use_bayes               1
# Enable Bayes auto-learning
auto_learn              1

Save and close the file. Finally, restart postfix and other services:
# service clamd.amavisd start
# service amavisd start
# service postfix restart
Turn services on boot:
# chkconfig clamd.amavisd on
# chkconfig amavisd on
# chkconfig postfix on
Now, check your /var/log/maillog for any errors or details:
# netstat -tulpn -A inet| egrep ':25|:1002?'
# tail -f /var/log/maillog
Above configuration will open the following ports on server:

1. 10024 - Amavisd
2. 10025 - Amavisd will communicate back the results to Postfix
3. 25 - SMTP Port

A note about same priority mx servers

You can point the mail servers, all with the same priority. It offers the following benfits:

• Load balancing
• Centralized user mail managment via LDAP or MySQL / PGSQL
• Centralized virus scanning
• Centralized Spam scanning

Sample dns records:

nixcraft.com.	86400	IN	MX 	10 mx01.nixcraft.net.in.
nixcraft.com.	86400	IN 	MX 	10 mx02.nixcraft.net.in.
nixcraft.com.	86400	IN 	MX 	10 mx03.nixcraft.net.in.
; imap server
imap		86400	IN 	A 	202.54.1.2
; pop3 server - can be CNAME too
pop3		86400	IN 	A 	202.54.1.2

You may need additional servers inside your lan:

• MySQL/OpenLDAP (10.24.116.2) - Store user name, email, mailbox and other information.
• Central anti virus server (10.24.116.3) - Used by all your mx servers for scanning using TCP/IP. You can also do the same for spam scanning using TCP/IP.

Each mx server can use centralized anti spam and anti-virus server. Once scanned Postfix can deliver final mail which can be retrieved using POP3 / IMAP server.

Further Readings / References :

This FAQ assumed that you have working Postfix primary and backup server. It only covered anti spam related topics. For further details refer the following urls and respective man pages:

• Postfix
• Spamassassin
• Clamd
• Amavisd
• Bind
• Wikipedia articles about NOListing and MX record

source : cyberciti

Q. How do I enable EPEL (Extra Packages for Enterprise Linux) repo and install the packages under RHEL / CentOS Linux?

A. EPEL (Extra Packages for Enterprise Linux) is a volunteer-based community effort from the Fedora project to create a repository of high-quality add-on packages that complement the Fedora-based Red Hat Enterprise Linux (RHEL) and its compatible spinoffs, such as CentOS and Scientific Linux.

EPEL provide lots of packages for CentOS / RHEL, It is not part of RedHat or CentOS but is designed to work with these major distributions. Please note that EPEL only provides free and open source software unencumbered by patents or any legal issues. In short you will not find mp3, dvd and music / media player under EPEL. However, you will find many programs related to networking, monitoring, sys admin, programming and so on.

Packages are supplied in RPM format and in most cases are ready to use. Beware that some packages may break something and you should not blindly install those packages.

How do I enable EPEL?

Simply type the following command as root user:
# rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.rpm
List new repo:
# yum repolist
Sample output:

Loading "skip-broken" plugin
Loading "fastestmirror" plugin
repo id              repo name                                 status
addons               CentOS-5 - Addons                         enabled
base                 CentOS-5 - Base                           enabled
epel                 Extra Packages for Enterprise Linux 5 -   enabled
extras               CentOS-5 - Extras                         enabled
updates              CentOS-5 - Updates                        enabled

Once installed use yum command to list, view and install the packages:
# yum search package-name
# yum install package-name

source : cyberciti

Justin Silverton at Jaslabs has a supposed list of 10 tips for optimizing MySQL queries. I couldn’t read this and let it stand because this list is really, really bad. Some guy named Mike noted this, too. So in this entry I’ll do two things: first, I’ll explain why his list is bad; second, I’ll present my own list which, hopefully, is much better. Onward, intrepid readers!

(more…)

Stop Dreaming Start Action

Q. I get a large amount of bin files in the MySQL data directory called “server-bin.n” or mysql-bin.00000n, where n is a number that increments. What is MySQL Binary Log? How do I stop these files being created?

A. Usually /var/lib/mysql stores the binary log files. The binary log contains all statements that update data or potentially could have updated it. For example, a DELETE or UPDATE which matched no rows. Statements are stored in the form of events that describe the modifications. The binary log also contains information about how long each statement took that updated data.

The purpose of MySQL Binary Log

The binary log has two important purposes:

• Data Recovery : It may be used for data recovery operations. After a backup file has been restored, the events in the binary log that were recorded after the backup was made are re-executed. These events bring databases up to date from the point of the backup.
• High availability / replication : The binary log is used on master replication servers as a record of the statements to be sent to slave servers. The master server sends the events contained in its binary log to its slaves, which execute those events to make the same data changes that were made on the master.

Disable MySQL binlogging

If you are not replicating, you can disable binlogging by changing your my.ini or my.cnf file. Open your my.ini or /etc/my.cnf (/etc/mysql/my.cnf), enter:
# vi /etc/my.cnf
Find a line that reads “log_bin” and remove or comment it as follows:

#log_bin                        = /var/log/mysql/mysql-bin.log

You also need to remove or comment following lines:

#expire_logs_days        = 10
#max_binlog_size         = 100M

Close and save the file. Finally, restart mysql server:
# service mysql restart

Purge Master Logs

If you ARE replicating, then you need to periodically RESET MASTER or PURGE MASTER LOGS to clear out the old logs as those files are necessary for the proper operation of replication. Use following command to purge master logs:

$ mysql -u root -p 'MyPassword' -e "PURGE BINARY LOGS TO 'mysql-bin.03';"

OR

$ mysql -u root -p 'MyPassword' -e "PURGE BINARY LOGS BEFORE '2008-12-15 10:06:06';"

Synopsis: This is a cook book recipe on how to set up and run IP aliasing on a Linux box. In addition, there are instructions on how to also set up the machine to receive e-mail on the aliased IP #s.

My setup:

• Latest kernel (2.0.27 - from ftp.funet.fi:/pub/Linux/kernel/src/v2.0) - has worked since 1.3.7x.
• IP Alias compiled as a loadable module. You would have indicated in the “make config” command to make your kernel, that you want the IP Masq to be compiled as a (M)odule. Check the Modules HOW-TO (if that exists) or check the info in /usr/src/linux/Documentation/modules.txt.
• I have to support 2 additional IPs over and above the IP already allocated to me.
• A D-Link DE620 pocket adapter (not important, works with any Linux supported network adapter).

Commands:

• First load the IP Alias module (you can skip this step if you compiled the module into the kernel):

  /sbin/insmod /lib/modules/`uname -r`/ipv4/ip_alias.o

• Second, setup the loopback, eth0 and all the IP #s beginning with the main IP # for the eth0 interface:

  /sbin/ifconfig lo 127.0.0.1
  /sbin/ifconfig eth0 up
  /sbin/ifconfig eth0 172.16.3.1
  /sbin/ifconfig eth0:0 172.16.3.10
  /sbin/ifconfig eth0:1 172.16.3.100

  172.16.3.1 is the main IP #, while .10 and .100 are the aliases. The magic is the eth0:x where x=0,1,2,…n for the different IP #s. The main IP # does not need to be aliased.

• Third, setup the routes. First route the loopback, then the net and, finally, the various IP #s starting with the default (originally allocated) one:

  /sbin/route add -net 127.0.0.0
  /sbin/route add -net 172.16.3.0 dev eth0
  /sbin/route add -host 172.16.3.1 dev eth0
  /sbin/route add -host 172.16.3.10 dev eth0:0
  /sbin/route add -host 172.16.3.100 dev eth0:1
  /sbin/route add default gw 172.16.3.200

That’s it. In the example IP # above, I am using the Private IP #s (RFC 1918) for illustrative purposes. Substitute them with your own official or private IP #s.

The example shows only 3 IP #s. The max is defined to be 256 in /usr/include/linux/net_alias.h. 256 IP #s on ONE card is a lot :-)!

Here’s what my /sbin/ifconfig looks like:

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Bcast:127.255.255.255  Mask:255.0.0.0
          UP BROADCAST LOOPBACK RUNNING  MTU:3584  Metric:1
          RX packets:5088 errors:0 dropped:0 overruns:0
          TX packets:5088 errors:0 dropped:0 overruns:0

eth0      Link encap:10Mbps Ethernet  HWaddr 00:8E:B8:83:19:20
          inet addr:172.16.3.1  Bcast:172.16.3.255  Mask:255.255.255.0
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:334036 errors:0 dropped:0 overruns:0
          TX packets:11605 errors:0 dropped:0 overruns:0
          Interrupt:7 Base address:0x378 

eth0:0    Link encap:10Mbps Ethernet  HWaddr 00:8E:B8:83:19:20
          inet addr:172.16.3.10  Bcast:172.16.3.255  Mask:255.255.255.0
          UP BROADCAST RUNNING  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0
          TX packets:0 errors:0 dropped:0 overruns:0

eth0:1    Link encap:10Mbps Ethernet  HWaddr 00:8E:B8:83:19:20
          inet addr:172.16.3.100  Bcast:172.16.3.255  Mask:255.255.255.0
          UP BROADCAST RUNNING  MTU:1500  Metric:1
          RX packets:1 errors:0 dropped:0 overruns:0
          TX packets:0 errors:0 dropped:0 overruns:0

And /proc/net/aliases:

device           family address
eth0:0           2      172.16.3.10
eth0:1           2      172.16.3.100

And /proc/net/alias_types:

type    name            n_attach
2       ip              2

Of course, the stuff in /proc/net was created by the ifconfig command and not by hand!

Question: How can I keep the settings through a reboot?

Answer: Whether you are using BSD-style or SysV-style (Redhat for example) init, you can always include it in /etc/rc.d/rc.local. Here’s what I have on my SysV init system (Redhat 3.0.3 and 4.0):

• My /etc/rc.d/rc.local: (edited to show the relevant portions)

  #setting up IP alias interfaces
  echo "Setting 172.16.3.1, 172.16.3.10, 172.16.3.100 IP Aliases ..."
  /sbin/ifconfig lo 127.0.0.1
  /sbin/ifconfig eth0 up
  /sbin/ifconfig eth0 172.16.3.1
  /sbin/ifconfig eth0:0 172.16.3.10
  /sbin/ifconfig eth0:1 172.16.3.100
  #setting up the routes
  echo "Setting IP routes ..."
  /sbin/route add -net 127.0.0.0
  /sbin/route add -net 172.16.3.0 dev eth0
  /sbin/route add -host 172.16.3.1 eth0
  /sbin/route add -host 172.16.3.10 eth0:0
  /sbin/route add -host 172.16.3.100 eth0:1
  /sbin/route add default gw 172.16.3.200
  #

Question: How do I set up the IP aliased machine to receive e-mail on the various aliased IP #s (on a machine using sendmail)?

• Answer: Create (if not already existing) a file called for example, /etc/mynames.cw. It does not have to be this exact name nor in the /etc directory.
• In that file, place the official domain names of the aliased IP #s. If these aliased IP #s do not have a domain name, then you can place the IP # itself.

  /etc/mynames.cw:
  ----------------
  # /etc/mynames.cw - include all aliases for your machine here; # is a comment.
  domain.one.net
  domain.two.com
  domain.three.org
  4.5.6.7

• In your sendmail.cf file, where it defines a file class macro Fw, add the following:

  .
  .
  .
  ##################
  #   local info   #
  ##################
  .
  .
  # file containing names of hosts for which we receive email
  Fw/etc/mynames.cw
  .
  .
  .

• That should do it. Test out the new setting by invoking sendmail in test mode for example:

  ganymede$ /usr/lib/sendmail -bt
  ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
  Enter < ruleset> < address>
  > 0 me@4.5.6.7
  rewrite: ruleset  0   input: me @ 4 . 5 . 6 . 7
  rewrite: ruleset 98   input: me @ 4 . 5 . 6 . 7
  rewrite: ruleset 98 returns: me @ 4 . 5 . 6 . 7
  rewrite: ruleset 97   input: me @ 4 . 5 . 6 . 7
  rewrite: ruleset  3   input: me @ 4 . 5 . 6 . 7
  rewrite: ruleset 96   input: me < @ 4 . 5 . 6 . 7 >
  rewrite: ruleset 96 returns: me < @ 4 . 5 . 6 . 7 . >
  rewrite: ruleset  3 returns: me < @ 4 . 5 . 6 . 7 . >
  rewrite: ruleset  0   input: me < @ 4 . 5 . 6 . 7 . >
  rewrite: ruleset 98   input: me < @ 4 . 5 . 6 . 7 . >
  rewrite: ruleset 98 returns: me < @ 4 . 5 . 6 . 7 . >
  rewrite: ruleset  0 returns: $# local $: me
  rewrite: ruleset 97 returns: $# local $: me
  rewrite: ruleset  0 returns: $# local $: me
  > 0 me@4.5.6.8
  rewrite: ruleset  0   input: me @ 4 . 5 . 6 . 8
  rewrite: ruleset 98   input: me @ 4 . 5 . 6 . 8
  rewrite: ruleset 98 returns: me @ 4 . 5 . 6 . 8
  rewrite: ruleset 97   input: me @ 4 . 5 . 6 . 8
  rewrite: ruleset  3   input: me @ 4 . 5 . 6 . 8
  rewrite: ruleset 96   input: me < @ 4 . 5 . 6 . 8 >
  rewrite: ruleset 96 returns: me < @ 4 . 5 . 6 . 8 >
  rewrite: ruleset  3 returns: me < @ 4 . 5 . 6 . 8 >
  rewrite: ruleset  0   input: me < @ 4 . 5 . 6 . 8 >
  rewrite: ruleset 98   input: me < @ 4 . 5 . 6 . 8 >
  rewrite: ruleset 98 returns: me < @ 4 . 5 . 6 . 8 >
  rewrite: ruleset 95   input: < > me < @ 4 . 5 . 6 . 8 >
  rewrite: ruleset 95 returns: me < @ 4 . 5 . 6 . 8 >
  rewrite: ruleset  0 returns: $# smtp $@ 4 . 5 . 6 . 8 $: me < @ 4 . 5 . 6 . 8 >
  rewrite: ruleset 97 returns: $# smtp $@ 4 . 5 . 6 . 8 $: me < @ 4 . 5 . 6 . 8 >
  rewrite: ruleset  0 returns: $# smtp $@ 4 . 5 . 6 . 8 $: me < @ 4 . 5 . 6 . 8 >
  >

  Notice when I tested me@4.5.6.7, it delivered the mail to the local machine, while me@4.5.6.8 was to be handed off to the smtp mailer. That is the correct response.

• You are all set now.

Hope the preceding is useful to someone. Thanks to all those who have done this great work on Linux and IP Aliasing. And especially to Juan Jose Ciarlante for clarifying my questions.

Kudos to the ace programmers!

If you do find this document useful or have suggestions on improvements, do send me an e-mail at h.pillay@ieee.org.

Enjoy.

Multihop EBGP sessions are the traditional way to implement EBGP load balancing on parallel links. EBGP session is established between loopback interfaces of adjacent routers (see the next diagram; initial router configurations are included at the bottom of the article) and static routes (or an extra instance of a dynamic routing protocol) are used to achieve connectivity between loopback interfaces (BGP next-hops). The load balancing is an automatic result of the recursive route lookup of BGP next hops.

(more…)

The BGP daemon included in the Quagga suite provides an easy-to-configure source of BGP routes that you can use in your lab. Quagga BGP daemon has the following advantages over extra routers:

• It uses text configuration files that can be easily prepared and modified with external programs.
• The IP prefixes configured with the network command are advertised to the neighbors regardless of their presence in the IP routing table (Cisco IOS requires a matching entry in the IP routing table that you have to insert with an extra static route or interface IP address).
• Route-maps applied to the network command can set most BGP attributes, including AS path, extended communities and aggregator attributes.

(more…)

source : http://seotips4.com/seoblog/t241/

How many of you are still taking time and submitting to every directory you come across? Some sites offer a “Directory” section which lets members list their directories for you to submit sites too, sometimes you may find them via a huge blog list of XXXX directories to submit to. But how many of you take time, register and submit the details of your site over and over again in an attempt to gain the ever valuable backlink?

Previously directory submissions were a great way to build some solid backlinks. The trick now is most engines have updated their algorithms and started giving less weight to most of them, even being listed in big ones such as DMOZ and Yahoo isn’t what it used to be.

The problem with directories now is that they usually contain thousands of out bound links, sometimes they contain thousands of outbound links that go no where or to dead sites, or to bad sites such as “spammish” gambling and drug sites. Take that, and then the definition of a link farm, and you’ll see why most directories no longer carry any weight at all, and very few that carry some weight.

If the site is purely a directory, then chance of it giving you any bennefit is small. The directory will probably be nice and categorized, but then it’ll start getting deep down in folder structures for where your link will be placed. By the time the search engine spiders find your link, thats if they even crawl the page(s) its own, they won’t care about it.

However, some directories still continue to carry a small bit of weight for them, such as the Yahoo directory, the DMOZ directory and a few other of the larger human edited directories can still be benneficial in the link back category.

We of course don’t encourage anyone to sit around and submit their site to 500 directories, or even pay $99.99 for 1000 directory submissions. Instead, find which directories are still giving benefit of being listed in, and then try to get your site listed for that extra back link.

We’d love to hear your thoughts if you still submit to directories, be sure to leave a comment or head on over to our SEO Tips forum, and let us know there.

Related Blogs SEO

• Related Blogs on  seo
• Busby SEO Test IndoFreeBSD
• Busby SEO Test

I want join Busby SEO the Busby Search Engine Optimization World Cup

BUSBY is proud to invite SEO specialists, guru’s, masters and hot shots to compete over a 4 month period to gain the highest position they can achieve on Google (USA Google Data Center - http://72.14.207.99) Summary.

Set up your own website and optimise it for the key phrase we announce on the start date. Prizes will be awarded to the contenstants whose site is ranked 1st, 2nd, 3rd, 4th and 5th on the finish date on Google (USA Google Data Center - http://72.14.207.99).

Key Dates

Start Time:	1st October 2008 (12:00 midday, Perth, WA)
Finish Time:	31st January 2009 (12:00 midday, Perth, WA)

Prize

First Prize :	$5000
Second Prize :	$2000
Third Prize :	$500
Fourth Prize :	$250
Fifth Prize :	$100

Midway prize - $1000 to the entrant who has the highest Average ranking on Google (USA Google Data Center - http://72.14.207.99) this can be measured on Monday 5th January 2009 (12:00 midday), Perth, Western Australia.

Invite The Most Friends: iPod Touch

(Entrant Who Invites The most Friends, Who then Register and compete for the competition)

Most Creative Content : iPod Touch

(Entrant who has the most creative content on their website as judged by the Busby panel)

RULES

• Start date is 1st October 2008 (12:00 midday), Perth, Western Australia at which point the phrase will be posted on the Busby website.

• End date of 31st January 2009 (12:00 midday), Perth, Western Australia.

• Only ethical SEO techniques may be engaged and the judges reserve the right to review the techniques engaged by the winner to ensure they comply.

• No pornography, no discrimination and no illegal behaviour is permitted.

• The competition is only open to domain and sub domain names that do not include the key phrase in any form.

• Only registered entrants are eligible to compete and win the prize. Busby will maintain a list of entrants which can be view on the Entrants list page.

• Registration is free, open to anyone of any age, gender, race and domicile and can only be made through Registration Process.

• All entrants pages must have a visible link back to www.busbywebsolutions.com with the following text (including the hyperlink) in black arial 10 font: Participant in the Busby Web Solutions Search Engine Optimisation Challenge

• Only one prize per person.

• Employees, franchisees and licensees of Busby (and each of their family members) are eligible to enter but are not eligible to win any prizes.

• From time to time rules are added/updated in-line with community feedback to find the most up-to-date rules please click here.

Related Blogs Busby SEO Test

• Related Blogs on busby seo test
• Busby SEO Test IndoFreeBSD
• Busby SEO Test