Plesk and qmail

I spent several hours this evening tying down a problem with the qmail server on one of our machines. Eventually, I found that 77000 messages had been sent from an auto-emailer function triggered by a malformed piece of MySQL on another server.

However, it has allowed me to find a use a couple of command line functions that I’ve not really used all that much before

/etc/init.d/qmail stop | start | restart

/var/qmail/bin/qmail=qstat

qmHandle -l

qmHandle -h’Subject: blah’

qmHandle is a helpful command line tool that allows you to manipulate the qmail queue (remembering that you need to edit the perl script once downloaded to set the user config)

# Set this to your qmail queue directory (be sure to include the final slash!)
my ($queue) = ‘/var/qmail/queue/’;
my ($bigtodo) = (-d “${queue}todo/0″) ? 0 : 1; # 1 means no big-todo

# While this is if you have a Debian GNU/Linux with its qmail package
my ($stopqmail) = ‘/etc/init.d/qmail stop’;
my ($startqmail) = ‘/etc/init.d/qmail start’;

# Enter here the system command which returns qmail PID.
my ($pidcmd) = ‘pidof qmail-send’;

NautilusSVN

This is an absolute dream... like many who use SVN and have used Windows in the past, TortoiseSVN was it. There wasn't anything like it for Ubuntu... or at least that's what I thought until I took a look around and finally found: NautilusSVN on GoogleCode.

It's not as feature-rich as TortoiseSVN, but it does what it needs to do and has icon overlays which prettily tell you when files are out of sync with the repro.

Thanks guys!

Continued PCI Plesk issues

I thought I'd fixed the problems that related to PCI compliance, but it would appear that I was wrong.

The most recent PCI check flagged SSL2 errors on the imaps and pops ports. Thanks to a helpful site, the solution wasn't that far away though:

sudo -s
joe /etc/courier-imap/imapd-ssl
TLS_CIPHER_LIST="HIGH:MEDIUM:!SSLv2:!LOW:!EXP:!aNULL:@STRENGTH"

sudo -s
joe /etc/courier-imap/pop3d-ssl
TLS_CIPHER_LIST="HIGH:MEDIUM:!SSLv2:!LOW:!EXP:!aNULL:@STRENGTH"

Then restart courier:

/etc/init.d/courier restart

You can test the connection with the following:

openssl s_client -connect localhost:995 -ssl2
openssl s_client -connect localhost:995 -cipher EXP:LOW

Loading SSL certificates in Plesk

Recently had an issue with the SSL certificates on our Plesk servers. After some playing around, it turned out to be an issue with the way IE and Firefox handle the certificates differently and the way in which they are loaded into the Plesk GUI.

Our certificates are purchased through UK2 and uploaded to Plesk > 8.1

• Alter the domain to run on an exclusive IP address
• update dns settings for domain appropriately.
• plesk -> select domain -> settings -> select IP from 'IP address' drop down
• Get a new SSL certificate for the domain.
• Plesk -> select domain -> certificates -> add new certificate
• complete form.
• copy resulting CSR to clip board
• request free SSL cert from uk2 control panel for the related server
• Once it's issued, manipulate supplied SSL certificate files
• From the supplied zip file, open UTNAddTrustServerCA.crt and AddTrustExternalCARoot.crt PositiveSSLCA.crt within a text editor.
• Create a NEW file with the content of each of the above files (in same order) with no spaces between them and save it as chain.crt (concatenate the files)
• Upload the www_domain_name_com.crt file and chain.crt file to the server.
• Plesk -> select domain -> certificates -> the new certificate
• Under 'upload certificate files', browse for www_domain_name_com.crt under 'certicate' and chain.crt under 'CA certificate' and then click send file.
• Alter the domain to use the new certificate
• Plesk -> select domain -> settings -> select new certificate from the certificate drop down

SSL and Plesk (IE and Firefox)

Recently had an issue with the SSL certificates on our Plesk servers. After some playing around, it turned out to be an issue with the way IE and Firefox handle the certificates differently and the way in which they are loaded into the Plesk GUI.

Our certificates are purchased through UK2 and uploaded to Plesk > 8.1

• Alter the domain to run on an exclusive IP address
• update dns settings for domain appropriately.
• plesk -> select domain -> settings -> select IP from 'IP address' drop down
• Get a new SSL certificate for the domain.
• Plesk -> select domain -> certificates -> add new certificate
• complete form.
• copy resulting CSR to clip board
• request free SSL cert from uk2 control panel for the related server
• Once it's issued, manipulate supplied SSL certificate files
• From the supplied zip file, open UTNAddTrustServerCA.crt and AddTrustExternalCARoot.crt PositiveSSLCA.crt within a text editor.
• Create a NEW file with the content of each of the above files (in same order) with no spaces between them and save it as chain.crt (concatenate the files)
• Upload the www_domain_name_com.crt file and chain.crt file to the server.
• Plesk -> select domain -> certificates -> the new certificate
• Under 'upload certificate files', browse for www_domain_name_com.crt under 'certicate' and chain.crt under 'CA certificate' and then click send file.
• Alter the domain to use the new certificate
• Plesk -> select domain -> settings -> select new certificate from the certificate drop down

Mounting home on a different partition

I recently did a reinstall of Ubuntu and rather than loosing all my personal data and having to copy it all back from the backup server, decided to put /home on a separate partition, leaving the rest of the drive for Ubuntu.

Thanks to the help on the Ubuntu blog, I got it set up and running with no problems, leaving a quick mount after the reinstall to get think back up and running. No more faffing around trying to get the machine setup as it was before... all the app specific information is already where it needs to be.

sudo -s
move /home /home1
mkdir /home
mount /dev/sda1 /home
joe /etc/fstab

/dev/sda1 /home ext3 nodev,nosuid 0 2

Find and remove

Was needing to find all the .jpg files in my music folder and remove them - good old terminal...:

find -name "*.jpg" -exec rm {} \;