SSL Certificates in plesk seem to be a bit of a pain in the bum. The option to secure the control panel is not somewhere obvious (if you ask me) and to secure email connections you have to start digging around in a terminal. Now, whilst I don't mind that I appreciate that other people may not be quite as happy...
So, to secure your control pannel in plesk first make sure you have a current, valid, signed certificate. I won't go into how to do this just yet, maybe that's a post for another week.
Once you have the certificate from the left hand menu goto;
server management ->tools and settings
then under head to
tools and resources -> ssl certificates
Find the ssl certificate that you want to use to secure the control panel (check it's the one with the hostname of the server), tick the check box on the left hand side
Head back up the page until you hit the blue bar with "remove ssl certificate" and "secure the panel" and "make default for websites. Click "secure the panel".
It's fairly obvious when you know how but it takes me ages to remember where that bloody button is.
The next bit we need to do is secure the mail server side of things.
Tuesday, 21 May 2013
Monday, 13 May 2013
Mail Queue recovery on Qmail
One of my servers has once again been had by the unwashed idiots who like sending spam and have left me with a fairly significant mail queue to try and clear out.
The last time this happened there were 200,000 mails in the queue totalling a couple of gig so on that occasion I decided to remove the queue and create a new one. I didn't write that one up but maybe I ought to at some point. Because this issue seems to be a little more manageable (a mear 18,000 and 300mb) I have decided to try and clear things up rather than create a new queue.
The most important thing to do in this situation (IMHO) is to stop the server from sending spam out, identify the source of the issue which has allowed someone to send the spam then "fix" the queue. This write up assumes that the first 2 items have been dealt with.
As always with the stuff I put here, it worked for me, your milage may vary.
The first thing to do is find some pattern to search for in order to clean the crap from your queue;
cd /var/qmail/queue/mess/0
ls
This will give you a load of files with numeric ids, pick a few at random and
less <filename>
Look through and see if there is anything that looks out of place (like it's spam). In this particular instance (as I write this up)I found most of the spam had one of the following strings in it;
Subject: Exception Notification
Subject: Logistics Delivery Notification
Subject: Mail Notification Service
The problem had been caused by a crap php "contact us" page so a large amount of the mail appeared to come from anonymous@myservername.com. So I ran the following line first with the anonymous email address as the string then with 'Notification' as the string. I fully intending to go back in and see what was left;
find -type f -exec grep -q 'YOUR_STRING_HERE' '{}' \; -exec rm -f '{}' \;
It turns out however that this only left me with 41 emails in the queue so I decided not to bother.
Just for reference this line should give you the current length of your mail queue.
/var/qmail/bin/qmail-qstat
logs are at
/usr/local/psa/var/log/maillog
/usr/local/psa/var/log/smtp_pendings.log
GW
The last time this happened there were 200,000 mails in the queue totalling a couple of gig so on that occasion I decided to remove the queue and create a new one. I didn't write that one up but maybe I ought to at some point. Because this issue seems to be a little more manageable (a mear 18,000 and 300mb) I have decided to try and clear things up rather than create a new queue.
The most important thing to do in this situation (IMHO) is to stop the server from sending spam out, identify the source of the issue which has allowed someone to send the spam then "fix" the queue. This write up assumes that the first 2 items have been dealt with.
As always with the stuff I put here, it worked for me, your milage may vary.
The first thing to do is find some pattern to search for in order to clean the crap from your queue;
cd /var/qmail/queue/mess/0
ls
This will give you a load of files with numeric ids, pick a few at random and
less <filename>
Look through and see if there is anything that looks out of place (like it's spam). In this particular instance (as I write this up)I found most of the spam had one of the following strings in it;
Subject: Exception Notification
Subject: Logistics Delivery Notification
Subject: Mail Notification Service
The problem had been caused by a crap php "contact us" page so a large amount of the mail appeared to come from anonymous@myservername.com. So I ran the following line first with the anonymous email address as the string then with 'Notification' as the string. I fully intending to go back in and see what was left;
find -type f -exec grep -q 'YOUR_STRING_HERE' '{}' \; -exec rm -f '{}' \;
It turns out however that this only left me with 41 emails in the queue so I decided not to bother.
Just for reference this line should give you the current length of your mail queue.
/var/qmail/bin/qmail-qstat
logs are at
/usr/local/psa/var/log/maillog
/usr/local/psa/var/log/smtp_pendings.log
GW
Subscribe to:
Posts (Atom)