Monthly Archives: March 2014

Postfix and AntiSpam Smtp Proxy – ASSP

http://www.howtoforge.com/antispam_smtp_proxy

perl -MCPAN -e shell

install Compress::Zlib
install Digest::MD5
install Email::Valid
install File::ReadBackwards
install Mail::SPF::Query
install Mail::SRS
install Net::DNS
install Sys::Syslog
install Time::HiRes

cd /usr/src/
wget http://downloads.sourceforge.net/project/assp/ASSP%20V2%20multithreading/2.4.1%2014085/ASSP_2.4.1_14085_install.zip
unzip ASSP_2.4.1_14085_install.zip

mkdir -p /usr/share/assp/spam
mkdir /usr/share/assp/notspam
mkdir /usr/share/assp/errors
mkdir /usr/share/assp/errors/spam
mkdir /usr/share/assp/errors/notspam

mv -f assp/* /usr/share/assp
rm -fr ASSP_2.4.1* assp changelog.txt Install.txt MacOSX-launchd.txt quickstart.txt Win32-quickstart-guide.txt
chown -R 0.0 /usr/share/assp
cd /usr/share/assp
perl assp.pl

http://hostname:55555

login: root
password: nospam4me

Server Setup
-> Run ASSP as a Daemon (AsADaemon)
-> SMTP Destination -> 127.0.0.1:25
-> Listen Port -> 192.168.122.1:25
Recipients -> Local Domains -> faix.cz
Relaying -> Accept All Mail (acceptAllMail) -> 192.168.122.|127.0.0.1
Security -> Web Admin Password

/etc/postfix/master.cf
localhost:smtp inet n – n – – smtpd

service postfix restart

/etc/init.d/assp

#########################
#!/bin/sh -e

# Start or stop ASSP (Anti-Spam SMTP Proxy)
#
# Script by Abey Marquez <abeymarquez@gmail.com>
# v1.0.1 Changed 'force-reload' to force a restart if it can't reload the config. Also changed 'restart' to start the proc if not running.
# v1.0.0 I'm not an expert but I tried to make this as LSB compliant as possible. Should work really nice with Ubuntu.

### BEGIN INIT INFO
# Provides: ASSP (Anti-Spam SMTP Proxy)
# Required-Start: $syslog, $local_fs
# Required-Stop: $syslog, $local_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Start or stop ASSP
# Description: Start or stop ASSP (Anti-Spam SMTP Proxy)
### END INIT INFO

PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
NAME=assp.pl
HOME=/usr/share/assp
DAEMON=$HOME/$NAME
PIDFILE=$HOME/pid
INITSCRIPT=/etc/init.d/assp

. /lib/lsb/init-functions

case "$1" in

start)
log_daemon_msg "Starting ASSP (Anti-Spam SMTP Proxy)" "assp"
start-stop-daemon --start --quiet --pidfile $PIDFILE --startas $DAEMON 2>&1 > /dev/null --chdir $HOME
log_end_msg $?
;;

stop)
log_daemon_msg "Stopping ASSP (Anti-Spam SMTP Proxy)" "assp"
start-stop-daemon --stop --quiet --pidfile $PIDFILE --chdir $HOME
log_end_msg $?
;;

restart)
if [ -f $PIDFILE ]; then
$0 stop
sleep 1
$0 start
else
$0 start
fi
;;

reload)
log_action_begin_msg "Reloading ASSP (Anti-Spam SMTP Proxy) configuration"
if [ -f $PIDFILE ]; then
if kill -1 $(cat $PIDFILE); then
log_action_end_msg 0
else
log_action_end_msg 1
fi
else
log_action_end_msg 1
exit 1
fi
;;

force-reload)
log_action_begin_msg "Reloading ASSP (Anti-Spam SMTP Proxy) configuration"
if [ -f $PIDFILE ]; then
if kill -1 $(cat $PIDFILE); then
log_action_end_msg 0
else
log_action_cont_msg "Could not reload configuration. Restarting"
$0 restart
fi
else
log_action_cont_msg "Could not reload configuration. Restarting"
$0 restart
fi
;;

status)
status_of_proc $DAEMON "ASSP (Anti-Spam SMTP Proxy)"
;;

*)
log_action_msg "Usage: $INITSCRIPT {start|stop|restart|reload|force-reload|status}"
exit 1
;;

esac
exit 0
####################

chmod 755 /etc/init.d/assp
update-rc.d assp defaults

Have fun with all the options and after a week rebuild the bayes database. Check the directories /usr/share/assp/spam and nospam for wrong entries,
if good mail ends up in the spam directory please move it to the nospam directory and vice versa.

Wake-on-LAN (WOL)

https://wiki.archlinux.org/index.php/Wake-on-LAN
http://wiki.xbmc.org/index.php?title=HOW-TO:Set_up_Wake-On-Lan_(Ubuntu)
https://fitzcarraldoblog.wordpress.com/2013/02/26/how-to-prevent-a-usb-mouse-auto-suspending-in-linux-when-a-laptops-power-supply-is-disconnected/

First query the driver to see if it’s defaulted to ‘on’ by using ethtool:
ethtool eth0 | grep Wake-on

To enable the wol feature in the driver, simply run the following:
ethtool -s eth0 wol g

This command does not last beyond the next reboot.

Keep WOL persistent over restarts adding command to following startup script:
/etc/rc.local

ethtool -s eth0 wol g

Test WOL from another computer:
etherwake -i eth0 6c:f0:49:7a:52:10

Sleep computer from CLI:
pm-suspend

In some cases ethtool eth0 shows “Wake-on: g“, but after second suspending of the machine, if magic packet is received, suspend is disabled “Wake-on: d” and doesn’t work anymore.

In my case, I have accidentaly installed laptop-mode-tools on my desktop, so running apt-get purge laptop-mode-tools solved my WOL disabling problem.

Collectd installation on Debian

apt-get install collectd lighttpd php5-cgi rrdtool perl librrds-perl libconfig-general-perl libcurl3-gnutls libsensors4 librrds-perl librrd4 libhtml-parser-perl default-jre-headless libregexp-common-perl

cp -fa /usr/share/doc/collectd/examples/collection3 /var/www/
chown -R www-data:www-data /var/www/collection3/
mkdir /usr/lib/cgi-bin/collectd
cp -fa /usr/share/doc/collectd/examples/collection.cgi /usr/lib/cgi-bin/collectd/

configure cpan
cpan
cpan Config::General
cd /etc/lighttpd/conf-enabled
ln -s 10-cgi.conf ../conf-available/10-cgi.conf
ln -s 10-fastcgi.conf ../conf-available/10-fastcgi.conf
ln -s 15-fastcgi-php.conf ../conf-available/15-fastcgi-php.conf
ln -s 90-javascript-alias.conf /etc/javascript-common/lighttpd.conf

/etc/lighttpd/lighttpd.conf

server.modules = (
"mod_access",
"mod_alias",
"mod_compress",
"mod_redirect",
"mod_rewrite",
)

server.port = 80
server.document-root = "/var/www/"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"

index-file.names = ( "index.php", "index.html",
"index.htm", "default.htm",
"index.cgi", "index.lighttpd.html" )

url.access-deny = ( "~", ".inc" )

static-file.exclude-extensions = ( ".php", ".pl", ".fcgi", ".cgi" )

dir-listing.encoding = "utf-8"
server.dir-listing = "enable"

compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ( "application/x-javascript", "text/css", "text/html", "text/plain" )

include_shell "/usr/share/lighttpd/create-mime.assign.pl"
include_shell "/usr/share/lighttpd/include-conf-enabled.pl"

/var/www/collection3/index.html

<html>
<head>
<meta HTTP-EQUIV="REFRESH" content="0; url=http://home-server/collection3/bin/index.cgi">
</head>
</html>

/etc/init.d/lighttpd restart

XBMC installation on Debian

XBMC installation:

echo "deb http://www.deb-multimedia.org/ jessie main non-free" >> /etc/apt/sources.list
echo "deb-src http://www.deb-multimedia.org/ jessie main" >> /etc/apt/sources.list
echo "deb http://debian.oppserver.net/xbmc/ jessie main non-free contrib" > /etc/apt/sources.list.d/oppxbmc.sources.list
echo "deb-src http://debian.oppserver.net/xbmc/ jessie main non-free contrib" >> /etc/apt/sources.list.d/oppxbmc.sources.list

wget http://debian.oppserver.net/gpg-debian.oppserver.net-signing-pubkey.asc -O - | apt-key add -

aptitude update

aptitude install xserver-xorg-video-intel xserver-xorg-video-vesa xorg-common x11-session-utils xinit alsa-base nfs-common xbmc xbmc-bin xbmc-data xbmc-eventclients-common xbmc-eventclients-dev xbmc-eventclients-j2me xbmc-eventclients-ps3 xbmc-eventclients-wiiremote xbmc-eventclients-xbmc-send xbmc-skin-confluence xbmc-standalone xbmc-eventclients-common

/etc/systemd/system/xbmc.service

[Unit]
Description = XBMC media center
After = syslog.target

[Service]
User = xbmc
Group = xbmc
Type = simple
ExecStart = /usr/bin/xinit /usr/bin/xbmc-standalone -- :0
Restart = on-failure

[Install]
WantedBy = multi-user.target

systemctl enable xbmc.service

dpkg-reconfigure x11-common
and choose “Anybody”

usermod -a -G adm,sudo,cdrom,floppy,audio,video,plugdev,netdev,fuse xbmc

systemctl start xbmc

Install SuperRepo
http://superrepo.org/get-started/optional-methods/

Install XBMCHub
http://www.xbmchub.com/blog/how-to-use-the-xbmchub-com-configuration-wizard-addon-for-dummies-and-see-mount-rushmore-from-xbmc/

Spamassassin and Postifx configuration

http://www.akadia.com/services/postfix_spamassassin.html

aptitude install spamassassin spamc

/etc/default/spamassassin

ENABLED=1
SAHOME="/var/log/spamassassin/"
OPTIONS="--create-prefs --max-children 2 --username debian-spamd -H ${SAHOME} -s ${SAHOME}spamd.log"
PIDFILE="/var/run/spamd.pid"
CRON=1

/etc/postfix/master.cf

smtp inet n - - - - smtpd -o content_filter=spamfilter
spamfilter unix - n n - - pipe
flags=Rq user=debian-spamd argv=/usr/local/bin/spamfilter.sh -oi -f ${sender} ${recipient}

mkdir /var/spamchk
chmod 775 /var/spamchk
chown debian-spamd:debian-spamd /var/spamchk

/usr/local/bin/spamfilter.sh

#!/bin/sh
# -----------------------------------------------------------------
# File: spamchk
#
# Purpose: SPAMASSASIN shell-based filter
#
# Location: /usr/local/bin
#
# Usage: Call this script from master.cf (Postfix)
#
# Certified: Ubuntu Linux, Spamassassin 3.3.x, Postfix 2.7.x
# -----------------------------------------------------------------
# Variables
SENDMAIL="/usr/sbin/sendmail -i"
EGREP=/bin/egrep
TMPFILE=/tmp/spamchk.$$
SIDELINE_DIR=/var/spamchk
# Number of *'s in X-Spam-level header needed to sideline message:
# (Eg. Score of 5.5 = "*****" )
SPAMLIMIT=3
# Clean up when done or when aborting.
trap "rm -f $TMPFILE" 0 1 2 3 15
# Pipe message to spamc and store in $TMPFILE
cat | /usr/bin/spamc -u filter | sed 's/^\.$/../' &gt; $TMPFILE
# Are there more than $SPAMLIMIT stars in X-Spam-Level header?
if $EGREP -q "^X-Spam-Level: \*{$SPAMLIMIT,}" &lt; $TMPFILE
then
# Option 1: Move high scoring messages to sideline dir so
# a human can look at them later:
mv $TMPFILE $SIDELINE_DIR/`date +%Y-%m-%d_%R`-$$
# Option 2: Divert to an alternate e-mail address:
# $SENDMAIL xyz@xxxx.xx &lt; $TMPFILE
# Option 3: Delete the message
# rm -f $TMPFILE
else
$SENDMAIL "$@" &lt; $TMPFILE
fi
# Postfix returns the exit status of the Postfix sendmail command.
exit $?

/etc/spamassassin/local.cf

rewrite_header Subject *****SPAM***** (_SCORE_)
report_safe 0
trusted_networks 192.168.122.
required_score 3.0
use_bayes 1
bayes_auto_learn 1
ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
shortcircuit ALL_TRUSTED on
endif # Mail::SpamAssassin::Plugin::Shortcircuit

service spamassassin start
service postfix restart

FusionInvoice installation on LAMP

FusionInvoice installation on Linux / Apache / MySQL / PHP (LAMP) with czech language support
https://www.fusioninvoice.com/

aptitude install apache2 mysql-server php5 php5-mcrypt php5-mysql

mkdir /var/www/fusion
cd /var/www/
wget -O fusion.zip https://www.fusioninvoice.com/download_file/15/install
unzip fusion.zip
rm -f fusion.zip
mv FusionInvoice-1.3.5-full/ fusion

mkdir /var/www/fusion/application/language/cz_CZ
cd /var/www/fusion/application/language/cz_CZ
wget -O fusion-translation.zip https://crowdin.net/download/project/fusioninvoice.zip
unzip -j fusion-translation.zip cs/application/language/* .
rm -f fusion-translation.zip

cd /var/www
chown -R www-data:www-data fusion

mysql -u root -p

CREATE DATABASE `fusion`;
CREATE USER `fusion`;
SET PASSWORD FOR 'fusion' = PASSWORD('mysecretpassword');
GRANT ALL PRIVILEGES ON `fusion`.* TO 'fusion'@'localhost' IDENTIFIED BY 'mysecretpassword';
FLUSH PRIVILEGES;
EXIT

rm -f ~/.mysql_history

/var/www/fusion/application/config/config.php
Replace

$config['index_page'] = 'index.php';

with
$config['index_page'] = '';

/var/www/fusion/application/config/database.php

$db['default']['username'] = 'fusion';
$db['default']['password'] = 'mysecretpassword';
$db['default']['database'] = 'fusion';

/var/www/fusion/.htaccess

RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php/$0 [PT,L]

/etc/apache2/sites-available/fusion

<VirtualHost *:80>
ServerAdmin sysadmin@mydomain.com
ServerName fusion.mydomain.com
ServerAlias localhost
DocumentRoot /var/www/fusion

<Directory /var/www/fusion>
Options -Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
DirectoryIndex index.php index.html
</Directory>

ErrorLog /var/log/apache2/fusion-error.log

# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn

CustomLog /var/log/apache2/fusion-access.log combined
</VirtualHost>

/etc/apache2/ports.conf
# comment following line
#NameVirtualHost *:80
Listen 80

a2enmod rewrite
a2ensite fusion
service apache2 reload

http://localhost/index.php/setup