Directadmin – find all email forwarders on server for specific email account

Here is simple one liner for finding all mail aliases on Directadmin server that are forwarding to your email account – in this example your@email.com. All aliases are saved in files /etc/virtual/<domain_name>/aliases.

[root@directadmin ~]# grep -ri "your@email.com" /etc/virtual/*/aliases | awk -F '/|:' {'print $4 ": " $6 " ->" $7'}
email.com: alias1 -> your@email.com
somedomain.net: sales -> your@email.com,mail2@somedomain.net
anotherdomain.com: chacha -> myaddress@anotherdomain.com,this@email.com,your@email.com
.
.
.

Bulk TTL change in Directadmin

You may want to change TTL values for all domains and their DNS records on your Directadmin server. This can be done very easily. Here is how.

  • Go to templates directory.
    cd /usr/local/directadmin/data/templates
  • Directadmin’s default TTL value is 14400, so let’s say we want to change it to 300. You will have to edit template file named.db.
    sed -ie 's/14400/300/g' named.db
  • Rewrite all configuration files for each user
    echo "action=rewrite&value=named" >> /usr/local/directadmin/data/task.queue

Wait a minute or two, then check if user configs were rewrited with new values. Go to /etc/namedb and than open .db file of some domain. It should contain new TTL value.

Directadmin – install Letsencrypt SSL certificate on server hostname

Letsencrypt is a revolutionary step forward on web security. Free, valid SSL certificates for everyone. I won’t write about how to install and config letsencrypt on Directadmin machine. I will show only how to generate and install letsencrypt certificate on your Directadmin hostname.

When you installed Letsencrypt on Directadmin and tried to install certificate for your server hostname, there is a possibility that you came to this problem: HTTP/1.1 400 Bad Request

Just do this:

cd /usr/local/directadmin/custombuild
./build update
./build letsencrypt

And than install certificate on your server hostname:

/usr/local/directadmin/scripts/letsencrypt.sh request my.serverhostname.com 4096

Open your Directadmin configuration file and change

SSL=0 to SSL=1

Also add this:

carootcert=/usr/local/directadmin/conf/carootcert.pem

Restart your Directadmin and you should be set.

Directadmin – block zip attachments with ClamAV and Exim

A lot of viruses and malware is sent in emails with zip attachments. Sometimes your antivirus like ClamAV wont catch nasty email. This is a big problem when you receiving tons of this kind of messages. So if you’re receiving tons of nasty emails containing zip attachments with viruses in it, good way to solve this is by simply reject emails with zip attachments. This was done on Directadmin server with Custombuild 2.0. Even if you’re not using Directadmin, configuration for ClamAV should be very identical.

  • If you built Exim and Clamav with Custombuild 2.0, than you should see this line in your /etc/exim.conf. Uncomment if it’s not already. If you’re using Custombuild 1.2, then this should be changed in /etc/exim.conf directly – settings in step 2 bellow.
    .include_if_exists /etc/exim.clamav.conf
  • Open file /etc/exim.clamav.conf and find word demime within that file. Then simply add zip to it. It should look like this:
    #1.0
    deny message = This message contains malformed MIME ($demime_reason)
    demime = *
    condition = ${if >{$demime_errorlevel}{2}{1}{0}}
    deny message = This message contains a virus or other harmful content ($malware_name)
    demime = *
    malware = *
    deny message = This message contains an attachment of a type which we do not accept (.$found_extension)
    demime = bat:com:pif:prf:scr:vbs:zip
    warn message = X-Antivirus-Scanner: Clean mail though you should still use an Antivirus

Now any email with zip attachment will be rejected. Sender will receive error message like this:

The error that the other server returned was: 
550 This message contains an attachment of a type which we do not accept (.zip)

Directadmin – enable and configure Spamassassin automatically on creating user

By default, when you add new user in Directadmin, Spamassassin is disabled. Some users are not aware about Spamassassin, so they’ll have it disabled and will receiving a lot of spam. It is good practice to enable Spamassassin by default and also set some settings. You can do that by adding below code in your /usr/local/directadmin/scripts/custom/user_create_post.sh script. The first step is well described on Directadmin documentation. But you may also want to define some parameters for Spamassassin when user is created. It’s really simple. You can do that by manipulating filter.conf file. Steps below are preformed on Directadmin running on FreeBSD. It should be the same for Linux also.

Continue Reading

Install PHP extension on Directadmin – fast and easy way (without custombuild)

Directadmin is pretty good, lightweight, control panel for providing web hosting service or to host your own websites/projects, managing mail … Through the years, I recompiled PHP with custombuild countless times. Problem is, that every time that you want to install some new PHP extension – exif, in this example – you’ll have to rebuild whole PHP with Directadmin’s custombuild also. That can be very annoying and time-consuming. Expesialy when things go wrong. So, there is simple way on how to quickly install PHP extensions without using custombuild. I used this way many times. In this case, installation was done on CentOS 7.2 server with Directadmin and PHP version 5.6.23.

I hope this was helpful to you in any way.

Continue Reading

Directadmin – install cloudflare module (mod_cloudflare) on apache 2.4

Be careful that you’ll download proper package from cloudflare repository. In my case, I’m using Apache 2.4 on Directadmin installation. At first, I downloaded wrong version of mod_cloudflare.c and was constantly getting errors while trying to build module.

Download mod_cloudflare

wget https://www.cloudflare.com/static/misc/mod_cloudflare/mod_cloudflare.c

Install mod_cloudflare using apxs

apxs -a -i -c mod_cloudflare.c

Check if module was installed into Apache

[root@server ~]# httpd -M | grep cloud
cloudflare_module (shared)

Directadmin and wrong JPEG library version – FreeBSD

I came across this error a few times on DirectAdmin installations. I first noticed this error when I installed Nextgen Gallery plugin on some WordPress installation. When I tried to upload some pictures, php should resize them and create thumbnails, but instead of thumbnails I’ll get error about JPEG library (checked in error log). Below is procedure on how to fix that error. At least it worked for me. This Directaadmin was installed on FreeBSD 9.1.

  • Login as root
  • Update ports
[root@lala ~]# portsnap fetch update
  • Delete currently installed JPEG library
[root@lala ~]# pkg_info | grep jpeg
[root@lala ~]# pkg_delete jpeg
  • Install jpeg library with custombuild
  • Edit your configuration script for php in custombuild. Add or edit values as bellow. Notice that path is not /usr/local/lib anymore.
–with-gd \
–with-jpeg-dir=/usr/local \
  • Rebuild PHP with custombuild
[root@lala ~]# cd /usr/local/directadmin/custombuild
[root@lala /usr/local/directadmin/custombuild]# ./build php n
  • When build is complete, restart Apache and try it again. It should work.
[root@lala ~]# /usr/local/etc/rc.d/httpd restart

 

Directadmin – auto block IP with firewall on FreeBSD

I wanted to block IP adressess which Directadmin recognized as source of brute force attacks. There is documentation about this for Linux and FreeBSD. I’m using PF as firewall on my system and not IPFW. There is only documentation how to create this with IPFW. So here is a little tweak and IP’s are blocked with PF automatically. Here is how:

In /etc/pf.conf create new table spammers that will persist on file /etc/spammers.

table  persist file “/etc/spammers”

Create block rule so that IP addresses from spammers table will be blocked. Ifext is my network card so change this to your needs.

block drop in quick on $ifext from  to any

In /usr/local/directadmin/scripts/custom/ create new script block_ip.sh and add code below.

#!/bin/sh
echo “Blocking $ip with pf …
”;
pfctl -t spammers -T add $ip
echo $ip >> /etc/spammers
exit $?

As you can see we are using command pfctl -t spammers -T add $ip which is PF syntax. When IP will be recorded it will be immediately added to table spammers and file /etc/spammers that we’ll create in next step. When pf restarts, rule is deleted from ram. But in this case IP is also stored in file /etc/spammers so it will be loaded in spammers table.

Create file /etc/spammers and save it. Thats were blocked IP’s will save.
This script must be manualy started from Directadmin administration. We can make it to run automatically. In /usr/local/directadmin/scripts/custom/ create another script named brute_force_notice_ip.sh. As specified in directadmin documentation you do that like so:

cd /usr/local/directadmin/scripts/custom
wget http://files.directadmin.com/services/all/brute_force_notice_ip.sh
chmod 700 brute_force_notice_ip.sh

IP’s that are listed as source of brute force attacks will now be automaticly blocked with PF.

Directadmin – enable and configure Spamassassin automatically when adding user

By default, when you add new user in Directadmin, Spamassassin is disabled. Some users may not know about Spamassassin, so they’ll have it disabled and will receiving a lot of spam. So it may be good practice to enable Spamassassin by default. You can do that by adding below code in your /usr/local/directadmin/scripts/custom/user_create_post.sh script. The first step is well described on Directadmin sites. But you may also want to define some parameters for Spamassassin “on the fly”. You can do that by manipulating filter.conf file.
In this example I want that on user creation:

  1. spam goes to appropriate users spam folder,
  2. I don’t want to delete high scoring spam,
  3. I want to rewrite subject of spam email with *****SPAM*****.

Just add below code in your user_create_post.sh script. And remove script comments (##).

## We enable Spamassassin, create needed files and give them appropriate permissions
if [ “$spam” = “ON” ]; then
DIR=/home/$username/.spamassassin
mkdir $DIR
touch $DIR/user_prefs
chown ${username}:mail $DIR
chmod 771 $DIR
chown $username:$username $DIR/user_prefs
chmod 755 $DIR/user_prefs
touch $DIR/spam
chown mail:$username $DIR/spam
chmod 660 $DIR/spam

## Here we define some variables for Spamassassin by adding some lines to filter.conf
echo “high_score=15” >> /etc/virtual/$domain/filter.conf
echo “high_score_block=no” >> /etc/virtual/$domain/filter.conf
echo “where=userspamfolder” >> /etc/virtual/$domain/filter.conf
echo “rewrite_header subject *****SPAM*****” >> /home/$username/.spamassassin/user_prefs

## Adding operation in task queue
echo “action=rewrite&value=filter&user=$username” >> /usr/local/directadmin/data/task.queue
fi
exit 0;

© 2017 geegkytuts.net
Hosted by Hosterdam


About author