How to enable DKIM in cPanel server.

DomainKeys Identified Mail (DKIM) lets an organization take responsibility for a message while it is in transit and one can use this to prevent from getting blacklisted by the free email providers like Yahoo, MSN and Google. DKIM can increase the mail authenticity.

cPanel does not have an interface to enable DKIM like we have for SPF and Domain Keys. cPanel is still working on it for getting it implemented. However we can enable it manually by following the below steps.

Check if exim is compiled with DKIM support enabled.

[bash]root@server # /usr/sbin/exim -dd 2>&1 | grep Experimental_DKIM[/bash]

[bash]Support for: crypteq iconv() IPv6 PAM Perl OpenSSL Content_Scanning Old_Demime Experimental_SPF Experimental_SRS
Experimental_DomainKeys Experimental_DKIM[/bash]

Generate the SSL keys

[bash]cd /usr/local/cpanel/etc/exim[/bash]

[bash]openssl genrsa -out dkim.key 1024[/bash]

 

[bash]openssl rsa -in dkim.key -out dkim.public -pubout -outform PEM[/bash]

 

You will find two keys, dkim.key & dkim.public

Open dkim.public and copy the contents excluding the –Begin– and –End– section. This is your DKIM key.  Now open exim configuration file and append the below entries under the section ‘remote_smtp’

Sample file: vi /etc/exim.conf

——————————-

[bash]remote_smtp:
driver = smtp
#
dkim_domain=your_domain_name.com
dkim_selector=mail
dkim_private_key=/usr/local/cpanel/etc/exim/dkim.key #path to the dkim.key key.
interface = ${if exists {/etc/mailips}{${lookup{$sender_address_domain}lsearch*{/etc/mailips}{$value}{}}}{}}
helo_data = ${if exists {/etc/mailhelo}{${lookup{$sender_address_domain}lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}
{$primary_hostname}}[/bash]

————————–

Now on WHM, open DNS editor for the particular domain and add the TXT entry with DKIM key like below.

————————–

[bash]mail._domainkey.domain_name.com. IN TXT “v=DKIM1; g=*; k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDv4PSEM9P
cxlI2tRojAUQ9hpRQ0Zj/XM4SK08/Drhm/CaspJAKZF9rZDAw18TrfuXeRgsMWAdS2vJ4Oa/kXqX0NM2eBJcmasu4GeNXANmXvC1umz+8mC6r
EPlE/Ucau4tmAHOZL0HJ9IDd/PIxoTkeTm3mjGeqvKBLbdvVIDXbcQIDAQAB”[/bash]

————————–

Here p=the_key_you_have_copied_from_dkim.public

Restart exim and named services.

[bash]/scripts/restartsrv exim[/bash]

[bash]/scripts/restartsrv named[/bash]

To check whether DKIM is setup properly, send a mail to , if setup properly, you will get a reply like below ,else a failure message.

Exim: remove mails in queue from a particular sender.E

“spams”, its one of the major issue that a sys admin has to deal with throughout his job.  First you need to find the user who is generating it. You can get it from the mail headers.  Once you find the user, disable the script that was responsible for spams, but it may have already kept thousands(may be lacks) of mails in the exim queue waiting for its chance to get delivered.  To delete these mails one by one is impossible.  In a cPanel server having exim mail,  you can use the following command to delete mails in the current queue generated by that particular user only.

Image result for Exim: remove mails in queue from a particular sender.E

SSH into the server

exiqgrep -i -f user@domain.com | xargs exim -Mrm

-i print messages id
-f from address
-Mrm remove mails

Image result for Exim: remove mails in queue from a particular sender.E

Remove mails to a particular sender in the queue :-

exiqgrep -i -t user@domain.com | xargs exim –Mrm

OpenVZ network down SIOCADDRT: Network is unreachable

Have you ever come across in a situation where the VPS is running, but network is unreachable?  OpenVZ VPS may be up and running, but network service will be down resulting downtime for websites hosted in it. If you try to restart the network, you will get the below error:

Image result for OpenVZ network down SIOCADDRT: Network is unreachable

====================================

[root@pers ~]# /etc/init.d/network restart

Shutting down interface venet0:                            [  OK  ]

Shutting down loopback interface:                          [  OK  ]

Bringing up loopback interface:                            [  OK  ]

Bringing up interface venet0:  SIOCADDRT: Network is unreachable

SIOCADDRT: Network is unreachable

Image result for OpenVZ network down SIOCADDRT: Network is unreachable

====================================

To fix this, SSH into the main node server and enter into the VPS and  then execute the below comand.

/etc/sysconfig/network-scripts/ifup-routes venet0:0

How to configure NAT with iptables on a VPS.

NAT ( network-address-translation ) with iptables  helps us in how to select the packets we want to mangle. We can easily configure NAT on a OpenVZ VPS by following the below steps.

Lets first consider a VPS in which NAT is not enabled. Trying to POSTROUTE from VPS throws you errors.

iptables -t nat -A POSTROUTING -s 10.9.0.0/24 -o venet0 -j SNAT –to 111.140.170.134

Image result for How to configure NAT with iptables on a VPS.

or iptables -t nat -nvL

iptables v1.3.5: can’t initialize iptables table `nat’: Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

To Enable NAT :

* Login to Node server.

Check vzcinfiguration file to find whether NAT is enabled or not.

grep -i iptables /etc/vz/vz.conf

You will get

## IPv4 iptables kernel modules
IPTABLES=”ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length”

Add NAT to the configuration file.

vi /etc/vz/vz.conf

insert ‘iptable_nat’ on to the iptables modules.

## IPv4 iptables kernel modules

IPTABLES=”iptable_nat ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length”

Check NAT is loaded or not,

lsmod | grep nat

================================
[root@node ~]# lsmod | grep nat
iptable_nat            43404  3
ip_nat                 53520  2 iptable_nat,vzrst
ip_conntrack          101396  6 iptable_nat,vzrst,ip_nat,vzcpt
nfnetlink              40392  2 ip_nat,ip_conntrack
ip_tables              57440  3 iptable_nat,iptable_mangle,iptable_filter
x_tables               52744  11 iptable_nat,xt_tcpudp,xt_length,ipt_ttl,xt_tcpmss,ipt_TCPMSS,xt_multiport,xt_limit,ipt_tos,ipt_REJECT,ip_tables

================================

* Now save the paraments for the VPS to which NAT has to be enabled.

from node :

vzctl set VZID –iptables “iptable_nat iptable_filter iptable_mangle ip_conntrack ipt_conntrack ipt_REDIRECT ipt_REJECT ipt_multiport ipt_helper ipt_LOG ipt_state” –save

VZID is VPS ID, replace it with the correct one.

* Restart VPS

vzctl restart VZID

* Enter into the VPS

vzctl enter VZID

* Check for NAT

iptables -t nat -nvL

===================
[root@vz ~]# iptables -t nat -nvL
Chain PREROUTING (policy ACCEPT 2 packets, 88 bytes)
pkts bytes target     prot opt in     out     source               destination

Chain POSTROUTING (policy ACCEPT 1 packets, 72 bytes)
pkts bytes target     prot opt in     out     source               destination
0     0 SNAT       all  –  *      venet0  10.9.0.0/24          0.0.0.0/0           to:111.140.170.134
0     0 SNAT       all  –  *      venet0  10.8.0.0/24          0.0.0.0/0           to:111.140.170.134
0     0 SNAT       all  –  *      venet0  10.9.0.0/24          0.0.0.0/0           to:111.140.170.134

Chain OUTPUT (policy ACCEPT 1 packets, 72 bytes)
pkts bytes target     prot opt in     out     source               destination
===================

*Test whether you are able to postroute the packets on VPS.

iptables -t nat -A POSTROUTING -s 10.9.0.0/24 -o venet0 -j SNAT –to 111.140.170.134

It should work.

Find Linux OS is 32 or 64bit.

There are several situations where you need to confirm whether your Linux OS installed  is 32bit or 64bit. People normally use uname -a to find it. But the following command will tell you exactly the machine   architecture.

Image result for Find Linux OS is 32 or 64bit.

getconf LONG_BIT

getconf utility shall conform to the Base Definitions volume of IEEE Std 1003.1-2001, Section 12.2, Utility  Syntax.

eg:

[root@localhost ~]# getconf LONG_BIT
32
[root@localhost ~]#

My machine is 32bit.

songbird! iTunes for Ubuntu

Songbird is a opensource music player that utilizes the cross platform frameworks and will runs in Linux, Apple, Solaris & Windows.

You can get it downloaded for free from here

Linux System Requirements :

glibc 2.3.4 or later

XOrg 1.0 or later

gtk+2.10 or later

fontconfig (also known as xft)

Image result for songbird! iTunes for Ubuntu

libstdc++6

1.5 GHz Pentium 4 or comparable

At least 512 MB of physical RAM

At least 100 MB of available space on your hard drive

16 bit sound card (Recommended: 32-bit Sound Card)

Speakers or headphones

Download the package and extract it.

tar -xzf Songbird_1.4.3-1438_linux-i686.tar.gz (replace with appropriate version)

cd Songbird

./Songbird

Accept the Terms & Conditions and the installation begins.

SELECT ADDON’S

ADDON INSTALLATION

INSTALLATION COMPLETED

WELCOME SCREEN

SONGBIRD SINGING!

Songbird has a cool user interface with lots of control options. It can sync with major music edition cell phones. Add a song or build a playlist, and Songbird automatically syncs it to your phone or MP3 player, so you’re never without your favorite music.

How to Hide Text in Notepad !!

Well who knew we could hide files with notepad?  Often you do all the coding for webpages in notepad and you gotta keep some of those hidden. What you do is look for a utility to hide your text. You simply don’t need it. There’s an easy hack to hide the notepad files. Let’s see how?

Before I begin let me tell you the text files you create with this hack won’t show up even with Windows or DOS whatever be the file settings. These files will only be accessible if you know the exact file name used while creating the file. Let’s begin with the steps,

Step 1

Launch the command prompt. Go to Run and Type cmd and press Enter.

Step 2

Use DOS command to get to the desired folder.

Step 3

Type in the notepad VisibleFile.txt:HiddenFile.txt and hit Enter. (These are just examples change the VisibleFile.txt or HiddenFile.txt filenames according to your choice)

When you are prompted to Create a New file, click Yes.

Step 4

Enter the data you want to hide. Next save the file and close the notepad.

Step 5

Go to the location where you have saved the file. You can see the VisibleFile.txt file (non-hidden) there. Now you can add any text of your choice.

Step 6

In order to open and read/write the hidden file. Type inVisibleFile.txt:HiddenFile.txt in the command prompt and press Enter.

That’s done and you hidden file HiddenFile.txt will not be visible under Windows Explorer or DOS. Remember deleting the visible file or the hidden (VisibleFile.txt)) will also delete the file (HiddenFile.txt).

How to transfer a c Panel account to DirectAdmin.

The file structure and back-ups for both control panels are entirely different and its quite difficult to restore the files transfered from one to another control panel manually. There is a script available which can convert a cPanel back-up to the format that of a DirectAdmin. The convert process is quite simple.

Download the conversion script from here .

*You can download it using the terminal :

wget -c http://kade.nu/da/da.cpanel.import.9.4.tar.gz

*Create two directories import and export :

mkdir import export

*untar the script

tar -xzf da.cpanel.import.9.4.tar.gz

You will get two files da.cpanel.import.pl and defaults.conf. da.cpanel.import.pl is conversion script and defaults.conf is the configuration file.

*Copy the cPanel back-up into the import directory.

*Edit defaults.conf to match the DA server IP and nameservers.

*Execute the script to get the back-up converted.

perl da.cpanel.import.pl

*Back-up could be found inside export directory and you may get it restored.

How to change Linux root password temporarily.

This is a simple technique by which you can have your our root password temporarily and change it back to the real one after use. The condition is

* You are logged in as root and you don’t know the root password

Image result for How to change Linux root password temporarily.

Back-up the current shadow file.

[root@localhost ~]# cp /etc/shadow /etc/shadowbkup

Change the current root password the desired one.

[root@localhost ~]# passwd root
Changing password for user root.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.

Now switch to a local user to test whether ‘your’ root password is working or not.

[root@localhost ~]# su – localuser ( localuser is an additional user )
[localuser@localhost ~]$ su – root
Password:
[root@localhost ~]#

Yes, you are now logged in as root with ‘your’ password.

Restore the previous root password, which is still unknown

[root@localhost ~]# mv /etc/shadowbkup /etc/shadow
mv: overwrite `/etc/shadow’? y
[root@localhost ~]#

This trick is meant for students and kindly do not misuse .