Install and configure MailWatch monitoring tool for MailScanner
MailWatch for MailScanner is a web-based front-end to MailScanner written in PHP, MySQL and JpGraph. It comes with a CustomConfig module for MailScanner which causes MailScanner to log all message data (excluding body text) to a MySQL database which is then queried by MailWatch for reporting and statistics.
1. Install Apache2, MySql server and PHP5 with required modules. You may already have some or all of these packages installed.
apt-get install apache2 php5-cli php5 mysql-server libdbd-mysql-perl php5-gd php5-mysql libapache2-mod-php5
Installing PEAR framework and packages
PEAR is a framework and distribution system for reusable PHP components.
1. Install the PEAR framework
get install php-pear
Configuring goldfish autoresponder for Postfix
goldfish is a quite simple autoresponder for Postfix in conjunction with MySQL, written in PHP. It consists of only one PHP file which can be started through a cronjob.
In this tutorial, it's assumed that you have already installed Postfix with MySql backend using this tutorial: Installing Postfix with MySql backend and SASL for SMTP authentication
1. Install PHP5-CLI (Command Line Interpreter) if it's not already installed
apt-get install php5-cli
Replacing OpenSSH server with dropbear
dropbear is a SSH 2 server and client designed to be small enough to be used in small memory environments, while still being functional and secure enough for general use.
It implements most required features of the SSH 2 protocol, and other features such as X11 and authentication agent forwarding.
1. Install dropbear
apt-get install dropbear
Prevent brute force attacks using fail2ban
fail2ban monitors log files such as /var/log/auth.log and /var/log/apache/access.log and temporarily or persistently bans failure-prone addresses by updating existing firewall rules. Currently, by default, fail2ban supports ssh/apache/vsftpd but configuration can be easily extended for monitoring any other ASCII file.
1. Install fail2ban
apt-get install fail2ban
Setup DomainKeys Identified Mail (DKIM) in Postfix
DomainKeys Identified Mail (DKIM) is a method for email authentication that allows an organization to take responsibility for a message it has sent in a way that can be validated by a recipient. The technique is based on public-key cryptography: Responsibility is claimed by the signer by adding a digital signature to a message's header, the DKIM-Signature header field. The verifier recovers the signer's public key using the DNS, and then verifies that the signed parts have not been altered.
1. Install DKIM filter
apt-get install dkim-filter
Tuning MySql with MySqlTuner to increase efficiency and performance
mysqltuner is a high-performance MySQL tuning script written in perl that will provide you with a snapshot of a MySQL server's health. Based on the statistics gathered, specific recommendations will be provided that will increase a MySQL server's efficiency and performance.
1. Install MySqlTuner
apt-get install mysqltuner
Installing PowerDNS Recursor
PowerDNS Recursor is a resolving DNS server, that runs as a separate process. The authoritative pdns_server can be configured to proxy recursive queries to the recursor, and optionally overlay authoritative zone data.
The Recursor is used by several of the largest Internet providers of the world, including AOL, Shaw Cable and Neuf Cegetel.
1. Install the pdns-recursor package
apt-get install pdns-recursor
Installing HAVP (HTTP Antivirus Proxy)
HAVP (HTTP Antivirus Proxy) is a proxy with a ClamAV anti-virus scanner. The main aims are continuous, non-blocking downloads and smooth scanning of dynamic and password protected HTTP traffic. Havp antivirus proxy has a parent and transparent proxy mode. It can be used with squid or standalone.
1. Install HAVP
apt-get install havp
Configuring port forwarding with rinetd
inetd redirects TCP connections from one IP address and port to another. rinetd is a single-process server which handles any number of connections to the address/port pairs specified in the file /etc/rinetd.conf. Since rinetd runs as a single process using nonblocking I/O, it is able to redirect a large number of connections without a severe impact on the machine. This makes it practical to run TCP services on machines inside an IP masquerading firewall.
1. Install rinetd
apt-get install rinetd
Hosting sponsor
Debian Tutorials
Tag Cloud
Categories
- Backup (2)
- Control Panel (1)
- DNS (3)
- FTP (2)
- General (4)
- Kernel (2)
- Mail (16)
- Monitoring (8)
- MySQL (13)
- Networking (4)
- PostgreSQL (1)
- Release (66)
- Security (13)
- Virtualization (4)
- Web (19)
- X (1)
Popular Tutorials
- Installing Zend Optimizer
- Installing ionCube
- Installing Zenoss monitoring system
- Installing and configuring PPTP VPN server on lenny
- Pure-FTPd with MySQL backend
- Installing Postfix with MySql backend and SASL for SMTP authentication
- Loading iptables rules on startup
- Installing DSPAM with ClamAV for Postfix on lenny
Ubuntu Tutorials – Latest
- Installing PEAR framework and packages
- Install mod_spamhaus Apache module to fight comment spam
- Installing ionCube
- Installing Zend Optimizer
- Disable root login to SSH