CentOS: Securing Sendmail with TLS

One of the most common uses of network systems is for e-mail-basedcommunications. As such, a great deal of attention has been given to securing e-mail systems. Howe
ver, most of this focus has been in two areas – security at the message level, using PGP or S/MIME, and confidentiality in the authentication process for mail retrieval, i.e., using APOP or SSL-based IMAP. This still leaves mail server-to-server traversal vulnerable to several attacks.

The introduction of basic cryptography into a mail server-to-server session alleviates most of these risks. Mail transport agents(MTA) and software such as Sendmail or Postfix can be augmented to handle their communications over transaction layer security(TLS) channels. This provides for a number of services, including confidentiality, integrity protection and strong authentication.

This article will introduce the features and use of SMTP over TLS as defined in RFC 2487, as well as illustrate their setup in the Sendmail package. We will cover cryptography basics, though not delve into the mathematics of cryptosystems and simple mail transfer protocol (SMTP) and extended simple mail transfer protocol(ESMTP) basics.

Some Basics of Cryptography

“CentOS: Securing Sendmail with TLS”Continue reading

VIM: Changing all HTML tags to lowercase

One part of converting from HTML to XHTML is changing all the tags to lowercase. If you open your HTML file in Vim, this task may be done with this piece of Vim magic:

:%s/<\/\?\zs\(\a\+\)\ze[ >]/\L\1/g

Note that this will change tag names only. To change tag attributes to lowercase as well (multiple attributes supported), use this command:

“VIM: Changing all HTML tags to lowercase”Continue reading

Disabling listening IPv6 in config file of Apache2 server

By default, Apache will listen on all IPs, both IPv6 and IPv4.
This is controlled by the Listen directive:

root@localhost ~ # egrep -r Listen /etc/apache2
...
/etc/apache2/ports.conf:Listen 80
...
root@localhost ~ # 

To turn off IPv6 in Apache, just change the Listen directive to:

Listen 0.0.0.0:80

This will limit Apache to listening only to IPv4 connections. Repeat this for port 443 if you want to stop Apache from listening for HTTPS on IPv6.

Using file of system logrotate for compression mongodb log files

Just insert next code to the /etc/logrotate.d/mongodb:

   /var/log/mongodb/mongodb.log {
           size 10M 
           missingok
           rotate 14
           compress
           notifempty
           mail root@localhost
           create 0640 mongodb nogroup
           postrotate
             killall --signal USR1 mongod
             find /var/log/mongodb -type f -regex '.*/mongodb\.log\.[-0-9]+T[-0-9]+$' -exec rm {} \;
           endscript
  }       

Installing Ruby, Gem, Thin and Redmine on Linux in User Space with CloudLinux

Ruby is best known as the language behind the rails web application framework. However, it is a very flexible general purpose language that can be used for tasks of direct interest to R Developers (parsing files, interacting with databases, processing XML or JSON, math functions, statistics, machine learning, etc).

If you do not have root access on a Linux server, you may still be able to install the ruby language and rubgems. Start by checking the version currently installed (if any):

user@lve [~]# which ruby
/usr/bin/ruby
user@lve [~]# ruby --version
ruby 1.8.7 (2009-06-12 patchlevel 174) [x86_64-linux]
user@lve [~]# 

“Installing Ruby, Gem, Thin and Redmine on Linux in User Space with CloudLinux”Continue reading

Scroll to top