Friday, September 18, 2009

Reset Root password UBUNTU

If you forgot you password for your ubuntu system you can recover using the following steps

  1. Turn your computer on.
  2. Press ESC at the grub prompt.
  3. Press e for edit.
  4. Highlight the line that begins kernel ………, press e
  5. Go to the very end of the line, add rw init=/bin/bash
  6. press enter, then press b to boot your system.
  7. Your system will boot up to a passwordless root shell.
  8. Type in passwd username

Wednesday, September 16, 2009

SENDMAIL Notes 5: Sendmail - Aliases


    Aliases is used to handle mails to a non existing address. This will allow to redirect the msgs destined to a given name to a real user.
eg:-

postmaster: kiran@domain.com,jrkiran@domain.com

    So when a mail comes in sendmail will check the aliases db for the aliases defined for new msgs, and according to the aliases defined sendmail attempts to deliver the msgs to the delivery agent by adding or modifying the headers of the msg with aliases defined in aliase db.

The Aliases File:
Default Aliases in system:


MAILER-DAEMON:  postmaster
postmaster:    root

When a msg is bounced or problem delivering a msg the destination of the msg will be MAILER-DAEMON.
i.e, if a mail is send to a non existing user then the mail header is modified to MAILER-DAEMON as user.
This means the problem msg or bounced msg has to go some where, and sendmail delivers it to MAILER-DAEMON.
MAILER-DAEMON is aliased to postmaster, and postmaster aliased to root - hence the mail is delivered to root.

Aliases File is case insensitive:
The aliases defined in sendmail is case insensitive.
After changing the aliases no need to restart or reload the sendmail  service because in each and every request sendmail consults the db of aliases.

Types of aliases defined

There are 5 types of aliases:

1. 1-to-1 Aliases.(1 alias map to one local username)
eg:-

postmaster:    root
bin:    root
support:    kiran

    2. 1-to-many or 1-to-lists
eg:-

info:    kiran,jithu,rinz
sales:    hr,joe,nick

    3. using include directive in aliases file.
This will allow aliases to include the list from separate file
eg:-

finance:    :include:/full/path/to/list.list

"users or mail address in the list file can be separated by comma."
    4. File Redirection Aliases - Re-route the message to file
eg:-

abuse:    root,/var/log/abuse/mail
help:    /var/log/help

    All mail send to the user abuse will be re - routed in to /var/log/abuse/mail. This will help to collect the evidences of mail that is routed for given aliases. The file should not have the execute permission. Else sendmail will fail to write to this file
5.Redirecting the E-mail to PIPE (redirecting the output to an application)
    when a mail comes we can send the output to certain commands. for example if mail comes for the user john and the is in vacation then we can redirect the mail to the program "vacation" to send the automated reply.
eg:-

kiran:    "|/usr/bin/vacation kiran"

Creating a aliases
Add entry

#vim /etc/mail/aliase
support:    kiran

Update db

#newaliases

Test the aliase file

#sendmail -bi

Test the aliase

# sendmail -bv support
kiran... deliverable: mailer local, user kiran

    This means aliases support is deliverable, and it uses mailer local, and user who ultimately get msg.

Vacation Program
To enable the vacation program for an user called fazi install the vacation program that comes along with the sendmail binary.

Create a forward file

# vim ~/.forward
\fazi, "|/usr/bin/vacation -t0 fazi"

Now create the msg that needed to be auto reply.

# vim ~/.vacation.msg
Hi Thanks for you mail !
hai i am on vacation
will ping you once i'm back

This will invoke an automated reply to the sender including the msg body from the file .vacation.msg.

SENDMAIL Notes 4 : Sendmail Logs Analyze

Mail logging configuration in syslog.conf

#grep -i mail /etc/syslog.conf
# Log anything (except mail) of level info or higher.
*.info;mail.none;authpriv.none;cron.none            /var/log/messages
# Log all the mail messages in one place.
mail.*          ;     -/var/log/maillog

logging format of syslog.conf

#facility.severity    destination

    facility      = mail, kern etc
    severity    =  info,err,warn,debug
    destination = /var/log/messages, /var/log/maillog

/var/log/messages will be logged other than all mail logs, i.e no maillogs will be logged to /var/log/messages and /var/log/maillog will be logged with all the mail activities.

To log the mail activities separately use the following option in /etc/syslog.conf

mail.*        -/var/log/mail
mail.info    -/var/log/mail.info
mail.warning    -/var/log/mail.warn
mail.err    -/var/log/mail.err

This will log separately to each files

MailLog format:

Ack Log for msg received in MTA:


Sep 13 09:08:36 centos sendmail[6265]: n8D58YWM006265: from=, size=640, class=0, nrcpts=1, msgid=<200909130508.n8D58Y1x006264@centos.com>, proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1]

explore:
Daily Time stamp: message came from server: Daemon: Process ID: queue ID: From Server: size of message: class: number of recipient: msg id: relay=root@localhost (who has send the message from which host)

MSG Delivery Log:


Sep 13 09:08:36 centos sendmail[6268]: n8D58YWM006265: to=, ctladdr= (502/502), delay=00:00:01, xdelay=00:00:00, mailer=local, pri=30830, dsn=2.0.0, stat=Sent

explore:
Time stamp:hostname:daemon:PID:queue ID: to=recipient:ctladdr=is the local user who sends the msg (ctladdr user ID /& Group ID):delay=is expressed the amount of time between the msg recieved and delivered:xdelay=amount of time taken to transfer the msg (from user to user or host to host):mailer=the type of the mailer used in sendmail:pri=priority:dsn= Delivery Status Notification(Email Delivery Error Codes ):status=status of msg delivery 

Email Delivery Codes: Errors (Delivery Status Notification: DSN)
   

How many times you got your outgoing emails back and wondered what is wrong with it? Every time when your email can not be delivered, the SMTP server sends you a notification, which includes a standard error message, associated with the real problem.
     Each code is composed of three digits (X.X.X). The first digit gives the status of the email message:

  • 2 means the email was succesfully sent;


  • 4 means there was a temporary problem while sending the email (your email server may try to send it again or you have to resend it, depending on your server settings). Such error messages are using codes like 4.X.X, where X.X are used in order to give more precise information about the error;


  • 5 means there is a permanent/fatal error related to the email (the email address of the receiver does not exist, it doesn't accept emails from you, etc). Such error messages are using codes like 5.X.X, where X.X are used in order to give more precise information about the error.


  • Here is a complete list of email delivery error codes, based on the Extended SMTP (ESMTP) standards, where X can be 4 or 5, depending on the error type (Persistent Transient or Permanent):
    • X.1.0 Other address status
    • X.1.1 Bad destination mailbox address
    • X.2.0 Bad destination system address
    • X.1.3 Bad destination mailbox address syntax
    • X.1.4 Destination mailbox address ambiguous
    • X.1.5 Destination mailbox address valid
    • X.1.6 Mailbox has moved
    • X.1.7 Bad sender's mailbox address syntax
    • X.1.8 Bad sender's system address
    • X.2.0 Other or undefined mailbox status
    • X.2.1 Mailbox disabled, not accepting messages
    • X.2.2 Mailbox full
    • X.2.3 Message length exceeds administrative limit.
    • X.2.4 Mailing list expansion problem
    • X.3.0 Other or undefined mail system status
    • X.3.1 Mail system full
    • X.3.2 System not accepting network messages
    • X.3.3 System not capable of selected features
    • X.3.4 Message too big for system
    • X.4.0 Other or undefined network or routing status
    • X.4.1 No answer from host
    • X.4.2 Bad connection
    • X.4.3 Routing server failure
    • X.4.4 Unable to route
    • X.4.5 Network congestion
    • X.4.6 Routing loop detected
    • X.4.7 Delivery time expired
    • X.5.0 Other or undefined protocol status
    • X.5.1 Invalid command
    • X.5.2 Syntax error
    • X.5.3 Too many recipients
    • X.5.4 Invalid command arguments
    • X.5.5 Wrong protocol version
    • X.6.0 Other or undefined media error
    • X.6.1 Media not supported
    • X.6.2 Conversion required and prohibited
    • X.6.3 Conversion required but not supported
    • X.6.4 Conversion with loss performed
    • X.6.5 Conversion failed
    • X.7.0 Other or undefined security status
    • X.7.1 Delivery not authorized, message refused
    • X.7.2 Mailing list expansion prohibited
    • X.7.3 Security conversion required but not possible
    • X.7.4 Security features not supported
    • X.7.5 Cryptographic failure
    • X.7.6 Cryptographic algorithm not supported
    • X.7.7 Message integrity failure
    Note:
    For checking the mail log - Better to grep the queue id from maillog to check the msg status:

    # grep queueid /var/log/maillog
    # grep "Aug 15" /var/log/maillog

    Tuesday, September 15, 2009

    SENDMAIL Notes 3 - Sendmail msg delivery

      Sendmail MTA decides whether the mail has to be delivered locally or remotely. if locally it will place to the mail box or uses the SMTP protocol.And if the destination of the mail is remote then it delivers through the SMTP protocol.

    Local Mail Delivery:

    Locally sendmail MTA places mails to /var/spool/mail/$USER
    now the MUA (mutt/mail) (mail clients) will spool the mail from the /var/spool/mail/$USER and will place in the users home directory, either mbox or Maildir/

    Route of Local mail delivery:

    sendmail -> MSP (MSP sends to Clientmqueue directory) -> MTA -> sends the message described as in local mailer sends to procmail -> /var/spool/mail -> MailClient -> $user home

     Sendmail injects msgs to MSP which moniters the clientmqueue then msgs is taken by MTA which checks whether the mail is for local delivery or not. if so the MTA will invoke procmail which puts the msgs in the users mail box /var/spool/mail/$user according to procmail filter rules. Then the mail client copies the mail to users home directory. Usually the msg client reads the mail from /var/spool/mail/$user.

    Mailbox:

    MBOX:
    mbox is the traditional way of saving messages in users home directory,Nearly all MTA's and POP/IMAP daemons know how to deliver to mbox. This format simply appends each received message into a file called "inbox". Out of the box, nearly all MTA's will come configured this way, and it does have decent performance for a lightly loaded mailserver.

    Maildir:
    This sets up a directory structure whereby each message that is received is it's own file. This is how most major mail hosting providers run their infrastructure. The reason being is that when a user checks their email, or the MTA has to deliver a newly received message, it does not have to open up a single file and append/read to/from it. This comes into play when a user has a lot of stored mail on the server.


    Sending mail from shell

    #sendmail -v kiran

      will send the mail to user kiran.this will show the details in verbros.
    Analyze the verbose output.
    the out put which starts with ">>>" indicates that the command is issued by local sendmail command
    "250" "any 3 digit number" indicates that the command is done by MTA.
    if the 3 digit is ending without "-", this is the indication to the local mail client saying that the MTA server has finished its output.

    SENDMAIL Notes 2 - Running Sendmail As MSP & MTA

    Sendmail As Mail-Submission-Program MSP

                 In MSP mode sendmail will accept messages injected in to the queue from local users, scripts or program locally and delivers the msg when the msg deliver agent MTA is available.

    Starting sendmail as MSP:

    #/usr/sbin/sendmail -L sm-msp-queue -Ac -q30m


    -L                    = Set  the identifier used in syslog messages to the supplied tag
    sm-msp-queue = Tag that denotes sendmail as running in msp queue mode, which accepts local msgs injected in to queue.
    -Ac                      = instructs sendmail to use the alternate config file instead of sendmail.cf file, i.e the submit.cf file
    -q30m                 = this is the queue runner, which will re run the queue after given time if the mail is delivered.

    Now check the process is running successfully by
    #ps -ef |grep sendmail
    -------
    smmsp     3023     1  0 17:22 ?        00:00:00 sendmail: Queue runner@00:30:00 for /var/spool/clientmqueue
    -------
    sm-client.pid is the file inside /var/spool/clientmqueue with the process id .

    Killing /stoping the sendmail


    #cat sm-client.pid
    #kill `cat sm-client.pid`

    so the sendmail msp will be killed

    Testing the sendmail as MSP

    #sendmail kiran


    Now the mail will be accepted by MSP in the queue.
    this wont be delivered to destination because now the MTA is not running in the machine. So it is queued under /var/spool/clientmqueue
    there are 2 types of files created in the clientmqueue director
    df* = file contains the message body
    qf* = file contains the message headers
    So while running the sendmail in MSP mode it will accepts the messages from programs/users and for delivery/relay of the mail we need MTA.



    To show the details of Logging Process of the mail program
    #grep -i mail /etc/syslogd.conf


    Sendmail As Mail Transfer Agent - MTA

    # sendmail -L sm-mta -bd -q1h

    -L sm-mta  = Set  the identifier used in syslog messages to the supplied tag and name the tag as sm-mta
    -bd              = Running sendmail daemon in background
    -q1hr          = queue refresh happens in every 1 hr

              This will invoke sendmail as daemon and will bind to the port 25.

    Now check the sendmail process in the system -
    # ps -ef |grep sendmail

    smmsp     4725     1  0 18:46 ?        00:00:00 sendmail: Queue runner@00:30:00 for /var/spool/clientmqueue
    root      5238     1  0 19:27 ?        00:00:00 sendmail: accepting connections

        The first process concern with MSP which will accepts the messages from programs/users
        The second Process runs as MTA which will run as Mail Transfer Agent

    Now create the sendmail start up script to run the sendmail on boot. Refer the online sendmail startup scripts

    To Clear the queue created by MSP while MTA was down kill the sendmail with MSP and re-run the sendmail as MSP this will force sendmail MSP to submit the mails in the clientmqueue to MTA.


    #kill `cat sm-client.pid`
    #sendmail -L sm-msp-queue -Ac -q30m

    Sunday, September 13, 2009

    SENDMAIL Notes 1 - Installing Sendmail from Source Code

    Topics
    Compiling Installing and Testing Sendmail


    1. Download sendmail & GPG Key

    #wget ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.2.tar.gz
    #wget ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.2.tar.gz.sig


    2. Download the GPG key and check the integrity of the file

    Check md5sum
    #md5sum ssendmail.8.14.2.tar.gz
    #md5sum ssendmail.8.14.2.tar.gz.sig

    compare with md5sum in the website for both packages 

    GPG Key Check
    #gpg --import sendmail_gpgkeys
    #gpg --verify sendmail.8.14.2.tar.gz.sig sendmail.8.14.2.tar.gz


    3. Install sendmail

    Step1:

    Extract the downloaded archieve

    # tar -zxvf sendmail.8.14.2.tar.gz
    # cd sendmail-8.14.2
    #ls

        Lists the folders inside the source code below are some important Folders inside the source code:
    cf:
       contains sample config files ideal for enviornment
    contrib:
       contains the source code provided by third party
    doc:
        documentations
    libmilter:
       plugins for clamav, spamassassin etc
    makemap:
       makemap utility for the configurations
    mailstats:

    sendmail:
       contains the sourcefiles with the Bulid exicutable which uses for installation

    Step2:


    Bulding the source code
    #cd sendmail-8.14/sendmail
    #./Build
    #cd ../obj.Linux.2.6.18-128.el5.i686/


      This directory contains all the binaries & object files

    Step3:
     Now go to other directories Build & install the binaries & configurations

    # cd ../cf/cf

      Here we can find the platform specific configuration files of sendmail, each *.mc file contains corresponding *.cf file
    so check for generic-linux.mc and copy to sendmail.mc file to create the configuration file. sendmail.cf file is used by sendmail while running as a MTA (mail Transmission Agent)
    We need the submit.mc file as well. this file is used by sendmail while running as Mail Submission Program (MSP)
    submit.mc is used while local mail submition to sendmail queue

    # cp generic-linux.mc sendmail.mc
    #ls

       now we have both mc files submit.mc & sendmail.mc file in place

    # ./Build install-cf

     (install-cf Installs the configuration files) This will run the m4 process which will export the submit.mc & sendmial.mc to /etc/mail by creating the *.cf file

    # ls /etc/mail

    check the /etc/mail directory folders for the sendmail.cf and submit.cf file

    Step4:


    Now add the user&group so that a portion of sendmail can be run without the root privilage,the sendmail daemon runs with root privilages so this step is needed to avoid the security issue

    #useradd smmsp
    #groups smmsp


    Step5:

    Now install the main binary files

    #cd sendmail-8.14.2/sendmail
    #./Build install
    #ls -al /usr/sbin/sendmail


    Step6:

    Now go to directory makemap and build and install the makemap utility
    #cd ../makemap
    #./Build
    #./Build install


    Step7:

    Now go to mailstats directory - Build & install mailstats
    # cd ../mailstats/
    # ./Build && ./Build install


    Post Installation Chores:

    Check the sendmail configurations and files are correct


    # sendmail -v -bi
       this will show the errors in configurations, permission problems, alias problems etc.

    In my case it given error for /etc/mail/local-host-names & /var/spool/mqueue/
    so we need to define the file /etc/mail/local-host-names
     

    Note:

    When sendmail receives mail, it needs a way of determining whether it is responsible for the mail it receives. It uses the /etc/mail/local-host-names file to do this. This file has a list of hostnames and domains for which sendmail accepts responsibility. For example, if this mail server was to accept mail for the domains my-site.com and another-site then the file would look like this:
    -------
    my-site.com
    another-site.com
    -------


    Create the local-host-name file

     
    #echo "localhost" > /etc/mail/local-host-names

    When Sendmail functions as MTA it stores file in /var/spool/mqueue/ directory.So this directory is very much in need.


    in MTA: If the mail delivery is not happening with respect to any config issues or unavailability of the mail destination the mails are stored in /var/spool/mqueue/ directory
    in MSP: if mail delivery is not happening it stores mail in clientmqueue directory

    #mkdir /var/spool/mqueue/
    #chmod 700 /var/spool/mqueue/

    #chown smmsp:smmsp /var/spool/clientmqueue
    #chmod 770 /var/spool/clientmqueue



    Now again run the sendmail checking utility
    #sendmail -v -bi

     
    If can see the /etc/mail/aliases file is missing, go to sendmail source code directory and copy the aliases file to /etc/mail and generate the db file of aliases

    #cd sendmail.8.14/sendmail
    # cp aliases /etc/mail/
    #newaliases

     
        if the db converting tools (db4 & db4-devel) are not installed before the sendmail compilation we have to install the db tools which is required for aliases databases creation, then recompile the sendmail source code to include the utility.

    Now again run the sendmail checking utility
    #sendmail -v -bi


    Now this gives the tottal number of aliases in the aliases file. This means that we have installed the sendmail packages correctly.
     

    Man page error while compiling
    Because the sendmail assumes that the man page directory as /usr/man and normal linux systems uses /usr/share/man
    so creating a soft link of /usr/share/man to /usr will solve this issue
    #ln -s /usr/share/man /usr

     

    So using the same method we can install all the binaries available with in the sendmail sorce-code to get a full fledged sendmail server.
    Note:-
         The /etc/hosts file should be updated properly to work sendmail smoothly.