Archive

Monthly Archives: August 2009

cd /usr/local/src
wget http://monkey.org/~provos/libevent-1.3e.tar.gz
tar -zxf libevent-1.3e.tar.gz
cd libevent-1.3e
./configure
make
make install

The output of “make install” is very important as it lets you know where the compiled module was installed. The default library location is
/usr/local/lib. Open the configuration file;

vi /etc/ld.so.conf.d/libevent.conf (add the entry ‘/usr/local/lib’ )
Check whether the libevent is completely installed.
ldconfig -v |grep libevent

Now you can install the “Memcache” module.

wget http://danga.com/memcached/dist/memcached-1.2.4.tar.gz
tar zxvf memcached-1.2.4.tar.gz
cd memcached-1.2.4
./configure
make
make install

Now you can check whether the Memcache module has properly installed.

which memcached
/usr/local/bin/memcached -d
memcached -d -m 256 -u nobody -p 11211 -l 192.x.x.x (Server IP)
ps -ax |grep memcached
netstat -plan |grep memcached

by default the ulimit is set to 1024 only, first u need to increase system wise with

“fs.file-max = 65536”

adding this one in sysctl.conf

and then “sysctl -p”

switch to /etc/securitty/limits.conf and add ther following lines

* hard nofile 65536
* soft nofile 16384

switch 2 user for which u need to increase the file-max for, with this the default for all users will be 16384,

u can increase with ulimit -n XXXX now

Install qmhandle-1.3.2 from:

http://downloads.sourceforge.net/sourceforge/qmhandle/qmhandle-1.3.2.tar.gz?use_mirror=nchc

cd qmhandle-1.3.2
./qmHandle -s
shows the stats of mails.

To view the mails in queue, please do

# /var/qmail/bin/qmail-qstat
messages in queue: 758
messages in queue but not yet preprocessed: 0

Let’s examine the queue with qmail-qread. Seeing a bunch of strange email addresses in the recipient list usually it’s meaning spam.

# /var/qmail/bin/qmail-qread

Please examine the email content of the emails in the queue using vi or cat  command. Firstly we should find message’s id using qmail-qread, then find the file holding the email in/var/qmail/queue with find command.

# find /var/qmail/queue/ -name (msg id)

Find the IP address from the mail header and remove spam from the queue using qmail-remove

Now, remove spams, they all will end up in the/var/qmail/queue/yanked directory :

# /etc/init.d/qmail stop

# qmail-remove -r -p ‘mail@address.com’

In a few minutes we do have more emails with the same patterns from the same ip address. That’s great, we do have opportunity to examine smtp traffic from the spammer’s ip address. Run tcpdumpand wait a few minutes.

# tcpdump -i eth0 -n src xxx.xxx.xxx.xxx \or dst xxx.xxx.xxx.xxx -w smtp.tcpdump -s 2048

Examining log file with vi we found that spammer is sending spam using LOGIN authentication:

—————————————————

220 ulise.domain.com ESMTP
ehlo User
250-ulise.domain.com
250-AUTH=LOGIN CRAM-MD5 PLAIN
250-AUTH LOGIN CRAM-MD5 PLAIN
250-STARTTLS
250-PIPELINING
250 8BITMIME
AUTH LOGIN
334 VXNlcm5hbWU6
dGVzdA==
334 UGFzc3dvcmQ6
MTIzNDU=
235 go ahead

—————————————————

Then decode the user/pass to see which account is used:

# perl -MMIME::Base64 -e ‘print decode_base64(”dGVzdA==”)’ test

# perl -MMIME::Base64 -e ‘print decode_base64(”MTIzNDU=”)’ 12345

So, someone created a test account with a weak password and someone else guessed it and is sending spam through the server.

Let’s find the domain owning of the mailbox:

[root@ulise ~]# mysql -uadmin -p`cat /etc/psa/.psa.shadow` psa

mysql> SELECT m.mail_name, d.name, a.password FROM mail AS m LEFT JOIN (domains AS d, accounts AS a) ON (m.dom_id = d.id AND m.account_id = a.id) WHERE m.mail_name=’test’ AND a.password=’12345′;
+———–+————+———-+
| mail_name | name       | password |
+———–+————+———-+
| test      | example.com | 12345    |
+———–+————+———-+
1 row in set (0.01 sec)

Next step is to delete test mailbox and send a warning to client.

To improve your server’s security you’ll need to enable:
Server -> Mail -> Check the passwords for mailboxes in the dictionary

Reference : http://www.cherpec.com/2008/07/plesk-howto-debug-spam-problems/

nokia-e632The Nokia E63 is an Eseries messaging device with a full qwerty keyboard designed for comprehensive messaging and internet experience. Nokia E63 has two customizable home screens, which let users switch easily between business and personal applications. Other features include Eseries one-touch keys, intelligent input (including auto-correction, auto-completion and learning ability), Nokia Calendar & Contacts, Nokia Maps, a 2-megapixel camera, FM Radio, music player and e-mail support, including Mail for Exchange among others. Supported WCDMA frequencies depend on the region where the device is available.

WiFi, 3G,Multimedia,..etc

Some Tips and Tricks:-

On the main screen:
Pressing * button for longer time, switches on bluetooth.
Pressing # button for longer time, switches phone to silent mode.
Pressing 0 will start the web browser.

Left Soft Key then Fn ( or * ) locks the keypad.
Hold End/Red to disconnect all data connections.
Hold Left Soft Key to read out new text messages.

Web browser shortcuts
1 for bookmarks.
2 to find something on a page.
3 to return to the previous page.
5 to tab open windows.
* to zoom in.
# to zoom out.
8 for page overview.
9 to go to a different web page.
0 to got to the homepage.
Hit the Backspace key to close the current window.

Email Setup [POP/IMAP4]

1.Click on Set up Email
2.Start>>Yes
3.ENTER UR EMAIL id
4.enter ur password
5. Click >>OK
6.u will c gmail/yahoo/etc in ur messaging
7.Connect to mailbox? >>YES
8.Now u can retrieve ur mails directly on ur phone :))

Gallery shortcuts

Green Call to send the image.
Fn + * for full screen.
Fn + 7 to zoom in. Press twice for the full screen size.
Fn + 4 to scroll left while in the zoomed image.
Fn + 5 to zoom in.
Fn + 3 to rotate right.
Fn + 2 to scroll up while in the zoomed image.
Fn + 1 to rotate left.
Fn + 0 to zoom out.
Downloads :-