Archive for the ‘ovSAGE’ Category
October 14th, 2010 | 
Author: Title: October Meeting
Location: The Pythian Group
Link out: Click here
Description: This will be an open topic meeting, so bring a few questions. I want to talk about some tools I’ve seen recently and some of the happenings in the community.
Start Time: 19:00
Date: 2010-10-21
End Time: 21:30
Posted in 
We had a great presentation by Jeff Green on his ethical hacking site group51. He provided the slides that were presented and I’ve placed them in the download section of the site.
Jeff also encouraged the members to sign up and contribute. He needs assistance on the site management and daily maintenance as it is becoming more than a single person job. If you have the bandwidth and the inclination, help out.
We also had a short discussion on the whole mess that is OLGF and the feasibility of either organizing one of our own or seeing if there is a way to assist with the existing one. Nothing definite came of the discussion, however there was sufficient interest to make it a topic for further discussion.
I have uploaded the config files I talked about during the meeting. These files make reference to some extra items such as greylisting and spamassassin, as well as the use of self-signed SSL certificates. You will notice a new menu item on the site under About called ovSAGE Downloads. Go there for the tarball which contains the default and production files as well as diff files for each pair.
The main documents for all of this are located on the CentOS website. The following items describe the docs and their locations:
- If you are starting over, the basic postfix install document is located here: Postfix HOWTO
- In order to do the greylisting under postfix, have a look at the Greylisting HOWTO
- To get spamassassin running, you need the spamassassin rpm installed. There is a HOWTO on using it along with anti-virus software at PostfixMail.com. I believe I just installed the package, enabled it and ran the update rules script to get it working. This site is a little more ambitious.
- One final item is creating and managing self-signed SSL certificates. I normally do this from the command line, but I had heard of a project for keeping track and managing them. It’s called tinyCA and you can find it at sm-zone.net. It usesĀ X-windows, so you will need to run it on one of your unix boxes. I can go over the usage next meeting after the presentation, but it is pretty straight forward and playing with it should work out OK. Don’t worry if you mess up at first, just revoke and delete any bad certificates. Unless you are a security paranoid and like generating certificates, make your certs longer than one year.
I think that covers everything. I am using all of the stuff we discussed to redo the ovsage mail server and provide authenticated SMTP from outside as well as secure IMAP access for my smartphone and laptop.
A future session will cover setting up squirrelmail as an SSL protected web front-end to your mailserver. As I have not installed this yet, I’ll probably do it live so you can all see it being done.
I’ve been delaying doing an upgrade to the latest-greatest until I had a few free hours. I made all the necessary backups, made a database backup and clicked on the upgrade button (This is a major revision upgrade). less than 2 minutes later, the whole upgrade is complete, the database has been upgraded and it looks like all the plugins are happy as well.
Another ringing endorsement for WordPress.
It looks like my remaining hard drive on the old web server is finally giving up the ghost. I will be migrating everything over to the new server this weekend, so there may be additional outages when I decide to make the cut-over, but this should be a flash cut via a firewall rule change.
I was a bit surprised when I checked the site earlier and nothing happened, attempts to log onto the server were also met with no response. A quick check on the hardware and I saw the message: Disk0: Fail, Disk1: Fail on the RAID enclosure. It’s really too bad the box doesn’t support drives larger than 80GB, but it was made many years ago. It’s also too bad I couldn’t find an additional 20GB disk in my collection with sufficiently close drive parameters to fix the mirror. Oh well, I’ve been putting it off for months now, so this is the best time to do it.
![](\\\"http://i.creativecommons.org/l/by-sa/2.5/ca/88x31.png\\\")