Steps to Catch Spammers & Scammers on cPanel Servers

[Note] >>: To enable extended loggin in exim to trace nobody mails,Try the following trick>> :--

1-- Edit /etc/exim.conf

2--  On the second line add  >>:-

log_selector = +address_rewrite +all_parents +arguments +connection_reject
+delay_delivery +delivery_size +dnslist_defer +incoming_interface
+incoming_port +lost_incoming_connection +queue_run +received_sender
+received_recipients +retry_defer +sender_on_delivery +size_reject
+skip_delivery +smtp_confirmation +smtp_connection +smtp_protocol_error
+smtp_syntax_error +subject +tls_cipher +tls_peerdn

[note] * Make sure all that comes on a single line

3--  Save and exit.

4--  Restart Exim.

5--  tail -f /var/log/exim_mainlog 

*********************************

FATAL ERROR

>> Steps are given below >>:--

******************************************

1- Please enable it :-

                  register_globals is disabled in php.ini

2- This can be corrected by creating a file named php.ini in this sites folder & placing the following value on the first line :-

                   register_globals = on

*******************************************

To delete mailnull bounced mail

Just fire the given command  below :--




**************
cd /var/spool/exim/input
grep -lir mailnull * | xargs rm -fv


**************

When a user's mailbox is showing set in mailenable as well as in plesk but you still get an error during delivery try this

** Goto %plesk_dir%/mailservers/mailenable/config

**  Take a backup of ADDRESS-MAP.TAB 

** Open ADDRESS-MAP.TAB in wordpad

**************************************************************************

You should see mailboxes in this format >:-

 

[SMTP:abuse@securediscovery.com]    

[SF:securediscovery.com/harry] 

      

 securediscovery.com    0

Each mailbox MUST be in one line,

 

if you see a line break eg;

[SMTP:abuse@securediscovery.com]   

 [SF:securedisry.com/harry]          

 securediscovery.com    0

Edit the text and make sure its in ONE line.Almost all the time, when a line breaks, 

some characters are missing,so when you edit-make sure the there are no missing characters 

in that line,This is very important and should be done carefully.

<< Important  >>:-

Once this is done, restart mailenable and test that mailbox.

**************************************************************************

behavior of apache [ mysql ]

//** Sometimes such behavior of apache/httpd [ taking more & more memory until it dies or crashes the server ] 

can be caused by corrupted MySQL database. **//

<< Try to do the following scripts  >> :-

1] Kill the mysql server :-

      /etc/rc.d/init.d/mysql stop

2] Repair all SQL databases :-

      myisamchk -r /var/lib/mysql/*/*.MYI

3] Start mysql again :-

     /etc/rc.d/init.d/mysql start

*************--------------**************

Linux Most Important Basic Commands

/* << This are some quick command which are useful for beginners and as well as experts in Linux >> */

alias
 
     'USE'-> Create an alias.

----------------------------

awk  
 
    'USE'-> Find and Replace text, database sort/validate/index.

----------------------------

break

    'USE'-> Exit from a loop.

----------------------------

builtin

    'USE'-> Run a shell builtin.

----------------------------

cal    

    'USE'-> Display a calendar.

----------------------------

case  

    'USE'-> Conditionally perform a command.

----------------------------

cat  
 
    'USE'-> Display the contents of a file.

----------------------------

cd    

    'USE'-> Change Directory.

----------------------------

cfdisk

    'USE'-> Partition table manipulator for Linux.

----------------------------

chgrp

    'USE'-> Change group ownership.

----------------------------

chmod
 
    'USE'-> Change access permissions.

----------------------------

chown  

    'USE'-> Change file owner and group.

----------------------------

chroot

    'USE'-> Run a command with a different root directory.

----------------------------

cksum
 
    'USE'-> Print CRC checksum and byte counts.

----------------------------

clear
 
    'USE'-> Clear terminal screen.

----------------------------

cmp  

   'USE'-> Compare two files.

----------------------------

comm  

   'USE'-> Compare two sorted files line by line.

----------------------------

command

   'USE'-> Run a command - ignoring shell functions.

----------------------------

continue
 
   'USE'-> Resume the next iteration of a loop.

----------------------------

cp        

   'USE'-> Copy one or more files to another location.

----------------------------

cron  

   'USE'-> Daemon to execute scheduled commands.

----------------------------

crontab

   'USE'-> Schedule a command to run at a later time.

----------------------------

csplit

  'USE'-> Split a file into context-determined pieces.

----------------------------

cut    

  'USE'-> Divide a file into several parts.

----------------------------

date  

  'USE'-> Display or change the date & time.

----------------------------

dc    

  'USE'-> Desk Calculator.

----------------------------

dd    
 
  'USE'-> Data Dump - Convert and copy a file.

----------------------------

declare

  'USE'-> Declare variables and give them attributes.

----------------------------

df    

  'USE'-> Display free disk space.

----------------------------

diff  

  'USE'-> Display the differences between two files.

----------------------------

diff3  

  'USE'-> Show differences among three files.

----------------------------

dir    

  'USE'-> Briefly list directory contents.

----------------------------

dircolors

 'USE'-> Colour setup for `ls.

----------------------------

dirname

 'USE'-> Convert a full pathname to just a path.

----------------------------

dirs  

  'USE'-> Di

**********************************************************

How to control various Process in linux

ps   

 

**USE**--({ =print status} Display the list of currently running processes with their process IDs [PID] numbers, Use ps axu to see all processes currently running on your system {also those of other users or without a controlling terminal}, Each with the name of the owner, Use "top" to keep listing the processes currently running.), 

-----------------------------------------------------------------------

 

fg PID  

 

**USE**--( Bring a background -or- stopped process to the foreground.), 

-----------------------------------------------------------------------

 

bg PID  

 

**USE**--( Send the process to the background, Opposite to <fg>, The same can be accomplished with <Ctrl>z,  If you have stopped jobs, you have to type exit twice in row to log out.), 

-----------------------------------------------------------------------

 

any_command   

 

**USE**--( Run any command in the background [The symbol "&" means "run the proceeding command in the background"]  ),. 

-----------------------------------------------------------------------

 

batch any_command  

 

**USE**--( Run any command [usually one that is going to take more time] when the system load is low, I can logout,& the process will keep running. ).

-----------------------------------------------------------------------

 

at 17:00   

 

**USE**--( Execute a command at a specified time,  You will be prompted for the command[s] to run, until you press <Ctrl>d). 

-----------------------------------------------------------------------

 

kill PID  

 

**USE**--( Force a runing process shutdown, First determine the PID of the process to kill using ps),

-----------------------------------------------------------------------

 

killall program_name   

 

**USE**--( Kill program[s] by name. ),

-----------------------------------------------------------------------

 

xkill   

 

**USE**--( [In an X-Window terminal] Kill a GUI-based program with mouse, [Point with your mouse cursor at the window of the process you want to kill & click}.) ,

-----------------------------------------------------------------------

 

nice program_name  

 

**USE**--( Run program_name adjusting its **priority**, Since the priority is not specified in this example, it will be adjusted by 10 [ultimatly process will run slower], [from the default value (usually 0], The lower the number [of "niceness" to other users on the system], The higher the priority, The priority value may be in the range -20 to19, Only root may specify negative values. **Use "top" to display the priorities of the running processes**),. 

-----------------------------------------------------------------------

 

renice -1 PID  

 

**USE**--( [as root] Change the priority of a running process to -1, Normal users can only adjust processes they own & only up from the current value [which make them run slower],

-------*****-------*****-------*****-------*****-------*****-------*****-------*****-------*****-------*****-------

How to decompress file

//** Just use the given command below  **//:--

tar -zxvf filename.tar.gz   **USE**--( {=tape archiver} Untar a tarred & compressed tarball {*.tar.gz or *.tgz,} that you downloaded from the Internet.

tar -xvf filename.tar   **USE**--( Untar a tarred but uncompressed tarball {*.tar}.),

gunzip filename.gz   **USE**--( Decompress a zipped file {*.gz" or *.z}, Use gzip {also zip or compress}, if you wanted to compress files to this file format.),

bunzip2 filename.bz2  **USE**--( {=big unzip} Decompress a file {*.bz2} zipped with bzip2 compression utility, Used for big files. ),

unzip filename.zip  **USE**--( Decompress a file {*.zip} zipped with a compression utility compatible with PKZIP for DOS.),

unarj e filename.arj  **USE**--( Extract the content of an {*.arj} archive. ),

uudecode -o outputfile filename  **USE**--( Decode a file encoded with uuencode,  uu-encoded files are typically used for transfer of non-text files in e-mail {uuencode transforms any file into an ASCII file}).

******************************************

How to install Various Programs

List of program is given below  >>:
------------------------------
rpm -ivh filename.rpm  

**USE**--( [=RedhatPackageManager, install verbose, hashes displayed to show progress as root] Install a content of Red Hat rpm package[s] & print info on what happened. Keep reading if you prefer a GUI installation.),
------------------------------
rpm -qpi filename.rpm  

**USE**--( [=RedhatPackageManager, query, package, list] Read the info on the content of a yet uninstalled package filename.rpm. ),
------------------------------
rpm -qpl filename.rpm

 **USE**--( [=RedhatPackageManager, query, package, information.] List the files contained in a yet uninstalled package filename.rpm.),
------------------------------
rpm -qf filename  

**USE**--( [=RedhatPackageManager, query, file], Find out the name of the <*.rpm> package to which the file filename [on your hardrive] belongs. ),
------------------------------
rpm -e packagename

  **USE**--( [=RedhatPackageManager, erase=Uninstall], Uninstall a package- Package name, Package name is the same as the beginning of the< *.rpm> package file but without the dash and version number), E.g--   <kpackage>  <gnorpm >
------------------------------
glint  

**USE**--( [in X - terminal, as root if you want to be able to install packages], GUI fronts to the Red Hat Package Manager [rpm], "glint" comes with RH5.2, "gnorpm" with RH6.0, "kpackage" comes with RH6.1 OR must be installed separately but is the best of the three, Use any of them to view which software packages are installed on your system & the what not-yet-installed packages are available on your RedHat CD, display the info about the packages, & install them if you want [installation must be done as root])..

********************************************************

Linux Keyboard shortcuts is for you

//** Some of the important keyboard shortcuts are given below  **// :--

<Ctrl><Alt><F1> **USE**--( Switch to the first text terminal,Under Linux you can have several terminals opened at the same time.. ).

<Ctrl><Alt><Fn> (n=1..6) **USE**--( Switch to the nth text terminal, ).

<tty> **USE**--( Print the name of the terminal in which you are typing this command,,).

<Ctrl><Alt><F7> **USE**--( Switch to the first GUI terminal, ).

  <Tab> **USE**--( In a text terminal,Autocomplete the command 
if there is only 1 option, or else show all the available options.),

 <ArrowUp> **USE**--( Scroll & edit the command history, Press <Enter> to execute command.),

 <Shift><PgUp>**USE** --( Scroll terminal output up,Work also at the login prompt, so we can scroll through our bootup messages.),

 <Shift><PgDown> **USE**--( Scroll terminal output down fast .),

<Ctrl><Alt><-> **USE**--( (In X-Windows) Change to the previous X-Server Resolution.),

<Ctrl><Alt><BkSpc> **USE**--( (in X-Wndows) Kill the current X-Windows Server, Use if the X-Windows Server crashes & cannot be exited normally. ),

<Ctrl><Alt><Del> **USE**--( Shut down the system & Reboot, This is the normal shutdown command for a user at the text-mode console, Do not just press the 'reset' button for shutdown.),

<Ctrl>c **USE**--( Kill the current Process ( In the Text mode for small applications.),

<Ctrl>d **USE**--( Log out from the current terminal,We can also see next command.).

<Ctrl>s **USE**--(  Stop the file transfer to the terminal.),

<Ctrl>q **USE**--( Resume the transfer to the terminal, Try if your terminal mysteriously stops responding to you..),

<Ctrl>z--( Send current Process to the background.),

<exit>**USE**--( Logout,. can also use logout for the same effect.,(If you have started a second shell, for  e.g.- using bash the second shell will be exited & you will be back in the first shell, not logged out.)),

<reset>**USE**--( Restore a screwed-up terminal (A terminal which shows funny characters) to default setting, Use if you tried to 'cat' a binary file, You may not be able to see the command as you type it.).

<MiddleMouseButton> **USE**--( Paste the text which is currently Highlighted somewhere else, This is the normal 'copy-paste' Operation in Linux, (It doesn't work with Netscape & Wordperfect which use the MS Windows-style 'copy-paste', It does work in the text terminal if you enabled 'gpm' Service using 'Setup') Best used with a Linux-ready 3-button mouse (Logitech or similar) ),

<~>**USE**--( {tilde} My home directory (normally the directory /home/my_login_name), For example, the command cd ~/my_dir will change my working  directory to the subdirectory 'my_dir' under my home directory,  Typing just .cd. alone is an equivalent of the command .cd ~.).

<.>**USE**--(  {dot} Current directory, For example- ./my_program will attempt to execute the file 'my_program' located in your current working directory,).

<..>**USE**--( {two dots} Directory parent to the current one, For example- the command cd .. will change my current working directory one-one level up.)..

Some Network applications

netscape  **USE**--( {Iin X terminal} Run netscape (requires a separate Netscape installation}, The current versions of  Netscape {4.x} are known to be big and buggy. They occasionally crash by vanishing {means no other harm done}, Also when we not connected to the network , Netscape likes to refuse to-do anything (looks like it hanged),it revives when you connects. ),
netscape -display host:0.0   **USE**--( {In X terminal} Run netscape on the current machine & direct the output to machine named "host" display 0 screen 0, Your current machine must have a permission to display on the machine 'host' (Typically given by executing the command <xhost current_machine_name >in the xterminal of the machine host, Other X-windows program can be run remotely the same way. ),
lynx file.html   **USE**--( View an html file / browse the net from the text mode.),
pine   **USE**--(  A good text-mode mail reader, Another good & standard one is <elm>, Your Netscape mail will read the mail from your Internet account, pine will let you read the 'local' mail, e.g.  a cron process sends to you from a computer on your home network. The command mail could also be used for reading/composing mail, but it would be inconvenient it is meant to be used in scripts for automation.).
elm    **USE**--( A good text-mode mail reader. See the previous command also. ),
mutt   **USE**--( This is  really a basic but extremally useful & fast mail reader. ),
mail    **USE**--(  A basic {OS}operating system tool for Email, Look at the previous commands for a better e-mail reader, Mail is good if you wanted to send an e-mail from a shell script. ),
licq   **USE**--( {In X term} An icq 'Instant messaging' client, Another good one is kxicq, Older distributions do not have an icq client installed, you have to do download one and install it. ),
talk username1  **USE**--( We can talk to another user currently logged on your machine (or use "talk username1@machinename" to talk to a user on a different computer) , To accept the invitation to the conversation, type the command "talk username2", If somebody is trying to talk to you & it disrupts your work, you may use the command "mesg n" to refuse accepting messages, You may want to use "who" or "rwho" to determine the users who are currently logged in. ),
mc   **USE**--( Launch the "Midnight Commande" file manager {Its like "Norton Commander" for Linux}.),
telnet server  **USE**--( We can Connect to another machine using the TELNET protocol, We can use a remote machine name or IP address, You will be prompted for your login name & password you must have an account on the remote machine to login, Telnet will connect you to another machine & let you operate on it as if you were sitting at its keyboard, Telnet is not very secure everything you type goes in open text, even your password also),
rlogin server   **USE**--( {=remote login} Connect to another machine, The login name--password from your current session is used, If it fails you are prompted for a password.),
rsh server   **USE**--( {=remote shel} This is  another way to connect to a remote machine, The login name-password from your current session is used; If it fails you are prompted for a password.),
ftp server  **USE**--( Ftp another machine. (There is also ncftp which adds extra features & gftp for GUI }, Ftp is good for copying files from a remote machine, Try user "anonymous" if you do not have an account on the remote server, After connection, use "?" to see the list of available ftp commands,  The essential ftp command are <ls> {to see the files on the remote system}, ASCII, binary (set the file transfer mode to either text or binary, important that you select the proper one ), get (copy a file from the remote system to the local system), mget (get many files at once), put (copy a file from the local system to the remote system), mput (put many files at once), bye (disconnect). For automation in a script, you may want to use ncftpput and ncftpget, for example: -ncftpput -u my_user_name -p my_password -a remote.host.domain remote_dir *local.html ),
minicom   **USE**--( Minicom program {looks like "Procomm for Linux"}.,

************************************************************

Some Network Administration Tools

<netconf > **USE**--( [as root], A  good menu driven setup of your network.),
<pingmachine_name > **USE**--( Check if you can contact another machine [give the machine's name Or IP]. Press [<Ctrl>C] when done [it keeps going]),

<route -n > **USE**--( It Shows the kernel routing table.),

<nslookup host_to_find > **USE**--( Query your default domain name server [DNS] for an Internet name [Or IP number] host_to_find,

This way you can check if your DNS works, You can also find out the name of the host of which you only know the IP number),

<traceroute host_to_trace > **USE**--( Have a look how you messages travelled to[ host_to_trace]-which is either a host name or IP number ),

<ipfwadm -F -p m > **USE**--( [for RH5.2, seen next command for RH6.0],Set up the firewall IP forwarding policy to masquerading,

Purpose:-- All computers from your home network will appear to the outside world as one very busy machine and

for example- You will be allowed to browse the Internet from all computers at once.),

<echo 1 > /proc/sys/net/ipv4/ip_forward >

<ipfwadm-wrapper -F -p deny >

<ipfwadm-wrapper -F -a m -S xxx.xxx.xxx.0/24 -D 0.0.0.0/0 > **USE**--( [three commands, RH6.0],

Does the same as the previous command. Substitute  the "x"s  with digits of your class "C" IP address that you assigned to your home network ),

<ifconfig > **USE**--( [As root] Display info on the network interfaces Currently active (ethernet, ppp, etc),

Your first ethernet should show up as eth0, second as eth1 etc, first ppp over modem as ppp0, second as ppp1 etc,

The "lo" is the "loopback only" interface which should be always active, Use the options [see <ifconfig --help>] to configure the interfaces. ),


<ifup interface_name > **USE**--( [/sbin/ifup to it run as a user] Startup a network interface,For e.g as follows:--

ifup eth0
ifup ppp0

Users can start up or shutdown the ppp interface only when the right permission was checked during the ppp setup (using netconf ),

To start a ppp interface [Dial-up Connection]. I normally use kppp available under kde menu "internet".),

<ifdown interface_name > **USE**--( [/sbin/ifdown to run it as a user], Shut down the network interface.),

<netstat | more > **USE**--( Displays a lot  information on the status of your network.),

when ftp UDP port get block

//***  We just have fire this following rules with iptables ***//:--

 

**********************

 

-A OUTPUT -o eth0 -p udp -m udp --dport 21 -j ACCEPT

-A OUTPUT -o eth0 -p udp -m udp --dport 20 -j ACCEPT

-A INPUT -i eth0 -p udp -m udp --dport 21 -j ACCEPT

 -A INPUT -i eth0 -p udp -m udp --dport 20 -j ACCEPT

 

**********************

LIST:-

Error :-

425 Unable to build data connection: Connection timed out

PASV

 

227 Entering Passive Mode (64,246,51,197,214,179).

Connecting data channel to (64.246.51.197:54963).

 

Connection timed out; Connection timed out while waiting for a response from the server.

 

 

Full Duplex

//** Run the following commands one by one **//:-

 

ethtool -s eth0 speed 100;

ethtool -s eth0 autoneg off;

ethtool -s eth0 duplex full;

each line is one command

then run to check :

mii-tool

 

*************************************************************

Output should be:as follows :-

eth0: 100 Mbit, full duplex, link ok

 

*************************************************************
 

Gd library and other instant softwares using EASY APACHE

**< For Enabling GD library & other softwares,It is done through easy apache  >** :-

 

----------------------

WHM >> Software >> Upate Apache

 

----------------------

For imagemagick follow this steps :--

Go to Install per module.

Search for Image:Magick.

Select it .

Select 1 option and click.

Path For ImageMagick : /usr/bin/convert

Glibc free error sysctl configuration

How to configure is explain below:-

1-- Turn off the tcp_sack.

      net.ipv4.tcp_sack = 0

 2-- Turn off the tcp_timestamps.

        net.ipv4.tcp_timestamps = 0

 3-- Enable TCP SYN Cookie Protection.

       net.ipv4.tcp_syncookies = 1

 4-- Enable ignoring broadcasts request.

       net.ipv4.icmp_echo_ignore_broadcasts = 1

 5-- Enable bad error message Protection.

       net.ipv4.icmp_ignore_bogus_error_responses = 1

 6-- Log Spoofed Packets, Source Routed Packets, Redirect Packets.

       net.ipv4.conf.all.log_martians = 1

 7-- Increases the size of the socket queue (effectively, q0),

       net.ipv4.tcp_max_syn_backlog = 1024

 8-- Increase the tcp-time-wait buckets pool size.

       net.ipv4.tcp_max_tw_buckets = 1440000

 9-- Allowed local port range.

       net.ipv4.ip_local_port_range = 16384 65536

10-- After you make the changes to the file you need to run .

       Quote

/sbin/sysctl -p

and

Quote

sysctl -w net.ipv4.route.flush=1

to enable the changes without a reboot.

****----****----****----****----****----****----****----****----

When Server is not responding

** When  PhpMyAdmin in your domain control panel gives following error:-

#2002 - The server is not responding (or the local MySQL server's socket is not correctly configured")

*******************

link : http://forums.cpanel.net/showpost.php?p=33...mp;postcount=11

*******************

//** Here is what worked for me **// :--

pico /usr/local/cpanel/base/3rdparty/phpMyAdmin/config.inc.php

find

$cfg['Servers'][$i]['socket'] = '';

change to

$cfg['Servers'][$i]['socket'] = '/var/lib/mysql/mysql.sock';

next line

$cfg['Servers'][$i]['connect_type'] = 'tcp';

change to

$cfg['Servers'][$i]['connect_type'] = 'socket';

/** I am sure you like this just like me **/

---------------------------------------------------------------------

Close connection in response to

**// If you get the following error (tail -F /var/log/messages //**:-

-------------

T=remote_smtp defer (-18): Remote host mail.domain.com [111.111.111.111] closed connection in response to STARTTLS

2007-10-01 17:15:28 Start queue run: pid=13647

2007-10-01 17:15:28 1IcMzG-0003XG-1f == test@domain.com R=dnslookup

-------------

Then you can fix this issue by editing your /etc/exim.conf, and changing the following code:-

remote_smtp:

  driver = smtp

To be:-

remote_smtp:

  driver = smtp

  hosts_avoid_tls=*         (This line should be present if not then add the line.)

Save, exit, then restart exim.

If the issue is for incoming email, you can comment out this section of your exim.conf:

tls_advertise_hosts = *

-------------************-------------************-------------