RSS
 

Archive for the ‘Tutorial’ Category

Add custom SMTP Port on Zimbra

05 Aug

Some of our clients are restricted to connect to port 25 TCP by their ISP. So to give them access to our Zimbra server for sending emails, I opened another SMTP port listener (on port 587 TCP). For that, here’s the thing you will need to do.

Edit master.cf.in inside /opt/zimbra/postfix/conf/, you will see config line like below

1
smtp      inet  n       -       n       -       -       smtpd

Under that line, add the following config.

1
587      inet  n       -       n       -       -       smtpd

Done, now you can setup your mail client to use your Zimbra server with that custom 587 port instead of the standard 25. The standard 25 port will still be accessible, so technically you can use either.

 

Integrate Zimbra With Amazon SES

04 Aug

I’ve been working to integrate Zimbra with Amazon SES since the last two weeks. I finally finished that task today (yay!). Maybe some of you having the need to do the same thing, so I will try to write down what I had done to accomplished this. Just for notice, this might not the best practice, but it’s been tested to work.

Before you started, you will need to prepare Amazon SES API which you can download it here. In this example, I extracted the package and put it in /opt/SES. You will also need to install required PERL modules to be able to use it, so first make sure the script works by sending test email manually using the Amazon SES script.

After the SES script is ready, there are few configurations in Zimbra we need to change, master.cf.in and main.cf inside /opt/zimbra/postfix/conf/ and localconfig.xml inside /opt/zimbra/conf/.

First, master.cf.in. Add this line of codes at the end of the file.

1
2
aws-email unix - n n - - pipe
    flags=R user=hana argv=/opt/ses/ses-send-email.pl -r -k /opt/ses/aws-credentials.txt -e https://email.us-east-1.amazonaws.com -f ${sender} ${recipient}

Please notice the empty space at the beginning of the second line. You need to have that space or you will get a config error on restart. You can just copy paste those two lines to be safe.

Secondly, edit main.cf and add this line at the end.

1
sender_dependent_default_transport_maps = regexp:/opt/zimbra/conf/sdd_transport_maps.regexp

Now you will need to edit localconfig.xml, so you won’t loose above option added to main.cf when Zimbra restarted. Add these codes to localconfig.xml.

1
regexp:/opt/zimbra/conf/sdd_transport_maps.regexp

Now, the last thing you need to do is create the file /opt/zimbra/conf/sdd_transport_maps.regexp. As you should know, SES only accept emails from registered sender. So you need to register all of email addresses you planned to send via SES. Now we would like every sender which are registered to SES to send via SES, and the rest is send via normal SMTP sending. To be able to do so, Zimbra need to know, which addresses are suppose to be routed to SES and which aren’t. So we are gonna list all the registered addresses here inside this file (sdd_transport_maps.regexp).

The format of the file is like example below

1
2
/^hana@evilangelist\.com$/ aws-email:
/^admin@evilangelist\.com$/ aws-email:

The first part of the line is the registered email address written in regular expression, and the second part of the line is the route it suppose to be send to, in this example, “aws-email” route which we configured inside master.cf.in.

Okay, now you’re all set. Restart Zimbra and try sending email from the registered SES address. Zimbra will invoke the SES script to send it through Amazon SES. While the rest of the addresses which are not registered will be send via normal SMTP sending.

Note : Tested with Zimbra 7.1.1 RHEL5 64bit version running on 64 bit CentOS 5.6

 

Snow Leopard : Disable Spotlight Completely

09 Mar

Few of my friends are whining about how slow their Mac runs. It doesn’t matter how powerful your CPU, or how many RAM you got, Snow leopard tend to get slower and slower. I’ve done few researches and found out that, spotlight and MD’s are the things to blame. Yes, that’s why regardless your CPU and RAM my Mac is getting slower, it is because the bottleneck is in the disk! Spotlight and MD’s are abusing my disk IO. When the disk is very busy, the overall system will get slow, especially when spotlight is indexing.

I have decided to turn off spotlight and MD’s completely, mostly because spotlight is useless to me. I never use it so I don’t mind to loose it. Here’s what I did to disable spotlight and MD’s completely (including removing the spotlight icon on the top-right corner).

Turn off MDUtil

1
sudo mdutil -a -i off

Stop Spotlight

1
sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.metadata.mds.plist

Change the permission so spotlight won’t start at startup.

1
sudo chmod 600 /System/Library/CoreServices/Search.bundle/Contents/MacOS/Search

Restart UI Server to remove spotlight icon

1
sudo killall SystemUIServer

Caution : This tutorial modify some system files. Use at your own risk happy

 
1 Comment

Posted in Mac, Tutorial

 

Subversion Dump and Load Over SSH

26 Aug

In case you want to move existing Subversion repository from one machine to another one. Below is the tricks.

On the new machine, create new repository. You can use a different name if you want to. I prefer using the same name as the old repository name.

1
# svnadmin create myrepo

Then on the old machine, execute this command

1
# svnadmin dump /repo/base/oldrepo | ssh -C username@new-machine-ip-address 'svnadmin load -q /repo/base/myrepo'

Remember, the user you use to connect via SSH must have write access to you new repository. And also, if you’re moving huge repository (like mine where it has almost one hundred thousand of revisions, you might consider using “screen” so you can put the dump and load process in the background.

 

Changing VMWare VM Mac Address

22 Jul

The ability to change VMWare virtual machine’s Mac address can be helpful sometimes, especially when we want to manually assign it. Here’s the trick.

First, remove these following lines below from your virtual machine configuration file.

1
2
3
ethernet[n].generatedAddress
ethernet[n].addressType
ethernet[n].generatedAddressOffset

Then, insert this single line below

1
ethernet[n].address = 00:50:56:XX:YY:ZZ

You should change example mac address above to any mac address you want, as long as it is a valid hexadecimal format.

 

Reset Mac Back To Setup Assistant

21 Jul

When we want to sell or give our Mac to someone else, it will be helpful if we can just reset the OSX back to setup assistant. So it will go back to the state like the first time we bought it. Here’s the trick.

Enter single user mode, then mount root partition with write access.

1
2
3
$ mount -uw /
$ rm -rf /Library/Preferences
$ rm -rf /Users/username (change username to your existing users)

This is the new one, for leopard and snow leopard

1
2
$ rm /var/db/dslocal/nodes/Default/users/username.plist
$ rm /var/db/.AppleSetupDone

You’re done, reboot your machine and see it will startup to the Setup Assistant. Fresh as new happy

 
No Comments

Posted in Mac, Tutorial

 

Merubah Database Template PostgreSQL

20 Jul

Jika database template pada PostgreSQL menggunakan SQL_ASCII, saat kita ingin membuat database baru dengan jenis encoding yang lain akan muncul error “new encoding incompatible with the encoding of the template database (SQL_ASCII).”. Untuk memperbaiki masalah ini, kita harus merubah encoding database template itu sendiri menjadi, misalnya UTF8 (Unicode). Encoding SQL_ASCII ini menurut saya tidak berguna karena menurut saya, encoding SQL_ASCII artinya “tidak peduli dengan jenis data dan encoding apapun”.

Cara untuk merubah default encoding, berikut perintah SQL yang harus dijalankan.

Enable connection pada database template0.

1
postgres=# UPDATE pg_database SET datallowconn = TRUE WHERE datname ='template0';

Masuk ke database template0

1
postgres=# \c template0;

Ubah column “datistemplate” pada template1 agar kita bisa menghapusnya.

1
postgres=# UPDATE pg_database SET datistemplate = FALSE WHERE datname = 'template1';

Hapus database template1

1
postgres=# DROP DATABASE template1;

Buat database template1 yang baru dengan encoding Unicode (UTF8).

1
postgres=# create database template1 with template = template0 encoding = 'UTF8';

Set database baru tersebut sebagai database template.

1
postgres=# UPDATE pg_database SET datistemplate = TRUE WHERE datname = 'template1';

Masuk ke database template1

1
postgres=# \c template1

Disable koneksi ke template0

1
postgres=# UPDATE pg_database SET datallowconn = FALSE WHERE datname = 'template0';

Setelah semua selesai, sekarang kita bisa membuat database baru dengan jenis encoding apapun yang kita inginkan happy

[ad]

 
 

CentOS: Install X-Window dan Gnome

15 Jul

Cara paling gampang untuk install X-Window dan Gnome desktop environment di CentOS adalah menggunakan yum package manager, tinggal jalanin satu perintah seperti ini :

1
# yum groupinstall "X Window System" "GNOME Desktop Environment"

Perhatikan huruf besar dan huruf kecil karena yum terkenal “picky” (case sensitive).

 
 

Removing FreeBSD Boot Manager

30 Jun

My friend accidentally installed FreeBSD boot manager during installation. Only after the installation was finished he realized that he don’t need it. He sent me a message asking a way to remove it. Actually it’s very simple, you can do that by issuing these commands below.

Using fdisk (change ad0 to your hard drive name)

1
# fdisk -B -b /boot/mbr ad0

or you can use boot0cfg

1
# boot0cfg -B -b /boot/mbr ad0

One of them might work while the other is not, depends on your FreeBSD version.

[ad]

 
 

Improving Zimbra Spam Filter

30 Jun

The built in Zimbra anti-spam system is quite a neat bundle of Amavisd-new, SpamAssassin and ClamAV with some fancy automated ham/spam training based on messages being moved in and out of a “Junk” mailbox under each user’s account, but it lacks a few nice to have extra features. Luckily, it’s quite easy to enhance the Zimbra Amavisd and SpamAssassin with a new plugins such as DCC, Pyzor and Razor as well as enabling SPF record checking and turning on DSPAM.

Zimbra includes DSPAM as well, but doesn’t use it by default. You can change this quite simply by updating the Zimbra LDAP configuration with the following:
1
zmlocalconfig -e amavis_dspam_enabled=true

I’d recommend upgrading to 6.0.5 if you are going to use DSPAM as there are annoying bugs in earlier versions such as needing to chown the DSPAM folder as zmfixperms used to set the permissions incorrectly. There is also an updated version of DSPAM in Zimbra 6.0.5.
The beauty of DSPAM with Zimbra is that the zmtrainsa utility run nightly on the spam/ham mailboxes also trains DSPAM from the same messages.

Now I’m presuming that you don’t already have the RPMforge (formerly Dag Wieers) and Atomic Rocket Turtle yum repositories installed on your Zimbra server and that you’re using CentOS/Red Hat like I am. We will install these two repositories but restrict them to only provide the packages that we are interested in so that they don’t clash with each other or the base vendor repositories.

1
2
wget -q -O – http://www.atomicorp.com/installers/atomic.sh | wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.1-1.el5.rf.x86_64.rpm
rpm -Uvh rpmforge-release-0.5.1-1.el5.rf.x86_64.rpm

Now you need to edit /etc/yum.repos.d/rpmforge.repo to add the line includepkgs=perl-Error perl-NetAddr-IP perl-version perl-Mail-SPF as well as /etc/yum.repos.d/atomic.repo to have includepkgs=dcc pyzor razor-agents under the [atomic] section
Now the packages we need are available through a normal yum install:

1
yum install dcc pyzor razor-agents perl-Mail-SPF

Now we just need to create a custom SpamAssassin configuration file to tweak the settings for the plugins that we just installed. To do this, go to /opt/zimbra/conf/spamassassin/ and create a new .cf file with the following:

1
2
3
4
5
6
loadplugin Mail::SpamAssassin::Plugin::DCC
score SPF_FAIL 10.000
score
SPF_HELO_FAIL 10.000
score
DCC_CHECK 4.000
score
RAZOR2_CHECK 2.500
score
PYZOR_CHECK 2.500

The Zimbra SpamAssassin configurations already load the Pyzor and Razor plugins if present, but don’t load DCC by default (even if it is present) as it isn’t open source. Rather than edit files that Zimbra will then reset on an upgrade, we create a new .cf file that does this as well as settings the scores given by DCC, Pyzor, Razor and SPF. You might want to tweak these depending on how much you trust each service/test or you might want to skip these lines altogether and leave the scores set as the SpamAssassin defaults.
Remember to chown the file to zimbra:zimbra and chmod it to 0444 to be in line with the other SpamAssassin .cf configuration files.

The last thing that you need to do is restart the Zimbra MTA and Amavisd-new so that it loads the new configuration.

1
su – zimbra
zmantispamctl reload

If you want to test your new SpamAssassin setup then run the following (test and Debug mode) on the GTUBE sample provided by SpamAssassin

1
wget http://spamassassin.apache.org/gtube/gtube.txt
/opt/zimbra/zimbramon/bin/spamassassin -D -t < gtube.txt

Like the EICAR signiture for anti-virus scanners, GTUBE is a signature for anti-spam systems that will always show as spam so you can easily test your anti-spam setup. Among others, you should see RAZOR2_CHECK, PYZOR_CHECK and DCC_CHECK flagged with their appropriate scores if everything is working properly.
You will need to test DSPAM in the same way as you would with SpamAssassin’s bayesian filtering as well as checking SPF failures manually by sending a message from a server not designated in the SPF records.

Source : http://new.spheron1.co.uk/2010/04/11/zimbra-anti-spam-improvements/

 

MySQL Replica Duplicate Entry Error

25 Jun

In normal condition, MySQL replication will stop whenever it encountered and error while executing slave queries. This is done so we can analyze the error produced and fix the problem which cause it to ensure data consistency between the master server and the replica. However, there’s a situation where we want to skip this bad query and continue to the next one. Although this is not recommended, but as long as we know well what’s that query is all about and we are very sure it won’t cause data inconsistency, these tricks I will show you is feasible.

For example, we can skip a single query (which we consider as broken) and continue to the next query. Execute this on MySQL console :

mysql>SET GLOBAL SQL_SLAVE_SKIP_COUNTER=1; START SLAVE;

We can ignore more than 1 query at a time, by simply change the number variable for “SQL_SLAVE_SKIP_COUNTER” to any number we want to skip.

There’s another way of doing this, we can tell MySQL to ignore all error with specific error codes. As example, we  can tell MySQL to skip all error with 1062 error code, which is “duplicate entry” error number.

slave-skip-errors = 1062

Beside error with 1062 error code,we can skip more than one error code by putting them in my.cnf “slave-skip-errors” option, put all error codes we want to skip, separated by comma (,). The complete list of MySQL error codes can be found here.

Note : I re-wroted this entry from Indonesian to English, since some people tell me it was confusing.

 
 

Convert GPS decimal to GMap coordinate

06 Sep
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
sub convertNMEA {
        local($lats,$lat_hem,$longs,$long_hem) = @_;

        $latitude = 0;
        $longitude = 0;

        # count latitude
        @lat_data = split(/\./, $lats);
        $lat_count = length($lat_data[0]) - 2;
        $lat_min = substr($lat_data[0], $lat_count, 2);
        $lat_deg = substr($lat_data[0], 0, $lat_count);
        $lat_mins = "$lat_min\.$lat_data[1]";

        $latitude_minutes = ($lat_mins / 60);
        $latitude = $lat_deg + $latitude_minutes;

        # count longitude
        @long_data = split(/\./, $longs);
        $long_count = length($long_data[0]) - 2;
        $long_min = substr($long_data[0], $long_count, 2);
        $long_deg = substr($long_data[0], 0, $long_count);
        $long_mins = "$long_min\.$long_data[1]";

        $longitude_minutes = ($long_mins / 60);
        $longitude = $long_deg + $longitude_minutes;

        # find hemisphere
        if ($lat_hem eq "S") {
                $latitude = '-' . $latitude;
        }

        if ($long_hem eq "W") {
                $longitude = '-' . $longitude;
        }
        return($latitude,$longitude);
}
 
2 Comments

Posted in PERL, Tutorial