RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
Postfix Mailtrap
Recently we needed to setup a postfix server that would route all email to a local mailbox regardless of original destination. Here’s the solution:
1) Add this line to /etc/postfix/main.cf (if it’s not already present):
recipient_canonical_maps = regexp:/etc/postfix/canonical
2) Add the following line to /etc/postfix/canonical (replace “username”):
/.*/ username@localhost
3) Run “postfix reload”
That should make it deliver all mail to the specificed local user. Make sure localhost is in the mydomains file (or the mydomains setting in main.cf, if it doesn’t use a seperate file), or just use any valid local domain.
Renew self-signed IMAPS/POP certificates on Plesk server
With courier-imap, if the self signed certificate used by IMAPS or POPS expires then use this procedure to issue a new certificate:
1. Edit /usr/share/courier-imap/mkimapdcert and add a -set-serial option to the openssl “req” line like “-set_serial 2”.
2. Optional: On the same line change “-days 365” to increase the validity period for the certificate.
3. Optional: Edit /etc/courier-imap/imapd.cnf to set certificate contents.
4. Remove the old certificate at /usr/share/courier-imap/imapd.pem
5. Run /usr/sbin/mkimapdcert
6. Restart courier with “/sbin/service courier-imap restart”
7. Edit /usr/share/courier-imap/mkpop3dcert and add a -set-serial option to the openssl “req” line like “-set_serial 2”.
8. Optional: On the same line change “-days 365” to increase the validity period for the certificate.
9. Optional: Edit /etc/courier-imap/pop3d.cnf to set certificate contents.
10. Remove the old certificate at /usr/share/courier-imap/pop3d.pem
11. Run /usr/sbin/mkpop3dcert
12. Restart courier with “/sbin/service courier-imap restart”
RH FC4 SSH with Rescue Boot CD
Do the following to get sshd up and running on a FC4 system booted from the rescue CD with networking enabled:
1 2 3 |
chroot /mnt/sysimage mount /dev/pts /usr/sbin/sshd |
If you get errors about the random number generator not being seeded then you might have to copy the cd’s /dev/ files to /mnt/sysimage/dev/ using tar.
Bind Zimbra On Specific IP Address
Here’s how to configure Zimbra services to bind to a specific IP address. These instructions apply to ZCS 5.x only. Assume that the IP address is [IP].
SMTP (TCP 25)
Edit /opt/zimbra/postfix/conf/master.cf.
Change:
1 |
smtp inet n - n - - smtpd |
To:
1 |
[IP]:smtp inet n - n - - smtpd |
WEB (TCP 80/443/admin ports)
Edit /opt/zimbra/jetty/etc/jetty.xml.in
After every line starting with:
1 |
<Set name="port"> |
Add:
1 |
<Set name="host">[IP]</Set> |
POP/IMAP
Su to zimbra account.
Start zmprov:
1 |
./zmprov -s [IP] |
Determine server name:
1 |
gas |
Change bind addresses:
1 2 3 4 |
ms [DOMAIN] zimbraPop3BindAddress [IP] ms [DOMAIN] zimbraPop3SSLBindAddress [IP] ms [DOMAIN] zimbraImapBindAddress [IP] ms [DOMAIN] zimbraImapSSLBindAddress [IP] |
One additional trick is needed. Add these two IPTables rules to map 127.0.0.1:7071 to [IP]:7071.
1 2 3 4 5 6 7 8 9 10 |
/sbin/iptables -t nat -A PREROUTING -p tcp --destination 127.0.0.1 \ --dport 7071 -j DNAT --to-destination [IP] /sbin/iptables -t nat -A OUTPUT -p tcp --destination 127.0.0.1 \ --dport 7071 -j DNAT --to-destination [IP] /sbin/iptables -t nat -A PREROUTING -p tcp --destination 127.0.0.1 \ --dport 80 -j DNAT --to-destination [IP] /sbin/iptables -t nat -A OUTPUT -p tcp --destination 127.0.0.1 \ --dport 80 -j DNAT --to-destination [IP] /sbin/service iptables restart /sbin/service iptables save |