SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting and Conformance) are email authentication protocols that are becoming increasingly necessary to run a working email server. Even if you have valid MX, A, and PTR DNS records for your mail server, you may find that your emails are getting rejected […]
Tag: Linux
Test Ansible Roles with Molecule 3 and Red Hat Docker Images on Linux Mint
Here are instructions on how to set up Molecule 3 to test your Ansible roles using Docker images in Mint 20.2. You can find some additional working code for this in my Github repos like abrt and CloudBees; these use official Red Hat images from the Red Hat Container Registry. Most of these will already […]
Add a Filesystem to a Red Hat Linux Virtual Machine
Steps to add a mount point to a Red Hat Linux system using LVM: Add a disk in VMware. Ensure the disk is visible on your server. Create a physical volume. Create a volume group. Create a logical volume. Make a filesystem. Mount the volume. (Create the mount point if necessary.) Add it to /etc/fstab […]
Nginx: Redirect All HTTP and HTTPS non-WWW to HTTPS WWW
One common requirement for a web site, especially in the age of mandatory SSL, is to ensure that its address is a) consistent, and b) forwards to SSL. In other words, when a visitor types in http://www.mysite.com/, http://mysite.com/, OR https://mysite.com/, they should be sent to https://www.mysite.com/. To do this, we’ll set up some Nginx server […]
Install Roundcube on Ubuntu 16 with Nginx and PHP-FPM
So you want to set up a webmail system. SquirrelMail was a fine community-supported project for many years, but as of July 2017 it seems to have been abandoned by its developers, so we’re going to use Roundcube for our webmail system instead. This guide assumes you have Ubuntu 16 running a MariaDB-Postfix-Dovecot email server […]
Installing an SSL Certificate on Nginx
Update April 2018: I’d suggest using Let’s Encrypt for this instead. How to create and install an SSL certificate for Nginx 1.10 on Ubuntu 16. (Apache setup here.) This setup also gets you an A on the SSL Labs SSL Server Test. Part I: Create and Obtain your SSL Cert 1. Create your key and […]
SpamAssassin 3 on Ubuntu 16+
Note: This article describes setting up SpamAssassin 3 to work with a Postfix/Dovecot email server on Ubuntu 16, and it applies to other Debian/Ubuntu variants that use systemd. There are some significant differences in the SpamAssassin config between distros that use systemd and those that use upstart. For the Ubuntu 12/14 version of this article, […]
Ubuntu 16 and Varnish 4 with Drupal
This article describes how to install Varnish 4 with Drupal 7 on Ubuntu 16.04. The procedure is similar to installing Varnish 3 in my Drupal recipe, but the update to Varnish 4 requires a few changes. These are described below. Installing Varnish 4 root@ubuntu:/# apt-cache madison varnish varnish | 4.1.1-1 | http://us.archive.ubuntu.com/ubuntu xenial/universe amd64 Packages […]
OSSEC on Ubuntu 16
OSSEC is a HIDS (Host-based Intrusion Detection System) that can perform real-time logfile analysis, rootkit detection, file integrity checking, and notification. Resources: The home page, documentation, and current code. OSSEC works by assembling a “safe” profile of your system and then continuously checking files and processes for deviation from this profile. In particular, for a […]
logwatch on Ubuntu 16
logwatch is a utility that helps you track your system’s log files, and it can monitor them on a schedule and email you a daily summary of its findings. Like most security packages, logwatch itself isn’t a magic bullet, but it can be a useful component of a secure setup. If nothing else, it can […]