I have been playing around with a couple of modules and monitoring their memory usage. I wanted to clear the caches and buffers to give me a clearer picture of memory usage.
This command is handy for clearing them out.
sync && echo 3 > /proc/sys/vm/drop_caches
When you run
after running the above command you will see the buffers and cached values are either zero or very low. and the Total/Used/Free columns are much clearer.
Please do NOT do this on a live production server unless you know what you are doing.
I had a client who ordered a new server for me to configure. The memory was not what was ordered so I checked out all the other hardware was in order as well.
The hard drives were supposed to be SSD’s but they were connected to a PERC Raid controller. This command allowed me to view them.
smartctl -a /dev/sda -d sat+megaraid,00 smartctl -a /dev/sdb -d sat+megaraid,00
If you don’t have Smartmon installed.
yum install smartmontools
If you get “relay access denied” error messages on mailman and mailman messages are not going out then check to see if you have
::1/128‘ and ‘
127.0.0.1‘ in your whitelist in email settings. This fixed it on a newly migrated server for me.
I have used this technique for a few years now so thought I should post it here as it doesn’t appear to break.
I started getting a “couldn’t save sent message” error message in thunderbird.
I logged onto the server and restarted courier-imapd and postfix and retried. Still the same error.
I checked the maillog and found this error.
Mar 12 17:33:53 plesk postfix/postfix-script: warning: not set-gid or not owner+group+world executable: /usr/sbin/postdrop
As usual, a quick run of the command
Confirmed it was a problem,
So I ran the fix permissions command.
Apparently this is not a well known command so I have posted here.
Just had a client call me due to the fact all the sites on his server were down.
A quick check on disk space and the hard disk was full. This is always the first thing to check when the server is up but sites are down.
I then check each of the root folders in turn to find out which one is causing the problem. This command is so useful and I have been using it for years or variations that I thought I would post just in case.
du -Sh | sort -rh | head -n 5
I always check /var first as this has logs, mail and lots more in it.
The GPG keys listed for the “CentOS / Red Hat Enterprise Linux 6 – atomicrocketturtle.com” repository are already installed but they are not correct for this package.
Atomic are moving everything under one key. To fix this error run this command;
rpm --import https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt
Then edit /etc/yum.repos.d/atomic.repo
change the following line
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY.art.txt
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY.atomicorp.txt file:///etc/pki/rpm-gpg/RPM-GPG-KEY.art.txt
We needed to analyse the from, to and subject on one of our servers to deal with a persistent spammer.
Add this to your header_checks
A client uses fail2ban plus a number of other custom scripts to build his firewall to block unwanted access. The firewall table was getting very confusing for him as he didn’t know which script had blocked the IP at a glance.
I cleaned up his tables and created a chain for each script. Here is how I did it.
This is not an easy task without knowing a few tricks as the log files are not an awful lot of help. Providing you have the Plesk grey listing switched on and you know a little SQL and PHP the task is not that hard.
sqlite3 /var/lib/plesk/mail/greylist/data.db 'select * from data'
The above command will provide you with a list of senders, recipients and IP address. I have written a couple of scripts which monitor this database every 5 minutes and extracts spammer signatures which then get emailed to me. I usually catch them within 10-15 minutes of starting their run these days.
Here is a list of the columns in the database;
sqlite> PRAGMA table_info(data); 0|remoteIP|VARCHAR(39)|1||0 1|mailFrom|VARCHAR(255)|1||0 2|rcptTo|VARCHAR(255)|1||0 3|blockedCount|INTEGER|1||0 4|passCount|INTEGER|1||0 5|creationTime|INTEGER|1||0 6|lastUpdate|INTEGER|1||0 7|greyExpires|INTEGER|1||0
Using the above and some data from the headers from one of the spam emails you can quickly extract the sender.
If the spammer is changing the from address so it doesn’t match an account on the server you can filter the logs as follows;