I am moving into the world of dedicated servers (from VPS). I just got a server from Serveraday.com /OLM.net.
When I was doing bandwidth tests, I found the server's inbound speed was much slower than outbound. I tried downloading a bunch of different provider's 10MB test files from the command line of my server using wget. They were all around 20-30 Kbps.
When I take those same 10MB files and serve them from my dedicated box, the results are much different. My server can push the files out at over 1Mbps.
Why would my server be set up this way, and is this normal behaviour? I sent a ticket to OLM, but their support seems to take a long time. So I figured I would bounce the question off of all you here on WHT
1/ What is the difference between maillog and maillog.processed? I want to keep a permanent record of all mail inbound and outbound even if delivery is deferred by the gray listing. I'm not sure which one is the best to keep.
2/ I would like to change the way that the mail logs get log rotated. I am struggling to work out exactly what happens at the moment but I would like to rotate the log out every day regardless of size. I think currently that the maillog.processed is rotated daily if it is over a specific size.
I'm trying to figure out an iptables rule to block certain ips for a limited duration, after which the block rule will be removed.
hits to the iptables filter while the ip is blocked should not renew the timer.
i got as far as:
iptables -A INPUT -m recent --name blacklist --rcheck --seconds 10 -j REJECT iptables -A INPUT -m recent --name blacklist --remove
but how do i blacklist an ip now ? (this needs to be done via external app and not via iptables matches/hitcounts) iptables -A INPUT -s xxx.xxx.xxx.xxx -m recent --name blacklist --set would renew the blacklist every time that ip sends a packet no matter if it is blocked or not. and also that rule would remain in iptables even when expired
184.108.40.206 still has 301 connection, any idea.
Basically, I use ddos-deflate to block ddos attack. I already set the max conection to 25. But it seems not working. all the connections over 25 have not been blocked. Did I miss something? I mean after I issue
We have a dedicated server with several domains configured. For all domains we use an external SMTP service to send out emails. Our websites send mail via this external SMTP service. So there is no need for the server to send out any mail.Still we see mail going out, like bounce messages, non delivery reports and we even had some spam sending issues in the recent past.So I have some questions:
1. Is it possible to configure WHM/CPanel to use our external SMTP server too, so that server/system emails are still sent to us?
2. And is it possible to COMPLETELY block ALL outbound email on our server, so that it simply cannot send email anymore by itself? (but still be able to receive mail)
Imagine you want a set of servers (VPSs would be a cheaper choice, that is why I am posting here) that do not have much outbound traffic but download from other servers (more or less as spiders, but I am not trying to create a web index). Disk space or memory size are not important, but port speed and monthly transfer should be as high as possible. As inbound traffic is less frequently used, I wonder if any provider offer cheaper rates if traffic is like this.
I have been searching the forums and have not found too much about this topic (a quite related post named "I want to download the Internet" or something similar did not get a conclusion).
I have 2 IPs bounded on a Windows 2003 server. These 2 IPs have different network routes (one uses network A, one uses network B). Obviously for outbound traffic I can freely choose which IP to use (I simply choose to use [url]or [url]), however I wonder if it's possible to tell the server which IP it should use for inbound traffic when I need to download something from the internet to the server?
With the standard-DNS-Layout every customer has an MX-entry like MX 10 mail.customerdomainexample.com
The problem is, that inbound mailservers get a TLS warning, because the mailhostname does not match mail.companydomainexample.com, which is the domain with a valid SSL-Certificate pointing to the same server.
Wouldn't it make sense to change the default template to mail.companydomainexample.com since it is the same machine anyway?
I am having some problems with the inbound smtp sockets, we are receiving a constant attack from spammers, and they are taking all the sockets we have open for our users. We have enable SPF, greylisting, inbound control access through authentication, relay access with authentication also. but after some weeks we are on the same situation yet. We have spam assasin also installed as power pack from plesk, and we have add DSN black list from b.barracudacentral.org, bl.mailspike.net and bl.spamcop.net but we still suffer from this problem.
We have also try to increase the socket assigned to 200 and after some minutes they used all again and the CPU change increase up to 25% of the total capacity.
I ran the script in KB article 123160  to disable SSLv3 and avoid the POODLE vulnerability, but I recently discovered that this has caused all inbound emails to bounce. The bounce message says, "TLS Negotiation failed."
Could you guys look and see if what I am seeing is right? They offer Global Crossing and Cogent officially. So if I use GLBX looking glass, I get this.
Trying trace from node 'Miami, FL, US' to '96.31.73.xxx' 1 220.127.116.11 (18.104.22.168) 0.761 ms 0.608 ms 2 so0-0-0-2488M.ar2.TPA1.gblx.net (22.214.171.124) 5.690 ms 5.695 ms 3 WBS-CONNECT-LLC.ae0.409.ar2.TPA1.gblx.net (126.96.36.199) 5.731 ms 5.880 ms 4 188.8.131.52 (184.108.40.206) 7.442 ms 6.667 ms 5 node1.sarorahosting.com (220.127.116.11) 15.734 ms 15.993 ms 6 96.31.73.xxx (96.31.73.xxx) 15.861 ms 15.795 ms
Now if I tracert from the VPS to the GLBX router, I get this.
traceroute to 18.104.22.168 (22.214.171.124), 30 hops max, 40 byte packets 1 node1.sarorahosting.com (126.96.36.199) 0.072 ms 0.035 ms 0.008 ms 2 188.8.131.52 (184.108.40.206) 0.731 ms 0.863 ms 1.003 ms 3 gi0-6.na21.b001841-0.tpa01.atlas.cogentco.com (220.127.116.11) 1.147 ms 1.142 ms 1.428 ms 4 gi4-1.core01.tpa01.atlas.cogentco.com (18.104.22.168) 0.818 ms 0.814 ms 0.807 ms 5 po2-0.core01.mco01.atlas.cogentco.com (22.214.171.124) 148.004 ms * * 6 po5-0.core01.jax01.atlas.cogentco.com (126.96.36.199) 5.847 ms 5.839 ms 5.872 ms 7 po5-0.core01.atl01.atlas.cogentco.com (188.8.131.52) 11.953 ms 23.819 ms 23.870 ms 8 te3-3.ccr01.atl01.atlas.cogentco.com (184.108.40.206) 11.721 ms 11.752 ms 11.787 ms 9 te8-2.mpd01.atl04.atlas.cogentco.com (220.127.116.11) 11.962 ms 11.921 ms 11.987 ms 10 ge4-1-0-390-1000M.ar4.ATL1.gblx.net (18.104.22.168) 12.252 ms 12.359 ms 12.444 ms 11 22.214.171.124 (126.96.36.199) 16.026 ms 16.061 ms 16.594 ms
I have an interesting situation on my CentOS 4 server. I have a number of virtual adapters (e.g. eth0:1, eth0:2 etc), and for some reason all outbound traffic is going through one of these, not eth0. If I go to ipchicken.com, it shows the ipaddress of a virtual adapter, not the normal eth0 adapter.
I have been looking around for information on how to set the default adapter to eth0, but I can't seem to find anything. I can't reboot yet, as it's a production server, so I have to wait for 'scheduled maintenance'. If that's the solution, I can try it, but I am sure there is another underlying issue/routine here.
Is there a way, while live, to set the outbound adapter back to eth0?
Please note, that I have only just realized this has happened. In fact, it has been this way since November. I can tell because server name stamps on Email messages sent from this server indicate a virtual domain at that IP address. I recall I had done some work around that time, which had involved me ifup'ing and ifdown'ing some of these adapters (but not eth0, or the eth0:100 adapter (if I recall correctly) that is now the default).
Also note that I have groups of eth0 adapters, such like: eth0:1 eth0:2 eth0:3 eth0:100 eth0:101 eth0:102
It's the eth0:100 adapter that is now the default.
It appears Comcast is now blocking port 25. As a result, I can't sent outbound email via my dedicated server. They had me change to port 587 for my comast email account, but that doesn't solve my not being able to send outbound from my dedicated server.
Is there anythighn I can do (like change the post my mail server uses to 587) so that I can send outbound mail from my server with outlook (over Comcast connection) or am I just stuck now with using web mail?
i have installed a new mail server i.e. SmarterMail, and from past few days i have devoted much time to find "How to create Out Bound rules in Smarter Mail?" but unfortunately i ended up with no solution, hence here i am seeking help from all the member of WHT for my two questions:
1) Can we create an out bound rule in smartermail?
I'm not sure if this is the right place to be posting this, but at our hotel, we have wireless routers (Linksys) that any of our clients can use to connect their laptops to the internet. We have been getting reports from our ISP that spam has been coming from our external IP address, so I wanted to know what people would recommend as ways to combat either our computers or any of our clients' computers from sending out spam. The internet is connected through a firewall/server computer running linux. I thought about blocking port 25, but I'm sure we would have clients complaining about not being able to send any mail.
I tried a little searching both in Google and on here but this is probably going to be a private or member-based thing anyway.
I've gotten a couple comments that some of my outbound personal mail is ending up in spam folders. I think it's almost completely limited to having Outlook (or Express?) as a client... which I assume doesn't even do network-based lookups. Nonetheless I don't seem to be on any blacklists, and running it through my own spamassassin filter comes up basically zero score. But the fact that more than one person has had the problem concerns me greatly. Also, I haven't seen any significant reason why the content itself would trigger anything.
I realize a public spam test service would basically be a "testing ground" for spammers to evade detection, but there's obviously legitimate uses as well... is there such a tool somewhere? Thanks for any advice. Public information sharing is key to a forum, but PMs are welcome in this case.