Linux - Server This forum is for the discussion of Linux Software used in a server related context. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
06-20-2011, 05:42 AM
|
#1
|
LQ Newbie
Registered: Aug 2010
Posts: 3
Rep:
|
Linux mail server issues
Hi all,
I have a Linux mail server (Fedora). This server was set up long before i joined this organization. Now I have these issues I would request assistance:
1. I am not able to access the Graphical User Interface(gui) on this machine. Startx does not work. I have also tried using combination keys alt+ctrl+f...keys but no progress. As a result am not bale to do some tasks.
2. The clamav that is on the machine has since become outdated. Efforts to update it to latest versions have failed. How do i get to update clamav and protect my system?
3. Because of not being able to access the gui as well as the inability to update clamav have led to my server apparently sending spam mail which in turn have led to my public ip being black listed in a number of sites. Now how can i secure this server so that it stops sending the spam mail and hence avoid future blacklisting? (NB am using postfix and the server sits behind a router which connects to the Internet)
4. I have observed that the server has some iptables rules set but everytime the server restarts the rules stop. I have to manually restart them again to run. How do I sort this?
Kindly assist on this
REGARDS
|
|
|
06-20-2011, 11:10 AM
|
#2
|
LQ Guru
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 27,491
|
Quote:
Originally Posted by alobi
Hi all,
I have a Linux mail server (Fedora). This server was set up long before i joined this organization. Now I have these issues I would request assistance:
1. I am not able to access the Graphical User Interface(gui) on this machine. Startx does not work. I have also tried using combination keys alt+ctrl+f...keys but no progress. As a result am not bale to do some tasks.
|
Sorry, but that's wrong. You can do any server-management tasks through the command line. That said, we can help you get the GUI going, but you have to provide some actual DETAILS. Things like version of Fedora, what exactly you mean by "does not work", what error(s) you see, etc. Have you tried to follow any of the guides you can find via Google, on setting up X? Have you tried logging in as root, and typing in "init 5" (warning: may reboot your server..don't do it unless you're ready for a restart)
Quote:
2. The clamav that is on the machine has since become outdated. Efforts to update it to latest versions have failed. How do i get to update clamav and protect my system?
|
Again, DETAILS. HOW did it fail? What did you do/try? And again, did you try to look this up?
http://www.clamav.net/lang/en/
Documentation, updates, and notes are all on their website
Quote:
3. Because of not being able to access the gui as well as the inability to update clamav have led to my server apparently sending spam mail which in turn have led to my public ip being black listed in a number of sites. Now how can i secure this server so that it stops sending the spam mail and hence avoid future blacklisting? (NB am using postfix and the server sits behind a router which connects to the Internet)
|
Again, DETAILS. What are you seeing in your log files? What have you done/tried? Again, a quick Google search for "hardening postfix server" turns up:
http://www.scalix.com/wiki/index.php...dening_postfix
http://www.postfix.org/docs.html
Quote:
4. I have observed that the server has some iptables rules set but everytime the server restarts the rules stop. I have to manually restart them again to run. How do I sort this?
|
As root, try "chkconfig iptables on", or "chkconfig iptables 3,5"
|
|
|
06-20-2011, 08:48 PM
|
#3
|
LQ Guru
Registered: Aug 2004
Location: Sydney
Distribution: Rocky 9.2
Posts: 18,426
|
Expanding on the good advice above, to get the version try
Code:
cat /etc/*release*
uname -a
You shouldn't really be using Fedora for a job like this, as each version only lasts about 13mths. I strongly suspect you'll find it's out of date, which would explain the inability to get updates.
Also, if it's been setup as a server, then the installer probably didn't install the GUI, which would explain why startx doesn't work, although we'd need to see the exact error msgs.
You may find this manual useful even though it's RHEL rather than Fedora per se http://www.linuxtopia.org/online_boo...ion/index.html.
If the system is obsolete, you'll have to replace it to fix it, in which case have a look at Centos (free version of RHEL).
|
|
1 members found this post helpful.
|
06-21-2011, 05:35 AM
|
#4
|
Senior Member
Registered: Jul 2007
Distribution: Gentoo
Posts: 2,125
|
Quote:
Because of not being able to access the gui as well as the inability to update clamav have led to my server apparently sending spam mail which in turn have led to my public ip being black listed in a number of sites. Now how can i secure this server so that it stops sending the spam mail and hence avoid future blacklisting?
|
This sounds like the system may have been compromised. While it is not normally recommended to simply wipe and re-install as a correction to an even potentially compromised host without investigation beforehand, given your situation and the other issues it might be the easiest way to go. It might be prudent, however, to at least determine if it is a particular user, or users, account(s) are responsible for the SPAM and take extra precautions with them.
It is not atypical to not install a GUI on a server application. As others have pointed out, it is not necessary. In fact, some schools of thought say that it is a liability and that it consumes unnecessary resources. In my experience, in order to set up a server you are going to have to work with many configuration files directly anyway so using a GUI isn't going to solve your problems, only get you 70% of the way.
|
|
|
06-21-2011, 07:21 AM
|
#5
|
Member
Registered: Mar 2008
Location: Namibia, Swakopmund
Distribution: Redhat, Fedora, Centos, ClearOS, Mandrake
Posts: 151
Rep:
|
Quote:
Originally Posted by alobi
Hi all,
I have a Linux mail server (Fedora). This server was set up long before i joined this organization. Now I have these issues I would request assistance:
1. I am not able to access the Graphical User Interface(gui) on this machine. Startx does not work. I have also tried using combination keys alt+ctrl+f...keys but no progress. As a result am not bale to do some tasks.
2. The clamav that is on the machine has since become outdated. Efforts to update it to latest versions have failed. How do i get to update clamav and protect my system?
3. Because of not being able to access the gui as well as the inability to update clamav have led to my server apparently sending spam mail which in turn have led to my public ip being black listed in a number of sites. Now how can i secure this server so that it stops sending the spam mail and hence avoid future blacklisting? (NB am using postfix and the server sits behind a router which connects to the Internet)
4. I have observed that the server has some iptables rules set but everytime the server restarts the rules stop. I have to manually restart them again to run. How do I sort this?
Kindly assist on this
REGARDS
|
Howzit buddy
Like the guys said, assist us with some more info please, do the following if you want help
1.) cat /etc/redhat-release
2.) rpm -qa | grep -i postfix
3.) iptables -L -n
4.) runlevel
You said that once the server restarts, the firewall rules are gone, do you have a script file you execute each time then to put the rules back ?
If so, check what is the runlevel of your server, and if it says 3, then automatically activate your iptables rule startup script by doing
move your script file to /etc/rc.d/init.d/
Then go to directory
/etc/rc.d/rc3.d
Then type command
ln -s S95Firewall ../init.d/FILENAME
Also, I bet you when you type the command runlevel you will see why startx is not working, it was never installed maybe 
|
|
0 members found this post helpful.
|
06-21-2011, 01:54 PM
|
#6
|
LQ Guru
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 27,491
|
Quote:
Originally Posted by linuxgurusa
Howzit buddy
Like the guys said, assist us with some more info please, do the following if you want help
1.) cat /etc/redhat-release
|
Not needed, since the OP is using Fedora
Quote:
2.) rpm -qa | grep -i postfix
|
Marginally important, depending on the age of the server. Postfix rules/config haven't changed much, so spam filtering/securing won't have changed
A very dangerous thing to post ANYWHERE...why should the OP post their firewall rules, exactly?
Obviously runlevel 3, since the OP doesn't have a GUI.
Quote:
You said that once the server restarts, the firewall rules are gone, do you have a script file you execute each time then to put the rules back ?
If so, check what is the runlevel of your server, and if it says 3, then automatically activate your iptables rule startup script by doing
move your script file to /etc/rc.d/init.d/
Then go to directory
/etc/rc.d/rc3.d
Then type command
ln -s S95Firewall ../init.d/FILENAME
|
...or just type in "chkconfig iptables on" or "3,5" as stated before. No need for the copying/linking/etc.
Quote:
Also, I bet you when you type the command runlevel you will see why startx is not working, it was never installed maybe
|
..which is what chrism01 posted before.
|
|
1 members found this post helpful.
|
06-22-2011, 05:07 AM
|
#7
|
LQ Newbie
Registered: Aug 2010
Posts: 3
Original Poster
Rep:
|
linux-mail-server-issues-followup
Thanks for the replies guys.
This is the additional information that you required:
1)rpm -qa | grep -i postfix
postfix-2.2.3-2.pcre.pgsql.mysql.sas12.ipv6.fc4
2) runlevel 3
3) startx
comand not found
4)whe i type init 5
starting pcmcia
starting RPC idmapd
starting lm_sensors
(the machine then just stays here for a long time...like it stayed so for an hour hence i had to restart the machine)
5) cat /etc/*release*
Fedora Core Release 4(Stentz)
LSB_Version= "1.3"
6) uname -a
Linux <servername> <domain.com> 2.6.17....
#1 smp fri june .....
I will post additional info as rtequired. Thanks
|
|
|
06-22-2011, 05:31 AM
|
#8
|
Senior Member
Registered: Jul 2007
Distribution: Gentoo
Posts: 2,125
|
According to http://fedoraproject.org/wiki/Releases, there are something like 12 Fedora releases beyond this and it is WAY down in the old, unsupported list.
Linux Kernel 2.6.17.anything goes back to year 2006 ( link).
This system is severely outdated AND you have said that it is a spam zombie. Why are you even messing around with this?
Wipe the thing out, bring it up to date, recreate all the users and make them choose NEW, STRONG passwords. While you are at it, take steps to properly secure the server, especially services like SSH. Add a HIDS at least to monitor your logs and alert you to things going on.
And if you are going to run a server, learn to use the command line. Relying on a GUI interface is ultimately going to limit your ability to manage the system effectively.
|
|
1 members found this post helpful.
|
06-22-2011, 08:22 AM
|
#9
|
LQ Guru
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 27,491
|
Quote:
Originally Posted by Noway2
According to http://fedoraproject.org/wiki/Releases, there are something like 12 Fedora releases beyond this and it is WAY down in the old, unsupported list.
Linux Kernel 2.6.17.anything goes back to year 2006 ( link).
This system is severely outdated AND you have said that it is a spam zombie. Why are you even messing around with this?
Wipe the thing out, bring it up to date, recreate all the users and make them choose NEW, STRONG passwords. While you are at it, take steps to properly secure the server, especially services like SSH. Add a HIDS at least to monitor your logs and alert you to things going on.
And if you are going to run a server, learn to use the command line. Relying on a GUI interface is ultimately going to limit your ability to manage the system effectively.
|
Well said.
And to add to this, I'd strongly suspect the hardware itself is old and outdated. A new machine would probably be in order as well.
|
|
|
All times are GMT -5. The time now is 02:12 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|