HowTo: Fix Postgrey not working after upgrading from an older version of Ubuntu to a newer version.
Scenario: You’ve got some Postfix mail servers running with Postgrey for anti-spam greylisting. They’re all using older versions of Ubuntu such as 10.04 LTS. You’ve decided that it’s time to upgrade them to the next LTS, Ubuntu 12.04.
You do the upgrade and it goes without a hitch. You restart the server, everything looks good, until you start seeing this message in your server’s mail log:
Jan 23 21:17:58 mymailserver postfix/smtpd[7976]: connect from somecompany.com[100.200.300.400] Jan 23 21:17:59 mymailserver postfix/smtpd[7976]: warning: connect to 127.0.0.1:10023: Connection refused Jan 23 21:17:59 mymailserver postfix/smtpd[7976]: warning: problem talking to server 127.0.0.1:10023: Connection refused Jan 23 21:18:00 mymailserver postfix/smtpd[7976]: warning: connect to 127.0.0.1:10023: Connection refused Jan 23 21:18:00 mymailserver postfix/smtpd[7976]: warning: problem talking to server 127.0.0.1:10023: Connection refused Jan 23 21:18:00 mymailserver postfix/smtpd[7976]: NOQUEUE: reject: RCPT from somecompany.com[100.200.300.400]: 451 4.3.5 Server configuration problem; from=<m-1wu7GywwdBK9XOl40cdonjrOvQVbXrSQjrNIttfwaHqBuxTEiR4njb_ n@bounce.somecompany.com> to=<myrecipient@mycompany.com> proto=ESMTP helo=<mail.somecompany.com> Jan 23 21:18:05 mymailserver postfix/smtpd[7976]: disconnect from somecompany.com[100.200.300.400] Jan 23 21:18:10 mymailserver postfix/smtpd[7955]: connect from unknown[200.300.400.500] Jan 23 21:18:11 mymailserver postfix/smtpd[7955]: warning: connect to 127.0.0.1:10023: Connection refused Jan 23 21:18:11 mymailserver postfix/smtpd[7955]: warning: problem talking to server 127.0.0.1:10023: Connection refused Jan 23 21:18:12 mymailserver postfix/smtpd[7955]: warning: connect to 127.0.0.1:10023: Connection refused Jan 23 21:18:12 mymailserver postfix/smtpd[7955]: warning: problem talking to server 127.0.0.1:10023: Connection refused Jan 23 21:18:12 mymailserver postfix/smtpd[7955]: NOQUEUE: reject: RCPT from unknown[200.300.400.500]: 451 4.3.5 Server configuration problem; from=<someone@anothercompany.com> to=<myrecipient@mycompany.com> proto=ESMTP helo=<m ail.anothercompany.com> Jan 23 21:18:12 mymailserver postfix/smtpd[7955]: disconnect from unknown[200.300.400.500] Jan 23 21:18:17 mymailserver postfix/smtpd[7976]: connect from mta.ilikecheese.com[300.400.500.600] Jan 23 21:18:18 mymailserver postfix/smtpd[7976]: warning: connect to 127.0.0.1:10023: Connection refused Jan 23 21:18:18 mymailserver postfix/smtpd[7976]: warning: problem talking to server 127.0.0.1:10023: Connection refused Jan 23 21:18:19 mymailserver postfix/smtpd[7976]: warning: connect to 127.0.0.1:10023: Connection refused Jan 23 21:18:19 mymailserver postfix/smtpd[7976]: warning: problem talking to server 127.0.0.1:10023: Connection refused Jan 23 21:18:19 mymailserver postfix/smtpd[7976]: NOQUEUE: reject: RCPT from mta.ilikecheese.com[300.400.500.600]: 451 4.3.5 Server configuration problem; from=<someone@thatcompany.com> to=<myrecipient@mycompany.com> pro to=ESMTP helo=<MTA.thatcompany.com> Jan 23 21:18:20 mymailserver postfix/smtpd[7976]: disconnect from mta.thatcompany.com[300.400.500.600]
You almost have a heart attack – every single email is bouncing back and it’s clear that it’s something to do with your upgrade. What went wrong? The errors refer to a configuration issue, but you didn’t change any of the configuration in your upgrade!
Closer inspection reveals that for some reason, Postfix is unable pass messages onto Postgrey which is a local service running on port 10023 by default on Ubuntu systems. If you try telnetting to port 10023 on 127.0.0.1 , you also get a “connection refused” error. So what’s happened?
The answer is that somewhere between Ubuntu 10.04 and Ubuntu 12.04, Postgrey changed the protocol it binds on. It now binds to IPv6 instead of IPv4 so we need to make some minor changes to Postfix’s configuration to get Postgrey working again.
- First up, we need to stop mail being bounced. It’s better to have sending servers pool up mail a little and then send it all through at once later, so at a Terminal prompt on your server, type in:
$ sudo service postfix stop - Now we need to edit Postfix’s configuration file:
$ sudo nano /etc/postfix/main.cf - Scroll down until you can see the line inside the “smtp_recipient_restrictions” section that directs Postfix to send mail to Postgrey for checking (or use CTRL+W to search for it), which looks like this:
check_policy_service inet:127.0.0.1:10023, - And now modify that line to look like the following. This will make Postfix pass on the mail to Postgrey using IPv6 instead of IPv4:
check_policy_service inet:::1:10023, - Now on a new line outside of the “smtp_recipient_restrictions” section, add the following line:
inet_protocols=all - Save your changes by pressing CTRL+X, then “Y” and then Enter.
. - Now we can restart Postfix with:
$ sudo service postfix restart - Now start tailing your log with the “follow” parameter using the following command:
$ tail -f /var/log/mail.log - Now send a test email and watch what new information appears in the terminal log. This time the mail should be successfully received and processed as normal.
. - Pat yourself on the back and breath a sigh of relief.
HowTo: Fix networking not working after installing Ubuntu Desktop from a PXE-booted Live Environment
Scenario: You’ve setup a PXE server. You’ve setup an Ubuntu Live CD to boot over your network via PXE. Everything works well.
You then decide to install a fresh Ubuntu Desktop installation from your PXE-booted environment. All goes well. The install finishes and your system reboots.
When the system comes up, you discover that there’s no network connections. Ethernet doesn’t work, but wifi probably is working OK, or you can’t get wifi working yet because you need to install a closed-source driver for it. You check the Network Manager and find that there is no automatically defined ethernet connection such as “Auto eth0″. What’s the go?
Here’s how to fix it.
HowTo: Fix slow password prompting when doing SSH logins
You may notice on some systems you build that when you SSH into them, there seems to be a long delay before the system prompts you for your password. In a time-sensitive situation, this gets real frustrating, real fast.
Here’s how to fix it.
HowTo: Create a Diskless workstation that boots from PXE using Ubuntu
Diskless booting is where a PC starts up purely from a network connection. It does not have a physical hard-drive in it to start from in the traditional manner.
Why would you want to do this? Well, say for example you have a MythTV Frontend PC. For the most part, most Frontends are dedicated PC’s connected to a TV or projector that are not used for any other purpose, so technically there is really no need to have a hard-drive inside one as nothing new will ever be stored (all the media is streamed from the Backend server). There’s also the added bonus of less noise by not having a hard-drive installed.
Another good example of using a Diskless boot environment is for performing offline virus scans of Windows based PC’s in a safe environment that is not Windows, using tools like ClamAV. In a corporate environment, having a “normal” installation makes it easier to setup default settings that normally don’t suit booting up from an Ubuntu Live CD, such as corporate Proxy settings. Making a Diskless Boot setup is far easier than creating a customised Live CD in this instance.
So how exactly do you create a diskless booting PC?
HowTo: Automatically determine your public IP address and email it periodically
Let’s say you are running a poor man’s website where you are just testing stuff but have no real intention of buying a domain name or paying your ISP to give you a static IP address.
If you want to access your test site remotely, you need to know your public IP address, however your home ISP gives you a dynamic public IP address and every time you have a power failure, or reboot your router, you are assigned a brand new public IP address. This makes it very annoying if you are testing your site remotely.
Sure, you could use a Dynamic DNS service to keep track of when your public IP address changes, but what if you have a paranoid client who does not want to use even Dynamic DNS? How do you keep track of your new public IP without having to get to your internal network to read it each time?
What you need is a way to be able to have the system send you an email with your current public IP address so that there is no guess work involved. But how do we do this?
HowTo: Monitor the progress of dd.
The dd command is a tool used to pipe data in from a source to a destination. It has a multitude of uses ranging from creating large dummy files of a specific size to duplicating hard-drives sector by sector to another disk or to a backup file. It’s also useful for fixing problems with hard-drives that Windows refuses to deal with.
But we’re not looking at the virtues of dd here. We’re looking at its annoyances and dd has one particularly glaring annoyance – a lack of display of progress. You could tell dd to start imaging your multi-terabyte hard-drive and not have any indication of how far it has gone – you just have to wait until it finishes. The dd command only outputs some information right at the very end of its job, which could well be several hours later. The only indicator that you have that something is happening is your hard-drive light madly flashing away.
Luckily while dd doesn’t show progress during its tasks, it can be prodded externally to give up information about itself as it runs, and we can achieve that by using the kill command without actually killing the dd command’s execution.
HowTo: Configure an APC UPS to communicate with your Ubuntu Desktop or Server
It’s been a while since I’ve written something here, so time to break the drought.
APC make some great UPS products and they all have the ability to communicate with a host PC to advise of its state, eg: on mains, on battery, fault, etc. The support software is available aplenty for Windows and Mac, but what about Linux?
This guide will show you how to hook up an APC UPS to an Ubuntu-based Desktop or Server PC and allow your UPS to email you when mains power has failed, when mains power has been restored, and also give your PC ample opportunity to shutdown when battery on the UPS gets to a critical low.
HowTo: Use lxbdplayer – the Open Source Blu-Ray Disc player for Linux
Yes, you read that right – there is finally an Open Source Blu-Ray Disc player GUI for Linux, albeit unofficial and certainly very grey in legality depending on which country you are in.
lxbdplayer is the collaborative effort of four French Engineering students. What they have written is basically a frontend that combines the apps DumpHD and AACSKeys which I have used in previous Blu-Ray articles into one easy to use GUI. Decrypted BD streams are then piped into MPlayer for playback.
The end result is that you can now watch your BD movies almost as simply as a regular video player without the need to go through the process of ripping them into an MKV file first, or chewing up loads of drive space.
HowTo: Get an Ubuntu Live CD to boot off a PXE server
Following my article about creating your own PXE network boot server, here is the first practical use you can put it to – taking the Ubuntu Live CD and turning it into a network-bootable version!
Network booting the Live CD has obvious advantages – aside from booting faster than CD (especially on a gigabit network), it is indispensable as an emergency boot medium in a workplace environment, especially for broken Windows systems, and allows for Ubuntu effortless installations on netbook PC’s that don’t have optical drives and saves you having to have a USB stick handy.
HowTo: Setup your own PXE Boot Server using Ubuntu Server
The Preboot eXecution Environment (PXE) provides a means of starting up a PC using a network adapter instead of the traditional method of hard-drive, USB flash stick, CD or floppy disk.
Why would you want to boot a PC from the network? Well, it opens the door to booting diskless workstations, eg: Internet Cafe PC’s, or if you regularly install tens or hundreds of PC’s, you can start the installer on all those machines at once without needing to have individual boot/install media for each machine. You can even use Linux PXE for starting Microsoft Windows network installers and tools.
This article is going to show you how to setup a standard Ubuntu 10.04 Lucid Lynx Server to respond to a PXE boot request and present a boot menu ONLY. I will put practical applications such as installing Ubuntu over the network or booting a Live CD over the network into separate future articles.
