[WayBack] flush deferred messages in mail queue – SysAdmin Tips
In Exim:
# exim -qffIn Postfix:
# postfix flushIn Sendmail:
# sendmail -OTimeout.hoststatus=0m -q -v
–jeroen
Archive for the ‘*nix’ Category
flush deferred messages in mail queue – SysAdmin Tips
Posted by jpluimers on 2021/03/19
Posted in *nix, *nix-tools, exim mail, postfix, Power User, sendmail | Leave a Comment »
Inspecting Postfix’s email queue – Tech-G
Posted by jpluimers on 2021/03/08
[WayBack] Inspecting Postfix’s email queue – Tech-G:
mailqor
postqueue -p
then
postcat -vq XXXXXXXXXX
Process (flush) the queue:
postqueue -fOR
postfix flush
Viewing which senders/receivers are in the queue most:
Rate limiting: [WayBack] Postfix Configuration Parameters: default_destination_rate_delay
–jeroen
Share this:
Posted in *nix, *nix-tools, postfix, Power User | Leave a Comment »
Postfix TLS Support
Posted by jpluimers on 2021/02/25
For my link archive:
- [WayBack] Postfix TLS Support
Topics covered in this section:
- Server-side certificate and private key configuration
- Server-side forward-secrecy configuration
- Server-side TLS activity logging
- Enabling TLS in the Postfix SMTP server
- Client certificate verification
- Supporting AUTH over TLS only
- Server-side TLS session cache
- Server access control
- Server-side cipher controls
- Miscellaneous server controls
- [WayBack] Adding TLS support to Postfix
- [WayBack] How to secure Postfix using Let’s Encrypt – UpCloud
- [WayBack] How to configure TLS encryption in Postfix – Zurgl (adding it to an existing Postfix configuration)
- [WayBack] enforce TLS on incoming mail in postfix – Server Fault
- [WayBack] Postfix and TLS encryption
In this post I will show how I setup a smtp server running Postfix with TLS encryption and with the correct cyphers. So that email between smtp servers where possible is using strong email encryption.
–jeroen
Share this:
Posted in *nix, *nix-tools, Communications Development, Development, Internet protocol suite, postfix, Power User, SMTP | Leave a Comment »
showthedocs
Posted by jpluimers on 2021/02/18
is a documentation browser that finds the relevant docs for your code. It works by parsing the code and connecting parts of it to their explanation in the docs
, and supports these languages:
- SQL
- postgresql
- mysql
- Configuration
- nginx
- gitconfig
You can enter any language text, then click the language, followed by clicking the “SHOW ME THE DOCS!” button, for which an example is further below.
The site has an open architecture, allowing to plug in more languages and documentation:
- [WayBack] showthedocs – how to contribute, with examples on the current structure:
- [WayBack] add support for git config files · idank/showthedocs@14bcc72 · GitHub: Docs scraped off git-scm.com. Parser is built with pyparsing.
- [WayBack] showthedocs/ast.py at master · idank/showthedocs · GitHub
- [WayBack] showthedocs/common.py at master · idank/showthedocs · GitHub: Context
- [WayBack] showthedocs/common.py at master · idank/showthedocs · GitHub: lexer import
- [WayBack] showthedocs/nginx.py at master · idank/showthedocs · GitHub
- [WayBack] showthedocs/getdocs at master · idank/showthedocs · GitHub
- [WayBack] showthedocs – about
- [WayBack] GitHub – idank/showthedocs
gitconfig example
So for instance the below ./git/config file leads to this result [WayBack] where you can click on all the coloured areas for easy navigation through the documentation:
Share this:
Posted in *nix, *nix-tools, Database Development, Development, DVCS - Distributed Version Control, git, MySQL, nginx, PostgreSQL, Power User, Software Development | Leave a Comment »
explainshell.com: parse and explain just about any shell command
Posted by jpluimers on 2021/02/17
I bumped into the tremendously site [WayBack] explainshell.com – match command-line arguments to their help text only after documenting the relevant cURL options of yesterdays post on checking your CertBot domain expiration dates.
The site allows put in a shell command-line to see the help text that, including matches for each argument.
It works so well because it parses both the shell command-line and the man pages, then constructs a web-page linking the relevant man page content to the shell command-line in the correct shell command-line order.
The
explainshellhas a counterpart showthedocs (both are open source) for explaining other languages (on the one hand more extended as it goes much deeper into parsing for instance SQL, on the other hand more limited as it only supports a few languages). More onshowthedocslater.
The links
- [WayBack] explainshell.com – about.
- [WayBack] GitHub – idank/explainshell: match command-line arguments to their help text
The parsing results
The first bit below is just the text output, and the second bit the screenshot, of a relatively simple command like [WayBack] explainshell.com – curl -fsSL example.org:
-f, --fail (HTTP) Fail silently (no output at all) on server errors. This is mostly done to better enable scripts etc to better deal with failed attempts. In normal cases when a HTTP server fails to deliver a document, it returns an HTML document stating so (which often also describes why and more). This flag will prevent curl from outputting that and return error 22. This method is not fail-safe and there are occasions where non-successful response codes will slip through, especially when authentication is involved (response codes 401 and 407).-s, --silent Silent or quiet mode. Don't show progress meter or error messages. Makes Curl mute.-S, --show-error When used with -s it makes curl show an error message if it fails.-L, --location (HTTP/HTTPS) If the server reports that the requested page has moved to a different location (indicated with a Location: header and a 3XX response code), this option will make curl redo the request on the new place. If used together with -i, --include or -I, --head, headers from all requested pages will be shown. When authentication is used, curl only sends its credentials to the initial host. If a redirect takes curl to a different host, it won't be able to intercept the user+password. See also --location-trusted on how to change this. You can limit the amount of redirects to follow by using the --max-redirs option. When curl follows a redirect and the request is not a plain GET (for example POST or PUT), it will do the following request with a GET if the HTTP response was 301, 302, or 303. If the response code was any other 3xx code, curl will re-send the following request using the same unmodified method.source manpages: curl
The screenshot is even more impressive:
Share this:
Posted in *nix, *nix-tools, bash, bash, Development, Power User, Scripting, Software Development | Leave a Comment »
🔎Julia Evans🔍 on Twitter: “ngrep: grep your network!… “
Posted by jpluimers on 2021/02/16
[WayBack] 🔎Julia Evans🔍 on Twitter: “ngrep: grep your network!… “
So this taught me a new tool and other new things:
Share this:
Posted in *nix, *nix-tools, Communications Development, Development, Internet protocol suite, Power User, Software Development, Wireshark | Leave a Comment »
🔎Julia Evans🔍 on Twitter: “ethtool… “
Posted by jpluimers on 2021/02/08
[WayBack] 🔎Julia Evans🔍 on Twitter: “ethtool… “
With a lot of responses, including:
- [WayBack] Ankit Timbadia on Twitter: “Can someone explain – – show-offload / – – offload Never heard of this… “
- [WayBack] Jason Clarke on Twitter: “Here you go…… “
–jeroen
Share this:
Posted in *nix, *nix-tools, Network-and-equipment, Power User | Leave a Comment »
bash – How to get the primary IP address of the local machine on Linux and OS X? – Stack Overflow
Posted by jpluimers on 2021/02/05
[WayBack] bash – How to get the primary IP address of the local machine on Linux and OS X? – Stack Overflow (thanks [WayBack] Collin Anderson!):
I tried on OS X 10.13.6 (macOS High Sierra) and these two work fine:
ip route get 1 | awk '{print $NF;exit}'
and
ip route get 8.8.8.8 | head -1 | cut -d' ' -f8
The first one needs the $ back-slash escaped as bash alias; the second does not need that.
Related:
- [WayBack] scripts/internalip.md at master · rsp/scripts · GitHub
- [WayBack] internalip
- [WayBack] GitHub – rsp/scripts: Random shell scripts for different tasks
- [WayBack] Get Started | Public DNS | Google Developers
- [WayBack] linux – How can I get my external IP address in a shell script? – Unix & Linux Stack Exchange
- [WayBack] networking – How do I find my internal ip address? – Ask Ubuntu
–jeroen
Share this:
Posted in *nix, *nix-tools, Apple, bash, Mac OS X / OS X / MacOS, macOS 10.13 High Sierra, Power User | Leave a Comment »
Thread by @b0rk: “nmap i haven’t used nmap much except to scan my home network for fun so if i missed something really important i’d love to know! […]”
Posted by jpluimers on 2021/02/05
[WayBack] Thread by @b0rk: “nmap i haven’t used nmap much except to scan my home network for fun so if i missed something really important i’d love to know! […]”
i haven’t used nmap much except to scan my home network for fun so if i missed something really important i’d love to know!also i need to find space in there somewhere for “if you don’t run nmap as root it can’t send icmp (ping) packets, it’s better to run nmap as root”
also be careful when nmapping in a network you don’t administer! it’s a popular hacking tool so using nmap is often discouraged / banned. i made all of the examples in this comic “
nmap scanme.nmap.org” and “nmap your home network” for a reason :)
There are are quite a few interesting comments on the thread:
- [WayBack] infosec pigeon on Twitter: “Just go nuts… nmap -Pn -sV –script vulners 10.0.0.0/24 -p-… “
- [WayBack] Josef Schugt on Twitter: “There also is a nice Android app for the same purpose that is GPL 3.0. It is called “Port Authority” https://f-droid.org/en/packages/com.aaronjwood.portauthority/ … – comes in handy to find the Raspberry Pis on the network using MAC address vendor identification 😍”
- [WayBack] Port Authority | F-Droid – Free and Open Source Android App Repository
- [WayBack] GitHub – aaronjwood/PortAuthority: A handy systems and security-focused tool, Port Authority is a very fast Android port scanner. Port Authority also allows you to quickly discover hosts on your network and will display useful network information about your device and other hosts.
- [WayBack] Port Authority – LAN Host Discovery & Port Scanner – Apps on Google Play
- [WayBack] jJ on Twitter: “Remote Root Exploit – Carrie-Anne Moss in “Matrix Reloaded” (2003) youtu.be/94F5S75ybSI via @YouTube… “
And it taught me about scanme.nmap.org: [WayBack] Go ahead and ScanMe!
Hello, and welcome to Scanme.Nmap.Org, a service provided by the Nmap Security Scanner Project and Insecure.Org.
We set up this machine to help folks learn about Nmap and also to test and make sure that their Nmap installation (or Internet connection) is working properly. You are authorized to scan this machine with Nmap or other port scanners. Try not to hammer on the server too hard. A few scans in a day is fine, but dont scan 100 times a day or use this site to test your ssh brute-force password cracking tool.
Thanks
–Fyodor
–jeroen
Share this:
Posted in *nix, *nix-tools, nmap, Power User | Leave a Comment »
Thread by @b0rk: “this poster is like a SUPER EXTRA COMPRESSED version of the “Bite Size Networking” zine […]”
Posted by jpluimers on 2021/02/01
[WayBack] Thread by @b0rk: “this poster is like a SUPER EXTRA COMPRESSED version of the “Bite Size Networking” zine I’m working on: the goal of that zine is to teach yo […]”
- [WayBack] 🔎Julia Evans🔍 on Twitter: “this poster is like a SUPER EXTRA COMPRESSED version of the “Bite Size Networking” zine I’m working on: the goal of that zine is to teach you the basics of lots of useful tools quickly ❤”
- [WayBack] 🔎Julia Evans🔍 on Twitter: “every linux networking tool I know (PDF poster: … “
- [WayBack] Thread Reader: every linux networking tool I know (PDF poster: wizardzines.com/networking-too…)
Related:
Share this:
Posted in *nix, *nix-tools, Power User | Leave a Comment »
The Wiert Corner - irregular stream of stuff 
Try with:
– qshape
More specific:
–
qshape -s deferred | head ===> deferred mails based on SENDER–
qshape deferred | head ===> deferred mails based on RECEIVER