SQUID FOR WINDOWS April 2020

error di event viewer

The description for Event ID 0 from source Cygwin cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.

dari sisi client, walaupun sudah diarahkan ke proxy, tp tidak bisa terhubung ke internet.

cache log awalnya seperti ini

#cache_dir aufs /cygdrive/d/squid/cache 3000 16 256 (default)

diubah menjadi ini cache_dir aufs /cygdrive/c/Squid/var/cache 10000 16 256 tapi masih error.

lalu diperbaiki menjadi ini.

cache_dir aufs /cygdrive/c/squidcache 10000 16 256

sebelumnya membuat folder squidcache  di drive C, lalu compile ulang dan restart

perintah lainnya.

squid.exe -N -d1

squid -z

squidclient.exe http.google.com

squid.exe restart
arp -a

 

EXIM MAIL SERVER PERINTAH DASAR

untuk melihat antrian email  = exim -bpc

melihat rincian antrian email = exim -bp | awk -F ” ” ‘{print $4}’ | sort | uniq -c | sort -n

 

orang beriman dan orang bertakwa

landasi kehiupan dengan beriman kepada allah, kalo iman sudah menjadi landasan kehidupan, maka allah akan memberikan kehidupan yg baik.

1. barang siapa yg beramal soleh dalam keadaan beriman, allah akan memberikan kehidupan yg baik.

melaksanankan perintah dan menjauhi larangan, jika sudah dilalui maka akan naik menjadi orang yg bertakwa

2. siapa yg bertawa pada allah, maka diberikan rizky dari arah yg tidak disangka2 dan allah akan memenuhi seluruh kebutuhan hidupnya.

kesimpulan,
1. orang beriman akan diberikan kehidupan yg baik
2. orang bertakwa akan diberikan kehidupan yg baik dan rizky dari arah yg tidak disangka-sangka

 

dengerin di point 2.03 – 2.25

4.20 – 4.56

OPENVPN ERROR KARENA PROTOCOL BEDA

ini yg menyebabkan opnvpn gak jalan, ternyata protokol yg berbeda antara modem dan konfigurasi server.conf dan modem

dalam modem protocol TCP

<vrtSrvEntry id=”2″ instanceId=”2″ state=”enable” name=”VNC” addr=”192.168.7.50″ protocol=”TCP” eStart=”1194″ eEnd=”1194″ iStart=”1194″ iEnd=”1194″ leaseDuration=”0″ remoteHost=”0.0.0.0″ iptschedid=”-1″/>

sedangkan konfigurasi UDP

jadi harus disamakan.

CentOS 7 disable Automatic Updates

CentOS 7.x

Although CentOS 6.x Instructions will work for CentOS 7.0, you could upgrade the installation process to be completely CentOS 7.0 compatible:

yum install yum-cron
systemctl disable yum-cron.service
systemctl stop yum-cron.service

.conf file (Configuration) located at: /etc/yum/yum-cron.conf AND /etc/yum/yum-cron-hourly.conf.

Note that in contrast to CentOS 6.x, by default yum-cron only download updates once a day and doesn’t apply them. change to:

apply_updates = yes

In /etc/yum/yum-cron.conf if you wish to. make note that you can now define hourly updates in the /etc/yum/yum-cron-hourly.conf file.

Hapus semua file secara otomatis di linux

mencari dan mengumpulan file *.thor lalu memindahkan file tersebut dengan nama file-jahat2.txt

#find / -name “*.thor” > file-jahat2.txt

lallu menghapus file tersebut secara sekaligus.

for f in `cat file-jahat2.txt`; do rm “$f” -rf; done

atau cara simple nya adalah menghapus secara otomatis semua file dengan extention locky dan thor disemua folder

find / -name “*.locky” -delete

find / -name “*.locky” -delete

Mendeteksi Identitas Spammer dari Email Queue

#mailq

9202D6A8A66 7810 Wed Feb 22 16:01:21xxxxxxxxxxxxxxxxx(host x.x.x.x[x.x.x.x] said: 451 Too many connections, http://x.x.x.x/osfaq.php?cid=2 (in reply to RCPT TO command))

yg harus dilakukan adalah mengecek message id tersebut dengan command postcat

#postcat /opt/zimbra/postfix/sbin/postcat /opt/zimbra/data/postfix/spool/deferred/1/128F5180EE9701

perlu diketahui, jika message id berawalan

1 = /opt/zimbra/data/postfix/spool/deferred/1/
2 = /opt/zimbra/data/postfix/spool/deferred/2/
3 = /opt/zimbra/data/postfix/spool/deferred/3/
.
.
.
9 = /opt/zimbra/data/postfix/spool/deferred/9/
dan seterusnya.

maka hasilnya terlihat, selanjutnya jika alamat email terlihat, maka lakukan disable / closed alamat email tersebut agar tidak melakukan broadcast

Track messages sent and received by a user zimbra

Mencari email history di zimba adalah sebagai berikut.

Penerima (-r = Recipient address)
#/opt/zimbra/libexec/zmmsgtrace -r penerima@email.com /var/log/maillog-20161226

Pengirim (-s = Sender address)
#/opt/zimbra/libexec/zmmsgtrace -s pegirim@email.com /var/log/maillog-20161226

menggunakan file gz

/opt/zimbra/libexec/zmmsgtrace -s pegirim@email.com zimbra.log-20170113.gz

-h (help)

regards

file new failed nt_status_unsuccessful status unsuccessful samba

file_new failed: NT_STATUS_UNSUCCESSFUL
file new failed nt_status_unsuccessful status unsuccessful samba

salah-satu error di samba FC 24,  jika di cek menggunakan maka terlihat spt dibawah ini bahwa yg di cetak tebal sudah 100%

[root@pdc2 ~]# df -i

Filesystem                 Inodes  IUsed     IFree IUse% Mounted on

devtmpfs                  1003748    494   1003254    1% /dev

tmpfs                     1006507     13   1006494    1% /dev/shm

tmpfs                     1006507    736   1005771    1% /run

tmpfs                     1006507     16   1006491    1% /sys/fs/cgroup

/dev/mapper/fedora-root    655360 215569    439791   100% /

tmpfs                     1006507     30   1006477    1% /tmp

/dev/sda1                  128016    430    127586    1% /boot

/dev/mapper/fedora-home 120905728  41359 120864369    1% /home

tmpfs                     1006507     19   1006488    1% /run/user/42

tmpfs                     1006507     20   1006487    1% /run/user/1000

dan yang harus dilakukan adalah menghilangkan agar bisa berkurang di folder /var/log/journal , menghapus isi dari folder tersebut.

/dev/mapper/fedora-root    655360 215569    439791   33% /

Zimbra reports “ Error: Queue report unavailable – mail system is down ”

zcs @ zimbra: ~ $ zmcontrol status
Host zcs.ilba.cat
        antispam                Running
        antivirus               Running
        convertd                Running
        ldap                    Running
        LOGGER Running
        mailbox                 Running
        mta                     Running
        opendkim                Running
        proxy                   Running
        snmp                    Running
        spell                   Running
        stats                   Running
        zmconfigd               Running
zimbra@zcs:~$ tail -f /var/log/mail.log
Jan 22 11:08:00 zcs postfix/postqueue[19195]: fatal: Queue report unavailable - mail system is down
root@zcs:~# locate master.pid
/opt/zimbra/data/postfix/spool/pid/master.pid

zcs root @: ~ # mv master.pid master.pid.bak.21des2016

root@zcs:~# su - zimbra
Zimbra ZCS @: ~ $ / opt / Zimbra / bin / zmmtactl start
Rewriting configuration files...done.
Starting saslauthd...already running.
/postfix-script: starting the Postfix mail system

fatal: Queue report unavailable – mail system is down

[root@webmail ~]# tail -f /var/log/maillog
Oct 13 16:24:57 webmail amavis-services[14204]: amavis-services-2.9.0 (20140506) task ‘msg-forwarder’ [14204] started. ZMQ::LibZMQ3 1.13, lib 3.2.3
Oct 13 16:24:57 webmail amavis-services[14205]: amavis-services-2.9.0 (20140506) task ‘childproc-minder’ [14205] started. ZMQ::LibZMQ3 1.13, lib 3.2.3
Oct 13 16:24:57 webmail amavis-services[14206]: amavis-services-2.9.0 (20140506) task ‘snmp-responder’ [14206] started. ZMQ::LibZMQ3 1.13, lib 3.2.3
Oct 13 16:24:58 webmail amavis-services[14205]: childproc_minder: FLUSH process states
Oct 13 16:25:00 webmail postfix/postqueue[14314]: fatal: Queue report unavailable – mail system is down
Oct 13 16:25:05 webmail amavis-services[14206]: snmp_responder: FLUSH snmp data
Oct 13 16:25:05 webmail amavis-services[14205]: childproc_minder: FLUSH process states
Oct 13 16:25:30 webmail postfix/postqueue[15496]: fatal: Queue report unavailable – mail system is down
Oct 13 16:26:00 webmail postfix/postqueue[15622]: fatal: Queue report unavailable – mail system is down
Oct 13 16:26:30 webmail postfix/postqueue[17160]: fatal: Queue report unavailable – mail system is down
Oct 13 16:27:00 webmail postfix/postqueue[17226]: fatal: Queue report unavailable – mail system is down

SOLUSI

[root@webmail /]# locate master.pid
/opt/zimbra/data/postfix/spool/pid/master.pid
[root@webmail /]# cd /opt/zimbra/data/postfix/spool/pid/

[root@webmail pid]# cp master.pid master.pid.bak

[root@webmail pid]# rm -Rf master.pid

[root@webmail pid]# su – zimbra
Last login: Thu Oct 13 16:24:45 WIB 2016 on pts/0
[zimbra@webmail ~]$ zmmtactl start
Rewriting configuration files…done.
Starting saslauthd…already running.
/postfix-script: starting the Postfix mail system
[zimbra@webmail ~]$

 

Specific Whitelist/Blacklist per IP

https://wiki.zimbra.com/wiki/Specific_Whitelist/Blacklist_per_IP

 

Purpose

With ZCS 8.5 and later, it is possible to maintain an IP blacklist for connections to Postfix. This is useful in DoS and targeted spam attack scenarios.

Many clients use RBLs to block spammers from flooding their MTAs with spam. Unfortunately, perfectly valid sites occasionally end up on these lists. With ZCS 8.5 and later, it is possible to create an on-disk database map that allows the client to whitelist specific blacklisted IPs so that emails from those IPs still get delivered.

Resolution

Whitelist Edit /opt/zimbra/conf/postfix_rbl_override. Add IP address(es) SPACE OK to the file, one IP address per line:

1.2.3.4 OK

Run the postmap to save and apply the changes in Postfix:

postmap /opt/zimbra/conf/postfix_rbl_override

Run the zmprov to apply the changes to the Zimbra Collaboration Server:

zmprov mcf +zimbraMtaRestriction 'check_client_access lmdb:/opt/zimbra/conf/postfix_rbl_override'

postmap will need to be rerun on the file any time an IP address is added or removed.

Blacklist Edit /opt/zimbra/conf/postfix_blacklist. Add IP address SPACE REJECT to the file, one IP address per line:

1.2.3.4 REJECT

Run the postmap to save and apply the changes in Postfix:

postmap /opt/zimbra/conf/postfix_blacklist

Run the zmprov to apply the changes to the Zimbra Collaboration Server:

zmprov mcf +zimbraMtaRestriction 'check_client_access lmdb:/opt/zimbra/conf/postfix_blacklist'

postmap will need to be rerun on the file anytime an IP address is added or removed.

Whitelists and Blacklists on Zimbra

  1. Buka file [root@webmail /]# vim /opt/zimbra/conf/amavisd.conf.in
  2. Cari bagian seperti berikut ini “soft-blacklisting” :
    yang tampak seperti dibawah ini
    # soft-blacklisting (positive score)
    ‘sender@example.net’ => 3.0,
    ‘.example.net’ => 1.0,
    ‘admin@buzzup.net’ => 15.0,

    berikan score 15, jika masih tembus juga score naik menjadi 20, save dan keluar dan editor

  3. Restart service anti virus dan anti spam dengan perintah :
    su – zimbra
    zmamavisdctl stop && zmamavisdctl start

VIRUS (Heuristics.Encrypted.PDF) Di Zimbra

Error pada email akan seperti ini
VIRUS (Heuristics.Encrypted.PDF) in mail TO YOU from

supaya ga di blok ikutin step di bawah : ( saya pake zimbra Release 8.6.0_GA_1153.RHEL7_64_20141215151110 RHEL7_64 FOSS edition, Patch 8.6.0_P4. yah )

1. buka zimbra admin https://mailserver:7071/zimbraAdmin/

2. Open Menu | Configure| Global Setting | AS/AV |

3. Uncek Block encrypted archives

4. jangan lupa settingan nya di save

sekarang coba anda mengirim pdf yang di password

semoga membantu

*source : zimbra forum & google.

Backup Database MYSQL

backup database mysql

Mengecek dulu isi database yang sudah terdaftar

# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 782 to server version: 5.0.22

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.

mysql> show database;
+——————–+
| Database |
+——————–+
| information_schema |
| mysql |
| postfix |
| test |
+——————–+
4 rows in set (0.00 sec)
mysql>
mysql> exit
Bye

Selanjutnya keluar dari mysql dan lakukan command dibawah ini untuk melakukan backup database

#mysqldump -u root -p postfix > /home/backupdb-27082015/db-27082015.sql
Enter password:
#

selesai sudah, maka db-27082015.sql disimpan dalam folder /home/backupdb-27082015/