Saturday, 31 August 2013

How to change primary IP addres of a Linux (WHM/cPanel) server

This is for CentOS/RHEL based servers only.

Steps in WHM:

  • Log into WHM and go to Basic cPanel & WHM Setup

  • Change the Primary IP here with the option that says "The IP address (only one address) that will be used for setting up shared IP virtual hosts"

  • Note: This might not actually be necessary.


Log in to SSH, and do the following:

  1. Edit /etc/sysconfig/network-scripts/ifcfg-eth0

    • Change the IPADDR and GATEWAY lines to match the new IP and Gateway for the new IP



  2. Edit /etc/sysconfig/network

    • Change the GATEWAY line here if it does not exist in the ifcfg-* file.



  3. Edit /etc/ips

    • Remove the new primary IP from this file if it is present

    • Add the old primary IP to this file with the format <IP address>:<Net Mask>:<Gateway>



  4. Edit /var/cpanel/mainip

    • Replace the old primary IP with the new primary IP



  5. Edit /etc/hosts

    • Replace the old primary IP with the new one if needed. The hostname's dns will need to be updated too



  6. Restart the network service to make the new IP the primary

    • service network restart

    • Note: You're probably going to be disconnected at this point, and have to log in to ssh using the new primary ip.



  7. Restart the ipaliases script to bring up the additional IPs

    • service ipaliases restart



  8. Run ifconfig and make sure all IPs show up correctly

  9. Update the cpanel license to the new primary IP

  10. Verify you can still log in to WHM and there is no license warning.




  • http://verify.cpanel.net/index.cgi



 

Friday, 30 August 2013

Scripts to check spamming in Exim mail server

1. To check the number of emails present in the queue:

# exim -bpc

2. To check the emails present in the queue with the mail id and sender ID:

# exim -bp
# exim -bp | less

3. To view the header of a particular email using mail ID:

# exim -MvH mail_id

4.  To view the body of a particular email using mail ID:

# exim -Mvb mail_id

5. To view a message's logs:

# exim -Mvl mail_id

6. To trace path:

# exim -d -bt user@domain.com

7. To get sorted list of email sender in exim queue:

# exim -bpr | grep "<" | awk {'print $4'} |cut -d "<" -f 2 | cut -d ">" -f 1 | sort -n | uniq -c| sort -n

8. To check the script that will originate spam mails:

# grep "cwd=" /var/log/exim_mainlog|awk '{for(i=1;i<=10;i++){print $i}}'|sort| uniq -c|grep cwd|sort -n

9. If we need to find out exact spamming script. To do this, run following command:

# ps auxwwwe | grep user | grep --color=always "/home/user/public_html/templates/" | head

10.  To delete the emails of a specific user:

# grep -lr 'user@domain.com' /var/spool/exim/input/ | sed -e 's/^.*/([a-zA-Z0-9-]*)-[DH]$/1/g' | xargs exim -Mrm

# exim -bp | grep "user_email-account" | awk '{print $3}' | xargs exim -Mrm

11. To delete Frozen emails from the email queue:

# grep -R -l '*** Frozen' /var/spool/exim/msglog/*|cut -b26-|xargs exim -Mrm
# exim -bp| grep frozen | awk '{print $3}'| xargs exim -Mrm
# exiqgrep -z -i | xargs exim -Mrm

12.  To delete Spam emails from the email queue:

#  grep -R -l [SPAM] /var/spool/exim/msglog/*|cut -b26-|xargs exim -Mrm

13. To check the no. of frozen mails:

# exiqgrep -z -c

14. To check exim logs:

# tail -f /var/log/exim_mainlog

15. Force delivery of one message:

# exim -M mail_id

16. Force another queue run:

# exim -qf

17. Force another queue run and attempt to flush frozen messages:

# exim -qff

Thank you.