How to zimbra A+ in the Qualys SSL Labs Security Test. To help system zimbra security hardening. Let's go labs. in my post,i use zimbra account ( su - zimbra)  Zimbra without Proxy ( zimbra mailbox+zimbra ldap+zimbra MTA) Tune the cipher list ( you to check zimbraSSLExcludeCipherSuites before run command) zmprov mcf +zimbraSSLExcludeCipherSuites TLS_DHE_RSA_WITH_AES_128_CBC_SHA zmprov mcf +zimbraSSLExcludeCipherSuites TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 zmprov mcf +zimbraSSLExcludeCipherSuites TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 zmprov mcf +zimbraSSLExcludeCipherSuites SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA \ +zimbraSSLExcludeCipherSuites SSL_DHE_DSS_WITH_DES_CBC_SHA \ +zimbraSSLExcludeCipherSuites SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA \ +zimbraSSLExcludeCipherSuites SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA \ +zimbraSSLExcludeCipherSuites SSL_DHE_RSA_WITH_DES_CBC_SHA \ +zimbraSSLExcludeCipherSuites SSL_RSA_EXPORT_WITH_DES40_CBC_SHA \ +zimbraSSLExcludeCipherSuites SSL_RS

zimbra reject authenticated sender login mismatch, How To Improvement Sender Must Login/Enforcing a Match Between From Address and sasl username on Zimbra 8.6  To check zimbraMtaSmtpdRejectUnlistedSender and zimbraMtaSmtpdRejectUnlistedRecipient enable on server zimbra mta? zmprov gacf | egrep zimbraMtaSmtpdRejectUnlistedSender zmprov gacf | egrep zimbraMtaSmtpdRejectUnlistedRecipient The output as bellow zimbraMtaSmtpdRejectUnlistedSender: no zimbraMtaSmtpdRejectUnlistedRecipient: no To enabled zimbraMtaSmtpdRejectUnlistedSender and zimbraMtaSmtpdRejectUnlistedRecipient on server zimbra mta zmprov mcf zimbraMtaSmtpdRejectUnlistedRecipient yes zmprov mcf zimbraMtaSmtpdRejectUnlistedSender yes To open file /opt/zimbra/conf/zmconfigd/smtpd_sender_restrictions.cf and add reject_sender_login_mismatch after permit_mynetworks permit_mynetworks, reject_sender_login_mismatch To restart zmmtactl zmmtactl restart To test zimbra reject authenticated sender login mismatch

Conditional expression in bash script.For example, check file exists with Conditional expression Bash script checkfile.sh  [huupv@huupv scripts]$ cat checkfile.sh  The content as below: #!/bin/bash # author: HuuPV # for example basic for check file exists! FILE="/home/huupv/scripts/menu_list" if [ -f $FILE ]; then     echo -e "$FILE \t File exists!" else     echo -e "$FILE \t File not exists!" fi File operators: -a FILE        True if file exists. -b FILE        True if file is block special. -c FILE        True if file is character special. -d FILE        True if file is a directory. -e FILE        True if file exists. -f FILE        True if file exists and is a regular file. -g FILE        True if file is set-group-id. -h FILE        True if file is a symbolic link. -L FILE        True if file is a symbolic link. -k FILE        True if file has its `sticky' bit set. -p FILE        True if file is a named pipe. -r FILE       

zimbra code error 421-4.7.0 This message does not have authentication information or fails to pass 421-4.7.0 authentication checks Gmail SMTP Error Codes Jun 22 11:17:56 mta postfix/smtp[16523]: B67511C61EE: host gmail-smtp-in.l.google.com[74.125.23.27] said: 421-4.7.0 This message does not have authentication information or fails to pass 421-4.7.0 authentication checks. To best protect our users from spam, the 421-4.7.0 message has been blocked. Please visit 421-4.7.0  https://support.google.com/mail/answer/81126#authentication for more 421 4.7.0 information. f7si5281662plm.92 - gsmtp (in reply to end of DATA command) How to solve problem ( recommend of google) Sign messages with DKIM Publish an SPF record Publish a DMARC policy My opinion just "Sign messages with DKIM and Publish an SPF record" without Publish a DMARC policy. Ref to check DKIM and spf use dig command dig -t txt  C333XXX-11E4-B123-25B12331CXXXA1._domainkey domain-your.com Or ref to check website o

How to use bash script allign the output. To use printf command the format of strings. Many method to allign the ouput use bash script. The script my below simple. Bash script align the output #!/bin/bash for b in "H HU HUU PHAN PHANVAN" do         echo "$b"         for c in $b         do                 printf "%-50sOK\n" "$c"         done done Running bash script [huupv@huupv Downloads]$ ./studyscript.sh  The display as below

How to use bash script IFS in context of for looping. what does IFS meaning? The IFS stands for "internal Field separator", That is used how to do word splitting. IFS is a special shell variable. The used for looping in context of file. Bash script use IFS in context of for looping #!/bin/bash #Author: HuuPV IFSOLD=$IFS IFS=$'\n':,' ' for entry in "huu:phan linux operating,system" do     echo "Values in $entry -" #IFS=': ,'     for value in $entry     do         echo " $value"     done done IFS=$IFSOLD Running bash script use IFS in context of for looping [huupv@huupv Downloads]$ ./IFS_test.sh The display as below: Values in huu:phan linux operating,system -  huu  phan  linux  operating  system

Running to bash script list all IP addresses connected to Server ./studyscript.sh  >/dev/null 2>&1 The bash script list all IP addresses connected to Server #!/bin/bash rm -f /tmp/list_IP rm -f /tmp/list_IPP rm -f /tmp/list_IPdone netstat -ntu | grep ESTA | awk -F: '{ print $2 }' | sed -r 's/^.{12}//' |sed 's/:/\n/g' | sed '/^\s*$/d'| sort > /tmp/list_IP #sleep 10 while read -r p do  curl ipinfo.io/$p done < /tmp/list_IP >/tmp/list_IPP cat /tmp/list_IPP | egrep "ip|country" |sed '$!N;s/\n/ /' |sed -r 's/^.{9}//' |sed 's/"country": "//' |sed 's/",//g' >> /tmp/list_IPdone echo "-----IP------  --country--" >> /tmp/list_IPdone Note the bash script list all IP addresses connected to Server sed 's/:/\n/g' Delete duplicate lines sed '/^\s*$/d' Delete empty lines sed '$!N;s/\n/ /' How to merge every two lines in

How to check file and directory in directory, I use bash script if file exists. To write simple bash script check folder /home/huupv/Desktop all file and directory. The first, use for loop /home/huupv/Desktop/* The secondary, to check if a directory then echo, elif a file then echo. My bash scripts check file and directory     #!/bin/bash     # Author: HuuPV     for file in /home/huupv/Desktop/*     do         if [ -d "$file" ]         then             echo "$file is directory"         elif [ -f "$file" ]         then             echo "$file is file"         fi     done The running bash script check file and directory $ ./studyscript.sh  The output as bellow /home/huupv/Desktop/Barbarpower Template.xml is file /home/huupv/Desktop/HuuPV is directory /home/huupv/Desktop/like_fb.sh is file /home/huupv/Desktop/post-fb.docx is file /home/huupv/Desktop/Untitled Document 1 is file

How to list accounts that has not logged in for the last x days in zimbra, list accounts last login time a month ago... after run script,The output /tmp/lastlogin_time syntax file as bellow Account zimbraAccountStatus displayName To use date command a month ago date -d "-1 month" +%Y%m%d The script zimbra_lastlogin.sh name, list accounts last login time a month ago To run script zimbra_lastlogin.s ./zimbra_lastlogin.sh The full script zimbra_lastlogin.sh list accounts that has not logged in for the last x days in zimbra #!/bin/bash #HuuPV author rm -f /tmp/lastlogin_time pastmonth=$(date -d "-1 month" +%Y%m%d) LDAP_HOST=$(/opt/zimbra/bin/zmlocalconfig ldap_host | cut -d\ '' -f3) LDAP_PASSWORD=`/opt/zimbra/bin/zmlocalconfig -s zimbra_ldap_password | cut -d\ '' -f3` LDAP_USERDN=$(/opt/zimbra/bin/zmlocalconfig zimbra_ldap_userdn | cut -d\ '' -f3) LDAPSEARCH="/opt/zimbra/bin/ldapsearch -D "$LDAP_USERDN" -w$LDA

Many methods to reset root password centos 7. if GRUB 2 bootloader then no longer using in single-user mode as well as emergency mode. To below step by step to reset root password centos 7. You may reading link below : awk useful commands examples CentOS/RHEL Use yum Command To Downgrade Upgrade or Rollback Updates Generate and Verify Files with MD5 Checksum in Linux use inotify-tools on centos Step 1: Start the system, on Grub 2 boot screen, you press the e key as shown below. Step 2: In linux16 line or linuxefi on UEFI system, add parameters end line as shown below. rw init=/bin/bash Using Ctrl+A press or Ctrl+E press to start or end a line. Disable paramenters the rhgb and quiet in order to enable system message as shown top. Step 3: you press Ctrl+x to start single user mode passwd Step 4: update selinux information touch /.autorelabel Step 5: To resume the initialization and finish the system boot. exec /sbin/init Video how to reset root password on cen