How Do Spammers Send Spam from My Server?
When your server has become a haven for spammers, it is never a pleasant ordeal. Your server will probably be blacklisted, causing many of the emails you send to bounce back, and you may have serious connection problems due to the spammer using valuable system resources.
There are a couple of ways in which spammers will use a server to send their emails. The first is through an open relay in your mail server. This is something that you can easily fix in both Postfix and Sendmail. I will post more about fixing an open relay tomorrow. The second method is by signing up for a legitimate hosting account with your web hosting service, but then using the account to send spam. By the time you figure out what they have done, they are usually long gone.
The third and probably most nefarious method of sending spam from your server is through an actual attack on your server. When a hacker finds a hole in your security, they will install a bot on the server. That bot will then act as a small mail server for the hacker, all without your knowledge. You may not even notice it unless it causes some side effects. All three methods should be fixed with increased security and careful scanning of your server for possible threats.
Photo Source: Flickr
Tag: bot, mail server, open relay, postfix, sendmail, server, spam, spammers
Mail Server Causing High Server Load
Question: My CPU usage on my server is very high, and it seems to be originated from my mail server. What could be the problem?
Answer: If your mail server is sucking up valuable CPU power, there are a couple of possibilities, none of which are pleasant.
1. You or users on your server are getting a lot of emails, more than usual. Although it is possible that it is just a temporary thing, it could be a deliberate attack on your server.
2. Someone is sending spam from your server, using an open relay in your SMTP settings or exploiting a user’s account.
3. Your server is receiving a ridiculous amount of spam (i.e. spam attack). This could be an intentional attack or just a particularly bad day.
Usually, if the CPU upswing is substantial, you should be really concerned about your server’s security. Take a look at the mail server logs and see where the emails are originating and where they are being sent. Take note of IP addresses, user names, and any other useful information. If you cannot figure it out, you can take the data to a security expert who can help you solve the problem.
Server Hardware: Celeron vs. Xeon
Intel processors have a variety of names, and there is no shortage in the number of variations. When you are looking to lease or purchase a server, this can be confusing. On the current market, you may find servers with Intel’s Core 2, Celeron, Xeon, and the newer Core i7.
The first distinction that you should make is between processors designed for servers and those that are not. Generally speaking, Core 2 and Celeron processors are for workstations and not servers. The Xeon processors may, in some cases, even have identical architecture to the Core 2 models but will be packaged and sold for servers. Similarly, there are Core i7 chips with similar architecture to high-end Xeon CPUs, but the former is for desktops, while the latter is for servers.
What you truly want to avoid, however, is getting a server with a Celeron processor. While there may be little difference between a high-powered i7 and a similar Xeon, a Celeron processor of the same clock speed will often have less cache and slower FSB. If a server company is trying to market Celeron servers to you, they are actually selling you an inferior product.
Photo Source: Flickr
Take a look at a Google server
Google has long been a leader in the search industry, but did you know that the company is also a pioneer of data center technology? The video above shows a typical Google web server on display at the Google Data Center Energy Summit in 2009.
As you can see, Google doesn’t use normal servers. All of its systems are custom-built to meet its needs. It also keeps much of its technology secret, so seeing this server in-person is a big deal. The power supply has a built-in battery that acts like a UPS, for instance.
The most obvious feature is the large amount of RAM. The Mountain View company supposedly stores all server data on memory for fast retrieval.
Troubleshooting Database Connections
When MySQL works correctly, it can be a thing of beauty, but when something goes wrong, it can drive you mad. Here are a few things you can do to troubleshoot connection problems:
1. Make sure your username and password are correct.
2. Double-check the hostname. Although “localhost” works on most servers, it may not on yours.
3. Test the connection string (if you wrote the code yourself). You may have a simple typo.
4. If you have your own server, check the mysql server to see if it is running and running without errors.
5. Does the database you are trying to connect to actually exist? Sometimes automatic database creation fails, and you are left wondering why you cannot connect to it.
6. If you can connect locally but cannot connect remotely, check your firewall settings to see if port 3306 (or whichever port you use for mysql) is open.
7. Finally, be sure your mysql user has the necessary privileges to perform whatever task you are trying to accomplish.
Photo Source: Flickr
Tag: connection, database, mysql, password, port, privileges, server, username
How to Delete Tables and Rows in MySQL
As I mentioned in a previous MySQL post, knowing how to quickly perform database tasks from the command line is a good idea if you are a Linux system administrator. Sometimes, it is the easier way to get things done, especially if you are helping another user and need root access to his or her database.
To delete a table, first login to MySQL:
mysql -u root -p
Enter your password and then switch to the database you want to edit by typing the following at the mysql> prompt:
mysql> use [db name];
Finally, drop the table:
mysql> drop table [table name];
Replace [table name] with the actual name of the table you want to remove.
To remove a row, type:
mysql> DELETE from [table name] where [field name] = 'whatever';
When you are finished, type “quit” to exit.
Tag: delete, drop, linux, mysql, rows, server, tables
Free SSH Programs for Download
SSH or Secure Shell is a secure method of accessing your web server for manipulation or file transfer (using SCP or SFTP). Here are a few software applications that you can use to access your server via SSH.
1. OpenSSH
OpenSSH is the primary SSH client and server used for Linux, BSD, Mac OS X and other Unix-like operating systems. It is free and open source and is part of the OpenBSD project. It includes scp and sftp for secure file transfers.
2. PuTTY
Although it works with both Windows and Unix, Putty is mostly used by Windows users, since SSH is not installed on Windows by default (unlike Linux and Mac OS X). PuTTY is free and open source.
GUI Applications
1. Filezilla
Filezilla is a file transfer application that includes support for scp and sftp. It is free, open source, and has cross-platform support.
2. WinSCP
A GUI file transfer program, WinSCP supports scp and sftp, and it is core is based on PuTTY. WinSCP is free and open source.
3. Cyberduck
Cyberduck is a file transfer application for Mac OS X that supports SFTP. It is free and open source software.
Tag: open source, openssh, scp, server, sftp, software, ssh
How to Connect via SSH
SSH secure iconSSH stands for Secure Shell and is a secure encrypted method of connecting to a server for shell/command line access. It can be useful for shared hosting, virtual private servers, and dedicated servers. Linux server usually come with SSH enabled by default, although some web hosts may disable it for shared hosting accounts.
To connect to your server via SSH, simply type:
ssh -l(username) hostname_or_ip
It will prompt you for a password. Type your password, and you should be connected. Some web hosts may use a different port for SSH, other than the default port (22). If so, you will need to specify it, for example:
ssh -p 2222 -lmyname webserver.com
Normal Linux/Unix shell commands apply, once you are logged into the server. When you are finished, simply type “exit”.
Tag: host, linux, port, secure, server, shell, ssh, unix
How to Connect via FTP
FTP iconFTP stands for File Transfer Protocol and is the most widely accepted method for uploading files to a web server. All web hosting companies offer FTP service, but there may be slight differences in how you connect to them. To begin, you will need an FTP client, such as Filezilla, a free and open source, cross-platform FTP program.
To begin, choose to create a new connection. For the “hostname” enter your domain name without the “www” or use the IP address given to you by your web host. You can normally leave “port” as is unless your hosting provider gave you a port other than the default (21). The username will be whatever your host assigned. It could be use a name or your entire email address (particularly if it is a shared hosting account). If you are not sure, contact your host. Next, enter your password.
You should then be able to click “connect” and have no problems getting logged in. If you cannot, the first thing to check is your password and then username. If those are both correct, contact your web host to make sure you have the right information. If you have your own dedicated server, you may need to configure your FTP server before you can connect to it. You can do this in your web-based control panel or through SSH.
Tag: client, connect, domain, filezilla, ftp, host, ip address, port, server
Apache HTTP Server Optimization: Part 3
StartServers
You have already configured Apache to control the number of child processes to keep running. This directive will tell Apache how many to start initially when your server first boots. Depending on the level of traffic you expect to get, this number may be low or high. For general purposes, 5 should be sufficient.
StartServers 5
Timeout
This controls the amount of time Apache waits to do a number of tasks. For example, it controls how long it waits for a GET request (i.e. for someone to download a page or images) and also how long it will allow a POST request (i.e. when someone is sending something on a form). The default is 300, but you can lower it to something like 150 to help reduce some server strain when it is waiting on failed attempts and also help prevent DoS attacks on PHP scripts like message forums. Do not set it lower than 90, however, as this may cause some of your site visitors to get timeout errors on working content.
Timeout 150
Once you have made all of the changes you want to make to your Apache configuration file (httpd.conf), you need to restart Apache:
service httpd restart
or
/etc/init.d/httpd restart
These tips are not the only ones you can use to optimize your Apache installation, but they should help you get a head start.