How To Block A Domain From Sending Email From My cPanel Server

We face this problem many times, even we mostly get this kind of issue when a user who is getting hacked a lot and the account is sending out spam emails. In that case, If you want to disable just his account from being able to send mail at all until he can get his script updated or changed. So here’s how we can do it:

First, in root SSH, run these commands:

touch /etc/blockeddomains
echo “domain.com” >> /etc/blockeddomains

Please replace domain.com with the domain name. Do not replace the “” part as that’s required, only the domain.com part with the right domain name.

In WHM > Exim Configuration Editor > Advanced Configuration Editor -> Click on “Add additional configuration setting” -> Add::

domainlist blocked_domains = lsearch;/etc/blockeddomains

Locate the “ROUTERS CONFIGURATION” section, and right below these lines:

democheck:
driver = redirect
require_files = “+/etc/demouids”
condition = “${if eq {${lookup {$originator_uid} lsearch {/etc/demouids} {$value}}}{}{false}{true}}”
allow_fail
data = :fail: demo accounts are not permitted to relay email

Put the following lines:

reject_domains:

driver = redirect
# RBL Blacklist incoming hosts
domains = blocked_domains
allow_fail
data = :fail: Connection rejected: SPAM source $domain is manually blacklisted.

How To Setup Virtualisation With KVM On A CentOS (SolusVM Slave)

Steps To Setup:

Part 1 – Disk Setup

Fdisk is the most commonly used command to check the partitions on a disk. The fdisk command can display the partitions and details like file system type. However it does not report the size of each partitions.

$ sudo fdisk -l

You cannot create a Linux partition larger than 2 TB using the fdisk command. The fdisk won’t create partitions larger than 2 TB. This is fine for desktop and laptop users, but on server you need a large partition. For example, you cannot create 3TB or 4TB partition size (RAID based) using the fdisk command. It will not allow you to create a partition that is greater than 2TB.

Creating 4 TB Partition Size

To create a partition start GNU parted as follows:

$ parted /dev/sdb

Creates a new Partition Table:

$ (parted) mklabel gpt

Next, set the default unit to TB, enter:

$ (parted) unit TB

To create a 4 TB partition size, enter:

$ (parted) mkpart primary 0.00TB 4.00TB

To print the current partitions, enter:

$ (parted) print

Quit and save the changes, enter:

$ (parted) quit
Use the mkfs.ext4 command to format the file system: (Optionally You can use mkfs.ext3 if needed)

$ mkfs.ext4 /dev/sdb1
Create the PV through following command:

$ pvcreate /dev/sdb1

You can check that new PV through this command:

$ pvscan

Create the Volume Group:

$ vgcreate -s 32M vg1 /dev/sdb1

You can check that new volume group through this command:

$ vgdisplay
Part 2 – Network Setup

Bridging requires the bridge-utils package to be installed on the server. To check if it’s installed, do the following:

$ rpm -q bridge-utils

If you get an output – it’s installed, if not, it needs installing:

$ yum install bridge-utils

Before setting up your bridge, the contents of /etc/sysconfig/network-scripts/ifcfg-eth0 will look like the following:

DEVICE=eth0
BOOTPROTO=static
BROADCAST=102.100.152.255
HWADDR=00:27:0E:09:0C:B2
IPADDR=102.100.152.2
IPV6INIT=yes
IPV6_AUTOCONF=yes
NETMASK=255.255.255.0
NETWORK=102.100.152.0
ONBOOT=yes

To back up your current ifcfg-eth0 before modification:

1. Run the following command:

$ cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/backup-ifcfg-eth0

2.Create the bridge file:

$ nano -w /etc/sysconfig/network-scripts/ifcfg-br0

3. Copy parts of ifcfg-eth0 to it:

DEVICE=br0
TYPE=Bridge
BOOTPROTO=static
BROADCAST=102.100.152.255
IPADDR=102.100.152.2
NETMASK=255.255.255.0
NETWORK=102.100.152.0
ONBOOT=yes

4. Save that file and edit ifcfg-eth0:

$ nano -w /etc/sysconfig/network-scripts/ifcfg-eth0

5. Remove the networking parts and specify the bridge:

DEVICE=eth0
HWADDR=00:27:0E:09:0C:B2
IPV6INIT=yes
IPV6_AUTOCONF=yes
ONBOOT=yes
BRIDGE=br0

6. Bridge is  set up. Make sure that the changes are correct and restart the networking:

$ /etc/init.d/network restart

7. Once it’s restarted you see the new bridge using the ifconfig command:

[root@bharat ~]# ifconfig
br0       Link encap:Ethernet  HWaddr 00:27:0E:09:0C:B2
inet addr:102.100.152.2  Bcast:102.100.152.255  Mask:255.255.255.0
inet6 addr: fe80::227:eff:fe09:cb2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
RX packets:48 errors:0 dropped:0 overruns:0 frame:0
TX packets:67 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2984 (2.9 KiB)  TX bytes:13154 (12.8 KiB)

eth0      Link encap:Ethernet  HWaddr 00:27:0E:09:0C:B2
inet6 addr: fe80::227:eff:fe09:cb2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
RX packets:31613 errors:0 dropped:0 overruns:0 frame:0
TX packets:9564 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:2981335 (2.8 MiB)  TX bytes:2880868 (2.7 MiB)
Memory:d0700000-d0720000

 

Part 3 – Installing a SolusVM KVM Slave:

In SSH as root do the following:

$ wget http://soluslabs.com/installers/solusvm/install

$ chmod 755 install

$ ./install

Now, follow the steps as shown in Video.

The install will now do it’s work.You will get next output (output text may vary)

Once the installer is complete you will be presented with the slave keys and any further instructions for your install type.

Set Up DNS for Office 365 in cPanel

To set up Microsoft Office 365, login to cPanel, then add/update the following DNS records for the domain(s) in question:

example.com.au. 300 MX 0 example-com-au.mail.eo.outlook.com.
example.com.au. 3600 TXT MS=ms000000
autodiscover 3600 CNAME autodiscover.outlook.com.
example.com.au. 3600 TXT “v=spf1 include:outlook.com ~all”
_sip 3600 SRV 100 1 443 sipdir.online.lync.com.
_sipfederationtls 3600 SRV 100 1 5061 sipfed.online.lync.com.
sip 3600 CNAME sipdir.online.lync.com.
lyncdiscover 3600 CNAME webdir.online.lync.com.
Notes:

  • The MS record shown in red is a number supplied by Microsoft as part of the verification rocess.
  • The MX record contains the domain name as a prefix, with periods replaced by hyphens.

Then, change the Email Routing setting down the bottom to “Remote Mail Exchanger”.

Adding Secondary IP Addresses (CentOS/RHEL)

There are plenty of reasons you would need to add secondary IP addresss (and everyone agrees that SEO is not one of them). Getting a secondary IP address is a simple process if it is done for the right reasons and done correctly. You do NOT need additional NIC cards but you will be creating virtual adapters as the secondary IP will be routing through the primary IP.

Also, this is a great thing to do at home as I’ve done it to run multiple internal IP addresses on one server to run multiple applications across the same ports (for KISS** sake). Please note that I am doing this is in a virtual testing environment so your settings will definitely be different.

** KISS = Keep It Stupid Simple **

You will need to be the root user and navigate to your /etc/sysconfig/network-scripts

# cd /etc/sysconfig/network-scripts

When getting a list of files in the directory you will see “ifcfg-eth0” (or eth1 if you’re doing it for a different adapter)

# ls -l | grep ifcfg-eth
-rw-r–r– 1 root root 119 Jan 11 19:16 ifcfg-eth0
-rw-r–r– 1 root root 119 Jan 3 08:45 ifcfg-eth0.bak
-rw-r–r– 1 root root 119 Feb 24 04:34 ifcfg-eth1
-rw-r–r– 1 root root 128 Jan 19 18:20 ifcfg-eth1.bak

Now adding the virtual adapters is easy. Basically if the main adapter is called “eth0” you have to call the next (virtual) adapter in a sequential order like so:

ifcfg-eth0 (primary adapter, physical)
ifcfg-eth0:1 (first virtual adapter to the physical primary adapter)
ifcfg-eth0:2 (second virtual adapter to the physical primary adapter)
and so on…

That being said, lets go ahead and copy our primary adapter configuration file and name it to be the first virtual adapter for the physical primary:

# cp ifcfg-eth0 ifcfg-eth0:1

# ls -l | grep ifcfg-eth
-rw-r–r– 1 root root 119 Jan 11 19:16 ifcfg-eth0
-rw-r–r– 1 root root 119 Feb 24 08:53 ifcfg-eth0:1
-rw-r–r– 1 root root 119 Jan 3 08:45 ifcfg-eth0.bak
-rw-r–r– 1 root root 119 Feb 24 04:34 ifcfg-eth1
-rw-r–r– 1 root root 128 Jan 19 18:20 ifcfg-eth1.bak

Now, we have to configure this virtual adapter to be: a static IP (of course), no hardware address (MAC), configure netmask and of course rename the device.

# vim ifcfg-eth0:1
DEVICE=eth0:1
BOOTPROTO=static
ONBOOT=yes
IPADDR=10.1.1.2
NETMASK=255.255.255.0

There is no need to specify a MAC address as it is a virtual adapter and there is also no need to specify a default gateway as it is already routed through the primary adapter. Basically there are only four things that you will need to change:

File name for the adapter itself

DEVICE= device name (should correspond with the file name)
IPADDR= ip address
NETMASK= netmask

Afterwards, just restart the networking service:

# service network restart

That’s it; lets check ifconfig to make sure the virtual adapter is there and working:

# ifconfig eth0:1
eth0:1 Link encap:Ethernet HWaddr 08:00:27:ED:05:B7
inet addr:10.1.1.2 Bcast:10.1.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

# ping 10.1.1.2
PING 10.1.1.2 (10.1.1.2) 56(84) bytes of data.
64 bytes from 10.1.1.2: icmp_seq=1 ttl=64 time=0.073 ms
64 bytes from 10.1.1.2: icmp_seq=2 ttl=64 time=0.042 ms
64 bytes from 10.1.1.2: icmp_seq=3 ttl=64 time=0.029 ms
64 bytes from 10.1.1.2: icmp_seq=4 ttl=64 time=0.029 ms
— 10.1.1.2 ping statistics —
4 packets transmitted, 4 received, 0% packet loss, time 2999ms
rtt min/avg/max/mdev = 0.029/0.043/0.073/0.018 ms

If you’re not sure if you’ve done it right and you do not want to restart the entire network server, you can use the following:

# ifup eth0:1

Linux KVM: Disable virbr0 NAT Interface

The virtual network (virbr0) used for Network address translation (NAT) which allows guests to access to network services. However, NAT slows down things and only recommended for desktop installations. To disable Network address translation (NAT) forwarding type the following commands:

 

Display Current Setup

Type the following command:
# ifconfig
Sample outputs:

virbr0 Link encap:Ethernet HWaddr 00:00:00:00:00:00
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:39 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:7921 (7.7 KiB)

Or use the following command:
# virsh net-list
Sample outputs:
Name State Autostart
—————————————–
default active yes

To disable virbr0, enter:
# virsh net-destroy default
# virsh net-undefine default
# service libvirtd restart
# ifconfig