I use Microsoft Outlook 2010 as my email client in the office, and was recently faced with a tiny problem. One of our developers created a new signature for every employee in HTML format. Now out of the box Outlook 2010 seems to use HTML and RTF format for its signatures but having only a WYSIWYG editor its not really possible to edit the HTML source from the editor.
The answer is to move the HTML document into the following directory (with the images and any external files it might link to)
C:\Users\YOUR_USER_NAME_HERE\AppData\Roaming\Microsoft\Signatures
Rename the file to .htm if its extension is .html and make sure the relative paths of links to images and other external content is correct.
Then open Outlook and link the signature from the options window.
My Facebook account was recently hacked (I still do not know how it happened) and I was unable to reset the password. It seemed as though the password recovery was in an endless loop if I could call it that. It would send me me an SMS with the code to unlock the account, then once I chose a new answer to the security question and changed the password to something new, it would come up with the Facebook roadblock. Then, as soon as you get to the last step it just goes to the main index page where you are prompted to log in again. Once you logged in, you would be faced with the same Facebook roadblock page. (See image below).
Read the rest of this entry
I recently bought a new PC for client he wanted to use as a small smb server. The motherboard (Foxconn H61MXL) ships with an integrated 10/100/1000mbit network interface that uses the Atheros AR8151 chipset. By default CentOS (and it seems many other flavors of Linux) does not have drivers installed by default for this chipset.
For CentOS 6 I downloaded the following driver:
http://elrepo.org/linux/elrepo/el6/i386/RPMS/kmod-atl1e-1.0.1.14-1.el6.elrepo.i686.rpm
After installing it you can load it using the following command:
modprobe atl1e
Add it to /etc/modprobe.d or /etc/rc.local to load at boot time.
NOTE: You will have to create a few config files manually, such as /etc/sysconfig/network and /etc/sysconfig/network-scripts/ifcfg-eth0
Here are an example of each:
/etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=my.server.co.za
GATEWAY=192.168.0.1
/etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=static
BROADCAST=10.10.0.255
IPADDR=10.10.0.50
NETMASK=255.255.255.0
NETWORK=10.10.0.0
ONBOOT=yes
trixbox is a very nice front end for the popular open source asterisk VoIP BPX system. Unfortunately it is also very insecure if used out of the box.
Luckily with a bit of tweaking it can be secured.
I recently installed a hosted PBX for a client and found that the machine got hacked within days of being exposed to the Internet. All the pre-paid air had been used up by dialing random African countries.
(Please note that this is more of a reference than a HOWTO.)
From what I can gather the systems gets hacked via the web front end. So I re installed the server, and did the following to secure the server:
Read the rest of this entry
I noticed that quite a lot of stuff has changed in CentOS 6. One of the things is setting the default mta to use.
The way in which it was done on CentOS 5 was using the command
system-switch-mail
Since CentOS 6 you should use the following command:
alternatives –set mta /usr/sbin/exim
NOTE: make sure you delete all other MTAs such as postfix and sendmail by doing a rpm -e postfix or rpm -e sendmail
Recently I started hosting a postgresql database, and found myself worried that I wasn’t sure how to do proper backups of it. I have a BackupPC server I use to make backups of all my MySQL dumps and server configs, data, etc. and decided to try make dumps of the postgresql in a similar manner I did when I wrote about doing MySQL Backups using a PHP script.
This time I wrote a simple shell script to do it with. This script has to be run with the postgres user, also from the crontab, make sure it runs as the postgres user.
This was done on CentOS with postgresql 9.0.
#!/bin/bash
#
# Simple postgresql backup script
# Written by Wayne Swart
db_array="MyDatabase1 MyDatabase2 MyDatabase3 MyDatabase4"
logfile="/tmp/pgsql-backup.log"
cd /var/lib/pgsql/9.0/backups
for db in $db_array
do
/usr/bin/pg_dump $db > "$db.sql" 1>> $logfile 2>> $logfile
tar zcvf "$db.tgz" "$db.sql"
rm -rf "$db.sql"
done
Here is a quick and easy way to block certain senders and domains with a simple acl.
First, create a text file in which you want to add the denied domains and sender addresses:
vi /etc/exim/sender_reject.list
Add the following line of text in the file to block everything from lets say gmail.com:
*@gmail.com
Now add the following line of text to your exim config in the acl_check_content section:
deny senders = /etc/exim/sender_reject.list
I have quite a lot of trixbox machines in the field. Most of the clients using them record all their calls, inbound, as well as outbound. Today I noticed the following error at a client: To many files in /var/spool/asterisk/monitor when accessing the portal to listen to recordings, and not all the calls were ‘playable’.
So after a bit of sniffing around I got the solution:
vi /var/www/html/recordings/includes/bootstrap.php
Look for the line of code that reads as follows:
if ($fileCount>$SETTINGS_MAX_FILES) {
And change it with this:
if ($fileCount>300000000) {
Problem solved.
Over the years exim has been been my MTA of choice, so I was quite disappointed to learn that it has been removed from CentOS 6.
Here is correct way to install it on CentOS 6 using the epel repo.
cd /usr/local/src
wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm
rpm -i epel-release-6-5.noarch.rpm
yum install -y exim-mysql
P2P is such a great tool for sharing files, but it can also be quite a pain to manage. I have found a method on Mikrotik that kinda works ok’sh.
First of I have 2 mangle rules to identify the traffic and place the IP’s in an address list.
Then there are two more rules that mark traffic to and from these hosts so it can be queued during peak time.
The first rule marks all p2p connections as a p2p connection in the prerouting chain, where it isn’t already marked as a p2p connection:
chain=prerouting action=mark-connection new-connection-mark=p2p-connection passthrough=no p2p=all-p2p connection-mark=!p2p-connection
The next rule matches these connections on the outside interface and places the source ip address in an address list called p2p-host. You can refine the outside interface with !my-internal-interface for example. Take caution with this rule so you don’t match your internal subnets or else their traffic will also be queued with the p2p-hosts:
chain=prerouting action=add-src-to-address-list address-list=p2p-host address-list-timeout=1d in-interface=ppp-to-mweb connection-mark=p2p-connection
Read the rest of this entry