Back to main siteSimple .php package check
I have no knowledge of php so rather than figure this out again here’s what I did. Probably has a million mistakes.
<?php
require_once 'PEAR/Registry.php';
// First see what the command line does
print("<p>pear list<br>");
$output = shell_exec('pear list');
echo "$output";
// Now see what we get
$pear = new PEAR_Config();
$pear_reg = $pear->getRegistry();
$pear_info = $pear_reg->packageInfo("PEAR");
$pear_list = $pear_reg->listPackages();
$result = count($pear_list);
echo "\n<p> pear_list has element count of ";
echo "$result </p>\n";
foreach ($pear_list as $value)
{
print_r($value);
echo " <br>\n";
}
echo "\n=====================================================<br>";
require_once 'PEAR/Info.php';
$res = PEAR_Info::packageInstalled("Mail_Mime");
echo "$res <br>\n";
?>
Notes on installing Maia on CentOS 7 Plesk 12.5
Wasn’t clear to me that Maia is a fork of amavisd-new, so you don’t need amavis? No clear instructions for installing 1.0.4, but found this install script to look at: http://pastebin.com/RsrxPkxG
Basically pick a set of directions and adapt them to work in the specific environment of the system. The two config tests http://www.maiamailguard.com/maia/wiki/configtest.pl and http://www.maiamailguard.com/maia/wiki/configtest.php are helpful (required) to figure out what’s missing. But also look at the server logs as the config test will say it’s happy when in fact things aren’t right.
To fix the open_basedir issues I ended up with:
{WEBSPACEROOT}{/}{:}{TMP}{/}:/usr/share/pear/Smarty/:/usr/share/pear/PEAR/:/usr/share/pear/
There’s a lot of packages that have to be added (using pear). This one though didn’t come up as needed but it is:
pear install PEAR_Info
Also: listPackages() and listAllPackages() return different types (I used these to check the config). listPackages() works as expected when the .php file is called from the command line, but it returns null when apache runs it. ini_get(“include_path”); indicates the include paths are the same between command line and apache. Only hint is that when run from the command line it’s not finding ../config.php (which is in the maia dir). That’s explained by different environment variables…$_SERVER[‘DOCUMENT_ROOT’]. Changing that for testing that doesn’t provide any more info as to why it works from command line and not from apache.
Looks like under apache is wants to look here: /usr/share/pear/ for confg files, but from the command like it looks here (and this is where they are): /var/lib/pear/
Why does apache not know where to look?
specifically apache is looking for (from getRegistry() ):
: statedir :/usr/share/pear/.registry
: filemap :/usr/share/pear/.filemap
: channelsdir :/usr/share/pear/.channels
: lockfile :/usr/share/pear/.lock
but that’s not where those files are.
gave up and did the obvious
ln -s /var/lib/pear/.registry .registry ln -s /var/lib/pear/.filemap .filemap ln -s /var/lib/pear/.channels .channels ln -s /var/lib/pear/.lock .lock
and didn’t work as open_basedir restrictions don’t include those. Slog through the errors and add them and finally it’s all green…except there’s still errors getting logged. Rinse & repeat…
Trying the login page, a bunch of errors, but some can probably be ignored. But this one:
AH01071: Got error 'PHP message: PHP Fatal error: Call to undefined function: MDB2_Driver_mysql::raiseError(). in /usr/share/pear/MDB2.php on line 1936\n'
is fatal, though I suspect I need to chase what got it to that line and not the missing function. Worry that maiamailguard is just too old/out of date and the problems will never stop…
more odd things to do:
pear upgrade MDB2-beta
minimal .php program to figure out the environment
<?php phpinfo();?>
in smarty.php had to change this:
if (isset($smarty_path)) {
ini_set('include_path', $smarty_path . ":" . ini_get('include_path'));
require_once ("Smarty.class.php");
} else {
require_once ("Smarty/Smarty.class.php");
}
Change Smarty -> smarty.
The search for a simple to use spam system continues
Can’t believe how many of them don’t seem to handle forwarding only accounts…
Amavis-new would seem to be a good solution for the back end that sits on top of the spam/virus stuff
https://www.ijs.si/software/amavisd/ and appears to still be active.
However a web based front end for it (but not trying to control postfix, which Pesk is handling) isn’t so obvious. Most of the things listed on the amavis page are long since abandoned. MailZu would have been a possible fit that’s in this category. ‘course someone that knows what they’re doing might figure out to use these old packages…not me though.
Maia Mailguard seems to be the best option in terms of functionality but seems unsupported at the moment. http://www.maiamailguard.com/maia/wiki/AboutMaia For some reason their mailman lists aren’t publicly available and there’s no search, so no way to look for answers to problems. Seems like there’s very little activity. This list seems to have occasional activity: http://maia-users.renaissoft.narkive.com/
Current release is on this fork here: https://github.com/technion/maia_mailguard and install info was apparently going to be here: https://github.com/technion/maia_mailguard/wiki/Installation-Guides
Things I looked at:
https://wiki.gentoo.org/wiki/Mailfiltering_Gateway Not helpful when using Plesk but does show how this all fits together.
http://forums.sentora.org/showthread.php?tid=1132
https://wiki.centos.org/HowTos/Amavisd
http://www.purplehat.org/?page_id=16 Maia install – covers 1.0.4 which is important as it sounds like earlier versions were different
https://www.howtoforge.com/installing-maia-mailguard-on-debian-lenny
http://www.phpexpert.net/maia_mailguard.html
More things with plesk 12.5 setup
/etc/aliases : fix entry for root to point to a valid email address. run newaliases after changing (maybe retsart postfix too?)
greylisting may get turned on for new domains. Check with:
/usr/local/psa/bin/grey_listing --info-domain domain.tld
turn off with:
/usr/local/psa/bin/grey_listing -ud ldomain.tld -status off
/etc/postfix/main.cf needs:
mydestination = $myhostname, localhost.$mydomain, localhost, localhost.localdomain
Plesk repair utility – hugely useful tool for dealing with issues. Seems like migrating domains leaves some bad thing around.
Ways to test DNSBL is working:
http://postfix.1071664.n5.nabble.com/Logging-DNSBL-rejections-td68920.html (telnet to 127.0.02)
http://www.crynwr.com/spam/ This is really useful and really hard to find…
Needed to set open_basedir for some php stuff, but doing it from the Plesk panel for php for the domain didn’t seem to work. Can’t tell where it’s even putting it.
found it in vhost.conf.
Setting up ASSP on CentOS 7 – punt
Spam Assassin is the default anti-spam package with Plesk, but for a server with no mail accounts it (at least for me) is useless as there’s no way to know what mail it’s rejecting. Experience with other systems has shown that astronomy related mail seems to be disliked by spam filters.
ASSP seems better suited to a system that doesn’t have local users (i.e. mailman, mail forwarding, etc.). It also looks pretty complex to install and get running. And it’s not clear how it can get trained given (almost) no mailboxes. Using ASSP 2.5.1.
First problem after installing (unzipping…) was failing to load about a dozen perl modules. installed cpan to try and figure it out, but some of the packages seem to have problems installing and had to be manually installed. Keep checking moduleLoadErrors.txt until it’s clean (look at Can’t locate X in @INC to figure out what package is missing, which is probably different than the module that caused the error) (this took multiple iterations…several hours)
In cpan, install Term::ReadLine::Gnu to get a working console. It needs ncurses-devel and readline-devel to be installed.
ASSP will want to use ClamAV, which isn’t installed as Plesk uses their own AV. (and not sure I want to use it vs. the stuff included with Plesk, just doing this to make module errors go away) Looks like there’s no simple install on CentOS 7 for clamav (clamd was missing after following the directions). Google for answers if this happens. (maybe this is helpful https://linux-audit.com/install-clamav-on-centos-7-using-freshclam/ ) Notes that those directions put clamd.conf not where clamd expects to find it (see man).
No response from the webserver. Can telnet to the server locally…Open port 55555 in the firewall(s). Change the default password (good luck, it’s buried somewhere that I can’t find again)
There’s a reference manual but so far no noob oriented “here’s how to get started for a simple system.” This tutorial seems the closest to that: https://vorkbaard.nl/installing-assp-spamfilter-on-ubuntu-server-14-04-lts/ though the stupid Linux system flavor differences don’t make it a brainless “copy these steps” for CentOS. As well as it’s for a way more complex setup than being done here.
There are comments about adding user(s) but so far have not found where that magical setting is.
Changed the smtp ports and restarted assp but it won’t respond on port 25, no error messages. The more I read about assp it does not seem like the right thing. Noticed when looking for more info about assp that spam assassin maybe can save reject messages so going to look at that as SA is already integrated in to Plesk, etc., so would probably be less headaches than assp.
Notes for setting up a new virtual server at 1&1
Been a long time 1 and 1 customer, moving off a creaky old dedicated machine to a VPS. It’s not quite all configured to work out of the box. This is CentOS 7 & Plesk 12.5. Things to do:
- Modify 1&1 firewall to open port 8447 (needed for Plesk). Open up other ports you need. Probably at least 587 for SMTP submission
- Set the machine name (not clear to what though…I used 1&1’s name as that seemed like a safe choice)
- Add the PTR record (from the cloud network panel) to match the above
- Add a SPF record to the DNS for the IP addresses and machine name (just to cover all the bases)
- Spamhaus picked up on the mail server EHLO name mismatch right away (as I didn’t realize it right away) so check for blacklists (as well as you never know who had the IP before you)
- Install Plesk migration tool (as I was moving from a different machine so needed this to move the domains)
- Decided to only allow FTPS (or SFTP as left SSH open as well)
- vhosts.conf may not have transferred, check it
- Older Gallery 2 install that was migrated to the new system broke in move due to permissions (turn on Gallery debug in it’s conf file to diagnose). Was permissions problem on gdata
- System won’t have gcc, etc. See http://www.scalescale.com/tips/nginx/install-gcc-development-tools-centos-7/
- mailman is 2.1.15 which lacks a workaround for the (awful) DMARC that some big sites run. Looking to install current mailman 2.1.23. python-devel is needed (along with normal gcc, etc.)
- Upgrade directions: https://wiki.list.org/DOC/4.80%20How%20do%20I%20upgrade%20from%20Mailman%202.1.x%20to%20a%20later%20Mailman%202.1.y%3F
- Build directions: https://www.gnu.org/software/mailman/mailman-install/building.html
- Build new mailman
-
./configure --prefix=/usr/lib/mailman --with-var-prefix=/var/lib/mailman --with-cgi-gid=apache
- the gid would seem to need to be apache, even though in the older install from Plesk I see files owned by root. Not sure I understand exactly who’s doing what, but if gid is root you get an error saying the script is being run as apache. The defaul uid is mailman, which is correct for this install.
-
make
- (stop mailman)
-
make install
- (start mailman)
- and it dies on use: IOError: [Errno 13] Permission denied: ‘/var/lib/mailman/logs/error’
- change that file owner to apache, and later I just made it o+rw as at this point who cares. But fails still IOError: [Errno 13] Permission denied: ‘/var/lib/mailman/lists/list-test/config.pck
- and there’s still something not right, though the admin interface worked for a bit. Looks like the list dirs in /var/lib/mailman/lists are the cause, but not clear what the answer is. On the old system the dirs are chown root and the files are chown mailman, but that was Plesk 11. But cgi-id of root is definitely wrong. Tried this SELinux related fix but no difference: https://wiki.list.org/DOC/SELinux%20errors%20after%20upgrade%20-%20RedHat
- anyhow, just run mailman’s check_perms -f to fix the stuff.
Running on the new server
This is a pointless post to see if the new server works.
Couple of links to things I’m reading
so I can find them regardless of my bookmarks.
http://scienceblogs.com/startswithabang/
https://www.quantamagazine.org/
And what’s a day without:
http://xkcd.com/
and also:
http://abstrusegoose.com/
Yeah, this hasn’t been touched in a while.
Doing other things elsewhere so I’ve left this to sit for a (long, long) while. But a server upgrade is going to have to happen soon and then I think it will be time to revive this.
Speaker crossover articles & references (just links to papers to remind me what I’ve found)
W. M. Leach, Jr., “Electroacoustic System Realizations for the Linkwitz-Riley Crossover Networks,” Journal of the Audio Engineering Society, vol. 35, no. 10, pp. 792-800, October 1987.
AES E-Library Loudspeaker Driver Phase Response: The Neglected Factor in Crossover Network Design
Leach’s book Introduction to Electroacoustics and Audio Amplifier Design (buy it here http://www.kendallhunt.com)
Charlie Laub’s ACD spreadsheet
Crossover Networks from A to Linkwit-Riley
1st – 4th order crossover calculator (no plots)
mini DSP’s article