Linux

As far as webmail goes, I’m a Neomail user, have been for a long while. I don’t know what it is about it - it’s clean interface and quick loading speed maybe? But the time has come for change as cPanel are deprecating the mbox format, why I hear you ask?

Reasons for Deprecating mbox
The new system has several benefits,
- It’s the way forward
- Better performance
- Improved mailbox locking;
- Simultaneous IMAP account access
- Use of open source code.

Is it Necessary?
It is expected that cPanel will continue to support mbox, but will switch to maildir as the default soon. As such I feel I’m probably going to have to take the plunge.

We changed it on one server just recently, a necessary upgrade as part of a fix for another issue - I had no choice and had to do it with no warning to users of that server, I held my breath - no onslaught came. One user asked why neomail no longer worked, when I explained they simply agreed it sounded a better solution and would start to use Horde!

I’m including the remainder of this post, as a reminder to myself of a few things and notes I’ve found around the web. I had one server upgraded last week and the only issue with it was the one user who had mail set to remain on the server for 7 days - all of their old email had to be downloaded again.

Any Known Problems?
There’s always going to be problems in an upgrade of this magnitude in my opinion, the biggest reason for this probably being the millions of different configurations of cPanel servers out there. Generally a fix all for almost everyone seems to be to run the following scripts.

    /scripts/courierup –force
/scripts/eximup –force
(This has solved problems on all but one machine)

One of the notes I also picked up on in the cPanel forums was Outlook Error 0×8004DF0B, this is caused by the default courier imap config:

    /usr/lib/courier-imap/etc/imapd

This is because the maximum number of connections from a single IP that courier allows by default is 4. Take a look at the file above and change the line:
MAXPERIP=4
to:
MAXPERIP=20

During the conversion all mail (POP) will be blocked until the process ends.

HOWTO Perform the Conversion
I’ve read about one server admin team doing the following:

1.) /scripts/convert2maildir
A.) #1 Backup all mail folders on this server
B.) #3 Start maildir conversion process
2.) /scripts/courierup –force
3.) /scripts/eximup –force
4.) /scripts/upcp –force
5.) /scripts/convert2maildir
A.) #3 to convert partially converted mail accounts

Common Complaints

• Missing Neomail Address Books
  In most cases these can be found in:
      /home/<user>/.neomail/user/addressbook

  /scripts/neomail2hordeaddrbook
  Call it with a user as its argument and it does only that user’s addresses, call it with no argument it doeal all users serverwide

  The mail should also be in Horde or SquirrelMail (the user may need to subscribe to the folders again).

• Root Boxes
  Users used to be able to login at http://mydomain.com/webmail with user mydom and password xyzzy. They’d then see the mailboxes for mydom@mydomain.com, as well as a subfolder for the mailbox and folders for their other email addresses such as joe@mydomain.com and sales@mydomain.com.

  This will no longer work straightaway - it was NOT a feature, it was a secuity hole and it’s gone now. Although it appears that Horde have officially added it as a feature in later builds of cPanel 11 (Simply log into Horde as the main account and in the drop-down box in the upper-right corner of the screen you’ll see many things, including email addresses of email accounts on the server you can check by simply selecting them from the drop-down).

In a post way back in January of 2005, I discussed the software MyTop for monitoring connections on your MySQL server. I’ve had it installed and use it semi-regularly - however, it doesn’t always work - often I am greeted with the following error:

Cannot connect to MySQL server. Please check the:

* database you specified “test” (default is “test”)
* username you specified “root” (default is “root”)
* password you specified “” (default is “”)
* hostname you specified “localhost” (default is “localhost”)
* port you specified “3306″ (default is 3306)
* socket you specified “” (default is “”)

The options my be specified on the command-line or in a ~/.mytop
config file. See the manual (perldoc mytop) for details.

Here’s the exact error from DBI. It might help you debug:

Unknown database ‘test’

A pain in the butt, as I get it quite regularly and normally get one of the techs to tinker with it… Here’s the fix!

Simply enter the following command:

echo “db=mysql” > ~/.mytop

Paragonhost has a very useful post on setting up custom PRM rules (Process Resource Monitor).

I think this maybe the cause of so much load on one of my servers recently, as the exim process is getting killed early and not being allowed to finish a queue run - resulting in a backlog of mail on the queue and an ever decreasing circle (not good!).

I’ve made a tweak and will see how it goes!

Did a little bit of Apache reading after a client query yesterday, it seems restarting httpd is not all that it seems!

start - start httpd
startssl - start httpd with SSL enabled
stop - stop httpd
restart - restart httpd if running by sending a SIGHUP or start if
not running
fullstatus - dump a full status screen; requires lynx and mod_status enabled
status - dump a short status screen; requires lynx and mod_status enabled
graceful - do a graceful restart by sending a SIGUSR1 or start if not running

Is the normal course of events from apachectl, but what about if we want to restart with SSL?

A route around this as sugeested by someone is to remove all the stuff in the apache config file, or altertively edit the HTTPD definitiona tthe top of apachectl so that it ALWAYS passes -DSSL), then use normal start/restart/graceful

Now we’re on the subject of graceful, I have found out that it mean no existing or pendings connections are lost during the restart!

One way to check if magic_quotes is running is to run get_magic_quotes_gpc(). It will return a 1 if it is on, or a 0 if it is off. You can use this result to print out the magic_quotes status, or to decided if you should run another function, such as addslashes.

< ?php
if (get_magic_quotes_gpc()==1)
{
Print “Magic Quotes gpc is turned on” ;
}
else
{
Print “Magic Quotes gpc is turned off” ;
}
?>

I had reason to go looking for this today, having not done it in a long, long time (thanks to the delightful cPanel interface).

To change a password on behalf of a user, first sign on or “su” to the “root” account. Then type, “passwd user” (where user is the username for the password you are changing). The system will prompt you to enter a password. Passwords do not echo to the screen when you enter them.

You can also change your own password, by typing “passwd” (without specifying a username). You will be prompted to enter your old password for verification, and then a new password.

One of my servers was subjected to a SPAM attack again yesterday (via PHP using an insecure php mail() call I suspect). Thankfully the user was tracked down quickly and suspended. Leaving some 10,000 messages on the queue!!

Digging out the Exim Cheatsheet that I posted on this blog in December saved my bacon yet again! The argument for turning on PHPSuExec continues!