Building a Postfix-based mail system for incoming and outgoing email, capable of successfully sending one million emails per day

It was necessary to build an updated mail system for a client which would handle all incoming and outgoing email, and which could handle successfully sending out an average of one million emails per day. This was based on Postfix, since Postfix is known for reliability, robustness, security, and relative ease of administration. Building a Postfix mail system capable of handling so many emails is quite a significant aim at a time when establishing a positive reputation for independent mail servers delivering high volumes of email is quite a challenging goal.

Continue reading “Building a Postfix-based mail system for incoming and outgoing email, capable of successfully sending one million emails per day”

Security hardening on CentOS 7, Red Hat Enterprise Linux 7 & Amazon Linux

A few years ago I wrote a quite popular post for security hardening on Ubuntu 14.04, and now here’s a new version for CentOS 7 and RHEL 7. Much of it should apply to CentOS/RHEL versions 6 and 8, with some tweaks required here and there. It should also largely work with Amazon Linux and Amazon Linux 2, although again some tweaks will be required for those.

Continue reading “Security hardening on CentOS 7, Red Hat Enterprise Linux 7 & Amazon Linux”

Monitoring HP ProLiant DL360 hardware in CentOS, with Nagios (optional)

My original post for monitoring HP storage hardware in CentOS is now out of date, so I decided to write an updated post for monitoring all hardware, not just storage hardware, and for optionally including this hardware monitoring in Nagios.

This is written primarily for CentOS 6. It should be largely fine for CentOS 5 and CentOS 7 too, although one or two modifications may be needed. It should also work with some other HP ProLiant servers such as the DL380.

Continue reading “Monitoring HP ProLiant DL360 hardware in CentOS, with Nagios (optional)”

Monitoring PERC RAID controllers and storage arrays on Dell PowerEdge servers with Debian and Ubuntu

If you have a Dell PowerEdge server with a RAID array then you’ll probably want to be notified when disks are misbehaving, so that you can replace the disks in a timely manner. Hopefully this article will help you to achieve this.

These tools generally rely on being able to send you email alerts otherwise their usefulness can be somewhat limited, so you should make sure you have a functioning MTA installed which can successfully send email to you from the root account. Setting up an MTA is beyond the scope of this article, so hopefully you already know how to do that (or you can check out my new post on setting up a Postfix-based mail system).

Continue reading “Monitoring PERC RAID controllers and storage arrays on Dell PowerEdge servers with Debian and Ubuntu”

Security hardening on Ubuntu Server 14.04

Recently I’ve been involved with a project where I needed to perform some security hardening on Amazon Web Services EC2 instances running Ubuntu Server 12.04, so I used this excellent guide as a starting point, then I added, removed and modified things as needed.

I decided to take those procedures and modify them for Ubuntu Server 14.04 now that this new LTS version has been released. Some of the procedures from 12.04 no longer need to be performed, and some needed to be changed. The following guidelines are what I’ve ended up with. You might find these guidelines useful to varying extents on other Linux distributions, but there will be potentially very significant differences depending on which distro you’re using.

Continue reading “Security hardening on Ubuntu Server 14.04”

Creating a two-node CentOS 6 cluster with floating IP using CMAN and Pacemaker

Originally I was using Heartbeat to create two-node Linux clusters with floating IPs, but when Heartbeat stopped being developed I needed to figure out how to use Corosync and Pacemaker for this instead. Somewhat annoyingly, Linux HA stuff has changed yet again in CentOS 6.4, so now it’s necessary to use CMAN and Pacemaker instead.

This is quite a lot more in-depth than the simple configuration that was originally required for Heartbeat. Anyway, based on my recent experiences, here’s a very quick guide for if you find yourself in a similar situation. This works for me on CentOS 6.4 and higher, but it won’t work on earlier versions of CentOS.

Continue reading “Creating a two-node CentOS 6 cluster with floating IP using CMAN and Pacemaker”

Virtualisation with KVM and LVM on CentOS 6 via the command line

I’ve found plenty of articles out there explaining how to use KVM with graphical GUI tools. On most of the CentOS servers I administer, however, I use Kickstart to create a customised and minimal GUI-free install to keep things as simple and efficient as possible. Here, therefore, are some guidelines for how to set up a virtualisation environment and virtual machines using KVM on CentOS 6 via the CLI.

Continue reading “Virtualisation with KVM and LVM on CentOS 6 via the command line”