Inexpensive Web Hosting, Comcast Web Hosting Java Blog

628Part VRunning Serverstmpfn = mktemp() tmpfh = open(tmpfn, w+b ) while True: rbuf = stdin.read(1024) if rbuf == : breaktmpfh.write(rbuf) tmpfh.close() vscan = popen( %s –no-summary –stdout –infected –mbox %s % (CLAMSCAN, tmpfn), r ) while True: rbuf = vscan.readline() if rbuf == : breakif rbuf.find( FOUND ): errors.append(rbuf[rbuf.find( : )+2:-1]) vscan.close() tmpfh = open(tmpfn, r ) if len(errors) > 0: while True: rbuf = tmpfh.readline() if rbuf == n : breakstdout.write(rbuf) for e in errors: stdout.write( X-Virus-Alert: %s in messagen % e) stdout.write( n ) while True: rbuf = tmpfh.read(1024) if rbuf == : breakstdout.write(rbuf) tmpfh.close() unlink(tmpfn) When called from maildropto process a message, this program will savethemessage to a temporary file that it scans using clamscan(which is partofthe ClamAV package). It then processes the output from clamscanto determine whether any viruses were found. Finally, it passes the messageback to maildrop, including a X-Virus-Alert header(as appropriate), andremoves the temporary file. 5.Set the permissions on clam-mailscanso that it can be executed byanyuser: # chmod 0755 /usr/local/sbin/clam-mailscan33_
Note: In case you are looking for affordable and reliable webhost to host and run your j2ee application check Vision J2ee Web Hosting services.

627Chapter 24Running a Mail Server2.Debconf asks several questions about how to configure Postfix: Select Internet Site as the configuration type, unless you have to sendoutgoing mail through a specific server, in which case you should selectInternet With Smarthost. Direct all mail to the appropriate account on your system. Generally thisis the account that you created while installing Debian. Enter the name of the primary domain for which you will be accepting mail. Answer noto the question about adding your domain to simple addresses. If you selected the smarthost option, enter the name of that server whenprompted. Enter the entire list of hosts for which you plan to accept mail. This isgenerally your main domain, localhost, and localhost.localdomain. Do not force synchronous writes for mail unless you expect your serverto have frequent unexpected reboots and are ready to take the perfor- mance decrease. 3.Configure Postfix to use maildropas its local MDA by editing the mailbox_ commandline in /etc/postfix/main.cf: mailbox_command = /usr/bin/maildrop -d ${USER} If you will be relaying mail for any clients, add their IP addresses to the mynetworks line. 4.The only filter mechanism supported by maildrop requires that the externalfilter program read the original message on its input and then write the entiremessage to its output. ClamAV does not include this feature, so an intermedi- ate program will be needed to perform some of the filtering steps. Create a filenamed /usr/local/sbin/clam-mailscanthat contains the following: By the time this book goes to press, this script should be available online at http: //www.tuckerlabs.com/wayne/projects/clam-mailscan/. #!/usr/bin/env pythonfrom sys import stdin, stdoutfrom os import execv, popen, umask, unlinkfrom tempfile import mktempCLAMSCAN= /usr/bin/clamscan umask(0077) errors = [] Note33_
Searching for affordable and proven webhost to host and run your servlet applications? Go to Linux Web Hosting services and you will find it.

626Part VRunning Servers11.Install and start Qpopper if you want to provide POP3 access: # apt-get install qpopperIf desired, you can also enable IMAP support by installing uw-imapd package. 12.If any client machines are going to be relaying messages through your server, add their IP addresses to /etc/mail/accessand run makein the /etc/maildirectory to update the database. This change does not require that youreload the sendmail configuration. The default /etc/mail/accessfile contains REJECTsettings for a number of IPaddress blocks. These addresses are not assigned to any networks right now butare sometimes abused by spammers. From time to time, one of these addressblocks is assigned to a regional IP address registry and then further divided amongnetworks. When this happens, your server will continue to reject mail from thoseaddresses. You can find a list of these networks at http://cymru.com/Bogons/ index.html. If you don t have time to check the list regularly for removals, thenyou may want to remove the entries now. You now have a fully functioning mail server that you can access from any standardmail client. Installing and Running PostfixPostfix (http://postfix.org/) was created by Wietse Venema as a replacementfor sendmail. It was designed to be fast, easy to administer, and secure. It was alsodesigned to behave similarly enough to sendmail that existing users would be ableto switch without needing to make any major changes to other programs. Maildrop (http://flounder.net/~mrsam/maildrop/) is the local MDA for theCourier mail system and is also available as a standalone package. It can be config- ured to sort messages based on rules that are specified on a system-wide or per-userlevel and is used in this example configuration to run messages through SpamAssassinand ClamAV and then move them to a Trash folder if either filter identifies them asundesirable. Courier-IMAP (http://courier-mta.org/imap/), like maildrop, is a part of theCourier mail system and is also available as a separate package. Follow these steps to install and configure the needed software: 1.Install the Postfix and maildrop packages: # apt-get install postfix postfix-doc maildropCautionNote33_
Please visit our professional web hosting services to find out about cheap and reliable webhost service that will surely answer all your demands.

625Chapter 24Running a Mail ServerThe following lines cause sendmail to rewrite the domain in the return path ofall outgoing messages: FEATURE(`always_add_domain )dnlMASQUERADE_AS(`mail.example.com )dnlFEATURE(`allmasquerade )dnlFEATURE(`masquerade_envelope )dnlThis is often not desirable, so comment out these lines by adding dnl(including the space after dnl) to the front of each line: dnl FEATURE(`always_add_domain )dnldnl MASQUERADE_AS(`mail.example.com )dnldnl FEATURE(`allmasquerade )dnldnl FEATURE(`masquerade_envelope )dnlThe next two lines tell sendmail what forms of mail delivery it should handle. They may be missing from your configuration by default, so make sure theyare added toward the end of the file. MAILER(local)dnlMAILER(smtp)dnlThe following lines tell sendmail how to communicate with the milter pro- cesses. The INPUT_MAIL_FILTERones define the connection parameters forthe individual milters, and the definestatement specifies the order in whichthey will be processed. INPUT_MAIL_FILTER(`spamassassin , `S=local:/var/run/sendmail/spamass.sock, F=, T=S:4m;R:4m;E:10m )dnlINPUT_MAIL_FILTER(`clamav , `S=local:/var/run/clamav/clamav-milter.ctl, F=, T=S:4m;R:4m )dnldefine(`confINPUT_MAIL_FILTERS , `spamassassin,clamav )dnlThe F=option tells sendmail to continue message processing even if it is unable tocommunicate with the milter. Replace it with F=Tif you need to have messagestemporarily fail in such an event (but make sure you watch your mail logs closelywhen doing so). 9.Make sure that any domains for which your server will be accepting mail arelisted, one per line, in /etc/mail/local-host-names. 10.Regenerate the sendmail configuration file: # sendmailconfigConfigure sendmail with the existing /etc/mail/sendmail.conf? [Y]y[…] Configure sendmail with the existing /etc/mail/sendmail.mc? [Y]y[…] Reload the running sendmail now with the new configuration? [Y]yNote33_
We would like to recommend you tested and proved virtual web hosting services, which you will surely find to be of great quality.

624Part VRunning Servers3.Configure SpamAssassin to not modify message bodies by adding the follow- ing line to the end of /etc/spamassassin/local.conf: report_safe 04.Start SpamAssassin: # invoke-rc.d spamassassin start5.Install the ClamAV virus scanning daemon: # apt-get install daemon clamav-daemon6.Install the milter programs that sendmail will use to perform the content filtering: # apt-get install spamass-milter clamav-milter7.Edit the spamass-milter startup parameters in /etc/default/spamass- milter. The configuration settings shown here instruct spamass-milter tonotmodify the message body (which can result in significant performancedecreases) and to reject messages with a spam score higher than 20. # spamass-milt startup defaults# OPTIONS are passed directly to spamass-milter. # man spamass-milter for detailsOPTIONS= -m -r 20 Note the last line in this example. If you have several options to specify, youinclude them in a single OPTIONSline as shown. 8.The master sendmail configuration file is /etc/mail/sendmail.cf. Its formatis very complicated, which is why the preferred method is to edit /etc/mail/ sendmail.mc. /etc/mail/sendmail.mccontains macros that are translatedand copied to the sendmail.cfwhen you run sendmailconfigor when yourun makefrom the /etc/maildirectory. Open sendmail.mcin your text edi- tor and make the following changes: DAEMON_OPTIONS(`Family=inet, Name=MTA-v4, Port=smtp, Addr=127.0.0.1 )dnlThis line tells sendmail to only listen for connections on the loopback interface. If you plan to receive messages directly via SMTP, replace 127.0.0.1 with 0.0.0.0. Add the following line after the DAEMON_OPTIONSlines if you do not have con- trol over all hosts within the domains that you are relaying for (doing so willhelp prevent other machines within those domains from relaying mail throughyour server without authorization): FEATURE(`relay_hosts_only )dnlInsert this line if you have to send all outgoing mail through a specific server: define(`SMART_HOST , `mail.example.org )dnlIf you are going to allow client machines to relay messages through yourserver (see step 12 and the associated Caution), find this line: FEATURE(`access_db , , `skip )dnland replace skipwith /etc/mail/access.
You need excellent and relaible webhost company to host your web applications? Then pay a visit to Inexpensive Web Hosting services.

623Chapter 24Running a Mail ServerInstalling and Running sendmailSendmail (http://www.sendmail.org/) is the granddaddy of SMTP mail systems. It is still the default MTA on most systems, and a recent survey showed that 41% ofactive mail servers were running sendmail. A fairly recent addition to sendmail is the Milter API. This API allows for the writingof mail filters that can filter messages at the SMTP level, allowing for careful controlover what messages are accepted by the server. A standard milter consists of a daemon that runs in the background and waits for aconnection from the sendmail daemon. Almost every line that is sent from an SMTPclient to the server is passed to the milter, which can accept, temporarily reject, orpermanently reject the message at any point in the process. Milters also have thecapability to modify message content. This capability is most commonly used toadd headers to messages indicating status information. A number of milters have been written to perform various tasks. Two such miltersare Spamass-Milter (http://savannah.nongnu.org/projects/spamass-milt/) and ClamAV-Milter (http://clamav.net/). As you would expect, these milters useSpamAssassin and ClamAV to perform content identification. You can find general information about milters at http://milter.org/. The final component is Qpopper (http://qpopper.sourceforge.net), which isthe most widely used POP3 daemon. You can find configuration options for Qpopperin /etc/qpopper.conf, although you won t need to change any of the defaults forthis server. Follow these steps to install and configure the needed software: 1.Use APT to install the sendmail packages: # apt-get install sendmail sendmail-bin sendmail-docAPT will download the packages, remove Exim (the default MTA on Debiansystems), and install sendmail. During the configuration process, you will seewarnings about databases not existing. It is safe to ignore these warnings. 2.Configure SpamAssassin s startup parameters. Start by editing the file/etc/default/spamassassinand changing the ENABLEDand OPTIONSparameters. The file should look something like this when you are done: # /etc/default/spamd.conf# Change to one to enable spamdENABLED=1# Options# See man spamd for possible options. The -d option is# automatically added. OPTIONS= -m 25 -H Note33_
We recommend high quality webhost to host and run your jsp application: christian web host services.

622Part VRunning ServersYou must be able to access the server from clients, although you may only need todo so from clients within your network. In either case, you should read over theinformation about DNS and A records in the previous section. Common PackagesTwo software packages will be used by both system configurations. You ll installthese programs first so that they are (mostly) ready when the system is ready touse them. .SpamAssassin(http://spamassassin.apache.org/) is a spam filtering program written in Perl. It uses a large set of rules to help determine how spammy a message looks and assigns a score based on the total of the rulevalues. For performance reasons, SpamAssassin uses a background daemoncalled spamd to perform message analysis. Access to this daemon is per- formed through the spamc client. A spamassassincommand that performsthe analysis without using spamd is also installed but is not used by eitherofthe example configurations in this chapter. .ClamAV(http://www.clamav.net) is an open source virus scanner thatdetects more than 20,000 viruses, worms, and Trojans. It uses a virus patterndatabase to identify viruses and includes a program named freshclam thathandles updating the database automatically. Like SpamAssassin, ClamAVincludes a daemon (clamd), a client (clamdscan), and a second command-linetool that does not use the daemon (clamscan). The daemon is used in thesendmail setup but is not used by the Postfix setup for logistical reasons. You ll use APT to install these two programs, which are contained in the clamav andspamassassin packages: # apt-get install clamav spamassassinDebconf will ask you several questions about the configuration for ClamAV: .For the virus update method, select either Daemon or Cron. The former isbest for most situations. .Select the appropriate source for the virus database. The second part of theserver name is the country code, so U.S. residents will want to select db.us. clamav.net. .You may be prompted for HTTP proxy information. If you have a direct con- nection to the Internet, you probably don t need to enter anything here. Ifyou re uncertain, you can ask your network administrator or the technicalsupport at your ISP whether you need a proxy server to access Web pages. Now that the system is prepared, you can proceed to the section containing theconfiguration that you have selected.
From our experience, we can recommend PHP5 Web Hosting services, if you need affordable webhost to host and run your web application.

621Chapter 24Running a Mail ServerOnce you have your A record, you can direct mail to your server using an MX (MaileXchanger) record. The domain for the A and MX records do not need to be part ofthe same domain, which allows for much greater flexibility. Here is a sample MXrecord: widgets.test. IN MX 0 bigserver.example.org. This MX record indicates that mail for (any address)@widgets.test should be sentthrough the server bigserver.example.org. The 0indicates the numeric priorityforthis MX record. When more than one MX record exists for a given label, the MXwith the lowest priority is tried first. If a temporary error is encountered, the nexthighest priority mail server is tried, and so on until the list is exhausted. At thatpoint the sending server will keep trying periodically until the message times out(generally five days). If multiple MX records exist with the same priority, they aretried in a random order. Most mail servers will also fall back on the IP address listed in the A record for alabel in the event that no MX records exist. However, it is considered bad practiceto rely on this. In some cases, it may be complicated to establish an A record because your IPaddress frequently changes. Obviously, this is not suitable for commercial purposes, but there is a workaround that is acceptably reliable for personal use. This is achievedthrough dynamic DNS services that are available (often at no charge) through a num- ber of different companies. A list of these companies is maintained at http:// dmoz.org/Computers/Software/Internet/Servers/Address_Management/ Dynamic_DNS_Services/. Three of the most popular (in no particular order) are: .DynDNS.org (http://dyndns.org/), supported by the ddclient or ipcheckpackages .ZoneEdit (http://zonedit.com/), supported by the ez-ipupdate package .No-IP (http://no-ip.com/), supported by the no-ip packageThe ez-ipupdate package supports all three of these, plus a number of others. View the package description (apt-cache search ez-ipupdate) for moreinformation. Most of these services will provide you with a hostname under a shared domain atno charge and can also provide a similar service for your own domain for a reason- able fee. Configuring for Retrieval from a Mail HostThe configuration requirements when retrieving mail from a mail host are prettylimited. Your server should be ready to accept mail addressed to localhost andshould generally have a name that is unique to it. In the event that a message sentto one of your mailboxes is rejected, the server will need to have a valid host nameby which to identify itself when sending out the DSN (Delivery Status Notification). NoteNote33_
You need excellent and relaible webhost company to host your web applications? Then pay a visit to Inexpensive Web Hosting services.

620Part VRunning ServersPreparing Your SystemYou will need a few common items for either configuration, starting with the properhardware. A personal mail server can easily run on a Pentium-class computer, although you may notice occasional slowdowns while incoming messages are beingscanned. Disk space requirements depend mostly on how much mail you want tohave room for, so plan on having a few gigabytes for the operating system (which willleave you plenty of extra, just in case), plus the amount of mail you want to store. The operating system should be installed with only the basic set of packages beforeyou begin these examples. Some general information about the installation is pro- vided in Chapter 9. Although the software described in this chapter works even ifyou aren t running Debian, the installation methods will not. If you don t have a sparesystem to act as a dedicated mail server, you can still use it as your workstation, although this is obviously recommended only for personal use. Network ConfigurationYour network settings should also be properly configured before you begin installingthe mail software. The exact requirements depend on the method by which mail willbe delivered to your server: .Direct deliveryis the method used by most traditional mail servers. DNSrecords tell remote servers that any mail addressed to your domain should besent to your server via SMTP. .Retrieval from a mail hostis also possible using an MRA (Mail RetrievalAgent) such as Fetchmail. This option can be used when you have a mailboxunder a shared domain but want to access the mail on your own server. Thiscan also be done in combination with direct delivery if you have both yourown domain and mailboxes under shared domains. Configuration of Fetchmail is explained in the Configuring Mail Clients section ofthis chapter. Configuring for Direct DeliveryFor direct delivery to function, the SMTP service (TCP port 25) must always beaccessible to the outside world through a fixed name in DNS. This name will be inthe form of an A (Address) record. A records allow DNS resolver processes to deter- mine the IP address associated with a specific name and are used by most of thecommon protocols on the Internet. A typical DNS A record looks something like this: bigserver.example.org IN A 1.2.18.12The first parameter, bigserver.example.org, is the label, and the second parame- ter is the class (INfor Internet, which is where most DNS records are found). The Aindicates the type, and the final parameter is the IP address associated with the label. Note33_
Visit our web design programs services for an affordable and reliable webhost to suit all your needs.

619Chapter 24Running a Mail ServerServer Configuration OptionsThis section examines two different server configurations. Both configurations pro- vide the same basic features (mail delivery, complete with spam and virus filters) but do so in very different ways. Read the descriptions, decide which configuration isright for you, and then proceed to the Preparing Your System section for informa- tion about how your system should be configured before you begin the mail systeminstallation. The features available in these two configurations are a result of how they re beingconfigured and not a result of a lack of features in either sendmail or Postfix. Bothprograms support nearly the same set of features. The choice of which to config- ure in what manner was completely arbitrary for the examples in this chapter, andthe diversity is intended to help broaden your experience with mail systems. The first configuration demonstrated is based on sendmail, which provides theMTA and MDA functions. Mail retrieval is provided by Qpopper using the POP3 pro- tocol. Direct access to mailboxes is also available using Mutt. All content filtering(spam and virus) takes place before messages are accepted by the server. With theexception of the spam and virus filtering, this is a configuration that you will find onmost traditional mail servers. This configuration is suitable for situations in whichthe following apply: .Users will be downloading messages directly to their systems for viewing. Optionally, Mutt can be installed to allow users to check new messagesthrough SSH (secure shell) connections when they are not at their workstation. .Conditions (business or otherwise) require that the server administrator havethe capability to control acceptable message content. The second configuration is based on Postfix, which provides the MTA and remoteMDA functions. Local MDA functions, including calls to the content filters and sort- ing, are provided by maildrop. Mail access is provided through the IMAP facilities incourier-imap. This configuration is suitable for situations in which the followingapply: .Messages may be left on the server to allow central backups. .The capability to access all messages remotely is desirable. .Individualized content filter settings are desirable. This second option is great for home systems on broadband connections. As longas your Internet service provider will permit it, you can use your own mail serverand get to your mail whether you re at home or away. If you do not have analways-on connection, you can still use this method to run a mail server that isaccessible to machines within your own network. NoteNote33_
From our experience, we are can tell you that you can find a reliable and cheap webhost service at Java Web Hosting services.