Samba Server Questions

Q: - Which SELinux security context used for SAMBA ?
samba_share_t

Q: - On which ports SAMBA server works ?
- UDP port 137 for netbios-ns, the NETBIOS Name Service
- UDP port 138 for netbios-dgm, the NETBIOS Datagram Service
- TCP port 139 for netbios-ssn, the NETBIOS session service
- TCP port 445 for microsoft-ds, the Microsoft Domain Service

Q: - how to start and stop samba server?
/etc/init.d/smb  restart

Q: - What are the Secrity or Authentication Mode for SAMBA server?
ADS
DOMAIN
SERVER
USER
SHARE

Q: - How to Manually Create Machine Trust Accounts ?
/usr/sbin/useradd -g machines -d /var/lib/nobody -c "machine nickname" -s /bin/false machine_name$

passwd -l machine_name$

Q: - What are the SAMBA server Types ?
- Primary Domain Controller (PDC)
- Backup Domain Controller (BDC)
- ADS Domain Controller

Q: - Which protocol SAMBA server uses ?
SMB, which stands for Server Message Block, is a protocol for sharing files, printers, serial ports, and communications abstractions such as named pipes and mail slots between computers.

Q: - How Does a Workstation find its Domain Controller?
There are two different mechanisms to locate a domain controller: one
method is used when NetBIOS over TCP/IP is enabled and the other when
it has been disabled in the TCP/IP network configuration. Where NetBIOS over TCP/IP is disabled, all name resolution involves the use of DNS, broadcast messaging over UDP, as well as Active Directory communication technologies.

Q: - Can Samba Be a Backup Domain Controller to an NT4 PDC?
No. The native NT4 SAM replication protocols have not yet been fully implemented.

Q: - How Do I Replicate the smbpasswd File?
Replication of the smbpasswd file is sensitive. It has to be done whenever changes to the SAM are made. Every user's password change is done in the smbpasswd file and has to be replicated to the BDC. So replicating the smbpasswd file very often is necessary.As the smbpasswd file contains plaintext password equivalents, it must not be sent unencrypted over the wire. The best way to set up smbpasswd replication from the PDC to the BDC is to use the utility rsync. rsync can use ssh as a transport. ssh itself can be set up to accept only rsync transfer without requiring the user to type a password.As said a few times before, use of this method is broken and awed. Machine trust accounts will go out of sync, resulting in a broken domain. This method is not recommended. Try using LDAP instead.

Q: - Can Samba fully replace my Windows NT server that is not a Primary  Domain Controller (PDC)?
Samba can completely serve files and printers to Windows, just as a Windows NT server would.

Q:- Can Samba replaces my Windows NT PDC?
Not completely. Samba domain control capabilities for a Windows 9x client are solid and complete, and so these clients would probably never know the difference. The domain control support for Windows NT/2000 clients is still being developed. Currently, enough has been implemented to allow a Windows NT client to join a Samba-controlled domain, but there is more to domain control than that. The most conspicuous absence is the lack of support for Windows NT trust relationships and the SAM replication protocol used between NT PDCs and Backup Domain Controllers (BDCs).

Q3 What TCP and UDP ports required for NetBIOS over TCP/IP use?
The NBT name service uses port 137/udp, the NBT session service uses port 139/tcp, and the NBT datagram service uses port 138/udp.

Q: -  How SMB protocol works?
There will be three stages in creating an SMB connection between a client and a specific share on a server.

The first stage in connecting to an SMB share is to negotiate the SMB protocol dialect to use. In the request packet, the client sends a text listing of all the SMB dialects that it understands. The server selects the most advanced protocol that it knows and responds to the client, specifying the protocol number from the list. At this point, the client and server have agreed that SMB commands can be used for the remainder of the conversation.

The second stage is to create a session connection between the client and server. To do this, the client issues a session setup request, which includes a sername and some proof of validity, such as a password. The server attempts to validate requesting user. If successful, the server then returns a session UID to client. This UID is unique for each session and has no relation to the server internal representation of users.

The third stage before access to files on a remote share is allowed is for the client to make a successful tree connection to the shared resource. The client sends to the server a tree connect request, which includes the UID previously issued by the server. At this stage the server verifies that the authenticated user is authorized to access the requested resource. If the user has sufficient privileges to access the share, the client is issued a tree connection ID (TID). The TID is used in all requests to access files contained in the resource to which the TID refers.

In this way SMB protocol works.

Q: - How man sections samba configuration file (smb.conf) contains?
smb.conf file contains three sections.
1. [global] Contains settings that determine Samba overall behavior.
2. [homes] A default share for providing a home directory for all users.
3. [printers] A default share for exporting all printers on the host via CIFS.

Q: - If a netbios name is not defined in smb.conf, than what will be netbios name?
If a netbios name is not defined, Samba will use the IP hostname of the server by default.

Q: -  I want to use User level security for my samba server than what i have to add in smb.conf file?
security = user

Q: -  How you will verify that your smb.conf file doesn’t have any mistakes and misspellings?
"testparm " tool that verifies the syntax of a configuration file(smb.conf).

testparm -s smb.conf

Q: -  What is the use of "smbclient" command?
"smbclient" is used to display the list of shares on your server. This verifies that smbd is running and functioning correctly. The -L option instructs smbclient to enumerate the shares on the server rather than actually connecting to one. The   -N switch instructs smbclient to use an anonymous login rather than the login name of the current user.
smbclient -L localhost -N

Antother use of "smbclient" command to connect the samba share.

smbclient /// -U

Q: -  Explain "smbstatus" command?
The smbstatus utility displays information about connected users and currently locked files.

Q: - Is it possible for Samba to share file systems that have been mounted using NFS?
Yes. However, this can be problematic if the NFS server that provides the file system fails, causing the Samba server to hang. It is always safer to use Samba to share a local file system.

Q: - How many simultaneous connections can a Samba server support?
In theory, there is no limit. In practice, the limit is determined by the server’s hardware, specifically the total amount of available RAM and the CPU power. It might also depend on the amount of activity from the smbd processes.

Q: - Can Samba be a member of more than one workgroup at the same time?
No, Samba can be a member of only one workgroup.

Q: - What is SWAT?
SWAT is GUI Based administration tool for samba server.

Q: - I am trying to use SWAT, but I keep getting the message There was no response. The server could be down or not responding. What is the problem?
The most likely cause is that SWAT is not listening to connections, or you have used the wrong URL in trying to connect to SWAT. SWAT usually lives behind port 901, so the URL you should use is http://ID_ADDRESS_OF_SERVER:901/

Q: - Can i set empty password for samba user?
Yes, If you want to set the value to an empty password, you must change
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX  to NOPASSWORDXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

in your smbpasswd file.
Note: - if you have edited the smbpasswd file by hand, make sure that the LAN Manager and NT password fields contain exactly 32 characters, no more and no fewer. If these fields do not have exactly 32 characters, Samba will not be able to correctly read the entry.

or You can modify by "smbpasswd" command.

smbpasswd -n USER_NAME

Also you have to set the null passwords parameter to yes in the [global] section of smb.conf:

null passwords = yes

Q: - Does Samba support PAM?
Yes

Q: - What is role of "NTLM"?
The challenge/response authentication protocol available to Windows clients and servers for validating connection requests.

Q: - Explain "force group" parameter used in smb.conf?
It will define the group id to be used for all file access in the place of the user’s primary group.

Q: - Explain "force user" parameter used in smb.conf?
It will define the user id to be used for all file access.

Q: - Explain "write list" parameter used in smb.conf?
A list of users and/or groups that should be given write access even if the read only parameter has been enabled.

Q: - My clients are getting the error message that the Disk is Full when trying to print to my Samba server, but there is plenty of space. What is the problem?
If smbd is unable to write the spooled file to the directory defined by the path parameter for a printer if the write permission were denied, for example it would respond to the client with the message, Disk is Full. Samba will also return this error message if the amount of free disk space in the spool directory has fallen below the value specified by the min print space parameter.

Q: - When I click on my Samba server in the network neighborhood, I am continually prompted for a password to the IPC$ share no matter what I enter.
The Windows client is attempting to use encrypted passwords. However, the Samba server is configured to support only clear-text passwords. You should either enable encrypted passwords on the server or enable clear-text passwords on the Windows client.

Q: - Why is security = domain better than security = server?
There are three reasons why security = domain is better. The first is because this method enables the Samba server to participate in domain trust relationships. This is impossible with server-level security. The second reason is that, under server-level security, each smbd process must keep an open connection with the authentication server. This can drain a Windows NT PDC quickly. Under domain-level security, this connection is maintained only long enough to perform the validation, thus conserving valuable resources. The final reason is that, as a domain member, the Samba server has access to much more information about user accounts, which can be used to automate the creation and deletion of user accounts upon demand.

Q: - what is nmbd daemon?
This daemon handles all name registration and resolution requests. It is the primary vehicle involved in network browsing. It handles all UDP-based protocols. The nmbd daemon should be the first command started as part of the Samba startup process.

Q: - What is smdb daemon?
This daemon handles all TCP/IP-based connection services for file- and print-based operations. It also manages local authentication. It should be started immediately following the startup of nmbd.

Q: - What is winbindd daemon?
This daemon should be started when Samba is a member of a Windows NT4 or ADS domain. It is also needed when Samba has trust relationships with another domain. The winbindd daemon will check the smb.conf file for the presence of the idmap uid and idmap gid  parameters. If they are found, winbindd will use the values specified for UID and GID allocation. If these parameters are not specified, winbindd  will start but it will not be able to allocate UIDs or GIDs.

Q: - Explain the parameter "wins support = Yes" used in smb.conf?
If the Samba server was configured to provide WINS support ("wins support = Yes"), then the WINS server is able to provide name resolution for all of the hosts that are not listed in the /etc/hosts file or within the DNS. Making this adjustment in the Name Service Switch configuration file (/etc/nsswitch.conf) allows the Linux system to query the WINS server for local name resolution. This saves manual adjustments to host files.

Q: - How to automate SMB share mounting during system startup?
Add smb share entry in /etc/fstab file.

//IP_ADDRESS_OF_SERVER/Shared   /shared    smbfs    noauto,defaults  0  0

FTP Server Questions

Q: - What is FTP ?
FTP stands for File Transfer Protocol. An FTP server allows clients to connect to it either
anonymously or with a username and password combination. After successful authentication, files can be transferred back and forth between the server and client. The files are neither encrypted nor compressed.

Q: - For Redhat Linux or Fedora which package is required for FTP service ?
Red Hat Enterprise Linux 5 or FEDORA includes the vsftpd FTP service.

vsftpd-2.0.5-12.el5 (For Redhat)

Q: - Important Configuration file for vsftp server ?
The FTP server uses the /etc/vsftpd/vsftpd.conf configuration file. Using this file, you  can set options for displaying a custom banner message after users log in, setting the default file permissions for uploaded files, and setting the port on which to listen for incoming connections.

Q: - What is Passive mode?
Passive mode, like active mode, is initiated by the FTP client application. When requesting data from the server, the FTP client indicates it wants to access the data in passive mode and the server provides the IP address and a random, unprivileged port (greater than 1024) on the server. The client then connects to that port on the server to download the requested information.

Q: - Explain directive "session_support”?
When enabled, vsftpd attempts to maintain login sessions for each user through Pluggable Authentication Modules (PAM).

Q: - Is there any way to monitor clients connected to vsftpd?
Yes. We actually have two slightly different methods to monitor vsftpd clients. First, make sure you have enabled the config option, "setproctitle_enable=YES" like in our example above and restart your vsftpd server. Then run the command "watch ps -Cvsftpd -o user, pid, stime, cmd" to watch the processes including ip, username and actions like idle or data retrieval.

Q: - I want to copy multiple files with out prompting for any info, how can I do that one?
ftp -i ftpserver

Q: - Local users cannot log in. How to resolve this issue?
Check "local_enable=YES" in your /etc/vsftpd/vsftpd. conf to allow local users to log in.

Q: - How to change vsftpd default port?
Set "listen_port" option in "vsftpd.conf"

Q: - How to restrict some IP's not use my FTP server?
Use TCP_WRAPPERS

Q: - Does vsftpd support IPv6?
Yes

Q: - Can we create logs for ftp authenticated sessions ?
Yes, If the xferlog_enable directive in vsftpd.conf is set to YES, file transfers using the FTP protocol are logged to /var/log/xferlog. Information such as a time stamp, IP address of the client, the file being transferred, and the username of the person who authenticated the connection is included in the log entry.

Q: - What is meaning of max_clients parameter ?
Maximum number of clients that can connect at one time.
If set to 0, the number of clients is unlimited.

Q: - How to deny specific users access to the FTP server ?
To deny specific users access to the FTP server, add their usernames to the /etc/vsftpd/  ftpusers file. By default, system users such as root and nobody are included in this list.

Q: - On which port VSFTP server works ?
FTP uses two ports, 20 and 21. By default, the FTP server listens for requests on port 21. After a connection is established, the client sends commands to the server on port 21. However, port 20 is used when the server sends data back to the client.

Q: - How to restart VSFTP server ?
service vsftpd restart

Q: - How to allow Anonymous FTP ?
Anonymous FTP is enabled by default by setting the anonymous_enable directive in
/etc/vsftpd/vsftpd.conf to YES.                                                                                                                

DNS Server Questions

Q: - which are the important configuration files for DNS server ?
BIND uses /etc/named.conf as its main configuration file, the /etc/rndc.conf file as the
configuration file for name server control utility rndc, and the /var/named/ directory for zone files and the like.

Q: - What is BIND ?
BIND stands for Berkeley Internet Name Domain which is the most commonly used Domain Name System (DNS) server on the Internet.

Q: - On which version of bind u have worked ?
BIND 9

Q: - What is the role of DNS ?
A DNS server, or name server, is used to resolve an IP address to a hostname or vice versa.

Q: - On which port DNS server works ?
DNS servers use port 53 by default. Incoming and outgoing packets should be allowed on
port 53. Also allow connections on port 921 if you configure a lightweight resolver server. The DNS control utility, rndc, connects to the DNS server with TCP port 953 by default. If you are running rndc on the name server, connections on this TCP port from localhost should be allowed. If you are running rndc on additional systems, allow connections to port 953 (or whatever port you have chosen to configure) from these additional systems.

Q: - What is round robin DNS?
Round robin DNS is usually used for balancing the load of geographically distributed Web servers. For example, a company has one domain name and three identical home pages residing on three servers with three different IP addresses. When one user accesses the home page it will be sent to the first IP address. The second user who accesses the home page will be sent to the next IP address, and the third user will be sent to the third IP address. In each case, once the IP address is given out, it goes to the end of the list. The fourth user, therefore, will be sent to the first IP address, and so forth.

Q: - What is Name Server?
A name server keeps information for the translation of domain names to IP addresses   and IP addresses to domain names. The name server is a program that performs the translation at the request of a resolver or another name server.

Q: - What is Primary name server or primary master server?
Primary name server/primary master is the main data source for the zone. It is the authoritative server for the zone. This server acquires data about its zone from databases saved on a local disk. The primary server must be published as an authoritative name server for the domain in the SOA resource record, while the primary master server does not need to be published.

Q: - What is Secondary name server/slave name server?
Secondary name server/slave name server acquires data about the zone by copying the data from the primary name server (respectively from the master server) at regular time intervals. It makes no sense to edit these databases on the secondary name servers, although they are saved on the local server disk because they will be rewritten during further copying.

Q: - what is Root name server?
Root name server is an authoritative name server for the root domain (for the dot). Each root name server is a primary server, which differentiates it from other name servers.

Q: - what is Stealth name server?
Stealth name server is a secret server. This type of name server is not published anywhere. It is only known to the servers that have its IP address statically listed in their configuration. It is an authoritative server. It acquires the data for the zone with the help of a zone transfer. It can be the main server for the zone. Stealth servers can be used as a local backup if the local servers are unavailable.

Q: - What do you mean by "Resource Records"?
Information on domain names and their IP addresses, as well as all the other information distributed via DNS is stored in the memory of name servers as Resource Records (RR).

Q: - Explain "TTL"?
Time to live. A 32-bit number indicating the time the particular RR can be kept valid in a server cache. When this time expires, the record has to be considered invalid. The value 0 keeps nonauthoritative servers from saving the RR to their cache memory.

Q: - Tell me 5 Types of DNS records?
A, NS, CNAME, SOA, PTR, MX.

Q:- explain "SOA Record"?
The Start of Authority (SOA) record determines the name server that is an authoritative source of information for the particular domain. There is always only one SOA record in the file, and it is placed at the beginning of the file of authoritative resource records.

Q: - what is "A Record"
A (Address) records assign IP addresses to domain names of computers. The IP address cannot have a dot at the end.

Q: - Explain "CNAME Record"?
Synonyms to domain names can be created using CNAME records. This is often referred to as 'creating aliases for computer names'.

Q: - What are "HINFO and TXT Records"?
HINFO and TXT records are for information only. An HINFO record has two items in its data part. The first item is information about hardware, and the second one is information about software. A TXT record contains a general data string in its data part.
Example :
test.com IN SOA ...
...
mail IN A 192.1.1.2
IN HINFO My_Server UNIX
IN TXT my server

Q: - what are "MX Records"?
MX records specify the mailing server of the domain. An MX record shows to which computer a mail of a particular domain should be sent. The MX record also includes a priority number, which can be used to determine several computers where the mail for the domain can be sent. The first attempt is to deliver the mail to the computer with the highest priority (lowest value). If this attempt fails, the mail goes to the next computer (with a higher priority value), and so on.

test.com IN SOA ...
...
 mail               IN        A         192.1.1.2
                       IN       HINFO    AlphaServer UNIX
                       IN        TXT       my  server
                       IN         MX   30    mail2.nextstep4it.com
                       IN         MX   20    mail3.nextstep4it.com
                       IN         MX   10    mail2.nextstep4it.com

Q: - Explain "PTR Records"?
A Pointer Record (PTR) is used to translate an IP address into a domain name.

Q: - What is Dynamic DNS?
Dynamic DNS a method of keeping a domain name linked to a changing IP address as not all computers use static IP addresses. Typically, when a user connects to the Internet, the user's ISP assigns an unused IP address from a pool of IP addresses, and this address is used only for the duration of that specific connection. This method of dynamically assigning addresses extends the usable pool of available IP addresses. A dynamic DNS service provider uses a special program that runs on the user's computer, contacting the DNS service each time the IP address provided by the ISP changes and subsequently updating the DNS database to reflect the change in IP address.

Q: - What is the role of "named-checkconf Utility"?
The named-checkconf utility checks the syntax of the named.conf configuration file.

Syntax: named-checkconf    [-t directory] [filename]

Q: - what is the role of "named-checkzone Utility"?
The named-checkzone utility checks the syntax and consistency of the zone file.
Syntax:     named-checkzone [-dgv]   [-c class] zone   [filename]

Sendmail Server Questions

Q: - How to start sendmail server ?
service sendmail restart

Q: - On which ports sendmail and senmail with SSL works ?
By default, Sendmail uses TCP and UDP port 25 for non-encrypted transfers. If the Sendmail server is configured to use SSL for encrypting email sent and received, it uses port 465.

Q: - Explain use of "trusted-users" file ?
List of users that can send email as other users without a warning including system users such as apache for the Apache HTTP Server.

Q: - Explain the use of "local-host-names" file ?
If the email server should be known by different hostnames, list the host-
names in this file, one line per hostname. Any email sent to addresses at these
hostnames is treated as local mail. The FEATURE(`use_cw_file) option must
be enabled in the sendmail.mc file for this file to be referenced.

Q: - explain the use of /etc/aliases file ?
/etc/aliases, can be used to redirect email from one user to another. By default, it includes redirects for system accounts to the root user. It can then be used to redirect all email for the root user to the user account for the system administrator.

Q: - Can we use SSL Encryption with Sendmail ?
Yes, Sendmail can be configured to encrypt email sent and received using SSL (secure sockets layer).

Q: - What is Sendmail ?
Sendmail is an MTA, meaning it accepts email messages sent to it using the SMTP proto-
col and transports them to another MTA email server until the messages reach their destinations. It also accepts email for the local network and delivers them to local mail spools, one for each user.

Q: - What is the role of MUA ?
An MUA (Mail User Agent) with access to the mailbox file, directly or through a network file system, can read messages from the disk and display them for the user. This is generally a console or webmail application running on the server.

Q: - Which are the important configuration files for Sendmail server ?
The /etc/mail/ directory contains all the Sendmail configuration files, with sendmail.cf
and submit.cf being the main configuration files. The sendmail.cf file includes options
for the mail transmission agent and accepts SMTP connections for sending email. The
submit.cf file configures the mail submission program.

Q: - How to configure sendmail to accept mail for local delivery that is addressed to other hosts?
Create a /etc/mail/local-host-names file. Put into that file the hostnames and domain names for which sendmail should accept mail for local delivery. Enter the names with one hostname or domain name per line. And also make sure that Sendmail configuration file should contain "use_cw_file" option.

dnl Load class $=w with other names for the local host
FEATURE(`use_cw_file')

Q: - When an organization stores aliases on an LDAP server, how you will configure sendmail to read aliases from the LDAP server?
Use "sendmail -bt -d0" command to check the sendmail compiler options. If sendmail was not compiled with LDAP support, recompile and reinstall sendmail.

Add an ALIAS_FILE define, containing the string ldap  to the sendmail configuration.

# Set the LDAP cluster value
define(`confLDAP_CLUSTER', `wrotethebook.com')
# Tell sendmail that aliases are available via LDAP
define(`ALIAS_FILE', `ldap:')

Q: - How to forward emails of a local user to external address?
Add an alias to the aliases file for each user whose mail must be forwarded to another system. The recipient field of the alias entry must be a full email address that includes the host part. After adding the desired aliases, rebuild the aliases database file with the newaliases command.

Q: - You have been asked to create a sendmail configuration that sends all local mail to a mail hub, while directly delivering mail addressed to external systems.
Create a sendmail configuration containing the MAIL_HUB define to identify the mail relay host for local mail. Use the LOCAL_USER command to exempt the root user's mail from relaying.

dnl Define a relay server for local mail
define(`MAIL_HUB', `smtp.test.com')
dnl Users whose mail is not passed to the mail hub
LOCAL_USER(root)

Rebuild and reinstall sendmail.cf, and then restart sendmail.

Q: - How to  configure multiple mail queues?
mkdir /var/spool/mqueue/queue.1
mkdir /var/spool/mqueue/queue.2
mkdir /var/spool/mqueue/queue.3

chmod 700 /var/spool/mqueue/queue.1
chmod 700 /var/spool/mqueue/queue.2
chmod 700 /var/spool/mqueue/queue.3

Add the QUEUE_DIR define to the sendmail configuration to use the new queue directories.

dnl Declare the queue directory path
define(`QUEUE_DIR', `/var/spool/mqueue/queue.*')

Q: - How to  disable certain SMTP commands?
Add the confPRIVACY_FLAGS define to the sendmail configuration to set Privacy Options that disable unwanted, optional SMTP commands. Here we will disables the EXPN, VRFY, VERB, and ETRN commands.

dnl Disable EXPN, VRFY, VERB and ETRN
define(`confPRIVACY_FLAGS', `noexpn,novrfy,noverb,noetrn')

Rebuild and reinstall sendmail.cf, and then restart sendmail.

Q: - In which Sendmail configuration file we have to make changes?
We will make the changes only in the sendmail.mc file, and the changes will be moved into the sendmail.cf file for us.

Q: -  When Sendmail dispatches your email, it places the servers hostname behind your username, which becomes the "from address" in the email (ie. user@mail.test.com).But we want to use the domain name and not the hostname?
define(`confDOMAIN_NAME', `test.com')dnl
FEATURE(`relay_entire_domain')dnl

Q: - What does /etc/mail/access file contains?
The access database ("/etc/mail/access") is a list of IP addresses and domainnames of allowable connections.

FEATURE(`access_db',`hash -T -o /etc/mail/access.db')dnl
and cat  /etc/mail/access

localhost.localdomain      RELAY
localhost                              RELAY
127.0.0.1                             RELAY
192.168.0                            RELAY
test.com                              RELAY

Q: - How to restrict sendmail to sending a big file?
define(`confMAX_MESSAGE_SIZE',`52428800')dnl

or If you are using a PHP based webmail application like SquirrelMail, you can adjust the max file size in php.ini file.

vi php.ini

post_max_size = 50M
upload_max_filesize = 50M
memory_limit = 64M

Q: - How to set 25 recipients for each email?
define(`confMAX_RCPTS_PER_MESSAGE',`50')dnl

Q: - Which antivirus you have integrated with sendmail ?
ClaimAV

Q: - What is Clamav-Milter?
Clamav-Milter is a tool to integrate sendmail and clamAV antivirus.

Q: - Which configuration files are required to integrate sendmail and ClaimAV antivirus?
milter.conf and clamav-milter

Q: - How to test sendmail integration with ClaimAV?
grep Milter /var/log/maillog

You have to get following type of messages :-
sendmail: Milter add: header: X-Virus-Scanned: ClamAV version 0.88.2, clamav-milter version 0.88.2 on mail.test.com
sendmail: Milter add: header: X-Virus-Status: Clean  

Q: - Which tool you have used to block spamming?
SpamAssassin

Q: - What does "/etc/mail/" directory contains?
The /etc/mail/ directory contain all the Sendmail configuration files, with sendmail.cf and submit.cf being the main configuration files.

Q: - Explain the use of /etc/mail/relay-domains file?
The /etc/mail/relay-domains file is used to determine domains from which it will relay mail. The contents of the relay-domains file should be limited to those domains that can be trusted not to originate spam.

Q: - What is the name of spamassassin configuration file?
/etc/mail/spamassassin/local.cf

Q: - How to check mail Queue of sendmail?
/usr/lib/sendmail –bp
or
mailq

Q: - How to use  m4 macro processor to generate a new sendmail.cf?
m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf

Qmail Server Questions

Q: - What is procmail ?
Procmail is a popular Message Delivery Agent (MDA). The function of an MDA is to accept a message from the MTA for a specific user or mailbox, and deliver the message according to the user's desires. procmail can be used to "filter" messages by the content of various header fields or the body of the message.

Q: - What is maildir ?
Maildir is a mailbox format created by Dan Bernstein to address the shortcomings of the mbox format. A maildir mailbox is a directory containing three subdirectories, new, cur, and tmp. Each message in a maildir mailbox is in a separate file in one of the subdirectories, depending upon its status: new is for unread messages, cur is for messages that have been seen, and tmp is for messages in the process of being delivered.

Q: - Which qmail process use "concurrecylocal" control file ?
qmail-send

Q: - Which Groups and Users are required to start QMAIL Server ?
Groups :- nofiles
qmail

Users :- qmaild
alias
qmaill
qmailp
qmailq
qmailr
qmails

Q: - What is the role of "qmail-send" process ?
qmail-send - deliver mail messages from the queue

Q: - What is the location of qmail control files ?
/var/qmail/control

Q: - How to check, qmail server is up or down ?
We can use qmailctl command to check the status of qmail server.

# qmailctl stat

/service/qmail-send: up (pid 30303) 187 seconds
/service/qmail-send/log: up (pid 30304) 187 seconds
/service/qmail-smtpd: up (pid 30305) 187 seconds
/service/qmail-smtpd/log: up (pid 30308) 187 seconds
messages in queue: 0
messages in queue but not yet preprocessed: 0

Q: - What is QMAIL ?
Qmail is a mail transfer agent that runs on Unix/Linux. It was written, starting December 1995, by Daniel J. Bernstein as a more secure replacement for the popular Sendmail program. qmail's source code is released to the public domain, making qmail free software.

Q: - Explain the working of qmail?
For mail arriving from remote systems, tcpserver runs as a daemon listening for incoming connections on the SMTP port. Each time a connection arrives, it runs qmail-smtpd, which receives a message via SMTP and calls qmail-queue to queue the message. Regardless of where the message originates, qmail-queue writes the message to a temporary file in the queue/todo directory, putting a new Received: line at the top, and also saves the envelope sender and recipient addresses to files. Then it notifies qmail-send by writing a byte to a "trigger" socket file. qmail-send takes the message out of queue/todo, and analyzes each recipient address to see if it's local, remote, or virtual. For local addresses, it notifies qmail-lspawn to run qmail-local to do the local deliveries. For each remote address, qmail-send notifies qmail-rspawn to run qmail-remote to do the remote deliveries. For virtual addresses, qmail-send rewrites each virtual address as a modified local address, using the information from the virtualdomains files.

Q: - What is Courier-imap ?
A server that provides IMAP access to Maildir mailboxes. This IMAP server does NOT handle traditional mailbox files (/var/spool/mail, and derivatives), it was written for the specific purpose of providing IMAP access to Maildirs.

Q: - What is “ucspi-tcp”?
A package for servers that respond to incoming TCP connections, as an alternative to the old inetd daemon. It used to be optional, but its tcpserver is now the only supported way to run qmail's SMTP daemon.

Q: - What is “checkpassword”?
If you're using qmail's built-in POP3 server, you want Dan's checkpassword program, which validates user logins as well. Even if you're installing an alternative checkpassword, it's nice to have Dan's checkpassword installed for testing.

Q: - Which Mailbox Format is used by Qmail?
Qmail supports two mailbox formats: the traditional mbox and Dan's newer Maildir.

Q: - Explain qmail control file “me”?
The name of this host, e.g., mail.test.com. This provides the default to use for many other configuration files.

Q: - Explain about qmail control file “locals”?
Domain names to be delivered locally, one per line. Mail to any domain listed in locals is delivered by treating the mailbox part as a local address. This usually contains the name of the host and the name of the domain used for user mailboxes, such as test.com and mail.test.com.

Q: - Explain about qmail control file “rcpthosts”?
Domains for which this host should accept mail via SMTP. This generally contains all of the domains in locals, as well as any virtual domains and any domains for which this host is a backup mail server. If rcpthosts does not exist, qmail accepts and delivers mail for any domain, a severe misconfiguration known as an "open relay," which will be hijacked by spammers. Be sure your rcpthosts file exists before starting qmail. If you haven't defined any virtual domains, just copy locals to rcpthosts.

Q: - Explain about qmail control file “badmailfrom”?
This qmail control file is used by qmail-smtpd. Envelope addresses not allowed to send mail. If the envelope from address on an incoming message matches an entry in badmailfrom, the SMTP daemon will reject every recipient address. Entries may be either email addresses, or @domain to reject every address in a domain. This is a primitive form of spam filtering.

Q: - What is the use of “bouncefrom” qmail control file?
This qmail control file is used by qmail-send daemon. This file contains the mailbox of the return address to put in bounce messages.

Q: - What is use of “concurrencylocal” qmail control file?
This qmail control file is used by qmail-send daemon. This file contains the maximum number of simultaneous local deliveries. The default value is 10.

Q: - What is use of “concurrencyremotel” qmail control file?
This qmail control file is used by qmail-send daemon. This file contains the maximum number of simultaneous remote deliveries. The default value is 20.

Q: - What is the use of “queuelifetime” qmail control file?
This qmail control file is used by qmail-send daemon. In this file we define how long to keep trying to deliver a message. The default value is 604800 seconds (a week).

Q: - What is the use of “timeoutconnect” qmail control file?
This qmail control file is used by qmail-remote daemon. In this file we define how long to wait for a remote server to accept the initial connection to send mail. The default value is 60 seconds.

Q: - What is the use of “virtualdomains” qmail control file?
The list of virtual users and domains for which this system receives mail. The default value in this file is none.

Q: - How to rebuild the SMTP access database?
qmailctl cdb    
or
tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
chmod 644 /etc/tcp.smtp*

Q: - Which mailing list you have configured with qmail?
EZmlm

Q: - Have you installed autoresponder & what is the use of autoresponder?
Yes, this is a simple program to automatically respond to emails.

Q: - what is vpopmail?
vpopmail is a free GPL software package, to provide an easy way to manage virtual e-mail domains and non /etc/passwd e-mail accounts on your qmail server.

Q: - Why vpopmail?
vpopmail provides a good set of management tools and a reasonably well designed structure which saves you implementing your own. vpopmail has also been around for a long time and enjoys support from a lot of other software packages related to mail which makes integration fairly simple.

Q: - Tell me the location of vpopmail binaries?
/home/vpopmail/bin

Q: - What is the use of vadddomain command?
Vadddomain command is used to adds a new domain to the qmail server

Q: - What is “vchkpw”?
vchkpw is the authentication mechanism used by qmail to check passwords required for downloading mail, and in the case of SMTP_AUTH, sending mail.

Q: - can vpopmail integrated with MySQL database?
Yes

Q: - Which web based interface you have used to manage vpopmail?
Vqadmin

Q: - What is maildrop?
Maildrop is a mail filtering agent which can be used to filter messages as they arrive on the server.

Q: - What is Qmailadmin?
Qmailadmin is going to provide us with a nice web based interface for administering mail accounts once they are setup through Vpopmail (or Vqadmin). From Qmailadmin we can create mailboxes, aliases, forwards, mail robots, mailing lists.

Q: - Which antivirus you have used with Qmail?
ClamAV antivirus

Q: - Where Clam AV quarantines the e-mails?
Clam AV quarantines the e-mails in /var/spool/qmailscan/quarantine

Q: - By which user we run ClamAV?
qscand user

Q: - Can I have Spamassassin tag suspected spam with a custom subject line?
Yes. Edit the /var/qmail/bin/qmail-scanner-queue.pl file and find the following line:

my $spamc_subject=`:SPAM:`;

Now type a custom spam subject. This subject line will be added to any mails that Spamassassin tags as suspected spam. Here's an example:

my $spamc_subject=`This is Spam Mail`;

Q: - When compiling qmail, I get the following error:
qmail-remote.c:36: openssl/ssl.h: No such file or directory

what' s wrong there?

openssl and libssl-dev packages are required for qmail compiling.
Check these packages are installed or not

Q: - How can I disable qmail from conducting reverse DNS lookups on SMTP connections?
This can be done by adding a "-H" flag to the tcpserver call within the qmail-smtpd supervise script.
/usr/local/bin/tcpserver -v -R -H -l "$LOCAL" -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \

Q: - I am running qmail-scanner with Spamassassin and ClamAV. When I run the qmail-scanner test script or when I
view my logs, I see the following error: qmail-inject: fatal: qq temporary problem Bad error. qmail-inject died
This can be fixed by raising the "softlimit" setting within the /var/qmail/supervise/qmail-smtpd file.

Q: - I'm getting the following error concerning Vpopmail: configure: error: No vpopmail etc/lib_deps file. Upgrade to vpopmail-4.9.8 or above.... What's wrong?
This error is usually caused when installing Vpopmail over a previous Vpopmail installation. Try completely removing the /home/vpopmail directory and then install a fresh copy of Vpopmail. That should clear it up.

Q: - When I test qmail-scanner, I get an error that states: "can't do suid". What's wrong?
Your server is not set up to allow for setuid execution of scripts. The easiest way to fix this is to install the "perl-suidperl" package. If you're running Redhat, you can download the latest RPM of perl-suidperl.

Postfix Server Questions

Q: - What is the location of postfix mailserver Queue ?
By default, the Postfix mail queues are located in the /var/spool/postfix directory. Each
message queue is created as a separate subdirectory within this directory. Each message is stored as a separate file in the subdirectory, using a unique identifier for the filename.

Q: - What is LMTP ?
The Local Mail Transport Protocol (LMTP) is a different mail transport protocol described in RFC 2033. LMTP utilizes a set protocol similar to SMTP for delivering messages to the local host. Postfix can be configured to deliver messages to local users using LMTP if desired.

Q: - What is canonical Table ?
The cleanup program uses the canonical table to rewrite message addresses contained in the message header.The mail administrator can use one canonical lookup table for both received messages and sent  messages or separate tables for each. The canonical table is often used in conjunction with the alias file to provide address header rewriting of outgoing mail messages.

Q: - Who is the creater of Postfix ?
Wietse Venema wrote Postfix as a complete MTA package

Q: - What is the difference between postfix and sendmail ?
The main difference between Postfix and Sendmail is Postfix’s modularity. Just as the Unix system broke up e-mail functionality between modules, Postfix extends that practice to the MTA program. Postfix uses several different programs to implement the MTA functionality.This allows each modular program to be smaller and quicker than one large monolithic program would be.

Postfix is more secure than sendmail.Postfix requires a separate userid to be added to the mail server. Each module runs under this userid. If an intruder compro-mises a Postfix module, he most likely will still not be able to break out of the module
and gain control of the mail server.

Instead of one large compiled configuration file, Postfix uses multiple files that use plaintext parameter and value names to define functionality. Most of the parameters used in Postfix default to common-sense values that allow the mail administrator to configure a complete mail server with a minimal amount of effort.

Q: - what is qmgr ?
Once the valid message is rewritten and placed in the incoming message queue, the qmgr program ensures that the message is delivered to the proper destinations. The qmgr program then examines message headers and passes them to the appropriate delivery program depending on the destination addresses. Currently, the qmgr program can forward messages to the local, smtp, and pipe programs.

Q: - Tell me about latest Version of Postfix on which u have worked ?
postfix 2.6

Q: - What are the important files for postfix server ?
/etc/postfix/main.cf
/etc/postfix/access
/etc/postfix/aliases

Q: - Where postfix mail server logs created ?
/var/log/maillog

Q: - Explain the working of local mail submission for postfix?

When a local email message enters the postfix system. Local messages are deposited into the maildrop directory of the Postfix queue by the postdrop command, usually through the sendmail compatibility program. The pickup daemon reads the message from the queue and feeds it to the cleanup daemon. The cleanup daemon processes all inbound mail and notifies the queue manager after it has placed the cleaned-up message into the incoming queue. The queue manager then invokes the appropriate delivery agent to send the message to its next hop or ultimate destination.

Q: - What are the benefits of using SMTP AUTH?
- Using SMTP AUTH we can make it possible for clients, colleagues, and ourselves to relay messages from everywhere in the world using only one (our) SMTP server.
- Being a mobile user, we don't have to deal with the hassle to find a SMTP server that permits us to relay.
- We can make use of scripts and daemons that run on our server and provide services that we need e.g. server-side virus scanning.

Q: - by using postconf command, how you will set fully qualified hostname (mail4.test.com)?
# postconf -e myhostname=mail.example.com

The -e option tells postconf to edit the configuration with the parameters and values specified.

Q: - Which command checks for configuration problems?
# postfix check

Q: - How you will see the queue of postfix server?
#postqueue -p

Q: - How can I clear postfix mail server queue?
# postsuper -d ALL

Q: - How you will reload the postfix queue?
# postsuper -r ALL

Q: - Can postfix server configured with MySQL database?
Yes

Q: - which command is used to find out that postfix is complied with mysql or not?
# postconf –m

nis
regexp
environ
mysql
btree
unix
hash

Q: - What steps required to get Postfix to connect to the MySQL database?
- define the MySQL alias_maps entry in the main.cf configuration file

alias_maps = hash:/etc/postfix/aliases, mysql:/etc/postfix/mysql-aliases.cf

- The configuration file mysql-aliases.cf defines the parameters necessary for postfix to connect to the MySQL database.

Q: - Explain smtpd_timeout Parameter?
The smtpd_timeout parameter limits the amount of time Postfix waits for an SMTP client request after sending a response. This allows the Postfix administrator to quickly disconnect SMTP servers that “camp out” on the SMTP connection, utilizing system resources for the SMTP connection without actually sending a message.

smtpd_timeout = value

By default, Postfix will assume the value is in seconds.

Q: - Explain queue_run_delay Parameter?
The queue_run_delay parameter sets the time interval (in seconds) that Postfix scans the deferred message queue for messages to be delivered. The default value for this is 1,000 seconds.

Q: - Explain maximal_queue_lifetime Parameter?
The maximal_queue_lifetime parameter sets the amount of time (in days) that a message remains in the deferred message queue before being returned as undeliverable. The default value is 5 days. Once this value is reached, Postfix returns the message to the sender.

Q: - Explain minimal_backoff_time Parameter?
The minimal_backoff_time parameter sets one value that has two uses: the minimum amount of time used to hold a message in the deferred message queue and the minimum amount of time for which a host can be marked unreachable. The default value for this parameter is 1,000 seconds.

Q: - Explain maximal_backoff_time Parameter?
The maximal_backoff_time value sets an upper limit to the amount of time a message is left in the deferred message queue without a delivery attempt. The default value for this parameter is 4,000 seconds.

Q: - Explain default_destination_concurrency_limit Parameter?
The default_destination_concurrency_limit parameter defines the maximum number of concurrent SMTP sessions that can be established with any remote host. This parameter is related to the SMTP maxprocess parameter in the master.cf configuration file. The maximum number of concurrent SMTP sessions cannot exceed the maxprocess value set for the maximum number of SMTP client processes. Thus, if the default maxprocess value of 50 is used, setting the default_destination_concurrency_limit greater than 50 has no effect.

Q: - Explain initial_destination_concurrency Parameter?
The initial number of concurrent SMTP sessions Postfix will establish with a remote host is defined by the initial_destination_concurrency parameter. The default value for this parameter is 2.

Apache Server Questions

Q: - What is location of log files for Apache server ?
/var/log/httpd

Q: - What are the types of virtual hosts ?
name-based and IP-based.
Name-based virtual host means that multiple names are running on each IP address.
IP-based virtual host means that a different IP address exists for each website served. Most configurations are named-based because it only requires one IP address.

Q: - How to restart Apache web server ?
service httpd restart

Q: - How to check the version of Apache server ?
rpm -qa |grep httpd

Q: - What is meaning of "Listen" in httpd.conf file ?
Port number on which to listen for nonsecure (http) transfers.

Q: - What is DocumentRoot ?
It is a location of files which are accessible by clients. By default, the Apache HTTP server in RedHat Enterprise Linux is configured to serve files from the /var/www/html/ directory.

Q: - On which port Apache server works ?
http - port 80
https - port 443

Q: - Tell me name of main configuration file of Apache server ?
httpd.conf

Q: - On which version of apache you have worked ?
httpd-2.2.3

Q: - What do you mean by a valid ServerName directive?
The DNS system is used to associate IP addresses with domain names. The value of ServerName is returned when the server generates a URL. If you are using a certain domain name, you must make sure that it is included in your DNS system and will be available to clients visiting your site.

Q: - What is the main difference between and sections?
Directory sections refer to file system objects; Location sections refer to elements in the address bar of the Web page

Q: - What is the difference between a restart and a graceful restart of a web server?
During a normal restart, the server is stopped and then started, causing some requests to be lost. A graceful restart allows Apache children to continue to serve their current requests until they can be replaced with children running the new configuration.

Q: - What is the use of mod_perl module?
mod_perl scripting module to allow better Perl script performance and easy integration with the Web server.

Q: - If you have added “loglevel Debug” in httpd.conf file, than what will happen?
 It will give you more information in the error log in order to debug a problem.

Q: - Can you record the MAC (hardware) address of clients that access your server.
No

Q: - Can you record all the cookies sent to your server by clients in Web Server logs?
Yes, add following lines in httpd.conf file.

CustomLog logs/cookies_in.log "%{UNIQUE_ID}e %{Cookie}i" CustomLog logs/cookies2_in.log "%{UNIQUE_ID}e %{Cookie2}i"

Q: - Can we do automatically roll over the Apache logs at specific times without having to shut down and restart the server?
Yes

Use CustomLog and the rotatelogs programs

Add following line in httpd.conf file. CustomLog "| /path/to/rotatelogs /path/to/logs/access_log.%Y-%m-%d 86400" combined

Q: - What we can do to find out how people are reaching your site?
Add the following effector to your activity log format. %{Referer}

Q: - If you have only one IP address, but you want to host two web sites on your server. What will you do?
In this case I will use Name Based Virtual hosting.

ServerName 10.111.203.25
NameVirtualHost *:80

ServerName web1.test.com
DocumentRoot /var/www/html/web1

ServerName web2.test2.com
DocumentRoot /var/www/html/web2

Q: - Can I serve content out of a directory other than the DocumentRoot directory?
Yes, by using “Alias” we can do this.

Q: - If you have to more than one URL map to the same directory but you don't have multiple Alias directives. What you will do?
In this case I will use “AliasMatch” directives.

The AliasMatch directive allows you to use regular expressions to match arbitrary patterns in URLs and map anything matching the pattern to the desired URL.

Q: - How you will put a limit on uploads on your web server?
This can be achieved by LimitRequestBody directive.

LimitRequestBody 100000

Here I have put limit of 100000 Bytes

Q: - I want to stop people using my site by Proxy server. Is it possible?

Order Allow,Deny
Deny from all
Satisfy All

Q: - What is mod_evasive module?
mod_evasive is a third-party module that performs one simple task, and performs it very well. It detects when your site is receiving a Denial of Service (DoS) attack, and it prevents that attack from doing as much damage. mod_evasive detects when a single client is making multiple requests in a short period of time, and denies further requests from that client. The period for which the ban is in place can be very short, because it just gets renewed the next time a request is detected from that same host.

Q: - How t to enable PHP scripts on your server?
If you have mod_php installed, use AddHandler to map .php and .phtml files to the PHP handler. AddHandler application/x-httpd-php .phtml .php

Q: - Which tool you have used for Apache benchmarking?
ab (Apache bench)

ab -n 1000 -c 10 http://www.test.com/test.html

Q: - Can we cache files which are viewed frequently?
Yes we can do it by using mod_file_cache module. CacheFile /www/htdocs/index.html

Q: - Can we have two apache servers having diff versions?
Yes, you can have two different apache servers on one server, but they can't listen to the same port at the same time.Normally apache listens to port 80 which is the default HTTP port. The second apache version should listen to another port with the Listen option in httpd.conf, for example to port 81.

For testing a new apache version before moving your sites from one version to another, this might be a good option.You just type www.example.com:81 in the browser window and you will be connected to the second apache instance.