Tuesday, September 11, 2012

Installing a SSL on a synology DS

I assume you are running OSX or Linux and have openssl installed.

Follow the steps below to create and install the SSL

1. Open a terminal and type the following commands. The first command will ask for a paraphrase. The same paraphrase will be required by the other commands.

  • openssl genrsa -des3 -out my.key 2048
  • openssl rsa -in my.key -out final.key
  • openssl req -nodes -new -key my.key -out request.csr
  • openssl x509 -req -in request.csr -signkey my.key -out certificate.crt -days 3650

2. The above commands will create the key and the certificate. They will be stored in my.key and certificate.crt respectively.

3. Login to the DSM GUI, go to the control panel, DSM Settings, HTTP Service and click the button marked Import Certificate.

4. For the private key select my.key and for the certificate select certificate.crt. Reboot the NAS.

Syno Community

Good source of synology packages

http://www.synocommunity.com/repository

Disable notifications for a service in nagios

Assuming you are running nagios on a UBuntu box and want to disable notification emails for a particular service, you would follow the steps below.

1. Locate the service configuration file. In my case it happened to be located at /etc/nagios3/conf.d/localhost_nagios2.cfg

2. Edit the file and find the service definition for the service you are interested in. The service definitions all start with 'define service'

3. Add the following configuration inside the service definition

notifications_enabled 0

4. Restart nagios - /etc/init.d/nagios3 restart

Notification would now be disabled for this service.

Sunday, September 9, 2012

Postfix configuration to use SMTP relay, re-write from email address and name

What is postfix?

Postfix is a free and open-source mail transfer agent (MTA) that routes and delivers electronic mail. It is intended as a fast, easier-to-administer, and secure alternative to the widely used Sendmail MTA.

The postfix configuration file usually resides at /etc/postfix/main.cf and uses the following format for configuration parameters.

parameter = value

Aliases

You should set up a postmaster alias in the aliases table that directs mail to a human person. The postmaster address is required to exist, so that people can report mail delivery problems. While you're updating the aliases table, be sure to direct mail for the super-user to a human person too.

The aliases file is /etc/aliases. A sample configuration is shown below. In this configuration, the postmaster and root emails are delivered to the user john.

postmaster: john
root: john

Execute the command "newaliases" after changing the aliases file. Instead of /etc/aliases, your alias file may be located elsewhere. Use the command "postconf alias_maps" to find out.

Using an external SMTP server as a relay

By default, postfix directly delivers emails to the final email server. For example, if you send an email to user@example.com, postfix will try to lookup the MX record for example.com and directly connect to its mail server to deliver the email.

This can be a problem if your host cannot reach other email servers on the internet or your organization requires all emails to be sent via a SMTP gateway.

The parameter relayhost in the postfix configuration file is used for this purpose. Below is a sample configuration.

relayhost  = smtp.example.com

Restart postfix using '/etc/init.d/postfix restart' for changes to take effect.

Re-writing the from-email address

If you want to re-write the email address from which emails are sent out from, postfix offers generic mapping for smtp. Create a file called '/etc/postfix/generic' and add in a line similar to the following one to rewrite the from address.

root@example.com john@example.com

Modify the main configuration file to add the 'smtp_generic_maps' parameter as follows,

smtp_generic_maps = hash:/etc/postfix/generic

Then build the map generic db file using the command 'postmap /etc/postfix/generic'

Restart postfix using '/etc/init.d/postfix restart' for changes to take effect.

For any errors, check the log files located at /var/log/mail*

Re-writing the from name when sending an email

Although, the from email address is re-written using the process above, the name of the person in the email sent by postfix will still be shown as the local username. For e.g, if you re-write the email address from root@example.com to john@example.com and then you look at the raw headers in the sent email, the following may be seen.

From: root

To fix this, you need to use smtp_header_checks. This parameter allows you to have a regex replace the name used in the email header with the name of your choice. Follow the steps below to get this fixed.

1. Create a file called '/etc/postfix/smtp_header_checks'.
2. Add a regex in the file with the format and save the file.
          /^From:root/ REPLACE From: John
3. Add the following parameter to your mail configuration file.
         smtp_header_checks = regexp:/etc/postfix/smtp_header_checks
4. Check and compile your regex with a sample message using the command.
        postmap -q - regexp:/etc/postfix/smtp_header_checks < /tmp/raw-header-file
5. Restart postfix for changes to take effect.

More info

For more details and updated information, visit the postfix website at http://www.postfix.org/