Ubuntu

Updating the Kernel on Ubuntu

You can update Ubuntu to the latest kernel very easily using apt-get.
To generate a list of available kernels run…

# apt-cache search linux-image

This will create an extensive list on Ubuntu 14.04 LTS, so I have picked out the latest to give three examples…

linux-image-3.19.0-58-generic - Linux kernel image for version 3.19.0 on 64 bit x86 SMP
linux-image-extra-3.19.0-58-generic - Linux kernel extra modules for version 3.19.0 on 64 bit x86 SMP
linux-image-4.2.0-35-generic - Linux kernel image for version 4.2.0 on 64 bit x86 SMP
linux-image-extra-4.2.0-35-generic - Linux kernel extra modules for version 4.2.0 on 64 bit x86 SMP
linux-image-4.4.0-21-generic - Linux kernel image for version 4.4.0 on 64 bit x86 SMP
linux-image-extra-4.4.0-21-generic - Linux kernel extra modules for version 4.4.0 on 64 bit x86 SMP

Depending on which version you would like to install, run one of these commands…

linux-image-3.19.0-58-generic…

# apt-get install linux-image-3.19.0-58-generic linux-image-extra-3.19.0-58-generic

linux-image-4.2.0-35-generic…

# apt-get install linux-image-4.2.0-35-generic linux-image-extra-4.2.0-35-generic

linux-image-4.4.0-21-generic…

# apt-get install linux-image-4.4.0-21-generic linux-image-extra-4.4.0-21-generic

And reboot your server.

You can then run…

# apt-get autoremove

To clean up any old images, it may not find any right away, but you will be reminded at a later date.

Ubuntu

Installing OpenDKIM

Follow these steps to install OpenDKIM on Ubuntu and Plesk.
I will use domain.tld (as the primary domain) and example.com as my domains, I have enabled subdomains so mail from the server mail.domain.tld gets signed too as in this case mail.domain.tld is also the Posfix hostname and mailname…

1. First login as root as run…

# apt-get update
# apt-get install opendkim opendkim-tools

2. Create the folder structure…

# mkdir -p /etc/opendkim/keys/domain.tld
# mkdir -p /etc/opendkim/keys/example.com

3. Create a key, I’ll use “dkim” as the selector and create 1024bit keys
You will have two files in the folder, dkim.private and dkim.txt, the latter contains the DNS record for you to add in Plesk or at your domains registrar.

# cd /etc/opendkim/keys/domain.tld
# opendkim-genkey -s dkim -d domain.tld
# chown opendkim:opendkim dkim.private
# chmod 600 dkim.private

And example.com…

# cd /etc/opendkim/keys/example.com
# opendkim-genkey -s dkim -d example.com
# chown opendkim:opendkim dkim.private
# chmod 600 dkim.private

4. Now we’ll create the SigningTable and the KeyTable…

# nano /etc/opendkim/SigningTable

The contents should look like…

domain.tld dkim._domainkey.domain.tld
mail.domain.tld dkim._domainkey.domain.tld
example.com dkim._domainkey.example.com
mail.example.com dkim._domainkey.example.com

5. And the KeyTable…

# nano /etc/opendkim/KeyTable

The contents should look like…

dkim._domainkey.domain.tld domain.tld:dkim:/etc/opendkim/keys/domain.tld/dkim.private
dkim._domainkey.domain.tld mail.domain.tld:dkim:/etc/opendkim/keys/domain.tld/dkim.private
dkim._domainkey.example.com example.com:dkim:/etc/opendkim/keys/example.com/dkim.private
dkim._domainkey.example.com mail.example.com:dkim:/etc/opendkim/keys/example.com/dkim.private

You can see the subdomains point to the same key as the domain.

6. Next we have to create the internal hosts file…

# nano /etc/opendkim/dkim-InternalHosts

and add your IP and host names…

127.0.0.1/8
192.168.0.50/32 # where this is your Server IP
localhost
domain.tld
mail.domain.tld
example.com
mail.example.com

7. Now edit /etc/opendkim.conf

# nano /etc/opendkim.conf

And define these settings…

Syslog			yes
UMask			002
Domain		        domain.tld
KeyFile		        /etc/opendkim/keys/domain.tld/dkim.private
Selector	        dkim
Canonicalization        relaxed/relaxed
Mode                    sv
SignatureAlgorithm      rsa-sha256
SubDomains              yes
LogWhy                  yes
UserID                  opendkim:opendkim
KeyTable                /etc/opendkim/KeyTable
SigningTable            /etc/opendkim/SigningTable
InternalHosts           /etc/opendkim/dkim-InternalHosts
Statistics              /var/log/opendkim/dkim-stats.log
OversignHeaders		From

8. Make sure you create the log directory, and the log file is owned by opendkim:opendkim

# mkdir -p /var/log/opendkim/
# touch /var/log/opendkim/dkim-stats.log
# chown opendkim:opendkim /var/log/opendkim/dkim-stats.log

9. We now need to define the socket…

# nano /etc/default/opendkim

And uncomment…

SOCKET="inet:12345@localhost" # listen on loopback on port 12345

10. And restart opendkim

# service opendkim restart

11. Our last step is too add this milter to our postfix configuration file…

# nano /etc/postfix/main.cf
milter_default_action = accept
milter_protocol = 6
smtpd_milters = inet:127.0.0.1:12768, inet:127.0.0.1:12345
non_smtpd_milters = inet:127.0.0.1:12345

Restart Postfix…

# service postfix restart

And you should be good.

Plesk

Moving Plesks Mail Directory

This is an update to a kb article at Plesk KB6312 on How to move the Plesk Mail Directory.
I will use the example folder /var/vmail

1. Edit psa.conf

vi /etc/psa/psa.conf

Changing “PLESK_MAILNAMES_D” to the desired location…

# Location of qmail maildirs
PLESK_MAILNAMES_D /var/vmail/mailnames

2. Then run the following command which will create the new folder and copy the contents of the qmail directory to the new directory…

cp -a /var/qmail /var/vmail

3. And change the maildirs in Dovecot…

vi /etc/dovecot/conf.d/15-maildir.conf

Adding the following…

# Plesk Maildirs layout.
mail_home = /var/vmail/mailnames/%Ld/%Ln
mail_location = maildir:/var/vmail/mailnames/%Ld/%Ln/Maildir

4. Run…

/opt/psa/admin/bin/mchk --with-spam

This will update the following configuration files

/etc/postfix/main.cf
/etc/postfix/master.cf
/etc/default/spamassassin

with the correct paths to your new Maildir.

5. We need to edit the spamtrain script…

vi /opt/psa/admin/sbin/spamtrain

You will see line 8…

maildir="/var/qmail/mailnames"

Simply change this to…

maildir="/var/vmail/mailnames"

6. Now create the Spamassasin Home Directory…

cd /var/vmail/popuser
mkdir .spamassassin
chown -R popuser:popuser .spamassassin

7. Lastly we need to update the default file in /etc/default/spamassassin to reflect our change…