MySQL, OOM killer, overcommitting and other memory related issues

It started with an error message This post is a bit of a coredump of myself attempting to resolve a sudden web server failure. And even more important, understand why it happened (check on that) and try avoiding it from happening in the future (not as lucky there). I’ve noticed that there are many threads [...]

Linux: Command-line utilities for obtaining information

There are many ways to ask a Linux machine how it’s doing. I’ve collected a few of them, mostly for my own reference. I guess I’ll add more items as I run across new ones. General Info inxi -Fxxxz (neat output, but makes the system send me security “password required” alert mails because of attempts [...]

Setting up your own authoritative DNS server jots

What’s this? These are somewhat random jots I made while setting up an authoritative BIND server, so that a simple VPS machine can function standalone. Well, almost standalone, as it takes some help from a slave DNS to supply the second DNS entry. But even if that slave goes away suddenly, the show will go [...]

The art of setting up a sendmail server on Debian 8

But why? Fact number one: Running your own mail server is the most likely cause for messing up, and that can mean an intrusion to the server or just turning it into a public toilet for spam. Nevertheless, if mail delivery is important to you, there’s probably no way around. And I’m not talking about [...]

Digging to the root with DNS queries

Introduction This is an explicit walkthrough on how a domain name is resolved. Doing the recursion manually, that is. And then some remarks on the mess with DNS glue records. Getting the root servers $ dig NS . ; <<>> DiG 9.11.3-1ubuntu1.2-Ubuntu <<>> NS . ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: [...]

The SPF, DKIM and DMARC trio: Making your email appear decent

Intro Whether you just want your non-Gmail personal email to get through, or you have a website that produces transactional emails (those sent by your site or web app), there’s a long fight with spam filters ahead. The war against unsolicited emails will probably go on as long as email is used, and it’s an [...]

SMTP tidbits for the to-be postmaster

This is a quick overview of the parts of an SMTP session that are relevant to SPF and mail server setup. Just a sample SMTP session For a starter, this is what an ESMTP session between two mail servers talking on port 25 can look like (shamelessly copied from this post, which also shows how [...]

Traces of a (failed, I hope) web server attack

I suddenly got the following line in public_html/error_log: [06-Feb-2019 17:51:53] PHP Deprecated: Automatically populating $HTTP_RAW_POST_DATA is deprecated and will be removed in a future version. To avoid this warning set ‘always_populate_raw_post_data’ to ‘-1′ in php.ini and use the php://input stream instead. in Unknown on line 0 So I took a closer look on the logs: [...]

Better than netstat: lsof tells us who is listening to what

Be sure to read the first comment below, where I’m told netstat can actually do the job. Even though I have to admit that I still find lsof’s output more readable. OK, so we have netstat to tell us which ports are opened for listening: $ netstat -n -a | grep “LISTEN ” Thanks, that [...]

Outgoing SMTP mail servers considerations

Mail with as From address vanishing It started really bad: Someone asked me why he hasn’t received an answer from me in two weeks, and I had answered his mail the same day I got his. It turned out that Gmail had thrown mail into the black hole without any warning. Probably the updated [...]