centos配置httpd对php的支持

centos配置httpd对php的支持

centos默认是没有安装web server的,我们可以选择的web server有httpd

安装httpd

sudo yum install -y httpd

让httpd随系统一起启动

sudo chkconfig httpd on

测试:

sudo service httpd start

访问

http://localhost

继续阅读

Posted in Linux系统学习 | Leave a comment

笑话集锦1

笑话集锦1

1、结婚不久和老婆去饭店吃饭,隔壁也是一对小夫妻,女的说:老公,点分木耳吧,你抽烟多,木耳清肺!

我看后跟她说:看人家多关心老公!

只见二货老婆直接大吼一声:服务员!一斤牛鞭,两斤猪腰子!!!



2、今天看老《神雕侠侣》,杨过打听自己身世,想知道他爹的为人,但是问了很多人都不肯说。。。

这时候老婆看不过去了,说:“真笨,他去买个《射雕英雄传》的碟,回家自己慢慢看,不就知道他爹是什么样的人了。”



3、这几天头疼,尤其今天最疼,回家跟媳妇说头疼的快要炸了,结果这货来了句:“离老娘远点,炸伤老娘咋办。”



4、老婆说:我今天可撑了,什么都不想吃。

我:那我得吃啊,吃碗烩面吧。

老婆:那好吧,喝点汤就行。。。

然后我就喝了点汤。。。。。

继续阅读

Posted in 轻松一刻 | Leave a comment

7中启动Mac OSX的方式

7中启动Mac OSX的方式

7 Mac Startup Options Every OS X User Should Know

Apple has a reputation for making products that “just work,” but many Mac users may still need to occasionally troubleshoot their desktop or laptop. Thankfully, there are a number startup options that are available on recent Macs to aid in both troubleshooting and system management. Here’s a look at seven essential Mac startup options that every OS X user should know.

继续阅读

Posted in Mac/Ios | Leave a comment

给postfix加上反垃圾邮件

给postfix加上反垃圾邮件

除本篇外,还有一文可参考:

http://blog.csdn.net/zzban1111/article/details/16838561

Overview

The SpamAssassin system is software for analyzing email messages, determining how likely they are to be spam, and reporting its conclusions. It is a rule-based system that compares different parts of email messages with a large set of rules. Each rule adds or removes points from a message's spam score. A message with a high enough score is reported to be spam.

Many spam-checking systems are available. SpamAssassin has become popular for several reasons:

It uses a large number of different kinds of rules and weights them according to their checks. Rules that have been demonstrated to be more effective at discriminating spam from non-spam email are given higher weightings.

It is easy to tune the scores associated with each rule or to add new rules based on regular expressions.

SpamAssassin can adapt to each system's email environment, learning to recognize which senders are to be trusted and to identify new kinds of spam.

It can report spam to several different spam clearinghouses and can be configured to create spam traps—email addresses that are used only to forward spam to a clearinghouse.

SpamAssassin Scoring System

The approach, to filter spam in SpamAssassin is more sophisticated than the simple keyword matching provided by most SMTP anti-virus software. SpamAssassin uses a scoring system: messages are tagged as spam only when they have enough spam characteristics in total. This in combination with other features results in very few false positives. In our experience, a properly managed SpamAssassin installation correctly identifies 90% to 95% of spam with less than 1% false positives.

SpamAssassin doesn't block spam. Instead, it tags messages as probable spam by changing the Subject line and message headers. This is very wise: no automated system can recognize spam with 100% certainty — deciding «what is spam» is a judgment call. All automated spam filters will produce some false positives (wanted e-mail mistakenly tagged as spam) and false negatives (spam not identified as such).

SpamAssassin identifies probable spam e-mail, but leaves the choice of what to do with it up to you. You can instruct the users how to add rules to their e-mail software to delete identified messages or, better yet, move them to a folder for later review.

The method shown here only tags suspected spam. No automated deletion is performed, but the filter script can be changed without too much effort to sideline or delete suspected spam if that's what you want.

Installing SpamAssassin

SpamAssassin is build from several Perl modules. We recommend to installing it manually as described below. The SpamAssassin documentation describes how to install and configure the software. We installed each module with make, make test and make install.

  1. Download the following modules from http://www.cpan.org/, if you search a single module,http://search.cpan.org/ can be very helpful.

    Digest-1.15.tar.gz
    Digest-HMAC-1.01.tar.gz
    Digest-SHA1-2.11.tar.gz
    Digest-SHA-5.44.tar.gz
    Archive-Tar-1.30.tar.gz
    Crypt-OpenSSL-RSA-0.24.tar.gz
    DB_File-1.815.tar.gz
    Error-0.17008.tar.gz
    Geography-Countries-1.4.tar.gz
    HTML-Parser-3.56.tar.gz
    IO-Zlib-1.05.tar.gz
    IP-Country-2.23.tar.gz
    libnet-1.20.tar.gz
    libwww-perl-5.805.tar.gz
    Mail-DKIM-0.24.tar.gz
    Mail-DomainKeys-1.0.tar.gz
    Mail-SPF-Query-1.999.1.tar.gz
    MailTools-1.76.tar.gz
    MIME-Base64-3.07.tar.gz
    Net-CIDR-Lite-0.20.tar.gz
    Net-DNS-0.59.tar.gz
    Net-Ident-1.20.tar.gz
    Storable-2.16.tar.gz
    Sys-Hostname-Long-1.4.tar.gz
    Text-Diff-0.35.tar.gz
    Time-HiRes-1.9707.tar.gz
    DBI-1.54.tar.gz
    DBD-mysql-4.004.tar.gz
    Mail-SpamAssassin-3.1.8.tar.gz

     

  2. Install the modules as follows:

    tar xzvf <file-from-above>
    cd <extracted module>
    perl Makefile.PL
    make
    make test
    make install

Configure SpamAssassin

SpamAssassin is installed «out of the box» in /usr/share/spamassassin with a good set of spam identification rules. You can specify your own settings in file /etc/mail/spamassassin/local.cf.

We recommend making some changes to local.cf right away: Whitelist well-known senders so their mail will never be identified as spam. You should whitelist the e-mail addresses of well-known legitimate senders to avoid the chance of them being mis-identified by the SpamAssassin default rules. Add«whitelist_from» settings to file /etc/mail/spamassassin/local.cf for each important client, mailing list and other known spam free senders.

# How many hits before a message is considered spam.
required_hits           5.0

# Text to prepend to subject if rewrite_subject is used
rewrite_header Subject  [*****SPAM*****]

# Encapsulate spam in an attachment
report_safe             1

# Enable the Bayes system
use_bayes               1

# Enable Bayes auto-learning
bayes_auto_learn        1
bayes_path              /home/spamd/
bayes_file_mode         0666

# Enable or disable network checks
skip_rbl_checks         0
use_razor2              0
use_dcc                 0
use_pyzor               0

# Mail using languages used in these country codes will not be marked
# as being possibly spam in a foreign language.
# ok_languages            all

# Mail using locales used in these country codes will not be marked
# as being possibly spam in a foreign language.
# ok_locales              all

# Whitelist important senders
whitelist_from          *@xyz.xx

Check you local.cf configuration parameters with:

# spamassassin –lint
# spamassassin –lint -D

Configure Postfix

Some spam checks can be configured with Postfix and/or SpamAssassin – but we recommend to do it NOTon both for performance reasons. Specially all RBL lookups should be deactived in the Postfix configuration file main.cf

strict_rfc821_envelopes = yes
disable_vrfy_command = yes
smtpd_helo_required = yes
smtpd_client_restrictions =
smtpd_helo_restrictions =
smtpd_sender_restrictions =

smtpd_recipient_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_unauth_destination,
    reject_invalid_hostname,
    reject_unauth_pipelining,
    reject_non_fqdn_sender,
    reject_unknown_sender_domain,
    reject_non_fqdn_recipient,
    reject_unknown_recipient_domain,
    check_client_access hash:$config_directory/access_client,
    check_sender_access hash:$config_directory/access_sender
    permit

# ——————————–
# Deactivated, done in SpamAssasin
# ——————————–
#    reject_rhsbl_client blackhole.securitysage.com,
#    reject_rhsbl_sender blackhole.securitysage.com,
#    reject_rbl_client relays.ordb.org,
#    reject_rbl_client blackholes.easynet.nl,
#    reject_rbl_client cbl.abuseat.org,
#    reject_rbl_client proxies.blackholes.wirehub.net,
#    reject_rbl_client bl.spamcop.net,
#    reject_rbl_client sbl.spamhaus.org,
#    reject_rbl_client opm.blitzed.org,
#    reject_rbl_client dnsbl.njabl.org,
#    reject_rbl_client list.dsbl.org,
#    reject_rbl_client multihop.dsbl.org,

# ——————————–
# Deactivated, done in SpamAssasin
# ——————————–
# Check Message Header and Body
# body_checks = regexp:$config_directory/body_checks
# header_checks = regexp:$config_directory/header_checks

Configure the SpamAssassin Daemon (spamd/spamc)

The purpose of this program is to provide a daemonized version of the SpamAssassin executable. The goal is improving throughput performance for automated mail checking. Here is a brief synopsis of howspamc/spamd work, and how to use them effectively.

The Server: spamd

spamd is the workhorse of the spamc/spamd pair — it loads an instance of the SpamAssassin filters, and then listens as a daemon for incoming requests to process messages. By default, spamd listens on port 783, but this is specifiable on the command line.

When spamd receives a connection, it spawns a child to handle the request. The child will expect to read an email message from the network socket, which should then be closed for writing on the other end (so spamdreceives an EOF). spamd will then use SA to rewrite the message, and dump the processed message back to the socket before closing the connection. The child process then dies.

In theory, this child-forking should be quite efficient, since on most OSes the fork will not actually copy any memory until the child attempts to write to a memory page, and then only the dirty page(s) will be copied. This means the entire perl engine and the SA regular expressions, etc. will only be loaded once and then be reused by all the children, saving a lot of overhead.

The Client: spamc

spamc is the client half of the pair. It should be used in place of  «spamassassin» in scripts to process mail. It will read the mail from stdin, and spool it to its connection to spamd, then read the result back and print it to stdout. spamc has extremely low overhead in loading, so it should be much faster to load than the whole SpamAssassin program (and a perl VM).

Running spamd as a non-root user

Many system administrators are uncomfortable running spamd as root. A bug in spamd could provide an attacker with root privileges; a local attacker could also spoof spamc and claim to be a different user (which can be ameliorated with the –auth-ident option discussed later).

To provide additional security, spamd can be instructed to run as a non-root user. After binding its TCP port or Unix socket, spamd gives up root privileges and runs as the specified user. Ideally, you should create a new user e.g., «spamd» with its own group «spamd» and a private home directory (/home/spamd). If spamd is using a Unix domain socket, the socket will automatically have its owner set to the new user, so no changes to this path are necessary, but the directory in which the socket will be created must be writable by the user.

groupadd -g 501 spamd
useradd -u 501 -g 501 -s /sbin/nologin -d /home/spamd spamd

If you plan to use Bayesian classification (the BAYES rules) with spamd, you will need to modify/etc/mail/spamassassin/local.cf to use a shared database of tokens, by setting the «bayes_path»setting to a path all users can read and write to. You will also need to set the «bayes_file_mode» setting to 0666 so that created files are shared, too.

# Enable Bayes auto-learning
bayes_auto_learn        1
bayes_path              /home/spamd/
bayes_file_mode         0666

After creating your new user, start spamd like this, as root:

/usr/bin/spamd –daemonize –username spamd –pidfile /home/spamd/spamd.pid

Integrating SpamAssassin with Postfix

Postfix is a mail transport agent written by security researcher Wietse Venema. Not surprisingly, Postfix is designed from the ground up to be a highly secure system. It consists of several components, each of which runs with least privilege and none of which trust data from the other without validating it themselves. Despite the extensive security emphasis in the system's architecture, Postfix is capable of very good performance in normal conditions; because of architectural decisions, it is also fault tolerant and capable of good performance under adverse conditions such as resource starvation. It has become a popular replacement for sendmail because it provides a compatible command-line interface. This article does not explain how to install and setup Postfix, more information can be found here.

This article explains how to integrate SpamAssassin into a Postfix-based mail server to perform spam-checking on a mail gateway.

Spam-Checking All Incoming Internet Mail

If you want to set up a spam-checking gateway for all recipients, local or not, you need a way to perform spam-checking as mail is received, before final delivery. Postfix provides a general-purpose filtering directive called content_filter.

The content_filter directive specifies a mail transport that Postfix will invoke after receiving a message. The mail transport hands the message to a filtering program. The filter checks the message and then either refuses it (which will cause Postfix to generate a bounce message), discards it, or reinjects the modified message into Postfix for further delivery. Messages that pass the filter are reinjected so that Postfix can operate on them almost as if they were new messages; this allows Postfix to behave properly if the content filter rewrites message headers.

Content filters can be programs that are invoked for each message. They read a message on standard input and reinject filtered messages via the sendmail program. SpamAssassin itself is not suitable for use as a content filter, because it doesn't know how to reinject a tagged message. However, SpamAssassin can be invoked by a content filter in several ways.

Create your own Content Filter

Postfix receives unfiltered mail from the network with the smtpd server, and delivers unfiltered mail to the SpamAssassin content filter with the Postfix pipe delivery agent. The content filter injects filtered mail back into Postfix with the Postfix sendmail command, so that Postfix can deliver it to the final destination.

This means that mail submitted via the Postfix sendmail command cannot be content filtered again.

The content filters are programs that accept messages on standard input, perform spam-checking, and either exit with an error status code or reinject the message to Postfix. To use a program as a content filter requires a series of steps:

继续阅读

Posted in Linux系统学习 | Leave a comment

netstat p参数没有显示进程id和程序名字

netstat p参数没有显示进程id和程序名字

根据netstat的说明,参数p可以列出对应socket的进程id和程序名字,

netstat -p

可是你会发现有些有,有些没有,

tcp        0      0 0.0.0.0:6379                   0.0.0.0:*                   LISTEN      –                   
tcp        0      0 127.0.0.1:55567             0.0.0.0:*                   LISTEN      8144/python         
tcp        0      0 0.0.0.0:111                     0.0.0.0:*                   LISTEN      –                   
tcp        0      0 0.0.0.0:80                       0.0.0.0:*                   LISTEN      –                   
tcp        0      0 0.0.0.0:8082                   0.0.0.0:*                   LISTEN      15302/java          
tcp        0      0 127.0.0.1:9205               0.0.0.0:*                   LISTEN      –                   
tcp        0      0 0.0.0.0:22                       0.0.0.0:*                   LISTEN      –                   
tcp        0      0 127.0.0.1:631                 0.0.0.0:*                   LISTEN      –                   
tcp        0      0 0.0.0.0:4730                   0.0.0.0:*                   LISTEN      –                   
tcp        0      0 0.0.0.0:9092                   0.0.0.0:*                   LISTEN      15302/java          
tcp        0      0 0.0.0.0:5029                   0.0.0.0:*                   LISTEN      –                   
tcp        0      0 127.0.0.1:9000               0.0.0.0:*                   LISTEN      –                   
 

继续阅读

Posted in Linux系统学习 | Leave a comment

linux bash添加文件内容和改写文件内容

linux bash添加文件内容和改写文件内容

创建文件

touch test.txt

用vim打开并添加内容:

vim test.txt

this is content

添加文件内容

echo "this is another content" >> test.txt

之后内容变成:

this is content

this is another content

继续阅读

Posted in Linux系统学习 | Leave a comment

linux如何显示某个进程的cpu和内存的使用情况

linux如何显示某个进程的cpu和内存的使用情况

这里说的命令行下面操作:

ps -p [pid] -o %cpu,%mem

例如:

$>ps -p 27890 -o %cpu,%mem

%CPU %MEM
 0.1  1.5

或者还可加上cmd来打印出当前命令:

ps -p [pid] -o %cpu,%mem,cmd

继续阅读

Posted in Linux系统学习 | Leave a comment

svn删除已经被手动删除的文件

svn删除已经被手动删除的文件

svn提供了删除文件的方式

svn rm或者svn delete

比如说

svn rm test/test.c

但是如果你是先用linux直接删除文件的方式删除了文件,那么svn删除已经被手动删除的文件怎么做呢?下面一条命令即可做到

继续阅读

Posted in Linux系统学习 | Leave a comment

rpm包中名词解释

EPEL

rpm包中名词解释 有时候我们看到一些rpm的安装包里面写的名字是带什么epel,或者el6之类的,那么EPEL是什么呢?

根据官网的解释:

https://fedoraproject.org/wiki/EPEL

EPEL=Extra Packages for Enterprise Linux

就是企业版Linux的额外安装包。

What is Extra Packages for Enterprise Linux (or EPEL)?

Extra Packages for Enterprise Linux (or EPEL) is a Fedora Special Interest Group that creates, maintains, and manages a high quality set of additional packages for Enterprise Linux, including, but not limited to, Red Hat Enterprise Linux (RHEL), CentOS and Scientific Linux (SL), Oracle Enterprise Linux (OEL).

继续阅读

Posted in Linux系统学习 | Leave a comment

linux查找进程

linux查找进程

ps aux | grep xxxx
可以查到对应的xxxx进程的信息,
不过如果需要进程id的话,则需要,
ps aux | grep xxxx | awk {'print $2'}

你会发现除了我们感兴趣的进程的id外,还多了一个grep的进程,那么去掉?

使用 grep -v grep

ps aux | grep -i firefox | grep -v grep | awk {'print $2'}
grep的-v就是去除不感兴趣的部分。

下面是利用上面的pid直接杀掉它:

ps aux | grep -i firefox | grep -v grep | awk {'print $2'} | xargs kill -9

继续阅读

Posted in Linux系统学习 | Leave a comment
京ICP备15005596号-4