Mail fails to deliver due to corrupt /etc/domain_secondary_mx_ips.cdb file

This error show up in Exim mail logs when trying to send email from cpanel email:
2021-01-19 21:38:46 failed to expand "${lookup{$domain}cdb{/etc/domain_secondary_mx_ips.cdb}}" while checking a list: lookup of "test.com" gave DEFER: cdb: corrupt cdb file /etc/domain_secondary_mx_ips.cdb (too short).

Issue: The issue was occurring due to corruption in the /etc/domain_ secondary_mx_ips.cdb file. Check for an extra digit at the IP address.

[23:11:03 user root@94146958 ~]cPs# /scripts/dumpcdb /etc/domain_secondary_mx_ips.cdb 
$VAR1 = {
      'actionforex.com' => '192.15.25.502'
     };

To address this issue, login and run:

# /usr/local/cpanel/bin/servers_queue queue build_secondary_mx_cache, which recreated the file with the correct IP-address information:
[23:30:51 user root@94146958 ~]cPs# /scripts/dumpcdb /etc/domain_secondary_mx_ips.cdb 
$VAR1 = {
 'actionforex.com' => '192.15.25.50'
 };

Check with a test email and view of the file to ensure the correct IP address.

Install Brave Browser on Ubuntu, MintDebian 9+, Ubuntu 14.04+ and Mint 17+

Install Brave Browser on Ubuntu, MintDebian 9+, Ubuntu 14.04+ and Mint 17+

If you get gnutls_handshake() errors after adding the Brave repository on Debian 9, you may need to uninstall old conflicting packages.

# sudo apt install apt-transport-https curl gnupg
# curl -s https://brave-browser-apt-release.s3.brave.com/brave-core.asc | sudo apt-key --keyring /etc/apt/trusted.gpg.d/brave-browser-release.gpg add -
# echo "deb [arch=amd64] https://brave-browser-apt-release.s3.brave.com/ stable main" | sudo tee /etc/apt/sources.list.d/brave-browser-release.list
# sudo apt update
# sudo apt install brave-browser

How to While List IP’s for Different Email Providers

If you emails are not arriving or you are getting delays or no receipt, here are ways to help improve email delivery.

Google

To keep important email messages out of your Gmail spam folder, you should do the following steps.

  1. Add the sender email address to your Google Contacts. When you add a sender’s email address to your contacts, it tells Google you want to receive email from that sender. This method does not guarantee messages from the desired sender won’t be sent to spam, but it’s an easy way to make it more likely the desired email will arrive in your inbox.
  2. Create a filter rule to prevent messages from specific senders going into the spam folder. This adding to the whitelist or safe sender list. Also, If an email message is already in your spam folder, you can use an option to train the Gmail spam filter to not send those messages to your spam folder.

Add a Gmail Contact on the Computer and on Android or IOS App.

On your computer, go to contacts.google.com, at the top left corner, select Create contact, enter the contact’s information, including the sender email address, select save in the bottom right corner.

On your Android phone or tablet, open the Contacts app, at the bottom right, tap add, enter the contact’s name and email address. Make sure you save the contact to the correct account. Next to your email account, tap the Down arrow and then select the account that will receive the email messages you’re whitelisting. When you’re finished, tap Save.

Create a filter rule to keep desired email out of spam

Gmail’s filters provide a lot of useful ways to manage your email and one of those ways is to set a rule to prevent email from a specific email address from going to your spam folder. Filters are the closest thing Gmail has to a “safe sender” or “whitelist”.

Filters can only be created and modified from the online web version of Gmail, so you’ll need to go to your computer to complete the following.

Open the Gmail website from your computer. In the search box at the top, select the Down arrow.

In the From field, enter the sender email address. At the bottom of the search window, click Create filter.

Select Never send it to Spam. Click Create filter.

Mark an email as Not Spam

On your computer, open the Gmail website and on the left, select More then find Spam.

Open the desired email message. At the top of the page, select “Not spam”. The message will be moved to your inbox.

If you’re an email sender having trouble sending email to Gmail recipients, visit the Gmail Postmaster Tools website. Source: https://www.whitelist.guide/gmail/

Outlook, Office365

Add an address to your Contacts and the Safe Senders list to ensure you’ll always receive their messages. Email addresses in the Safe Senders List are never treated as junk email. If lands in your junk email folder, you can mark it as “not junk” to teach Outlook that you want to receive that type of email.

Safe Senders list

By default, email addresses in your Outlook contacts are considered safe senders by the Junk Email Filter, but you can change this setting. Email messages from safe senders are never moved to the Junk E-mail folder.

To add people to your Safe Senders List (web), do the following:

Select the Settings icon (gear icon), select View all Outlook settings,

 

Select Mail, Select Junk email, Enter the sender email address, Hit Enter on Keyboard > Save.

Check blocked senders and safe senders list

Select Settings > View all Outlook settings, Select Mail, and then select Junk email, If you see the sender’s address listed under “Blocked senders and domains”, select the address and then select Remove > Save.

Mark a message as “not junk”. In your Outlook.com folder list, select the Junk Email folder and look for the missing email. Right-click the desired email and then select Mark as not junk. The message will automatically be moved to your inbox.

 

Other resources:
https://www.lifewire.com/add-address-domain-safe-senders-outlook-1173760
whitelist.guide

Proxmox Resources

Installation
https://pve.proxmox.com/wiki/Installation

How to manage USB devices
https://pve.proxmox.com/wiki/USB_Devices_in_Virtual_Machines

Command Line tools
https://pve.proxmox.com/wiki/Command_line_tools

Proxmox on Debian Install fails – Errors were encountered while processing: pve-manager proxmox-ve

I reciently install proxmox on Debian and the install failed. Here is the error:

 apt-get update
Hit:1 http://download.proxmox.com/debian/pve buster InRelease
Hit:2 http://security.debian.org/debian-security buster/updates InRelease
Hit:3 http://deb.debian.org/debian buster InRelease
Hit:4 http://deb.debian.org/debian buster-updates InRelease
Reading package lists... Done
root@px1:~# apt dist-upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
2 not fully installed or removed.
After this operation, 0 B of additional disk space will be used.
Do you want to continue? [Y/n] y
Setting up pve-manager (6.3-3) ...
Job for pveproxy.service failed because the control process exited with error code.
See "systemctl status pveproxy.service" and "journalctl -xe" for details.
dpkg: error processing package pve-manager (--configure):
 installed pve-manager package post-installation script subprocess returned error exit status 1
dpkg: dependency problems prevent configuration of proxmox-ve:
 proxmox-ve depends on pve-manager; however:
  Package pve-manager is not configured yet.
 
dpkg: error processing package proxmox-ve (--configure):
 dependency problems - leaving unconfigured
Errors were encountered while processing:
 pve-manager
 proxmox-ve
E: Sub-process /usr/bin/dpkg returned an error code (1)

The resolution was to make sure the network was set to a static IP:

# The primary network interface
allow-hotplug enp4s0
iface enp4s0 inet static
address 192.168.0.16
        netmask 255.255.255.0
        gateway 192.168.0.1
        # dns-* options are implemented by the resolvconf package, if installed
        dns-nameservers 1.1.1.1 1.0.0.1
        dns-search geekdecoder.com

The second issue was to make sure there was a host entry. Comment out the 127.0.0.1 and make sure to use the full host.domain host as below. Leaving out the end “px1” caused the issue.

#127.0.1.1      px1.geekdecoder.com     px1
192.168.0.16    px1.geekdecoder.com     px1

Mount NTFS file system in Debian

How to mount a NTFS disk in Debian.

Find the disk:

# fdisk -l
Disk /dev/sda: 232.9 GiB, 250059350016 bytes, 488397168 sectors
Disk model: ST3250310AS
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x84c02518

Device     Boot     Start       End   Sectors  Size Id Type
/dev/sda1  *         2048 471801855 471799808  225G 83 Linux
/dev/sda2       471803902 488396799  16592898  7.9G  5 Extended
/dev/sda5       471803904 488396799  16592896  7.9G 82 Linux swap / Solaris


Disk /dev/sdb: 931.5 GiB, 1000204886016 bytes, 1953525168 sectors
Disk model: WDC WD10EZRX-00L
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes
Disklabel type: dos
Disk identifier: 0x93665d93

Device     Boot Start        End    Sectors   Size Id Type
/dev/sdb1        2048 1953521663 1953519616 931.5G  7 HPFS/NTFS/exFAT

So, the NTFS is disk sdb1. Find the UUID value.

 sudo blkid  /dev/sdb1
/dev/sdb1: LABEL="Backup" UUID="0CF88F39F88F2056" TYPE="ntfs" PTTYPE="atari" PARTUUID="93665d93-01"

Install NTSF-3G:

# sudo apt-get install ntfs-3g

Create the /mnt/ntfs/ directory

# sudo mkdir -p /mnt/ntfs/

Add to fstab.

# nano /etc/fstab
# UUID="YOUR-UID-HERE" /mnt/ntfs/ ntfs-3g rw,uid=1000,gid=1000,dmask=0002,fmask=0003 0 0
UUID="0CF88F39F88F2056" /mnt/ntfs/ ntfs-3g rw,uid=1000,gid=1000,dmask=0002,fmask=0003 0 0

Test it

# sudo mount -a
# df -h
/dev/sdb1       932G  295G  638G  32% /mnt/ntfs
# cd /mnt/ntfs/
# ls -l

Where Proxmox ISO Stored

How to use wget to download iso’s directly to proxmox 6.2-14. Here is the location for the iso file. There is 1 ISO – a Debian ISO that I uploaded to the GUI. Login the proxmox host via ssh. Now find the location as follows:

cd /var/lib/vz/template/iso
# ls -la
total 357384
drwxr-xr-x 2 root root      4096 Nov  1 08:41 .
drwxr-xr-x 5 root root      4096 Oct 31 16:35 ..
-rw-r--r-- 1 root root 365953024 Nov  1 08:41 debian-10.6.0-amd64-netinst.iso

Download ubuntu 16.04. You can also specify a directory for the file to download to, as well as choose a name for the download. Use the -O (output) option and enter the directory and file name after the URL.

# wget https://releases.ubuntu.com/16.04/ubuntu-16.04.7-server-amd64.iso -O /var/lib/vz/template/iso/ubuntu-16.04.7-se         rver-amd64.iso
--2020-11-01 11:35:34--  https://releases.ubuntu.com/16.04/ubuntu-16.04.7-server-amd64.iso
Resolving releases.ubuntu.com (releases.ubuntu.com)... 2001:67c:1360:8001::33, 2001:67c:1360:8001::34, 2001:67c:1562::25, ...
Connecting to releases.ubuntu.com (releases.ubuntu.com)|2001:67c:1360:8001::33|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 922746880 (880M) [application/x-iso9660-image]
Saving to: ‘/var/lib/vz/template/iso/ubuntu-16.04.7-server-amd64.iso’
/var/lib/vz/template/iso/ubuntu-16.04.7 100%[==============================================================================>] 880.00M  19.2MB/s    in 91s

2020-11-01 11:37:06 (9.64 MB/s) - ‘/var/lib/vz/template/iso/ubuntu-16.04.7-server-amd64.iso’ saved [922746880/922746880]

After the upload, you can see the new ISO in the GUI at p1 > local (storage) > Content.

Disable TCP Port 135 and Avoid WannaCry Windows 10

Check open ports:

How to identify the processes that are keeping ports open

Windows OS

For Windows operating systems, you can use netstat, which is included with the OS. On the scanned server, open command prompt. Run the command:

netstat -ano

This will list all the network connections on the machine. The last column shows the process ID of the process for the specific network connection. You will probably want to filter this down using the ‘find’ command. For example, if you only want to list the network connections on port 135, use:

netstat -ano | find “:135”

This will list a network connection in LISTENING mode and the id of the process that opened the connection. Use “tasklist /SVC /FI “PID eq xxx” to show the name of the process and service for process id xxx.
For example, if you want to list the information about processed id 7424, use:

tasklist /SVC /FI “PID eq 7424