Introducing ViMbAdmin – Virtual Mailbox Administration

Open Solutions are pleased to announce the immediate availability of our latest free and open source web application, ViMbAdmin, a web based interface which will allow you to manage mailboxes, virtual domains and aliases.

Open Solutions are pleased to announce the immediate availability of our latest free and open source web application, ViMbAdmin (vim-be-admin). ViMbAdmin is a web based interface which will allow you to manage mailboxes, virtual domains and aliases.

ViMbAdmin is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 3, or (at your option) any later version.

ViMbAdmin was entirely funded by Open Solutions and developed by our staff. If you find this application of value, please consider making a donation to our chosen charity.

Do you want to see it in action? We have a live demo which you can access here. You can also browse screenshots by clicking the image on this page.

ViMbAdmin was written in PHP using our own web application framework which includes the Zend Framework, the Doctrine ORM and the Smarty templating system with JQuery on the frontend.

ViMbAdmin is hosted on its own Google Code project page where you can find documentation, browse the source code and access our Subversion repository. We have set up a Google Groups discussion group and you can read our ViMbAdmin blog posts.

ViMbAdmin can work as a slot in replacement for Postfix Admin with a few MySQL ALTER statements.

Features

  • Super admin(s) user level with full access;
  • Admin(s) user level with access only to assigned domains and their mailboxes and aliases;
  • Super admins can create and modify super admins and admins;
  • JQuery Datatable throughout for quick in browser searching and pagination;
  • Create, modify and purge domains including limited the number of mailboxes and aliases a non-super admin can create per-domain;
  • Activate / deactivate admins, domains, mailboxes and aliases at the click of a button;
  • Full logging;
  • Facility for users (mailbox owners) to change their password;
  • Forgotten Password / Password Reset function for admins;
  • Very configurable including:
    • set default values for quotas, number of mailboxes and aliases for domain creation;
    • templated welcome and settings email for users;
    • either plain or MD5 mailbox password support;

 

Useful RANCID Debugging Tips

I always find it difficult to find a good reference for RANCID debugging strategies and, after spending the afternoon on doing same on one installation, put together my own list.

I always find it difficult to find a good reference for RANCID debugging strategies and, after spending the afternoon on doing same on one installation, put together my own list.

Note that in the following, I use clogin and rancid which assumes a Cisco device. Change to the appropriate variations if you’re not trying to work with a Cisco.

  1. Test logging into a device:
    > clogin rtr1.example.com
  2. Test logging into a device and a single command:
    > clogin -t 90 -c"show version" rtr1.example.com
  3. Test logging into a device and run a sequence of commands:
    > clogin -t 90 -c"show version;show calendar" rtr1.example.com
  4. Show what RANCID does with debugging output:
    > rancid -d rtr1.example.com

    If the above throws some errors (especially a list of missed commands, and if you’re using TACACS, ensure you have authorisation to run all the commands RANCID tries but logging into the router as the RANCID user and executing them one at a time.

  5. Same as (4) but record all router / switch output for analysis:
    > setenv NOPIPE YES
    > rancid -d rtr1.example.com

    and then complete output can be found in the file: rtr1.example.com.raw (in this example).

  6. Run RANCID on a single switch / router tree rather than all:
    > /usr/local/bin/rancid-run [tree]
  7. Run RANCID normally:
> /usr/local/bin/rancid-run
  1. Don’t forget that logs are available in RANCID’s logs/ directory.

Database Design for Doctrine

Creating a database schema directly in the database or in YAML can be very frustrating and difficult. I’ve looked at tools like MySQL Workbench in the paste and have not been impressed – especially as I need an export to YAML function for Doctrine (a PHP ORM project which I’m a big fan of).

I recently came across ORM Designer and have quickly become a big fan. It’s interface is nice, it has excellent support for Doctrine including behaviors and I’ve ran through many update / export to YAML / create models from YAML cycles without issue.

I’d strongly recommend for anyone using Doctrine – plus there’s a 30 day evaluation without any limiting of functionality so you can examine it for yourselves.

Testing SPAM and Virus Filters

I’ve recently performed a complete upgrade of Open Solutions’ mail servers and I’ve now moved onto doing likewise for one of our ISP customers with a lot of users.

These retrofits include installing virus and SPAM filters to protect both ourselves and the ISP customers but also to stop customers who have infected computers from spewing these emails out.

When everything’s up and appears to be working, I like to test both filtering systems to ensure they’re working. Quoting from eicar:

Using real viruses for testing in the real world is rather like setting fire to the dustbin in your office to see whether the smoke detector is working. Such a test will give meaningful results, but with unappealing, unacceptable risks.

Fortunately, test files exist for virus checkers and SpamAssassin:

  • The EICAR standard anti-virus test file can be found here.
  • SpamAssassin created the GTUBE (Generic Test for Unsolicited Bulk Email) for the same purpose and this can be found here.

Go That Way, Really Fast

In the vein of Release Early, Release Often, Jeff Atwood, CTO of StackOverflow.com, has posted an interesting article on the topic and on the huge amount of work they have gotten done in five months and their fears that they’re still not moving fast enough.

We’re going to go that way, really fast. And if something gets in our way, we’ll turn.


Link: MySQL Best Practices

I came across this site today which has some good advice for MySQL. I’m particularly happy to see that Doctrine, a relatively new ORM for PHP which we’re big fans of, is gaining some traction.

I came across this site today which has some good advice for MySQL. I’m particularly happy to see that Doctrine, a relatively new ORM for PHP which we’re big fans of, is gaining some traction.

I also noticed that Piwik, an open source analytics package, are using some interesting quality assurance tools which may be of interest to PHP developers (along with a continuous integration tool I came across recently: phpUnderControl).

Continuous Integration for PHP

I stumbled upon phpUnderControl today by chance and it looks like a very interesting project which integrates:

I hope to take a closer look at it in the near future for a new project we’re lining up at work (want to help us?).

Speaking of continuous integration, for another project we installed and look after a Hudson server for a customer who is developing a Java and Cocoa application – if you’re looking for a CI tool for a Java (or other) development project, this is definitely worth a look (easy installation, nice and intuitive interface and well featured).

Amazon Web Service’s ec2-bundle-image on Ubuntu

This is really a post for Google’s crawlers on getting AWS’s EC2 AMI tools working under Ubuntu (I’m currently on Gutsy 7.10). Despite any bitching I may do below, EC2 and S3 are cool services.

The first problem is that AWS only distribute the tools as an RPM (really guys? I mean FFS). Convert and install with alien.

# apt-get install alien
# alien -k ec2-ami-tools.noarch.rpm
# dpkg -i ec2-ami-tools_1.3-15283_all.deb

Make sure you also install libopenssl-ruby.

Set your Ruby path as the RPM places them where RedHat expects to find them:

# export RUBYLIB="/usr/lib/site_ruby"

Now when you run the utility, you’ll probably get:

$ ec2-bundle-image -r ... -i ... -k ... -c ... -u ...
sh: Syntax error: Bad substitution

Aparently Ubuntu switched from invoking bash to dash for sh somewhere along the line. Just relink it (temporarily or permanently as suits):

# rm /bin/sh
# ln -s /bin/bash /bin/sh

And you should be good to go.

One other issue I encountered was that the permissions of the directories were for root only (i.e. /usr/local/aes, /usr/lib/site_ruby/ and /etc/aes). A very sloppy chmod a+rX on each of these will resolve that. Although I suspect it’s more to do with the fact that I used rpm2cpio and cpio rather than alien the first time around.

Nagios Plugin to Check the Status of PRI Lines in Asterisk

I have a number of Asterisk implementations that I keep an eye on that have multiple PRI connections. Knowing if and when they ever go down has the obvious benefits of alerting me to a problem in near real time. But besides that, it allows my customers and I to verify SLAs, track and log issues, etc.

To this end, I have written a Nagios plugin which queries Asterisk’s manager interface and executes the pri show spans CLI command (this is Asterisk 1.4 by the way). The script then parses the output to ascertain whether a PRI is up or not.

The actual code to connect to the manager interface and execute the query is simply:

if( ( $astsock = fsockopen( $host, $port, $errno, $errstr, $timeout ) ) === false )
{
    echo "Could not connect to Asterisk manager: $errstr";
    exit( STATUS_CRITICAL );
}

fputs( $astsock, "Action: Login\r\n");
fputs( $astsock, "UserName: $username\r\n");
fputs( $astsock, "Secret: $password\r\n\r\n"); 

fputs( $astsock, "Action: Command\r\n");
fputs( $astsock, "Command: pri show spans\r\n\r\n");

fputs( $astsock, "Action: Logoff\r\n\r\n");

while( !feof( $astsock ) )
{
    $asttext .= fread( $astsock, 8192 );
}

fclose( $astsock );

if( strpos( $asttext, "Authentication failed" ) !== false )
{
    echo "Asterisk manager authentication failed.";
    exit( STATUS_CRITICAL );
}

This plugin is hard coded to English and expects to find Provisioned, Up, Active for a good PRI. For example, the Asterisk implementations that support the pri show spans command that I have access to return one of:

  • PRI span 1/0: Provisioned, In Alarm, Down, Active
  • PRI span 3/0: Provisioned, Up, Active
  • PRI span 2/0: Up, Active

I’m actually running a slightly older version of Nagios at the moment, version 1.3. To integrate the plugin, first add the following command definition to an appropriate existing or new file under /etc/nagios-plugings/config/:

define command{
        command_name    check_asterisk_pri
        command_line    /usr/lib/nagios/plugins/check_asterisk_pri.php \\
             -H $HOSTADDRESS$ -U $ARG1$ -P $ARG2$ -w $ARG3$ \\
             -c $ARG4$ -n $ARG5$
}

where $ARG1$ is the Asterisk manager username and $ARG2$ is the password. $ARG3$ and $ARG4$ are the warning and critical thresholds respectively whereby if the number of available PRIs reaches one of these values, the appropriate error condition will be set. Lastly, $ARG5$ is the number of PRIs the plugin shouldexpect to find.

NB: the command_line line above is split for readability but it should all be on the one line.

Now create a test for a host in an appropriate file in /etc/nagios/config/:

define service{
        use                             core-service
        host_name                       hostname.domain.ie
        service_description             Asterisk PRIs
        check_command                   check_asterisk_pri!user!pass!2!1!4
}

Ensure that your Nagios server has permissions to access the Asterisk server via TCP on the Asterisk manager port (5038 by default). If on a public network, this should be done via stunnel or a VPN for security reasons.

Lastly, you’ll need a user with the appropriate permissions and host allow statements in your Asterisk configuration (/etc/asterisk/manager.conf):

[username]
secret = password
deny=0.0.0.0/0.0.0.0
permit=1.2.3.4/255.255.255.255
read = command
write = command

The next version may include support for BRI and Zap FXO ports also. I also plan on a Cacti plug in to show the channels on each PRI (up – on a call, down, etc). In any case, updates will be posted here.

The plug in can be download from: http://www.opensolutions.ie/misc/check_asterisk_pri.php.txt

UPDATED 20/03/2012: Aterisk 1.8.9 takes out the word “Provisioned” in “pri show spans”. Thanks to Shane O’Cain.

Easy PHP Search in Firefox

Niall has created a quick Opensearch file to add the PHP Function search to the search bar of Firefox 2 And IE7. If anyone is interested it’s available here.

For those that don’t know, this feature has existing in KDE in multiple forms for some time. For example, pressing ALT-F2 opens the Run Command dialog and typing, for example:

php:fopen

will bring up PHP.net’s own search page. The same goes for the location bar in Konqueror.

By the way, other nice short cuts in the Run Command dialog include:

  • gg: <keywords> for a quick Google search;
  • wp: <keywords> for a quick Wikipedia search;
  • dict: <keyword> for a quick dictionary look-up;
  • man: <keyword> for a man page look-up;
  • info: <keyword> for an info page look-up;
  • rfc: <number> to be brought to the relevant RFC page;

Of course, entering a command will execute it and just entering a URL will open it in Konqueror.