Latest Server related questions

I set up the proxy_content_filter to inet:127.0.0.1:10025 and in master.cf: ##(DKIM: 8891, DMARC: 54321)

127.0.0.1:10025 inet n - n - - smtpd
...
smtpd_milters=inet:localhost:8891,inet:localhost:54321
...

and in logs opendmarc running too early:

Jul 23 12:42:07 mail postfix/smtpd[10474]: NOQUEUE: client=test.com[192.168.1.1]
Jul 23 12:42:07 mail postfix/10025/smtpd[10482]: connect from localhost[ ...

I've encountered and issue with 2 different nginx/Ubuntu based Load Balancers this week, hoping someone might be able to help.

Each machine has received the following updates in the past 24 hours apt update log

That has caused nginx to stop accepting traffic, subsequently causing an outage.

running " service nginx status " still shows as "green" with the Service running, and an uptime of since the la ...

Problem with installing fargate profiles and coreddns addon; I'm using terraform for some parts and kubetctl for others, the fargate profiles are created via terraform:

fargate_profiles = {
  kube-system-profile = {
    name = "kube-system-profile"
    selectors = [
      {
        namespace = "kube-system"
        labels = {
          name = "kube-system"
          k8s-app = "kube-dns"
        }
      }
 ...

I want to internally publish an SMTP server (IP 10.0.0.10) that is behind a VPN tunnel on my internal server (192.168.0.12) using strongswan. My strongswan is running within a docker container.

For this I want my internal server 192.168.0.12 to listen to its 25 port and to forward the traffic to the tunneled server on the same port 10.0.0.10:25.

So far I tried using iptables, but without success.

Im having a hard time with a single Dell r620 server, which is acting a bit weird when it comes to the redfish api.

We have 10+ of the exact same r620, with same configuration, same bios/idrac/controller, where redfish power metrics is working fine, but a single server is acting out.

The problem is that powermetrics isn't updated, so when we call the url: https://10.10.10.10/redfish/v1/Chassis/System.Emb ...

We're setting up RADIUS authentication for wireless network connections through a Windows Server 2012 R2 (NPS).

We have to allow both domain computers (registered in Active directory) and non-domain devices, typically Android smartphones.

Following this official documentation, the behaviour is as excepted and working fine for domain computers.

Now, we would like to set up mac address authentication for A ...

I would like to restrict certain network shares in my network so that only specific groups can access the shares. However, some of these shares are archived to an external system. Whenever the archived bit is set on files in the share, the files will be archived automatically.

Whenever I changed the ACL of a certain network share, the archived bit is set on all files on the share, which causes al ...

I have no internet connectivity in freshly installed PfSense system.
Steps:

1. I've created OVH instance with Ubuntu and I mounted mfsbsd image.
2. After booting to mfsbsd there was also internet problem. Couldn't download anything or ping at all.
3. I copied PfSense image through SSH using local network.
4. I installed PfSense with UFS BIOS option.
5. Using OVH console I can see that PfSense booted properly after r ...

I am trying to copy a file with lxc, now I am already desperate. Here are some commands that I have tried:

#temp=$(cat 2.sh)
#lxc-attach -n containerName echo $temp > /root/2.sh
#lxc-attach -n containerName cat /root/2.sh
->

#temp=$(cat 2.sh)
#lxc-attach -n containerName -- bash -c 'echo $temp > /root/2.sh'
#lxc-attach -n containerName cat /root/2.sh
->

#lxc-attach -n containerName -- ...

I'm researching the reason why TLS/SSL is not using over HTTP. Other protocols, such as SMTP, POP3, FTP, etc can be used on SSL ports (SMTPS, POP3S, FTPS) for the first way, and the second way is to use STARTTLS option in the current port with the extension (SMTP example) There is a popular way to use the second way (STARTTLS) on email protocols, but why is http not using STARTTLS? I found RFC TLS wit ...

I have a 4 node cluster in AWS, which 2 nodes are continuosly getting diconnected and sometimes rebooting works and sometimes need to reboot all the nodes in the cluster to get all back.

[ec2-user@ip-172-31-7-235 ~]$ docker node ls
ID                            HOSTNAME                                      STATUS    AVAILABILITY   MANAGER STATUS   ENGINE VERSION
xhei85m3mjp6wikz81phl01sx *   ip-172 ...

Following principle of Least-Privilege Administrative Model I need to create custom group that would give its members permission to add computers to a domain but nothing else that could pose a security risk.

So I created my custom group in AD (let's call it "Domain Manager") and assigned test domain user to this group.
Then I went over to Group Policy Manager and created GPO. Inside my GPO I went to

On our CentOS 7.3.1611 system with installed MariaDB, httpd and Postfix the partition /dev/mapper/centos_srv01-root gets with more time more & more full.

• For two days (2021-07-21) is the output from df -h:

• The output from today:

We also recursively searched on the root directory for all files over 100MB. However, there were no differences between the two days. Although /dev/mapper/centos

I've added some vpc firewall rules to prevent access to my load balancer - and allowed only specific ips. The rules seems to block traffic between the load balancer and the VMs. how can I set up a rule that allow all traffic between load balancer and vms ? I've tried with LB external ip but it doesn't work. Does the load balancer has internal ip ? where can I find it ? the "internal" default rule doesn' ...

There is one (responsible for sending SMS) service(daemon) in Ubuntu 20.04, it is single-threaded, how can run multiple copies of this service(daemon), or make it multi-threaded?

Otherwise, for each project, I create one server with this service, which affects resources.

the thought of Docker or lxd/lxc comes to mind.