├── README
├── apache
├── .htaccess
├── custom
│ ├── virtual_host.conf
│ ├── virtual_host2.conf
│ ├── virtual_host2.conf.CUSTOM.4.post
│ ├── virtual_host2_secure.conf
│ ├── virtual_host2_secure.conf.CUSTOM.4.post
│ ├── virtual_host2_sub.conf
│ └── virtual_host_sub.conf
├── deploy_vhost_templates.sh
├── deploymailadmin.sh
├── fixapache.sh
├── index.html
└── killuserdir.sh
├── bin
└── mxbin
├── botnetunblock.sh
├── cpanel
├── dovecot
│ ├── dovecot_hook.sh
│ └── usr
│ │ └── sbin
│ │ └── dovecot_cpshutdown
├── fixeximstats.sh
└── fuckmysql.sh
├── crossbox
└── crossbox-da-skin.sh
├── csf.conf
├── csfgoogle.sh
├── deploy.sh
├── deploy_updates.sh
├── directadmin
├── bubblewrap.sh
├── configure_disk_usage.sh
├── customtemplates.sh
├── dovecotquotafix.sh
├── emailaudit.sh
├── evolution
│ ├── files
│ │ ├── menu-v2.json
│ │ └── options-v3.json
│ └── user_options.json
├── fix_domain_ownership.sh
├── fixdns.sh
├── killautoresponders.sh
├── localoff.sh
├── localon.sh
├── pop_disk_usage_cache.sh
├── renew_ssl_certs.sh
├── scripts
│ └── custom
│ │ └── domain_create_post.sh
├── templates
│ └── custom
│ │ ├── dns_a.conf
│ │ ├── dns_mx.conf
│ │ ├── dns_txt.conf
│ │ └── forbidden_domains.list
├── updatetheme.sh
└── updatetheme.sh.old
├── dns
├── dns.sh
├── monitor_dns.sh
├── resolv.conf
├── resolv.conf.safety
└── unbound_deploy.sh
├── dovecot
├── 90-sieve.conf
├── countios.sh
├── mail_max_userip_connections.conf
├── normalizelogs.sh
├── sieve_custom.sh
└── update_dovecot.sh
├── exim
├── add_bulk_acls.sh
├── bannedspoofing
├── bounce_old_junk.sh
├── check_overquota.sh
├── clearcertlogs.sh
├── deploy_exim_conf.sh
├── deploy_helo_blocks.sh
├── easy
│ ├── check_message.conf
│ ├── variables.conf
│ └── variables.conf.custom
├── exim.acl_check_helo.pre.conf
├── exim.acl_check_message.pre.conf
├── exim.acl_check_recipient.pre.conf
├── exim.conf
├── exim.dkim.conf
├── exim.routers.pre.conf
├── exim.strings.conf.custom
├── exim.transports.pre.conf
├── exim.variables.conf.custom
├── filter_exim_logs.sh
├── fixqueue.sh
├── gather_invalids.sh
├── heloblocks
├── move_mxrbl_to_sa.sh
├── ovhranges
├── quotamitigation.sh
├── spam_recipients
├── spoofcheck.sh
├── susranges
├── susranges_whitelist
├── system_filter.exim
├── toprecipient.sh
├── update_acls.sh
├── update_exim.sh
├── update_spam_recipients.sh
└── warmup_sender_acl_deploy.sh
├── fuckingbounces.sh
├── misc
└── clean_unblockme.sh
├── resolv.conf
├── resolvconf.sh
├── roundcube
├── managesieve
│ └── config.inc.php
└── update_roundcube.sh
├── runqueue.sh
├── sec
├── bfblock.sh
├── botnet.list
├── botnet.sh
├── bruteforcetrends.sh
├── check_google_blocks.sh
├── check_mx.sh
├── cleanblackholes.sh
├── csfadjust.sh
├── exim-blackhole.sh
├── facebook.sh
├── facebook_ips
├── feb2025botnet.sh
├── quickgmailhit.sh
├── ransom.list
├── ransom.sh
├── redoblackholes.sh
├── senderverifyfailed.sh
├── suswlunblock.sh
├── unfuckthesenetworks.sh
└── worst.sh
├── services
├── bye_afterlogic.sh
├── installcloudsend.sh
├── update_php73.sh
└── update_services.sh
├── snappy
├── fix_ssl_redirect.sh
├── snappy_install.sh
└── update_snappy.sh
├── spamassassin
├── deploy_sa.sh
├── deploykam.sh
├── enable_spamd.sh
├── failuremitigation.sh
├── fixchildren.sh
├── local.cf
├── migrate_to_sa.sh
└── update_rules.sh
├── syslog-ng.sh
└── update_limits.sh
/README:
--------------------------------------------------------------------------------
1 | These are the scripts for updating and re-applying customizations to services for MXroute's DirectAdmin servers. Over time, this seems to have become the full management scripts for MXroute servers, which is okay.
2 |
--------------------------------------------------------------------------------
/apache/custom/virtual_host.conf:
--------------------------------------------------------------------------------
1 | # Cleaned out
2 |
--------------------------------------------------------------------------------
/apache/custom/virtual_host2.conf:
--------------------------------------------------------------------------------
1 | |CUSTOM4|
2 |
--------------------------------------------------------------------------------
/apache/custom/virtual_host2.conf.CUSTOM.4.post:
--------------------------------------------------------------------------------
1 |
2 | ServerName webmail.|DOMAIN|
3 | ServerAdmin |ADMIN|
4 | DocumentRoot /var/www/html/roundcube
5 |
6 | SuexecUserGroup webapps webapps
7 |
8 |
9 |
10 |
11 | ServerName mail.|DOMAIN|
12 | ServerAdmin |ADMIN|
13 | DocumentRoot /var/www/html/roundcube
14 |
15 | SuexecUserGroup webapps webapps
16 |
17 |
18 |
19 |
20 | ServerName mailadmin.|DOMAIN|
21 | ServerAdmin |ADMIN|
22 | DocumentRoot /var/www/html/panel
23 |
24 | SuexecUserGroup webapps webapps
25 |
26 |
27 |
--------------------------------------------------------------------------------
/apache/custom/virtual_host2_secure.conf:
--------------------------------------------------------------------------------
1 | |CUSTOM4|
2 |
--------------------------------------------------------------------------------
/apache/custom/virtual_host2_secure.conf.CUSTOM.4.post:
--------------------------------------------------------------------------------
1 |
2 | ServerName webmail.|DOMAIN|
3 | ServerAdmin |ADMIN|
4 | DocumentRoot /var/www/html/roundcube
5 | SSLEngine on
6 | SSLCertificateFile |CERT|
7 | SSLCertificateKeyFile |KEY|
8 | |CAROOT|
9 |
10 | SuexecUserGroup webapps webapps
11 |
12 |
13 |
14 |
15 | ServerName mail.|DOMAIN|
16 | ServerAdmin |ADMIN|
17 | DocumentRoot /var/www/html/roundcube
18 | SSLEngine on
19 | SSLCertificateFile |CERT|
20 | SSLCertificateKeyFile |KEY|
21 | |CAROOT|
22 |
23 | SuexecUserGroup webapps webapps
24 |
25 |
26 |
27 |
28 | ServerName mailadmin.|DOMAIN|
29 | ServerAdmin |ADMIN|
30 | DocumentRoot /var/www/html/panel
31 | SSLEngine on
32 | SSLCertificateFile |CERT|
33 | SSLCertificateKeyFile |KEY|
34 | |CAROOT|
35 |
36 | SuexecUserGroup webapps webapps
37 |
38 |
39 |
--------------------------------------------------------------------------------
/apache/custom/virtual_host2_sub.conf:
--------------------------------------------------------------------------------
1 | # Cleaned out
2 |
--------------------------------------------------------------------------------
/apache/custom/virtual_host_sub.conf:
--------------------------------------------------------------------------------
1 | # Cleaned out
2 |
--------------------------------------------------------------------------------
/apache/deploy_vhost_templates.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # This will deploy our custom virtual host templates used by DirectAdmin
3 |
4 | # Delete previous templates
5 | for i in $(ls /root/da_server_updates/apache/custom);
6 | do rm -f /usr/local/directadmin/data/templates/custom/$i;
7 | done
8 |
9 | # Deploy new ones
10 | for i in $(ls /root/da_server_updates/apache/custom);
11 | do cp /root/da_server_updates/apache/custom/$i /usr/local/directadmin/data/templates/custom;
12 | done
13 |
14 | # Set ownership
15 | chown diradmin. /usr/local/directadmin/data/templates/custom/*
16 |
17 | # Reset permissions
18 | chmod 0644 /usr/local/directadmin/data/templates/custom/*
19 |
20 | # Rebuild user configs
21 | echo "action=rewrite&value=httpd" >> /usr/local/directadmin/data/task.queue
22 |
--------------------------------------------------------------------------------
/apache/deploymailadmin.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | sed -i 's/letsencrypt_list=mail:webmail/letsencrypt_list=mail:webmail:mailadmin/g' /usr/local/directadmin/conf/directadmin.conf
4 | sed -i 's/letsencrypt_list_selected=mail:webmail/letsencrypt_list_selected=mail:webmail:mailadmin/g' /usr/local/directadmin/conf/directadmin.conf
5 | systemctl restart directadmin
6 |
7 | mkdir /var/www/html/panel
8 | rm -f /var/www/html/panel/.htaccess
9 |
10 | cat >> /var/www/html/panel/.htaccess < 0 )); then
5 | systemctl restart httpd
6 | fi
7 |
--------------------------------------------------------------------------------
/apache/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 | You are not intended to view this page, and it's presence is not intended to be viewed as an error.
4 |
--------------------------------------------------------------------------------
/apache/killuserdir.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | /usr/local/directadmin/custombuild/build set userdir_access no
4 | /usr/local/directadmin/custombuild/build rewrite_confs
5 |
--------------------------------------------------------------------------------
/bin/mxbin:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | curl -F 'sprunge=<-' https://mxbin.io
4 |
--------------------------------------------------------------------------------
/botnetunblock.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Check if running as root
4 | if [[ $EUID -ne 0 ]]; then
5 | echo "This script must be run as root"
6 | exit 1
7 | fi
8 |
9 | # Check if required files exist
10 | if [[ ! -f "/root/da_server_updates/sec/botnet.list" ]]; then
11 | echo "Error: botnet.list not found"
12 | exit 1
13 | fi
14 |
15 | if [[ ! -f "/var/log/exim/mainlog" ]]; then
16 | echo "Error: exim mainlog not found"
17 | exit 1
18 | fi
19 |
20 | # Process each IP
21 | while IFS= read -r ip; do
22 | # Skip empty lines or malformed IPs
23 | if [[ ! $ip =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
24 | continue
25 | fi
26 |
27 | # Check if IP appears in log with "in:"
28 | if grep -F "$ip" /var/log/exim/mainlog | grep -F "in:"; then
29 | # Remove IP from blackhole routing
30 | ip route del blackhole "$ip" 2>/dev/null
31 |
32 | # Add IP to unblock list if not already present
33 | if ! grep -q "^$ip$" /etc/unblockme 2>/dev/null; then
34 | echo "$ip" >> /etc/unblockme
35 | fi
36 |
37 | echo "Processed IP: $ip"
38 | fi
39 | done < "/root/da_server_updates/sec/botnet.list"
40 |
41 | echo "IP processing completed"
42 |
--------------------------------------------------------------------------------
/cpanel/dovecot/dovecot_hook.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | cp -af /root/cptechs/s.bailey/usr/sbin/dovecot_cpshutdown /usr/sbin/dovecot_cpshutdown
3 |
--------------------------------------------------------------------------------
/cpanel/dovecot/usr/sbin/dovecot_cpshutdown:
--------------------------------------------------------------------------------
1 | #!/usr/local/cpanel/3rdparty/bin/perl
2 |
3 | use strict;
4 | use warnings;
5 |
6 | use Time::HiRes ();
7 |
8 | use constant DOVECOT_PROCESS_NAMES => qw(
9 | dovecot
10 | dovecot-auth
11 | dovecot/pop3-login
12 | dovecot/imap-login
13 | dovecot/anvil
14 | dovecot/log
15 | dovecot/config
16 | dovecot/auth
17 | dovecot-wrap
18 | );
19 |
20 | my $MAX_WAIT = 60; #seconds
21 | my $SLEEP_INTERVAL = 0.1;
22 |
23 | my $pidfile = '/var/run/dovecot/master.pid';
24 |
25 | #----------------------------------------------------------------------
26 |
27 | if ( "@ARGV" =~ m<--help> ) {
28 | print < ) {
47 | print "Master Dovecot process = $master_pid\n";
48 | }
49 | else {
50 | warn "Invalid contents in “$pidfile”: [$master_pid]\n";
51 | undef $master_pid;
52 | }
53 | }
54 | elsif ( $!{'ENOENT'} ) {
55 | print "“$pidfile” doesn’t exist!\n";
56 | }
57 | else {
58 | die "open($pidfile): $!";
59 | }
60 |
61 | my @CMD = qw( /usr/sbin/dovecot stop );
62 |
63 | print "Executing “@CMD” …\n";
64 |
65 | my $pid = fork();
66 | die "Failed to fork child process for “@CMD”" if !defined $pid;
67 |
68 | if ( $pid ) {
69 |
70 | print "Waiting $MAX_WAIT seconds for process $pid to end …\n";
71 | my $start = time();
72 |
73 | my $killed;
74 | while ( !waitpid( $pid, 1 ) ) {
75 |
76 | if ( time > ( $start + $MAX_WAIT ) ) {
77 | print "Process $pid has taken over $MAX_WAIT seconds to shut down.\n";
78 | kill 'KILL', $pid;
79 | waitpid($pid, 0);
80 | $killed = 1;
81 | last;
82 | }
83 |
84 | Time::HiRes::sleep($SLEEP_INTERVAL);
85 | }
86 |
87 | # If we killed the dovecot stop command we want to fallthrough to the rest of the shutdown
88 | # but not if it terminated with a legitimate error.
89 | exit 1 if $? && !$killed;
90 | }
91 | else {
92 | exec(@CMD) or die "Failed to run “@CMD”: $!";
93 | }
94 |
95 | print "Done! Waiting $MAX_WAIT seconds for process $master_pid to end …\n";
96 |
97 | if ( length $master_pid ) {
98 | my $start = time();
99 |
100 | my $end;
101 |
102 | while ( !$end ) {
103 | if ( kill 'ZERO', $master_pid ) {
104 | if ( time > ( $start + $MAX_WAIT ) ) {
105 | print "Process $master_pid has taken over $MAX_WAIT seconds to shut down.\n";
106 | _safekill_any_remaining_dovecot_processes();
107 | $end = 1;
108 | }
109 |
110 | Time::HiRes::sleep($SLEEP_INTERVAL);
111 | }
112 | else {
113 | print "Dovecot is now shut down.\n";
114 |
115 | # We may have some stragglers so we
116 | # do a safekill just in case in order to handle:
117 | #
118 | # Case 187449: /etc/init.d/dovecot does not stop
119 | # properly dovecot
120 | #
121 | # When stopping dovecot we are killing some processes
122 | # but a few of them might survive when dovecot-wrap is
123 | # stalled.
124 | _safekill_any_remaining_dovecot_processes();
125 | $end = 1;
126 | }
127 | }
128 | }
129 |
130 | sub _safekill_any_remaining_dovecot_processes {
131 | print "Any remaining Dovecot processes will now be terminated.\n";
132 | system( '/usr/local/cpanel/etc/init/safekill', DOVECOT_PROCESS_NAMES );
133 | }
134 |
135 | 1;
136 |
--------------------------------------------------------------------------------
/cpanel/fixeximstats.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Fix eximstats database
4 |
5 | /scripts/restartsrv_tailwatchd --stop
6 | /scripts/restartsrv_eximstats --stop
7 | find /var/cpanel -name 'eximstats_db*' -exec mv -v {}{,.$(date +%s)} \;
8 | /usr/local/cpanel/bin/updateeximstats
9 | /scripts/import_exim_data /var/log/exim_mainlog
10 | /scripts/slurp_exim_mainlog --force
11 | /scripts/restartsrv_eximstats
12 | /scripts/restartsrv_tailwatchd --start
13 |
--------------------------------------------------------------------------------
/cpanel/fuckmysql.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # What a wonderful MySQL update that required this
3 |
4 | yum downgrade mysql-community-* -y
5 | yum install python3-dnf-plugin-versionlock -y
6 | for i in mysql-community-client mysql-community-client-plugins mysql-community-common mysql-community-devel mysql-community-icu-data-files mysql-community-libs mysql-community-server; do dnf versionlock $i; done
7 |
--------------------------------------------------------------------------------
/crossbox/crossbox-da-skin.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Rename "Communications" menu to "Crossbox Apps" to clarify the division of the assets here
4 |
5 | sed -i 's/Communication/Crossbox Apps/g' /usr/local/directadmin/data/users/mxroute/skin_customizations/evolution/config.json
6 |
--------------------------------------------------------------------------------
/csfgoogle.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Let's make sure Google IPs aren't blocked by automation, we'll monitor for brute force via Google POP3 another way
4 |
5 | for i in $(grep google /etc/csf/csf.deny | awk '{print $1}'); do csf -dr $i; done
6 |
7 | rm -f /etc/csf/csf.ignore
8 | cat >> /etc/csf/csf.ignore <> /usr/local/directadmin/data/templates/custom/virtual_host2.conf.CUSTOM.4.post <
42 |
43 | ServerName webmail.|DOMAIN|
44 | ServerAdmin |ADMIN|
45 | DocumentRoot /var/www/html/roundcube
46 | CustomLog /var/log/httpd/domains/|DOMAIN|.bytes bytes
47 | CustomLog /var/log/httpd/domains/|DOMAIN|.log combined
48 | ErrorLog /var/log/httpd/domains/|DOMAIN|.error.log
49 |
50 | SuexecUserGroup webapps webapps
51 |
52 | EOL
53 |
54 | cat >> /usr/local/directadmin/data/templates/custom/virtual_host2_secure.conf.CUSTOM.4.post <
56 |
57 | ServerName webmail.|DOMAIN|
58 | ServerAdmin |ADMIN|
59 | DocumentRoot /var/www/html/roundcube
60 |
61 | SSLEngine on
62 | SSLCertificateFile |CERT|
63 | SSLCertificateKeyFile |KEY|
64 | |CAROOT|
65 |
66 | CustomLog /var/log/httpd/domains/|DOMAIN|.bytes bytes
67 | CustomLog /var/log/httpd/domains/|DOMAIN|.log combined
68 | ErrorLog /var/log/httpd/domains/|DOMAIN|.error.log
69 |
70 | SuexecUserGroup webapps webapps
71 |
72 | EOL
73 |
74 | # Update custombuild
75 |
76 | cd /usr/local/directadmin
77 | mv custombuild custombuild_1.x
78 | wget -O custombuild.tar.gz http://files.directadmin.com/services/custombuild/2.0/custombuild.tar.gz
79 | tar xvzf custombuild.tar.gz
80 | cd custombuild
81 | ./build
82 | ./build all d
83 | ./build rewrite_confs
84 |
85 | # Set LE defaults
86 |
87 | cd /usr/local/directadmin
88 | ./directadmin set letsencrypt_list mail:webmail
89 | ./directadmin set letsencrypt_list_selected mail:webmail
90 | ./directadmin set letsencrypt_max_requests_per_week 20
91 | ./directadmin set letsencrypt_multidomain_cert 2
92 | ./directadmin set letsencrypt_renewal_success_notice 1
93 |
94 | # Custom RBLs
95 |
96 | cat >> /etc/exim.strings.conf.custom <> conf/directadmin.conf
108 | service directadmin restart
109 | cd custombuild
110 | ./build update
111 | ./build set eximconf yes
112 | ./build set eximconf_release 4.5
113 | ./build set dovecot_conf yes
114 | ./build exim_conf
115 | ./build dovecot_conf
116 |
117 | # DKIM
118 |
119 | cd /usr/local/directadmin
120 | ./directadmin set dkim 1
121 | cd /usr/local/directadmin/custombuild
122 | ./build update
123 | ./build exim
124 | ./build eximconf
125 |
126 | # Webmail one-click
127 |
128 | cd /usr/local/directadmin
129 | ./directadmin set one_click_webmail_login 1
130 | service directadmin restart
131 | cd custombuild
132 | ./build update
133 | ./build dovecot_conf
134 | ./build exim_conf
135 | ./build roundcube
136 |
137 | # CSF Profile
138 | mv /etc/csf/csf.conf /etc/csf/csf.conf.original
139 | wget https://raw.githubusercontent.com/mxroute/da_server_updates/master/csf.conf -P /etc/csf
140 | yum install unzip -y
141 | unzip csf.zip
142 | csf -r
143 |
144 | # Exim plus aliasing
145 |
146 | mkdir -p /etc/exim
147 | cat >> /etc/exim/local_part_suffix.conf <<"EOF"
148 | local_part_suffix = +*
149 | local_part_suffix_optional
150 | EOF
151 |
152 | # SFTP Backups
153 |
154 | yum install sshpass -y
155 | cd /usr/local/directadmin/scripts/custom/
156 | git clone https://github.com/poralix/directadmin-sftp-backups.git
157 | cp -f directadmin-sftp-backups/ftp_download.php ./
158 | cp -f directadmin-sftp-backups/ftp_list.php ./
159 | cp -f directadmin-sftp-backups/ftp_upload.php ./
160 | chmod 700 ftp_*.php
161 | chown diradmin:diradmin ftp_*.php
162 |
163 | # Install rspamd
164 |
165 | cd /usr/local/directadmin/custombuild
166 | ./build update
167 | ./build set eximconf yes
168 | ./build set eximconf_release 4.5
169 | ./build set blockcracking no
170 | ./build set easy_spam_fighter yes
171 | ./build set spamd rspamd
172 | ./build set exim yes
173 | ./build exim
174 | ./build rspamd
175 | ./build exim_conf
176 |
177 | # Custom DA Templates
178 |
179 | mkdir -p /usr/local/directadmin/data/templates/custom
180 | cat >> /usr/local/directadmin/data/templates/custom/mail_settings.html <
182 |
183 |
184 | | |LANG_USERNAME|: | |USER|@|DOMAIN| |
185 | | |LANG_PASSWORD|: | |EMAIL_PASS| |
186 | | |LANG_POP_IMAP|: | $HOSTNAME |
187 | | |LANG_SMTP|: | $HOSTNAME |
188 |
189 | EOL
190 |
191 | # Fix IP session tie
192 |
193 | /usr/local/directadmin/directadmin set disable_ip_check 1 && systemctl restart directadmin
194 |
195 | # Fix WHMCS referrer
196 |
197 | echo "https://accounts.mxroute.com" >> /usr/local/directadmin/data/templates/custom/referer_check.allow
198 | systemctl restart directadmin
199 |
200 | # Deploy ClamAV
201 |
202 | cd /usr/local/directadmin/custombuild
203 | ./build update
204 | ./build set clamav yes
205 | ./build clamav
206 |
207 | # Set DA Admin Pass
208 |
209 | PASS=$(uuidgen)
210 | echo -e "$PASS\n$PASS" | (passwd --stdin admin)
211 | echo "DA Username: admin" >> /root/creds
212 | echo "DA Password: $PASS" >> /root/creds
213 | unset PASS
214 | chmod 600 /root/creds
215 |
216 | # Get packages
217 |
218 | #cd /usr/local/directadmin/data/users/admin
219 | #wget https://config.mxroute.com/deploy/packages.zip
220 | yum install unzip -y
221 | #unzip packages.zip
222 | #for i in $(ls /usr/local/directadmin/data/users/admin/packages); do echo $i >> /usr/local/directadmin/data/users/admin/packages.list; done
223 | #sed -i 's/.pkg//g' /usr/local/directadmin/data/users/admin/packages.list
224 | #chown diradmin. /usr/local/directadmin/data/users/admin/packages.list
225 | #chown -R diradmin. /usr/local/directadmin/data/users/admin/packages
226 |
227 | # Fix admin skin
228 |
229 | sed -i 's/skin=evolution/skin=power_user/g' /usr/local/directadmin/data/users/admin/user.conf
230 |
231 | # Disable DA ticket system
232 |
233 | rm -f /usr/local/directadmin/data/users/admin/ticket.conf
234 | cat >> /usr/local/directadmin/data/users/admin/ticket.conf <<"EOF"
235 | ON=yes
236 | active=no
237 | email=ticketsupport@mxroute.com
238 | html=Follow this link for support.
239 | new=0
240 | newticket=0
241 | EOF
242 | chown diradmin. /usr/local/directadmin/data/users/admin/ticket.conf
243 |
244 | # Set Limits
245 |
246 | echo "0" > /etc/virtual/limit
247 | echo "7200" > /etc/virtual/user_limit
248 |
249 | # Run updates/customizations
250 |
251 | sh /root/da_server_updates/exim/update_exim.sh
252 | sh /root/da_server_updates/roundcube/update_roundcube.sh
253 | sh /root/da_server_updates/rspamd/update_rspamd.sh
254 |
255 | # Install template customizations
256 |
257 | sh /root/da_server_updates/directadmin/updatetheme.sh
258 |
259 | # Finisher
260 |
261 | echo "Don't forget to add $IP4 to the filter servers and install Crossbox"
262 |
--------------------------------------------------------------------------------
/deploy_updates.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Get rid of the last batch
4 | rm -rf /root/da_server_updates
5 |
6 | # Get 'er done
7 | cd /root && git clone https://github.com/mxroute/da_server_updates
8 |
--------------------------------------------------------------------------------
/directadmin/bubblewrap.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | /usr/local/directadmin/custombuild/build update
4 | /usr/local/directadmin/custombuild/build bubblewrap
5 |
--------------------------------------------------------------------------------
/directadmin/configure_disk_usage.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Define constants
4 | CONFIG_FILE="/usr/local/directadmin/conf/directadmin.conf"
5 | SEARCH_STRING="disk_usage_suspend"
6 | APPEND_STRING="disk_usage_suspend=1"
7 |
8 | # Function to log messages
9 | log_message() {
10 | echo "[$(date '+%Y-%m-%d %H:%M:%S')] $1"
11 | }
12 |
13 | # Check if running as root
14 | if [[ $EUID -ne 0 ]]; then
15 | log_message "Error: This script must be run as root"
16 | exit 1
17 | fi
18 |
19 | # Check if config file exists
20 | if [[ ! -f "$CONFIG_FILE" ]]; then
21 | log_message "Error: Configuration file $CONFIG_FILE not found"
22 | exit 1
23 | fi
24 |
25 | # Check if file is readable
26 | if [[ ! -r "$CONFIG_FILE" ]]; then
27 | log_message "Error: Cannot read configuration file $CONFIG_FILE"
28 | exit 1
29 | fi
30 |
31 | # Check if file is writable
32 | if [[ ! -w "$CONFIG_FILE" ]]; then
33 | log_message "Error: Cannot write to configuration file $CONFIG_FILE"
34 | exit 1
35 | fi
36 |
37 | # Search for the string in the config file
38 | if grep -q "^${SEARCH_STRING}" "$CONFIG_FILE"; then
39 | log_message "Setting '$SEARCH_STRING' already exists in $CONFIG_FILE"
40 | exit 0
41 | else
42 | # Append the string to the file
43 | log_message "Appending '$APPEND_STRING' to $CONFIG_FILE"
44 | echo "$APPEND_STRING" >> "$CONFIG_FILE"
45 |
46 | if [[ $? -ne 0 ]]; then
47 | log_message "Error: Failed to append to $CONFIG_FILE"
48 | exit 1
49 | fi
50 |
51 | # Restart DirectAdmin
52 | log_message "Restarting DirectAdmin services"
53 | killall -9 directadmin
54 | systemctl restart directadmin
55 |
56 | if [[ $? -ne 0 ]]; then
57 | log_message "Error: Failed to restart DirectAdmin services"
58 | exit 1
59 | fi
60 |
61 | log_message "Configuration updated and services restarted successfully"
62 | fi
63 |
64 | exit 0
65 |
--------------------------------------------------------------------------------
/directadmin/customtemplates.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | for i in $(ls /root/da_server_updates/directadmin/templates/custom); do rm -f /usr/local/directadmin/data/templates/custom/$i && cp /root/da_server_updates/directadmin/templates/custom/$i /usr/local/directadmin/data/templates/custom; done
4 |
5 | mkdir -p /usr/local/directadmin/data/templates/custom
6 | chown -R diradmin. /usr/local/directadmin/data/templates/custom
7 | chmod 0644 /usr/local/directadmin/data/templates/custom/*
8 |
--------------------------------------------------------------------------------
/directadmin/dovecotquotafix.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | config_file="/usr/local/directadmin/conf/directadmin.conf"
4 |
5 | # Remove the line "pop_disk_usage_cache=1" if it exists
6 | sed -i '/^pop_disk_usage_cache=1$/d' "$config_file"
7 |
8 | # Check if the line "pop_disk_usage_dovecot_quota=0" exists
9 | if grep -q "^pop_disk_usage_dovecot_quota=0$" "$config_file"; then
10 | # Change the line to "pop_disk_usage_dovecot_quota=1"
11 | sed -i 's/^pop_disk_usage_dovecot_quota=0$/pop_disk_usage_dovecot_quota=1/' "$config_file"
12 | else
13 | # Check if the line "pop_disk_usage_dovecot_quota" exists at all
14 | if ! grep -q "^pop_disk_usage_dovecot_quota" "$config_file"; then
15 | # Add the line "pop_disk_usage_dovecot_quota=1" to the end of the file
16 | echo "pop_disk_usage_dovecot_quota=1" >> "$config_file"
17 | fi
18 | fi
19 |
20 | # Restart the directadmin service
21 | systemctl restart directadmin
22 |
--------------------------------------------------------------------------------
/directadmin/emailaudit.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | find /var/log/directadmin -name "emailaudit.log" -delete
4 | grep "created by" /var/log/directadmin/system.log | grep Email | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | sort | uniq -c | sort -n | tail -10 >> /var/log/directadmin/emailaudit.log
5 |
--------------------------------------------------------------------------------
/directadmin/evolution/files/menu-v2.json:
--------------------------------------------------------------------------------
1 | {
2 | "user": {
3 | "appends": {
4 | "entries": [
5 | {
6 | "id": "ud-afterlogic",
7 | "category": "extra-features",
8 | "enabled": true,
9 | "position": 3,
10 | "name": "Afterlogic",
11 | "icon": "roundcube",
12 | "href": "https://|HOSTNAME|/afterlogic",
13 | "newTab": true
14 | },
15 | {
16 | "id": "ud-snappy",
17 | "category": "extra-features",
18 | "enabled": true,
19 | "position": 4,
20 | "name": "Snappy",
21 | "icon": "roundcube",
22 | "href": "https://|HOSTNAME|/snappy",
23 | "newTab": true
24 | },
25 | {
26 | "id": "ud-crossbox",
27 | "category": "extra-features",
28 | "enabled": true,
29 | "position": 5,
30 | "name": "Crossbox",
31 | "icon": "default",
32 | "href": "https://mail.mxlogin.com",
33 | "newTab": true
34 | }
35 | ],
36 | "categories": []
37 | },
38 | "updates": {
39 | "entries": {
40 | "/user/dns": {
41 | "name": "DKIM Keys (ONLY use DKIM key here)",
42 | "newTab": false
43 | },
44 | "/user/ftp-accounts": {
45 | "enabled": false,
46 | "newTab": false
47 | },
48 | "/user/database": {
49 | "enabled": false,
50 | "newTab": false
51 | },
52 | "/user/redirects": {
53 | "enabled": false,
54 | "newTab": false
55 | },
56 | "/user/hotlinks": {
57 | "enabled": false,
58 | "newTab": false
59 | },
60 | "/user/php-settings": {
61 | "enabled": false,
62 | "newTab": false
63 | },
64 | "/user/email/autoresponders": {
65 | "enabled": false
66 | },
67 | "/user/email/vacations": {
68 | "enabled": false
69 | },
70 | "/user/email/spamassassin": {
71 | "name": "Spam Filter Config",
72 | "newTab": false
73 | },
74 | "/user/email/filters": {
75 | "name": "Exim Filters (Limited use case)",
76 | "newTab": false
77 | },
78 | "/user/email/lists": {
79 | "enabled": false,
80 | "newTab": false
81 | },
82 | "/user/dns/mx-records": {
83 | "name": "Email Routing",
84 | "newTab": false
85 | },
86 | "/user/handlers": {
87 | "enabled": false,
88 | "newTab": false
89 | },
90 | "/user/backup": {
91 | "enabled": false,
92 | "newTab": false
93 | },
94 | "/user/cronjobs": {
95 | "enabled": false,
96 | "newTab": false
97 | },
98 | "/user/error-pages": {
99 | "enabled": false,
100 | "newTab": false
101 | },
102 | "/user/mimetypes": {
103 | "enabled": false,
104 | "newTab": false
105 | },
106 | "/user/protected-directories": {
107 | "enabled": false,
108 | "newTab": false
109 | },
110 | "/user/ssh-keys": {
111 | "enabled": false,
112 | "newTab": false
113 | },
114 | "/user/modsecurity": {
115 | "enabled": false,
116 | "newTab": false
117 | },
118 | "/user/unit": {
119 | "enabled": false,
120 | "newTab": false
121 | },
122 | "/user/nginx-templates": {
123 | "enabled": false,
124 | "newTab": false
125 | },
126 | "/user/redis": {
127 | "enabled": false,
128 | "newTab": false
129 | },
130 | "/user/git-version": {
131 | "enabled": false,
132 | "newTab": false
133 | },
134 | "/user/wordpress": {
135 | "enabled": false,
136 | "newTab": false
137 | },
138 | "/user/clamav": {
139 | "enabled": false,
140 | "newTab": false
141 | },
142 | "squirrelmail": {
143 | "enabled": false,
144 | "newTab": false
145 | },
146 | "roundcube": {
147 | "name": "Roundcube",
148 | "newTab": false
149 | },
150 | "/phpmyadmin": {
151 | "enabled": false,
152 | "newTab": false
153 | }
154 | },
155 | "categories": {
156 | "system-information": {
157 | "enabled": false
158 | },
159 | "extra-features": {
160 | "name": "Webmail"
161 | },
162 | "support-help": {
163 | "enabled": false
164 | }
165 | }
166 | },
167 | "pluginsMountCategory": "extra-features"
168 | },
169 | "reseller": {
170 | "updates": {
171 | "categories": {},
172 | "entries": {}
173 | },
174 | "appends": {
175 | "categories": [],
176 | "entries": []
177 | }
178 | },
179 | "admin": {
180 | "updates": {
181 | "categories": {},
182 | "entries": {}
183 | },
184 | "appends": {
185 | "categories": [],
186 | "entries": []
187 | }
188 | }
189 | }
190 |
--------------------------------------------------------------------------------
/directadmin/evolution/files/options-v3.json:
--------------------------------------------------------------------------------
1 | {
2 | "skin/layout": "sidebar",
3 | "skin/disable-route-transitions": false,
4 | "standard-2021-layout/show-user-blocks": true,
5 | "sidebar-layout/force-white-sidebar-header": false,
6 | "simple-layout/navigation/display-type": "grid",
7 | "standard-2021-layout/dashboard-type": "widgets",
8 | "locked/force-layout-for-users": true,
9 | "locked/external-style-file": ""
10 | }
11 |
--------------------------------------------------------------------------------
/directadmin/evolution/user_options.json:
--------------------------------------------------------------------------------
1 | {"da:options/standard-2021-layout/frequent-routes":"[[\"/user/email/accounts\",1307],[\"/user/email/filters\",66]]"}
2 |
--------------------------------------------------------------------------------
/directadmin/fix_domain_ownership.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Log file for operations
4 | LOG_FILE="/var/log/domain_ownership_fix.log"
5 |
6 | # Function to log messages
7 | log_message() {
8 | echo "$(date '+%Y-%m-%d %H:%M:%S') - $1" | tee -a "$LOG_FILE"
9 | }
10 |
11 | # Check if running as root
12 | if [[ $EUID -ne 0 ]]; then
13 | log_message "Error: This script must be run as root"
14 | exit 1
15 | fi
16 |
17 | # Check if the users directory exists
18 | if [[ ! -d "/usr/local/directadmin/data/users" ]]; then
19 | log_message "Error: DirectAdmin users directory not found"
20 | exit 1
21 | fi
22 |
23 | # Initialize counters
24 | processed_items=0
25 | cert_files_processed=0
26 | error_count=0
27 |
28 | # Process each user
29 | log_message "Starting ownership fix process..."
30 |
31 | for USER in $(ls /usr/local/directadmin/data/users); do
32 | user_domain_dir="/usr/local/directadmin/data/users/$USER/domains"
33 |
34 | if [[ -d "$user_domain_dir" ]]; then
35 | log_message "Processing domains directory for user: $USER"
36 |
37 | # First, handle certificate and key files
38 | while IFS= read -r -d '' file; do
39 | if chown diradmin:access "$file" 2>/dev/null; then
40 | cert_files_processed=$((cert_files_processed + 1))
41 | log_message "Set special ownership for: $file"
42 | else
43 | error_count=$((error_count + 1))
44 | log_message "Error: Failed to set special ownership for: $file"
45 | fi
46 | done < <(find "$user_domain_dir" -type f \( \
47 | -name "*.cacert" -o \
48 | -name "*.cert" -o \
49 | -name "*.cert.combined" -o \
50 | -name "*.key" -o \
51 | -name "*.cert.creation_time" \
52 | \) -print0)
53 |
54 | # Then handle all remaining files and directories
55 | while IFS= read -r -d '' item; do
56 | # Skip files that we already processed above
57 | if [[ "$item" =~ \.(cacert|cert|cert\.combined|key|cert\.creation_time)$ ]]; then
58 | continue
59 | fi
60 |
61 | if chown diradmin:diradmin "$item" 2>/dev/null; then
62 | processed_items=$((processed_items + 1))
63 | else
64 | error_count=$((error_count + 1))
65 | log_message "Error: Failed to process: $item"
66 | fi
67 | done < <(find "$user_domain_dir" -print0)
68 |
69 | log_message "Completed processing for user $USER"
70 | else
71 | log_message "Warning: Domains directory not found for user $USER"
72 | fi
73 | done
74 |
75 | # Print summary
76 | log_message "Process completed:"
77 | log_message "Total regular items processed: $processed_items"
78 | log_message "Total certificate/key files processed: $cert_files_processed"
79 | log_message "Total errors encountered: $error_count"
80 |
81 | exit 0
82 |
--------------------------------------------------------------------------------
/directadmin/fixdns.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # This script is designed to force our SPF record into DirectAdmin DNS zones
3 | # For two reasons:
4 | # 1. DA ignores our attempts to edit the templates for this.
5 | # 2. Despite adding "ONLY USE DKIM KEYS HERE" and begging people to read their new service email, EVERY SINGLE NEW CUSTOMER ignores the welcome email, ignores the warning, and takes the default SPF record from the DA DNS page.
6 |
7 | # Get the public facing IP address of the server and assign it to "IPADDR" variable
8 | IPADDR=$(curl -s http://whatismyip.akamai.com/)
9 |
10 | # Replace "ip4:$IPADDR" with "include:mxroute.com" in all .db files in /etc/bind
11 | sed -i "s/ip4:$IPADDR/include:mxroute.com/g" /etc/bind/*.db
12 | sed -i "s/ip4:$IPADDR/include:mxroute.com/g" /var/named/*.db
13 |
14 | # Now we pray to every god in history that we never have to speak of this again.
15 |
--------------------------------------------------------------------------------
/directadmin/killautoresponders.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Kill autoresponders created with DirectAdmin
4 |
5 | DOMAINLIST=$(cat /etc/virtual/domains)
6 | for i in $DOMAINLIST
7 | do
8 | rm -f /etc/virtual/$i/autoresponder.conf
9 | touch /etc/virtual/$i/autoresponder.conf
10 | chown mail. /etc/virtual/$i/autoresponder.conf
11 | chmod 0600 /etc/virtual/$i/autoresponder.conf
12 | rm -f /etc/virtual/$i/reply/*
13 | done
14 |
15 | # Kill the ability to create autoresponders with Roundcube
16 |
17 | sed -i "s/\$config\['managesieve_vacation'\] = 1/\$config\['managesieve_vacation'\] = 0/" /var/www/html/roundcube/plugins/managesieve/config.inc.php
18 |
--------------------------------------------------------------------------------
/directadmin/localoff.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Function to validate the domain format
4 | validate_domain() {
5 | if [[ "$1" =~ ^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9]\.[a-zA-Z]{2,}$ ]]; then
6 | return 0 # Valid
7 | else
8 | return 1 # Invalid
9 | fi
10 | }
11 |
12 | # ***** MAIN SCRIPT LOGIC *****
13 |
14 | # Check for correct number of arguments
15 | if [ "$#" -ne 1 ]; then
16 | echo "Usage: $0 "
17 | exit 1
18 | fi
19 |
20 | domain="$1"
21 |
22 | # Validate domain format
23 | validate_domain "$domain"
24 | if [ $? -ne 0 ]; then
25 | echo "Invalid domain format."
26 | exit 1
27 | fi
28 |
29 | # Remove the domain from /etc/virtual/domains
30 | # (Make sure this is the correct path for your system)
31 | if grep -qFx "$domain" /etc/virtual/domains; then
32 | echo "Removing domain: $domain"
33 | sed -i "/$domain/d" /etc/virtual/domains
34 |
35 | else
36 | echo "Domain not found in /etc/virtual/domains"
37 | fi
38 |
--------------------------------------------------------------------------------
/directadmin/localon.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Function to validate the domain format
4 | validate_domain() {
5 | if [[ "$1" =~ ^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9]\.[a-zA-Z]{2,}$ ]]; then
6 | return 0 # Valid
7 | else
8 | return 1 # Invalid
9 | fi
10 | }
11 |
12 | # ***** MAIN SCRIPT LOGIC *****
13 |
14 | # Check for correct number of arguments
15 | if [ "$#" -ne 1 ]; then
16 | echo "Usage: $0 "
17 | exit 1
18 | fi
19 |
20 | domain="$1"
21 |
22 | # Validate domain format
23 | validate_domain "$domain"
24 | if [ $? -ne 0 ]; then
25 | echo "Invalid domain format."
26 | exit 1
27 | fi
28 |
29 | # Add the domain to /etc/virtual/domains
30 | # (Make sure this is the correct path for your system)
31 | if ! grep -qFx "$domain" /etc/virtual/domains; then
32 | echo "Adding domain: $domain"
33 | echo "$domain" >> /etc/virtual/domains
34 |
35 | else
36 | echo "Domain already exists in /etc/virtual/domains"
37 | fi
38 |
--------------------------------------------------------------------------------
/directadmin/pop_disk_usage_cache.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | config_file="/usr/local/directadmin/conf/directadmin.conf"
4 | search_string="pop_disk_usage_cache"
5 | new_line="pop_disk_usage_cache=1"
6 |
7 | # Check if the string exists in the file
8 | if grep -q "$search_string" "$config_file"; then
9 | echo "Pop usage disk cache already enabled."
10 | else
11 | # Append the new line to the file
12 | echo "$new_line" >> "$config_file"
13 |
14 | # Restart the service
15 | systemctl restart directadmin
16 |
17 | echo "Pop usage disk cache enabled."
18 | fi
19 |
--------------------------------------------------------------------------------
/directadmin/renew_ssl_certs.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Set the log file path
4 | LOG_FILE="/var/log/letsencrypt/$(date +%Y-%m-%d).log"
5 |
6 | # Function to check certificate expiration
7 | check_cert_expiration() {
8 | local domain="$1"
9 | local timeout_duration=10 # Timeout in seconds
10 | local expiration_date
11 | local debug_output
12 |
13 | debug_output=$(timeout $timeout_duration bash -c "openssl s_client -servername $domain -connect $domain:443 &1 | openssl x509 -noout -enddate 2>&1")
14 | expiration_date=$(echo "$debug_output" | grep "notAfter=" | cut -d= -f2)
15 |
16 | if [ -z "$expiration_date" ]; then
17 | echo "Error: Unable to fetch expiration date for $domain" >> "$LOG_FILE"
18 | echo "Debug output:" >> "$LOG_FILE"
19 | echo "$debug_output" >> "$LOG_FILE"
20 | return 1
21 | fi
22 |
23 | local expiration_epoch=$(date -d "$expiration_date" +%s 2>/dev/null)
24 | if [ $? -ne 0 ]; then
25 | echo "Error: Invalid date format received for $domain" >> "$LOG_FILE"
26 | echo "Expiration date: $expiration_date" >> "$LOG_FILE"
27 | return 1
28 | fi
29 |
30 | local current_epoch=$(date +%s)
31 | local days_until_expiry=$(( (expiration_epoch - current_epoch) / 86400 ))
32 | echo $days_until_expiry
33 | }
34 |
35 | # Function to renew certificate
36 | renew_cert() {
37 | local domain="$1"
38 | local output=$(/usr/local/directadmin/scripts/letsencrypt.sh renew "$domain" secp384r1)
39 | echo "$output"
40 | if [[ $output == *"has been created successfully!"* ]]; then
41 | echo "Certificate for $domain has been renewed successfully." >> "$LOG_FILE"
42 | else
43 | echo "Certificate renewal for $domain failed. Output: $output" >> "$LOG_FILE"
44 | fi
45 | }
46 |
47 | # Function to test network connectivity
48 | test_network() {
49 | if ! ping -c 1 -W 5 8.8.8.8 > /dev/null 2>&1; then
50 | echo "Error: Network connectivity issue detected." >> "$LOG_FILE"
51 | return 1
52 | fi
53 | return 0
54 | }
55 |
56 | # Main script
57 | echo "SSL Certificate Renewal Process - $(date)" > "$LOG_FILE"
58 |
59 | # Test network connectivity
60 | if ! test_network; then
61 | echo "Exiting due to network connectivity issues." >> "$LOG_FILE"
62 | exit 1
63 | fi
64 |
65 | while read -r ROOTDOMAIN; do
66 | echo "Checking $ROOTDOMAIN..." >> "$LOG_FILE"
67 |
68 | for SUBDOMAIN in "mail" "webmail" "mailadmin"; do
69 | FULLDOMAIN="${SUBDOMAIN}.${ROOTDOMAIN}"
70 | echo "Checking $FULLDOMAIN..." >> "$LOG_FILE"
71 |
72 | if ! nc -z -w5 $FULLDOMAIN 443 2>/dev/null; then
73 | echo "Error: Unable to connect to $FULLDOMAIN on port 443" >> "$LOG_FILE"
74 | continue
75 | fi
76 |
77 | DAYS_UNTIL_EXPIRY=$(check_cert_expiration "$FULLDOMAIN")
78 |
79 | if [ $? -ne 0 ]; then
80 | echo "Skipping $FULLDOMAIN due to error in checking expiration." >> "$LOG_FILE"
81 | continue
82 | fi
83 |
84 | if [ "$DAYS_UNTIL_EXPIRY" -le 30 ]; then
85 | echo "$FULLDOMAIN expires in $DAYS_UNTIL_EXPIRY days. Renewing..." >> "$LOG_FILE"
86 | renew_cert "$ROOTDOMAIN"
87 | break # Only need to renew once per root domain
88 | else
89 | echo "$FULLDOMAIN expires in $DAYS_UNTIL_EXPIRY days. No action needed." >> "$LOG_FILE"
90 | fi
91 | done
92 | done < <(ls /etc/dovecot/conf/sni | sed 's/.conf//')
93 |
94 | # Reload services
95 | systemctl reload httpd && systemctl reload dovecot && systemctl reload exim
96 | echo "Services reloaded: httpd, dovecot, exim" >> "$LOG_FILE"
97 |
98 | echo "SSL Certificate Renewal Process Completed - $(date)" >> "$LOG_FILE"
99 |
--------------------------------------------------------------------------------
/directadmin/scripts/custom/domain_create_post.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | echo "A domain was created: $domain for user $username" >> /var/log/domain_create.log
4 |
5 | exit 0
6 |
--------------------------------------------------------------------------------
/directadmin/templates/custom/dns_a.conf:
--------------------------------------------------------------------------------
1 | |*if IS_IPV6!="yes"|
2 | |*endif|
3 |
--------------------------------------------------------------------------------
/directadmin/templates/custom/dns_mx.conf:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/directadmin/templates/custom/dns_txt.conf:
--------------------------------------------------------------------------------
1 | |DOMAIN|.="v=spf1 include:mxroute.com -all"
2 |
--------------------------------------------------------------------------------
/directadmin/templates/custom/forbidden_domains.list:
--------------------------------------------------------------------------------
1 | getlacadconsulting.com
2 | golacadconsulting.com
3 | lacadconsult.com
4 | lacadconsultingco.com
5 | lacadconsultingnow.com
6 | thelacadconsulting.com
7 | trylacadconsulting.com
8 | teamdigiforce.com
9 | digitalforceai.com
10 | digiforceai.com
11 | aidigitalforce.com
12 | teamdigitalforce.com
13 | tuta.com
14 | t-mobile.com
15 | x.com
16 | uae2ae.com
17 | 123mail.org
18 | 126.com
19 | 139.com
20 | 150mail.com
21 | 150ml.com
22 | 163.com
23 | 163.net
24 | 163vip.com
25 | 1688.com
26 | 16mail.com
27 | 16record.my.id
28 | 188.com
29 | 189.cn
30 | 2-mail.com
31 | 2degrees.nz
32 | 30gigs.com
33 | 360.cn
34 | 360buy.com
35 | 37signals.com
36 | 4cloverpromotion.com
37 | 4email.net
38 | 50mail.com
39 | aadib.net
40 | aave-v3.net
41 | aavestore.com
42 | about.com
43 | adfly.com
44 | adobe.co.ua
45 | adobe.com
46 | adobecloud.co.ua
47 | adultfriendfinder.com
48 | aeoncardmarket.com
49 | airdropackage.com
50 | airpost.net
51 | alansantana.trade
52 | alibaba.com
53 | alibabacloud.com
54 | alipay.com
55 | aliexpress.com
56 | allegro.pl
57 | icb.lk
58 | allmail.net
59 | allrecipes.com
60 | amazon.co.jp
61 | amazon.co.uk
62 | amazon.com
63 | amazon.de
64 | amazonsescloud.cloud
65 | americaexpress.actor
66 | americaexpress.cards
67 | americaexpress.express
68 | americaexpress.info
69 | americaexpress.online
70 | amexicaexpress.com
71 | anadibamk.com
72 | asana.com
73 | atlassian.com
74 | aol.biz.ua
75 | aol.co.ua
76 | aol.com
77 | aolmail.com
78 | apartments.com
79 | apple.com
80 | ask.com
81 | asianmails.com
82 | asuransiproteksiku.com
83 | atesmedyamarketing.com.tr
84 | att.com
85 | att.net
86 | aussiemail.com.au
87 | aussimail.com.au
88 | avg.com
89 | azure.com
90 | azurewebsites.net
91 | babylon.com
92 | baidu.com
93 | bankofamerica.com
94 | banyakstell.xyz
95 | basecamp.com
96 | bbc.co.uk
97 | bbc.co.ul
98 | bbc.com
99 | bestbuy.com
100 | betterknowsofisti.site
101 | biliwin.info
102 | bing.com
103 | bismillahresult.com
104 | bisnisterukur.com
105 | bk.ru
106 | blessedans.com.br
107 | bloghomenococo82.wiki
108 | blogger.com
109 | blogspot.com
110 | blogspot.in
111 | bluebottle.com
112 | boardermail.com
113 | boohmail.com
114 | boveda-creativa.com
115 | box.com
116 | britannica.com
117 | brodisbigproblem2.xyz
118 | bulbagarden.net
119 | businessinsider.com
120 | buyvm.net
121 | bytedancesg.com
122 | ca.gov
123 | canada.com
124 | canoemail.com
125 | capitalone.com
126 | cashette.com
127 | cbssports.com
128 | cdc.gov
129 | ceedoo.social
130 | chase.com
131 | chase.us
132 | cisco.com
133 | clickup.com
134 | cloud.biz.ua
135 | cloudflare.com
136 | cloudfiares.com
137 | cloudlinux.com
138 | cloudmaily.com
139 | clubhouse.com
140 | cluemail.com
141 | cnbc.com
142 | cnet.com
143 | cnn.com
144 | coinbase.com
145 | comcast.net
146 | comm.associati-ontraining.cloud
147 | comm.balmoralsites.online
148 | comm.cloudforensicsolution.online
149 | comm.instadeliver.tech
150 | comm.marketresearchfuture.in
151 | comm.mrfrmarkets.com
152 | comm.technoprotctline.tech
153 | conduit.com
154 | conversion-dude.click
155 | conversion-dude.info
156 | conversion-dude.lat
157 | conversion-dude.live
158 | conversion-dude.one
159 | conversion-dude.online
160 | conversion-dude.org
161 | conversion-dude.pro
162 | conversion-dude.store
163 | conversion-dude.xyz
164 | costco.com
165 | coua.co.ua
166 | cpanel.net
167 | craigslist.org
168 | cryptosolmail.com
169 | cryptosolmail.online
170 | dailymotion.com
171 | danayote.mx
172 | darey.io
173 | dareyio.com
174 | dashifymail.com
175 | data-pratamaco.com
176 | data-pratamaco.my.id
177 | dbzmail.com
178 | dell.com
179 | dependablehomesolutions.net
180 | deviantart.com
181 | devillucifer.com
182 | dictionary.com
183 | didiglobal.com
184 | digg.com
185 | digitalocean.com
186 | digitalpoint.com
187 | directadmin.com
188 | direktoriperusahaan.my.id
189 | discord.com
190 | discuss.com.hk
191 | domain.com
192 | dongo.com
193 | download.com
194 | e2umail.com
195 | ebay.co.uk
196 | ebay.com
197 | ebay.de
198 | eclipseaircharter.com
199 | elai-agency.com
200 | elaiagency.co
201 | elaiagency.com
202 | elaiagancy.com
203 | elaiconsultancy.com
204 | elaifirm.com
205 | elaiinc.com
206 | elaimediaagency.com
207 | elaimedya.com
208 | elite-digital.cloud
209 | elite-digital.live
210 | elite-digital.site
211 | elite-digital.website
212 | elitedigital.cloud
213 | elitedigital.digital
214 | elitemail.org
215 | emailaccount.com
216 | emailcorner.net
217 | emailengine.net
218 | emailengine.org
219 | emailgroups.net
220 | emailplus.org
221 | emails.biz.ua
222 | emailuser.net
223 | eml.cc
224 | en.wikipedia.org
225 | enroblo.com
226 | espn.com
227 | espn.go.com
228 | etsy.com
229 | everybodycarry.com
230 | exionmail.com
231 | expedia.com
232 | f-m.fm
233 | facebook.co.ua
234 | facebook.com
235 | facebookmail.co.ua
236 | fandom.com
237 | fast-email.com
238 | fast-mail.org
239 | fastem.com
240 | fastermail.com
241 | fastemailer.com
242 | fastest.cc
243 | fastimap.com
244 | fastmail.biz.ua
245 | fastmail.cn
246 | fastmail.co.ua
247 | fastmail.co.uk
248 | fastmail.com
249 | fastmail.com.au
250 | fastmail.de
251 | fastmail.es
252 | fastmail.fm
253 | fastmail.fr
254 | fastmail.im
255 | fastmail.in
256 | fastmail.jp
257 | fastmail.mx
258 | fastmail.net
259 | fastmail.nl
260 | fastmail.org
261 | fastmail.se
262 | fastmail.to
263 | fastmail.tw
264 | fastmail.uk
265 | fastmailbox.net
266 | fastmailtoday.pro
267 | fastmessaging.com
268 | fastpeak.cc
269 | fastpeak.club
270 | fastpeak.net
271 | fastpeak.top
272 | fastpeak.xyz
273 | fastweb.co.ua
274 | fc2.com
275 | fea.st
276 | federalemail.us
277 | federalmarketing.us
278 | fedex.com
279 | finance.yahoo.com
280 | flickr.com
281 | fliggy.com
282 | fmail.co.uk
283 | fmailbox.com
284 | fmgirl.com
285 | fmguy.com
286 | foodnetwork.com
287 | forbes.com
288 | fotolog.net
289 | foxmail.co.ua
290 | foxmail.com
291 | foxnews.com
292 | frantech.ca
293 | freemail.co.ua
294 | freenet.de
295 | friendster.com
296 | ftml.net
297 | futurecertificadora.com.br
298 | futuresolucoes.com.br
299 | gamepedia.com
300 | genius.com
301 | geocities.com
302 | getbearworks.com
303 | getonixlab.com
304 | getonixlab.net
305 | gfxshirts.co
306 | gfxteam.co
307 | github.co.ua
308 | git-scm.com
309 | glassdoor.com
310 | globo.com
311 | glowofindia.com
312 | gmail.co.ua
313 | gmail.com
314 | gmx.at
315 | gmx.biz.ua
316 | gmx.ch
317 | gmx.co.uk
318 | gmx.com
319 | gmx.de
320 | gmx.fr
321 | gmx.net
322 | go.com
323 | go2.pl
324 | gobearworks.com
325 | godaddy.com
326 | gogfx.co
327 | gogodogo.art
328 | gogodogo.today
329 | gogodogo.xyz
330 | google.be
331 | google.ca
332 | google.co.id
333 | google.co.il
334 | google.co.in
335 | google.co.jp
336 | google.co.uk
337 | google.com
338 | google.com.au
339 | google.com.br
340 | google.com.hk
341 | google.com.mx
342 | google.com.tr
343 | google.de
344 | google.es
345 | google.fr
346 | google.it
347 | google.nl
348 | google.pl
349 | google.ru
350 | googleusercontent.com
351 | gpromosinc.com
352 | grupophx.co
353 | hailmail.net
354 | handymar.com
355 | hao123.com
356 | haubibibi.lol
357 | havefungg.homes
358 | healthline.com
359 | heavenlyinbox.com
360 | hey.com
361 | hi5.com
362 | homedepot.com
363 | hostinger.com
364 | hostingcrypto.biz
365 | hostingcrypto.site
366 | hotmail.biz.ua
367 | hotmail.co.jp
368 | hotmail.com
369 | hp.com
370 | hrgspot.biz.id
371 | huawei.com
372 | hush.com
373 | hushmail.com
374 | ibm.com
375 | icloud.co.ua
376 | icloud.com
377 | icloud.me
378 | icq.com
379 | icqmail.com
380 | ifeng.com
381 | ig.com.br
382 | ign.com
383 | imageavenue.com
384 | localhost.local
385 | localhost.localdomain
386 | imap-mail.com
387 | imap.cc
388 | imapmail.org
389 | imdb.com
390 | imgur.com
391 | imunify360.com
392 | inbox.ru
393 | indeed.com
394 | inoutbox.com
395 | instagram.com
396 | intel.com
397 | inteligo.com.pl
398 | inteligo.pl
399 | interia.eu
400 | interia.pl
401 | internet-e-mail.com
402 | internet-mail.org
403 | internetemails.net
404 | internetmailing.net
405 | investopedia.com
406 | irs.gov
407 | jbmc-software.com
408 | jd.com
409 | jetemail.net
410 | jira.com
411 | johnston-marketing.co.uk
412 | juno.com
413 | justemail.net
414 | jwfclimited.com
415 | kcp-idn.com
416 | kerenabis1.xyz
417 | khanacademy.org
418 | kitovinvestment.com
419 | kittymail.com
420 | kogan.co.nz
421 | kogan.com
422 | koganmobile.co.nz
423 | koganmobile.com.au
424 | leadsqb2b.com
425 | letterboxes.org
426 | linkedin.co.ua
427 | linkedin.com
428 | linode.com
429 | linuxmail.org
430 | list.ru
431 | live.com
432 | live.jp
433 | livedoor.com
434 | livejasmin.com
435 | livejournal.com
436 | loker2024-pertamina.com
437 | lossbloss.art
438 | lossbloss.live
439 | lossbloss.pro
440 | lossbloss.today
441 | lossbloss.xyz
442 | lowes.com
443 | luciferchloe.com
444 | lulupay.com.my
445 | lulupay.my
446 | luminatimails.com
447 | lycos.co.ua
448 | lycos.com
449 | macys.com
450 | madeeasy.mu
451 | mahesaadidayagrup.my.id
452 | mail-central.com
453 | mail-page.com
454 | mail.com
455 | mail.quarismail.com
456 | mail.ru
457 | mail.yahoo.com
458 | mail2web.com
459 | mail2world.com
460 | mailas.com
461 | mailbolt.com
462 | mailc.net
463 | mailcan.com
464 | maildale.info
465 | maildale.life
466 | maildale.shop
467 | mailfinserv.com
468 | mailfence.co.ua
469 | mailforce.net
470 | mailhaven.com
471 | mailifies.com
472 | mailinator.com
473 | mailingaddress.org
474 | mailite.com
475 | mailmight.com
476 | mailnew.com
477 | mailonetwo3.online
478 | mailpostings.com
479 | mailsent.net
480 | mailservice.ms
481 | mailsinair.com
482 | mailsland.com
483 | mailup.net
484 | mailwebly.com
485 | mailworks.org
486 | mailydaily.com
487 | mailchimp.com
488 | mapquest.com
489 | marchmail.com
490 | marshallmail.online
491 | marshallmail.site
492 | mayoclinic.org
493 | mbank.com.pl
494 | mbank.pl
495 | medicalnewstoday.com
496 | megaupload.com
497 | merriam-webster.com
498 | meta.com
499 | meta.me
500 | microsoft.biz.ua
501 | microsoft.com
502 | minemailpass.com
503 | mitrasaturupa.com
504 | ml1.net
505 | mlcuk.co.uk
506 | mm.st
507 | monday.com
508 | mop.com
509 | moviesosa.art
510 | moviesosa.xyz
511 | mozilla.org
512 | msn.com
513 | muscleify.com
514 | mx-001.ap-aave.com
515 | mxroute.com
516 | mxroute.io
517 | mxroute.net
518 | mxroute.org
519 | mxrouting.com
520 | mxrouting.net
521 | mxrouting.org
522 | myallbanks.com
523 | mydns.co.ua
524 | myfastmail.com
525 | mymacmail.com
526 | myspace.com
527 | myway.com
528 | mywebsearch.com
529 | myyahoo.com
530 | naimahr.com
531 | nakdigitalbisnes.com
532 | namecheap.com
533 | narod.ru
534 | naver.com
535 | nba.com
536 | nbcnews.com
537 | netaddress.com
538 | netfiix.com
539 | netflix.com
540 | nih.gov
541 | nisamsvojkad.info
542 | nixihost.com
543 | nospammail.net
544 | nqted.com
545 | nusatravelia.com
546 | ny.gov
547 | nytimes.com
548 | notion.so
549 | o2.pl
550 | oakwoodcapitalgroup.net
551 | oakwoodcapitalgroups.com
552 | odnoklassniki.ru
553 | ogoinbox.com
554 | oi.com.br
555 | okta.com
556 | one.nz
557 | onedrive.com
558 | onet.co.ua
559 | onet.eu
560 | onet.pl
561 | onixlab.xyz
562 | operamail.com
563 | oracle.com
564 | orcon.net.nz
565 | orkut.com
566 | osma-ag.ch
567 | outlook.biz.ua
568 | outlook.com
569 | outlook.jp
570 | ownmail.net
571 | pantoni.mx
572 | passport.net
573 | pastmails.com
574 | paypal.com
575 | pchome.com.tw
576 | peerok.com
577 | peerok.net
578 | perfectsystems.my
579 | petercenablog.trade
580 | petercenablog.work
581 | petml.com
582 | phantombuster.com
583 | photobucket.com
584 | pinterest.com
585 | play.google.com
586 | pobox.co.ua
587 | poczta.fm
588 | pokercard.me
589 | porkbun.com
590 | pornhub.com
591 | postinbox.com
592 | postmaster.co.uk
593 | postpro.net
594 | primaexpress.id
595 | proinbox.com
596 | prokonto.pl
597 | promessage.com
598 | prontomail.co.ua
599 | proton.co.ua
600 | proton.me
601 | protonmail.com
602 | pttriusahaberkat.com
603 | qq.com
604 | quikmails.com
605 | quizlet.com
606 | quora.co.ua
607 | quora.com
608 | ragnarokmail.com
609 | rakastore.biz.id
610 | rakbusinesssolution.com
611 | rakuten.co.jp
612 | rapidshare.com
613 | realemail.net
614 | reallyfast.biz
615 | reallyfast.info
616 | realtor.com
617 | reddit.biz.ua
618 | reddit.co.ua
619 | reddit.com
620 | rediff.com
621 | rediffmail.com
622 | redtube.com
623 | regzo.mx
624 | replygfx.co
625 | replygfx.com
626 | robinhood.com
627 | roblox.com
628 | roblox.com.am
629 | roblox.com.mu
630 | robolox.de.com
631 | rocketmail.com
632 | roofers-tees.com
633 | rottentomatoes.com
634 | rsbribaksudebos.xyz
635 | rummyapp.org
636 | runbox.com
637 | rushpost.com
638 | safe-mail.net
639 | salesforce.com
640 | sakura-cat.club
641 | samudraberjaya.com
642 | samudrapelaut.com
643 | samsung.com
644 | sandiego.com
645 | sap.com
646 | sejahtera.site
647 | sendspace.com
648 | sent.as
649 | sent.at
650 | sent.com
651 | seobosko.xyz
652 | server.elai
653 | seznam.cz
654 | shaw.ca
655 | shopify.com
656 | sina.cn
657 | sina.com
658 | sina.com.cn
659 | site-helper.com
660 | sitenear.com
661 | skiff.com
662 | skyblog.com
663 | slack.com
664 | slingshot.co.nz
665 | smartshe.com.ng
666 | snapchat.com
667 | softbank.co.ua
668 | sogou.com
669 | sohu.com
670 | solcryptomail.site
671 | solcryptomail.xyz
672 | soso.com
673 | soundcloud.com
674 | spark.co.nz
675 | speedpost.net
676 | speedtest.net
677 | speedymail.org
678 | spotify.com
679 | sprint.com
680 | square.com
681 | ssl-mail.com
682 | stackoverflow.com
683 | starware.com
684 | steampowered.com
685 | stellamaris.id
686 | surfy.net
687 | svesmail.pro
688 | svoyagedr.com
689 | swift-mail.com
690 | syra.co.id
691 | t-mobile.com
692 | t.me
693 | taobao.com
694 | target.com
695 | teambearworks.com
696 | tecknoturnoff.com
697 | teknoburns.com
698 | teknologins.com
699 | teknotunners.com
700 | telegram.com
701 | telus.net
702 | terra.com.br
703 | thatweb.com
704 | the-fastest.net
705 | the-quickest.com
706 | theguardian.com
707 | theinternetemail.com
708 | theoakwoodcapitalgroup.com
709 | theoakwoodcg.org
710 | thepiratebay.sx
711 | thesoniskitchen.com
712 | threads.net
713 | tiktok.com
714 | titan.email
715 | timelesspieces.co
716 | tlen.pl
717 | tmall.com
718 | tom.com
719 | trello.com
720 | tripadvisor.com
721 | trsitn1mail.com
722 | trybearworks.com
723 | tryelaiagency.com
724 | ttslaboratuvar.com
725 | tumblr.com
726 | tuta.com
727 | tutanota.co.ua
728 | twitch.co.ua
729 | twitch.tv
730 | twitter.com
731 | uae2ae.com
732 | uk.biz.ua
733 | unionwearables.com
734 | university-id.com
735 | uol.com.br
736 | upranking.xyz
737 | ups.com
738 | upscale-agency.net
739 | upscale.pro
740 | upscaleagency.info
741 | urbandictionary.com
742 | usatoday.com
743 | usnews.com
744 | usps.com
745 | ustrademark-assistance.com
746 | uwants.com
747 | uymail.com
748 | venmo.com
749 | verizon.co.ua
750 | verizon.com
751 | veryfast.biz
752 | veryspeedy.net
753 | vimeo.com
754 | vip.126.com
755 | vip.163.com
756 | vip.qq.com
757 | vip.sina.cn
758 | vip.sina.com
759 | vip.sohu.com
760 | vip.tom.com
761 | vitokre.com
762 | vk.com
763 | vnet.cn
764 | vontbluerazz.live
765 | vultr.com
766 | walla.co.il
767 | walla.com
768 | walmart.com
769 | wapicode.com
770 | warpmail.net
771 | washingtonpost.com
772 | we-are-union.com
773 | weather.com
774 | web3.co.ua
775 | wechat.com
776 | web.de
777 | webmail-shopify.com
778 | webmail.biz.ua
779 | webmailserver.com
780 | webmd.com
781 | weibo.com
782 | wedoany.org
783 | whatsapp.com
784 | whizmaily.com
785 | wikipedia.org
786 | wildmail.com
787 | windowslive.com
788 | wmjl.cc
789 | wmjl.xyz
790 | wo.cn
791 | wordpress.com
792 | workmail.co.ua
793 | workwithelai.com
794 | workwithelaii.com
795 | wowhead.com
796 | wp.eu
797 | wp.pl
798 | wretch.cc
799 | x.com
800 | x-finityes.com
801 | xfinity.com
802 | xhamster.com
803 | xinbaoren.com
804 | xn--elt536k.com
805 | xsmail.com
806 | xtra.co.nz
807 | xvideos.com
808 | xylographicxenopus.com
809 | y7mail.com
810 | ya.ru
811 | yahoo.at
812 | yahoo.be
813 | yahoo.bg
814 | yahoo.ca
815 | yahoo.cl
816 | yahoo.co.id
817 | yahoo.co.il
818 | yahoo.co.in
819 | yahoo.co.jp
820 | yahoo.co.kr
821 | yahoo.co.nz
822 | yahoo.co.th
823 | yahoo.co.uk
824 | yahoo.co.za
825 | yahoo.com
826 | yahoo.com.ar
827 | yahoo.com.au
828 | yahoo.com.br
829 | yahoo.com.cn
830 | yahoo.com.co
831 | yahoo.com.hk
832 | yahoo.com.hr
833 | yahoo.com.mx
834 | yahoo.com.my
835 | yahoo.com.pe
836 | yahoo.com.ph
837 | yahoo.com.sg
838 | yahoo.com.tr
839 | yahoo.com.tw
840 | yahoo.com.ua
841 | yahoo.com.ve
842 | yahoo.com.vn
843 | yahoo.cz
844 | yahoo.de
845 | yahoo.dk
846 | yahoo.ee
847 | yahoo.es
848 | yahoo.fi
849 | yahoo.fr
850 | yahoo.gr
851 | yahoo.hu
852 | yahoo.ie
853 | yahoo.in
854 | yahoo.it
855 | yahoo.lv
856 | yahoo.nl
857 | yahoo.no
858 | yahoo.pl
859 | yahoo.pt
860 | yahoo.ro
861 | yahoo.se
862 | yahoo.sk
863 | yahoomail.co.ua
864 | yandex.by
865 | yandex.com
866 | yandex.fr
867 | yandex.kz
868 | yandex.net
869 | yandex.ru
870 | yandex.uz
871 | yeah.net
872 | yellowpages.com
873 | yelp.com
874 | yepmail.net
875 | ymail.com
876 | ymail.ne.jp
877 | youku.com
878 | your-mail.com
879 | yousendit.com
880 | youtube.com
881 | zedo.com
882 | zeduss.com
883 | zillow.com
884 | zoho.co.jp
885 | zoho.com
886 | zohomail.com
887 |
--------------------------------------------------------------------------------
/directadmin/updatetheme.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | rm -rf /usr/local/directadmin/data/users/mxroute/skin_customizations/evolution
4 | cp -R /root/da_server_updates/directadmin/evolution /usr/local/directadmin/data/users/mxroute/skin_customizations
5 | chown -R diradmin. /usr/local/directadmin/data/users/mxroute/skin_customizations
6 |
--------------------------------------------------------------------------------
/directadmin/updatetheme.sh.old:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # Deploy standardized DA layout for evolution theme
3 |
4 | mv /usr/local/directadmin/data/users/mxroute/skin_customizations/evolution/config.json /usr/local/directadmin/data/users/mxroute/skin_customizations/evolution/config.json$(date +%s)
5 | wget https://raw.githubusercontent.com/mxroute/da_server_updates/master/directadmin/config.json -P /usr/local/directadmin/data/users/mxroute/skin_customizations/evolution
6 | wget https://raw.githubusercontent.com/mxroute/da_server_updates/master/directadmin/logo2.png -P /usr/local/directadmin/data/users/mxroute/skin_customizations/evolution
7 | chown diradmin. /usr/local/directadmin/data/users/mxroute/skin_customizations/evolution/*
8 | mv /usr/local/directadmin/data/users/mxroute/skin_customizations/evolution/files/menu-v1.json /usr/local/directadmin/data/users/mxroute/skin_customizations/files/menu-v1.json$(date +%s)
9 | wget https://raw.githubusercontent.com/mxroute/da_server_updates/master/directadmin/menu-v1.json -P /usr/local/directadmin/data/users/mxroute/skin_customizations/evolution/files
10 |
--------------------------------------------------------------------------------
/dns/dns.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # Deploy DNS resolvers
3 |
4 | rm -f /etc/resolv.conf.bak
5 | mv /etc/resolv.conf /etc/resolv.conf.bak
6 | cp /root/da_server_updates/dns/resolv.conf /etc
7 |
--------------------------------------------------------------------------------
/dns/monitor_dns.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Define variables
4 | PUSHTOKEN=$(cat /root/pushover_token)
5 | PUSHUSER=$(cat /root/pushover_user)
6 | HOSTNAME=$(hostname)
7 |
8 | # Step 1: Check email queue
9 | email_queue=$(exim -bpc)
10 | if [ "$email_queue" -le 500 ]; then
11 | exit
12 | fi
13 |
14 | # Step 2: Check if "dns_already_alerted" file is more than 12 hours old
15 | if [ -e /root/dns_already_alerted ]; then
16 | file_age=$(find /root/dns_already_alerted -mmin +720)
17 | if [ -n "$file_age" ]; then
18 | /usr/bin/curl -S -F "token=$PUSHTOKEN" \
19 | -F "user=$PUSHUSER" \
20 | -F "title=$HOSTNAME dns_already_alerted old" \
21 | -F "message=Delete dns_already_alerted on $HOSTNAME" https://api.pushover.net/1/messages.json
22 | else
23 | exit
24 | fi
25 | fi
26 |
27 | # Step 3: Check exim logs for "failed in smart_route router"
28 | log_lines=$(grep "filtergroup" /var/log/exim/mainlog | tail -n 1000)
29 | if [ -z "$(echo "$log_lines" | grep "failed in smart_route router")" ]; then
30 | /usr/bin/curl -S -F "token=$PUSHTOKEN" \
31 | -F "user=$PUSHUSER" \
32 | -F "title=Elevated Mail Queue" \
33 | -F "message=Elevated queue on $HOSTNAME" https://api.pushover.net/1/messages.json
34 | else
35 | systemctl restart unbound
36 | fi
37 |
38 | # Step 4: Check DNS resolution for filtergroup.mxroute.com
39 | if dig +short @localhost filtergroup.mxroute.com; then
40 | for i in $(exim -bp | awk '{print $3}'); do exim -M $i; done
41 | /usr/bin/curl -S -F "token=$PUSHTOKEN" \
42 | -F "user=$PUSHUSER" \
43 | -F "title=Restarted unbound on $HOSTNAME" \
44 | -F "message=Restarted unbound on $HOSTNAME" https://api.pushover.net/1/messages.json
45 | else
46 | /usr/bin/curl -S -F "token=$PUSHTOKEN" \
47 | -F "user=$PUSHUSER" \
48 | -F "title=$HOSTNAME Fucked" \
49 | -F "priority=2" \
50 | -F "expire=300" \
51 | -F "retry=30" \
52 | -F "message=$HOSTNAME experiencing DNS issue" https://api.pushover.net/1/messages.json
53 | fi
54 |
55 | # Step 5: Create "dns_already_alerted" file
56 | touch /root/dns_already_alerted
57 |
--------------------------------------------------------------------------------
/dns/resolv.conf:
--------------------------------------------------------------------------------
1 | nameserver 136.175.111.1
2 |
--------------------------------------------------------------------------------
/dns/resolv.conf.safety:
--------------------------------------------------------------------------------
1 | nameserver 8.8.8.8
2 | nameserver 8.8.4.4
3 |
--------------------------------------------------------------------------------
/dns/unbound_deploy.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Function to check if a command exists
4 | command_exists() {
5 | type "$1" &> /dev/null
6 | }
7 |
8 | # Update and Install Unbound
9 | if command_exists yum; then
10 | yum install unbound -y
11 | elif command_exists apt; then
12 | apt update && apt install unbound -y
13 | else
14 | echo "Neither yum nor apt is available. Exiting."
15 | exit 1
16 | fi
17 |
18 | # Backup existing unbound configuration
19 | if [ -f /etc/unbound/unbound.conf.d/myunbound.conf ]; then
20 | mv /etc/unbound/unbound.conf.d/myunbound.conf /etc/unbound/unbound.conf.d/myunbound.conf.bak
21 | fi
22 |
23 | # Populate unbound configuration
24 | cat > /etc/unbound/unbound.conf.d/myunbound.conf << 'EOF'
25 | server:
26 | verbosity: 1
27 | num-threads: 2
28 | outgoing-range: 512
29 | num-queries-per-thread: 1024
30 | msg-cache-size: 32m
31 | rrset-cache-size: 64m
32 | cache-max-ttl: 86400
33 | infra-host-ttl: 60
34 | infra-lame-ttl: 120
35 | access-control: 127.0.0.0/8 allow
36 | access-control: 0.0.0.0/0 allow
37 | access-control: ::1 allow
38 | username: unbound
39 | directory: "/etc/unbound"
40 | logfile: "/var/log/unbound.log"
41 | use-syslog: no
42 | hide-version: yes
43 | so-rcvbuf: 4m
44 | so-sndbuf: 4m
45 | do-ip4: yes
46 | do-ip6: yes
47 | do-udp: yes
48 | do-tcp: yes
49 |
50 | # Add these lines to enable recursion:
51 | # Allow queries from local network
52 | local-zone: "." typetransparent
53 | local-data: "localhost A 127.0.0.1"
54 | local-data: "localhost AAAA ::1"
55 |
56 | # Root servers hints
57 | root-hints: "/etc/unbound/root.hints"
58 |
59 | remote-control:
60 | control-enable: yes
61 | control-port: 953
62 | control-interface: 127.0.0.1
63 | EOF
64 |
65 | # Download root hints
66 | wget -O /etc/unbound/root.hints https://www.internic.net/domain/named.cache
67 |
68 | # Stop and disable named, then restart unbound
69 | systemctl stop named
70 | systemctl disable named
71 | systemctl daemon-reload
72 | systemctl restart unbound
73 |
74 | # Backup and replace /etc/init.d/named
75 | mkdir -p /root/oldconfigs
76 | if [ -f /etc/init.d/named ]; then
77 | mv /etc/init.d/named /root/oldconfigs
78 | fi
79 |
80 | # Create a dummy named init script
81 | cat > /etc/init.d/named << 'EOF'
82 | #!/bin/sh
83 | exit 0;
84 | EOF
85 |
86 | chmod 0755 /etc/init.d/named
87 |
88 | # Replace "named=ON" with "named=OFF" in services.status
89 | if [ -f /usr/local/directadmin/data/admin/services.status ]; then
90 | sed -i 's/named=ON/named=OFF/g' /usr/local/directadmin/data/admin/services.status
91 | fi
92 |
93 | # Restart directadmin
94 | systemctl restart directadmin
95 |
--------------------------------------------------------------------------------
/dovecot/90-sieve.conf:
--------------------------------------------------------------------------------
1 | #add sieve to end of line in:
2 | #/etc/dovecot/conf/protocols.conf, eg:
3 | #protocols = imap pop3 lmtp sieve
4 |
5 | #Managesieve service (allows rules editing on client-side)
6 | service managesieve-login {
7 | inet_listener sieve {
8 | port = 4190
9 | }
10 | service_count = 1
11 | process_min_avail = 4
12 | }
13 |
14 | service managesieve {
15 | }
16 |
17 | protocol sieve {
18 | managesieve_max_line_length = 65536
19 | managesieve_implementation_string = Dovecot Pigeonhole
20 | managesieve_max_compile_errors = 5
21 | managesieve_logout_format = bytes=%i/%o
22 | log_path = /var/log/dovecot-sieve-errors.log
23 | info_log_path = /var/log/dovecot-sieve.log
24 | }
25 |
26 | plugin {
27 | #More details: http://wiki2.dovecot.org/Pigeonhole/Sieve/Configuration
28 | # The location of the user's main script storage. The active script
29 | # in this storage is used as the main user script executed during
30 | # delivery. The include extension fetches the :personal scripts
31 | # from this location. When ManageSieve is used, this is also where
32 | # scripts are uploaded. This example uses the file system as
33 | # storage, with all the user's scripts located in the directory
34 | # `~/sieve' and the active script (symbolic link) located at
35 | # `~/.dovecot.sieve'.
36 | sieve = file:~/sieve;active=~/.dovecot.sieve
37 |
38 | # If the user has no personal active script (i.e. if the location
39 | # indicated in sieve= does not exist or has no active script), use
40 | # this one:
41 | sieve_default = /var/lib/dovecot/sieve/default.sieve
42 |
43 | # The include extension fetches the :global scripts from this
44 | # location.
45 | sieve_global = /var/lib/dovecot/sieve/global/
46 |
47 | # Always send vacation messages with the SMTP MAIL FROM envelope address set
48 | # to the recipient. This is needed for the vacation response to be DKIM
49 | # signed by Exim. See
50 | # for more
51 | # information.
52 | sieve_vacation_send_from_recipient = yes
53 |
54 | # To prevent spoofing by redirect filter, set envelope sender as
55 | # the recipient email address, much like SRS.
56 | sieve_redirect_envelope_from = recipient
57 | sieve_max_redirects = 0
58 | sieve_extensions = -enotify -redirect
59 | }
60 |
--------------------------------------------------------------------------------
/dovecot/countios.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | zgrep "Notification sent successfully" /var/log/mail* | awk -F'imap\\(' '{print $2}' | awk -F')' '{print $1}' | sort | uniq | wc -l
4 |
--------------------------------------------------------------------------------
/dovecot/mail_max_userip_connections.conf:
--------------------------------------------------------------------------------
1 | mail_max_userip_connections = 40
2 | remote 127.0.0.1 {
3 | mail_max_userip_connections = 150
4 | }
5 |
--------------------------------------------------------------------------------
/dovecot/normalizelogs.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | if [ -f /var/log/mail.log ] && [ ! -f /var/log/maillog ]; then
4 | ln -s /var/log/mail.log /var/log/maillog
5 | elif [ -f /var/log/maillog ] && [ ! -f /var/log/mail.log ]; then
6 | ln -s /var/log/maillog /var/log/mail.log
7 | fi
8 |
--------------------------------------------------------------------------------
/dovecot/sieve_custom.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | rm -f /etc/dovecot/conf.d/90-sieve.conf
4 | cp /root/da_server_updates/dovecot/90-sieve.conf /etc/dovecot/conf.d
5 | systemctl reload dovecot
6 |
--------------------------------------------------------------------------------
/dovecot/update_dovecot.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Rebuild Dovecot and configs
4 |
5 | /usr/local/directadmin/custombuild/build update
6 | /usr/local/directadmin/custombuild/build dovecot
7 | /usr/local/directadmin/custombuild/build dovecot_conf
8 |
9 | # Make sure log file is defined
10 | if grep -q "log_path" /etc/dovecot/dovecot.conf
11 | then
12 | echo "Logging is fine."
13 | else
14 | echo "log_path = /var/log/mail.log" >> /etc/dovecot/dovecot.conf
15 | fi
16 |
17 | # Apply our original Dovecot limit fix
18 |
19 | if grep -q "service lmtp" /etc/dovecot/dovecot.conf
20 | then
21 | echo "Dovecot limits already in place."
22 | else
23 | cat >> /etc/dovecot/dovecot.conf <> /etc/dovecot/dovecot.conf
52 | fi
53 |
54 | # Set per IP limits above defaults
55 | rm -f /etc/dovecot/conf/mail_max_userip_connections.conf
56 | cp /root/da_server_updates/dovecot/mail_max_userip_connections.conf /etc/dovecot/conf
57 |
58 | # Restart Dovecot
59 |
60 | systemctl restart dovecot
61 |
--------------------------------------------------------------------------------
/exim/add_bulk_acls.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | rm -f /etc/exim.acl_check_recipient.pre.conf
4 | wget -O /etc/exim.acl_check_recipient.pre.conf https://raw.githubusercontent.com/mxroute/da_server_updates/refs/heads/master/exim/exim.acl_check_recipient.pre.conf
5 | rm -f /etc/bannedspoofing
6 | wget -O /etc/bannedspoofing https://raw.githubusercontent.com/mxroute/da_server_updates/refs/heads/master/exim/bannedspoofing
7 | killall -9 exim && systemctl restart exim
8 |
--------------------------------------------------------------------------------
/exim/bannedspoofing:
--------------------------------------------------------------------------------
1 | 126.com
2 | 163.com
3 | 21cn.com
4 | aliyun.com
5 | aol.com
6 | att.net
7 | bellsouth.net
8 | blueyonder.co.uk
9 | bt.com
10 | btinternet.com
11 | charter.net
12 | comcast.net
13 | cox.net
14 | daum.net
15 | earthlink.net
16 | email.com
17 | facebook.com
18 | fastmail.fm
19 | foxmail.com
20 | freeserve.co.uk
21 | games.com
22 | gmail.com
23 | gmx.com
24 | gmx.fr
25 | gmx.net
26 | google.com
27 | googlemail.com
28 | hanmail.net
29 | hotmail.co.uk
30 | hotmail.com
31 | hotmail.fr
32 | hush.com
33 | hushmail.com
34 | icloud.com
35 | iname.com
36 | inbox.com
37 | juno.com
38 | keemail.me
39 | laposte.net
40 | lavabit.com
41 | live.co.uk
42 | live.com
43 | live.fr
44 | love.com
45 | mac.com
46 | mail.com
47 | me.com
48 | msn.com
49 | nate.com
50 | naver.com
51 | neuf.fr
52 | ntlworld.com
53 | o2.co.uk
54 | orange.fr
55 | orange.net
56 | outlook.com
57 | pobox.com
58 | protonmail.ch
59 | protonmail.com
60 | qq.com
61 | rocketmail.com
62 | safe-mail.net
63 | sbcglobal.net
64 | sfr.fr
65 | sina.cn
66 | sina.com
67 | sky.com
68 | talktalk.co.uk
69 | tiscali.co.uk
70 | tuta.io
71 | tutamail.com
72 | tutanota.com
73 | tutanota.de
74 | verizon.net
75 | virgin.net
76 | virginmedia.com
77 | wanadoo.co.uk
78 | wanadoo.fr
79 | wow.com
80 | yahoo.co.id
81 | yahoo.co.in
82 | yahoo.co.jp
83 | yahoo.co.kr
84 | yahoo.co.uk
85 | yahoo.com
86 | yahoo.com.ph
87 | yahoo.com.sg
88 | yahoo.fr
89 | yandex.com
90 | yeah.net
91 | ygm.com
92 | ymail.com
93 | zoho.com
94 |
--------------------------------------------------------------------------------
/exim/bounce_old_junk.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | IDS=$(for i in $(exim -bp | grep -v "D " | grep -E '^[0-9]{1,2}h\s' | awk '{print $3}'); do grep $i /var/log/exim/mainlog | grep "Recipient address rejected: Domain not found"; done | awk '{print $3}' | uniq)
4 |
5 | for a in $IDS; do exim -Mg $a; done
6 |
--------------------------------------------------------------------------------
/exim/check_overquota.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | OVERQUOTA_FILE="/etc/overquota"
4 | TEMP_FILE="/tmp/overquota_tmp.$$"
5 | DEBUG=0 # Set to 1 for debug mode
6 |
7 | # Allow debug mode via CLI
8 | if [[ "$1" == "--debug" ]]; then
9 | DEBUG=1
10 | echo "Running in debug mode. No changes will be made."
11 | fi
12 |
13 | if [[ ! -f "$OVERQUOTA_FILE" ]]; then
14 | echo "File $OVERQUOTA_FILE not found."
15 | exit 1
16 | fi
17 |
18 | touch "$TEMP_FILE"
19 |
20 | while IFS= read -r user; do
21 | [[ -z "$user" ]] && continue
22 |
23 | output=$(doveadm quota get -u "$user" 2>/dev/null)
24 | if [[ $? -ne 0 || -z "$output" ]]; then
25 | echo "Error: Failed to get quota for $user"
26 | continue
27 | fi
28 |
29 | # Get value and limit from STORAGE line using awk
30 | storage_line=$(echo "$output" | awk '/STORAGE/ {print $2, $3}')
31 | value=$(echo "$storage_line" | awk '{print $1}')
32 | limit=$(echo "$storage_line" | awk '{print $2}')
33 |
34 | if [[ -z "$value" || -z "$limit" ]]; then
35 | echo "Could not parse STORAGE quota for $user: $output"
36 | continue
37 | fi
38 |
39 | if [[ "$limit" == "-" ]]; then
40 | if [[ $DEBUG -eq 1 ]]; then
41 | echo "[DEBUG] $user has unlimited quota, would remove"
42 | else
43 | echo "$user has unlimited quota, removing from list"
44 | continue
45 | fi
46 | elif [[ "$value" =~ ^[0-9]+$ && "$limit" =~ ^[0-9]+$ ]]; then
47 | if (( value < limit )); then
48 | if [[ $DEBUG -eq 1 ]]; then
49 | echo "[DEBUG] $user is under quota ($value < $limit), would remove"
50 | else
51 | echo "$user is under quota ($value < $limit), removing from list"
52 | continue
53 | fi
54 | else
55 | if [[ $DEBUG -eq 1 ]]; then
56 | echo "[DEBUG] $user is still over quota ($value >= $limit), keeping"
57 | fi
58 | fi
59 | else
60 | echo "Unexpected non-numeric value or limit for $user: value='$value', limit='$limit'"
61 | continue
62 | fi
63 |
64 | echo "$user" >> "$TEMP_FILE"
65 |
66 | done < "$OVERQUOTA_FILE"
67 |
68 | if [[ $DEBUG -eq 0 ]]; then
69 | mv "$TEMP_FILE" "$OVERQUOTA_FILE"
70 | else
71 | echo "[DEBUG] Final list that would remain in $OVERQUOTA_FILE:"
72 | cat "$TEMP_FILE"
73 | rm -f "$TEMP_FILE"
74 | fi
75 |
--------------------------------------------------------------------------------
/exim/clearcertlogs.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # I don't need to renew SSL certificates for internal server to server communication, and I'm tired of customers asking me about it.
3 | # In a highly controlled environment, suppressing this error serves no purpose other than to reduce customer questions.
4 |
5 | if [ -d "/var/cpanel" ]; then
6 | sed -i '/certificate has expired cert/d' /var/log/exim_mainlog
7 | else
8 | sed -i '/certificate has expired cert/d' /var/log/exim/mainlog
9 | fi
10 |
--------------------------------------------------------------------------------
/exim/deploy_exim_conf.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | rm -f /etc/exim.conf.bak
4 | mv /etc/exim.conf /etc/exim.conf.bak
5 | wget https://raw.githubusercontent.com/mxroute/da_server_updates/master/exim/exim.conf -P /etc
6 | killall -9 exim && systemctl restart exim
7 |
--------------------------------------------------------------------------------
/exim/deploy_helo_blocks.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | rm -f /etc/heloblocks
4 | rm -f /etc/exim.acl_check_helo.pre.conf
5 | cp /root/da_server_updates/exim/exim.acl_check_helo.pre.conf /etc
6 | cp /root/da_server_updates/exim/heloblocks /etc
7 | killall -9 exim
8 | systemctl restart exim
9 |
--------------------------------------------------------------------------------
/exim/easy/check_message.conf:
--------------------------------------------------------------------------------
1 | .include_if_exists /etc/exim.easy_spam_fighter/check_message.conf.custom.pre
2 |
3 | accept authenticated = *
4 |
5 | ################
6 | # Do some proper spam scanning and add on the score...
7 | #
8 | # We need to do some work here to feedback to the autowhitelister
9 | # such that any POSITIVE feeback given earlier by dint of being repeated email
10 | # is turned to NEGATIVE feedback here if it turns out to still be spam
11 |
12 |
13 | #Rspamd
14 | .include_if_exists /etc/exim/rspamd/check_message.conf
15 |
16 | #SpamAssassin
17 | warn
18 | condition = ${if !eq{$acl_c_rspamd}{1}}
19 | condition = ${if !eq{$acl_c_esf_skip}{1}}
20 | condition = ${if and { {< {$message_size}{EASY_SPAMASSASSIN_MAX_SIZE}} { <{$acl_m_easy69}{EASY_LIMIT}}}{1}{0}}
21 | condition = ${if !eq{$acl_m_spam_user}{nobody}}
22 | set acl_m_spam_assassin_has_run = 1
23 | set acl_c_spam_assassin_has_run = 1
24 | spam = $acl_m_spam_user:true/defer_ok
25 | set acl_m_easy69 = ${eval:$acl_m_easy69 + $spam_score_int}
26 | add_header = X-Spam-Score: $spam_score ($spam_bar)
27 | add_header = X-Spam-Report: $spam_report
28 |
29 | warn
30 | condition = ${if !eq{$acl_c_rspamd}{1}}
31 | condition = ${if !eq{$acl_c_esf_skip}{1}}
32 | condition = ${if < {$message_size}{EASY_SPAMASSASSIN_MAX_SIZE}}
33 | condition = ${if !eq{$acl_m_spam_user}{nobody}}
34 | spam = $acl_m_spam_user/defer_ok
35 | set acl_m_spam_subject = ${perl{get_spam_subject}}
36 | add_header = X-Old-Subject:$h_Subject
37 | remove_header = Subject
38 | remove_header = X-Spam-Status
39 | add_header = Subject:$acl_m_spam_subject$h_Subject:
40 | add_header = X-Spam-Status: Yes, score=$spam_score, +EASY_IS_SPAM total spam score
41 | set acl_m_easy69 = ${eval:$acl_m_easy69 + EASY_IS_SPAM}
42 |
43 | warn
44 | condition = ${if !eq{$acl_c_rspamd}{1}}
45 | condition = ${if !eq{$acl_c_esf_skip}{1}}
46 | condition = ${if >= {$message_size}{EASY_SPAMASSASSIN_MAX_SIZE}}
47 | condition = ${if !eq{$acl_m_spam_user}{nobody}}
48 | remove_header = X-Spam-Status
49 | add_header = X-Spam-Status: No, message_size=$message_size larger than EASY_SPAMASSASSIN_MAX_SIZE
50 |
51 | drop
52 | condition = ${if !eq{$acl_c_rspamd}{1}}
53 | condition = ${if !eq{$acl_c_esf_skip}{1}}
54 | condition = ${if < {$message_size}{EASY_SPAMASSASSIN_MAX_SIZE}}
55 | condition = ${if !eq{$acl_m_spam_user}{nobody}}
56 | spam = $acl_m_spam_user/defer_ok
57 | set acl_m_high_score_drop = ${perl{get_spam_high_score_drop}}
58 | logwrite = ESF score is $spam_score_int / $acl_m_high_score_drop
59 | condition = ${if >={$spam_score_int}{$acl_m_high_score_drop}}
60 | message = High scoring spam message has been dropped
61 | logwrite = drop message based on users high-scoring-spam setting ($spam_score_int >= $acl_m_high_score_drop)
62 |
63 | warn
64 | remove_header = SpamTally
65 | condition = ${if !eq{$acl_m_spam_user}{nobody}}
66 | add_header = SpamTally: Final spam score: $acl_m_easy69
67 |
68 | warn
69 | remove_header = SpamTally
70 | condition = ${if eq{$acl_m_spam_user}{nobody}}
71 | add_header = SpamTally: Final spam score: unset because ESF not run (SpamAssassin unset, whitelist, or skipped)
72 |
73 | drop
74 | condition = ${if !eq{$acl_c_esf_skip}{1}}
75 | condition = ${if >={$acl_m_easy69}{EASY_HIGH_SCORE_DROP}{1}{0}}
76 | condition = ${if !eq{$acl_m_spam_user}{nobody}}
77 | message = Your message to <$recipients> was classified as SPAM. Your score: $acl_m_easy69
78 |
79 | warn
80 | condition = ${if eq{$acl_c_esf_skip}{1}}
81 | logwrite = ESF evalutation skipped. Score: $acl_m_easy69
82 |
83 | .include_if_exists /etc/exim.easy_spam_fighter/check_dmarc.conf
84 | .include_if_exists /etc/exim.easy_spam_fighter/check_message.conf.custom.post
85 |
--------------------------------------------------------------------------------
/exim/easy/variables.conf:
--------------------------------------------------------------------------------
1 | EASY_LIMIT = 55
2 | EASY_IS_SPAM = 20
3 | EASY_HIGH_SCORE_DROP = 100
4 | EASY_SPF_PASS = 0
5 | EASY_SPF_SOFT_FAIL = 30
6 | EASY_SPF_FAIL = 100
7 | EASY_DKIM_PASS = 0
8 | EASY_DKIM_FAIL = 100
9 | EASY_NO_REVERSE_IP = 100
10 | EASY_FORWARD_CONFIRMED_RDNS = 0
11 | EASY_DNS_BLACKLIST = 50
12 | EASY_SPAMASSASSIN_MAX_SIZE = 25000K
13 |
14 | EASY_SKIP_SENDERS = /etc/virtual/esf_skip_senders
15 | EASY_SKIP_RECIPIENTS = /etc/virtual/esf_skip_recipients
16 | EASY_SKIP_HOSTS = /etc/virtual/esf_skip_hosts
17 | EASY_SKIP_IPS = /etc/virtual/esf_skip_ips
18 |
19 | .include_if_exists /etc/exim/rspamd/variables.conf
20 | .include_if_exists /etc/exim.easy_spam_fighter/variables.dmarc.conf
21 | .include_if_exists /etc/exim.easy_spam_fighter/variables.conf.custom
22 |
23 | addresslist esf_skip_senders = ${if exists{EASY_SKIP_SENDERS}{wildlsearch;EASY_SKIP_SENDERS}}
24 | addresslist esf_skip_recipients = ${if exists{EASY_SKIP_RECIPIENTS}{wildlsearch;EASY_SKIP_RECIPIENTS}}
25 | hostlist esf_skip_hosts = ${if exists{EASY_SKIP_HOSTS}{wildlsearch;EASY_SKIP_HOSTS}}
26 | hostlist esf_skip_ips = ${if exists{EASY_SKIP_IPS}{EASY_SKIP_IPS}}
27 |
--------------------------------------------------------------------------------
/exim/easy/variables.conf.custom:
--------------------------------------------------------------------------------
1 | EASY_LIMIT == 55
2 | EASY_IS_SPAM == 20
3 | EASY_HIGH_SCORE_DROP == 300
4 | EASY_SPF_PASS == 0
5 | EASY_SPF_SOFT_FAIL == 20
6 | EASY_SPF_FAIL == 100
7 | EASY_DKIM_PASS == 0
8 | EASY_DKIM_FAIL == 50
9 | EASY_NO_REVERSE_IP == 100
10 | EASY_FORWARD_CONFIRMED_RDNS == 0
11 | EASY_DNS_BLACKLIST == 50
12 | EASY_SPAMASSASSIN_MAX_SIZE == 25000K
13 |
--------------------------------------------------------------------------------
/exim/exim.acl_check_helo.pre.conf:
--------------------------------------------------------------------------------
1 | # MXroute HELO check rules
2 |
3 | deny
4 | message = Suspicious HELO rejected
5 | condition = ${if match{$sender_helo_name}{\N^diretorias\N}{yes}{no}}
6 | log_message = Rejected HELO: $sender_helo_name from $sender_host_address
7 |
8 | deny
9 | condition = ${if match{$sender_helo_name}{\N.*distritek\.cab$\N}{yes}{no}}
10 | log_message = HELO/EHLO - Rejected distritek.cab HELO
11 | message = This computer has been blocked from sending email
12 |
13 | drop
14 | condition = ${lookup{$sender_helo_name}lsearch{/etc/heloblocks}{yes}{no}}
15 | log_message = HELO/EHLO - HELO on heloblocks Blocklist
16 | message = This computer has been blocked from sending email
17 |
18 | deny
19 | condition = ${if match{$sender_helo_name}{\N(?i)^(\()?ns[0-9]+\.ip-[0-9-]+\.(eu|com|net)(\))?$\N}{yes}{no}}
20 | message = Rejected: HELO/EHLO name is a default OVH reverse DNS
21 |
22 | deny
23 | message = Blocked HELO - Suspicious domain
24 | condition = ${if match{$sender_helo_name}{\N\.xmail\.ntesmail\.com$\N}{yes}{no}}
25 |
--------------------------------------------------------------------------------
/exim/exim.acl_check_message.pre.conf:
--------------------------------------------------------------------------------
1 | deny condition = ${if and{{eq{$acl_m0}{1}}{!match{${lc:$h_subject:}}{mail delivery failed|test email for connector validation|delivery status notification|undeliver|read:|report domain|out of office}}}{yes}{no}}
2 | message = This message has been rejected as spam
3 | logwrite = BLANKLOG: Subject: '${escape:${lc:$h_subject:}}' Rejected: yes
4 |
5 | warn condition = ${if eq{$acl_m0}{1}}
6 | logwrite = BLANKLOG: Subject: '${escape:${lc:$h_subject:}}' Accepted: yes
7 |
8 | deny senders = *@doclist.bounces.google.com
9 | condition = ${if match{$h_subject:}{\N(\xF0[\x90-\xBF][\x80-\xBF]{2}|\xF4[\x80-\x8F][\x80-\xBF]{2}|\xF1[\x80-\xBF][\x80-\xBF]{2}|\xF2[\x80-\xBF][\x80-\xBF]{2}|\xF3[\x80-\xBF][\x80-\xBF]{2})\N}{yes}{no}}
10 | message = Emails from doclist.bounces.google.com containing emoji in the subject are not allowed
11 | logwrite = Blocked doclist.bounces.google.com emoji subject: '${escape:$h_subject:}'
12 |
13 | deny senders = *@doclist.bounces.google.com
14 | !condition = ${if or{\
15 | {match{$h_subject:}{\N(?i)carpeta contigo\N}}\
16 | {match{$h_subject:}{\N(?i)compartida contigo\N}}\
17 | {match{$h_subject:}{\N(?i)Solicitud para compartir\N}}\
18 | {match{$h_subject:}{\N(?i)Share request for\N}}\
19 | {match{$h_subject:}{\N(?i)Share_request_for\N}}\
20 | {match{$h_subject:}{\N(?i)shared with you\N}}\
21 | {match{$h_subject:}{\N(?i)Invitation to own\N}}\
22 | {match{$h_subject:}{\N(?i)Item dibagikan kepada Anda\N}}\
23 | {match{$h_subject:}{\N(?i)Pasta compartilhada com\N}}\
24 | {match{$h_subject:}{\N(?i)shared_with_you\N}}\
25 | }{yes}{no}}
26 | message = Emails from doclist.bounces.google.com must contain an approved sharing-related subject string
27 | logwrite = Blocked doclist.bounces.google.com email with subject: '${escape:$h_subject:}'
28 |
29 | deny condition = ${if match{$h_subject:}{(?i)Support Ticket Not Opened}{yes}{no}}
30 | message = Emails with "Support Ticket Not Opened" in the subject are not allowed
31 |
32 | deny senders = *@promote.weebly.com
33 | !condition = ${if match{$h_subject:}{Order}{yes}{no}}
34 | message = Messages from promote.weebly.com are heavily filtered due to spam
35 | logwrite = Rejected weebly promotion: sender=$sender_address subject=$h_subject:
36 |
37 | deny authenticated = *
38 | condition = ${if or{{match{${lc:$h_subject:}}{mail delivery failed}}\
39 | {match{${lc:$h_subject:}}{delivery status notification}}\
40 | {match{${lc:$h_subject:}}{undeliver}}\
41 | }{yes}{no}}
42 | message = Authenticated users are not allowed to send bounce emails
43 |
44 | deny condition = ${if match{$h_subject:}{your-subject}{yes}{no}}
45 | message = Emails containing "your-subject" in the subject line are not allowed
46 |
47 | deny condition = ${if match{$h_subject:}{\N~\|\N}{yes}{no}}
48 | message = Emails containing "~|" in the subject line are not allowed
49 |
--------------------------------------------------------------------------------
/exim/exim.acl_check_recipient.pre.conf:
--------------------------------------------------------------------------------
1 | # DDOS Mitigation
2 | deny condition = ${if >{$rcpt_fail_count}{25}{yes}{no}}
3 | log_message = "Too many failed RCPT commands from ${sender_host_address}"
4 | message = "Too many RCPT failures - try later"
5 | delay = 60s
6 |
7 | # Back to your normal programming
8 |
9 | # First: Critical security checks and spoofing prevention
10 | # Check domain whitelist
11 | warn condition = ${lookup{${domain:$sender_address}}lsearch{/etc/susranges_domainwhitelist}{1}{0}}
12 | set acl_m_domain_whitelisted = 1
13 |
14 | # Apply the suspicious range check
15 | deny !authenticated = *
16 | !hosts = <; /etc/susranges_whitelist
17 | !condition = ${if eq{$acl_m_domain_whitelisted}{1}{1}{0}}
18 | hosts = <; /etc/susranges
19 | logwrite = Rejected suspicious IP: $sender_host_address
20 | message = Unauthenticated mail not allowed from this range
21 |
22 | deny senders = *@paypal.com
23 | condition = ${if or{\
24 | {match{$sender_helo_name}{\N.*outbound\.protection\.outlook\.com\N}}\
25 | {match{$sender_host_name}{\N.*outbound\.protection\.outlook\.com\N}}\
26 | }{yes}{no}}
27 | message = Suspected PayPal spoofing attempt blocked
28 | logwrite = Blocked spoofed PayPal: sender=$sender_address helo=$sender_helo_name host=$sender_host_name from $sender_host_address
29 |
30 | deny message = HELO matches local domain ($sender_helo_name) but sender is not authenticated
31 | !authenticated = *
32 | condition = ${if match_domain{$sender_helo_name}{+local_domains}{yes}{no}}
33 | domains = !+local_domains
34 | logwrite = HELO_SPOOF: $sender_helo_name from IP $sender_host_address rejected
35 |
36 | # Second: Basic relay and authentication checks
37 | deny message = Relay not permitted
38 | !authenticated = *
39 | domains = !+local_domains
40 |
41 | # Third: SPF and other protocol-level checks
42 | deny spf = fail
43 | !authenticated = *
44 | message = SPF check failed. $sender_host_address is not authorized to send mail from \
45 | ${if def:sender_address_domain \
46 | {$sender_address_domain}{$sender_helo_name}}
47 |
48 | # Fourth: Pattern-based blocking
49 | deny message = Blocking non-whitelisted messages from Google Groups
50 | !authenticated = *
51 | condition = ${if match{$sender_address}{\N\+bnc\N}{yes}{no}}
52 | !condition = ${if exists{/etc/googlegroups_whitelist}\
53 | {${lookup{${domain:$sender_address}}lsearch{/etc/googlegroups_whitelist}{yes}{no}}}\
54 | {no}}
55 | logwrite = Blocked Google Groups sender: $sender_address
56 |
57 | deny message = Suspicious message pattern rejected
58 | condition = ${if match{$sender_address}{\N^as[0-9]\+bnc.*@.*\.info$\N}{yes}{no}}
59 | logwrite = Blocked suspicious sender pattern: $sender_address
60 |
61 | deny !authenticated = *
62 | condition = ${if or{\
63 | {match{${lc:$sender_helo_name}}{googleusercontent}}\
64 | {match{${lc:$sender_host_name}}{googleusercontent}}\
65 | }}
66 | message = Google Cloud has conditional access to our SMTP
67 | logwrite = Googleusercontent attempt - HELO: $sender_helo_name Hostname: $sender_host_name Host: $sender_host_address
68 |
69 | # Fifth: Domain-specific rules
70 | deny message = Mail not accepted from default assigned hostnames
71 | !authenticated = *
72 | condition = ${if or{\
73 | {match{$sender_helo_name}{\N^vps-.*\.vps\.ovh\.(ca|us|net)$\N}}\
74 | {match{$sender_host_name}{\N^vps-.*\.vps\.ovh\.(ca|us|net)$\N}}\
75 | }{yes}{no}}
76 | logwrite = Rejected default OVH hostname: helo=$sender_helo_name host=$sender_host_name from $sender_host_address
77 |
78 | deny !authenticated = *
79 | !hosts = <; /etc/aclwhitelist
80 | hosts = <; /etc/ovhranges
81 | condition = ${if match{$sender_helo_name}{\N^mail[0-9]+\.[a-zA-Z0-9-]+\.[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)?$\N}{yes}{no}}
82 | message = Suspicious email trend detected and blocked.
83 | logwrite = Rejected suspicious OVH host: $sender_host_address with HELO $sender_helo_name
84 |
85 | # Sixth: Authentication-related spoofing checks
86 | deny message = Spoofing domains that you do not own to external recipients not allowed
87 | authenticated = *
88 | condition = ${lookup{$sender_address_domain}lsearch{/etc/bannedspoofing}{1}{0}}
89 | domains = !+local_domains
90 | !condition = ${if exists{/etc/spoofwhitelist}\
91 | {${lookup{${domain:$authenticated_id}}lsearch{/etc/spoofwhitelist}{yes}{no}}}\
92 | {no}}
93 | logwrite = SPOOFCHECK: Blocked spoof attempt sender=$sender_address auth=$authenticated_id rcpt=$local_part@$domain
94 |
95 | # Seventh: Miscellaneous blocks
96 | deny senders = *@example.com
97 | message = Your software claims your sending address is on example.com which is not your domain
98 |
99 | deny senders = nwildlsearch*@;/etc/spam_senders
100 | message = Your sending address has been blocked by admins see mxroutedocs.com for explanation
101 |
102 | deny recipients = nwildlsearch*@;/etc/spam_recipients
103 | message = Your recipient address has been blocked by admins see mxroutedocs.com for explanation
104 |
105 | deny recipients = nwildlsearch*@;/etc/overquota
106 | message = Your recipient has reached their disk quota
107 |
108 | deny condition = ${if match{$sender_helo_name}{(?:^|\.)\mxrouting.net}}
109 | condition = ${if and {{!eq{$sender_host_address}{::1}} {!eq{$sender_host_address}{127.0.0.1}}}}
110 | message = Intentionally vague error message requiring you to contact support
111 |
112 | deny domains = ^example\.com
113 | message = Sending to domains starting with "example.com" is not allowed.
114 |
115 | deny sender_domains = *cloudwaysapps.com
116 | message = Please use a real sending domain
117 |
118 | # Eighth: Warning and logging
119 | warn authenticated = *
120 | logwrite = SPOOFCHECK: Processing authenticated=$authenticated_id sender=$sender_address recipient=$local_part@$domain
121 |
122 | warn senders = :
123 | set acl_m0 = 1
124 | logwrite = BLANKLOG: Blank sender detected, deferring decision
125 |
126 | # Ninth: Final specific denials
127 | deny condition = ${if match{$local_part@$domain}{.*@email\.tst.*}{yes}{no}}
128 | message = Sending to email.tst domains is not allowed
129 |
130 | deny !sender_domains = nwildlsearch;/etc/onmicrosoft_whitelist
131 | condition = ${if match{$sender_address}{\N.*onmicrosoft\.com\N}{yes}{no}}
132 | message = Envelope sender containing onmicrosoft.com is not allowed
133 | logwrite = Blocked onmicrosoft sender: $sender_address from $sender_host_address ($sender_address_domain)
134 |
135 | deny !authenticated = *
136 | sender_domains = sendgrid.net
137 | !condition = ${lookup{$domain}lsearch{/etc/sendgrid_whitelist}{1}{0}}
138 | message = Sendgrid.net sender domains are only allowed to specific whitelisted recipients
139 |
--------------------------------------------------------------------------------
/exim/exim.dkim.conf:
--------------------------------------------------------------------------------
1 | #1.7
2 | dkim_domain = ${if or { \
3 | {eq{$sender_address_domain}{}} \
4 | {eq{$sender_address_domain}{$primary_hostname}} \
5 | } \
6 | {$primary_hostname}{${lookup{${domain:$authenticated_id}}lsearch,ret=key{/etc/virtual/domainowners}{$value}}}}
7 | dkim_selector = x
8 | dkim_private_key = ${if exists{/etc/virtual/$dkim_domain/dkim.private.key}{/etc/virtual/$dkim_domain/dkim.private.key}{0}}
9 | dkim_canon = relaxed
10 | dkim_strict = 0
11 | dkim_sign_headers = From:Sender:Reply-To:Subject:Date:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
12 |
--------------------------------------------------------------------------------
/exim/exim.routers.pre.conf:
--------------------------------------------------------------------------------
1 | smart_route_forward:
2 | driver = manualroute
3 | domains = ! +local_domains
4 | ignore_target_hosts = 127.0.0.0/8
5 | condition = ${if !eq{$original_domain}{$domain}}
6 | condition = ${if !eq{$original_domain}{}}
7 | condition = "${perl{check_limits}}"
8 |
9 | transport = remote_smtp_forward_transport
10 |
11 | route_list = * filtergroup.mxroute.com
12 | no_more
13 |
14 | smart_route:
15 | driver = manualroute
16 | domains = ! +local_domains
17 | ignore_target_hosts = 127.0.0.0/8
18 | condition = "${perl{check_limits}}"
19 |
20 | transport = remote_smtp
21 |
22 | route_list = * filtergroup.mxroute.com
23 | no_more
24 |
--------------------------------------------------------------------------------
/exim/exim.strings.conf.custom:
--------------------------------------------------------------------------------
1 | received_header_text = "Received: \
2 | ${if def:authenticated_id {from ${authenticated_id} (authenticated user)}\
3 | {from ${if def:sender_rcvhost {${sender_rcvhost}}\
4 | {${if def:sender_ident {${sender_ident}}{}}${if def:sender_helo_name {(helo=${sender_helo_name})}{}}${sender_host_address}}}}}\
5 | by ${primary_hostname} \
6 | ${if def:received_protocol {with ${received_protocol}}{}} \
7 | ${if def:tls_cipher {(${tls_cipher} encrypted)}{}} \
8 | id ${message_id} \
9 | ${if def:sender_address {(envelope-from <${sender_address}>)}{}} \
10 | for ${local_part}@${domain}; ${tod_full}"
11 |
--------------------------------------------------------------------------------
/exim/exim.transports.pre.conf:
--------------------------------------------------------------------------------
1 | auth_relay:
2 | driver = smtp
3 | message_linelength_limit = 52428800
4 | tls_tempfail_tryclear = true
5 | headers_add = X-AuthUser: ${if match {$authenticated_id}{.*@.*}\
6 | {$authenticated_id} {${if match {$authenticated_id}{.+}\
7 | {$authenticated_id@$primary_hostname}{$authenticated_id}}}}
8 | headers_remove = Received
9 | dkim_domain = ${if eq{${lc:${domain:$h_from:}}}{}{$primary_hostname}{${lookup{${lc:${domain:$h_from:}}}lsearch,ret=key{/etc/virtual/domainowners}{$value}}}}
10 | dkim_selector = x
11 | dkim_private_key = ${if exists{/etc/virtual/$dkim_domain/dkim.private.key}{/etc/virtual/$dkim_domain/dkim.private.key}{0}}
12 | dkim_canon = relaxed
13 | dkim_strict = 0
14 |
--------------------------------------------------------------------------------
/exim/exim.variables.conf.custom:
--------------------------------------------------------------------------------
1 | daemon_smtp_ports=25 : 587 : 465 : 2525
2 | tls_require_ciphers=ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:
3 | disable_ipv6=false
4 | smtp_accept_max=5000
5 | smtp_accept_queue_per_connection=25
6 |
--------------------------------------------------------------------------------
/exim/filter_exim_logs.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # This script finds emails in the exim logs that come from subdomains and Google servers. No reason.
3 |
4 | LOG_FILE="/var/log/exim/mainlog"
5 | SUBDOMAIN_PATTERN="[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,6}"
6 | GOOGLE_SERVER_PATTERN="H=[a-zA-Z0-9.-]+\.google\.com"
7 | IGNORE_PATTERN="bounces.google.com"
8 |
9 | rm -f /var/log/exim/filtered_log_entries.txt
10 |
11 | if [ ! -f "$LOG_FILE" ]; then
12 | echo "Log file not found: $LOG_FILE"
13 | exit 1
14 | fi
15 |
16 | grep -E "$SUBDOMAIN_PATTERN" "$LOG_FILE" | grep -E "$GOOGLE_SERVER_PATTERN" | grep -v "$IGNORE_PATTERN" | while read -r line ; do
17 | sender=$(echo "$line" | grep -oP '(?<=<= )[^\s]+')
18 | domain=$(echo "$sender" | awk -F'@' '{print $2}')
19 | if [[ $domain == *.*.* ]]; then
20 | echo "$line" >> /var/log/exim/filtered_log_entries.txt
21 | fi
22 | done
23 |
24 | if [ -s filtered_log_entries.txt ]; then
25 | echo "Filtered log entries saved to filtered_log_entries.txt:"
26 | cat filtered_log_entries.txt
27 | else
28 | echo "No matching log entries found."
29 | fi
30 |
--------------------------------------------------------------------------------
/exim/fixqueue.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Problem statement:
4 | # When the filter server rejects enough emails, exim thinks the filter server is down and stops trying to send mail to it until retry time.
5 | #
6 | # Temporary solution:
7 | # Find when exim has done this and force a queue run
8 |
9 | # Set the time limit to 15 minutes ago
10 | time_limit=$(date +%s --date='15 minutes ago')
11 |
12 | # Search the exim log for "filtergroup" and only show entries from the last 15 minutes
13 | matches=$(grep -a "filtergroup" /var/log/exim/mainlog | while read line ; do
14 | timestamp=$(echo $line | awk '{print $1,$2}' | xargs -I {} date -d {} +%s)
15 | if [ $timestamp -ge $time_limit ]; then
16 | echo $line
17 | fi
18 | done)
19 |
20 | # check if matches are found
21 | if [ -z "$matches" ]; then
22 | echo "Exim needs a kick. Forcing queue run."
23 | before_count=$(exim -bpc)
24 | current_time=$(date +"%Y-%m-%d %T")
25 | sh /root/da_server_updates/runqueue.sh
26 | after_count=$(exim -bpc)
27 | echo "Script run at $current_time. Emails: $((after_count - before_count))" >> /root/fixqueue_logs
28 | else
29 | echo "Exim is working fine right now."
30 | fi
31 |
--------------------------------------------------------------------------------
/exim/gather_invalids.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | rm -f /var/log/exim/spam_recipient_staging
3 | for i in $(grep -a "Recipient address rejected: Domain not found" /var/log/exim/mainlog | grep -v "cuoly.com" | grep -v "askjdmiller.com" | awk '{print $3}' | sort | uniq)
4 | do
5 | for a in $(grep -a $i /var/log/exim/mainlog | grep "Domain not found" | grep -v "cuoly.com" | grep -v "askjdmiller.com" | awk -F'==' '{print $2}' | awk '{print $1}' | awk -F'@' '{print $2}' | sort | uniq)
6 | do
7 | echo "$a" >> /var/log/exim/spam_recipient_staging
8 | for i in $(exim -bp | grep -v "D " | grep $a -B 1 | awk '{print $3}'); do exim -Mg $i; done
9 | done
10 | done
11 |
--------------------------------------------------------------------------------
/exim/move_mxrbl_to_sa.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Adapting to kill off RBLs outside of SA entirely
4 | unlink /etc/virtual/use_rbl_domains
5 | touch /etc/virtual/use_rbl_domains
6 | chown mail. /etc/virtual/use_rbl_domains
7 | chmod 0644 /etc/virtual/use_rbl_domains
8 |
9 | # The original version of this script, still helpful for processing the above
10 | rm -f /etc/exim.strings.conf.custom
11 | cp /root/da_server_updates/exim/exim.strings.conf.custom /etc
12 | killall -9 exim
13 | systemctl restart exim
14 | systemctl status exim | grep Active:
15 |
--------------------------------------------------------------------------------
/exim/ovhranges:
--------------------------------------------------------------------------------
1 | 2.57.18.0/24
2 | 2.57.18.0/24
3 | 5.39.0.0/17
4 | 5.135.0.0/16
5 | 5.144.181.0/24
6 | 5.144.182.0/24
7 | 5.196.0.0/16
8 | 8.7.244.0/24
9 | 8.7.244.0/24
10 | 8.18.128.0/24
11 | 8.18.128.0/24
12 | 8.18.136.0/21
13 | 8.18.136.0/21
14 | 8.18.172.0/24
15 | 8.18.172.0/24
16 | 8.20.110.0/24
17 | 8.20.110.0/24
18 | 8.21.41.0/24
19 | 8.21.41.0/24
20 | 8.24.8.0/21
21 | 8.24.8.0/21
22 | 8.26.94.0/24
23 | 8.26.94.0/24
24 | 8.29.224.0/24
25 | 8.29.224.0/24
26 | 8.30.208.0/21
27 | 8.30.208.0/21
28 | 8.33.96.0/21
29 | 8.33.96.0/21
30 | 8.33.128.0/21
31 | 8.33.128.0/21
32 | 8.33.136.0/24
33 | 8.33.136.0/24
34 | 8.33.137.0/24
35 | 8.33.137.0/24
36 | 14.102.231.0/24
37 | 14.102.231.0/24
38 | 15.204.0.0/17
39 | 15.204.128.0/17
40 | 15.235.0.0/17
41 | 15.235.128.0/17
42 | 23.92.224.0/19
43 | 23.92.224.0/19
44 | 23.95.142.0/24
45 | 23.95.142.0/24
46 | 23.137.200.0/24
47 | 23.151.184.0/24
48 | 23.156.24.0/24
49 | 23.156.25.0/24
50 | 23.174.168.0/24
51 | 31.6.62.0/24
52 | 31.6.62.0/24
53 | 31.24.253.0/24
54 | 31.24.253.0/24
55 | 31.41.37.0/24
56 | 31.56.52.0/22
57 | 31.56.52.0/22
58 | 31.57.196.0/24
59 | 31.57.196.0/24
60 | 31.57.197.0/24
61 | 31.57.197.0/24
62 | 31.57.199.0/24
63 | 31.57.199.0/24
64 | 31.57.238.0/24
65 | 31.57.238.0/24
66 | 31.58.150.0/24
67 | 31.58.150.0/24
68 | 37.1.224.0/24
69 | 37.1.224.0/24
70 | 37.1.225.0/24
71 | 37.1.225.0/24
72 | 37.1.226.0/24
73 | 37.1.226.0/24
74 | 37.1.227.0/24
75 | 37.1.227.0/24
76 | 37.59.0.0/16
77 | 37.60.48.0/21
78 | 37.60.56.0/21
79 | 37.139.130.0/24
80 | 37.187.0.0/16
81 | 37.202.192.0/24
82 | 37.202.192.0/24
83 | 37.202.194.0/24
84 | 37.202.194.0/24
85 | 37.230.60.0/24
86 | 37.230.60.0/24
87 | 40.160.0.0/17
88 | 40.160.224.0/24
89 | 40.160.226.0/24
90 | 40.160.228.0/24
91 | 40.160.230.0/24
92 | 40.160.232.0/24
93 | 40.160.234.0/24
94 | 40.160.236.0/24
95 | 40.160.238.0/24
96 | 40.160.240.0/24
97 | 43.226.0.0/23
98 | 44.32.101.0/24
99 | 45.9.120.0/24
100 | 45.12.185.0/24
101 | 45.12.185.0/24
102 | 45.66.83.0/24
103 | 45.81.112.0/24
104 | 45.81.112.0/24
105 | 45.88.10.0/24
106 | 45.88.10.0/24
107 | 45.92.60.0/22
108 | 45.94.49.0/24
109 | 45.94.50.0/24
110 | 45.94.51.0/24
111 | 45.95.83.0/24
112 | 45.95.83.0/24
113 | 45.95.207.0/24
114 | 45.95.207.0/24
115 | 45.112.195.0/24
116 | 45.132.99.0/24
117 | 45.132.99.0/24
118 | 45.140.208.0/24
119 | 45.140.208.0/24
120 | 45.149.243.0/24
121 | 45.151.45.0/24
122 | 45.151.45.0/24
123 | 45.155.254.0/24
124 | 45.155.254.0/24
125 | 46.17.217.0/24
126 | 46.28.236.0/24
127 | 46.37.99.0/24
128 | 46.37.99.0/24
129 | 46.105.0.0/16
130 | 46.105.198.0/24
131 | 46.105.199.0/24
132 | 46.105.200.0/24
133 | 46.105.201.0/24
134 | 46.105.202.0/24
135 | 46.105.203.0/24
136 | 46.105.204.0/24
137 | 46.105.206.0/24
138 | 46.105.207.0/24
139 | 46.244.32.0/20
140 | 50.20.252.0/24
141 | 51.38.0.0/16
142 | 51.68.0.0/16
143 | 51.75.0.0/16
144 | 51.77.0.0/16
145 | 51.79.0.0/17
146 | 51.79.128.0/17
147 | 51.81.0.0/17
148 | 51.81.128.0/17
149 | 51.83.0.0/16
150 | 51.89.0.0/16
151 | 51.91.0.0/16
152 | 51.161.0.0/17
153 | 51.161.128.0/17
154 | 51.178.0.0/16
155 | 51.195.0.0/16
156 | 51.210.0.0/16
157 | 51.222.0.0/16
158 | 51.254.0.0/15
159 | 54.36.0.0/16
160 | 54.37.0.0/16
161 | 54.38.0.0/16
162 | 54.39.0.0/16
163 | 54.39.0.0/16
164 | 57.128.0.0/17
165 | 57.128.128.0/18
166 | 57.128.192.0/18
167 | 57.129.0.0/17
168 | 57.129.128.0/17
169 | 57.130.0.0/16
170 | 62.72.191.0/24
171 | 62.72.191.0/24
172 | 62.122.126.0/24
173 | 62.171.228.0/24
174 | 62.171.228.0/24
175 | 62.171.229.0/24
176 | 62.171.229.0/24
177 | 62.171.230.0/24
178 | 62.171.230.0/24
179 | 62.171.231.0/24
180 | 62.171.231.0/24
181 | 62.171.248.0/24
182 | 62.171.248.0/24
183 | 62.171.249.0/24
184 | 62.171.249.0/24
185 | 62.171.250.0/24
186 | 62.171.250.0/24
187 | 62.171.251.0/24
188 | 62.171.251.0/24
189 | 63.251.117.0/24
190 | 64.94.92.0/23
191 | 64.95.150.0/23
192 | 64.225.244.0/23
193 | 65.110.47.0/24
194 | 66.70.128.0/17
195 | 66.70.128.0/17
196 | 66.179.22.0/24
197 | 66.179.218.0/23
198 | 69.72.31.0/24
199 | 72.251.0.0/17
200 | 77.81.138.0/24
201 | 77.81.138.0/24
202 | 79.110.61.0/24
203 | 79.137.0.0/17
204 | 80.71.226.0/24
205 | 80.87.206.0/24
206 | 81.21.5.0/24
207 | 81.21.5.0/24
208 | 81.21.6.0/24
209 | 81.21.6.0/24
210 | 81.21.7.0/24
211 | 81.21.7.0/24
212 | 81.168.122.0/24
213 | 81.199.28.0/24
214 | 81.199.29.0/24
215 | 81.199.29.0/24
216 | 82.117.230.0/23
217 | 82.152.98.0/24
218 | 82.152.98.0/24
219 | 82.152.131.0/24
220 | 82.153.205.0/24
221 | 82.153.205.0/24
222 | 82.153.222.0/24
223 | 82.153.243.0/24
224 | 83.136.212.0/24
225 | 83.136.212.0/24
226 | 83.136.214.0/23
227 | 83.143.16.0/21
228 | 83.219.98.0/24
229 | 83.219.98.0/24
230 | 84.32.9.0/24
231 | 84.32.9.0/24
232 | 85.208.10.0/24
233 | 85.208.10.0/24
234 | 85.217.144.0/23
235 | 86.38.156.0/24
236 | 86.38.156.0/24
237 | 86.110.44.0/24
238 | 86.110.44.0/24
239 | 86.110.46.0/24
240 | 86.110.46.0/24
241 | 86.110.56.0/24
242 | 86.110.56.0/24
243 | 86.110.63.0/24
244 | 86.110.63.0/24
245 | 87.98.128.0/17
246 | 87.229.31.0/24
247 | 87.229.97.0/24
248 | 88.209.194.0/24
249 | 88.209.194.0/24
250 | 88.209.211.0/24
251 | 88.209.211.0/24
252 | 88.218.34.0/24
253 | 89.21.85.0/24
254 | 89.21.85.0/24
255 | 89.23.82.0/24
256 | 89.39.120.0/24
257 | 89.116.237.0/24
258 | 89.116.237.0/24
259 | 89.117.87.0/24
260 | 89.117.87.0/24
261 | 89.150.49.0/24
262 | 89.150.49.0/24
263 | 89.213.50.0/24
264 | 89.249.201.0/24
265 | 89.249.201.0/24
266 | 89.251.22.0/24
267 | 89.251.22.0/24
268 | 91.90.88.0/21
269 | 91.90.88.0/24
270 | 91.90.89.0/24
271 | 91.90.90.0/24
272 | 91.90.91.0/24
273 | 91.90.92.0/24
274 | 91.90.93.0/24
275 | 91.90.94.0/24
276 | 91.90.95.0/24
277 | 91.102.167.0/24
278 | 91.121.0.0/16
279 | 91.134.0.0/16
280 | 91.194.210.0/23
281 | 91.198.19.0/24
282 | 91.199.32.0/24
283 | 91.199.32.0/24
284 | 91.199.163.0/24
285 | 91.199.163.0/24
286 | 91.209.40.0/24
287 | 91.209.40.0/24
288 | 91.222.0.0/22
289 | 91.222.0.0/24
290 | 91.222.1.0/24
291 | 91.222.2.0/24
292 | 91.222.3.0/24
293 | 91.224.117.0/24
294 | 91.225.128.0/22
295 | 91.246.38.0/24
296 | 92.52.219.0/24
297 | 92.52.219.0/24
298 | 92.118.20.0/22
299 | 92.118.162.0/24
300 | 92.222.0.0/16
301 | 92.246.224.0/19
302 | 93.114.69.0/24
303 | 94.23.0.0/16
304 | 95.128.156.0/24
305 | 95.128.156.0/24
306 | 95.131.32.0/24
307 | 95.214.173.0/24
308 | 95.214.173.0/24
309 | 103.5.12.0/22
310 | 103.5.12.0/22
311 | 103.102.231.0/24
312 | 103.141.69.0/24
313 | 103.141.69.0/24
314 | 104.167.16.0/24
315 | 104.225.253.0/24
316 | 104.234.50.0/24
317 | 104.234.50.0/24
318 | 107.189.64.0/18
319 | 107.189.64.0/18
320 | 108.165.220.0/24
321 | 108.165.220.0/24
322 | 109.110.160.0/24
323 | 109.110.160.0/24
324 | 109.110.184.0/24
325 | 109.110.184.0/24
326 | 109.176.230.0/24
327 | 109.176.244.0/24
328 | 109.176.244.0/24
329 | 114.129.44.0/24
330 | 116.206.98.0/24
331 | 116.206.98.0/24
332 | 117.18.104.0/24
333 | 123.100.227.0/24
334 | 135.125.0.0/17
335 | 135.125.128.0/17
336 | 135.148.0.0/17
337 | 135.148.128.0/17
338 | 136.0.175.0/24
339 | 137.74.0.0/16
340 | 137.83.50.0/24
341 | 139.99.0.0/17
342 | 139.99.0.0/17
343 | 139.99.128.0/17
344 | 139.99.128.0/17
345 | 140.233.184.0/24
346 | 140.233.184.0/24
347 | 141.11.40.0/24
348 | 141.11.40.0/24
349 | 141.94.0.0/15
350 | 141.94.0.0/16
351 | 141.95.0.0/17
352 | 141.95.128.0/17
353 | 141.193.228.0/24
354 | 141.193.228.0/24
355 | 141.227.128.0/24
356 | 141.227.130.0/24
357 | 141.227.132.0/24
358 | 141.227.134.0/24
359 | 141.227.136.0/24
360 | 141.227.137.0/24
361 | 141.227.138.0/24
362 | 141.227.140.0/24
363 | 141.227.142.0/24
364 | 141.227.160.0/24
365 | 141.227.164.0/24
366 | 142.4.192.0/19
367 | 142.4.192.0/19
368 | 142.44.128.0/17
369 | 142.44.128.0/17
370 | 142.44.140.0/24
371 | 144.2.32.0/19
372 | 144.172.73.0/24
373 | 144.217.0.0/16
374 | 144.217.0.0/16
375 | 145.239.0.0/16
376 | 146.19.9.0/24
377 | 146.19.9.0/24
378 | 146.59.0.0/16
379 | 146.59.0.0/17
380 | 146.103.49.0/24
381 | 146.103.49.0/24
382 | 147.78.102.0/24
383 | 147.78.102.0/24
384 | 147.79.31.0/24
385 | 147.79.31.0/24
386 | 147.135.0.0/17
387 | 147.135.0.0/17
388 | 147.135.128.0/17
389 | 148.113.0.0/18
390 | 148.113.64.0/18
391 | 148.113.128.0/17
392 | 148.135.153.0/24
393 | 148.135.153.0/24
394 | 148.135.154.0/24
395 | 148.135.154.0/24
396 | 148.135.255.0/24
397 | 148.135.255.0/24
398 | 148.222.40.0/22
399 | 149.56.0.0/16
400 | 149.56.0.0/16
401 | 149.202.0.0/16
402 | 150.241.121.0/24
403 | 151.80.0.0/16
404 | 152.89.250.0/24
405 | 152.89.250.0/24
406 | 152.228.128.0/17
407 | 156.232.89.0/24
408 | 156.232.89.0/24
409 | 157.254.155.0/24
410 | 157.254.155.0/24
411 | 158.69.0.0/16
412 | 158.69.0.0/16
413 | 159.253.1.0/24
414 | 159.253.1.0/24
415 | 159.253.6.0/24
416 | 159.253.6.0/24
417 | 162.19.0.0/17
418 | 162.19.128.0/17
419 | 163.5.34.0/24
420 | 163.5.34.0/24
421 | 163.5.46.0/24
422 | 163.5.46.0/24
423 | 163.5.118.0/24
424 | 163.5.118.0/24
425 | 163.5.119.0/24
426 | 163.5.119.0/24
427 | 163.5.144.0/24
428 | 163.5.144.0/24
429 | 163.5.158.0/24
430 | 163.5.158.0/24
431 | 163.5.162.0/24
432 | 163.5.162.0/24
433 | 163.5.173.0/24
434 | 163.5.173.0/24
435 | 163.5.179.0/24
436 | 163.5.179.0/24
437 | 163.5.187.0/24
438 | 163.5.211.0/24
439 | 163.5.211.0/24
440 | 163.5.221.0/24
441 | 163.5.221.0/24
442 | 163.5.230.0/24
443 | 163.5.230.0/24
444 | 163.5.245.0/24
445 | 163.5.245.0/24
446 | 163.5.247.0/24
447 | 163.5.247.0/24
448 | 164.132.0.0/16
449 | 164.153.166.0/24
450 | 164.153.186.0/24
451 | 167.114.0.0/17
452 | 167.114.0.0/17
453 | 167.114.128.0/18
454 | 167.114.128.0/18
455 | 167.114.192.0/19
456 | 167.114.192.0/19
457 | 167.114.224.0/19
458 | 167.114.224.0/19
459 | 167.234.38.0/24
460 | 167.253.62.0/24
461 | 168.245.146.0/24
462 | 168.245.185.0/24
463 | 172.83.201.0/24
464 | 174.35.13.0/24
465 | 176.31.0.0/16
466 | 176.57.51.0/24
467 | 176.57.51.0/24
468 | 176.57.52.0/24
469 | 176.57.52.0/24
470 | 178.32.0.0/15
471 | 178.215.227.0/24
472 | 178.215.227.0/24
473 | 178.236.237.0/24
474 | 180.131.145.0/24
475 | 180.131.145.0/24
476 | 181.215.3.0/24
477 | 181.215.3.0/24
478 | 184.174.96.0/24
479 | 184.174.96.0/24
480 | 184.174.97.0/24
481 | 184.174.97.0/24
482 | 185.12.32.0/23
483 | 185.14.236.0/24
484 | 185.14.236.0/24
485 | 185.15.68.0/22
486 | 185.21.253.0/24
487 | 185.23.237.0/24
488 | 185.25.93.0/24
489 | 185.33.26.0/24
490 | 185.33.26.0/24
491 | 185.45.160.0/22
492 | 185.68.137.0/24
493 | 185.100.214.0/24
494 | 185.100.214.0/24
495 | 185.101.104.0/24
496 | 185.101.104.0/24
497 | 185.113.249.0/24
498 | 185.127.28.0/24
499 | 185.129.220.0/24
500 | 185.129.221.0/24
501 | 185.129.222.0/24
502 | 185.129.223.0/24
503 | 185.135.188.0/24
504 | 185.157.51.0/24
505 | 185.157.51.0/24
506 | 185.162.176.0/24
507 | 185.162.176.0/24
508 | 185.167.232.0/24
509 | 185.167.232.0/24
510 | 185.167.234.0/24
511 | 185.167.234.0/24
512 | 185.212.113.0/24
513 | 185.212.113.0/24
514 | 185.223.80.0/24
515 | 185.223.80.0/24
516 | 185.225.74.0/23
517 | 185.226.181.0/24
518 | 185.226.181.0/24
519 | 185.228.207.0/24
520 | 185.241.51.0/24
521 | 185.250.26.0/24
522 | 185.250.26.0/24
523 | 185.250.27.0/24
524 | 185.250.27.0/24
525 | 185.255.28.0/24
526 | 188.68.164.0/22
527 | 188.95.69.0/24
528 | 188.164.156.0/24
529 | 188.164.156.0/24
530 | 188.165.0.0/16
531 | 188.241.192.0/24
532 | 191.96.153.0/24
533 | 191.96.153.0/24
534 | 191.101.177.0/24
535 | 191.101.177.0/24
536 | 191.101.223.0/24
537 | 192.31.246.0/24
538 | 192.31.246.0/24
539 | 192.70.246.0/23
540 | 192.82.115.0/24
541 | 192.82.115.0/24
542 | 192.95.0.0/18
543 | 192.95.0.0/18
544 | 192.99.0.0/16
545 | 192.99.0.0/16
546 | 192.99.65.0/24
547 | 192.124.170.0/24
548 | 192.152.126.0/24
549 | 192.228.116.0/24
550 | 192.228.116.0/24
551 | 192.240.152.0/21
552 | 192.240.152.0/21
553 | 193.3.20.0/24
554 | 193.3.20.0/24
555 | 193.17.91.0/24
556 | 193.17.91.0/24
557 | 193.33.176.0/23
558 | 193.35.18.0/24
559 | 193.35.18.0/24
560 | 193.43.104.0/24
561 | 193.43.138.0/24
562 | 193.43.138.0/24
563 | 193.57.33.0/24
564 | 193.70.0.0/17
565 | 193.104.19.0/24
566 | 193.104.19.0/25
567 | 193.149.28.0/22
568 | 193.228.138.0/24
569 | 193.243.147.0/24
570 | 194.36.32.0/24
571 | 194.36.32.0/24
572 | 194.36.33.0/24
573 | 194.36.33.0/24
574 | 194.59.183.0/24
575 | 194.61.44.0/24
576 | 194.61.45.0/24
577 | 194.76.36.0/23
578 | 194.76.173.0/24
579 | 194.76.173.0/24
580 | 194.99.156.0/24
581 | 194.99.156.0/24
582 | 194.147.159.0/24
583 | 194.164.230.0/24
584 | 194.169.48.0/24
585 | 194.169.48.0/24
586 | 195.62.72.0/23
587 | 195.66.30.0/24
588 | 195.66.31.0/24
589 | 195.189.58.0/23
590 | 195.206.242.0/24
591 | 195.206.242.0/24
592 | 198.27.64.0/18
593 | 198.27.64.0/18
594 | 198.27.92.0/24
595 | 198.49.103.0/24
596 | 198.50.128.0/17
597 | 198.50.128.0/17
598 | 198.100.144.0/20
599 | 198.100.144.0/20
600 | 198.101.27.0/24
601 | 198.244.128.0/17
602 | 198.245.48.0/20
603 | 198.245.48.0/20
604 | 199.48.178.0/24
605 | 199.48.178.0/24
606 | 199.193.138.0/24
607 | 199.195.140.0/23
608 | 202.2.60.0/22
609 | 203.5.184.0/24
610 | 203.27.201.0/24
611 | 205.218.49.0/24
612 | 206.168.95.0/24
613 | 206.168.174.0/24
614 | 206.168.175.0/24
615 | 206.206.126.0/24
616 | 206.206.126.0/24
617 | 207.166.205.0/24
618 | 207.166.206.0/24
619 | 209.71.36.0/24
620 | 209.112.80.0/22
621 | 209.126.71.0/24
622 | 209.151.124.0/24
623 | 209.151.126.0/24
624 | 212.81.45.0/24
625 | 212.81.45.0/24
626 | 212.87.200.0/24
627 | 212.87.200.0/24
628 | 212.115.41.0/24
629 | 212.116.240.0/24
630 | 212.116.240.0/24
631 | 212.116.241.0/24
632 | 212.116.241.0/24
633 | 212.192.253.0/24
634 | 213.32.0.0/17
635 | 213.186.32.0/19
636 | 213.218.234.0/24
637 | 213.218.234.0/24
638 | 213.218.238.0/24
639 | 213.218.238.0/24
640 | 213.251.128.0/18
641 | 216.32.192.0/24
642 | 216.32.194.0/24
643 | 216.32.213.0/24
644 | 216.32.216.0/24
645 | 216.32.218.0/24
646 | 216.32.220.0/24
647 | 216.87.50.0/24
648 | 216.183.120.0/24
649 | 216.203.15.0/24
650 | 217.11.174.0/24
651 | 217.145.68.0/24
652 | 217.145.68.0/24
653 | 217.177.32.0/24
654 | 217.177.32.0/24
655 | 217.177.35.0/24
656 | 217.177.35.0/24
657 | 217.177.75.0/24
658 | 217.177.75.0/24
659 | 217.180.12.0/24
660 | 217.180.12.0/24
661 | 217.180.13.0/24
662 | 217.180.13.0/24
663 | 217.180.14.0/24
664 | 217.180.14.0/24
665 | 217.180.16.0/24
666 | 217.180.16.0/24
667 | 217.180.17.0/24
668 | 217.180.17.0/24
669 | 217.180.18.0/24
670 | 217.180.18.0/24
671 | 217.180.19.0/24
672 | 217.180.19.0/24
673 | 217.180.20.0/24
674 | 217.180.20.0/24
675 | 217.180.38.0/24
676 | 217.180.38.0/24
677 | 217.180.45.0/24
678 | 217.180.45.0/24
679 | 217.180.58.0/24
680 | 217.180.58.0/24
681 | 217.180.59.0/24
682 | 217.180.59.0/24
683 | 217.180.61.0/24
684 | 217.180.61.0/24
685 | 217.182.0.0/16
686 |
--------------------------------------------------------------------------------
/exim/quotamitigation.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | grep "mailbox for user is full" /var/log/exim/mainlog | awk -F'TO:' '{print $2}' | awk '{print $1}' | sed 's/://' | sort | uniq -c | sort -n | tail -25 | awk '{print $2}' >> /etc/overquota
4 |
--------------------------------------------------------------------------------
/exim/spoofcheck.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # File containing the log
4 | LOG_FILE="/var/log/exim/mainlog"
5 |
6 | # File containing whitelisted login addresses.
7 | # These are trusted logins that are expected to spoof senders and already monitored through other processes.
8 | WHITELIST_FILE="/var/log/exim/whitelist.txt"
9 |
10 | # Output log file
11 | OUTPUT_LOG="/var/log/exim/sender_audit.log"
12 |
13 | # Minimum number of unique sender addresses to flag
14 | MIN_SENDER_ADDRESSES=2
15 |
16 | # Clear the previous log
17 | find /var/log/exim -name sender_audit.log -delete
18 |
19 | # Check if whitelist file exists, create if it doesn't
20 | if [ ! -f "$WHITELIST_FILE" ]; then
21 | echo "Whitelist file not found. Creating an empty whitelist file."
22 | touch "$WHITELIST_FILE"
23 | fi
24 |
25 | # Function to get domain from email address
26 | get_domain() {
27 | echo "$1" | awk -F'@' '{print $2}'
28 | }
29 |
30 | # Get unique login addresses, excluding whitelisted ones
31 | login_addresses=$(grep -a -E '(login:|plain:)' "$LOG_FILE" | awk -F'in:' '{print $2}' | awk '{print $1}' | sort | uniq | grep -vf "$WHITELIST_FILE")
32 |
33 | # Function to get sender addresses for a given login, excluding those with matching domains
34 | get_sender_addresses() {
35 | local login="$1"
36 | local login_domain=$(get_domain "$login")
37 | grep -a "in:$login" "$LOG_FILE" | awk -F'<=' '{print $2}' | awk '{print $1}' | sort | uniq | while read -r sender; do
38 | sender_domain=$(get_domain "$sender")
39 | if [ "$sender_domain" != "$login_domain" ]; then
40 | echo "$sender"
41 | fi
42 | done
43 | }
44 |
45 | # Process each login address and write results to the output log
46 | {
47 | echo "SMTP Sender Audit Log - $(date)"
48 | echo "=================================="
49 |
50 | while IFS= read -r login; do
51 | sender_addresses=$(get_sender_addresses "$login")
52 | sender_count=$(echo "$sender_addresses" | wc -l)
53 |
54 | if [ "$sender_count" -ge "$MIN_SENDER_ADDRESSES" ]; then
55 | echo -n "User $login sent mail as: "
56 | echo "$sender_addresses" | tr '\n' ',' | sed 's/,$//' | sed 's/,/, /g'
57 | echo " (Total: $sender_count)"
58 | fi
59 | done <<< "$login_addresses"
60 |
61 | echo "=================================="
62 | } >> "$OUTPUT_LOG"
63 |
--------------------------------------------------------------------------------
/exim/system_filter.exim:
--------------------------------------------------------------------------------
1 | # Exim filter
2 | #VERSION=1.3
3 | ## Version: 0.17e
4 | # $Id: system_filter.exim,v 1.11 2001/09/19 11:27:56 nigel Exp $
5 | # Altered for MXroute systems
6 |
7 | ## Exim system filter to refuse potentially harmful payloads in
8 | ## mail messages
9 | ## (c) 2000-2001 Nigel Metheringham
10 | ##
11 | ## This program is free software; you can redistribute it and/or modify
12 | ## it under the terms of the GNU General Public License as published by
13 | ## the Free Software Foundation; either version 2 of the License, or
14 | ## (at your option) any later version.
15 | ##
16 | ## This program is distributed in the hope that it will be useful,
17 | ## but WITHOUT ANY WARRANTY; without even the implied warranty of
18 | ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 | ## GNU General Public License for more details.
20 | ##
21 | ## You should have received a copy of the GNU General Public License
22 | ## along with this program; if not, write to the Free Software
23 | ## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24 | ## -A copy of the GNU General Public License is distributed with exim itself
25 |
26 |
27 | ## -----------------------------------------------------------------------
28 | # Only run any of this stuff on the first pass through the
29 | # filter - this is an optomisation for messages that get
30 | # queued and have several delivery attempts
31 | #
32 | # we express this in reverse so we can just bail out
33 | # on inappropriate messages
34 | #
35 | if not first_delivery
36 | then
37 | finish
38 | endif
39 |
40 | ## -----------------------------------------------------------------------
41 | # Check for MS buffer overruns as per BUGTRAQ.
42 | # http://www.securityfocus.com/frames/?content=/templates/article.html%3Fid%3D61
43 | # This could happen in error messages, hence its placing
44 | # here...
45 | # We substract the first n characters of the date header
46 | # and test if its the same as the date header... which
47 | # is a lousy way of checking if the date is longer than
48 | # n chars long
49 | if ${length_80:$header_date:} is not $header_date:
50 | then
51 | seen finish
52 | endif
53 |
54 | ## -----------------------------------------------------------------------
55 | # These messages are now being sent with a <> envelope sender, but
56 | # blocking all error messages that pattern match prevents
57 | # bounces getting back.... so we fudge it somewhat and check for known
58 | # header signatures. Other bounces are allowed through.
59 | if $header_from: contains "@sexyfun.net"
60 | then
61 | seen finish
62 | endif
63 | if error_message and $header_from: contains "Mailer-Daemon@"
64 | then
65 | # looks like a real error message - just ignore it
66 | finish
67 | endif
68 |
69 | ## -----------------------------------------------------------------------
70 | # Look for single part MIME messages with suspicious name extensions
71 | # Check Content-Type header using quoted filename [content_type_quoted_fn_match]
72 | if $header_content-type: matches "(?:file)?name=\"([^\"]+\\\\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|sc[mrt]|shs|url|vb[se]?|ws[fhc]))\""
73 | then
74 | seen finish
75 | endif
76 | # same again using unquoted filename [content_type_unquoted_fn_match]
77 | if $header_content-type: matches "(?:file)?name=(\\\\S+\\\\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|sc[mrt]|shs|url|vb[se]?|ws[fhc])\")([\\\\s;]|\\$)"
78 | then
79 | seen finish
80 | endif
81 |
82 |
83 | ## -----------------------------------------------------------------------
84 | # Attempt to catch embedded VBS attachments
85 | # in emails. These were used as the basis for
86 | # the ILOVEYOU virus and its variants - many many varients
87 | # Quoted filename - [body_quoted_fn_match]
88 | if $message_body matches "(?:Content-(?:Type:(?>\\\\s*)[\\\\w-]+/[\\\\w-]+|Disposition:(?>\\\\s*)attachment);(?>\\\\s*)(?:file)?name=|begin(?>\\\\s+)[0-7]{3,4}(?>\\\\s+))\"([^\"]+\\\\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|sc[mrt]|shs|url|vb[se]?|ws[fhc])\")[\\\\s;]"
89 | then
90 | seen finish
91 | endif
92 | # same again using unquoted filename [body_unquoted_fn_match]
93 | if $message_body matches "(?:Content-(?:Type:(?>\\\\s*)[\\\\w-]+/[\\\\w-]+|Disposition:(?>\\\\s*)attachment);(?>\\\\s*)(?:file)?name=|begin(?>\\\\s+)[0-7]{3,4}(?>\\\\s+))(\\\\S+\\\\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|sc[mrt]|shs|url|vb[se]?|ws[fhc])\")[\\\\s;]"
94 | then
95 | seen finish
96 | endif
97 | ## -----------------------------------------------------------------------
98 |
99 | # Fudge to catch Klez virus (mal formed mime details, unquoted filename with spaces)
100 | #if $message_body matches "Content-Type:(?>\\\\s*)[\\\\w-]+/[\\\\w-]+;\\\\s*(?:name)=([^\" ]+ [^\"]*\\\\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|sc[mrt]|shs|url|vb[se]?|ws[fhc])\")[\\\\s;]"
101 | #then
102 | # seen finish
103 | #endif
104 |
105 |
106 | ## -----------------------------------------------------------------------
107 |
--------------------------------------------------------------------------------
/exim/toprecipient.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | grep -a "> for" /var/log/exim/mainlog | awk -F'> for' '{print $2}' | awk '{print $1}' | sort | uniq -c | sort -n | tail -1
4 |
--------------------------------------------------------------------------------
/exim/update_acls.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | rm -f /etc/spam_recipients
4 | cp /root/da_server_updates/exim/spam_recipients /etc
5 | rm -f /etc/exim.acl_check_recipient.pre.conf
6 | cp /root/da_server_updates/exim/exim.acl_check_recipient.pre.conf /etc
7 | rm -f /etc/exim.acl_check_message.pre.conf
8 | cp /root/da_server_updates/exim/exim.acl_check_message.pre.conf /etc
9 | killall -9 exim && systemctl restart exim
10 |
--------------------------------------------------------------------------------
/exim/update_exim.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Rebuild exim
4 |
5 | /usr/local/directadmin/custombuild/build update
6 | /usr/local/directadmin/custombuild/build exim
7 |
8 | # Refresh custom files with new copies
9 |
10 | rm -f /etc/exim.variables.conf.custom
11 | rm -f /etc/exim.easy_spam_fighter/variables.conf.custom
12 | #rm -f /etc/exim.strings.conf.custom
13 | cp /root/da_server_updates/exim/exim.variables.conf.custom /etc
14 | cp /root/da_server_updates/exim/easy/variables.conf.custom /etc/exim.easy_spam_fighter
15 | #cp /root/da_server_updates/exim/exim.strings.conf.custom /etc
16 |
17 | # Rebuild exim config
18 |
19 | /usr/local/directadmin/custombuild/build exim_conf
20 |
21 | # Add transport include
22 |
23 | rm -f /etc/exim.transports.pre.conf
24 | cp /root/da_server_updates/exim/exim.transports.pre.conf -P /etc
25 |
26 | # Add router include
27 |
28 | rm -f /etc/exim.routers.pre.conf
29 | cp /root/da_server_updates/exim/exim.routers.pre.conf -P /etc
30 |
31 | # Deploy custom exim.conf
32 |
33 | rm -f /etc/exim.conf.bak
34 | mv /etc/exim.conf /etc/exim.conf.bak
35 | cp /root/da_server_updates/exim/exim.conf /etc
36 |
37 | # Deploy custom exim filter
38 |
39 | rm -f /etc/system_filter.exim.bak
40 | mv /etc/system_filter.exim /etc/system_filter.exim.bak
41 | cp /root/da_server_updates/exim/system_filter.exim /etc
42 |
43 | # If we don't kill exim before restarting it we cause downtime, if we do we face the tiniest of risks. Least risky play is kill -9 + restart.
44 |
45 | killall -9 exim && systemctl restart exim
46 |
--------------------------------------------------------------------------------
/exim/update_spam_recipients.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | wget https://raw.githubusercontent.com/mxroute/da_server_updates/master/exim/spam_recipients -O /etc/spam_recipients
4 |
--------------------------------------------------------------------------------
/exim/warmup_sender_acl_deploy.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # The list being deployed here is not public, but this is to help identify spam warmup companies that make their way into MXroute again.
3 | # This in response to finding 3 customers who were running spam warmup systems and flying under the radar.
4 |
5 | cat >> /etc/exim.acl_check_recipient.pre.conf <" | awk '{print $3}'); do exim -Mrm $i ;done
11 |
--------------------------------------------------------------------------------
/misc/clean_unblockme.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | sort /etc/unblockme | uniq >> /etc/unblockme2
4 | rm -f /etc/unblockme
5 | mv /etc/unblockme2 /etc/unblockme
6 |
--------------------------------------------------------------------------------
/resolv.conf:
--------------------------------------------------------------------------------
1 | nameserver 8.8.8.8
2 | nameserver 9.9.9.9
3 | nameserver 208.67.222.222
4 | nameserver 8.8.4.4
5 | nameserver 1.1.1.1
6 | nameserver 208.67.220.220
7 |
--------------------------------------------------------------------------------
/resolvconf.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | unlink /etc/resolv.conf
4 | rm -f /etc/resolv.conf
5 | cp /root/da_server_updates/resolv.conf /etc
6 |
--------------------------------------------------------------------------------
/roundcube/managesieve/config.inc.php:
--------------------------------------------------------------------------------
1 | [
32 | // 'verify_peer' => true,
33 | // 'verify_depth' => 3,
34 | // 'cafile' => '/etc/openssl/certs/ca.crt',
35 | // ],
36 | // ];
37 | // Note: These can be also specified as an array of options indexed by hostname
38 | $config['managesieve_conn_options'] = null;
39 |
40 | // A file with default script content (e.g. spam filter)
41 | $config['managesieve_default'] = '/etc/dovecot/sieve/global';
42 |
43 | // The name of the script which will be used when there's no user script
44 | $config['managesieve_script_name'] = 'managesieve';
45 |
46 | // Sieve RFC says that we should use UTF-8 encoding for mailbox names,
47 | // but some implementations work with UTF7-IMAP encoding only.
48 | // Defaults to UTF7-IMAP
49 | $config['managesieve_mbox_encoding'] = 'UTF-8';
50 |
51 | // I need this because my dovecot (with listescape plugin) uses
52 | // ':' delimiter, but creates folders with dot delimiter
53 | $config['managesieve_replace_delimiter'] = '';
54 |
55 | // disabled sieve extensions (body, copy, date, editheader, encoded-character,
56 | // envelope, environment, ereject, fileinto, ihave, imap4flags, index,
57 | // mailbox, mboxmetadata, regex, reject, relational, servermetadata,
58 | // spamtest, spamtestplus, subaddress, vacation, variables, virustest, etc.
59 | // Note: not all extensions are implemented
60 | $config['managesieve_disabled_extensions'] = [];
61 |
62 | // Enables debugging of conversation with sieve server. Logs it into /sieve
63 | $config['managesieve_debug'] = false;
64 |
65 | // Enables features described in http://wiki.kolab.org/KEP:14
66 | $config['managesieve_kolab_master'] = false;
67 |
68 | // Script name extension used for scripts including. Dovecot uses '.sieve',
69 | // Cyrus uses '.siv'. Doesn't matter if you have managesieve_kolab_master disabled.
70 | $config['managesieve_filename_extension'] = '.sieve';
71 |
72 | // List of reserved script names (without extension).
73 | // Scripts listed here will be not presented to the user.
74 | $config['managesieve_filename_exceptions'] = [];
75 |
76 | // List of domains limiting destination emails in redirect action
77 | // If not empty, user will need to select domain from a list
78 | $config['managesieve_domains'] = [];
79 |
80 | // Default list of entries in header selector
81 | $config['managesieve_default_headers'] = ['Subject', 'From', 'To'];
82 |
83 | // Enables separate management interface for vacation responses (out-of-office)
84 | // 0 - no separate section (default),
85 | // 1 - add Vacation section,
86 | // 2 - add Vacation section, but hide Filters section
87 | $config['managesieve_vacation'] = 1;
88 |
89 | // Enables separate management interface for setting forwards (redirect to and copy to)
90 | // 0 - no separate section (default),
91 | // 1 - add Forward section,
92 | // 2 - add Forward section, but hide Filters section
93 | $config['managesieve_forward'] = 0;
94 |
95 | // Default vacation interval (in days).
96 | // Note: If server supports vacation-seconds extension it is possible
97 | // to define interval in seconds here (as a string), e.g. "3600s".
98 | $config['managesieve_vacation_interval'] = 0;
99 |
100 | // Some servers require vacation :addresses to be filled with all
101 | // user addresses (aliases). This option enables automatic filling
102 | // of these on initial vacation form creation.
103 | $config['managesieve_vacation_addresses_init'] = false;
104 |
105 | // Sometimes you want to always reply with mail email address
106 | // This option enables automatic filling of :from field on initial vacation form creation.
107 | $config['managesieve_vacation_from_init'] = false;
108 |
109 | // Supported methods of notify extension. Default: 'mailto'
110 | $config['managesieve_notify_methods'] = ['mailto'];
111 |
112 | // Enables scripts RAW editor feature
113 | $config['managesieve_raw_editor'] = true;
114 |
115 | // Disabled actions. Prevents user from performing specific actions by disabling
116 | // the UI elements:
117 | // - list_sets,
118 | // Note: disabling list_sets removes the Filter sets widget from the UI and means
119 | // the set defined in managesieve_script_name will always be used (and activated)
120 | // - enable_disable_set,
121 | // - delete_set,
122 | // - new_set,
123 | // - download_set,
124 | // - new_filter,
125 | // - delete_filter,
126 | // - redirect: This one will remove 'redirect' option from the filter actions selector
127 | // Note: This will not remove it for redirect actions already existing in the script.
128 | // Note: This has no impact on the Forwarding UI
129 | $config['managesieve_disabled_actions'] = ['redirect'];
130 |
131 | // List of hosts that support managesieve.
132 | // Activate managesieve for selected hosts only. If this is not set all hosts are allowed.
133 | // Example: $config['managesieve_allowed_hosts'] = ['host1.mydomain.com', 'host2.mydomain.com'];
134 | $config['managesieve_allowed_hosts'] = null;
135 |
--------------------------------------------------------------------------------
/roundcube/update_roundcube.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Set Variables
4 |
5 | RCMYSQLPASS=$(grep "password" /var/www/html/roundcube/config/my.cnf | sed 's/password=//')
6 | RCPLUGINS=(persistent_login advanced_search)
7 |
8 | # Make backup
9 |
10 | rm -rf /root/temp/backups/roundcube
11 | mkdir -p /root/temp/backups/roundcube
12 | cp -R /var/www/html/roundcube /root/temp/backups/roundcube
13 |
14 | # Run update
15 |
16 | /usr/local/directadmin/custombuild/build roundcube
17 |
18 | # Set SSL Redirect
19 |
20 | if grep -q "RewriteCond" /var/www/html/roundcube/.htaccess
21 | then
22 | echo "Roundcube SSL redirect already in place."
23 | else
24 | sed -i '1 s/^/RewriteRule \(\.\*\) https\:\/\/\%\{HTTP_HOST\}\%\{REQUEST\_URI\} \[R\=301\,L\]\n/' /var/www/html/roundcube/.htaccess
25 | sed -i '1 s/^/RewriteCond \%\{HTTPS\} off\n/' /var/www/html/roundcube/.htaccess
26 | sed -i '1 s/^/RewriteEngine On\n/' /var/www/html/roundcube/.htaccess
27 | fi
28 |
29 | # Install persistent_login
30 |
31 | if [ -d "/var/www/html/roundcube/plugins/persistent_login" ]
32 | then
33 | echo "Persistent login already installed."
34 | else
35 | yum install git -y
36 | cd /var/www/html/roundcube/plugins
37 | git clone https://github.com/texxasrulez/persistent_login
38 | mv /var/www/html/roundcube/plugins/persistent_login/config.inc.php.dist /var/www/html/roundcube/plugins/persistent_login/config.inc.php
39 | chown -R webapps. /var/www/html/roundcube/plugins
40 | mysql -uda_roundcube -p"$RCMYSQLPASS" da_roundcube < /var/www/html/roundcube/plugins/persistent_login/SQL/mysql.initial.sql
41 | fi
42 |
43 | # Install advanced_search
44 |
45 | cd /var/www/html/roundcube/plugins
46 | git clone https://github.com/mxroute/advanced_search
47 | mv /var/www/html/roundcube/plugins/advanced_search/config.inc.php.dist /var/www/html/roundcube/plugins/advanced_search/config.inc.php
48 | chown -R webapps. /var/www/html/roundcube/plugins
49 |
50 | # Add plugins to config
51 |
52 | if grep -q ${RCPLUGINS[0]} /var/www/html/roundcube/config/config.inc.php
53 | then
54 | echo "Plugins already installed."
55 | else
56 | for i in ${RCPLUGINS[@]}
57 | do
58 | sed -i "s/managesieve',/managesieve',\n '$i',/g" /var/www/html/roundcube/config/config.inc.php
59 | echo "$i installed."
60 | done
61 | fi
62 |
63 | # Fix managesieve plugin config
64 | rm -f /var/www/html/roundcube/plugins/managesieve/config.inc.php
65 | cp /root/da_server_updates/roundcube/managesieve/config.inc.php /var/www/html/roundcube/plugins/managesieve
66 | chown webapps. /var/www/html/roundcube/plugins/managesieve/config.inc.php
67 |
68 | # Rate limit login attempts
69 | cat >> /var/www/html/roundcube/config/config.inc.php <<'EOF'
70 | $config['login_rate_limit'] = 4;
71 | EOF
72 |
73 | unset RCMYSQLPASS
74 | unset RCPLUGINS
75 |
--------------------------------------------------------------------------------
/runqueue.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | for i in $(exim -bp | awk '{print $3}'); do exim -M $i; done
4 |
--------------------------------------------------------------------------------
/sec/bfblock.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # This is a temporary aid to our brute force protection system as we work on modifying how the system works
3 |
4 | for i in $(grep "Incorrect authentication data" /var/log/exim/mainlog* | grep "2024-04-25" | awk -F'\\) \\[' '{print $2}' | awk '{print $1}' | sed 's/]://' | grep -v "159.69.116.204" | grep -v "5.161.52.248" | grep -v "127.0.0.1" | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | sort | uniq -c | sort -n | tail -100 | awk '{print $2}'); do ip route del blackhole $i; done
5 |
--------------------------------------------------------------------------------
/sec/botnet.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | for i in $(cat /root/da_server_updates/sec/botnet.list); do ip route add blackhole $i; done
4 |
--------------------------------------------------------------------------------
/sec/bruteforcetrends.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | for i in $(grep "authenticator failed for (USER)" /var/log/exim/mainlog | awk '{print $8}' | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | sort | uniq); do ip route add blackhole $i; done
4 | for i in $(grep "authenticator failed for (ADMIN)" /var/log/exim/mainlog | awk '{print $8}' | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | sort | uniq); do ip route add blackhole $i; done
5 |
--------------------------------------------------------------------------------
/sec/check_google_blocks.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # Sometimes a Google IP slips into mitigation
3 | # and if Google is being abusive, we are required to bend over and take it
4 | # otherwise customers will be gone in 60 seconds.
5 | # This is to mitigate that possibility.
6 |
7 | for i in $(nmap -sL -n 209.85.128.0/17 | grep 'Nmap scan report for' | cut -f 5 -d ' '); do ip route del blackhole $i && csf -dr $i; done
8 | for i in $(nmap -sL -n 34.64.0.0/10 | grep 'Nmap scan report for' | cut -f 5 -d ' '); do ip route del blackhole $i && csf -dr $i; done
9 |
--------------------------------------------------------------------------------
/sec/check_mx.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Check if input file is given
4 | if [ -z "$1" ]; then
5 | echo "Please provide a file containing list of domains as input."
6 | exit 1
7 | fi
8 |
9 | # Create a temporary file for domains without MX records
10 | temp_file=$(mktemp)
11 |
12 | # Iterate through each domain in the input file
13 | while read -r domain; do
14 | # Use dig to check if the domain has MX record
15 | if dig +nocmd +noall +answer -t MX "$domain" "@8.8.8.8" | grep -q MX; then
16 | # Remove domain from input file
17 | echo "$domain has MX record. Removing from input file."
18 | else
19 | # Add domain to temporary file
20 | echo "$domain" >> "$temp_file"
21 | fi
22 | done < "$1"
23 |
24 | # Replace the input file with the temporary file
25 | mv "$temp_file" "$1"
26 |
--------------------------------------------------------------------------------
/sec/cleanblackholes.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | for i in $(ip route | grep blackhole | awk '{print $2}'); do ip route del blackhole $i; done
3 |
--------------------------------------------------------------------------------
/sec/csfadjust.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Step 1: Change LF_DISTSMTP to 0
4 | sed -i '/^LF_DISTSMTP =/c\LF_DISTSMTP = "0"' /etc/csf/csf.conf
5 |
6 | # Step 2: Restart CSF
7 | csf -r
8 |
9 | # Step 3: Unban any IPs caught in this rule
10 | for i in $(grep "distributed smtpauth" csf.deny | awk '{print $1}'); do csf -dr $i; done
11 |
--------------------------------------------------------------------------------
/sec/exim-blackhole.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Exit on error
4 | set -e
5 |
6 | # Check if running as root
7 | if [ "$EUID" -ne 0 ]; then
8 | echo "This script must be run as root to add ip routes"
9 | exit 1
10 | fi
11 |
12 | # Set up logging
13 | LOG_FILE="/var/log/exim-blackhole.log"
14 | exec 1> >(tee -a "$LOG_FILE")
15 | exec 2>&1
16 |
17 | echo "Starting Exim log monitor at $(date)"
18 |
19 | # Function to check if IP is already blackholed
20 | is_blackholed() {
21 | local ip=$1
22 | ip route show | grep -q "blackhole $ip"
23 | return $?
24 | }
25 |
26 | # Function to add IP to blackhole
27 | blackhole_ip() {
28 | local ip=$1
29 | if ! is_blackholed "$ip"; then
30 | ip route add blackhole "$ip"
31 | echo "$(date): Blackholed IP: $ip"
32 | fi
33 | }
34 |
35 | # Main processing loop
36 | tail -F /var/log/exim/mainlog | while read -r line; do
37 | if echo "$line" | grep -q "H=.*51.15.184" && echo "$line" | grep -q -E "(Relay not|Unauthenticated mail)"; then
38 | # Extract the real IP (the second IP in square brackets)
39 | ip=$(echo "$line" | grep -o '\[[0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+\]' | tail -n1 | tr -d '[]')
40 | if [[ -n "$ip" ]] && [[ $ip =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
41 | blackhole_ip "$ip"
42 | fi
43 | fi
44 | done
45 |
--------------------------------------------------------------------------------
/sec/facebook.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | for i in $(cat /root/da_server_updates/sec/facebook_ips);
4 | do ip route del blackhole $i;
5 | done
6 |
--------------------------------------------------------------------------------
/sec/facebook_ips:
--------------------------------------------------------------------------------
1 | 66.220.144.128
2 | 66.220.144.129
3 | 66.220.144.130
4 | 66.220.144.131
5 | 66.220.144.132
6 | 66.220.144.133
7 | 66.220.144.134
8 | 66.220.144.135
9 | 66.220.144.136
10 | 66.220.144.137
11 | 66.220.144.138
12 | 66.220.144.139
13 | 66.220.144.140
14 | 66.220.144.141
15 | 66.220.144.142
16 | 66.220.144.143
17 | 66.220.144.144
18 | 66.220.144.145
19 | 66.220.144.146
20 | 66.220.144.147
21 | 66.220.144.148
22 | 66.220.144.149
23 | 66.220.144.150
24 | 66.220.144.151
25 | 66.220.144.152
26 | 66.220.144.153
27 | 66.220.144.154
28 | 66.220.144.155
29 | 66.220.144.156
30 | 66.220.144.157
31 | 66.220.144.158
32 | 66.220.144.159
33 | 66.220.144.160
34 | 66.220.144.161
35 | 66.220.144.162
36 | 66.220.144.163
37 | 66.220.144.164
38 | 66.220.144.165
39 | 66.220.144.166
40 | 66.220.144.167
41 | 66.220.144.168
42 | 66.220.144.169
43 | 66.220.144.170
44 | 66.220.144.171
45 | 66.220.144.172
46 | 66.220.144.173
47 | 66.220.144.174
48 | 66.220.144.175
49 | 66.220.144.176
50 | 66.220.144.177
51 | 66.220.144.178
52 | 66.220.144.179
53 | 66.220.144.180
54 | 66.220.144.181
55 | 66.220.144.182
56 | 66.220.144.183
57 | 66.220.144.184
58 | 66.220.144.185
59 | 66.220.144.186
60 | 66.220.144.187
61 | 66.220.144.188
62 | 66.220.144.189
63 | 66.220.144.190
64 | 66.220.144.191
65 | 66.220.144.192
66 | 66.220.144.193
67 | 66.220.144.194
68 | 66.220.144.195
69 | 66.220.144.196
70 | 66.220.144.197
71 | 66.220.144.198
72 | 66.220.144.199
73 | 66.220.144.200
74 | 66.220.144.201
75 | 66.220.144.202
76 | 66.220.144.203
77 | 66.220.144.204
78 | 66.220.144.205
79 | 66.220.144.206
80 | 66.220.144.207
81 | 66.220.144.208
82 | 66.220.144.209
83 | 66.220.144.210
84 | 66.220.144.211
85 | 66.220.144.212
86 | 66.220.144.213
87 | 66.220.144.214
88 | 66.220.144.215
89 | 66.220.144.216
90 | 66.220.144.217
91 | 66.220.144.218
92 | 66.220.144.219
93 | 66.220.144.220
94 | 66.220.144.221
95 | 66.220.144.222
96 | 66.220.144.223
97 | 66.220.144.224
98 | 66.220.144.225
99 | 66.220.144.226
100 | 66.220.144.227
101 | 66.220.144.228
102 | 66.220.144.229
103 | 66.220.144.230
104 | 66.220.144.231
105 | 66.220.144.232
106 | 66.220.144.233
107 | 66.220.144.234
108 | 66.220.144.235
109 | 66.220.144.236
110 | 66.220.144.237
111 | 66.220.144.238
112 | 66.220.144.239
113 | 66.220.144.240
114 | 66.220.144.241
115 | 66.220.144.242
116 | 66.220.144.243
117 | 66.220.144.244
118 | 66.220.144.245
119 | 66.220.144.246
120 | 66.220.144.247
121 | 66.220.144.248
122 | 66.220.144.249
123 | 66.220.144.250
124 | 66.220.144.251
125 | 66.220.144.252
126 | 66.220.144.253
127 | 66.220.144.254
128 | 66.220.144.255
129 | 66.220.155.0
130 | 66.220.155.1
131 | 66.220.155.2
132 | 66.220.155.3
133 | 66.220.155.4
134 | 66.220.155.5
135 | 66.220.155.6
136 | 66.220.155.7
137 | 66.220.155.8
138 | 66.220.155.9
139 | 66.220.155.10
140 | 66.220.155.11
141 | 66.220.155.12
142 | 66.220.155.13
143 | 66.220.155.14
144 | 66.220.155.15
145 | 66.220.155.16
146 | 66.220.155.17
147 | 66.220.155.18
148 | 66.220.155.19
149 | 66.220.155.20
150 | 66.220.155.21
151 | 66.220.155.22
152 | 66.220.155.23
153 | 66.220.155.24
154 | 66.220.155.25
155 | 66.220.155.26
156 | 66.220.155.27
157 | 66.220.155.28
158 | 66.220.155.29
159 | 66.220.155.30
160 | 66.220.155.31
161 | 66.220.155.32
162 | 66.220.155.33
163 | 66.220.155.34
164 | 66.220.155.35
165 | 66.220.155.36
166 | 66.220.155.37
167 | 66.220.155.38
168 | 66.220.155.39
169 | 66.220.155.40
170 | 66.220.155.41
171 | 66.220.155.42
172 | 66.220.155.43
173 | 66.220.155.44
174 | 66.220.155.45
175 | 66.220.155.46
176 | 66.220.155.47
177 | 66.220.155.48
178 | 66.220.155.49
179 | 66.220.155.50
180 | 66.220.155.51
181 | 66.220.155.52
182 | 66.220.155.53
183 | 66.220.155.54
184 | 66.220.155.55
185 | 66.220.155.56
186 | 66.220.155.57
187 | 66.220.155.58
188 | 66.220.155.59
189 | 66.220.155.60
190 | 66.220.155.61
191 | 66.220.155.62
192 | 66.220.155.63
193 | 66.220.155.64
194 | 66.220.155.65
195 | 66.220.155.66
196 | 66.220.155.67
197 | 66.220.155.68
198 | 66.220.155.69
199 | 66.220.155.70
200 | 66.220.155.71
201 | 66.220.155.72
202 | 66.220.155.73
203 | 66.220.155.74
204 | 66.220.155.75
205 | 66.220.155.76
206 | 66.220.155.77
207 | 66.220.155.78
208 | 66.220.155.79
209 | 66.220.155.80
210 | 66.220.155.81
211 | 66.220.155.82
212 | 66.220.155.83
213 | 66.220.155.84
214 | 66.220.155.85
215 | 66.220.155.86
216 | 66.220.155.87
217 | 66.220.155.88
218 | 66.220.155.89
219 | 66.220.155.90
220 | 66.220.155.91
221 | 66.220.155.92
222 | 66.220.155.93
223 | 66.220.155.94
224 | 66.220.155.95
225 | 66.220.155.96
226 | 66.220.155.97
227 | 66.220.155.98
228 | 66.220.155.99
229 | 66.220.155.100
230 | 66.220.155.101
231 | 66.220.155.102
232 | 66.220.155.103
233 | 66.220.155.104
234 | 66.220.155.105
235 | 66.220.155.106
236 | 66.220.155.107
237 | 66.220.155.108
238 | 66.220.155.109
239 | 66.220.155.110
240 | 66.220.155.111
241 | 66.220.155.112
242 | 66.220.155.113
243 | 66.220.155.114
244 | 66.220.155.115
245 | 66.220.155.116
246 | 66.220.155.117
247 | 66.220.155.118
248 | 66.220.155.119
249 | 66.220.155.120
250 | 66.220.155.121
251 | 66.220.155.122
252 | 66.220.155.123
253 | 66.220.155.124
254 | 66.220.155.125
255 | 66.220.155.126
256 | 66.220.155.127
257 | 66.220.155.128
258 | 66.220.155.129
259 | 66.220.155.130
260 | 66.220.155.131
261 | 66.220.155.132
262 | 66.220.155.133
263 | 66.220.155.134
264 | 66.220.155.135
265 | 66.220.155.136
266 | 66.220.155.137
267 | 66.220.155.138
268 | 66.220.155.139
269 | 66.220.155.140
270 | 66.220.155.141
271 | 66.220.155.142
272 | 66.220.155.143
273 | 66.220.155.144
274 | 66.220.155.145
275 | 66.220.155.146
276 | 66.220.155.147
277 | 66.220.155.148
278 | 66.220.155.149
279 | 66.220.155.150
280 | 66.220.155.151
281 | 66.220.155.152
282 | 66.220.155.153
283 | 66.220.155.154
284 | 66.220.155.155
285 | 66.220.155.156
286 | 66.220.155.157
287 | 66.220.155.158
288 | 66.220.155.159
289 | 66.220.155.160
290 | 66.220.155.161
291 | 66.220.155.162
292 | 66.220.155.163
293 | 66.220.155.164
294 | 66.220.155.165
295 | 66.220.155.166
296 | 66.220.155.167
297 | 66.220.155.168
298 | 66.220.155.169
299 | 66.220.155.170
300 | 66.220.155.171
301 | 66.220.155.172
302 | 66.220.155.173
303 | 66.220.155.174
304 | 66.220.155.175
305 | 66.220.155.176
306 | 66.220.155.177
307 | 66.220.155.178
308 | 66.220.155.179
309 | 66.220.155.180
310 | 66.220.155.181
311 | 66.220.155.182
312 | 66.220.155.183
313 | 66.220.155.184
314 | 66.220.155.185
315 | 66.220.155.186
316 | 66.220.155.187
317 | 66.220.155.188
318 | 66.220.155.189
319 | 66.220.155.190
320 | 66.220.155.191
321 | 66.220.155.192
322 | 66.220.155.193
323 | 66.220.155.194
324 | 66.220.155.195
325 | 66.220.155.196
326 | 66.220.155.197
327 | 66.220.155.198
328 | 66.220.155.199
329 | 66.220.155.200
330 | 66.220.155.201
331 | 66.220.155.202
332 | 66.220.155.203
333 | 66.220.155.204
334 | 66.220.155.205
335 | 66.220.155.206
336 | 66.220.155.207
337 | 66.220.155.208
338 | 66.220.155.209
339 | 66.220.155.210
340 | 66.220.155.211
341 | 66.220.155.212
342 | 66.220.155.213
343 | 66.220.155.214
344 | 66.220.155.215
345 | 66.220.155.216
346 | 66.220.155.217
347 | 66.220.155.218
348 | 66.220.155.219
349 | 66.220.155.220
350 | 66.220.155.221
351 | 66.220.155.222
352 | 66.220.155.223
353 | 66.220.155.224
354 | 66.220.155.225
355 | 66.220.155.226
356 | 66.220.155.227
357 | 66.220.155.228
358 | 66.220.155.229
359 | 66.220.155.230
360 | 66.220.155.231
361 | 66.220.155.232
362 | 66.220.155.233
363 | 66.220.155.234
364 | 66.220.155.235
365 | 66.220.155.236
366 | 66.220.155.237
367 | 66.220.155.238
368 | 66.220.155.239
369 | 66.220.155.240
370 | 66.220.155.241
371 | 66.220.155.242
372 | 66.220.155.243
373 | 66.220.155.244
374 | 66.220.155.245
375 | 66.220.155.246
376 | 66.220.155.247
377 | 66.220.155.248
378 | 66.220.155.249
379 | 66.220.155.250
380 | 66.220.155.251
381 | 66.220.155.252
382 | 66.220.155.253
383 | 66.220.155.254
384 | 66.220.155.255
385 | 66.220.157.0
386 | 66.220.157.1
387 | 66.220.157.2
388 | 66.220.157.3
389 | 66.220.157.4
390 | 66.220.157.5
391 | 66.220.157.6
392 | 66.220.157.7
393 | 66.220.157.8
394 | 66.220.157.9
395 | 66.220.157.10
396 | 66.220.157.11
397 | 66.220.157.12
398 | 66.220.157.13
399 | 66.220.157.14
400 | 66.220.157.15
401 | 66.220.157.16
402 | 66.220.157.17
403 | 66.220.157.18
404 | 66.220.157.19
405 | 66.220.157.20
406 | 66.220.157.21
407 | 66.220.157.22
408 | 66.220.157.23
409 | 66.220.157.24
410 | 66.220.157.25
411 | 66.220.157.26
412 | 66.220.157.27
413 | 66.220.157.28
414 | 66.220.157.29
415 | 66.220.157.30
416 | 66.220.157.31
417 | 66.220.157.32
418 | 66.220.157.33
419 | 66.220.157.34
420 | 66.220.157.35
421 | 66.220.157.36
422 | 66.220.157.37
423 | 66.220.157.38
424 | 66.220.157.39
425 | 66.220.157.40
426 | 66.220.157.41
427 | 66.220.157.42
428 | 66.220.157.43
429 | 66.220.157.44
430 | 66.220.157.45
431 | 66.220.157.46
432 | 66.220.157.47
433 | 66.220.157.48
434 | 66.220.157.49
435 | 66.220.157.50
436 | 66.220.157.51
437 | 66.220.157.52
438 | 66.220.157.53
439 | 66.220.157.54
440 | 66.220.157.55
441 | 66.220.157.56
442 | 66.220.157.57
443 | 66.220.157.58
444 | 66.220.157.59
445 | 66.220.157.60
446 | 66.220.157.61
447 | 66.220.157.62
448 | 66.220.157.63
449 | 66.220.157.64
450 | 66.220.157.65
451 | 66.220.157.66
452 | 66.220.157.67
453 | 66.220.157.68
454 | 66.220.157.69
455 | 66.220.157.70
456 | 66.220.157.71
457 | 66.220.157.72
458 | 66.220.157.73
459 | 66.220.157.74
460 | 66.220.157.75
461 | 66.220.157.76
462 | 66.220.157.77
463 | 66.220.157.78
464 | 66.220.157.79
465 | 66.220.157.80
466 | 66.220.157.81
467 | 66.220.157.82
468 | 66.220.157.83
469 | 66.220.157.84
470 | 66.220.157.85
471 | 66.220.157.86
472 | 66.220.157.87
473 | 66.220.157.88
474 | 66.220.157.89
475 | 66.220.157.90
476 | 66.220.157.91
477 | 66.220.157.92
478 | 66.220.157.93
479 | 66.220.157.94
480 | 66.220.157.95
481 | 66.220.157.96
482 | 66.220.157.97
483 | 66.220.157.98
484 | 66.220.157.99
485 | 66.220.157.100
486 | 66.220.157.101
487 | 66.220.157.102
488 | 66.220.157.103
489 | 66.220.157.104
490 | 66.220.157.105
491 | 66.220.157.106
492 | 66.220.157.107
493 | 66.220.157.108
494 | 66.220.157.109
495 | 66.220.157.110
496 | 66.220.157.111
497 | 66.220.157.112
498 | 66.220.157.113
499 | 66.220.157.114
500 | 66.220.157.115
501 | 66.220.157.116
502 | 66.220.157.117
503 | 66.220.157.118
504 | 66.220.157.119
505 | 66.220.157.120
506 | 66.220.157.121
507 | 66.220.157.122
508 | 66.220.157.123
509 | 66.220.157.124
510 | 66.220.157.125
511 | 66.220.157.126
512 | 66.220.157.127
513 | 69.63.178.128
514 | 69.63.178.129
515 | 69.63.178.130
516 | 69.63.178.131
517 | 69.63.178.132
518 | 69.63.178.133
519 | 69.63.178.134
520 | 69.63.178.135
521 | 69.63.178.136
522 | 69.63.178.137
523 | 69.63.178.138
524 | 69.63.178.139
525 | 69.63.178.140
526 | 69.63.178.141
527 | 69.63.178.142
528 | 69.63.178.143
529 | 69.63.178.144
530 | 69.63.178.145
531 | 69.63.178.146
532 | 69.63.178.147
533 | 69.63.178.148
534 | 69.63.178.149
535 | 69.63.178.150
536 | 69.63.178.151
537 | 69.63.178.152
538 | 69.63.178.153
539 | 69.63.178.154
540 | 69.63.178.155
541 | 69.63.178.156
542 | 69.63.178.157
543 | 69.63.178.158
544 | 69.63.178.159
545 | 69.63.178.160
546 | 69.63.178.161
547 | 69.63.178.162
548 | 69.63.178.163
549 | 69.63.178.164
550 | 69.63.178.165
551 | 69.63.178.166
552 | 69.63.178.167
553 | 69.63.178.168
554 | 69.63.178.169
555 | 69.63.178.170
556 | 69.63.178.171
557 | 69.63.178.172
558 | 69.63.178.173
559 | 69.63.178.174
560 | 69.63.178.175
561 | 69.63.178.176
562 | 69.63.178.177
563 | 69.63.178.178
564 | 69.63.178.179
565 | 69.63.178.180
566 | 69.63.178.181
567 | 69.63.178.182
568 | 69.63.178.183
569 | 69.63.178.184
570 | 69.63.178.185
571 | 69.63.178.186
572 | 69.63.178.187
573 | 69.63.178.188
574 | 69.63.178.189
575 | 69.63.178.190
576 | 69.63.178.191
577 | 69.63.178.192
578 | 69.63.178.193
579 | 69.63.178.194
580 | 69.63.178.195
581 | 69.63.178.196
582 | 69.63.178.197
583 | 69.63.178.198
584 | 69.63.178.199
585 | 69.63.178.200
586 | 69.63.178.201
587 | 69.63.178.202
588 | 69.63.178.203
589 | 69.63.178.204
590 | 69.63.178.205
591 | 69.63.178.206
592 | 69.63.178.207
593 | 69.63.178.208
594 | 69.63.178.209
595 | 69.63.178.210
596 | 69.63.178.211
597 | 69.63.178.212
598 | 69.63.178.213
599 | 69.63.178.214
600 | 69.63.178.215
601 | 69.63.178.216
602 | 69.63.178.217
603 | 69.63.178.218
604 | 69.63.178.219
605 | 69.63.178.220
606 | 69.63.178.221
607 | 69.63.178.222
608 | 69.63.178.223
609 | 69.63.178.224
610 | 69.63.178.225
611 | 69.63.178.226
612 | 69.63.178.227
613 | 69.63.178.228
614 | 69.63.178.229
615 | 69.63.178.230
616 | 69.63.178.231
617 | 69.63.178.232
618 | 69.63.178.233
619 | 69.63.178.234
620 | 69.63.178.235
621 | 69.63.178.236
622 | 69.63.178.237
623 | 69.63.178.238
624 | 69.63.178.239
625 | 69.63.178.240
626 | 69.63.178.241
627 | 69.63.178.242
628 | 69.63.178.243
629 | 69.63.178.244
630 | 69.63.178.245
631 | 69.63.178.246
632 | 69.63.178.247
633 | 69.63.178.248
634 | 69.63.178.249
635 | 69.63.178.250
636 | 69.63.178.251
637 | 69.63.178.252
638 | 69.63.178.253
639 | 69.63.178.254
640 | 69.63.178.255
641 | 69.63.181.0
642 | 69.63.181.1
643 | 69.63.181.2
644 | 69.63.181.3
645 | 69.63.181.4
646 | 69.63.181.5
647 | 69.63.181.6
648 | 69.63.181.7
649 | 69.63.181.8
650 | 69.63.181.9
651 | 69.63.181.10
652 | 69.63.181.11
653 | 69.63.181.12
654 | 69.63.181.13
655 | 69.63.181.14
656 | 69.63.181.15
657 | 69.63.181.16
658 | 69.63.181.17
659 | 69.63.181.18
660 | 69.63.181.19
661 | 69.63.181.20
662 | 69.63.181.21
663 | 69.63.181.22
664 | 69.63.181.23
665 | 69.63.181.24
666 | 69.63.181.25
667 | 69.63.181.26
668 | 69.63.181.27
669 | 69.63.181.28
670 | 69.63.181.29
671 | 69.63.181.30
672 | 69.63.181.31
673 | 69.63.181.32
674 | 69.63.181.33
675 | 69.63.181.34
676 | 69.63.181.35
677 | 69.63.181.36
678 | 69.63.181.37
679 | 69.63.181.38
680 | 69.63.181.39
681 | 69.63.181.40
682 | 69.63.181.41
683 | 69.63.181.42
684 | 69.63.181.43
685 | 69.63.181.44
686 | 69.63.181.45
687 | 69.63.181.46
688 | 69.63.181.47
689 | 69.63.181.48
690 | 69.63.181.49
691 | 69.63.181.50
692 | 69.63.181.51
693 | 69.63.181.52
694 | 69.63.181.53
695 | 69.63.181.54
696 | 69.63.181.55
697 | 69.63.181.56
698 | 69.63.181.57
699 | 69.63.181.58
700 | 69.63.181.59
701 | 69.63.181.60
702 | 69.63.181.61
703 | 69.63.181.62
704 | 69.63.181.63
705 | 69.63.181.64
706 | 69.63.181.65
707 | 69.63.181.66
708 | 69.63.181.67
709 | 69.63.181.68
710 | 69.63.181.69
711 | 69.63.181.70
712 | 69.63.181.71
713 | 69.63.181.72
714 | 69.63.181.73
715 | 69.63.181.74
716 | 69.63.181.75
717 | 69.63.181.76
718 | 69.63.181.77
719 | 69.63.181.78
720 | 69.63.181.79
721 | 69.63.181.80
722 | 69.63.181.81
723 | 69.63.181.82
724 | 69.63.181.83
725 | 69.63.181.84
726 | 69.63.181.85
727 | 69.63.181.86
728 | 69.63.181.87
729 | 69.63.181.88
730 | 69.63.181.89
731 | 69.63.181.90
732 | 69.63.181.91
733 | 69.63.181.92
734 | 69.63.181.93
735 | 69.63.181.94
736 | 69.63.181.95
737 | 69.63.181.96
738 | 69.63.181.97
739 | 69.63.181.98
740 | 69.63.181.99
741 | 69.63.181.100
742 | 69.63.181.101
743 | 69.63.181.102
744 | 69.63.181.103
745 | 69.63.181.104
746 | 69.63.181.105
747 | 69.63.181.106
748 | 69.63.181.107
749 | 69.63.181.108
750 | 69.63.181.109
751 | 69.63.181.110
752 | 69.63.181.111
753 | 69.63.181.112
754 | 69.63.181.113
755 | 69.63.181.114
756 | 69.63.181.115
757 | 69.63.181.116
758 | 69.63.181.117
759 | 69.63.181.118
760 | 69.63.181.119
761 | 69.63.181.120
762 | 69.63.181.121
763 | 69.63.181.122
764 | 69.63.181.123
765 | 69.63.181.124
766 | 69.63.181.125
767 | 69.63.181.126
768 | 69.63.181.127
769 | 69.63.181.128
770 | 69.63.181.129
771 | 69.63.181.130
772 | 69.63.181.131
773 | 69.63.181.132
774 | 69.63.181.133
775 | 69.63.181.134
776 | 69.63.181.135
777 | 69.63.181.136
778 | 69.63.181.137
779 | 69.63.181.138
780 | 69.63.181.139
781 | 69.63.181.140
782 | 69.63.181.141
783 | 69.63.181.142
784 | 69.63.181.143
785 | 69.63.181.144
786 | 69.63.181.145
787 | 69.63.181.146
788 | 69.63.181.147
789 | 69.63.181.148
790 | 69.63.181.149
791 | 69.63.181.150
792 | 69.63.181.151
793 | 69.63.181.152
794 | 69.63.181.153
795 | 69.63.181.154
796 | 69.63.181.155
797 | 69.63.181.156
798 | 69.63.181.157
799 | 69.63.181.158
800 | 69.63.181.159
801 | 69.63.181.160
802 | 69.63.181.161
803 | 69.63.181.162
804 | 69.63.181.163
805 | 69.63.181.164
806 | 69.63.181.165
807 | 69.63.181.166
808 | 69.63.181.167
809 | 69.63.181.168
810 | 69.63.181.169
811 | 69.63.181.170
812 | 69.63.181.171
813 | 69.63.181.172
814 | 69.63.181.173
815 | 69.63.181.174
816 | 69.63.181.175
817 | 69.63.181.176
818 | 69.63.181.177
819 | 69.63.181.178
820 | 69.63.181.179
821 | 69.63.181.180
822 | 69.63.181.181
823 | 69.63.181.182
824 | 69.63.181.183
825 | 69.63.181.184
826 | 69.63.181.185
827 | 69.63.181.186
828 | 69.63.181.187
829 | 69.63.181.188
830 | 69.63.181.189
831 | 69.63.181.190
832 | 69.63.181.191
833 | 69.63.181.192
834 | 69.63.181.193
835 | 69.63.181.194
836 | 69.63.181.195
837 | 69.63.181.196
838 | 69.63.181.197
839 | 69.63.181.198
840 | 69.63.181.199
841 | 69.63.181.200
842 | 69.63.181.201
843 | 69.63.181.202
844 | 69.63.181.203
845 | 69.63.181.204
846 | 69.63.181.205
847 | 69.63.181.206
848 | 69.63.181.207
849 | 69.63.181.208
850 | 69.63.181.209
851 | 69.63.181.210
852 | 69.63.181.211
853 | 69.63.181.212
854 | 69.63.181.213
855 | 69.63.181.214
856 | 69.63.181.215
857 | 69.63.181.216
858 | 69.63.181.217
859 | 69.63.181.218
860 | 69.63.181.219
861 | 69.63.181.220
862 | 69.63.181.221
863 | 69.63.181.222
864 | 69.63.181.223
865 | 69.63.181.224
866 | 69.63.181.225
867 | 69.63.181.226
868 | 69.63.181.227
869 | 69.63.181.228
870 | 69.63.181.229
871 | 69.63.181.230
872 | 69.63.181.231
873 | 69.63.181.232
874 | 69.63.181.233
875 | 69.63.181.234
876 | 69.63.181.235
877 | 69.63.181.236
878 | 69.63.181.237
879 | 69.63.181.238
880 | 69.63.181.239
881 | 69.63.181.240
882 | 69.63.181.241
883 | 69.63.181.242
884 | 69.63.181.243
885 | 69.63.181.244
886 | 69.63.181.245
887 | 69.63.181.246
888 | 69.63.181.247
889 | 69.63.181.248
890 | 69.63.181.249
891 | 69.63.181.250
892 | 69.63.181.251
893 | 69.63.181.252
894 | 69.63.181.253
895 | 69.63.181.254
896 | 69.63.181.255
897 | 69.63.184.0
898 | 69.63.184.1
899 | 69.63.184.2
900 | 69.63.184.3
901 | 69.63.184.4
902 | 69.63.184.5
903 | 69.63.184.6
904 | 69.63.184.7
905 | 69.63.184.8
906 | 69.63.184.9
907 | 69.63.184.10
908 | 69.63.184.11
909 | 69.63.184.12
910 | 69.63.184.13
911 | 69.63.184.14
912 | 69.63.184.15
913 | 69.63.184.16
914 | 69.63.184.17
915 | 69.63.184.18
916 | 69.63.184.19
917 | 69.63.184.20
918 | 69.63.184.21
919 | 69.63.184.22
920 | 69.63.184.23
921 | 69.63.184.24
922 | 69.63.184.25
923 | 69.63.184.26
924 | 69.63.184.27
925 | 69.63.184.28
926 | 69.63.184.29
927 | 69.63.184.30
928 | 69.63.184.31
929 | 69.63.184.32
930 | 69.63.184.33
931 | 69.63.184.34
932 | 69.63.184.35
933 | 69.63.184.36
934 | 69.63.184.37
935 | 69.63.184.38
936 | 69.63.184.39
937 | 69.63.184.40
938 | 69.63.184.41
939 | 69.63.184.42
940 | 69.63.184.43
941 | 69.63.184.44
942 | 69.63.184.45
943 | 69.63.184.46
944 | 69.63.184.47
945 | 69.63.184.48
946 | 69.63.184.49
947 | 69.63.184.50
948 | 69.63.184.51
949 | 69.63.184.52
950 | 69.63.184.53
951 | 69.63.184.54
952 | 69.63.184.55
953 | 69.63.184.56
954 | 69.63.184.57
955 | 69.63.184.58
956 | 69.63.184.59
957 | 69.63.184.60
958 | 69.63.184.61
959 | 69.63.184.62
960 | 69.63.184.63
961 | 69.63.184.64
962 | 69.63.184.65
963 | 69.63.184.66
964 | 69.63.184.67
965 | 69.63.184.68
966 | 69.63.184.69
967 | 69.63.184.70
968 | 69.63.184.71
969 | 69.63.184.72
970 | 69.63.184.73
971 | 69.63.184.74
972 | 69.63.184.75
973 | 69.63.184.76
974 | 69.63.184.77
975 | 69.63.184.78
976 | 69.63.184.79
977 | 69.63.184.80
978 | 69.63.184.81
979 | 69.63.184.82
980 | 69.63.184.83
981 | 69.63.184.84
982 | 69.63.184.85
983 | 69.63.184.86
984 | 69.63.184.87
985 | 69.63.184.88
986 | 69.63.184.89
987 | 69.63.184.90
988 | 69.63.184.91
989 | 69.63.184.92
990 | 69.63.184.93
991 | 69.63.184.94
992 | 69.63.184.95
993 | 69.63.184.96
994 | 69.63.184.97
995 | 69.63.184.98
996 | 69.63.184.99
997 | 69.63.184.100
998 | 69.63.184.101
999 | 69.63.184.102
1000 | 69.63.184.103
1001 | 69.63.184.104
1002 | 69.63.184.105
1003 | 69.63.184.106
1004 | 69.63.184.107
1005 | 69.63.184.108
1006 | 69.63.184.109
1007 | 69.63.184.110
1008 | 69.63.184.111
1009 | 69.63.184.112
1010 | 69.63.184.113
1011 | 69.63.184.114
1012 | 69.63.184.115
1013 | 69.63.184.116
1014 | 69.63.184.117
1015 | 69.63.184.118
1016 | 69.63.184.119
1017 | 69.63.184.120
1018 | 69.63.184.121
1019 | 69.63.184.122
1020 | 69.63.184.123
1021 | 69.63.184.124
1022 | 69.63.184.125
1023 | 69.63.184.126
1024 | 69.63.184.127
1025 | 69.171.232.0
1026 | 69.171.232.1
1027 | 69.171.232.2
1028 | 69.171.232.3
1029 | 69.171.232.4
1030 | 69.171.232.5
1031 | 69.171.232.6
1032 | 69.171.232.7
1033 | 69.171.232.8
1034 | 69.171.232.9
1035 | 69.171.232.10
1036 | 69.171.232.11
1037 | 69.171.232.12
1038 | 69.171.232.13
1039 | 69.171.232.14
1040 | 69.171.232.15
1041 | 69.171.232.16
1042 | 69.171.232.17
1043 | 69.171.232.18
1044 | 69.171.232.19
1045 | 69.171.232.20
1046 | 69.171.232.21
1047 | 69.171.232.22
1048 | 69.171.232.23
1049 | 69.171.232.24
1050 | 69.171.232.25
1051 | 69.171.232.26
1052 | 69.171.232.27
1053 | 69.171.232.28
1054 | 69.171.232.29
1055 | 69.171.232.30
1056 | 69.171.232.31
1057 | 69.171.232.32
1058 | 69.171.232.33
1059 | 69.171.232.34
1060 | 69.171.232.35
1061 | 69.171.232.36
1062 | 69.171.232.37
1063 | 69.171.232.38
1064 | 69.171.232.39
1065 | 69.171.232.40
1066 | 69.171.232.41
1067 | 69.171.232.42
1068 | 69.171.232.43
1069 | 69.171.232.44
1070 | 69.171.232.45
1071 | 69.171.232.46
1072 | 69.171.232.47
1073 | 69.171.232.48
1074 | 69.171.232.49
1075 | 69.171.232.50
1076 | 69.171.232.51
1077 | 69.171.232.52
1078 | 69.171.232.53
1079 | 69.171.232.54
1080 | 69.171.232.55
1081 | 69.171.232.56
1082 | 69.171.232.57
1083 | 69.171.232.58
1084 | 69.171.232.59
1085 | 69.171.232.60
1086 | 69.171.232.61
1087 | 69.171.232.62
1088 | 69.171.232.63
1089 | 69.171.232.64
1090 | 69.171.232.65
1091 | 69.171.232.66
1092 | 69.171.232.67
1093 | 69.171.232.68
1094 | 69.171.232.69
1095 | 69.171.232.70
1096 | 69.171.232.71
1097 | 69.171.232.72
1098 | 69.171.232.73
1099 | 69.171.232.74
1100 | 69.171.232.75
1101 | 69.171.232.76
1102 | 69.171.232.77
1103 | 69.171.232.78
1104 | 69.171.232.79
1105 | 69.171.232.80
1106 | 69.171.232.81
1107 | 69.171.232.82
1108 | 69.171.232.83
1109 | 69.171.232.84
1110 | 69.171.232.85
1111 | 69.171.232.86
1112 | 69.171.232.87
1113 | 69.171.232.88
1114 | 69.171.232.89
1115 | 69.171.232.90
1116 | 69.171.232.91
1117 | 69.171.232.92
1118 | 69.171.232.93
1119 | 69.171.232.94
1120 | 69.171.232.95
1121 | 69.171.232.96
1122 | 69.171.232.97
1123 | 69.171.232.98
1124 | 69.171.232.99
1125 | 69.171.232.100
1126 | 69.171.232.101
1127 | 69.171.232.102
1128 | 69.171.232.103
1129 | 69.171.232.104
1130 | 69.171.232.105
1131 | 69.171.232.106
1132 | 69.171.232.107
1133 | 69.171.232.108
1134 | 69.171.232.109
1135 | 69.171.232.110
1136 | 69.171.232.111
1137 | 69.171.232.112
1138 | 69.171.232.113
1139 | 69.171.232.114
1140 | 69.171.232.115
1141 | 69.171.232.116
1142 | 69.171.232.117
1143 | 69.171.232.118
1144 | 69.171.232.119
1145 | 69.171.232.120
1146 | 69.171.232.121
1147 | 69.171.232.122
1148 | 69.171.232.123
1149 | 69.171.232.124
1150 | 69.171.232.125
1151 | 69.171.232.126
1152 | 69.171.232.127
1153 | 69.171.232.128
1154 | 69.171.232.129
1155 | 69.171.232.130
1156 | 69.171.232.131
1157 | 69.171.232.132
1158 | 69.171.232.133
1159 | 69.171.232.134
1160 | 69.171.232.135
1161 | 69.171.232.136
1162 | 69.171.232.137
1163 | 69.171.232.138
1164 | 69.171.232.139
1165 | 69.171.232.140
1166 | 69.171.232.141
1167 | 69.171.232.142
1168 | 69.171.232.143
1169 | 69.171.232.144
1170 | 69.171.232.145
1171 | 69.171.232.146
1172 | 69.171.232.147
1173 | 69.171.232.148
1174 | 69.171.232.149
1175 | 69.171.232.150
1176 | 69.171.232.151
1177 | 69.171.232.152
1178 | 69.171.232.153
1179 | 69.171.232.154
1180 | 69.171.232.155
1181 | 69.171.232.156
1182 | 69.171.232.157
1183 | 69.171.232.158
1184 | 69.171.232.159
1185 | 69.171.232.160
1186 | 69.171.232.161
1187 | 69.171.232.162
1188 | 69.171.232.163
1189 | 69.171.232.164
1190 | 69.171.232.165
1191 | 69.171.232.166
1192 | 69.171.232.167
1193 | 69.171.232.168
1194 | 69.171.232.169
1195 | 69.171.232.170
1196 | 69.171.232.171
1197 | 69.171.232.172
1198 | 69.171.232.173
1199 | 69.171.232.174
1200 | 69.171.232.175
1201 | 69.171.232.176
1202 | 69.171.232.177
1203 | 69.171.232.178
1204 | 69.171.232.179
1205 | 69.171.232.180
1206 | 69.171.232.181
1207 | 69.171.232.182
1208 | 69.171.232.183
1209 | 69.171.232.184
1210 | 69.171.232.185
1211 | 69.171.232.186
1212 | 69.171.232.187
1213 | 69.171.232.188
1214 | 69.171.232.189
1215 | 69.171.232.190
1216 | 69.171.232.191
1217 | 69.171.232.192
1218 | 69.171.232.193
1219 | 69.171.232.194
1220 | 69.171.232.195
1221 | 69.171.232.196
1222 | 69.171.232.197
1223 | 69.171.232.198
1224 | 69.171.232.199
1225 | 69.171.232.200
1226 | 69.171.232.201
1227 | 69.171.232.202
1228 | 69.171.232.203
1229 | 69.171.232.204
1230 | 69.171.232.205
1231 | 69.171.232.206
1232 | 69.171.232.207
1233 | 69.171.232.208
1234 | 69.171.232.209
1235 | 69.171.232.210
1236 | 69.171.232.211
1237 | 69.171.232.212
1238 | 69.171.232.213
1239 | 69.171.232.214
1240 | 69.171.232.215
1241 | 69.171.232.216
1242 | 69.171.232.217
1243 | 69.171.232.218
1244 | 69.171.232.219
1245 | 69.171.232.220
1246 | 69.171.232.221
1247 | 69.171.232.222
1248 | 69.171.232.223
1249 | 69.171.232.224
1250 | 69.171.232.225
1251 | 69.171.232.226
1252 | 69.171.232.227
1253 | 69.171.232.228
1254 | 69.171.232.229
1255 | 69.171.232.230
1256 | 69.171.232.231
1257 | 69.171.232.232
1258 | 69.171.232.233
1259 | 69.171.232.234
1260 | 69.171.232.235
1261 | 69.171.232.236
1262 | 69.171.232.237
1263 | 69.171.232.238
1264 | 69.171.232.239
1265 | 69.171.232.240
1266 | 69.171.232.241
1267 | 69.171.232.242
1268 | 69.171.232.243
1269 | 69.171.232.244
1270 | 69.171.232.245
1271 | 69.171.232.246
1272 | 69.171.232.247
1273 | 69.171.232.248
1274 | 69.171.232.249
1275 | 69.171.232.250
1276 | 69.171.232.251
1277 | 69.171.232.252
1278 | 69.171.232.253
1279 | 69.171.232.254
1280 | 69.171.232.255
1281 | 69.171.244.0
1282 | 69.171.244.1
1283 | 69.171.244.2
1284 | 69.171.244.3
1285 | 69.171.244.4
1286 | 69.171.244.5
1287 | 69.171.244.6
1288 | 69.171.244.7
1289 | 69.171.244.8
1290 | 69.171.244.9
1291 | 69.171.244.10
1292 | 69.171.244.11
1293 | 69.171.244.12
1294 | 69.171.244.13
1295 | 69.171.244.14
1296 | 69.171.244.15
1297 | 69.171.244.16
1298 | 69.171.244.17
1299 | 69.171.244.18
1300 | 69.171.244.19
1301 | 69.171.244.20
1302 | 69.171.244.21
1303 | 69.171.244.22
1304 | 69.171.244.23
1305 | 69.171.244.24
1306 | 69.171.244.25
1307 | 69.171.244.26
1308 | 69.171.244.27
1309 | 69.171.244.28
1310 | 69.171.244.29
1311 | 69.171.244.30
1312 | 69.171.244.31
1313 | 69.171.244.32
1314 | 69.171.244.33
1315 | 69.171.244.34
1316 | 69.171.244.35
1317 | 69.171.244.36
1318 | 69.171.244.37
1319 | 69.171.244.38
1320 | 69.171.244.39
1321 | 69.171.244.40
1322 | 69.171.244.41
1323 | 69.171.244.42
1324 | 69.171.244.43
1325 | 69.171.244.44
1326 | 69.171.244.45
1327 | 69.171.244.46
1328 | 69.171.244.47
1329 | 69.171.244.48
1330 | 69.171.244.49
1331 | 69.171.244.50
1332 | 69.171.244.51
1333 | 69.171.244.52
1334 | 69.171.244.53
1335 | 69.171.244.54
1336 | 69.171.244.55
1337 | 69.171.244.56
1338 | 69.171.244.57
1339 | 69.171.244.58
1340 | 69.171.244.59
1341 | 69.171.244.60
1342 | 69.171.244.61
1343 | 69.171.244.62
1344 | 69.171.244.63
1345 | 69.171.244.64
1346 | 69.171.244.65
1347 | 69.171.244.66
1348 | 69.171.244.67
1349 | 69.171.244.68
1350 | 69.171.244.69
1351 | 69.171.244.70
1352 | 69.171.244.71
1353 | 69.171.244.72
1354 | 69.171.244.73
1355 | 69.171.244.74
1356 | 69.171.244.75
1357 | 69.171.244.76
1358 | 69.171.244.77
1359 | 69.171.244.78
1360 | 69.171.244.79
1361 | 69.171.244.80
1362 | 69.171.244.81
1363 | 69.171.244.82
1364 | 69.171.244.83
1365 | 69.171.244.84
1366 | 69.171.244.85
1367 | 69.171.244.86
1368 | 69.171.244.87
1369 | 69.171.244.88
1370 | 69.171.244.89
1371 | 69.171.244.90
1372 | 69.171.244.91
1373 | 69.171.244.92
1374 | 69.171.244.93
1375 | 69.171.244.94
1376 | 69.171.244.95
1377 | 69.171.244.96
1378 | 69.171.244.97
1379 | 69.171.244.98
1380 | 69.171.244.99
1381 | 69.171.244.100
1382 | 69.171.244.101
1383 | 69.171.244.102
1384 | 69.171.244.103
1385 | 69.171.244.104
1386 | 69.171.244.105
1387 | 69.171.244.106
1388 | 69.171.244.107
1389 | 69.171.244.108
1390 | 69.171.244.109
1391 | 69.171.244.110
1392 | 69.171.244.111
1393 | 69.171.244.112
1394 | 69.171.244.113
1395 | 69.171.244.114
1396 | 69.171.244.115
1397 | 69.171.244.116
1398 | 69.171.244.117
1399 | 69.171.244.118
1400 | 69.171.244.119
1401 | 69.171.244.120
1402 | 69.171.244.121
1403 | 69.171.244.122
1404 | 69.171.244.123
1405 | 69.171.244.124
1406 | 69.171.244.125
1407 | 69.171.244.126
1408 | 69.171.244.127
1409 | 69.171.244.128
1410 | 69.171.244.129
1411 | 69.171.244.130
1412 | 69.171.244.131
1413 | 69.171.244.132
1414 | 69.171.244.133
1415 | 69.171.244.134
1416 | 69.171.244.135
1417 | 69.171.244.136
1418 | 69.171.244.137
1419 | 69.171.244.138
1420 | 69.171.244.139
1421 | 69.171.244.140
1422 | 69.171.244.141
1423 | 69.171.244.142
1424 | 69.171.244.143
1425 | 69.171.244.144
1426 | 69.171.244.145
1427 | 69.171.244.146
1428 | 69.171.244.147
1429 | 69.171.244.148
1430 | 69.171.244.149
1431 | 69.171.244.150
1432 | 69.171.244.151
1433 | 69.171.244.152
1434 | 69.171.244.153
1435 | 69.171.244.154
1436 | 69.171.244.155
1437 | 69.171.244.156
1438 | 69.171.244.157
1439 | 69.171.244.158
1440 | 69.171.244.159
1441 | 69.171.244.160
1442 | 69.171.244.161
1443 | 69.171.244.162
1444 | 69.171.244.163
1445 | 69.171.244.164
1446 | 69.171.244.165
1447 | 69.171.244.166
1448 | 69.171.244.167
1449 | 69.171.244.168
1450 | 69.171.244.169
1451 | 69.171.244.170
1452 | 69.171.244.171
1453 | 69.171.244.172
1454 | 69.171.244.173
1455 | 69.171.244.174
1456 | 69.171.244.175
1457 | 69.171.244.176
1458 | 69.171.244.177
1459 | 69.171.244.178
1460 | 69.171.244.179
1461 | 69.171.244.180
1462 | 69.171.244.181
1463 | 69.171.244.182
1464 | 69.171.244.183
1465 | 69.171.244.184
1466 | 69.171.244.185
1467 | 69.171.244.186
1468 | 69.171.244.187
1469 | 69.171.244.188
1470 | 69.171.244.189
1471 | 69.171.244.190
1472 | 69.171.244.191
1473 | 69.171.244.192
1474 | 69.171.244.193
1475 | 69.171.244.194
1476 | 69.171.244.195
1477 | 69.171.244.196
1478 | 69.171.244.197
1479 | 69.171.244.198
1480 | 69.171.244.199
1481 | 69.171.244.200
1482 | 69.171.244.201
1483 | 69.171.244.202
1484 | 69.171.244.203
1485 | 69.171.244.204
1486 | 69.171.244.205
1487 | 69.171.244.206
1488 | 69.171.244.207
1489 | 69.171.244.208
1490 | 69.171.244.209
1491 | 69.171.244.210
1492 | 69.171.244.211
1493 | 69.171.244.212
1494 | 69.171.244.213
1495 | 69.171.244.214
1496 | 69.171.244.215
1497 | 69.171.244.216
1498 | 69.171.244.217
1499 | 69.171.244.218
1500 | 69.171.244.219
1501 | 69.171.244.220
1502 | 69.171.244.221
1503 | 69.171.244.222
1504 | 69.171.244.223
1505 | 69.171.244.224
1506 | 69.171.244.225
1507 | 69.171.244.226
1508 | 69.171.244.227
1509 | 69.171.244.228
1510 | 69.171.244.229
1511 | 69.171.244.230
1512 | 69.171.244.231
1513 | 69.171.244.232
1514 | 69.171.244.233
1515 | 69.171.244.234
1516 | 69.171.244.235
1517 | 69.171.244.236
1518 | 69.171.244.237
1519 | 69.171.244.238
1520 | 69.171.244.239
1521 | 69.171.244.240
1522 | 69.171.244.241
1523 | 69.171.244.242
1524 | 69.171.244.243
1525 | 69.171.244.244
1526 | 69.171.244.245
1527 | 69.171.244.246
1528 | 69.171.244.247
1529 | 69.171.244.248
1530 | 69.171.244.249
1531 | 69.171.244.250
1532 | 69.171.244.251
1533 | 69.171.244.252
1534 | 69.171.244.253
1535 | 69.171.244.254
1536 | 69.171.244.255
1537 | 69.171.245.0
1538 | 69.171.245.1
1539 | 69.171.245.2
1540 | 69.171.245.3
1541 | 69.171.245.4
1542 | 69.171.245.5
1543 | 69.171.245.6
1544 | 69.171.245.7
1545 | 69.171.245.8
1546 | 69.171.245.9
1547 | 69.171.245.10
1548 | 69.171.245.11
1549 | 69.171.245.12
1550 | 69.171.245.13
1551 | 69.171.245.14
1552 | 69.171.245.15
1553 | 69.171.245.16
1554 | 69.171.245.17
1555 | 69.171.245.18
1556 | 69.171.245.19
1557 | 69.171.245.20
1558 | 69.171.245.21
1559 | 69.171.245.22
1560 | 69.171.245.23
1561 | 69.171.245.24
1562 | 69.171.245.25
1563 | 69.171.245.26
1564 | 69.171.245.27
1565 | 69.171.245.28
1566 | 69.171.245.29
1567 | 69.171.245.30
1568 | 69.171.245.31
1569 | 69.171.245.32
1570 | 69.171.245.33
1571 | 69.171.245.34
1572 | 69.171.245.35
1573 | 69.171.245.36
1574 | 69.171.245.37
1575 | 69.171.245.38
1576 | 69.171.245.39
1577 | 69.171.245.40
1578 | 69.171.245.41
1579 | 69.171.245.42
1580 | 69.171.245.43
1581 | 69.171.245.44
1582 | 69.171.245.45
1583 | 69.171.245.46
1584 | 69.171.245.47
1585 | 69.171.245.48
1586 | 69.171.245.49
1587 | 69.171.245.50
1588 | 69.171.245.51
1589 | 69.171.245.52
1590 | 69.171.245.53
1591 | 69.171.245.54
1592 | 69.171.245.55
1593 | 69.171.245.56
1594 | 69.171.245.57
1595 | 69.171.245.58
1596 | 69.171.245.59
1597 | 69.171.245.60
1598 | 69.171.245.61
1599 | 69.171.245.62
1600 | 69.171.245.63
1601 | 69.171.245.64
1602 | 69.171.245.65
1603 | 69.171.245.66
1604 | 69.171.245.67
1605 | 69.171.245.68
1606 | 69.171.245.69
1607 | 69.171.245.70
1608 | 69.171.245.71
1609 | 69.171.245.72
1610 | 69.171.245.73
1611 | 69.171.245.74
1612 | 69.171.245.75
1613 | 69.171.245.76
1614 | 69.171.245.77
1615 | 69.171.245.78
1616 | 69.171.245.79
1617 | 69.171.245.80
1618 | 69.171.245.81
1619 | 69.171.245.82
1620 | 69.171.245.83
1621 | 69.171.245.84
1622 | 69.171.245.85
1623 | 69.171.245.86
1624 | 69.171.245.87
1625 | 69.171.245.88
1626 | 69.171.245.89
1627 | 69.171.245.90
1628 | 69.171.245.91
1629 | 69.171.245.92
1630 | 69.171.245.93
1631 | 69.171.245.94
1632 | 69.171.245.95
1633 | 69.171.245.96
1634 | 69.171.245.97
1635 | 69.171.245.98
1636 | 69.171.245.99
1637 | 69.171.245.100
1638 | 69.171.245.101
1639 | 69.171.245.102
1640 | 69.171.245.103
1641 | 69.171.245.104
1642 | 69.171.245.105
1643 | 69.171.245.106
1644 | 69.171.245.107
1645 | 69.171.245.108
1646 | 69.171.245.109
1647 | 69.171.245.110
1648 | 69.171.245.111
1649 | 69.171.245.112
1650 | 69.171.245.113
1651 | 69.171.245.114
1652 | 69.171.245.115
1653 | 69.171.245.116
1654 | 69.171.245.117
1655 | 69.171.245.118
1656 | 69.171.245.119
1657 | 69.171.245.120
1658 | 69.171.245.121
1659 | 69.171.245.122
1660 | 69.171.245.123
1661 | 69.171.245.124
1662 | 69.171.245.125
1663 | 69.171.245.126
1664 | 69.171.245.127
1665 | 69.171.245.128
1666 | 69.171.245.129
1667 | 69.171.245.130
1668 | 69.171.245.131
1669 | 69.171.245.132
1670 | 69.171.245.133
1671 | 69.171.245.134
1672 | 69.171.245.135
1673 | 69.171.245.136
1674 | 69.171.245.137
1675 | 69.171.245.138
1676 | 69.171.245.139
1677 | 69.171.245.140
1678 | 69.171.245.141
1679 | 69.171.245.142
1680 | 69.171.245.143
1681 | 69.171.245.144
1682 | 69.171.245.145
1683 | 69.171.245.146
1684 | 69.171.245.147
1685 | 69.171.245.148
1686 | 69.171.245.149
1687 | 69.171.245.150
1688 | 69.171.245.151
1689 | 69.171.245.152
1690 | 69.171.245.153
1691 | 69.171.245.154
1692 | 69.171.245.155
1693 | 69.171.245.156
1694 | 69.171.245.157
1695 | 69.171.245.158
1696 | 69.171.245.159
1697 | 69.171.245.160
1698 | 69.171.245.161
1699 | 69.171.245.162
1700 | 69.171.245.163
1701 | 69.171.245.164
1702 | 69.171.245.165
1703 | 69.171.245.166
1704 | 69.171.245.167
1705 | 69.171.245.168
1706 | 69.171.245.169
1707 | 69.171.245.170
1708 | 69.171.245.171
1709 | 69.171.245.172
1710 | 69.171.245.173
1711 | 69.171.245.174
1712 | 69.171.245.175
1713 | 69.171.245.176
1714 | 69.171.245.177
1715 | 69.171.245.178
1716 | 69.171.245.179
1717 | 69.171.245.180
1718 | 69.171.245.181
1719 | 69.171.245.182
1720 | 69.171.245.183
1721 | 69.171.245.184
1722 | 69.171.245.185
1723 | 69.171.245.186
1724 | 69.171.245.187
1725 | 69.171.245.188
1726 | 69.171.245.189
1727 | 69.171.245.190
1728 | 69.171.245.191
1729 | 69.171.245.192
1730 | 69.171.245.193
1731 | 69.171.245.194
1732 | 69.171.245.195
1733 | 69.171.245.196
1734 | 69.171.245.197
1735 | 69.171.245.198
1736 | 69.171.245.199
1737 | 69.171.245.200
1738 | 69.171.245.201
1739 | 69.171.245.202
1740 | 69.171.245.203
1741 | 69.171.245.204
1742 | 69.171.245.205
1743 | 69.171.245.206
1744 | 69.171.245.207
1745 | 69.171.245.208
1746 | 69.171.245.209
1747 | 69.171.245.210
1748 | 69.171.245.211
1749 | 69.171.245.212
1750 | 69.171.245.213
1751 | 69.171.245.214
1752 | 69.171.245.215
1753 | 69.171.245.216
1754 | 69.171.245.217
1755 | 69.171.245.218
1756 | 69.171.245.219
1757 | 69.171.245.220
1758 | 69.171.245.221
1759 | 69.171.245.222
1760 | 69.171.245.223
1761 | 69.171.245.224
1762 | 69.171.245.225
1763 | 69.171.245.226
1764 | 69.171.245.227
1765 | 69.171.245.228
1766 | 69.171.245.229
1767 | 69.171.245.230
1768 | 69.171.245.231
1769 | 69.171.245.232
1770 | 69.171.245.233
1771 | 69.171.245.234
1772 | 69.171.245.235
1773 | 69.171.245.236
1774 | 69.171.245.237
1775 | 69.171.245.238
1776 | 69.171.245.239
1777 | 69.171.245.240
1778 | 69.171.245.241
1779 | 69.171.245.242
1780 | 69.171.245.243
1781 | 69.171.245.244
1782 | 69.171.245.245
1783 | 69.171.245.246
1784 | 69.171.245.247
1785 | 69.171.245.248
1786 | 69.171.245.249
1787 | 69.171.245.250
1788 | 69.171.245.251
1789 | 69.171.245.252
1790 | 69.171.245.253
1791 | 69.171.245.254
1792 | 69.171.245.255
1793 |
--------------------------------------------------------------------------------
/sec/feb2025botnet.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | for i in $(grep -a "Relay not permitted" /var/log/exim/mainlog | awk -F' \\[' '{print $2}' | awk '{print $1}' | sed 's/]//' | sort | uniq -c | sort -n | awk '$1 >= 300 && NF == 2' | awk '{print $2}'); do ip route add blackhole $i; done
4 |
5 | for i in $(grep -a "Mail not accepted from default assigned hostnames" /var/log/exim/mainlog | awk -F' \\[' '{print $2}' | awk '{print $1}' | sed 's/]//' | sort | uniq -c | sort -n | awk '$1 >= 300 && NF == 2' | awk '{print $2}'); do ip route add blackhole $i; done
6 |
7 | for i in $(grep -a "Unauthenticated mail not allowed from this range" /var/log/exim/mainlog | awk -F' \\[' '{print $2}' | awk '{print $1}' | sed 's/]//' | sort | uniq -c | sort -n | awk '$1 >= 300 && NF == 2' | awk '{print $2}'); do ip route add blackhole $i; done
8 |
9 | for i in $(grep -a "is not authorized to send mail from" /var/log/exim/mainlog | awk -F' \\[' '{print $2}' | awk '{print $1}' | sed 's/]//' | sort | uniq -c | sort -n | awk '$1 >= 300 && NF == 2' | awk '{print $2}'); do ip route add blackhole $i; done
10 |
11 | for i in $(grep -a "Too many failed recipients" /var/log/exim/mainlog | awk -F' \\[' '{print $2}' | awk '{print $1}' | sed 's/]//' | sort | uniq); do ip route add blackhole $i; done
12 |
13 | for i in $(grep "Google Cloud has conditional access" /var/log/exim/mainlog | awk -F' \\[' '{print $2}' | awk '{print $1}' | sed 's/]//' | sort | uniq); do ip route add blackhole $i; done
14 |
15 | for i in $(cat /etc/unblockme); do ip route del blackhole $i; done
16 |
17 | for i in $(ip route | grep "blackhole 209.85" | awk '{print $2}'); do ip route del blackhole $i; done
18 |
19 | killall -9 exim
20 | systemctl restart exim
21 |
--------------------------------------------------------------------------------
/sec/quickgmailhit.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Manual offset to DDOS mitigation possible false positive
4 |
5 | for i in $(ip route | grep "blackhole 209.85" | awk '{print $2}'); do ip route del blackhole $i; done
6 |
--------------------------------------------------------------------------------
/sec/ransom.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | for i in $(cat /root/da_server_updates/sec/ransom.list); do ip route add blackhole $i; done
4 |
--------------------------------------------------------------------------------
/sec/redoblackholes.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | for i in $(awk '{print $2}' /etc/blackhole_backup); do ip route add blackhole $i; done
4 |
--------------------------------------------------------------------------------
/sec/senderverifyfailed.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # Logic to be used by an upcoming project
3 |
4 | grep "Sender verify failed" /var/log/exim/mainlog | awk -F'F=' '{print $2}' | awk '{print $1}' | sort | uniq | awk -F'@' '{print $2}' | sed 's/>//' | sort | uniq
5 |
--------------------------------------------------------------------------------
/sec/suswlunblock.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | for i in $(cat /etc/susranges_whitelist); do ip route del blackhole $i; done
3 |
--------------------------------------------------------------------------------
/sec/unfuckthesenetworks.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # These networks have been deemed clean after previously having been considered to not be so, and are now being unfucked on our network.
3 |
4 | ASNS="12578"
5 |
6 | for a in $ASNS
7 | do
8 | for b in $(whois -h whois.radb.net -- "-i origin AS$a" | grep 'route:' | awk '{print $2}')
9 | do ip route del blackhole $b
10 | done
11 | done
12 |
--------------------------------------------------------------------------------
/sec/worst.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # Time to reduce obviously malicious traffic on our servers
3 |
4 | for i in $(grep "H=(amazon.co.jp)" /var/log/exim/mainlog | awk '{print $4}' | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | sort | uniq); do ip route add blackhole $i; done
5 |
6 | for i in $(grep 'H=.*\.beauty) ' /var/log/exim/mainlog | awk -F '\\) \\[' '{ print $2 }' | awk '{print $1}' | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | sort | uniq); do ip route add blackhole $i; done
7 |
8 | for i in $(grep 'H=.*\.beauty ' /var/log/exim/mainlog | awk -F '\\) \\[' '{ print $2 }' | awk '{print $1}' | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | sort | uniq); do ip route add blackhole $i; done
9 |
--------------------------------------------------------------------------------
/services/bye_afterlogic.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | rm -rf /var/www/html/afterlogic
4 | mkdir -p /var/www/html/afterlogic
5 |
6 | cat >> /var/www/html/afterlogic/index.html <
8 | EOL
9 |
10 | chown -R webapps. /var/www/html/afterlogic
11 |
--------------------------------------------------------------------------------
/services/installcloudsend.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # This is installed on servers to help quickly send account backups to NextCloud.
3 | # Primarily used when accounts are terminated for policy violations.
4 | # We'll create a folder in NextCloud, set it to shared and to accept uploads, and then set a password on it.
5 |
6 | sudo curl -o '/usr/local/bin/cloudsend' 'https://gist.githubusercontent.com/tavinus/93bdbc051728748787dc22a58dfe58d8/raw/cloudsend.sh' && sudo chmod +x /usr/local/bin/cloudsend
7 |
--------------------------------------------------------------------------------
/services/update_php73.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | /usr/local/directadmin/custombuild/build update
4 | /usr/local/directadmin/custombuild/build set php1_release 7.3
5 | /usr/local/directadmin/custombuild/build php
6 |
--------------------------------------------------------------------------------
/services/update_services.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # We can't just run custombuild's "update all" method or the gap between recompiling a service
4 | # and reapplying it's custom config is too long, so we should add here the other services that
5 | # we notice DA updating via the panel, and just update them manually. They may even be insignificant to our use case.
6 |
7 |
8 | # Ensure Apache hostname redirect to webmail is working
9 | sed -i "s/HOSTNAMEHERE/$(hostname -f)/g" /root/da_server_updates/apache/index.html
10 | cp /root/da_server_updates/apache/index.html /var/www/html
11 |
12 | # Update packages
13 | da build update
14 | da build update_system
15 |
16 | # Update all of the junk no one wants to think about
17 | da build letsencrypt
18 | da build nghttp2
19 | da build curl
20 | da build lego
21 | da build clamav
22 | da build libxml2
23 | da build libxslt
24 | da build freetype
25 | da build bubblewrap
26 | da build imapsync
27 | da build redis
28 | #da build mysql
29 | da build jailshell
30 | da build phpmyadmin
31 | da build apache
32 |
33 | # Update DirectAdmin
34 | sh /usr/local/directadmin/scripts/getDA.sh current
35 |
36 | # Enable ioncube
37 | da build set ioncube yes
38 |
39 | # Update/build PHP
40 | da build php
41 | da build ioncube
42 |
43 | # Update Dovecot
44 | sh /root/da_server_updates/dovecot/update_dovecot.sh
45 |
46 | # Update exim
47 | sh /root/da_server_updates/exim/update_exim.sh
48 |
49 | # Update Snappy
50 | #sh /root/da_server_updates/snappy/upgrade_snappy.sh
51 |
52 | # Update Roundcube
53 | sh /root/da_server_updates/roundcube/update_roundcube.sh
54 |
--------------------------------------------------------------------------------
/snappy/fix_ssl_redirect.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | if grep -q "RewriteCond" /var/www/html/snappy/.htaccess
4 | then
5 | echo "Snappy SSL redirect already in place."
6 | else
7 | sed -i '1 s/^/RewriteRule \(\.\*\) https\:\/\/\%\{HTTP_HOST\}\%\{REQUEST\_URI\} \[R\=301\,L\]\n/' /var/www/html/snappy/.htaccess
8 | sed -i '1 s/^/RewriteCond \%\{HTTPS\} off\n/' /var/www/html/snappy/.htaccess
9 | sed -i '1 s/^/RewriteEngine On\n/' /var/www/html/snappy/.htaccess
10 | fi
11 |
--------------------------------------------------------------------------------
/snappy/snappy_install.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | rm -rf /var/www/html/snappy
4 | rm -f /var/www/html/snappymail-2.11.0.zip
5 | wget https://github.com/the-djmaze/snappymail/releases/download/v2.11.0/snappymail-2.11.0.zip -P /var/www/html
6 | unzip /var/www/html/snappymail-2.11.0.zip -d /var/www/html/snappy
7 | chown -R webapps. /var/www/html/snappy
8 | find /var/www/html/snappy -type d -exec chmod 755 {} \;
9 | find /var/www/html/snappy -type f -exec chmod 644 {} \;
10 | curl -I https://$(hostname)/snappy
11 |
--------------------------------------------------------------------------------
/snappy/update_snappy.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Set variables
4 | SNAPPY_DIR="/var/www/html/snappy"
5 | BACKUP_BASE="/root/backup/snappy"
6 | BACKUP_DIR="${BACKUP_BASE}/snappy_backup_$(date +%Y%m%d_%H%M%S)"
7 | LATEST_VERSION=$(curl -s https://api.github.com/repos/the-djmaze/snappymail/releases/latest | grep -oP '"tag_name": "\K(.*)(?=")')
8 |
9 | # Check if script is run as root
10 | if [[ $EUID -ne 0 ]]; then
11 | echo "This script must be run as root"
12 | exit 1
13 | fi
14 |
15 | # Check if Snappy directory exists
16 | if [ ! -d "$SNAPPY_DIR" ]; then
17 | echo "Error: Snappy directory not found at $SNAPPY_DIR"
18 | exit 1
19 | fi
20 |
21 | # Ensure backup base directory exists
22 | if [ ! -d "$BACKUP_BASE" ]; then
23 | echo "Creating backup base directory: $BACKUP_BASE"
24 | mkdir -p "$BACKUP_BASE"
25 | if [ $? -ne 0 ]; then
26 | echo "Error: Failed to create backup base directory. Aborting."
27 | exit 1
28 | fi
29 | fi
30 |
31 | # Create backup
32 | echo "Creating backup in $BACKUP_DIR..."
33 | mkdir -p "$BACKUP_DIR"
34 | if [ $? -ne 0 ]; then
35 | echo "Error: Failed to create backup directory. Aborting."
36 | exit 1
37 | fi
38 | cp -R "$SNAPPY_DIR" "$BACKUP_DIR"
39 |
40 | # Download latest version
41 | echo "Downloading Snappy version $LATEST_VERSION..."
42 | wget "https://github.com/the-djmaze/snappymail/releases/download/$LATEST_VERSION/snappymail-${LATEST_VERSION#v}.zip" -O /tmp/snappy_latest.zip
43 |
44 | # Check if download was successful
45 | if [ ! -f /tmp/snappy_latest.zip ]; then
46 | echo "Error: Failed to download the latest version. Aborting update."
47 | exit 1
48 | fi
49 |
50 | # Extract new version
51 | echo "Extracting new version..."
52 | unzip -q /tmp/snappy_latest.zip -d /tmp/snappy_update
53 |
54 | # Preserve configuration and data
55 | echo "Preserving configuration and data..."
56 | cp "$SNAPPY_DIR/data/DATA.php" "/tmp/snappy_update/data/" 2>/dev/null
57 | cp "$SNAPPY_DIR/data/_data_/default.ini" "/tmp/snappy_update/data/_data_/" 2>/dev/null
58 | cp -R "$SNAPPY_DIR/data/_data_/" "/tmp/snappy_update/data/" 2>/dev/null
59 |
60 | # Replace old version with new version
61 | echo "Updating Snappy..."
62 | rm -rf "$SNAPPY_DIR"
63 | mv "/tmp/snappy_update" "$SNAPPY_DIR"
64 |
65 | # Set correct permissions and ownership
66 | echo "Setting correct permissions and ownership..."
67 | chown -R webapps:webapps "$SNAPPY_DIR"
68 | find "$SNAPPY_DIR" -type d -exec chmod 755 {} \;
69 | find "$SNAPPY_DIR" -type f -exec chmod 644 {} \;
70 |
71 | # Clean up
72 | echo "Cleaning up..."
73 | rm /tmp/snappy_latest.zip
74 |
75 | echo "Snappy has been updated to version $LATEST_VERSION"
76 | echo "A backup of the previous version is available at $BACKUP_DIR"
77 | echo "Ownership of $SNAPPY_DIR has been set to webapps:webapps"
78 |
--------------------------------------------------------------------------------
/spamassassin/deploy_sa.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # Deploy SpamAssassin, removing rspamd from production
3 |
4 | cd /usr/local/directadmin/custombuild
5 | ./build set spamd spamassassin
6 | ./build spamassassin
7 |
8 | sh /root/da_server_updates/exim/update_exim.sh
9 |
--------------------------------------------------------------------------------
/spamassassin/deploykam.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | wget https://mcgrail.com/downloads/kam.sa-channels.mcgrail.com.key -O /root/da_server_updates/kam.sa-channels.mcgrail.com.key
4 | sa-update --import /root/da_server_updates/kam.sa-channels.mcgrail.com.key
5 | sa-update --gpgkey 24C063D8 --channel kam.sa-channels.mcgrail.com
6 |
--------------------------------------------------------------------------------
/spamassassin/enable_spamd.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Enable SpamAssassin for all accounts
4 |
5 | # If they have no filters configured, give them a baseline
6 | for i in $(find /etc/virtual -name filter.conf)
7 | do
8 | if ! grep -q "high_score_block" $i; then
9 | echo "high_score=30" >> $i
10 | echo "high_score_block=yes" >> $i
11 | echo "where=delete" >> $i
12 | fi
13 | done
14 |
15 | # SA is dependent on user_prefs files so if there isn't one, make one
16 | for username in $(ls /usr/local/directadmin/data/users);
17 | do
18 | HOMEDIR=$(eval echo ~$username)
19 | DIR=$HOMEDIR/.spamassassin
20 | mkdir -p $DIR
21 | UP=$DIR/user_prefs
22 | if [ ! -s ${UP} ]; then
23 | echo 'required_score 30.0' > ${UP}
24 | echo 'report_safe 1' >> ${UP}
25 | chown $username:$username ${UP}
26 | chmod 644 ${UP}
27 | fi
28 | chown ${username}:mail $DIR
29 | chmod 771 $DIR
30 | done
31 |
32 | # Reload SA configs
33 | echo "action=rewrite&value=spamd" >> /usr/local/directadmin/data/task.queue
34 |
--------------------------------------------------------------------------------
/spamassassin/failuremitigation.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | PTOKEN=$(cat /root/pushover_token)
3 | PUSER=$(cat /root/pushover_user)
4 | SERVER=$(hostname)
5 |
6 | prev_count=0
7 |
8 | count=$(grep "BSMTP input" /var/log/exim/mainlog | wc -l)
9 |
10 | if [ -f /root/spamd_failure_alerted_today ] ; then
11 |
12 | echo "Already alerted for this"
13 |
14 | elif [ "$prev_count" -lt "$count" ] ; then
15 |
16 | /usr/bin/curl -S -F "token=$PTOKEN" \
17 | -F "user=$PUSER" \
18 | -F "title=Spamd failure" \
19 | -F "message=Spamd failed on $SERVER" https://api.pushover.net/1/messages.json
20 | systemctl restart spamd
21 |
22 | /usr/bin/touch /root/spamd_failure_alerted_today
23 | /usr/bin/sed -i 's/BSMTP input/BSMTP_fixed/g' /var/log/exim/mainlog
24 | rm -rf /root/spamd_failure_alerted_today
25 |
26 | fi
27 |
--------------------------------------------------------------------------------
/spamassassin/fixchildren.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Step 1: Change the string "-m 15" to "-m 25" in /etc/systemd/system/spamassassin.service
4 | sed -i 's/-m 15/-m 25/' /etc/systemd/system/spamassassin.service
5 |
6 | # Step 2: Reload systemd daemon
7 | systemctl daemon-reload
8 |
9 | # Step 3: Restart the spamd service
10 | systemctl restart spamd
11 |
--------------------------------------------------------------------------------
/spamassassin/migrate_to_sa.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | sed -i 's/required_score 25.0/required_score 15.0/g' /home/*/.spamassassin/user_prefs
4 | sed -i 's/high_score=25/high_score=15/g' /etc/virtual/*/filter.conf
5 | echo "action=rewrite&value=spamd" >> /usr/local/directadmin/data/task.queue
6 |
--------------------------------------------------------------------------------
/spamassassin/update_rules.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | rm -f /etc/mail/spamassassin/local.cf
3 | wget https://raw.githubusercontent.com/mxroute/da_server_updates/master/spamassassin/local.cf -P /etc/mail/spamassassin
4 | systemctl restart spamd
5 | rm -f /etc/susranges
6 | wget https://raw.githubusercontent.com/mxroute/da_server_updates/refs/heads/master/exim/susranges -P /etc
7 |
--------------------------------------------------------------------------------
/syslog-ng.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # Had enough of rsyslog failing when 1100+ journal logs are present with no clear reason
3 | # Replacing rsyslog with syslog-ng on all CentOS boxes
4 |
5 | FILE=/etc/centos-release
6 | if [ -f "$FILE" ]; then
7 | echo "CentOS box, proceeding."
8 | systemctl stop rsyslog
9 | systemctl disable rsyslog
10 | yum install syslog-ng -y
11 | systemctl enable syslog-ng
12 | systemctl start syslog-ng
13 | else
14 | echo "Not a CentOS box, failing."
15 | fi
16 |
--------------------------------------------------------------------------------
/update_limits.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Script to replace the value 7200 with 9600 in limit files under /etc/virtual
4 | # Usage: ./update_limits.sh
5 |
6 | BASE_DIR="/etc/virtual"
7 | modified_count=0
8 |
9 | # Function to check if a file contains only a number
10 | is_number_only() {
11 | local content=$(cat "$1")
12 | if [[ "$content" =~ ^[0-9]+$ ]]; then
13 | return 0
14 | else
15 | return 1
16 | fi
17 | }
18 |
19 | # Main loop through all domain directories
20 | for domain_dir in "$BASE_DIR"/*/; do
21 | if [ ! -d "$domain_dir" ]; then
22 | continue
23 | fi
24 |
25 | limit_dir="${domain_dir}limit"
26 | if [ ! -d "$limit_dir" ]; then
27 | continue
28 | fi
29 |
30 | # Process files in the limit directory
31 | for limit_file in "$limit_dir"/*; do
32 | if [ ! -f "$limit_file" ]; then
33 | continue
34 | fi
35 |
36 | # Check if file contains only a number
37 | if is_number_only "$limit_file"; then
38 | # Check if the content is 7200
39 | if [ "$(cat "$limit_file")" = "7200" ]; then
40 | # Replace the content
41 | echo "9600" > "$limit_file"
42 | echo "Updated: $limit_file"
43 | ((modified_count++))
44 | fi
45 | else
46 | echo "Warning: Skipping $limit_file - contains non-numeric content"
47 | fi
48 | done
49 | done
50 |
51 | echo "9600" > /etc/virtual/user_limit
52 | echo "Process complete. Modified $modified_count files."
53 |
--------------------------------------------------------------------------------