Zimbra ZCS: OpenDKIM not running

After upgrading Debian, OpenDKIM sometimes stops running or fails to properly restart. If you don’t actively monitor your ZCS server, the only way to detect this is either through a growing mail queue of unsent messages or through a note in the ZCS server admin panel.

Usually, manually restarting either OpenDKIM itself or the whole ZCS server once “fixes” the problem:

# service zimbra restart

or

# /etc/init.d/zimbra restart

In other cases, fixing the permissions may help:

# /opt/zimbra/libexec/zmfixperms -verbose -extended

(source)

Mac OS X: Reduce/increase workspace switching delay

Does dragging windows to the adjacent workspace in Mac OS X feel sluggish? Try lowering the according delay, e.g. to 0.1 seconds. For a persistent change, enter the following in a terminal:

defaults write com.apple.dock workspaces-edge-delay -float 0.1; killall Dock

If you’d like to have a longer delay, try setting a value of 1.0 or even 2.0.

Some helpful Git resources

A friend recently told the following joke:

“The idea that git can be used offline is an illusion – you still need connectivity for googling which arguments to pass to what command.”

That’s an exaggeration, of course, but as always, there’s a grain of truth in it. So here we go:

Delete duplicate e-mail messages

If you need to delete duplicate e-mail messages on an IMAP server, take a look at this useful IMAP de-duplicator script:

IMAP de-duplicator – IMAPdedup

As IMAPdedup is a command line interface tool (a python script), it’s particularly useful for:

  • automated deletion of duplicates (as it can be called from other scripts)
  • extraordinarily big mailboxes or if you have many subfolders (as there’s no intervention by the user required)
  • if you have console/shell access to the IMAP server (as you can then run the script on the server itself, speeding the de-duplication process further up)

I also found that it deals relatively well with failures (e.g. when a folder is read-only and hence messages can’t be deleted): It simply reports them on the screen and carries on.

Here’s a quick’n’dirty bash script to de-dup the inbox and all subfolders of the specified account:

#!/bin/sh
# Delete all duplicate messages in all folders of said account.
# Note that we connect through SSL (-x) to the default port.

SERVER="my.server.com"
USER="mylogin"
PASS="mypass"

for folder in `imapdedup.py -s $SERVER -x -u $USER -w $PASS -l`;
do
 imapdedup.py -s $SERVER -x -u $USER -w $PASS $folder
done

If you only have to de-duplicate messages in a small folder, you could also use the following de-duplication add-on for Mozilla Thunderbird:

Remove Duplicate Messages Add-on for Thunderbird

Note however that the ‘Remove Duplicate Messages’ add-on is intended for interactive use only, not for batch processing. I also noticed that it fails at cleaning big mail folders (e.g. containing 50’000 messages).

 

How to compile Textual (open source IRC client) on Mac OS X

Textual is a heavily modified fork of LimeChat and looks and feels more native and light-weight than most other IRC clients for Mac OS X. Further, it doesn’t seem to have problems with window refreshing as observed with XChat Aqua/Azure (App Store link) and XChat for X11 (installed/compiled using ‘brew install xchat’).

Though Textual is also available in the App Store for 4.99 USD, I wanted to compile it from sources myself.

Here’s how to build Textual from sources (tested on Mac OS X Mountain Lion):

  1. Download and install Xcode 4 from the App Store.
  2. Download/checkout the latest Textual sources from https://github.com/Codeux/Textual
  3. Open the file Main Project (Textual).xcodeproj in Xcode.
  4. In Xcode’s Preferences -> Downloads -> Components, install the Command Line Tools.
  5. In the opened project in Xcode, disable code signing:
    For the target Textual, navigate to the tab Build Settings. In the “Code Signing” section, set “Don’t Code Sign” for “Debug” and “Release”.
  6. On the top left of the Xcode IDE window, select the scheme Textual (Standard Release) -> My Mac 64-bit
  7. Click on the “Run” button to start building the project
  8. The “Textual” app will be built in the subfolder “./Build Results/Release/” of your Textual source directory

Moving Zimbra Collaboration Server to a new IP address

Here’s a quick overview how to migrate a ZCS mail server (based on Ubuntu) to a new IP address:

0) Not covered here: Adjusting DNS entries. Make sure you lower the TTLs of the relevant DNS entries a couple of days in advance in order to minimize downtime for clients (e.g. set a TTL of 300 for a 5 minute downtime).

1) Set the new IP address in:
* The relevant DNS entries
* /etc/network/interfaces
* /etc/hosts
* If ZCS runs in a container/VM, don’t forget to adjust its IP address too.

2) If the new IP address is part of a new subnet, make sure to add this new subnet to ZCS’s trusted_networks, otherwise, sending (relaying) messages through ZCS from Zimbra Desktop (or any other mail client) won’t work[1]. This can be set using ZCS’s web admin interface (i.e. https://mail.myserver.com:7071/zimbraAdmin/):
Navigate to “Server settings”, then open the “MTA” tab and set something analogous to the following in “MTA Trusted Networks”:
127.0.0.0/8 w.x.y.z/26

3) Restart networking and the ZCS services (it’s important, as this adjusts the trusted_network setting in ZCS’s amavisd too):
# /etc/init.d/zimbra stop
# /etc/init.d/networking restart
# /etc/init.d/zimbra start

Alternatively, just reboot the server, particularly if it runs in a VM.

Voilà!

Note: The need for the adjustments in step 2) might come as a surprise. Authenticated messages to be relayed through ZCS apparently seem to originate from the external IP address, not localhost/127.0.0.1.

[1] A typical postfix error message might look like:
Delivery Failure Notification: Invalid address: somebody . com.zimbra.cs.mailbox.MailSender$SafeSendFailedException: MESSAGE_NOT_DELIVERED; chained exception is: com.zimbra.cs.mailclient.smtp.InvalidRecipientException: RCPT failed: Invalid recipient somebody@somedomain.com: 554 5.7.1 : Relay access denied

iTerm2 – Mac OS Terminal Replacement

iTerm2, the successor of iTerm, seems to be quite a bit better then the default Mac OS X terminal app:

iTerm2 – Mac OS Terminal Replacement.

If only every Mac OS X app (i.e. Quartz) would also support copy on select, middle button paste and the other X11-like features! [1] Further, I’d love to see a terminal app that disallows pasting (cmd-v) from the keyboard-controlled clipboard completely as this is potentially a very dangerous thing.

[1] Note: It’s possible to emulate X11′s behaviour to some degree using BetterTouchTool. It’s still not the same though as X11 distinguishes between the mouse-controlled buffer and the keyboard-controlled buffer and doesn’t just “paste from the clipboard”. For reference, see:

Mac OS X Snow Leopard Server: Send e-mail alert if RAID 1 degraded/fails/goes offline

By default, Mac OS X Snow Leopard Server (and later versions likely too) doesn’t send any e-mail alerts when a RAID set degraded. Fortunately, sending such a notification can be implemented using a script, as explained in http://serverfault.com/questions/153956/mac-os-x-server-10-6-apples-software-mirrored-raid-worth-it:

# vi /etc/periodic/daily/150.check-raid

# cat /etc/periodic/daily/150.check-raid

#!/bin/sh
# This script checks for any degraded/offline/failed/whatever software
# RAIDs, and if any are found emails a note to an admin.  To use it,
# replace the ADMIN_EMAIL value with your own email address, drop it in
# /etc/periodic/daily, and change the owner to root.  This’ll make it
# run its check every morning at 3:15am.
#
# Warning: this script doesn’t check anything other than software RAIDs
# built with the Apple (i.e. Disk Utility) RAID tools.  It does not check
# any hardware RAIDs (including Apple’s RAID card), or even any third-party
# software RAIDs.  If “diskutil listraid” doesn’t list it, it’s not going
# to be checked.
#

ADMIN_EMAIL=”youradmin@somewhere.com”

if diskutil listraid | grep “^Status:” | grep -qv “Online$”; then
diskutil listraid | mail -s ‘RAID problem detected’ “$ADMIN_EMAIL”
fi


# chmod a+x /etc/periodic/daily/150.check-raid

Of course this requires that your server can actually send outgoing e-mail messages which may need some manual configuration, as explained in:

Mac OS X Snow Leopard Server: Configuring outgoing SMTP authentication for postfix

[Edit 20130401: Clarified the phrasing, anonymized data]