Saturday, January 23, 2010

PHP Code Snippets

SkyHi @ Saturday, January 23, 2010

A steadily growing collection of handy PHP code snippets that you should find useful!


Mbox vs Maildir: Mail Storage Formats

SkyHi @ Saturday, January 23, 2010
The Unix world has two ways of storing mail messages, the traditional mbox format and the newer maildir format. Postfix and Dovecot supports the two mail storage format so you can use any format, but I highly recommend you use the maildir format.
The Mbox Format

This is the traditional way of storing mail messages in the Unix world. In this format, a regular text file which serves as the mail user’s mailbox file is created.
Mbox storage format

Fig. 1: Mbox storage format
How Mbox works
Receiving and storing a mail

1. Lock the mailbox.
2. Append the header (usually “From [sender's email address] [date and time received]“) and the mail into the mailbox file.
3. Unlock the mailbox.

Retrieving a mail

1. Lock the mailbox.
2. Locate and read the mail.
3. Update the mail status flag.
4. Unlock the mailbox.

Deleting a mail

1. Lock the mailbox.
2. Move the contents of the mailbox, beginning from the position right after the mail to be deleted until the end of the mailbox, into the position of the mail to be deleted.
3. Reduce the size of the mailbox file by the size of the deleted mail.
4. Unlock the mailbox.

Searching a mail

1. Lock the mailbox.
2. Search the mailbox.
3. Unlock the mailbox.


* Format is universally supported.
* Appending a new mail into the mailbox file is fast.
* Searching text inside a single mailbox file is fast.


* Has file locking problems.
* Has problems when used with network file systems.
* Format is prone to corruption.

The Maildir Format

This is a new way of storing mail messages. In this format, a directory usually named Maildir is created for each mail user. Under this directory are three more directories named new, cur and tmp.
Maildir storage format

Fig. 2: Maildir storage format
How Maildir works
Receiving and storing a mail

1. Create a unique file in the tmp directory.
2. Write the mail into the newly created file.
3. Move the completely written mail into the new directory.

Retrieving a mail

1. Locate and read the mail.
2. Move the mail from new into the cur directory and append the mail status flag into the filename.

Deleting a mail

1. Delete the file containing the mail.

Searching a mail

1. Search each and every mail file.


* Locating, retrieving and deleting a specific mail is fast.
* Minimal to no file locking needed.
* Can be used on network file system.
* Immune to mailbox corruption (assuming the hardware will not fail).


* Some filesystems may not efficiently handle a large number of small files.
* Searching text, which requires all mail files to be opened is slow.


Postfix SMTP Server Setup Howto for RHEL/CentOS 5

SkyHi @ Saturday, January 23, 2010

Installing and setting up Postfix SMTP Server in Red Hat Enterprise Linux 5 or CentOS 5 is easy. Postfix has secure default settings so we just need to open it up a bit.

Install Postfix and Mail Transport Agent Switcher

Package Management
1. If you did not add postfix and system-switch-mail-gnome during the CentOS installation, you can add it now using Package Manager tool.

Switch to Postfix from Sendmail

By default, Sendmail is the active SMTP server. Here’s how to change it.

Mail Transport Agent Switcher Shortcut
1. Click System, select Administration, and click Mail Transport Agent Switcher. This will launch the system-switch-mail window.
Mail Transport Agent Switcher
2. In the system-switch-mail window, select Postfix and click Ok.

Configure Postfix

File Browser
1. Click Applications, select System Tools then click File Browser. This will launch the File Browser window.
File Browser
2. In the Location field, type in /etc/postfix and press Enter. If you don’t see the Location field, click the notepad button to toggle to text-based location bar.
3. Double click on the file to open it for editing. We need to make it listen to network request, accept mails bound to our domain and use maildir which is a better mailbox format than mbox the default.
Find the following keys and change its values as follows
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
home_mailbox = Maildir/

In, lines starting with # are comments. Save the file after completing your changes.

NoteMake sure that all mail_spool_directory lines are commented out. Otherwise, it will override the setting in the home_mailbox line above.
Service Configuration
4. Restart the postfix service. Learn how to restart services here.

Test Postfix

1. Click Applications, select Accessories, and click Terminal. This will launch the Terminal window.
2. In the Terminal window, type in the highlighted commands below.

Sample postfix session. Replace johndoe with any valid user account. The dot after the line test is a command that should be typed in.

NoteIf you need to add new user accounts, learn how to add or remove user accounts here.
[root@mail ~]# telnet localhost smtp
Connected to localhost.localdomain (
Escape character is '^]'.
220 mail.acme.local ESMTP Postfix
ehlo host
250-SIZE 10240000
250 DSN
mail from: johndoe
250 2.1.0 Ok
rcpt to: johndoe
250 2.1.5 Ok
354 End data with .
250 2.0.0 Ok: queued as 9729067C17
221 2.0.0 Bye
Connection closed by foreign host.
[root@mail ~]#

To check if the mail indeed exists

[root@mail ~]# cd /home/johndoe/Maildir/new
[root@mail new]# ls
[root@mail new]# cat 1185669817.Vfd00I18012M795756.mail.acme.local

Don’t worry, you don’t have to type in the whole filename above. Just type in the first few characters say 118 then press Tab to activate automatic completion.

From johndoe@mail.acme.local  Thu Feb 22 21:48:28 2007
X-Original-To: johndoe
Delivered-To: johndoe@mail.acme.local
Received: from localhost.localdomain (localhost.localdomain [])
by mail.acme.local (Postfix) with SMTP id 9729067C17
for ; Thu, 22 Feb 2007 21:48:26 -0500 (EST)
Message-Id: <20070222134827.9729067c17@mail.acme.local>
Date: Thu, 22 Feb 2007 21:48:26 -0500 (EST)
From: johndoe@mail.acme.local
To: undisclosed-recipients:;


[root@mail mail]#

Active Directory Integration with Samba for RHEL/CentOS 5

SkyHi @ Saturday, January 23, 2010

This article will show you how to join your Linux server into the Active Directory domain, how to integrate the Active Directory user accounts into the Linux user accounts and how to authenticate users in Active Directory using Winbind, a component of Samba.

ImportantA better way to integrate Active Directory into your Linux mail server is by using Postfix’s Virtual User Accounts.
NoteSamba is installed by default when you select the Server installation type during the installation process. In case you need to install or reinstall it, just add the Windows File Server package located in the Servers category using the Package Manager tool.

Setup and Configure Winbind

1. Click System, select Administration and click Authentication. This will launch the Authentication Configuration window.
2. Check the Enable Winbind Support and click Configure Winbind. This will launch the Winbind Settings window.
Winbind Settings
3. In the Winbind Settings window, set the Security Model to ads and fill in the Winbind Domain, Winbind ADS Realm and Winbind Domain Controllers. See sample settings below.
Winbind Domain
Winbind ADS Realm
Domain Controllers
NoteIf you would like to allow your Active Directory users to login to your Linux system, change Template Shell to /bin/bash.
ImportantTo ensure the success of the Active Directory integration, make sure that your Active Directory DNS is working, you are using the Active Directory DNS, you can ping the domain controllers and that the difference between the domain controllers’ clock and the mail server’s clock is not more than five minutes.
Join Winbind Domain
4. Click Join Winbind Domain. You will be asked to save your changes, click Save. In the Joining Winbind Domain window, fill in the Domain Administrator and Password. Click Ok when you are done. Click Ok again to close the Winbind Settings window.
Authentication Configuration
5. Click the Authentication tab and check the Enable Winbind Support.
Authentication Configuration
6. Click the Options tab and check the Local authorization is sufficient for local users. Click Ok when you are done.
Edit smb.conf7. Open the file /etc/samba/smb.conf for editing and change the key values below.
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
obey pam restrictions = yes
allow trusted domains = no
idmap backend = idmap_rid:acme=16777216-33554431
For the last line, replace acme with the value of workgroup and ensure that the range matches your idmap uid range.
NoteThe last line activates algorithmic mapping of the Windows IDs to Unix IDs. This enables you to use Samba across several Linux machines or recreate a corrupted mapping database since the mapping is consistent.
Service Configuration
8. Create the folder that will contain the home directory of the Active Directory users. From the terminal window, type in the commands below.
mkdir /home/DOMAIN
Replace DOMAIN with your domain. Make sure to capitalize your domain like ACME in our example.
Service Configuration
9. Edit the file /etc/pam.d/system-auth and add the line below.
session required skel=/etc/skel/ umask=0022
This will automatically create the user’s home directory whenever a PAM session is opened. Winbind and Dovecot will be opening the PAM session thus automatically creating the user’s home directory.
Service Configuration
10. Restart the winbind service and start the oddjobd service. Learn how to start and restart services here.

Test the Active Directory Integration

Service Configuration
1. From a terminal window, type in wbinfo -u. You should see the Active Directory user accounts.
Service Configuration
2. Try the Active Directory authentication, type in wbinfo -a "username"%"password".
Service Configuration
3. Finally, type in getent passwd. You should see the Linux system accounts along with the Active Directory user accounts.
NoteIf it doesn’t work, visit the Active Directory Troubleshooting page.

Related Pages

User Property
Active Directory Single Sign On. Use Identity Management for Unix to control access on a per user account basis.