-
Notifications
You must be signed in to change notification settings - Fork 0
Home
( this page is under development, updated hourly/daily )
We are including few Server (multi-function server, web-server, mail-server, etc, etc) installation, configuration, administration, management, etc scripts, & also links to the original (script / program / software) author site.
We are also including modified-scripts to modify known server-management (aka: server-admin, aka: admin-panel, etc) projects, to increase/unlock few essential+basic features to increase security & privacy, & basic essential functionalities.
abbr = Abbreviations : • pkg = package = suit = bundle • mgmt = management = mngmt • admin = administration or administrator • adv = advanced • aka = also-known-as • i.e = in-example • f.e = for-example • e.g = example-goes • dev = developer • authr = author • auth = authentication • usr = user • prv = private (secret data) • pub = public (shared data) • srvr = srv = server • svc = service • clnt = client • enc = encrypted • dcr = decrypted • sec = security ( sometime also = secret = second ) • cert = crt = certificate (usually a shared key to be used by users/public)
Server is a set of (running services/daemons) software that performs+provides repetitive or analytical result of multiple functions/calculations, when requested by user's client-programs . There are many many types/categories of servers: web-server, mail-server, dns-server, instant-messaging server, database server, file-server, print-server, application-server, API-server, hypervisor-virtualization server, communications server, media/CDN server, etc, etc, etc, etc, etc.
Various category/type of software performs various functions/steps/process in order to create, transfer, send, receive, obtain, view emails from one email address into another. A mail server contains multiple type of software, and usually functioning in middle of those pre-mentioned email handling process/steps : receives an outbound email from sender user, sends email into another mail-server, and a mail server also receives an email from another mail server, & stores/holds it in a mailbox for later access by mail-user. A MTA(mail/message-transfer/transport-agent) is a type/category of software/tool that can send and receive emails from one mail-server into another or from another mail-server, so MTA is a part of mail-server packages, i.e: Postfix, etc. As MTA performs the core-function of sending/receiving the email, often all mail-server components are combinedly & erroneously called just "MTA" ! instead of correctly calling it "mail-server package". A MSA(message/mail-submission-agent) is a type of software that receives email from user, user's outgoing emails, MSA then gives that email to MTA to send it out, MSA is usually part of mail-server packages. A MUA(mail-user-agent) is a type of software that can create/compose an email, submits new emails into the MSA type of software to send the email out, MUA can also obtain received emails from MDA type of software to show/display it to user, i.e: Thunderbird, etc, MUA is not part of mail-server packages, MUA is aka "email-client". A MDA(mail/message-delivery-agent, it is aka: LDA) is a type of software that holds received emails in user's mailbox, and MDA allows MUA to obtain received emails, and MDA gets email after MTA receives email from (remote or it-self) mail-server, and MDA is a part of mail-server packages, e.g: dovecot, etc. Besides those basic functions : a mail-server often needs to scan for malware & remove it from emails or quarantine the infected email , mail-server also needs to find-out the trustworthiness of email sender's server or domain by checking (a domain/server's) reputation scores, to stop spammers/abusers/exploiters, etc.
So our (this "Server-Admin-Scripts" project) objective is to modify+improve these(mentioned in below) known projects/scripts to ENABLE essential security-related & necessary advanced features & configurations to allow a server (e.g: mail-server, web-server, etc server owners & users of it, to "really enjoy" a "free" edition or open-source based edition of software for free to share data securely send/receive emails & communicate with peace, now that is very clear statement & simple, and not-deceptive:
- iRedMail Open-Source-Edition (aka: iRedMail-OSE, iRM-OSE) (aka free-edition) & iRedAdmin-OSE/free-edition.
We will support advanced feature requirements/need of : very-SMALL-SCALE business/group, or single-individual personal, or sole-proprietorship very-small business, or two individual-person (a very small-group) based business/personal, or (human)-family personal/business, or home-business or home-office , etc
as everyone need to work/earn for their MINIMAL survival and everyone needs to contribute/share their skills with others, and everyone has fundamental Rights for securely/privately communicate & share-information with others.
VERY STABLE MAIL-SERVER & MAIL-SERVICE : Notice to all : If you want very reliable & very professional & very very stable mail (or related other) servers/services, then you should get/obtain/setup, Option-1: a paid support & install "Pro" edition software, in order to support the devs & to get professional assistance/help, Or, Option-2: a paid fully-functional remote server with builtin mail (and related other) server/services, Or Option-3: more-than-one reliable, trustworthy & dependable relatives, friends or community neighbors to monitor & assist with your server maintenance works, Or Option-4: at-least use two (local or remote) server from two different location/internet-connection (for this, you would need to setup "cluster"HA, Comparison, List or failover or simpler round-robin based load-balancing), so that one (server) can still work (to receive emails) even if (some software or hardware inside the) other server has failed (or not-working or gone-down temporarily). Also see/read other (and same) options mentioned bottom-side of next section.
FUNDAMENTAL PROPERTIES OF MAIL-SERVER IP-ADDRESS & RDNS : Note: Mail-server's internet connection must have these TWO specific technical setup : an IP-address with a very specific RDNS-record (e.g:
username.example.com. or mail.example.com., etc) that must match with your domain-name (let us assume either you (or your parents) own/have: "example.com" ) , & SMTP port-25 must be unlocked/unblocked for that IP-address . ( For example, a Web-Server's IP-adrs does-not need to have a RDNS setup (its optional, that is, its good if its done), but does need to have port-443 (and port-80) unlocked/unblocked ) . ISP in your home will by-default block inbound/outbound usage of SMTP port-25 in residential class service/connection, & residential connection allots a dynamic-IP-address to client, & dynamic IP-address cannot have a RDNS for client. -
They have done these actually to force people/families/users to use online based free email-services (hotmail, yahoo-mail, gmail, outlook, etc etc etc), so that they can SPY on people easily by STEALING their communication data (all type of communication are private data & protected by Privacy-Rights, in USA that is the (1791) 4th-Amendementa, b, c of USA-Constitution, AND USA + other countries agreed+signed (in 1948) to uphold Article-12 of UDHR passed by UN-member-states, (and also 2014 Res-69/166, etc) . And they also do anti-constitutional things to have financial & other incentives/deals/gains by helping their buddies/relatives in their conglomerate business group (which has not-only businesses & corporations as their member, but CORRUPT LawMakersCriminal-LawMakers, insider-trade, Criminal-local-&-state-politicians, expelled-or-censured-Senators, corrupt-US-State-Reps in GOV, are also part of their group) , for members of these groups: human-rights or human-lives have much less value than their own-"happiness" from killings/destroying or stealing (aka: looting) more money for (themselves and for) their buddies/relatives . As few LAWs prohibits (participation or) acts that can directly help their own (business or) group where a LawMaker is part of, So they do this, in this fishy way : one LawMaker group "R-L-1" helps another business-group "R-B-2", and the other LawMaker-group "R-L-2" helps the other business-group "R-B-1" , as R-L-1 have their buddies/relatives in R-B-2 , & R-L-2 have their buddies/relatives in R-B-1 , So they are actually helping their own buddies or relatives, but not-directly to themselves, so that CRIPPLED-LAW (and CORRUPT investigators) or loopholes-in-Law cannot catch these corrupt activities . This type of techniques are also known as "Scratching each-others back" . And these type of evil group's evil activities are also known as Evil-Corporatism, ZionismZionism-Took-Control-Of-USA, zionism etc . E.g: "Verizon" ISP owns "Yahoo", so they do not want to allot free static-IP to their ISP-customers when customer requests for it for using in their own Mail-Server, Because SPYING & Anti-Privacy things are easier to do from their-own Yahoo-Mail servers . So ISP & Anti-Privacy-Violators will always keep on inventing new words+reasons,etc to say (aka: LIE) why they do this (blockage of port-25, aka block SMTP, aka block Outbound-Emails) : "to stop spammers" , "to stop virus infections" , etc, etc, But spammers or virus-spreaders are not-stupid type of bad-people, they can spam or spread-malware with too many advanced (or easy) ways , We all know & can see in our mailboxes that there are too many, many many spam emails, & we can also see too many reports that malware infested emails are causing so many losses to business & people, etc , So ISPs & "Privacy-Rights Violators" are lying & keep on lying.
We can have a specific phone-number to make/receive calls, and We can take this specific-phone-number into another phone-service provider when changing service, right ? So similarly, we can also obtain/have a specific static-IP-address & specific RDNS-record allotted to a specific person from a pool of IP-addresses, and which we must be easily able to take/move to another ISP when changing ISP service , but they (ISP & "Privacy Rights Violators") do not allow this ! So they do these to violate USA-Constitution & human-rights , if thats not the case then you & i wud've seen all/most ISP are able to allot a static-IP-address & setting the RDNS-record after a simple request, for free , but this does not happen as they have long-serpentile-double-toung and a leash/noose on their neck (placed by 4th-Amendment Privacy-Rights Violators+thiefssteller-wind, prism, USA-Spy-On-UN, echelon, xkeyscore) & they have their own special interests ("Scratching each-others back") . Those criminals themselves will do organized-crime, break something, harm/kill someone purposefully, then tell their citizens that they can protect it/us, if they are employed ! Good-Legislators (LawMakers) must-need to take some good-steps .
(1) you'll have to order/purchase/rent a static-IP-address from your ISP which may cost $1~to~$4/month extra (and during order, mention that you will need to use it to send/receive emails, So port-25 must be unblocked, & they must setup the RDNS-record, like this:
username.example.com. or mail.example.com. ) , in such case they will setup the RDNS & remove port-25 block for your static-IP-address .You will need to have your own domain-name, which may cost from $5-to-$20/yr (find a low-cost but reputable/trustworthy Domain-Registrar listed in ICANN . Choose that, which supports DNSSEC, gives Mail-Forwarding options, etc, etc).
(2) Another option is to obtain a "business"-class connection/service from your (Internet Service Provider) ISP (that allots a static-IP & all ports are also allowed, usually), but this type of service may be very costly or comparatively more costly.
(3) A simple option is, buy TWO remote servers which are low-cost virtual-private KVM/OVZ based/type-of servers, which may cost from $30-to-$50/yr total for two , you may also rent two dedicated servers but that (two) may cost from $14-to-100/month.
(4) One more option is to first configure two physical servers by yourself, then disconnect all USB/PS2,Video,etc ports except the RJ-45 ethernet/network port & the power-supply connector port, then super-glue all screws & enclosure openings, and chain it & lock it up with very-good-&-strong Lock(s) & seal it (you can also request your co-location to take pictures/video of seal & send them to you regularly over encrypted-emails or secure-website). You must lock-it & seal-it, so that opening the CPU-box enclosure is not-possible except by you.
( Note: do-not cover/block the AIR-FLOW intake & exhaust pathways in CPU-box, when your CPU-box is a general type of server-rack or server-computer form-factor based CPU, or else, it will overheat & crash soon . There are some tiny size computers which are usually not-over-clocked (and made with higher (operating-temperature) grade circuits+chips, etc), so this type of computer/CPU-box generates very very low heat, & general/simple air-flow is sufficient for the heat to dissipate in air. You can+should consider this type of computers/CPUs to use as your servers, but make sure you find out how much heat is actually generated when the unit's CPU/processor is running fully loaded at it's max CPU GHz/MHz frequency/cycles, then you'll know if it can keep-up on working or will it crash soon ) ,
then ship/send your those two servers over-secure shipping medium/channel into two different co-location service providers (data-centers), this type of option is usually very very costly, ( By the way, for this option to work, you will have to obtain various info ahead & first, from those two service-provider(s), and servers must be internally pre-configured to allow further configuration only from your home/business IP-address, you must pre-configure each server to use very strong-encryption based SSH connection, you must configure both server to also use very very very strong encryption to transfer or SYNC data between your those two specific servers, and all internal storage-drives must be (strongly) encrypted, and you also must make+get security+PRIVACY contract/deal/agreement/guarantee with+from both colocation service provider (server-farm / data-center), they must give you strong-encryption based secure VNC access (and internet access) into your server ).
(5) Another not-secured but simple option is to use email-redirection service or email-forwarding service or email-relay service, etc, to forward received email into one of your existing+active other email-address (which you may have to obtain from another email server or from another online email service provider).
Caution/Warning : As long as you will choose to use an email-address from such a mail-server that is not-yours, and not-located within your own-home or not-located in a known-safe premise/location that is under your-own control, or server-box can be opened-up or booted-up or data-copy connections can be made (to copy data) by someone/anyone else , then such mail-server(s) & your emails in those servers are not-actually secured and not-actually private , because it is easily possible to more easily steal your email's content/data from such unprotected or such remote servers, & then they(data-THIEFs) will run decrypt process (or apply ZeroDay exploits or use backdoors) if content was encrypted.
(6) Another option is to Create a very very very strong GPG/PGP/OpenPGP (digital) key-pair (pub-key, prv-key) or Get a very strong S/MIME certificate from a reputable public-CA, & share the pub-key (aka: cert) portion with people/users, & tell them that you only response to encrypted emails . In this option, any email-address (your own mail-server based email-address, or email-address from online email-service provider) can be used . Such emails will be secure for at-least some amount of time, bcuz of strong encryption, but unfortunately there are bugs/backdoors/etc to eliminate or reduce encryption-key strength , So, to counter, email users may (or must need-to) create email where content is already/once encrypted earlier, preferably by using even more stronger encryption keys, & by making sure that only your specific receiver have the decrypt pub-key beside you, & that this pub-key is not made public & used only for a specific private communication, then it will be little-bit more harder to decrypt & get to the original message level , as it is multi-layer encrypted . More encryption layers, make it more harder for Privacy-Rights Violators to decrypt.
Note: the location where your (mail)-server is used/placed/located, there, if your internet connection & network-routing devices (modems, routers, etc), servers, etc & related all equipments have complete backup-power-supply (aka: failover/redundant power supply system) to make very stable (internet) connection for the running servers, (even when power-supply from power-utility is disrupted), then, in such cases, you actually need only ONE (mail)-server running . When a server has higher-chance to get-disconnected or go-down (for software or hardware related reason) then you would+should need to have+use two servers in two different location, so that at-least one of the servers can still keep on working if the other one has gone-down or has disconnected.
DONATION/CONTRIBUTION FOR DEVS : Notice to all : if you own & using an open-source components based free mail-server software for your personal or for your home-office, or for your small-scale business, etc, and if you're (or if you've began) earning sufficiently, then please consider to donate/contribute to your mail-server package software's DEV (developer) AND mail-server's open-source component DEVs a few bucks per year at-least, if many mail-server owner & open-source software users do this, then DEVs can also survive & can pay some portion of their(DEV's) own service-fees / maintenance-fees, etc by using donations/payments.
We need to help each other (to do humane things), so please contribute/participate in this project, in whichever way you can, Thank you in advance.
Manage MySQL/MariaDB/PostgreSQL,etc database easily . More info on database management tools: Comparison -wiki.
• phpMyAdmin , GPLv2 , Isaac Bennetch, Michal Čihař : it is a tool written in PHP intended to handle the administration of MySQL/MariaDB, etc over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add columns, execute any SQL statement, manage indexes on columns.
- Features : Intuitive web interface. Support for most MySQL features. Import data from CSV and SQL. Export data to various formats: CSV, SQL, XML, PDF, ISO/IEC 26300 - OpenDocument Text and Spreadsheet, Word, Excel, LATEX and others. Administering multiple servers. Creating PDF graphics of your database layout. Creating complex queries using Query-by-example (QBE). Searching globally in a database or a subset of it. Transforming stored data into any format using a set of predefined functions, like displaying BLOB-data as image or download-link. etc etc.
Lic:PostgreSQL , PostgreSQL Global Development Group (and UC Berkeley) : it is a popular & feature rich Open Source administration and development platform for PostgreSQL . it may be used on Linux, Unix, macOS and Windows to manage PostgreSQL and EDB Advanced Server 9.5 and above. - Features : Powerful query tool with colour syntax highlighting. Fast datagrid for display/entry of data. Graphical query plan display. Grant Wizard for rapid updates to ACLs. Procedural language debugger (supporting pl/pgsql and edb-spl). Schema diff tool for managing differences between schemas. Feature List.
GPL , : it is a Web interface for the administration (aka: management) of SQLite databases. Following are permitted: Create, drop and vacuum databases. Show database information (schema, tables, indexes, file metadata). Create, browse, empty and drop tables. Show table structure and indexes. Execute sql.• pgweb gh ,
Lic:MIT , Dan Sosedoff : it is a cross-platform client for PostgreSQL databases. - Features: Cross-platform: Pgweb runs on OSX, Linux and Windows operating systems without a hustle. Binaries are cross-complied with Go and available for 32/64 bit systems. You can even run it on RaspberryPi. Easy to Install: Pgweb comes as a single binary file that's ready to go. You can install it manually, via Docker or using Homebrew on OSX which is updated regularly and is super convenient. Zero Dependencies: No need to install anything on your machines or services. Just download and run. To get started Pgweb just needs a browser and a PostgreSQL server to connect to. PostgreSQL 9.1+: Most versions of PostgreSQL are supported, starting with official support for 9.1. Older versions could also be compatible but not guaranteed. Simple and Clean: Pgweb was designed to be very simple and clean UI to browse database tables or run and analyze SQL queries. Export query results or table rows to CSV/JSON/XML. Multiple schemas are supported. Records query history. Flexible Sessions: Pgweb can work with any local or remote PostgreSQL server (Heroku supported) as well as any server behind a firewall by using native SSH tunnelling with passwords or ssh keys. Quick-connect with server bookmarks.
MTA (also often known as: mail-server) management tools are usually a smaller-feature-set version of full "Mail Server Packages", for more powerful mail server management options, either see below "Mail Server Packages" section, Or for even more powerful or multi purpose/function based server management, see below "Manage Server" section.
• Postfix-Admin sf , GPLv2 , Christian Boltz : it is a Web Based Management tool created for "Postfix". It is a PHP based application that handles Postfix Style Virtual Domains and Users that are stored in MySQL or PostgreSQL.
- Features : Web based administration for a virtual Postfix mail server. MySQL or PostgreSQL database support. Fetchmail support. Vacation / auto-reply support. Squirrelmail / Roundcube integration.
Webmail is a mail-server that holds mailbox for mail-users(aka: end-users), & users can access (view, send, receive) emails by using the (webmail) website from their web-browser software . Users can create their own webmail server in their own (or own-controlled) premise/home/business or they can create their own webmail service in a remote server that they own, by using webmail (or mail-server or server-management or server-control-panel, etc) software/packages . Users can also use webmail from 3rd-party online email service providers, but these online service providers are CENTER OF THIEFS & DATA-SPYING and CENTER OF PRIVACY-RIGHTS VIOLATION, for more info on such webmail-service-providers: Comparison -wiki.
• Roundcube Webmail , GPLv3 , Thomas Bruederli : it is a web-browser-based, multilingual IMAP client with an application-like user interface. Roundcube provides the full functionality you'd expect from an email client, including MIME support, address book, folder manipulation, message searching, and spell check. Roundcube is written in PHP and JavaScript.
- Features: Multilingual capabilities. Find-as-you-type address book. Richtext/HTML message composing. Searching messages and contacts. Canned response templates. Int. domain names (IDNA). Shared folders and ACL. Full featured address book. Extensible using the Plug-in API. And more! See the complete list of features.
Lic:BSD , Jamie Cameron (and others) : Usermin is a web-based interface for webmail, password changing, mail filters, fetchmail and much more . It is designed for use by regular non-root users on a Unix system, and limits them to tasks that they would be able to perform if logged in via SSH or at the console. Does not support multi-server. -
Usermin provides a full-featured webmail client experience with encryption, search, spam and antivirus management, mail filters, and folders. Usermin also allows system administrators to grant privileges to users like changing their password, managing databases, managing and editing files, and much more. If just another webmail won't do, Usermin might.
Most users of Usermin are sysadmins looking for a simple webmail interface to offer their customers. Unlike most other webmail solutions, it can be used to change passwords, read email with no additional servers installed (like IMAP or POP3), and setup users' Procmail configurations for forwarding, spam filtering and autoreponders.
Usermin also provides web interfaces for viewing and managing data in MySQL and PostgreSQL databases, editing Apache.htaccessconfiguration files, and running commands on the server. The administrator has full control over which of these modules are available to users.
It can manage these servers: SSH/telnet, postfix, spamassassin.
Server owner can : run shell commands, kill processes, view user's quota, edit user owned cron files, edit user details.
Customer can : upload/download files from remote urls, email checking/forwarding, edit plan file, edit personal user details.
Usermin features.
Manage, install, uninstall, configure system tools/software, and load+configure various types of advanced functionalities, services, daemons, servers . More info on server-management tools: Comparison -wiki, List(Debian).
• Webmin(webmin.com not-using https, but key files are using https) sf, gh , Lic:BSD , Jamie Cameron (and others) : a web-based system administration tool for Unix/Linux servers and services.
-
Features : it can configure operating system internals, such as users, disk quotas, services or configuration files, as well as modify, and control open-source apps, such as BIND DNS Server, Apache HTTP Server, PHP, MySQL, and more.
it can manage these servers : sendmail, postfix, WU-FTPD, BIND, Squid, etc . it does not support multi-server . Installation requires : Perl 5, Perl MD5 module, Slackware users must install descrypt.tgz . Server owner (or hosting company) can : create/edit/remove users, mail settings, server settings, etc . Customers can : mail forwarding/password, etc.
Create, edit and delete Unix Accounts on your system. Export Files and Directories to other systems with the NFS protocol. Set up Disk Quotas to control the amount of space available to users for their files. Install, view and remove Software Packages in RPM and other formats. Change your system's IP address, DNS Server settings and routing configuration. Set up a Linux Firewall to protect your computer or give hosts on an internal LAN access to the Internet. Create and configure virtual web servers for the Apache Webserver. Manage databases, tables and fields in a MySQL or PostgreSQL Database Server. Share files with Windows systems by configuring Samba Windows File Sharing. Too many features to list here all.
-
Features : it can manage these servers : proftpd, BIND, postfix, MySQL, etc . it does not support multi-server, but has cluster support . Installation requires : yum, up2date, or urpmi on RPM-based systems, or apt on Debian systems . Server owner (or hosting company) can : Edit DNS, Virtual Servers, Mail/FTP users, Databases, Install scripts, Server maintenance(start/stop), etc . Customers can : administer their own domains, setup aliases, read mail, etc.
Virtualmin is a web hosting control panel, designed to make it easy to manage websites, mailbox users, databases, and web applications. It provides website owner accounts, easily installable web applications, file management, and a comprehensive and easy to use API for integration with billing and support systems. Installing Virtualmin provides a full-featured web hosting stack with web, email, databases, spam and antivirus filtering, analytics, and much more. Virtualmin is the easiest and fastest way to turn a Linux system into a full-featured web hosting system, and it is fully integrated with Webmin.
Domain Accounts: Virtualmin provides powerful and flexible domain accounts, called virtual servers, and sub-servers, allowing users to manage their own websites. This allows delegation of management of websites to users on your server; a website owner can safely be delegated privileges for managing mail, DNS, databases, web applications, and more.
Mail-Server & Emails: Virtualmin helps you and your customers manage mailboxes, forwarders, autoresponders, alias, spam and antivirus scanning, and provides several powerful web-based mail clients including Usermin with full Virtualmin integration, RoundCube, and Squirrelmail.
User & Reseller Accounts and ACLs: Virtualmin provides powerful tools to allow delegation of many common administrative tasks to your customers and end users, empowering them and freeing you and your IT staff from the tedious chores of managing websites, databases, domains, and users. Virtualmin GPL provides domain owner accounts, which can create new websites, install applications, manage mail accounts and databases, view logs, and edit files. Virtualmin Professional adds reseller accounts, allowing you to delegate creation of domain owner accounts. Access Control List features provide fine-grained access control, and are configurable using Account Plans and Server Templates.
Security: A primary concern for any web hosting server administrator, Virtualmin provides a number of tools to help you keep your systems and your data safe. All of our products are provided via system-standard package repositories (yum/dnf on CentOS/RHEL or apt on Debian/Ubuntu), so updating them is easy and can be automated. Updating both system packages and Install Scripts web applications can be performed easily from within the UI. Virtualmin also allows use of Webmin's two factor authentication, certificate logins, brute force protection, and many other security features.
Alerts, Graphs, and Logs: Virtualmin provides easy viewing and searching of system and web server logs, advanced monitoring and email/text alerts for services and network status, system software and web apps update notifications, and current usage details. Virtualmin Professional adds historic system graphs for memory, CPU, processes, and much more.
Backups And Cloud Integration: Virtualmin makes it easy to keep good backups of your websites, databases, mailboxes, and more, and makes it easy to migrate to a new Virtualmin server. Cloud storage support for Dropbox, Google Drive, Amazon S3, and Rackspace Cloud means that whatever cloud provider you prefer, you'll be able to integrate Virtualmin into your infrastructure quickly and easily. Pre-installed Virtualmin images are available for several cloud server providers, as well, making it easy to host a Virtualmin system on cloud-based servers.
Databases: Virtualmin provides comprehensive tools for managing databases, and delegation of management to account holders. Adding, removing, exporting and importing database dumps, and more, can all be accomplished from within the UI. In addition, PHPMyAdmin and PHPPgAdmin Install Scripts are provided for both Virtualmin GPL and Virtualmin Professional, providing familiar tools for working with databases.
Install Scripts: Virtualmin GPL provides easy to install web applications for database management, web mail, WHMCS, and more. Virtualmin Professional provides over 100 web applications for nearly every need: CMS, CRM, forums, commerce, issue tracking, community, webmail, database management, mailing list management, and much more. Your domain account owners can manage their own web applications, and Virtualmin makes it easy to keep them up to date.
Lic:BSD , Till Brehm (projektfarm GmbH) : it gives option to choose one from 3 Level Setup: Admin, Reseller, and Webmaster . it is a ISP management and Hosting (Server) Control Panel software . It can manage one or more webservers, mailservers, BIND DNS server, FTP servers, MySQL databases and virtual Servers with an easy to use webinterface for administrators, resellers and clients. -
Features : Manage multiple servers from one controlpanel. Web server management for Apache and Nginx. Mail server managemwebminent (with virtual mail users). DNS server management (BIND and MyDNS). Configuration mirroring and clusters. Administrator, reseller and client login. Virtual server management for OpenVZ Servers.
Server owner (or hosting company) can : create database backups, edit/create DNS entries. Supports multi-server.
It can manage these: apache, bind, proftp/vsftpd, procmail.
Install requires : apache, sendmail/postfix, Quota pkg, PHP 5 apache mod, MySQL database, gnu-pop3d or similar, OpenSSL and mod_ssl for virtual hosts, Bind (8/9), iptables/ipchains.
Customers can : change mailbox settings (password, spam filter, etc), create/administrate subdomains and MySQL data, SSL.
GPL , : available in Debian repo , last updated on 2013 . Server owner (or hosting company) can : Add users, domains, bandwidth and disk space control, billing support, technical support ticketing, activate or deactivate in each subdomain PHP directives like safe_mode and register_globals , NAT, SSL . Does not support multi-server . It can manage these servers : Apache 2.x, Postfix/PostgreSQL, Proftpd, PowerDNS, MySQL 5.0, PostgreSQL 8.1, Mailman, Courier-POP, Courier-IMAP, Squirrelmail, PHPpgadmin, PHPmyadmin . Customers can : Add/remove subdomain, email management (users/pass), auto responders, ftp management (users/pass), PostgreSQL and MySQL management, parked domains, directories protection, support tickets, english, spanish and french languages, Paypal, Dineromail and Cuentadigital payments support. Sets an editable default size of 10 MB for mail accounts and sends a warning when this limit is close. The panel do not take any action but the domain administrator will be notified. An historical file for web space and bandwidth consumption, The chance to edit the SPF record for each domain has been added. Also users will be able to receive mails sent to parked domains. Backup tool, the posibility to set tipical values for the server_encoding variable in new PostgreSQL databases, the posibility to choose different values for the AddDefaulCharset variable in Apache for each subdomain, installers for Joomla, phpBB, osCommerce, Wordpress, xoops, phpwcms and smf for all customers accounts.• Kloxo-MRf gh, sf ,
AGPLv3 , Mustafa Ramadhan : it is a forked project of Kloxo . Last update was 2019 (this sentence was added in 2020).Mail-server-packages are usually a script (or a set of scripts or a installer program) that integrates+configures open-source (or closed-source) components/tools/software & turns them into a mail-server . Usually intended to be used in a standalone fresh server, but if you want to use a server for more multi purpose/funciton then see above "Manage Server"-section . More info on mail-servers: List -wiki, Comparison -wiki.
• Courier Mail Server w (mail-server package), GPLv3, Sam Varshavchik : it is an integrated mail/groupware server based on open commodity protocols such as ESMTP, IMAP, POP3, LDAP, SSL, and HTTP. It provides ESMTP, IMAP, POP3, Webmail, calendaring, and mailing list services.
• Rumble Mail Server (mail-server package), GPLv3, Daniel Gruno : Rumble is a mail server suite for SMTP (ESMTPSA), HTTP, POP3 and IMAP4v1 with an extensive C/C++ and Lua API for scripting. It comes with support for SSL/TLS, SQLite and MySQL and has a web-based administration and webmail feature. Additional included modules feature greylisting, DNS blacklisting, SpamAssassin support and dynamic performance scaling as well as a multithreaded structure that allows for clustering of multiple servers for one or all domains, and with the ease of the Lua API, you can create your own new server mailing lists, CRM software, e-marketing and other extensions within minutes.
- Features: (1) Flexible SMTP, POP3 and IMAP4v1 server with LEMONADE compliance (2) Easy, seamless integration of C/C++ modules and Lua scripts (3) Intuitive web interface (4) Works on all modern 32 and 64 bit operating systems (Windows, Linux, Mac, other UNIXs) (5) Supports STARTTLS/SSL on all services (6) Supports both SQLite3 and MySQL databases. (7) Optional on-site encrypted storage of mail (coming soon!) (8) Supports SpamAssassin spam filtering (through spamd, of course). (9) Includes greylisting, blacklisting and whitelisting features. (10) Dynamic scaling of performance to match current server load (11) GLOB support for email accounts (fx.
*@domain.tldorbugtrack-?????@domain.tld) (12) Support for single/multiple domain administrators in the web interface (13) BATV / VERP support (14) Mutithreaded queue system.
• iRedMail+iRedAdmin w (mail server package) , GPLv3 , Zhang Huangbin : this project DEVS HAVE IMPLEMENTED & KEPT ONLY-FOUR OR VERY-LIMITED FEATURES & CONFIGURATIONS in free (open-source) edition, and their iRedMail + iRedAdmin-Pro edition includes 20+ features. And, still appears to be deceptively using the words "free" & "full-featured" & "mail-server", etc either in same sentence !!! Or in different sentences that are next to each other or one-after-the-other ! Another major issue is, iRedMail allows mail-server admin to download an initial email which contains all config-info and all passwords for all (initial) accounts, all passwords of all databases, etc over (self-signed 2048bit-RSA based) very-weakly-encrypted IMAP/143/IMAPS/993 or POP3/110/POP3S/995 connection, which is opposite of good-or-best security practice ( and this project-devs are claiming that they are using "best practices" ! ) , and iRedMail installer does not show those config-info directly to the server admin immediately after the (iRedMail) installation completes !, or does not show config-info in that initial email over webmail based HTTPS/443 securely connected webpage (but initially webmail is also weakly-encrypted, as its using that 2048bit-RSA self-signed cert). As this initial-mail (config-info email) with private-info has traveled thru weakly-encrypted connection, all passwords in it are easily recoverable & not-private to whoever stored/cached/decrypted/viewed it.
OSE = Open Source Edition.
- • OSE / FREE-EDITION (iRedMail-OSE + iRedAdmin-OSE) features : (1) Only one/single admin user is allowed to manage all mail-user's & all domain's basic config, (2) admin panel can show multiple language based localized web interface, (3) option to manage unlimited number of mail domains, (4) limited set of options to create+configure unlimited number of mail users.
• PRO / PAID-EDITION (iRedMail-OSE + iRedAdmin-Pro) features : (1) RESTful API Interface, (2) Unlimited Mailing List/Aliases, (3) Unlimited Separated Domain Admin, (4) Advanced Domain Management (Relay, Backup MX, etc), (5) Advanced User Management (Per-user Relay, Mail forwarding, etc), (6) Self-Service (allows mail server end-user to manage Password, Mail Forwarding, Whitelists, Blacklists, Spam Policy, etc), (7) Service Control (enable/disable POP3, IMAP, SMTP, Sieve filter, Mail Forwarding, BCC, etc), (8) Spam/Virus Quarantining, View info (size, spam score, etc), (9) Throttling, (10) Whitelisting & Blacklisting (based on IP adrs/net, sender adrs, sender domain-name), (11) Searching Account, (12) Log Maildir Path of Deleted Dail User, (13) Log Admin Activities, (14) Fail2ban Integration (view banned IP adrs, Country/City, RDNS, log lines which triggered the ban, & unban when necessary), (15) Last login track (time, etc).
E-Mails must-be & can-be filtered, that is, they must-be scanned+analyzed+checked (Auth, SPF, DKIM, DMARC, etc) , and then harmful & unwanted fraud e-mails with (embedded or URL/Link-based) malware (or external/internal URL/Link to load malware) , ransomware , spamware or spam , spoofing/hoax , phishing messages need to be cleaned, quarantined or removed (and reported: DNSBL, etc) , either in the mail server side , Or in mail-user side (aka: mail client-side) by using anti-viruscomparison & anti-spam, anti-phishing, anti-keylogger etc software . Emails can have embedded codes in it & some of these can be very harmful (Key-Loggers, phishing, Social-Engineering, etc) Or anti-Privacy (aka: privacy-disrespecting, privacy-abusers, tracking users, etc), & some emails can have remote content (picture/media, etc) link/URL in it, which upon just-viewing can auto-send signals to email harvesters/exploiters (aka: data-collectors, aka: data-thiefs, aka: data-miners) websites, and can also consume computer resources (memory, disk, etc spaces, cpu processing/computing, data-stealing or data-bombing/overflowing, excessive internet data-usage thus causing extra money/fees, excessive electrical power consumption thus causing extra electricity money/fees, etc), etc etc.
Once your (a person's) Privacy (your private data) & Security is lost/stolen/exposed/abused (by THIEFs) then getting back privacy (new ID number, new SS number, private data & materials & lifestyle, etc) is VERY VERY COSTLY , So (please) take preventive/defensive (security) measures1,2,3 before/early/ahead (that is, practice cautious behavior/lifestyle when using internet connected devices & web/online services) , Or else CURE is (very) costly , and sometime there is NO cure (if your reputation/integrity is once lost, its lost).
If you are really a reckless/careless person, then may be your recklessness should be exposed to attempt to fix your harmful behavior, & to help others/people/users by avoiding you.
More info on server security: Hardening, Surface of vulnerabilities, security, firewallComparison,List,Router-&-Firewall, intrusion-detection(comparison), etc.
More info on mail filtering: List -wiki, anti-spam techniques, etc.
There are many many Unix, Unix-Likecomparison, GNU/Linuxcomparison, etc operating-systemcomparison (OS) (aka: distro) variants & derivatives . I would recommend to use Debian based distro from GNU/Linux category as server OS, as Debian DEVs usually implement security-patches/fix quickly, and Debian repository (aka: repo) also usually have near-to-latest tools/packages, etc software, and Debian DEVs also applies various secure techniques & patch/fix in most cases within 1 day, though some of their security implementations are not perfect, & not actually very secure.
( for example: Debian repo's security branch itself is kept (and told) to be accessed over HTTP (non-encrypted, non-secure) connection ! that is not good . debian do use at-least a bare minimal GPG/PGP encryption/digest based authentication system , but unfortunately they use low strength GPG/PGP (crypto) key . It is known, that, when a HTTPS based secure (encrypted) data-transfer connection along with GPG/PGP based authentication/comparison system is used (for accessing repo and for verifying downloaded pkg files), then, that is much better , than using only GPG/PGP based authentication system over non-encrypted HTTP based data-transfer connection , as Vulnerabilities/exploits (and Privacy issues) are found+possible when HTTP based (non-encrypted) connections were used along with low-strength GPG/PGP based authentication system to access repo or verify repo packages ).
Beside Debian, to use another good distro that is derivative of Debian, you may use Ubuntu (and be aware of this, Ubuntu often includes/uses non-open-source items which cannot be trusted and included functions/abilities cannot be verified) . You may also use Fedora (for latest & secure tools) . If you want more-secure distro/OS & happy with older open-source components (that are atleast patched with uptodate security fixes), then you may use RHEL (now owned by IBM) or (RHEL based) CentOS, SUSE Linux, etc.
And read CC, (and Performance, SPEC, etc) and then check-out EAL ratings of other OS choices from List of security-focused OS, Trusted OS, Security-evaluated OS, etc.
Also check out known unpatched vulnerabilities list of various software: CVE(Common Vulnerabilities and Exposures), secuniaw, SecurityFocusw.
To increase security & privacy, you have to read+understand various type of Threats/Attacks that bad+harmful+thief type-of-evil-people (or unethical-hackers) can do, identify risks, & take pre-cautionary countermeasure steps to protect against those harmful & Zionist/Zionism activities . Do not under-mine or under-estimate them , you must front-them with knowledge & right tools , not with emotion & not with "i have nothing to hide so its okay for (any/all) Thief to continue to Steal from anyone+all, & so its okay for any/all Thief to plant backdoors in software, so its okay for any/all Thief to create weaponized-software to attack+affect their own citizens + residents" ( this is what colonial-british and Hitler and USA's Bush+Cheney gang, etc Zionists/Zionism (aka: Anti-Humanity groups) did to run (immoral & unethical) legalized-SPYING schemes (aka: legalize-Violation of Privacy-Rights, aka: legalized-THEFT of private-data, etc), by using costly+unethical activities of THIEF / VIOLATOR / SocioPathic / Zionist/Zionism / Anti-Humanity agencies ) , and they turned these into global evil+(anti-humnaity) schemes by using evil+zionist+(anti-humanity) people+entities from other countries , USA's founding-fathers & "people" had to organize & include necessary protection measures in USA-Constitution as 4th-Amendment to Stop this ) , and also do not front evil-people (or unethical-hackers) with "i have no-money, so its okay to hack/crack or violate or break my-account (or my private information, etc) or my security, Lock, protection, encryption or my Privacy-rights" type of ignorant+evil attitude/comments , i dont think you'll say or allow to hack/steal from your own wife/husband, daughter/son, mother/father, sister/brother's private data, by Zionists/(anti-humanity) & later blackmail you / your-relatives with threat to expose it, etc ) , these type of real unsmart+reckless sayings/words & acts are really Anti-Humanity & evil+wrong thinking/excuse/selfBrainwashing & harmful, ( Do not forget that Zionists(Zionism) are anti-humanity & anti-earth (they have a body that looks like human & they live on earth, but they love to abuse human & earth), they are giving "wrong-thoughts" (aka: brainWashing) & "wrong-words" for free via their TV-series & movies & main-stream-medias into the brain/mouth of people, who does-not posses sufficient knowledge/education ) . If you dont know or dont want to know what toxic/poison or what harmful-GMO your (Zionist/Anti-humanity) food-manufacturers are putting/using in your "food" , then you will not be able to deter/avoid harmful food, so after eating & after some time, you'll be affected by toxicity/harm in it, & solution/cure could be very costly or life-threatening or too-late to fix/solve , ( ZIONISTS (aka Anti-Humanity Person, aka: ZIO-US-AMERICANS, ZIO-ISRAELIS, etc, etc) MAKE/LOOT MONEY IN BOTH WAY : if you live then you will buy/consume more from them or from their Zio "friend"/buddy (from their Zio congolomerate group), & Zionists also make money if you become sick or about to die, bcuz you will goto their buddy/relative's Hospital/medication/pharma business ) . You & your family will be affected for your own ignorance , & your ignorance will bring your (and others) demise, and will also cause various level of loss for your neighbors+society (if you were a contributing+participating member of your society).
If you have planned to use at-least two or more (web/mail, etc) servers, then, for high-availability & load-balancing you may use Pacemakerw with either Linux-HA/heartbeat(linux-ha.org not-using https) Or Corosyncw , on Debian , you may obtain it also from here . Few other options are: use IPVS(ipvsadm)w(not-using secure https) from LVS, Or use Kerrighed(kerrighed.org not-using https), ig, gh, wiki, Or use OpenSSIsf, wiki.
Make sure your server to server (data sync-connection or other communication services) connections (for your TWO servers) are using extremely strong encryption, if your chosen clustering/HA softwarelist, cannot do that, then avoid that cluster/HA software becuz strong-encryption based secure conneciton has highest importance/priority for a solution to be really secure.
Sometime a syncing software will be suffice for your implementation or need : checkout lsyncdgh (or lipsync), GlusterFS, BindFS, DRBD & DRBD-Proxy, mirror, Cluster SSH .
Sometime database replication/syncing software/solution will be suffice, so checkout : GaleraCluster+MariaDB .
Do not worry about what is slow , AVOID LESS-SECURE SETTINGS/OPTIONS EVEN IF IT IS FASTER , bcuz your personal or your family or your very-small-scale business has very less (total) amount of end-users/mail-users/visitors/clients, etc and their Security & Privacy is more important than little-bit more speed , please remember "ALL PEOPLE's/USER's SECURITY and PRIVACY IS ALWAYS MORE-IMPORTANT THAN SPEED/FAST.
A FASTER BUT LESS-SECURE COMPONENT/ENCRYPTION WILL ALWAYS BE LESS-SECURE & WILL ALWAYS BE HACKED/CRACKED MORE EASILY AND (wait for the next word ... here it is) FASTER" . If you loose it only once, your reputation/ratings will go down, & you will loss private/valuable data : Various online search engines/servers, caching/archiving software/database/servers, online-social-chat/media sites, etc around the world will hold on & keep on exposing/displaying info about your loss of security+privacy & stolen/lost private-items . You cannot erase/remove such (exposed) data/items from entire internet, or from all search-engines or from all caching/archive servers, or from all online-social-chat/media sites, or from all people's brain who has seen/know, etc , even if you have lots of money & lawyers & connections in your pocket, ( and i am assuming you dont have lots of money, ... ).
-
• GNU General Public License Version 3
(GPL v3).
• Do Not Use This To Kill/Harm/Violate (or Steal-from)(Any) Human/Community,Earth,etc.
• This-Project/Scripts Based Features Must Exist+Available In Free/OpenSource Edition For Free.
• Copyright © 2020 atErik (Erik T Ashfolk) (<atErik@ÖυťĹöōķ·ċōm; atErïķ@AśhFölķ·ćōm> Do Not Copy Eml-Adrs, Type In English/basic-Latin Char, No Soliciting Permitted). All rights reserved.
• (All other trademarks, etc cited here are the property of their respective owners.)
• (All other copyright items cited here are the copyright of their respective author/creator.)
• 2020-08-18 : Changed sentences to include our objectives about supporting most/any server admin scripts.
• 2020-08-15 : Changed sentences to include our objectives about supporting most/any mail server scripts.
• 2020-08-10 : This project was created.