HoguInside & ㅁ ㅇ ㄷ nail

# vi /etc/vsftpd/vsftpd.conf 
pasv_enable=yes
pasv_min_port=5001
pasv_max_port=5005

# service vsfptd restart

yum install -y sendmail* cyrus-sasl*

[root@cm mail]# vi /etc/mail/sendmail.mc

define(`confLOG_LEVEL', `14')dnl ==> 자세한 로그 분석

TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl    ==> 사용자 인증 관련
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl ==> 사용자 인증 관련

define(`confCACERT_PATH', `/etc/mail/certs')dnl   ==>ssl 인증서 경로
define(`confCACERT', `/etc/mail/certs/AddTrustExternalCARoot.crt')dnl  ==>CAroot.crt 인증서
define(`confSERVER_CERT', `/etc/mail/certs/xx_xxxxxx_co_kr.crt')dnl ==> server.crt 인증서
define(`confSERVER_KEY', `/etc/mail/certs/xx_xxxxxx_co_kr_SHA256WITHRSA.key')dnl ==> server.key 인증서

DAEMON_OPTIONS(`Port=smtp,Addr=0.0.0.0 Name=MTA')dnl ==> 기본 25port
DAEMON_OPTIONS(`Port=submission,Addr=0.0.0.0 Name=MSA, M=Ea')dnl  => 25 대신 587 오픈. 안해도 무방
DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl ==> 465 port starttls 사용포트

[root@cm mail]# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf          ==> sendmail.cf 재생성

[root@cm mail]# vi /etc/mail/sendmail.cf
O Timeout.starttls=1h   ==> 주석해제

[root@cm mail]# mkdir /etc/mail/certs
[root@cm mail]# cp -arp {인증서path} /etc/mail/certs/
[root@cm mail]# chmod 600 -R /etc/mail/certs

[root@cm mail]# vi /etc/sysconfig/saslauthd   

# Directory in which to place saslauthd's listening socket, pid file, and so
# on. This directory must already exist.
SOCKETDIR=/var/run/saslauthd

# Mechanism to use when checking passwords. Run "saslauthd -v" to get a list
# of which mechanism your installation was compiled with the ablity to use.
MECH=pam   ==> 사용자 인증  pam으로 사용

# Options sent to the saslauthd. If the MECH is other than "pam" uncomment the next line.
# DAEMONOPTS=--user saslauth

# Additional flags to pass to saslauthd on the command line. See saslauthd(8)
# for the list of accepted flags.
FLAGS=

기본 적용되있으면 그냥 두면됨

vi /etc/sasl2/Sendmail.conf

pwcheck_method:saslauthd
mech_list:LOGIN PLAIN ==> 삽입. "pwcheck_method:saslauthd" 내용은 입력 되어 있음. 없다면 해당 내용 두 줄 입력

[root@cm mail]# /etc/init.d/sendmail restart
[root@cm mail]# /etc/init.d/saslauthd restart

[ 정상 로그 ]
Jul 19 14:36:02 cm sendmail[10822]: NOQUEUE: stopping daemon, reason=signal
Jul 19 14:36:02 cm sendmail[11019]: starting daemon (8.14.4): SMTP+queueing@01:00:00
Jul 19 14:36:02 cm sendmail[11019]: STARTTLS: CRLFile missing
Jul 19 14:36:02 cm sm-msp-queue[11027]: starting daemon (8.14.4): queueing@01:00:00
Jul 19 14:36:03 cm sendmail[11019]: STARTTLS=server, Diffie-Hellman init, key=1024 bit (1)
Jul 19 14:36:03 cm sendmail[11019]: STARTTLS=server, init=1
Jul 19 14:36:03 cm sendmail[11019]: started as: /usr/sbin/sendmail -bd -q1h

[ 에러 로그 ]
Jul 19 13:31:08 cm sendmail[6837]: NOQUEUE: stopping daemon, reason=signal
Jul 19 13:31:08 cm sendmail[8925]: starting daemon (8.14.4): SMTP+queueing@01:00:00
Jul 19 13:31:08 cm sendmail[8925]: STARTTLS: CRLFile missing
Jul 19 13:31:08 cm sendmail[8925]: STARTTLS=server: file /etc/mail/certs/COMODORSADomainValidationSecureServerCA.crt unsafe: World writable directory
Jul 19 13:31:08 cm sendmail[8925]: started as: /usr/sbin/sendmail -bd -q1h
Jul 19 13:31:08 cm sm-msp-queue[8933]: starting daemon (8.14.4): queueing@01:00:00
- 해당 인증서 디렉토리 권한 문제. 위 권한 설정 진행하지 않으면 발생됨.

[root@cm mail]# telnet xx.xxxxxx.co.kr 25
Trying 115.xx.xxx.xxx...
Connected to xx.xxxxxx.co.kr.
Escape character is '^]'.
220 xx.xxxxxx.co.kr ESMTP Sendmail 8.14.4/8.14.4; Wed, 19 Jul 2017 14:51:39 +0900
ehlo localhost  ==> 명령어로 확인
250-xx.xxxxxx.co.kr Hello [115.xx.xxx.xxx], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH LOGIN PLAIN    ==> 사용자 인증
250-STARTTLS   ==> 패킷 암호화 패치
250-DELIVERBY
250 HELP

php mail test source

<?php

$smtp_mail_id = "smtp 메일계정";
$smtp_mail_pw = "패스워드";
$to_email = "받는 사람 메일";
$to_name = "받는 사람 이름";
$from_name = "보내는 사람 이름";
$from_email = "보내는 사람 메일";
$smtp_use = 'xx.xxxxxx.co.kr';
$title = "서버 메일테스트입니다.";
$content = "서버 메일테스트입니다..";

//메일러 로딩
require_once("./class.smtp.php");
require_once("./class.phpmailer.php");

$mail = new PHPMailer(true);
$mail->IsSMTP();
try {
  $mail->Host = $smtp_use; // email 보낼때 사용할 서버를 지정
  $mail->SMTPAuth = true; // SMTP 인증을 사용함
  $mail->CharSet = 'utf-8';

  $mail->Port = 465; // email 보낼때 사용할 포트를 지정
  $mail->SMTPSecure = "ssl"; // SSL을 사용함
  $mail->Username = $smtp_mail_id; // 계정
  $mail->Password = $smtp_mail_pw; // 패스워드

  $mail->SetFrom($from_email, $from_name); // 보내는 사람 email 주소와 표시될 이름 (표시될 이름은 생략가능)
  $mail->AddAddress($to_email, $to_name); // 받을 사람 email 주소와 표시될 이름 (표시될 이름은 생략가능)

  $mail->Subject = $title; // 메일 제목
  $mail->MsgHTML($content); // 메일 내용 (HTML 형식도 되고 그냥 일반 텍스트도 사용 가능함)
  $mail->Send(); // 실제로 메일을 보냄

  $ok_msg = iconv('utf-8','euc-kr','메일을 전송하였습니다.');
  echo "<script>alert('".$ok_msg."');</script>";

} catch (phpmailerException $e) {
  echo $e->errorMessage();
} catch (Exception $e) {
  echo $e->getMessage();
}

?>

[root@cm mail]# openssl s_client -host cm.aumlee.co.kr -port 465   ==> telnet처럼 openssl 메일 송신 테스트
CONNECTED(00000003)
depth=0 OU = Domain Control Validated, OU = "Hosted by Korea Information Certificate Authority, Inc.", OU = PositiveSSL, CN = xx.xxxxxx.co.kr
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 OU = Domain Control Validated, OU = "Hosted by Korea Information Certificate Authority, Inc.", OU = PositiveSSL, CN = xx.xxxxxx.co.kr
verify error:num=27:certificate not trusted
verify return:1
depth=0 OU = Domain Control Validated, OU = "Hosted by Korea Information Certificate Authority, Inc.", OU = PositiveSSL, CN = xx.xxxxxx.co.kr
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
 0 s:/OU=Domain Control Validated/OU=Hosted by Korea Information Certificate Authority, Inc./OU=PositiveSSL/CN=xx.xxxxxx.co.kr
  i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIRAKypsELizD0ZoyKs7S3XU5IwDQYJKoZIhvcNAQELBQAw
gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD
.
.
.(중략)
-----END CERTIFICATE-----
subject=/OU=Domain Control Validated/OU=Hosted by Korea Information Certificate Authority, Inc./OU=PositiveSSL/CN=xx.xxxxxx.co.kr
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
---
Acceptable client certificate CA names
/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
Server Temp Key: DH, 1024 bits
---
SSL handshake has read 2564 bytes and written 449 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
  Protocol : TLSv1.2
  Cipher : DHE-RSA-AES256-GCM-SHA384
.
.
.
.
.(중략)
  Start Time: 1500445618
  Timeout : 300 (sec)
  Verify return code: 21 (unable to verify the first certificate)     === > 인증서 정상적으로 받아온뒤 아래 처럼 메일 테스트 진행

220 xx.xxxxxx.co.kr ESMTP Sendmail 8.14.4/8.14.4; Wed, 19 Jul 2017 15:26:58 +0900
mail from : test@xx.xxxxxx.co.kr
250 2.1.0 test@xx.xxxxxx.co.kr... Sender ok
rcpt to : hoguinside@naver.com
250 2.1.5 hoguinside@naver.com... Recipient ok
data
354 Enter mail, end with "." on a line by itself
test
test
test
.
250 2.0.0 v6J6Qw4O012558 Message accepted for delivery

[ 송신 메시지 정상 로그]

Jul 19 14:50:49 cm sendmail[11761]: NOQUEUE: connect from [115.xx.xxx.xxx]
Jul 19 14:50:49 cm sendmail[11761]: AUTH: available mech=LOGIN PLAIN, allowed mech=EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
Jul 19 14:50:49 cm sendmail[11761]: v6J5on71011761: Milter: no active filter
Jul 19 14:50:49 cm sendmail[11761]: STARTTLS=server, relay=[115.xx.xxx.xxx], version=TLSv1/SSLv3, verify=NO, cipher=DHE-RSA-AES256-GCM-SHA384, bits=256/256
Jul 19 14:50:49 cm sendmail[11761]: STARTTLS=server, cert-subject=, cert-issuer=, verifymsg=ok
Jul 19 14:50:49 cm sendmail[11761]: AUTH: available mech=LOGIN PLAIN, allowed mech=EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
Jul 19 14:50:49 cm sendmail[11761]: AUTH=server, relay=[115.xx.xxx.xxx], authid=xxxxxxxxx@xx.xxxxxx.co.kr, mech=LOGIN, bits=0
Jul 19 14:50:49 cm sendmail[11761]: v6J5on71011761: from=, size=876, class=0, nrcpts=1, msgid=<68d3d47a954e5b85425017e349f44ae6 cm.aumlee.co.kr="">, proto=ESMTP, daemon=TLSMTA, relay=[115.xx.xxx.xxx]
Jul 19 14:50:49 cm sendmail[11763]: v6J5on71011761: SMTP outgoing connect on [115.xx.xxx.xxx]
Jul 19 14:50:49 cm sendmail[11763]: STARTTLS: ClientCertFile missing
Jul 19 14:50:49 cm sendmail[11763]: STARTTLS: ClientKeyFile missing
Jul 19 14:50:49 cm sendmail[11763]: STARTTLS: CRLFile missing
Jul 19 14:50:49 cm sendmail[11763]: STARTTLS=client, init=1
Jul 19 14:50:49 cm sendmail[11763]: STARTTLS=client, start=ok
Jul 19 14:50:49 cm sendmail[11763]: STARTTLS=client, relay=mx2.naver.com., version=TLSv1/SSLv3, verify=OK, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256/256
Jul 19 14:50:49 cm sendmail[11763]: STARTTLS=client, cert-subject=/C=KR/postalCode=13561/ST=Gyeonggi-do/L=Seongnam-si/O=NAVER+20Corp./OU=Information+20Security+20Team/OU=Hosted+20by+20Korea+20Information+20Certificate+20Authority,+20Inc./OU=Unified+20Communications/CN=mail.naver.com, cert-issuer=/C=GB/ST=Greater+20Manchester/L=Salford/O=COMODO+20CA+20Limited/CN=COMODO+20RSA+20Organization+20Validation+20Secure+20Server+20CA, verifymsg=ok
Jul 19 14:50:49 cm sendmail[11763]: v6J5on71011761: to=, ctladdr= (514/514), delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=120876, relay=mx2.naver.com. [125.209.238.137], dsn=2.0.0, stat=Sent (OK EPcdYHmZSTK2BKWSkYyj0g - nsmtp)
Jul 19 14:50:49 cm sendmail[11763]: v6J5on71011761: done; delay=00:00:00, ntries=1
Jul 19 14:50:49 cm sendmail[11763]: STARTTLS=client, SSL_shutdown failed: -1

[root@cm mail]# tcpdump -A '(src host 115.xx.xxx.xxx and dst port 25) or (dst host 115.xx.xxx.xxx and src port 25 )'

E.....@.3...}...sDrz.......#.G.f...r4......
...D.b..250-mx.naver.com Pleased to meet you
250-SIZE 41943040
250-8BITMIME
250-PIPELINING
250-STARTTLS
250 ENHANCEDSTATUSCODES

15:32:55.840996 IP 115.xx.xxx.xxx.57773 > mx3.naver.com.smtp: Flags [P.], seq 23:33, ack 182, win 115, options [nop,nop,TS val 23263012 ecr 350875460], length 10
E..>;a@.@...sDrz}........G.f.......sA......
.b.$...DSTARTTLS

15:32:55.844716 IP mx3.naver.com.smtp > 115.xx.xxx.xxx.57773: Flags [P.], seq 182:243, ack 33, win 114, options [nop,nop,TS val 350875466 ecr 23263012], length 61
E..q..@.3...}...sDrz.........G.p...r.......
...J.b.$220 2.0.0 Ready to start TLS QOMq+FWTSAmCLRMKTcK2QQ - nsmtp
.... 중략중략

 [root@localhost ]# top

top - 13:21:53 up 362 days, 12:51,  2 users,  load average: 0.36, 0.51, 0.60
Tasks: 544 total,   1 running, 541 sleeping,   0 stopped,   2 zombie
Cpu0  :  0.0%us,  0.0%sy,  0.0%ni,100.0%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
Cpu1  :  0.0%us,  0.0%sy,  0.0%ni,100.0%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
Cpu2  :  0.0%us,  0.0%sy,  0.0%ni,100.0%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
Cpu3  :  2.0%us,  0.3%sy,  0.0%ni, 97.7%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
Cpu4  :  0.0%us,  0.0%sy,  0.0%ni,100.0%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
Cpu5  :  0.0%us,  0.0%sy,  0.0%ni,100.0%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
Cpu6  :  0.0%us,  0.0%sy,  0.0%ni,100.0%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
Cpu7  : 10.4%us,  0.7%sy,  0.0%ni, 88.3%id,  0.0%wa,  0.0%hi,  0.7%si,  0.0%st
Mem:   8017812k total,  5458432k used,  2559380k free,   586348k buffers
Swap:  4194300k total,     9648k used,  4184652k free,  1795476k cached

ps -ef | grep defunct | grep -v grep

 [root@localhost ]# ps -ef | grep defunct | grep -v grep
root      8019  8017  0 12:01 ?        00:00:00 [unknown-error-t] 
root      8020  8017  0 12:01 ?        00:00:00 [unknown-error-t] 

[root@localhost ]# kill -9 8017
root      8019  8017  0 12:01 ?        00:00:00 [unknown-error-t] 
root      8020  8017  0 12:01 ?        00:00:00 [unknown-error-t] 

** 좀비 모두 죽이기

ps -ef | grep defunct | awk '{print $3}' | xargs kill -9

[root@localhost]# vi zombie_kill.sh

#! /bin/bash
date="$(date "+%Y-%m-%d_%H:%M:%S")"
log_dir="경로입력"
zombie_check=`ps -ef | grep defunct | grep -v grep | grep -v "\[sh\]"| wc -l`
if [ $zombie_check == '0'   ]; then
    exit 0;
else
    echo "==============================================================" >> /$log_dir/zombie_kill.txt
    ps -ef | grep defunct | grep -v grep | grep -v "\[sh\]" >> /{path}/zombie_kill.txt
    ps -ef | grep defunct | grep -v grep | grep -v "\[sh\]" | awk '{print $3}' | xargs kill -9
    echo "kill zombie process_$date " >> /$log_dir/zombie_kill.txt

    if [ $zombie_check == '0' ]; then
        exit 0;
    else
        /bin/sh /$log_dir/zombie_kill.sh
    fi
fi

yum install libevent-devel openssl-devel readline-devel libconfig-devel lua lua-devel -y

ln -sf /usr/lib64/libncursesw.so /usr/lib/libncursesw.so

mkdir /tele

cd /tele

git clone –recursive https://github.com/vysheng/tg telegram_cli

export LDFLAGS=”-lncursesw”

./configure && make

cp /root/tele/telegram_cli/tg-server.pub /root/tele/telegram_cli/bin/

cd /root/tele/telegram_cli/bin/

./telegram-cli -k tg-server.pub

* sample source
======================================================================================
#!/usr/bin/lua
dir_cmd="/tele/telegram_cli/bin/sh"
auth_phone={ ["82본인폰번호"] = true }
function on_msg_receive (msg)
 
 if ( msg.text == 'date' ) then
  send_msg(msg.from.print_name, os.date(), ok_cd, false)
  return
 end

  local recv_msg = msg.text
                local result = {}
                function split(str, delim)
                        local i=1
                        if ( str ~= nil ) then

                                for tmp in string.gmatch(str, "[^%s]+") do
         table.insert( result, tmp )
                                     i = i+1
                                end
                        end
                        return result
                end

       r = split(recv_msg," ")
       cmd = r[1]
       cmd2 = r[2] 
  
  print("receive : ", cmd, "\n")
  print("Name    : ", msg.from.print_name)
  print("Phone   : ", msg.from.phone) 
  print("Msg Num : ", msg.id)  
  print("to.Name : ", msg.to.print_name)
 
  if (msg.to.id == our_id) then
   user_id = msg.from.print_name
  else
   user_id = msg.to.print_name
  end

   if auth_phone[msg.from.phone] then
   print "auth    : OK "
  else
   print "auth    : invalid user"
   return
  end

  mark_read(user_id, ok_cb, false)
  
  if ( cmd == 'Help' ) then
   send_text(user_id, dir_cmd ..'/help.txt', ok_cd, false)
   return
  end 

end
function ok_cb(extra, success, result)
end

======================================================================================

#!/usr/bin/lua
dir_cmd="/tele/telegram_cli/bin/sh"
auth_phone={ ["82본인폰번호"] = true }

function on_msg_receive (msg)
 
 if ( msg.text == 'date' ) then
  send_msg(msg.from.print_name, os.date(), ok_cd, false)
  return
 end

  local recv_msg = msg.text
                local result = {}
                function split(str, delim)
                        local i=1
                        if ( str ~= nil ) then

                                for tmp in string.gmatch(str, "[^%s]+") do
         table.insert( result, tmp )
                                     i = i+1
                                end
                        end
                        return result
                end

       r = split(recv_msg," ")
       cmd = r[1]
       cmd2 = r[2] function on_msg_receive (msg)

  print("receive : ", cmd, "\n")
  print("Name    : ", msg.from.print_name)
  print("Phone   : ", msg.from.phone) 
  print("Msg Num : ", msg.id)  
  print("to.Name : ", msg.to.print_name)

  if (msg.to.id == our_id) then
   user_id = msg.from.print_name
  else
   user_id = msg.to.print_name
  End

   if auth_phone[msg.from.phone] then
   print "auth    : OK "
  else
   print "auth    : invalid user"
   return
  end

  mark_read(user_id, ok_cb, false)

 if ( cmd == 'Help' ) then
　　send_text(user_id, dir_cmd ..'/help.txt', ok_cd, false)
   return
  end 

end
function ok_cb(extra, success, result)
end