Add the following to your SSL configuration section:

   # Disable SSLv2 & SSLv3 against POODLE issue (CVE-2014-3566)
    SSLProtocol All -SSLv2 -SSLv3

Note to insert this to all VirtualHost sections where SSL is enabled!

Check your config:

apachectl configtest

Then restart apache server:

sudo service apache2 restart

To check if SSLv3 is turned off:

openssl s_client -connect server.domain.tld:443 -ssl3

Then you shold see a message like this:

error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1260:SSL alert number 40

To disable SSLv3 within other services:
see this post

Issue the following command:

openssl s_client -CApath /etc/ssl/certs/ -connect <host.domian.tld>:993

For testing on a mail server supporting both non-encrypted and encrypted (TLS) connections using STARTTLS method:

openssl s_client -CApath /etc/ssl/certs/ -starttls smtp -connect <host.domian.tld>:25

There should be stated quite at end of command output:

    Verify return code: 0 (ok)

before an eventual greeting message of the server.

A bit above, you can check the certificate chain completeness:

Certificate chain
 0 s:/description=3UwjnK9kRZ2wUo8e/C=CH/CN=domain1.ownspace.ch/emailAddress=hostmaster@ownspace.ch
   i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
 1 s:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
   i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Certification Authority
---

The last i(ssuer) is the root cert that most client will trust.

This small shell script removes all messages originating from a certain sender address out of the postfix mail queue.

#! /bin/bash
if [ "$1" == "" ]; then
  echo "please give e-mail address"
  exit 1
else
  emailaddr=$1
fi
for id in `mailq | egrep "[0-9A-F]{10} " | grep "$emailaddr" | cut -d " " -f 1`
do
  echo $id
  postsuper -d $id
done

To avoid bad things(TM) caused by a cracked e-mail account on our postfix mailserver, I used the script Check Auth Log to detect abnormal high numbers of logins or logins from many different IP addresses within a certain time onto a certain account. Then the script will lock out the account. This, together with per-session limits within postfix configuration (smtpd_client_message_rate_limit, smtpd_client_recipient_rate_limit), should help to avoid or at least mitigate the damage caused by cracked accounts, i.e. SMTP server being blacklisted.

Web Interface for DNS Queries.

Download

Download the tarball

Prerequisites

The "dig" tool must be installed on your system, and be allowed to be executed from php. If it doesn't work, e.g. if using safe_mode and/or open_basedir restrictions, add the path where dig is located to the two php options:

open_basedir /usr/bin/dig
safe_mode_exec_dir /usr/bin/

Within a VirtualHost, set with php_admin_value <option>.

In addition, TCP port 43 and UDP port 53 need to be open outbound.

Installation

Extract the content of the archive within your web root of the webserver, e.g.

cd <webroot>
tar xvzf dnstools.tar.gz

Usage

Navigate your web-browser to http://<your_host_name>/dnstools/ and enter either the appropriate form.