Postfix Cheatsheet

Check the queue

mailq – Check emails queue (then with ! are on hold)

Move all deferred messages to the hold queue

postsuper -h ALL deferred

Release 200 emails from holding back to deferred

mailq | awk ‘ /^[0-9A-F][0-9A-F]/ {print $1}’ | grep ! | head -n 200 | tr -d ‘!’ | postsuper -H –

Delete messages from the hold queue sent by ‘’

mailq | awk ‘ /^[0-9A-F][0-9A-F]*.*domain\.com$/ {print $1}’ | tr -d ‘!’ | postsuper -d –

Delete messages from the hold queue sent by ‘’

mailq | awk ‘ / example.domain\.com$/ {print $1}’ | tr -d ‘!’ | postsuper -d –

mailq | grep -E “^[A-Z0-9]+” | grep | cut -c1-12 | postsuper -d –

postqueue -p | tail -n +2 | awk ‘BEGIN { RS = “” } / example@domain\.com/ { print $1 }’ | tr -d ‘*!’ | postsuper -d –

Move 100 messages in the hold queue back to deferred

mailq | awk ‘ /^[0-9A-F][0-9A-F]/ {print $1}’ | grep ! | head -n 100 | tr -d ‘!’ | postsuper -H –

Block an IP/Subnet from sending email

Add a /etc/postfix/access file with content like the following. The first line blocks a single IP, the second blocks a subnet


Run ‘postmap /etc/postfix/access’ to create the lookup table.

Add the following line into /etc/postfix/

smtpd_client_restrictions = check_client_access hash:/etc/postfix/access, permit

The ‘permit’ statement at the end is very important to allow other email.

Reload postfix to apply the block.

Cisco CCENT Notes

Please find my notes below for CCENT exam.

  1. OSPF (Open Shortest Path First) uses cost as metric.
  2. Dotted-decimal equivalent of
    1. /15 is
    2. /16
    3. /24
    4. /32
  3. OSPF  is NOT called an advance distance-vector protocol
    1. EIGRP , RIP1, RIP2, Babel is an advanced distance-vector protocol
    2. OSPF OR IS-IS is link state router protocol 
    3. Link-state protocol is performed by every switching node in the network. The concept is that every node construct a map of connectivity to the network, in the form of graph, showing which nodes are connected to which other nodes. each node then independently calculates the next best logical path from it to every possible destination in the network. The collection of best paths will then form the node’s routing table.
    4. Distance-vector routing protocols, which work by having the each node share it’s routing table with it’s neighbors. in the link-state protocol the only information passed between nodes is connectivity related. The link-sate algorithms are sometimes called characterized informally as each routers “telling the world about it’s neighbors”.
  4. Area border routers are the routers which are in a least two areas in the same time. Any router that is member of two areas in an area border router, or ABR, by definition.
  5. show processes cpu – can be used  to determine a router’s capacity to generate debug output.
  6. Source and destination addresses, source and destination ports and protocol is used in the IP extended access list for permitting or denying packets.
  7. Backoff on a an Ethernet network is the retransmission delay that’s enforced when a collision occurs. n a variety of computer networks, binary exponential backoff or truncated binary exponential backoff refers to an algorithm used to space out repeated retransmissions of the same block of data, often as part of network congestion avoidance.
  8. show access-lists – allow to view the entire content of all access list.
  9. SSH – application layer protocol sets up a secure session that’s similar to Telnet.
  10. Only 1 collision domains  exists when a hub is used.
  11. L type is /32 mask in routes in the routing table.
  12. bandwidth 64 – command sets the bandwidth metric of Frame Relay connection to 64000 bps.
  13. FCS section is the Error detection in the ethernet II Frame
  14. Incrementing of runts on the interface is caused by collisions 
  15. False. Layer 2 switches and bridges are faster than routers because they don’t take up time looking at the Data Link layer header information.
  16. The logging synchronous command causes the system to return you to your previous promt after displaying

Web Testing Tool and Site

HP Load Runner


Why WebLOAD new design

Searching Multiple file using zgrep

find -name \*.eml.gz -print0 | xargs -0 zgrep "STRING"

You have to escape the first ‘*’ so that the shell does not interpret it. “-print0” tells find to print a null character after each file it finds; “xargs -0” reads from standard input and runs the command after it for each file; “zgrep” works like “grep”, but uncompresses the file first.

Added for myself  for quick info from here:

How to get a free valid SSL

Recently there was no way to get a valid free SSL and you were force to buy one .

Thanks to them you can now get a free SSL which is valid in major browsers.

Some background

The objective of Let’s Encrypt and the ACME protocol is to make it possible to set up an HTTPS server and have it automatically obtain a browser-trusted certificate, without any human intervention. This is accomplished by running a certificate management agent on the web server.

To understand how the technology works, let’s walk through the process of setting up with a certificate management agent that supports Let’s Encrypt.

There are two steps to this process. First, the agent proves to the CA that the web server controls a domain. Then, the agent can request, renew, and revoke certificates for that domain.

How to clean up Winsxs folder on Windows Server 2012 R2 or Windows 8.1

For Windows 7 Refer to my other blog here:

Windows 2012

Windows 2012 Source:

Deployment Image Servicing and Management (DISM) is a command-line tool that allows you to install, uninstall, configure, and update Windows features, packages, drivers, and international settings. The /Cleanup-Image parameter of Dism.exe provides advanced users more options to further reduce the size of the WinSxS folder. For more information, see DISM Operating System Package Servicing Command-Line Options.

  1. Using the /StartComponentCleanup parameter of Dism.exe on a running version of Windows 8.1 gives you similar results to running theStartComponentCleanup task in Task Scheduler, except previous versions of updated components will be immediately deleted (without a 30 day grace period) and you will not have a 1-hour timeout limitation.From an elevated command prompt, type the following:
    Dism.exe /online /Cleanup-Image /StartComponentCleanup
  1. Using the /ResetBase switch with the /StartComponentCleanup parameter of DISM.exe on a running version of Windows 8.1 removes all superseded versions of every component in the component store.From an elevated command prompt, type the following:
    Dism.exe /online /Cleanup-Image /StartComponentCleanup /ResetBase
    All existing service packs and updates cannot be uninstalled after this command is completed. This will not block the uninstallation of future service packs or updates.
  1. To reduce the amount of space used by a Service Pack, use the /SPSuperseded parameter of Dism.exe on a running version of Windows 8.1 to remove any backup components needed for uninstallation of the service pack. A service pack is a collection of cumulative updates for a particular release of Windows.From an elevated command prompt, type the following:
    Dism.exe /online /Cleanup-Image /SPSuperseded
    The service pack cannot be uninstalled after this command is completed.

How to force/make a MS SQL Database offline

Sometimes there are active connections preventing a database from making offline.

If you have got SMWS open remotely accessing the DB then this could prevent from making it offline.

You can use the following to make it offline.

This will kill all connections and will close database.



o find connections, use sys.sysprocesses

USE master SELECT * FROM sys.sysprocesses WHERE dbid = DB_ID(‘MyDB’)

To force disconnections, use ROLLBACK IMMEDIATE