chkrootkit: false positive on port 465

On my Debian Etch server I’ve got Zimbra Open Source Edition mail solution installed and when I use chkrootkit to scan for rootkits it reports the following

Checking `bindshell'... INFECTED (PORTS:  465)

After a quick research I realized that this port 465 is SMTP over SSL on a Zimbra installation.
Further investigation reveals that port 465 is run by

# fuser -vn tcp 465

                     USER        PID ACCESS COMMAND
465/tcp:             root      19053 F.... master

And then I checked pid 19053

# ps aux|grep 19053
root     19053  0.0  0.2   6628  1236 ?        Ss   Feb09   0:00 /opt/zimbra/postfix-

This tells me that the postfix daemon is running on port 465 and obviously chkrootkit is giving me a false positive.

Problem sending e-mail from console

After installing Zimbra 5.0.x on my Debian Etch 4.0 server some of my shell scripts couldnæt send mail anymore. The reason to this behaviour was that I hadn’t removed the Exim mail server package, and I wouldnt do it either.

The solution to this problem was to remove exim or locate the sendmail binaries and remove the symlinks to exim as emailer client and create symlinks to Zimbra’s Postfix sendmail binary. I did the latter

# whereis sendmail
sendmail: /usr/sbin/sendmail /usr/lib/sendmail

# rm /usr/sbin/sendmail
# ln -s /opt/zimbra/postfix- sendmail
# rm /usr/lib/sendmail
# ln -s /opt/zimbra/postfix- sendmail

Now my scripts can send e-mails as expected.

How to configure postfix virtual domains

I will assume that your postfix configuration directory is /etc/postfix and your postfix version is around 2.0.14

1. Edit /etc/postfix/virtual This is a plaintext file where you can specify the domains and users to accept mail for. Each virtual domain should begin with a single line containing the domain name. The subsequent lines define addresses at the domain that are deliverable. Mail will be delivered to local usernames on the right side, as demonstrated in the example below. The condition @domain allows you to deliver “all other” mail to the indicated user. You can list multiple domains in this file; just repeat the format demonstrated below.		this-text-is-ignored	postmaster	destuser1	destuser2		destuser1

2. Edit /etc/postfix/

You have to tell postfix where to look for these virtual alias mappings; the appropriate configuration directive is in the main postfix configuration file. This tells postfix to use the db-format (hash) version of your virtual mappings. Note that your system must have db support for this to work; also, the actual db file is not created until you run ‘postmap’ in step 3.

virtual_alias_maps = hash:/etc/postfix/virtual

3. Refresh configuration and mappings

Since you’ve changed, you should restart the daemon. The second command below updates the virtual mappings; you must run this ‘postmap’ command when you change your /etc/postfix/virtual file. The ‘postmap’ command actually creates the hash db file that postfix looks for.

postfix reload
postmap /etc/postfix/virtual

Now try delivering mail to virtual domain addresses. If you encounter problems, check your mailer daemon system log and make sure your server configuration has been refreshed with ‘postfix reload’ and the ‘postmap’ commands.