Tag Archives: Linux How to

Unix Similar multi-user operating systems based on the Linux kernel and essentially on GNU software. Like CentOS, Debian, Ubuntu Fedora.

Change Interface Static IP Address on Debian

This tutorial walks through the interface configuration to change the static IP address in the command line on Debian 12. In easy-to-implement steps show how to change a static IP address in the terminal, especially on a Debian server there is commonly no graphical user interface available. The following content provided the required commands for reference.

Change Interface Static IP Address on Debian


By default, Debian creates the interface configuration using Dynamic Host Control Protocol to dynamically assigns an IP during deployment, with information such as IP address, netmask and gateway as well as the DNS server being obtained from a DHCP server.

Change Interface Static IP Address on Debian

Follow these steps to set up and configure a static interface IP address.

  1. Log in to remote server using ssh command.
  2. Backup the interfaces file with cp /etc/network/interfaces /root/
  3. Edit the /etc/network/interfaces file.
$ vi /etc/network/interfaces

This the static interfaces configuration file on Debian.

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug ens192
iface ens192 inet static

The settings above is an example. Replace the IP addresses with your actual addresses. Make sure do not change the loopback network interface.

Add Second IP Address on Debian

If a second IP address is required on the network interface, an additional address can be assigned as follows, add to the end of the file.

auto ens192:1
allow-hotplug ens192:1
iface ens192:1 inet static

Restart Networking Service

Restart the networking service so that the updated configuration can be applied with run these command.

$ systemctl restart networking

Change Interface Static IP Address using ip

For example, given the IP addresses used in the previous sections, if we want to change the IP address (to, we would run the following command.

$ ip addr add dev ens192

Note. This command does not permanently change the configuration.

Change Static IP Address using ifconfig

On modern distributions, the “ifconfig” command has been completely deprecated and it is now advised to use the “ip” command.

However, you should still be able to use the “ifconfig” to change the interface IP address. First you must perform the next command.

$ apt install net-tools -y

For example, if you want to change the IP address (to, you would run the following command using ifconfig.

$ ifconfig ens192 netmask up

Your second interface IP address will be added as follows.

$ ifconfig ens192:0 netmask up

View interface IP Addresses

Use the “ip a” or “ip link” command to list your network interfaces. Note replace the interface name you want to configure, e.g. eth0 or wlp2s0 or ens192 or whatever it’s called.

$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:ac:28:ac:76:d2 brd ff:ff:ff:ff:ff:ff
    inet brd scope global ens192
       valid_lft forever preferred_lft forever
    inet scope global ens192:1
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:feac:76d2/64 scope link
       valid_lft forever preferred_lft forever


In this tutorial, we have learned how to configure a static interface IP address on Debian 12 “Bookworm” server. Your server is now configured to use static IP address. In a typical network, there are two ways to assign IP addresses. One is using DHCP and another is static IP assignment. DHCP or Dynamic Host Control Protocol dynamically assigns an IP address to an interface. It requires a DHCP server running in the network. In the static IP assignment, we manually assign the IP address, routing gateway, and DNS resolvers. Static IP assignment gives to more control on assigning an IP address and setting the DNS resolvers.

Amavis Install for Postfix on Debian 12 Ubuntu 22.04

In this tutorial you learn how to install Amavis with Postfix on Debian 12 and Ubuntu 22.04.

AMaViS stands for A MAil Virus Scanner and is a server-side virus scanner that is used on Unix/Linux mail servers like Postfix. The function has now been expanded to include a spam filter.

Install Amavis Postfix ClamAV SpamAssassin

Firt of all, elevate to root with ‘su -‘ or ‘sudo su -‘ and install Amavis-new with Postfix and the additional packages on Debian 12 or Ubuntu 22.04.

$ apt -y update
$ apt -y install clamav-daemon amavisd-new spamassassin postfix

Get Amavis ready

Next enable the antivirus checking mode and the SPAM checking mode.

$ vi /etc/amavis/conf.d/15-content_filter_mode

# uncomment to enable virus scanning
@bypass_virus_checks_maps = (
   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);

# uncomment to enable spam checking
@bypass_spam_checks_maps = (
   \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);

Add your own domain name to the mailname for amavis configuration.

$ echo 'example.tld' > /etc/mailname

Get Postfix ready

Now add the smtp amavis content filter to postfix main configuration.

$ vi /etc/postfix/main.cf
# add to the end

Add the amavis content filter to postfix master configuration.

$ vi /etc/postfix/master.cf

# add to the end
smtp-amavis unix  -    -    n    -    2 smtp
    -o smtp_data_done_timeout=1200
    -o smtp_send_xforward_command=yes
    -o disable_dns_lookups=yes
    -o max_use=20 inet  n    -    n    -    - smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_client_restrictions=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=
    -o strict_rfc821_envelopes=yes
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000

Add service users to group clamav and amavis.

$ usermod -a -G clamav amavis
$ usermod -a -G amavis clamav

Restart clamav-daemon, amavis, spamd and postfix to take changes.

$ systemctl restart clamav-daemon spamd amavis postfix

You have now installed Amavis with Postfix and SpamAssassin on Debian or Ubuntu and there is nothing else to do. It is worth checking the settings to tweak spam thresholds.

Amavis and Postfix install tweak on Debian

Check out the configuration files and documentation include example files here through installing Amavis on Debian or Ubuntu.

$ ls -Al /etc/amavis/conf.d
-rw-r--r-- 1 root root  1610 Feb 23  2023 01-debian
-rw-r--r-- 1 root root   927 Jan 16 21:52 05-domain_id
-rw-r--r-- 1 root root   429 Feb 23  2023 05-node_id
-rw-r--r-- 1 root root 20791 Feb 23  2023 15-av_scanners
-rw-r--r-- 1 root root   713 Jan 17 15:13 15-content_filter_mode
-rw-r--r-- 1 root root  9542 Jan 18 15:11 20-debian_defaults
-rw-r--r-- 1 root root   573 Feb 23  2023 25-amavis_helpers
-rw-r--r-- 1 root root  2130 Feb 23  2023 30-template_localization
-rw-r--r-- 1 root root  1076 Jan 18 15:07 50-user

Note. if you’re not familiar with Vim, use your favorite editor such as Nano.

Set headers X-Spam-Flag X-Spam-Status

$sa_tag_level_deflt is the level at which Amavisd-new will write spam info headers such as X-Spam-Flag, X-Spam-Score and X-Spam-Status. If you would always like header info to be written to all messages, set this value to -999.

$ vi /etc/amavis/conf.d/50-user

$sa_tag_level_deflt  = -999;

Place your configuration directives here in this file. It’s worthwhile being aware of them as this is the most convenient place to tweak spam thresholds. The Amavis setting must be applied after each adjusting.

$ amavisd reload

How does Amavis and Postfix work?

Let’s check Amavis and Postfix services whether they up and running.

$ systemctl status clamav-daemon spamd amavis postfix

Amavisd listen on localhost port 10024 and Postfix (master) listen on port 10025, also spamd (perl) listen on port 783.

$ netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0*               LISTEN      2895/opendkim
tcp        0      0 *               LISTEN      6227/perl
tcp        0      0    *               LISTEN      4208/master
tcp        0      0*               LISTEN      7250/amavisd (maste
tcp        0      0*               LISTEN      4208/master
tcp6       0      0 ::1:783                 :::*                    LISTEN      6227/perl
tcp6       0      0 ::1:10024               :::*                    LISTEN      7250/amavisd (maste
udp        0      0 *                           7268/amavisd (ch1-a
udp        0      0 *                           7269/amavisd (ch1-a

Now test that the amavisd service is listening on localhost:10024 using telnet.

$ telnet localhost 10024
Trying ::1...
Connected to localhost.
Escape character is.
220 [::1] ESMTP amavis service ready
ehlo localhost
221 2.0.0 [::1] amavis closing transmission channel
Connection closed by foreign host.

If everything is working then you should see a successful connection similar to above.

Next to test the postfix smtpd is listening on

$ telnet 10025
Connected to
Escape character is.
220 mail.example.tld ESMTP Postfix (Debian/GNU)
ehlo localhost
250-SIZE 10240000
221 2.0.0 Bye
Connection closed by foreign host.

Again we should see a successful connection as shown above.

Now it’s time to send an email preferably to yourself.

$ echo "Subject: hello" | sendmail myself@example.tld

These action can be tracked in mail.log so you should see Passed CLEAN.

2024-01-17T16:00:57.552234+01:00 mail amavis[7269]: (07269-01) Passed CLEAN {RelayedInbound}, [] <root@mail.example.tld> -> <myself@example.tld>, Message-ID: <20240117150056.7C599807BB@mail.example.tld>, mail_id: auFXC0ferXjU, Hits: 2.106, size: 674, queued_as: 7493F807B5, dkim_sd=example.tld:example.tld, 943 ms

Now we can test if everything is working by sending special strings to test the scanning. To do this, download the test-messages and run the command to extract the sample test messages.

$ perl -pe 's/./chr(ord($&)^255)/sge' <sample.tar.gz.compl | zcat | tar xvf -

Use these two commands to send a sample spam and virus message.

$ sendmail -i myself@example.tld < sample-spam-GTUBE-junk.txt
$ sendmail -i myself@example.tld < sample-virus-simple.txt

Please replace “myself@example.tld” with your actual address. Check your /var/log/mail.log for the scan result from amavis and you should see something like “Passed SPAMMY” or “Blocked INFECTED (Eicar-Test-Signature)”. You can now verify your settings match your delivery expectations.

Task of AMaViS-New

AMaViS is not a virus scanner in the true sense, but rather software that was developed to integrate virus scanners into mail servers. It provides a standard interface between the Mail Transfer Agents (MTA) and the content filters so that manufacturers of mail servers and antivirus programs do not have to constantly develop new interfaces. For example, it is compatible with Postfix, sendmail or Exim. Antivirus programs that work with Amavis include AntiVir Unix, ClamAV and many more. The newer amavisd-new also offers the option of integrating SpamAssassin and other filter programs.

amavis-new install on debian 12 ubuntu 20.04 Postfix