really big data, I just go
with the multiple hard drive approach. (Where n == 2.) For full backups
of my server, I like tape as I can drop a tape in my safety deposit box
from time to time. Then it's a matter of organizing things to make sure
the appropriate backup happens automatically
On Tue, Nov 09, 2004 at 05:04:09PM +0100, martin f krafft wrote:
> also sprach Dale E. Martin <[EMAIL PROTECTED]> [2004.11.09.1652 +0100]:
> > With this approach you can't bounce RBLed messages at SMTP connect
> > time though, right? (I realize that RBLs are semi-contro
delivered through the secondary MX.) The secondary MX was not under my
direct control which complicated matters a little as then I could not even
attempt to make the policy the same on the secondary as it was in the
primary.
Thanks,
Dale
--
Dale E. Martin - [EMAIL PROTECTED]
http://the-martin
T -p tcp --dport 25 -j REJECT
So accept connections from a single ip, reject the rest. I don't use ip
tables directly any more so I'm not sure if I got it right. I'd recommend
shorewall even for simple firewall setups at this point, as I find it a
nice abstraction over writing
ot;forced-commands-only", somehow I did
not see "without-password". Well there ya go! RTFM as usual.
Thanks, that's exactly what I was looking for!
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key avai
ient security -
physical as well as password security of your user's accounts if they're
coming in on machines that allow password login, etc... But in general it
might be a better way to go. I'll mull it over.
Thanks,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senio
g normal users (who are all trusted in my case) is
worth the hassle. Obviously this might not be true any more in the
future.
Thanks,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
--
To UNSUBSC
t "PermitRootLogin no" in /etc/ssh/sshd_config.
Later,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
e password logins for root on several of my
boxes but allow root to come in from known IPs and with known ssh keys. Is
there a way to disable password logins for root in sshd_config or
root/.ssh/config, while leaving password logins intact for regular users?
Thanks!
Dale
--
Dale E. Marti
on graylisting is interesting to me. Right now if an email
is scored below 12 it gets accepted. It would be interesting to me to take
mails scored between 2-12 by SA and greylist them. Has anyone written up a
howto on how to achieve this with the Debian exim4 packages?
Thanks!
Dale
--
t anyone is participating in this
discussion means that there is some need for them in my mind. (Or some
need for something other than stable, testing, and unstable.) I don't mind
running unstable in general, but the couple of times that things have
broken badly on me it's been really
nly a small
endorsement.) It's packaged for Debian.
Take care,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
dern way of doing this is
- "esmtp" or "smtp auth" seems to be the answer.
Take care,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
dern way of doing this is
- "esmtp" or "smtp auth" seems to be the answer.
Take care,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Thanks for any input!
Take care,
Dale
[0] - http://www.britishsteal.com/dist/exact/README.html
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
Thanks for any input!
Take care,
Dale
[0] - http://www.britishsteal.com/dist/exact/README.html
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
ime. Once you start
swapping you're hosed.
Perhaps SA would be better implemented in something else, but like everyone
else says, memory is cheap. Whatever makes the SA developers most
effective is fine by me at this point.
Later,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior
ime. Once you start
swapping you're hosed.
Perhaps SA would be better implemented in something else, but like everyone
else says, memory is cheap. Whatever makes the SA developers most
effective is fine by me at this point.
Later,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior
cially a heavily used one, for
> a lng time, long before the Duron came out.
I agree with you, that's why I said "the real solution is to add RAM" in
the original post. If the machine was in the same state as me and/or
belonged to me I would have done it long ago.
Take c
cially a heavily used one, for
> a lng time, long before the Duron came out.
I agree with you, that's why I said "the real solution is to add RAM" in
the original post. If the machine was in the same state as me and/or
belonged to me I would have done it long ago.
Take c
would be able to handle at least 10X the mail
volume. (I hate spam, and this is one of the reasons - it costs real
money!) I do realize that the real solution is more RAM and we're moving
that direction.
Take care,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engi
would be able to handle at least 10X the mail
volume. (I hate spam, and this is one of the reasons - it costs real
money!) I do realize that the real solution is more RAM and we're moving
that direction.
Take care,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engi
Take care,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
Take care,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
the redhat 2.4 patches
While this is true, it's only half of the issue. The other half (as others
have mentioned) is glibc 2.3.
Later,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
the redhat 2.4 patches
While this is true, it's only half of the issue. The other half (as others
have mentioned) is glibc 2.3.
Later,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
--
To
> exim doesn't scale. if you want performance, switch to postfix.
Is there good documentation available for postfix? Last time I looked I
could not find anything close to the quality of exim's. I'd be happy if
that has changed though!
Take care,
Dale
--
Dale E. Ma
> exim doesn't scale. if you want performance, switch to postfix.
Is there good documentation available for postfix? Last time I looked I
could not find anything close to the quality of exim's. I'd be happy if
that has changed though!
Take care,
Dale
--
Dale E. Ma
t; to either install everything or upgrade everything from
stable.
> That shoud do it. Or try one of the low-level approaches
> http://wyae.de/docs/img_dd.php
> http://wyae.de/docs/img_rsync.php
I'll look into those.
Thanks,
Dale
--
Dale E. Martin, Clifton
gh "dpkg-repack" and
basically end up with a set of packages representing everything on this
machine - then I can install them on the other machines that I maintain.
But I have to think that this is a solved problem. Is it?
Thanks!
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior
t; to either install everything or upgrade everything from
stable.
> That shoud do it. Or try one of the low-level approaches
> http://wyae.de/docs/img_dd.php
> http://wyae.de/docs/img_rsync.php
I'll look into those.
Thanks,
Dale
--
Dale E. Martin, Clifton
gh "dpkg-repack" and
basically end up with a set of packages representing everything on this
machine - then I can install them on the other machines that I maintain.
But I have to think that this is a solved problem. Is it?
Thanks!
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior
ment out the
direct_remote: one that is (probably) currently the last one. Basically
what the original poster had was OK except that their route_list specified
to use that route only for "localhost", not "*" iirc.
Take care,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
S
ment out the
direct_remote: one that is (probably) currently the last one. Basically
what the original poster had was OK except that their route_list specified
to use that route only for "localhost", not "*" iirc.
Take care,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
S
> And if I create, from an IMAP client, a subfolder "foo" of "folder1", I
> get Maildir/.folder1.foo instead of the more logical Maildir/folder1/foo.
I see. I hadn't ever tried that, I can see how that is annoying.
Take care,
Dale
--
Dale E. Martin, Cli
> And if I create, from an IMAP client, a subfolder "foo" of "folder1", I
> get Maildir/.folder1.foo instead of the more logical Maildir/folder1/foo.
I see. I hadn't ever tried that, I can see how that is annoying.
Take care,
Dale
--
Dale E. Martin, Cli
folder3
I.e. the folders are subdirectories, but their names begin with a ".". Has
it changed since woody or something?
Take care,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
mand = MAILMAN_WRAP mailowner ${lc:$local_part}
current_directory = MAILMAN_HOME
group = MAILMAN_GID
home_directory = MAILMAN_HOME
user = MAILMAN_UID
[ that's it for the exim4.conf file ]
In addition to the exim4.conf file, then you have to setup lists. It's
been a while since
folder3
I.e. the folders are subdirectories, but their names begin with a ".". Has
it changed since woody or something?
Take care,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
--
To UNSUBSCRIBE, email
mand = MAILMAN_WRAP mailowner ${lc:$local_part}
current_directory = MAILMAN_HOME
group = MAILMAN_GID
home_directory = MAILMAN_HOME
user = MAILMAN_UID
[ that's it for the exim4.conf file ]
In addition to the exim4.conf file, then you have to setup lists. It's
been a while since
why I'm
planning on making it part of a dmz.
Anyways, thanks for any pointers.
Take care,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
> Just wondering if anyone has set up the Mailman mailing list package with
> exim4?
Yes, did you have some specific question about it?
Later,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
why I'm
planning on making it part of a dmz.
Anyways, thanks for any pointers.
Take care,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
> Just wondering if anyone has set up the Mailman mailing list package with
> exim4?
Yes, did you have some specific question about it?
Later,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
Take care,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
x27;t absolutely need it
so I ended up sticking with the woody version. I did look at the backports
collections and did not see a backport around anywhere.
Take care,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp
ting them) - I don't recall if they tested "star" or not. Anyways,
since then I've been meaning to look into dump/restore but have not yet.
Take care,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key
m writing my phd and am thus
> filtering messages to not be flooded)
> - ralf hildebrandt uses postfix (he's the guru, next to wietse.
I'd add:
- exim has the most extensive and useful documentation
(But I'd love to be proven wrong!)
Later,
Dale
--
Dal
lly, I suppose, since much of
people's dislike about qmail has more to due with "political" than
technical reasons.
Later,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
--
To UNSUBSC
> At this stage I'm leaning towards sticking with Sendmail but something
> inside wants to know more about Qmail.
I'd pick exim or postfix over either of those, but then again I've only
dealt with smaller mail installations.
Take care,
Dale
--
Dale E. Martin, Clif
27;d put:
relay_domains = primary.com
Now, when mail flows in for "primary.com", you'll queue it and attempt to
deliver it as per the normal rules.
Later,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pg
ier anyways.
Thanks for the suggestions.
Take care,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
. If not, there are
usually easy workarounds.
Take care,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
nd figure out a path for
dealing with them. So far it's been no big deal for me, but I've been
really conservative in upgrading on machines that are on the front-line of
the Internet.
Hope this helps someone (or is at least semi-interesting to someone) :-)
Take care,
Dale
I do secondary MX for some
other sites, so I do relay some mail for specific domains. But I suppose
an option like that would know about relaying, aliases, etc.
Thanks,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pg
? It's not a big problem but it
is definitely a nuisance. (In general I can't believe how much time and
effort I have spent dealing with spam, and my company is only 5 people -
what a waste of resources for ISPs and larger organizations!)
Thanks,
Dale
--
Dale E. Martin, Clifton
l?
Thanks,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
lsewhere? I believe in this
area there is a lack of linux hosting in any form, let alone Debian. It's
an interesting idea.
Take care,
Dale
--
Dale E. Martin, Clifton Labs, Inc.
Senior Computer Engineer
[EMAIL PROTECTED]
http://www.cliftonlabs.com
pgp key available
--
To UNSUBSCRIBE
58 matches
Mail list logo