Re: MTA - MLM - DNS configuration question
I've been optimizing a number of email servers for a client now, AND I can tell you that ANY disk access apart from the mail system will severely impact the speed of the server, unless you're talking real low volume. As soon as you start to get around 200-300K per day, you're gonna need to seperate the www from the mail if possible. Of course, it also depends on how heavy the web traffic is as well... but think about the above first. If you give us more figures we could give you a better idea. Sincerely, Jason - Original Message - From: Eirik Dentz [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Saturday, June 30, 2001 10:43 AM Subject: MTA - MLM - DNS configuration question I've been asked to set up a MLM along side a web server and I wanted to ask a quick question to the experienced, before I put a lot of time into setting this up. My situation: I'm responsible for an web server that has sendmail installed and is configured to send email via Perl and PHP scripts, but doesn't receive any. Recently my supervisor has asked me to set up mailing list capabilities on the web server, because the IS department doesn't have the capacity to do so at present and they want tight integration between the mailing lists and the web server (web based subscribe/unsubscibe pages for lists and archives). Based upon various threads that I've followed on this list and other research, I've decided to switch from sendmail to postfix and to use the GNU Mailman MLM (I'm open to other suggestions...) My question is this: The DNS is under the jurisdiction of the IS department and the MX record @mydomain.org is set up to point at their email server. Does it make sense and is it possible to set up another MX record: @lists.mydomain.org which will point at the web server? I realize that it is generally a bad idea to set up your web server to do double duty as an email server. Any ideas regarding at what message volume a mail server will have a serious negative impact on a web server running on the same machine would be appreciated. Thanks in advance eirik -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Apache - SIGSEGV but no core dumps.
On Friday 29 June 2001 17:52, Przemyslaw Wegrzyn wrote: I have noticed the following lines in Apache's error.log: [Fri Jun 29 17:35:41 2001] [notice] child pid 18786 exit signal Segmentation fault (11) [Fri Jun 29 17:35:54 2001] [notice] child pid 20229 exit signal Segmentation fault (11) I've strace'd Apache - the child processes dies after finishing handling request and writing line to access log , so it isn't critical, but... I use Apache 1.3.19 + php4.0.5 from Woody in chrooted enviroment. My problem is actually I can't force Apache to drop core files. I've added ulimit -c unlimited to /etc/init.d/apache, and set CoreDumpDirectory to some world writeable dir. Nope - I can't get any core to do backtrace on it. Why ? Well behaved daemons often set their own core limit to zero to avoid wasting disk space in the case of errors. You may have to recompile Apache with this option disabled, but that's no big deal. Debian packages contain stripped binaries so you won't get that much information from a core file unless you recompile with -g instead of -O2. -- http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/projects.html Projects I am working on http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: disk partition schemes
On Fri, Jun 15, 2001 at 10:13:33AM -0400, Kevin J. Menard, Jr. wrote: Basically, I have 20 gigs of space to tinker with (well, there's really 40 there, but I run a hardware RAID 10). I also have half a gig of SDRAM (sure this would matter with swap space). Now, I have no problem running fdisk or anything, but I wanted to get a feel for what people are doing for various types of systems. Seperated partitions are usefull for the following reasons for me: * /boot because old bootloaders (and new?) have problems with bzImage files over a certan sector number, i.e. it should be at the start of your HDD. * /var, as used for logs, can fill up completely if a program get mad and prevent other programs than just syslogd from working if it's on / * /usr/local, /home etc can be on seperate partitions if your / is e.g. a standard system that's just copied from a CD image when installing a server or if you like to backup the partitions in differnet intervals. * generally as filesystems sometimes get corrupt it's good if at least some severs work. and you have a platform from which you can do a fsck (ever tried to fsck a root reiserfs? it cannot be done even if mounted only readonly (at least back somewhen)). Something I would suggest you, too is LVM. There you can partition your harddisc(s) in arbitrary pieces (physical extends), put them together in a big heap (volume group) and from this heap you can cut out your virtual discs (logical volumes) and resize them as needed no matter if they are physically in a line or scattered over all harddiscs. Of course this requires a filesystem that can adjust, too, only extending the (virtual) partition alone doesn't help. But reiserfs (AFAIK) and ext2/ext3 can do it. (well but keep in mind that this is not 10-year-approved technology so maybe not use it with your best paying customer..) bye, -christian- -- Caution: Cape does not enable user to fly. (Batman Costume warning label) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: MTA - MLM - DNS configuration question
From: Jason Lim [EMAIL PROTECTED] Reply-To: Jason Lim [EMAIL PROTECTED] Date: Sat, 30 Jun 2001 17:42:21 +0800 To: Eirik Dentz [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: MTA - MLM - DNS configuration question I've been optimizing a number of email servers for a client now, AND I can tell you that ANY disk access apart from the mail system will severely impact the speed of the server, unless you're talking real low volume. As soon as you start to get around 200-300K per day, Hmm that low huh? The web server hosts the company web site and it sends approximately 60 MB/day. The mailing-list server on the other hand would be more of a test at this point and it would probably be very very low traffic (2-3 lists with 10-20 subscribers each). Would it involve a lot of pain to transfer the Mailing lists to a separate email server further down the road? I wouldn't think it would be too bad, but I'm sure you have a better idea than myself. Thanks for taking the time to respond. eirik you're gonna need to seperate the www from the mail if possible. Of course, it also depends on how heavy the web traffic is as well... but think about the above first. If you give us more figures we could give you a better idea. Sincerely, Jason -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: MTA - MLM - DNS configuration question
On Saturday 30 June 2001 04:43, Eirik Dentz wrote: My question is this: The DNS is under the jurisdiction of the IS department and the MX record @mydomain.org is set up to point at their email server. Does it make sense and is it possible to set up another MX record: @lists.mydomain.org which will point at the web server? It is definately possible. It makes sense to me, this is what MX records were designed for! Thanks. I thought so, but I don't have first hand experience setting this up, and I didn't want to make a fool of myself asking the IS guys, so I figured I'd make a fool of myself here instead ;-) Of course you'll have to convince the IS department to change their DNS server... Oh I'm not too worried about convincing them. They'll be relieved that they aren't being asked to do anything more than this. I realize that it is generally a bad idea to set up your web server to do double duty as an email server. Any ideas regarding at what message volume a mail server will have a serious negative impact on a web server running on the same machine would be appreciated. If a primary duty of the web server is to manage the mailing lists then IMHO it makes a lot of sense to have this! Of course this means that you have a lot of important things on one box. Considered a cluster arrangement of some sort? Well it actually hosts the company web site, so doubling it up as a mailing list server probably isn't a good idea. On the other hand a cluster arrangement does sound like a good idea. Any suggested reading on setting up web/email/database server clusters? Thanks for taking the time to respond. eirik -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: users bypassing shaper limitation
On Fri, 29 Jun 2001, anon wrote: my problem is that some local users are changing their own local ip numbers (like, 192.168.1.40 to 192.168.1.50) then bypassing the Traffic shaper bandwidth limitation. (that was set on 192.168.1.40) anyone know how can i prevent this ? This first that pops into mind is use DHCP and give a IP-lease to the machines in your local network based on the NIC's Mac address. I guess the only way out for the bad guys is to swap the NICs from another machine to get the same effect as changing the IPs now. Regards, Maurice Verhagen
Re: users bypassing shaper limitation
If the nodes in question are plugged into a switch with managment capabilities then you could set the security of the port to only allow legal mac/ip address's. It depends on the switch. You could go to the person and whack them on the head. Which might be the easiest. Chris At 06:12 PM 6/29/2001, anon wrote: hello all, this is my first post. my problem is that some local users are changing their own local ip numbers (like, 192.168.1.40 to 192.168.1.50) then bypassing the Traffic shaper bandwidth limitation. (that was set on 192.168.1.40) anyone know how can i prevent this ? thanks in advance
Re: MTA - MLM - DNS configuration question
I've been optimizing a number of email servers for a client now, AND I can tell you that ANY disk access apart from the mail system will severely impact the speed of the server, unless you're talking real low volume. As soon as you start to get around 200-300K per day, you're gonna need to seperate the www from the mail if possible. Of course, it also depends on how heavy the web traffic is as well... but think about the above first. If you give us more figures we could give you a better idea. Sincerely, Jason - Original Message - From: Eirik Dentz [EMAIL PROTECTED] To: debian-isp@lists.debian.org Sent: Saturday, June 30, 2001 10:43 AM Subject: MTA - MLM - DNS configuration question I've been asked to set up a MLM along side a web server and I wanted to ask a quick question to the experienced, before I put a lot of time into setting this up. My situation: I'm responsible for an web server that has sendmail installed and is configured to send email via Perl and PHP scripts, but doesn't receive any. Recently my supervisor has asked me to set up mailing list capabilities on the web server, because the IS department doesn't have the capacity to do so at present and they want tight integration between the mailing lists and the web server (web based subscribe/unsubscibe pages for lists and archives). Based upon various threads that I've followed on this list and other research, I've decided to switch from sendmail to postfix and to use the GNU Mailman MLM (I'm open to other suggestions...) My question is this: The DNS is under the jurisdiction of the IS department and the MX record @mydomain.org is set up to point at their email server. Does it make sense and is it possible to set up another MX record: @lists.mydomain.org which will point at the web server? I realize that it is generally a bad idea to set up your web server to do double duty as an email server. Any ideas regarding at what message volume a mail server will have a serious negative impact on a web server running on the same machine would be appreciated. Thanks in advance eirik -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Apache - SIGSEGV but no core dumps.
On Friday 29 June 2001 17:52, Przemyslaw Wegrzyn wrote: I have noticed the following lines in Apache's error.log: [Fri Jun 29 17:35:41 2001] [notice] child pid 18786 exit signal Segmentation fault (11) [Fri Jun 29 17:35:54 2001] [notice] child pid 20229 exit signal Segmentation fault (11) I've strace'd Apache - the child processes dies after finishing handling request and writing line to access log , so it isn't critical, but... I use Apache 1.3.19 + php4.0.5 from Woody in chrooted enviroment. My problem is actually I can't force Apache to drop core files. I've added ulimit -c unlimited to /etc/init.d/apache, and set CoreDumpDirectory to some world writeable dir. Nope - I can't get any core to do backtrace on it. Why ? Well behaved daemons often set their own core limit to zero to avoid wasting disk space in the case of errors. You may have to recompile Apache with this option disabled, but that's no big deal. Debian packages contain stripped binaries so you won't get that much information from a core file unless you recompile with -g instead of -O2. -- http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/projects.html Projects I am working on http://www.coker.com.au/~russell/ My home page
Re: postfix + sasl + pam
On Fri, Jun 29, 2001 at 11:55:23AM -0400, Kevin J. Menard, Jr. wrote: Hey guys, Anyone here have all this working together? I apt-get'ed the source for postfix and altered the debian/rules file to add SASL support for SMTP auth. The build went fine, but it apparently always tries to use the sasldb, even though I set up my /usr/lib/sasl/smtpd.conf file to use PAM as the pwcheck_method. Anyone know what gives? [telchar:~] 6:34:50am 111 % cat /usr/lib/sasl/smtpd.conf pwcheck_method: PAM auto_transition: false Works fine for me (on a couple machines). There are a couple tricks: first, you have to make sure that smtpd isn't chrooted (see master.cf). Then you have to ensure that postfix can verify passwords (I added postfix to the 'shadow' group).
Re: disk partition schemes
On Fri, Jun 15, 2001 at 10:13:33AM -0400, Kevin J. Menard, Jr. wrote: Basically, I have 20 gigs of space to tinker with (well, there's really 40 there, but I run a hardware RAID 10). I also have half a gig of SDRAM (sure this would matter with swap space). Now, I have no problem running fdisk or anything, but I wanted to get a feel for what people are doing for various types of systems. Seperated partitions are usefull for the following reasons for me: * /boot because old bootloaders (and new?) have problems with bzImage files over a certan sector number, i.e. it should be at the start of your HDD. * /var, as used for logs, can fill up completely if a program get mad and prevent other programs than just syslogd from working if it's on / * /usr/local, /home etc can be on seperate partitions if your / is e.g. a standard system that's just copied from a CD image when installing a server or if you like to backup the partitions in differnet intervals. * generally as filesystems sometimes get corrupt it's good if at least some severs work. and you have a platform from which you can do a fsck (ever tried to fsck a root reiserfs? it cannot be done even if mounted only readonly (at least back somewhen)). Something I would suggest you, too is LVM. There you can partition your harddisc(s) in arbitrary pieces (physical extends), put them together in a big heap (volume group) and from this heap you can cut out your virtual discs (logical volumes) and resize them as needed no matter if they are physically in a line or scattered over all harddiscs. Of course this requires a filesystem that can adjust, too, only extending the (virtual) partition alone doesn't help. But reiserfs (AFAIK) and ext2/ext3 can do it. (well but keep in mind that this is not 10-year-approved technology so maybe not use it with your best paying customer..) bye, -christian- -- Caution: Cape does not enable user to fly. (Batman Costume warning label)
Re: MTA - MLM - DNS configuration question
On Saturday 30 June 2001 04:43, Eirik Dentz wrote: My question is this: The DNS is under the jurisdiction of the IS department and the MX record @mydomain.org is set up to point at their email server. Does it make sense and is it possible to set up another MX record: @lists.mydomain.org which will point at the web server? It is definately possible. It makes sense to me, this is what MX records were designed for! Of course you'll have to convince the IS department to change their DNS server... I realize that it is generally a bad idea to set up your web server to do double duty as an email server. Any ideas regarding at what message volume a mail server will have a serious negative impact on a web server running on the same machine would be appreciated. If a primary duty of the web server is to manage the mailing lists then IMHO it makes a lot of sense to have this! Of course this means that you have a lot of important things on one box. Considered a cluster arrangement of some sort? -- http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/projects.html Projects I am working on http://www.coker.com.au/~russell/ My home page
Re: MTA - MLM - DNS configuration question
From: Jason Lim [EMAIL PROTECTED] Reply-To: Jason Lim [EMAIL PROTECTED] Date: Sat, 30 Jun 2001 17:42:21 +0800 To: Eirik Dentz [EMAIL PROTECTED], debian-isp@lists.debian.org Subject: Re: MTA - MLM - DNS configuration question I've been optimizing a number of email servers for a client now, AND I can tell you that ANY disk access apart from the mail system will severely impact the speed of the server, unless you're talking real low volume. As soon as you start to get around 200-300K per day, Hmm that low huh? The web server hosts the company web site and it sends approximately 60 MB/day. The mailing-list server on the other hand would be more of a test at this point and it would probably be very very low traffic (2-3 lists with 10-20 subscribers each). Would it involve a lot of pain to transfer the Mailing lists to a separate email server further down the road? I wouldn't think it would be too bad, but I'm sure you have a better idea than myself. Thanks for taking the time to respond. eirik you're gonna need to seperate the www from the mail if possible. Of course, it also depends on how heavy the web traffic is as well... but think about the above first. If you give us more figures we could give you a better idea. Sincerely, Jason
Re: MTA - MLM - DNS configuration question
On Saturday 30 June 2001 04:43, Eirik Dentz wrote: My question is this: The DNS is under the jurisdiction of the IS department and the MX record @mydomain.org is set up to point at their email server. Does it make sense and is it possible to set up another MX record: @lists.mydomain.org which will point at the web server? It is definately possible. It makes sense to me, this is what MX records were designed for! Thanks. I thought so, but I don't have first hand experience setting this up, and I didn't want to make a fool of myself asking the IS guys, so I figured I'd make a fool of myself here instead ;-) Of course you'll have to convince the IS department to change their DNS server... Oh I'm not too worried about convincing them. They'll be relieved that they aren't being asked to do anything more than this. I realize that it is generally a bad idea to set up your web server to do double duty as an email server. Any ideas regarding at what message volume a mail server will have a serious negative impact on a web server running on the same machine would be appreciated. If a primary duty of the web server is to manage the mailing lists then IMHO it makes a lot of sense to have this! Of course this means that you have a lot of important things on one box. Considered a cluster arrangement of some sort? Well it actually hosts the company web site, so doubling it up as a mailing list server probably isn't a good idea. On the other hand a cluster arrangement does sound like a good idea. Any suggested reading on setting up web/email/database server clusters? Thanks for taking the time to respond. eirik
Re: MTA - MLM - DNS configuration question
RC == Russell Coker [EMAIL PROTECTED] writes: RC On Saturday 30 June 2001 04:43, Eirik Dentz wrote: My question is this: The DNS is under the jurisdiction of the IS department and the MX record @mydomain.org is set up to point at their email server. Does it make sense and is it possible to set up another MX record: @lists.mydomain.org which will point at the web server? RC It is definately possible. It makes sense to me, this is what RC MX records were designed for! I agree but, this is also what name server delegation is designed for! RC Of course you'll have to convince the IS department to change RC their DNS server... True for my suggestion also though their overhead would be less if they just delegated to you (so you don't bug them as you bring servers on-line). cheers, BM