Re: Mail Servers
On Mon, Mar 18, 2002 at 02:28:12AM -0500, Chris Jenks wrote: I hate asking this, but I thought that this would be the fastest way to get the answer. I may be setting up a mail server for a factory. From what little I know so far, it will be for all a mail server for all five hundred employees. (one in each location) so they can check work related email. I was thinking about using woody, but have the following 2 questions. 1 What is the max user limit that woody + exim will support It's WAY above 500. :-) 2 Could someone point me to a good pointer / how-to for this. If you apt-get install exim, the configuration process will ask you enough questions to set up the basics. Then I'd hit the Exim docs. Jeremy -- Jeremy D. Zawodny | Perl, Web, MySQL, Linux Magazine, Yahoo! [EMAIL PROTECTED] | http://jeremy.zawodny.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: upgrading just one stable package to testing version
On Monday, March 18, 2002, at 01:41 AM, J.H.M. Dassen (Ray) wrote: On Sun, Mar 17, 2002 at 11:03:51 +1100, Toby Thain wrote: I've just upgraded one Debian 2.2 machine from stable to testing and other 2.2 stable machines can't ssh into it (Disconnecting: Bad packet length 1349676916). The SSH in stable only supports version 1 of the SSH protocol; if you configure your testing machine to accept that older version of the protocol (by putting Protocol 2,1 in /etc/ssh/sshd_config and restarting ssh), SSH-ing from your stable machines works. This didn't work for me (first thing I tried). So I'd like to upgrade ssh on the client machine to the testing version. But I don't know how to do this other than adding testing to the apt-get sources, dselect upgrade, etc., which will upgrade everything. Can anyone explain to me how to be more selective? You'll need testing's apt (plus its depencencies) for that. The following should work (though I'm not aware of people actually using this configuration as most simply fully upgrade to testing, so you may want to use the -s flag to apt-get to see what it intends to do before actually doing these steps): - add testing entries to /etc/apt/sources.list in addition to the entries for stable - apt-get update - apt-get install apt - create an /etc/apt/preferences with contents Package: * Pin: release a=stable to have apt default to the stable versions - install testing's ssh by requesting it explicitly: apt-get -t testing install ssh This didn't work for me either: spaz:~# apt-get update Hit http://non-us.debian.org testing/non-US/main Packages Hit http://non-us.debian.org testing/non-US/main Release Hit http://non-us.debian.org testing/non-US/contrib Packages Hit http://non-us.debian.org testing/non-US/non-free Packages Hit http://non-us.debian.org testing/non-US/non-free Release Hit http://non-us.debian.org stable/non-US/main Sources Hit http://non-us.debian.org stable/non-US/main Release Hit http://non-us.debian.org stable/non-US/contrib Sources Hit http://non-us.debian.org stable/non-US/contrib Release Hit http://non-us.debian.org stable/non-US/non-free Sources Hit http://non-us.debian.org stable/non-US/non-free Release Reading Package Lists... Done Building Dependency Tree... Done spaz:~# apt-get install apt Reading Package Lists... Done Building Dependency Tree... Done Sorry, apt is already the newest version 0 packages upgraded, 0 newly installed, 0 to remove and 5 not upgraded. spaz:~# vi /etc/apt/preferences Package: * Pin: release a=stable ~ /etc/apt/preferences: new file: 2 lines, 33 characters spaz:~# apt-get -t testing install ssh E: Command line option 't' [from -t] is not known. spaz:~# Naturally the next thing I did was man apt-get but that didn't clarify. Toby HTH, Ray -- Professionele hackers kunnen uw bedrijf veel schade berokkenen. Snail-mail spam van het Nederlands Normalisatie-Instituut -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-post, with additional questions/infomation: Traffic monitoring/logging question
On Tue, Mar 05, 2002 at 10:50:26PM +0100, Auke Rensen wrote: NTOP: 1.) Does anyone know how to log and store the collected data? 2.) Does anyone know how to insert specific source/destination rules? Take a look at the netflow/sflow exporting capabilities of ntop. It is almost compatible with the netflow exports of cisco routers. bye, -christian- -- Christian HammersWESTEND GmbH - Aachen und Dueren Tel 0241/701333-0 [EMAIL PROTECTED] Internet Security for ProfessionalsFax 0241/911879 WESTEND ist CISCO Systems Partner - Premier Certified -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
drac and sendmail 8.12.1
Hello, On woody I am looking to use drac with Sendmail 8.12.1 The instructions are for 8.9.x. Does anyone use them together? Best Ragnar Gudmundsson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Mail Servers
At 01:12 PM 3/18/02, you wrote: 1 What is the max user limit that woody + exim will support It's WAY above 500. :-) It also seriously depends on what the hardware is. I think a 486/33 might have a bit of trouble coping with 500 (or lets say 200-300) simultaneous and concurrent users trying to check their email at the beginning of the work day. I took that thought into account, I was thinking along the lines of a P3 400 with at least 384 megs of memory. Maybe over kill but I would rather have over kill than a dead mail server. Most of the people are factory line workers, so I don't really think that they will all log in at once. I'm not even sure why their management wants to give them all work email accounts. There are two offices with 500 (that gives me some room to play with actually, closer to 450) people in each one. I'm not sure if one mail server could handle it or not (never set one up before). I was also thinking of putting one in each shop for deversity. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Mail Servers
At 02:08 PM 3/18/02, Russell Coker wrote: On Mon, 18 Mar 2002 19:12, Jason Lim wrote: 1 What is the max user limit that woody + exim will support It's WAY above 500. :-) It also seriously depends on what the hardware is. I think a 486/33 might have a bit of trouble coping with 500 (or lets say 200-300) simultaneous and concurrent users trying to check their email at the beginning of the work day. That depends on how many messages are waiting, whether the users leave mail on the server, and whether they use mbox storage. If users leave mail on the server in mbox format, and they are emailing around Word files etc then a new P3 machine with 1G of RAM and a RAID setup of fast hard drives will have big problems. If the users do only plain-ascii mail with no big attachments, don't leave their mail on the server, have a fast connection to the server, and Maildir is used then 500 people logging on in a period of 10 minutes should work on a 486-33 with 64M of RAM. I hadn't even thought of using a RAID set up. I haven't had any experience with them. Hmm.. looks like I asked the right question in the right place after all. Thanks Chris -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
subscribe
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Mail Servers
I hadn't even thought of using a RAID set up. I haven't had any experience with them. Hmm.. looks like I asked the right question in the right place after all. Thanks Chris Most of us work in ISP/hosting type environments, so all your considerations have already been considered by us before. I got help here about optimizing outgoing email servers a while ago, and got lots of good advice and stuff here (also discovered some new, previously undocumented speed optimization techniques). So its all good for learning and helping each other :-) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Mail Servers
On Mon, 18 Mar 2002 21:17, Chris Jenks wrote: I hadn't even thought of using a RAID set up. I haven't had any experience with them. Hmm.. looks like I asked the right question in the right place after all. RAID is mandatory for a mail server. Backups are difficult for mail servers as the data is changing all the time, and they'll never be complete. Having a single drive failure lose all your data is unacceptable. Software RAID in Linux works quite well. The Debian install disks don't support it, but if you check the archives of this list you should find a message from me describing how to solve that. -- If you send email to me or to a mailing list that I use which has 4 lines of legalistic junk at the end then you are specifically authorizing me to do whatever I wish with the message and all other messages from your domain, by posting the message you agree that your long legalistic sig is void. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Mail Servers
On Mon, 18 Mar 2002 21:17, Chris Jenks wrote: I hadn't even thought of using a RAID set up. I haven't had any experience with them. Hmm.. looks like I asked the right question in the right place after all. RAID is mandatory for a mail server. Backups are difficult for mail servers as the data is changing all the time, and they'll never be complete. Having a single drive failure lose all your data is unacceptable. Well, I guess that depends on how important the mail is, and how often people download their mail. Obviously in an IMAP situation where mail is stored on the server, it must be safe and secure. With clients (software, i mean) downloading their mail to the desktop, the most they would notice is they are not getting any new mail for a short while (while you fix the server). People sending email will have the mail delayed, but most mail software (mta?) will keep trying for nearly up to a week, depending on software. So I guess that unless lots of users are using IMAP, then it won't be TOO bad if the disk the mail spool is on dies. Software RAID in Linux works quite well. The Debian install disks don't support it, but if you check the archives of this list you should find a message from me describing how to solve that. Yeap, with your guidance I've done that. Did it a while ago for a client. Also had problems with the boot sequence where if the disk on the first IDE link died, it would just sit there. Hardware RAID solved that problem. But I suppose it really depends how the hard disk is broken... in my individual case, the computer no longer could boot up past that point (i think something may have been wrong with the disk spindle motor)... but YMMV. If you send email to me or to a mailing list that I use which has 4 lines of legalistic junk at the end then you are specifically authorizing me to do whatever I wish with the message and all other messages from your domain, by posting the message you agree that your long legalistic sig is void. Everyone hates those ultra long *confidentiality, security, legal, blah blah* sigs. I wonder what the best, short, clear, legalistic sig is. Obviously not for sending to a mail list, but for individual emails. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: AVI stream
Sure, any media format can be streamed over Apache. The secret is the use of meta files. The streaming is a function accomplished by the client, not the server. All the so called streaming protocols out there are just glorified TCP/UDP data transfers with some bells and whistles thrown in. If you want something streamed into Media Player you just create a .asx metafile with it's contents pointing to the http location of the media. Media player automatically knows how to pace the download. Real Player works on the same principle. An example asx file: ASX VERSION =3 ENTRY TitleBoss's Speach/Title CopyrightCopyright Blah/Copyright REF HREF =http://wherever.com/something.avi; /ENTRY /ASX You mentioned copyright issues. It is impossible to keep someone from stealing *any* streamed content if they're determined. It wouldn't take much for someone to take apart your asx file and copy the URL into their browser and simply download it. One thing you can do is configure Apache to only serve the content if the browser id string matches the known media player browser types. This would prevent anyone from accessing the file from Netscape or IE or whatever. You'ld have to check your access logs to see what kind of id string it sends. One other thing to consider is that I think, but am not sure, that media player will keep a temp file of content received over http in the system temp directory. You'll have to test it to make sure. I think you can also embed copyrighted material tags in the file itself to tell media player that it can't be saved off. But like I said before, it is flat out impossible to safeguard streamed media from a true hacker. :) So all you will really be doing is keeping away the casual thief. That goes for Real Player too. So how many in your audience are going to think to look in %temp% for a copy of this?? At 11:29 AM 3/18/02 +0100, Michal Novotny wrote: Hello! Is there a chance to stream avi/wma file from Debian box? For now I'm using RealServer for Linux, but (for clients) I need to add support for Windows Media Player (standard player in MS Windows) :-( I cannot use download, but stream. Copyright issues... Could anyone help me? -- REMEMBER THE WORLD TRADE CENTER ---= WTC 911 =-- 0100 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
[OT] Re: AVI stream
Hi, On Tue, 19 Mar 2002, Chris Wagner wrote: [SNIP] You mentioned copyright issues. It is impossible to keep someone from stealing *any* streamed content if they're determined. It wouldn't take much for someone to take apart your asx file and copy the URL into their browser and simply download it. [SNIP] But like I said before, it is flat out impossible to safeguard streamed media from a true hacker. :) So all you will really be doing is keeping away the casual thief. That goes for Real Player too. So how many in your audience are going to think to look in %temp% for a copy of this?? I really object to the idea that I am a thief if I want to view the streamed content again, or show it to my wife, or if I want to convert it to format Foo for display with player Bar which I happen to like a lot. You publish or broadcast content, and that means the recipient can do with it whatever she damn well pleases as long as she doesn't redistribute it publically. But the idea that it's 'illegal' and 'thievery' to refuse to follow publisher's random unilaterally imposed restrictions of how the content should be viewed is bull. As long as the viewer doesn't violate copyright, he can do whatever. If you don't like that, don't publish it. It looks like the DMCA's brainwashing is already taking effect if people are already starting to believe it's wrong if you don't do as your told by the content owner. Sigh. Cheers, Emile. -- E-Advies / Emile van Bergen | [EMAIL PROTECTED] tel. +31 (0)70 3906153| http://www.e-advies.info -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]