netfilter packet filtering
hi all, does any of you use input and output filtering using netfilter on a heavy load server? greetings, markus
Re: which dns server to use ?
What kind of invalid data? - You have to make sure that invalid data doesn't get into the database. There's no point in having a database otherwise. I didn't express myself very well ... meant more like corruption-checking (shouldn't happen but happend once afaik), etc. The language itself isn't really important. You have to be comfortable with your choice, that's all. True ... still I'd like to practice Perl a bit :-)
Re: which dns server to use ?
Interesting. I see you're prepared for the worst case :-) However, since I am somewhat lazy, I prefer to have all my services work with standard apt-get'able packages. This may also prevent possible security related problems. I am using the 'database-export-approach' to maintain the configuration files of the various services. This has proved very stable for 3 years now and it allows me to do upgrades the 'apt-get way', without recompiling or modifying source code. So you are using the approach I am currently working on. I'll be doing extensive error checking since ... sql server(s) not responding/no access, invalid data, etc and after the update i'll send out an email report with all the details. I'm thinking of using Perl for that, although I'm no Perl expert. The only other solution would be using commandline PHP ... What do you suggest ?
Re: which dns server to use ?
I use tinydns for a company that serves over one billion web hits per day (not visitors, hits, and no I'm not exaggerating). The authoritative nameservers serve between 100 and 300 queries/sec on each of five nameservers, for between 50 and 90 million queries answered per day. Hardware on those servers ? Resource usage ? I'd use tinydns first, then probably nsd, then something else before BIND (maybe powerDNS). I know BIND better than most people, I did a technical review for the "DNS & BIND Coobook" at the request of Cricket Liu, and I still don't use it anywhere I'm not forced to. I'll take a extensive look at tinydns ...
Re: which dns server to use ?
While I see that it may be useful to have zone data in an sql backend, I don't like the idea of plugging a mission-critical service such as a dns server directly to an sql database. A dns server has to be as simple as possible, with as few dependencies as possible. Serving zone data directly from an sql database increases the complexity of your system and adds new points of failure, what is especially undesirable in the case of a dns server. Well you can always write a small program to read out the data from a sql server and create zone data in the format required by your dns server :-)
Re: which dns server to use ?
> I've been using djbdns for a few years now, and I'm not aware of any > interoperability/compatibility problems between it and BIND. I've been > perfectly happy with djbdns. > Would you mind mentioning a bit about the extense of use like number of domains, etc and very interesting would also be the resource usage anything strange you have came accross so far, etc ...
using spamassassin in an isp environment ?
hi all, does any of you use latest version of spamassassin in your isp environment? i'm considering installing it as content-filter (Postfix 2.07 as MTA) on both mx servers ... the only thing that holds me back is how it responses to performance for 15 GB mail traffic / server. how are your experiences with it? since it's written in perl it will be a huge performance decrease, right? would it be possible to do filtering just for specified domains ? greetings, markus
Re: which dns server to use ?
8.x was/is a stable branch, but there were security issues. These are fixed, and reason to install BIND 8.x with care (like chrooting, see the Securing Debian Manual). There is quite a difference between unstable (is usually referred to as development status) and insecure. Bind 9.x had some security issues though. See http://www.securityfocus.com/cgi-bin/sfonline/vulns.pl But for Bind counts the same for all software: you've got to keep up to date with issues and fix/upgrade them when found. That software has never had any issues doesn't mean there won't be any in the future. Well BIND is more like the standard DNS server. djbdns looks nice but I'm wondering about it's compability with BIND servers since the author is pretty much hostile to any other DNS servers. I'm considering switching to djbdns on a TEST system since the DNS servers HAVE to be reliable ...
Re: dns records
Well there are a few more... 'TXT' for text records, for ipv6 A records... there are probably more, check the RFC's... For a nice RFC site check http://zvon.org/tmRFC/RFC_share/Output/index.html DNS rfc: http://www.zvon.org/tmRFC/RFC1035/Output/chapter3.html
Re: How to handle mail for multiple (10-15) domains w/o localpart conflicts?
Well, performance is not a problem for me. As I already mentioned I'm just hosting a dozen of domains with only a couple of (low-use) mailboxes altogether. Well that really doesn't make a difference, but nevermind ! Sure, but I like the option of quickly having a glance at them using "Mutt," in case something goes wrong etc. This way I can ssh in and remove offending mails, instead having to telnet to 110 and DELE it. Well you could also set up webmail if you don't like to telnet. What do you count to "offending mails" ? What exactly does the above do? I'm sorry but I don't quite get your point. Well I thought you meant just for some hosts e. g. the mailserver host you would like to have local deliverage and for all others you would like to use cyrus. I don't think not using mbox and rather using a better way is not a mistake. And I wouldn't also limit the decision of which POP3/IMAP-server to use just because a MUA can't handle the format of the server ... This option I will only consider if there is NO OTHER WAY. I've once started to do that and I have very soon regretted that I did so, so I don't want to repeat that mistake again. Those are just php scripts and a sql database creation script. You do not need to compile anything, etc. All it checks for is if you have webserver, php, etc installed. Greetings, Markus
Re: dns records
Well there are a few more... 'TXT' for text records, for ipv6 A records... there are probably more, check the RFC's... I know that there are a lot more but those are the one's we're actually using currently.
dns records
hi all, i have a few questions regarding dns records for using in a mysql db.the current layout looks like this: class CH HS IN data name preference ttl typeA CNAME MX NS PTR SOA The class is not really required. Regarding the type, that are all the types currently in use. If you do a lookup of e. g. www.debian.org at http://www.network-tools.com/nslook/Default.asp?domain=www.debian.org&type=255&server=66.46.181.133&class=255&port=53&advanced=true you will see more clear what each field exactly means. I thought of using enum for the type, varchar for data and name, smallint (2) for preference, varchar(8) for ttl since it could be alpha-numeric. How large can a preference be (MX records) ? What about the length of data and name ? Greetings, Markus
Re: How to handle mail for multiple (10-15) domains w/o localpart conflicts?
I don't want to move away from Exim unless there are serious (or even compelling) reasons to do so. Okay everybody should know which MTA to use and why. I moved a way from Exim right after a performance comparison with Postfix, etc :-) I read that Cyrus doesn't use mailbox files. This is a "con," IMHO, because that way I can't easily browse mail using "mutt" (or can I?!) Well you can use POP3/IMAP to connect to your mailbox :-) And anyways I don't know how Exim handles that but with Postfix you have transport maps like you could say, mail.server.tld local: To avoid the usage of Cyrus for mail.server.tld :-) There doesn't seem to be a Debian package available?! I think there is but not at packages.debian.org. As a hint: Don't rely on that Debian package - it looks a bit faulty. I did a manual install which worked fine ... Thanks so far, No problem :-) How do you do your system monitoring BTW? Like a daily report or something alike ... Greetings, Markus
Re: How to handle mail for multiple (10-15) domains w/o localpart conflicts?
Hi, is there a package, HOWTO, or FAQ that aids in or describes how to setup your Debian box (with Exim as the MTA) to handle mail for multiple (some 10-15) domains without conflicts in the local part of incoming mail? Maybe even let them add/delete/configure mailboxes using a web interface? Do you need to use Exim ? Or could you switch to Postfix also ? Postfix has a very powerful virtual user configuration - virtual_maps. Maybe you should take a look at that one if it's the solution you want. As POP3/IMAP server I suggest Cyrus. Postfix 2 can communicate with Cyrus using LMTP! About creating mailboxes on the web you maybe want to take a look at Web-Cyradm! Considering that people also need to fetch their mail using POP/IMAP I guess I need a full-blown virtual user solution (since I don't need (want?) my users to have system accounts on the box.) Suggestions, hints, pointers anyone? Hope this helps :-) Greetings, Markus
Re: which dns server to use ?
> I just controlled myself.. in scrapping the sentence "not again :-/". I'm sorry - I surely didn't want to start of a flame-war or something alike ... I searched for dns server but didn't change the date filter, hence no useful results. > http://lists.debian.org/debian-isp/2002/debian-isp-200211/threads.html > All you need to know about who likes what, and why.. incl. the flame-war. i'll take a look at that old post. if i'm looking for further information about a specific server i'll post it to the list in a new thread!
Re: which dns server to use ?
> I just controlled myself.. in scrapping the sentence "not again :-/". I'm sorry - I surely didn't want to start of a flame-war or something alike ... I searched for dns server but didn't change the date filter, hence no useful results. > http://lists.debian.org/debian-isp/2002/debian-isp-200211/threads.html > All you need to know about who likes what, and why.. incl. the flame-war. i'll take a look at that old post. if i'm looking for further information about a specific server i'll post it to the list in a new thread! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
which dns server to use ?
Hi all, Which dns server would you suggest ? BIND ( http://www.isc.org/products/BIND/ ) djbdns ( http://cr.yp.to/djbdns.html ) NSD ( http://www.nlnetlabs.nl/nsd/ ) Pretty much importance is performance and security. I'm currently not using DNSSEC or something alike so it wouldn't be a problem switching away from BIND (even if I'd need to convert the zone files ...) http://cr.yp.to/djbdns/other.html speaks pretty negative about other dns software (especially BIND), that's why I'd like to get your feedback about the dns server(s) you are using maybe including a few stats if that's possible. Greetings, Markus
which dns server to use ?
Hi all, Which dns server would you suggest ? BIND ( http://www.isc.org/products/BIND/ ) djbdns ( http://cr.yp.to/djbdns.html ) NSD ( http://www.nlnetlabs.nl/nsd/ ) Pretty much importance is performance and security. I'm currently not using DNSSEC or something alike so it wouldn't be a problem switching away from BIND (even if I'd need to convert the zone files ...) http://cr.yp.to/djbdns/other.html speaks pretty negative about other dns software (especially BIND), that's why I'd like to get your feedback about the dns server(s) you are using maybe including a few stats if that's possible. Greetings, Markus -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ftp (with virtual users + quota support) and dns servers ; software for logfile analysis and tmp cleanup ; mysql 4.0
I personally use Proftpd. It has performed well enough for my uses.. As to quotas.. I'm honestly not sure on that.. Well I'm also using ProFTPd currently. vsftpd offers a pretty nice performance boosting though :-) I do recomend switching to Bind9. There are alternatives, but Bind9 seems to be the only one that can actuaslly follow protocal AND adapt for the other servers inability to.. There's a sizeable chunk of Bind deticated to dealing with errors generated from both DJBDns and windows based DNS servers (*shudder*) Overall, Bind9 has given me the best performance and relyability.. We're using BIND 9 not yet chrooted on all servers though. I run logcheck, it sends out hourly e-mails to the address of your choice and does sexactly what you mention above.. Okay so it looks like I have to check for that one :-) Uhh.. That's a good question =P.. I have 2% of my tmp partition filled, so I haven't really worried about it.. Hmm I do not know how it will behave on a heavy load webserver ... I'm interested to see how this performs as well.. I'd love to keep my DB services up to date.. Well I'll do some performance testing and post my results here :-) Anyway, hope my rambling helps! Sure :-) Greetings, Markus
Re: ftp (with virtual users + quota support) and dns servers ; software for logfile analysis and tmp cleanup ; mysql 4.0
We are using bind since long time and we did not have any probs with that. The bugfixes for the most systemservices are realy quick available for debian imho. Okay so we will go for BIND. However I'd like to see BIND chrooted as default in debian or at least have an easy option to. I think I'll contact the package maintainer :-) rm? - /tmp is wipe at boottime .. maybe this is enought for you (depending on how often your server are rebooted) ;) We will be rebooting (if at all) once a year! Do you realy wonna use it? ;) I'm setting up a central database server and it'll do good in performance. Also I will be using the binaries provided by the MySQL AB anyways and chroot it also ... (and write a chrooting guide also btw). Maybe my response was usefull. (= sure it was :-) Greetings, Markus
Re: ftp (with virtual users + quota support) and dns servers ; softwarefor logfile analysis and tmp cleanup ; mysql 4.0
I personally use Proftpd. It has performed well enough for my uses.. As to quotas.. I'm honestly not sure on that.. Well I'm also using ProFTPd currently. vsftpd offers a pretty nice performance boosting though :-) I do recomend switching to Bind9. There are alternatives, but Bind9 seems to be the only one that can actuaslly follow protocal AND adapt for the other servers inability to.. There's a sizeable chunk of Bind deticated to dealing with errors generated from both DJBDns and windows based DNS servers (*shudder*) Overall, Bind9 has given me the best performance and relyability.. We're using BIND 9 not yet chrooted on all servers though. I run logcheck, it sends out hourly e-mails to the address of your choice and does sexactly what you mention above.. Okay so it looks like I have to check for that one :-) Uhh.. That's a good question =P.. I have 2% of my tmp partition filled, so I haven't really worried about it.. Hmm I do not know how it will behave on a heavy load webserver ... I'm interested to see how this performs as well.. I'd love to keep my DB services up to date.. Well I'll do some performance testing and post my results here :-) Anyway, hope my rambling helps! Sure :-) Greetings, Markus -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ftp (with virtual users + quota support) and dns servers ; softwarefor logfile analysis and tmp cleanup ; mysql 4.0
We are using bind since long time and we did not have any probs with that. The bugfixes for the most systemservices are realy quick available for debian imho. Okay so we will go for BIND. However I'd like to see BIND chrooted as default in debian or at least have an easy option to. I think I'll contact the package maintainer :-) rm? - /tmp is wipe at boottime .. maybe this is enought for you (depending on how often your server are rebooted) ;) We will be rebooting (if at all) once a year! Do you realy wonna use it? ;) I'm setting up a central database server and it'll do good in performance. Also I will be using the binaries provided by the MySQL AB anyways and chroot it also ... (and write a chrooting guide also btw). Maybe my response was usefull. (= sure it was :-) Greetings, Markus -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
ftp (with virtual users + quota support) and dns servers ; software for logfile analysis and tmp cleanup ; mysql 4.0
hi all, since we'll be using woody on our servers (finally moving away from red hat) i've got a couple of questions: 1. currently we've for each ftp user 1 account on the box (disabled). using vsftpd we could archive a real virtual user solution. i just have 1 question regarding this: is it possible to implement a quota on a user base ? like user mike has 20 MB and user markus 100 MB ? 2. we're using bind currently. looking back at bind's security history i'd like to stay away from it if possible. which dns server would you recommend? main points are on performance and security. 3. it would be nice to have something like logwatch (www.logwatch.org) in the debian system. logwatch analyses system logfiles and sends a report daily ... it doesn't need to be handled by 1 program ... it could be split up into several ones. recommendations? 4. which software do you use to clean up /tmp ? 5. anybody using mysql 4.0 already in a production server and could give a little bit of feedback about it? thanks in advance for any useful response :-) greetings, markus
ftp (with virtual users + quota support) and dns servers ; software for logfile analysis and tmp cleanup ; mysql 4.0
hi all, since we'll be using woody on our servers (finally moving away from red hat) i've got a couple of questions: 1. currently we've for each ftp user 1 account on the box (disabled). using vsftpd we could archive a real virtual user solution. i just have 1 question regarding this: is it possible to implement a quota on a user base ? like user mike has 20 MB and user markus 100 MB ? 2. we're using bind currently. looking back at bind's security history i'd like to stay away from it if possible. which dns server would you recommend? main points are on performance and security. 3. it would be nice to have something like logwatch (www.logwatch.org) in the debian system. logwatch analyses system logfiles and sends a report daily ... it doesn't need to be handled by 1 program ... it could be split up into several ones. recommendations? 4. which software do you use to clean up /tmp ? 5. anybody using mysql 4.0 already in a production server and could give a little bit of feedback about it? thanks in advance for any useful response :-) greetings, markus -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: calculation of mail traffic
This one looks really impressive :-) Thanks for suggesting this nice program! We currently use lire ( www.logreport.org ) and are totally satisfied with it. It processes many log formats ( mail, www, firewall, ... ) and generates good reports. Regards, JB Regards, Markus
Re: calculation of mail traffic
This one looks really impressive :-) Thanks for suggesting this nice program! We currently use lire ( www.logreport.org ) and are totally satisfied with it. It processes many log formats ( mail, www, firewall, ... ) and generates good reports. Regards, JB Regards, Markus -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: calculation of mail traffic
pflogsumm.pl looks like it's analyze result could be used for further analysis work. So I just have to run it once a day and over the result of pflogsumm.pl use a customized script :-) Thanks for your help! If you use postfix u can try pflogsumm ;)
calculation of mail traffic
Hi all,
I'd like to calculate mail traffic on a per domain base. Calculation should
include mail sent and mail received. I've been thinking of using the message id
as some sort of "key" for everything since it's supposed to be unique, right ?
I've been searching for a ready made solution and haven't come accross
something, so I started working on a solution.
My current ideas:
- calculate traffic for each day (via cronjob) with traffic in/out per domain
- domains which this calculation should be done for are listed in
accounting_domains
I've built a small example program (attached as example.pl) an example log file
is also attached.
My knowledge of Perl is not quite well so I'm looking for help to archive the
goal of doing this calculation. Anybody out there for help ? :-)
Kind Regards,
Markus Welsch
Mar 17 07:11:43 box postfix/pickup[489]: 2C2C7C0A8: uid=1000 from=
Mar 17 07:11:43 box postfix/cleanup[493]: 2C2C7C0A8: message-id=<[EMAIL
PROTECTED]>
Mar 17 07:11:43 box postfix/qmgr[451]: 2C2C7C0A8: from=<[EMAIL PROTECTED]>,
size=435, nrcpt=7 (queue active)
Mar 17 07:11:44 box postfix/smtp[495]: 2C2C7C0A8: to=<[EMAIL PROTECTED]>,
relay=XXX.XXX.net[XXX.XXX.XXX.XXX], delay=1, status=sent (250 2.0.0
h2H72LG00567 Message accepted for delivery)
Mar 17 07:11:44 box postfix/smtp[495]: 2C2C7C0A8: to=<[EMAIL PROTECTED]>,
relay=XXX.XXX.net[XXX.XXX.XXX.XXX], delay=1, status=sent (250 2.0.0
h2H72LG00567 Message accepted for delivery)
Mar 17 07:11:44 box postfix/smtp[494]: 2C2C7C0A8: to=<[EMAIL PROTECTED]>,
relay=XXX.XXX.net[XXX.XXX.XXX.XXX], delay=1, status=sent (250 2.0.0
h2H72LG00566 Message accepted for delivery)
Mar 17 07:11:44 box postfix/smtp[494]: 2C2C7C0A8: to=<[EMAIL PROTECTED]>,
relay=XXX.XXX.net[XXX.XXX.XXX.XXX], delay=1, status=sent (250 2.0.0
h2H72LG00566 Message accepted for delivery)
Mar 17 07:11:44 box postfix/smtp[494]: 2C2C7C0A8: to=<[EMAIL PROTECTED]>,
relay=XXX.XXX.net[XXX.XXX.XXX.XXX], delay=1, status=sent (250 2.0.0
h2H72LG00566 Message accepted for delivery)
Mar 17 07:11:44 box postfix/smtp[494]: 2C2C7C0A8: to=<[EMAIL PROTECTED]>,
relay=XXX.XXX.net[XXX.XXX.XXX.XXX], delay=1, status=sent (250 2.0.0
h2H72LG00566 Message accepted for delivery)
Mar 17 07:11:44 box postfix/smtp[494]: 2C2C7C0A8: to=<[EMAIL PROTECTED]>,
relay=XXX.XXX.net[XXX.XXX.XXX.XXX], delay=1, status=sent (250 2.0.0
h2H72LG00566 Message accepted for delivery)
#!/usr/bin/perl -w
use strict;
# Mar 5 13:47:15 box postfix/smtpd[873]: 8859A1FFB0:
client=ns.suk.net[195.126.239.3]
# Mar 5 13:47:15 box postfix/qmgr[741]: 8859A1FFB0: from=<[EMAIL PROTECTED]>,
size=1987, nrcpt=1 (queue
# active)
# Mar 5 13:47:16 box postfix/virtual[879]: 8859A1FFB0: to=<[EMAIL PROTECTED]>,
relay=virtual, delay=1, status=sent
# (maildir)
my $client_ip;
my $mail_from;
my $mail_to;
my $message_id;
my $message_size;
my $message_time;
my $nr_recipient;
my %messages;
open(FILE, "mail.log") or die "Couldn't open mail.log: $!; aborting";
while () {
if ($_ =~ /(\S+ .* \d+:\d+:\d+) .* postfix\/smtpd\[.*\]: (\S+):
client=.*\[(\d+\.\d+\.\d+\.\d+)\]$/) {
$message_time = $1;
$message_id = $2;
$client_ip = $3;
print "Message-ID: \t", $message_id,"\n";
print "Message-Time: \t", $message_time,"\n";
print "Client-IP: \t", $client_ip,"\n\n";
} elsif ($_ =~ /.* postfix\/qmgr\[.*\]: (\S+): from=<(\S+)>,
size=(\d+), nrcpt=(\d+)/) {
$message_id = $1;
$mail_from = $2;
$message_size = $3;
$nr_recipient = $4;
print "Message-ID: \t", $message_id,"\n";
print "Mail from: \t", $mail_from, "\n";
print "Messagesize: \t",$message_size, "\n";
print "No recipients:\t", $nr_recipient, "\n\n";
} elsif ($_ =~ /.* postfix\/.*: (\S+): to=<(\S+)>/) {
$message_id = $1;
$mail_to = $2;
print "Message-ID: \t", $message_id,"\n";
print "Mail to: \t",$mail_to, "\n\n";
}
}
close(FILE);
Re: calculation of mail traffic
pflogsumm.pl looks like it's analyze result could be used for further analysis work. So I just have to run it once a day and over the result of pflogsumm.pl use a customized script :-) Thanks for your help! If you use postfix u can try pflogsumm ;) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
calculation of mail traffic
Hi all,
I'd like to calculate mail traffic on a per domain base. Calculation should
include mail sent and mail received. I've been thinking of using the message id
as some sort of "key" for everything since it's supposed to be unique, right ?
I've been searching for a ready made solution and haven't come accross
something, so I started working on a solution.
My current ideas:
- calculate traffic for each day (via cronjob) with traffic in/out per domain
- domains which this calculation should be done for are listed in accounting_domains
I've built a small example program (attached as example.pl) an example log file
is also attached.
My knowledge of Perl is not quite well so I'm looking for help to archive the
goal of doing this calculation. Anybody out there for help ? :-)
Kind Regards,
Markus Welsch
Mar 17 07:11:43 box postfix/pickup[489]: 2C2C7C0A8: uid=1000 from=
Mar 17 07:11:43 box postfix/cleanup[493]: 2C2C7C0A8: message-id=<[EMAIL PROTECTED]>
Mar 17 07:11:43 box postfix/qmgr[451]: 2C2C7C0A8: from=<[EMAIL PROTECTED]>, size=435,
nrcpt=7 (queue active)
Mar 17 07:11:44 box postfix/smtp[495]: 2C2C7C0A8: to=<[EMAIL PROTECTED]>,
relay=XXX.XXX.net[XXX.XXX.XXX.XXX], delay=1, status=sent (250 2.0.0 h2H72LG00567
Message accepted for delivery)
Mar 17 07:11:44 box postfix/smtp[495]: 2C2C7C0A8: to=<[EMAIL PROTECTED]>,
relay=XXX.XXX.net[XXX.XXX.XXX.XXX], delay=1, status=sent (250 2.0.0 h2H72LG00567
Message accepted for delivery)
Mar 17 07:11:44 box postfix/smtp[494]: 2C2C7C0A8: to=<[EMAIL PROTECTED]>,
relay=XXX.XXX.net[XXX.XXX.XXX.XXX], delay=1, status=sent (250 2.0.0 h2H72LG00566
Message accepted for delivery)
Mar 17 07:11:44 box postfix/smtp[494]: 2C2C7C0A8: to=<[EMAIL PROTECTED]>,
relay=XXX.XXX.net[XXX.XXX.XXX.XXX], delay=1, status=sent (250 2.0.0 h2H72LG00566
Message accepted for delivery)
Mar 17 07:11:44 box postfix/smtp[494]: 2C2C7C0A8: to=<[EMAIL PROTECTED]>,
relay=XXX.XXX.net[XXX.XXX.XXX.XXX], delay=1, status=sent (250 2.0.0 h2H72LG00566
Message accepted for delivery)
Mar 17 07:11:44 box postfix/smtp[494]: 2C2C7C0A8: to=<[EMAIL PROTECTED]>,
relay=XXX.XXX.net[XXX.XXX.XXX.XXX], delay=1, status=sent (250 2.0.0 h2H72LG00566
Message accepted for delivery)
Mar 17 07:11:44 box postfix/smtp[494]: 2C2C7C0A8: to=<[EMAIL PROTECTED]>,
relay=XXX.XXX.net[XXX.XXX.XXX.XXX], delay=1, status=sent (250 2.0.0 h2H72LG00566
Message accepted for delivery)
#!/usr/bin/perl -w
use strict;
# Mar 5 13:47:15 box postfix/smtpd[873]: 8859A1FFB0: client=ns.suk.net[195.126.239.3]
# Mar 5 13:47:15 box postfix/qmgr[741]: 8859A1FFB0: from=<[EMAIL PROTECTED]>,
size=1987, nrcpt=1 (queue
# active)
# Mar 5 13:47:16 box postfix/virtual[879]: 8859A1FFB0: to=<[EMAIL PROTECTED]>,
relay=virtual, delay=1, status=sent
# (maildir)
my $client_ip;
my $mail_from;
my $mail_to;
my $message_id;
my $message_size;
my $message_time;
my $nr_recipient;
my %messages;
open(FILE, "mail.log") or die "Couldn't open mail.log: $!; aborting";
while () {
if ($_ =~ /(\S+ .* \d+:\d+:\d+) .* postfix\/smtpd\[.*\]: (\S+):
client=.*\[(\d+\.\d+\.\d+\.\d+)\]$/) {
$message_time = $1;
$message_id = $2;
$client_ip = $3;
print "Message-ID: \t", $message_id,"\n";
print "Message-Time: \t", $message_time,"\n";
print "Client-IP: \t", $client_ip,"\n\n";
} elsif ($_ =~ /.* postfix\/qmgr\[.*\]: (\S+): from=<(\S+)>, size=(\d+),
nrcpt=(\d+)/) {
$message_id = $1;
$mail_from = $2;
$message_size = $3;
$nr_recipient = $4;
print "Message-ID: \t", $message_id,"\n";
print "Mail from: \t", $mail_from, "\n";
print "Messagesize: \t",$message_size, "\n";
print "No recipients:\t", $nr_recipient, "\n\n";
} elsif ($_ =~ /.* postfix\/.*: (\S+): to=<(\S+)>/) {
$message_id = $1;
$mail_to = $2;
print "Message-ID: \t", $message_id,"\n";
print "Mail to: \t",$mail_to, "\n\n";
}
}
close(FILE);
postfix 2.x and smtp auth using sql database
Hi all, i'd like to realize smtp auth using postfix and a mysql database. without removing the chroot from postfix or copying pam_mysql and all required libraries, etc to /var/spool/postfix i'm unable to do so. is there a cleaner solution than copying those files to /var/spool/postfix ? i'd like to keep postfix chrooted if possible ... kind regards, markus
postfix 2.x and smtp auth using sql database
Hi all, i'd like to realize smtp auth using postfix and a mysql database. without removing the chroot from postfix or copying pam_mysql and all required libraries, etc to /var/spool/postfix i'm unable to do so. is there a cleaner solution than copying those files to /var/spool/postfix ? i'd like to keep postfix chrooted if possible ... kind regards, markus -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
DNS server
Hi all, Which DNS server would you recommend that provides following functionality: o ACL-System based on IP-address (like having netblocks to do querying everything and all others could just query domains that they are allowed to; same goes for update) o support for DNSSec So it should provide the base features of BIND ... but I'd rather like to step away from it for security reasons. Another option should be the posibiltiy to chroot it (like the default chroot of other daemons like postfix, etc). Kind Regards, Markus Welsch
DNS server
Hi all, Which DNS server would you recommend that provides following functionality: o ACL-System based on IP-address (like having netblocks to do querying everything and all others could just query domains that they are allowed to; same goes for update) o support for DNSSec So it should provide the base features of BIND ... but I'd rather like to step away from it for security reasons. Another option should be the posibiltiy to chroot it (like the default chroot of other daemons like postfix, etc). Kind Regards, Markus Welsch -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: mysql
You shouldn't compile mysql yourself if not really required. It's suggested to use the mysql binary package provided for the platform (x86/libc, etc). If you want to use a more recent version of MySQL you should take a look at the backports. Use http://www.apt-get.org for searching ! > I am currently running a heavy loaded mysql server on Slackware 8.1 (over 700 > databases), and I'm planning to switch to Debian stable and backport mysql > from testing. > In manual mysql authors recommend to compile mysql against patched libpthread > (http://www.mysql.com/doc/en/Linux.html). Is this necessary on Debian too? > Or it is better to use their binary package? > > Thanks, > > --Jan Vitek > > Kind Regards, Markus
Re: mysql
You shouldn't compile mysql yourself if not really required. It's suggested to use the mysql binary package provided for the platform (x86/libc, etc). If you want to use a more recent version of MySQL you should take a look at the backports. Use http://www.apt-get.org for searching ! > I am currently running a heavy loaded mysql server on Slackware 8.1 (over 700 > databases), and I'm planning to switch to Debian stable and backport mysql > from testing. > In manual mysql authors recommend to compile mysql against patched libpthread > (http://www.mysql.com/doc/en/Linux.html). Is this necessary on Debian too? > Or it is better to use their binary package? > > Thanks, > > --Jan Vitek > > Kind Regards, Markus -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: load balancing
Depends on what you want to balance, just TCP/IP traffic, or a specific service (mail/web/etc). For TCP/IP traffic, we use VRRP (Virtual Redundant Router Protocol), which works fine. What would you recommend if you want to realize load balancing between mail and webservers ? (Mail server should also include POP3/IMAP-Server).
Re: load balancing
Depends on what you want to balance, just TCP/IP traffic, or a specific service (mail/web/etc). For TCP/IP traffic, we use VRRP (Virtual Redundant Router Protocol), which works fine. What would you recommend if you want to realize load balancing between mail and webservers ? (Mail server should also include POP3/IMAP-Server). -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: anti virus software for mail server
I already use amavis + clamav for our servers and works fine.I have 9 months using clamav and his virus data base is update one o two times in a week. That sounds great. So could you give us a bit of a short review, like how much mail traffic those servers have to handle, etc.
Re: anti virus software for mail server
Yes, it's a great Romanian AV software. But why not try a GPL software first -- ClamAV? I didn't take a look at ClamAV yet! I need a stable, proven-to-work solution which will still work fine under heavy load.
Re: anti virus software for mail server
Well I don't think the price is too bad for a ISP. The clamav engine seems to be last updated 21-Nov-2002 ... quite a while and it's not v1.0 yet. How many users are you providing antivirus for ? Which MTA are you using ? It is a bit pricy. I have used http://clamav.elektrapro.com/ with great sucess. Lot cheaper and works well. Kind Regards, Markus
Re: anti virus software for mail server
I already use amavis + clamav for our servers and works fine.I have 9 months using clamav and his virus data base is update one o two times in a week. That sounds great. So could you give us a bit of a short review, like how much mail traffic those servers have to handle, etc. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
anti virus software for mail server
Hi, I've found RAV Antivirus (http://www.ravantivirus.com/pages/showproduct.php?p=21) but I never heard of that one before! From the first view it looks amazing - so if somebody has experience with that one post please! Of course also post your personal recommendations. As MTA I'm using Postfix 2.0 by the way ! Kind Regards, Markus Welsch
Re: anti virus software for mail server
Yes, it's a great Romanian AV software. But why not try a GPL software first -- ClamAV? I didn't take a look at ClamAV yet! I need a stable, proven-to-work solution which will still work fine under heavy load. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: anti virus software for mail server
Well I don't think the price is too bad for a ISP. The clamav engine seems to be last updated 21-Nov-2002 ... quite a while and it's not v1.0 yet. How many users are you providing antivirus for ? Which MTA are you using ? It is a bit pricy. I have used http://clamav.elektrapro.com/ with great sucess. Lot cheaper and works well. Kind Regards, Markus -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
anti virus software for mail server
Hi, I've found RAV Antivirus (http://www.ravantivirus.com/pages/showproduct.php?p=21) but I never heard of that one before! From the first view it looks amazing - so if somebody has experience with that one post please! Of course also post your personal recommendations. As MTA I'm using Postfix 2.0 by the way ! Kind Regards, Markus Welsch -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
