RE: Virtual Domain Solution

2000-07-07 Thread Mike Bennett 

Ryan,

On Fri, 7 Jul 2000, Ryan Hayle wrote:

ryan  Yes, that approach makes a lot of sense--what I was asking was whether 
some
ryan  such system exists already.  Unfortunately, I've also got to try to train
ryan  NT-monkeys to do this, and so I need some type of GUI or web interface,
ryan  which was why I was considering qmail, and the qmailadmin program.  I 
guess
ryan  I'm just looking for some simple solution to avoid having to write and do
ryan  all of this myself.  Definitely an area where Linux is lacking...perhaps 
it
ryan  is something I could work on--a Debian-specific solution of some kind.
ryan  
ryan  In general, however do most ISP's simply go and write custom scripts for
ryan  everything?  Or do they just do it manually?  I've only got about 10 
domains
ryan  right now, but once we get more, I can easily imagine a nightmarish
ryan  situation--forgetting one file, setting one permission wrong, or 
something.

I know, that's how our little ISP started. We understood that the key to success
would be software, software software.

As far as I know, and speaking very generally:

   - The large ones ( Thousands of virtual hosts ) essentially employ a person
 who's job it is to look after
 just one aspect, ie DNS server, Web servers, mail relays etc. There is
 enough work in just each area to keep someone ( or perhaps a whole 
 division) occupied. They get a large software supplier/systems integrator
 like Sun, Microsoft, IBM etc. to write software systems for them.

   - The medium ones (hundreds-thousands  of virtual hosts) Develop their own
 systems, scripts, procedures in-house. I would class siliconBLUE in here.
 There is often a significant investment in the software developed and
 these, after all, are commercial organisations that will want to make some
 return on that investment. They won't generally put their software in the
 public domain because:

1. They have a signicant investment in software development that
   they will want to recover.

2. They won't want to give away any competitive edge.

  - The small ones do it all manually. This is a nightmare as numbers grow.

I am a complete supporter of public domain software and I particularly like the
Debian approach. Most of the GUI type tools I have seen, though, tend to be just
a GUI interface on the front of existing processes and systems. They don't
actually add much and the user still needs to know most of the technicalities of
what they are doing. If you are going to write software for front desk monkeys
(no disrespect intended) then you need to think about a conceptual
layer/model/paradigm that is above the technicalities, that your staff can
understand in whole. 

Then program to that conceptual model so that the staff only interact with that
model, manipulating it to do what they want. The software should then handle the
real systems underneath to produce the result that they want.

For example, they might want to:

  Add a new domain and virtual web server.

The software could handle that. They don't necessarily need to know that this
task involves manipulating DNS zone files and adding a virtual host entry to a
web server. The software should handle those real things.

Cheers
Mike



ryan  
ryan  
ryan  
ryan  Thanks,
ryan  Ryan
ryan  
ryan   -Original Message-
ryan   From: Jeremy C. Reed [mailto:[EMAIL PROTECTED]
ryan   Sent: Friday, 07 July, 2000 3:19 PM
ryan   To: Ryan Hayle
ryan   Cc: 'debian-isp@lists.debian.org'
ryan   Subject: Re: Virtual Domain Solution
ryan   
ryan   
ryan   On Fri, 7 Jul 2000, Ryan Hayle wrote:
ryan   
ryanThis is an overly general question, but I've found very little info
ryanon this so I thought I would ask here.  What is the best 
ryan   solution for
ryanISP hosting of virtual domains?  Are there any integrated packages
ryanwhich can handle web/email/ftp access on a per-domain, per-user
ryanbasis?
ryan   
ryan   Do you need websites for all of your users?
ryan   
ryanRight now, I am using exim for email, with gnu-pop3d and the virtual
ryandomains patch.  I am adding each virtual domain to the apache config
ryanmanually, and then to the exim config, storing everything in
ryan/virtual/domain.com.  I'm not even getting into FTP access.  There
ryanmust be a better way to do this.
ryan   
ryan   What do you mean by a better way? Is it because you are 
ryan   doing all the
ryan   setups manually with each step one at a time? You may want to 
ryan   make some
ryan   scripts to automate your steps. 
ryan   
ryan   I think you just need a few scripts:
ryan   
ryan   1) add a new domain script
ryan a) add zone info for dns
ryan b) add domain-name to your mail local deliveries file 
ryan   (maybe in your
ryancase: /etc/virtual/domains)
ryan c) add a user to Unix password database (/etc/passwd) for the
ryanwebsite/webmaster
ryan d) create home and

Re: SPAM

2000-03-01 Thread Mike Bennett 

All,

Very good idea, in theory. Just keep in mind that the Internet is an
enormous community. Two points:

   - It can be very dangerous to make sweeping global (in every sense)
 assumptions as to the configuration/setup/purpose of any particular
 system out of millions.

   - It is also a very dangerous road to travel when a few decide what is
 best and attempt to impose that upon the many.

I have always believed that education rather than a dictatorial approach
is generally a better way of solving global problems. Finding all of the
open relays is good. Communicating with, and educating the sysadmins of
those relays is good. Globally blocking a problem relay would have to be a
_very_ last resort and _very_ carefully thought about and dealt with.


Regards
Mike



On Wed, 1 Mar 2000, Chris Wagner wrote:

wagnerc  At 11:00 AM 3/1/00 -0800, Sis wrote:
wagnerc Maybe i'm being really naive. Maybe my estimate of the size of the
wagnerc  project is crazy? Maybe this is more of an invasion of privacy then 
i can
wagnerc  think of? Any thoughts on this? 
wagnerc  
wagnerc  Heh, not nearly as big as the [EMAIL PROTECTED] thing or the RC5 
cracking program.
wagnerc  Just yank the MX records from the DNS database.  
wagnerc  
wagnerc  +---+
wagnerc  |-=I T ' S  P R I N C I P L E  T H A T  C O U N T S=-   |
wagnerc  |=-  -=ALAN KEYES FOR PRESIDENT=- -=|
wagnerc  | Balanced Budgets Personal Freedoms Morality Lower Tax |
wagnerc  |=--  http://www.Keyes2000.com.  --=|
wagnerc  +———+
wagnerc  
wagnerc  
wagnerc  --  
wagnerc  To UNSUBSCRIBE, email to [EMAIL PROTECTED]
wagnerc  with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
wagnerc  

--
SiliconBlue - Virtual Systems   http://siliconBLUE.com
[ siliconBLUE ] 021-533820/06-3777638/[EMAIL PROTECTED]
[ LiveWire ]021-533820/06-3788206/[EMAIL PROTECTED]
--

Re: SPAM

2000-02-28 Thread Mike Bennett 

Just keep in mind that ORBS amounts to a denial-of-service service. They
do not verify the sites submitted before placing them on their black hole
list.

OK service. Be wary.

Why not just explicitly place your problem spammer in your own sendmail
config access database?

Mike Bennett


On Mon, 28 Feb 2000, Andy Gardner wrote:

andy  you can use sendmail's access table feature, see www.sendmail.org i have
andy  almost 700 domains/networks blocked in mine.
andy  
andy  you can add custom messages to it too which is cool.
andy  
andy  Got nothing better to do with your day than constantly update the list?
andy  
andy  http://www.orbs.org would be my vote.
andy  
andy  Since you're running Sendmail 8.9.3, all you need to do to fire it up is 
add
andy  
andy  FEATURE(orbs)dnl
andy  
andy  to your sendmail.mc file, then do a /etc/newmailconfig
andy  
andy  Too easy!!!
andy  
andy  -- 
andy  Andrew P. Gardner
andy  
andy  Never underestimate the power of stupid people in large groups.
andy  
andy  
andy  --  
andy  To UNSUBSCRIBE, email to [EMAIL PROTECTED]
andy  with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
andy  

--
SiliconBlue - Virtual Systems   http://siliconBLUE.com
[ siliconBLUE ] 021-533820/06-3777638/[EMAIL PROTECTED]
[ LiveWire ]021-533820/06-3788206/[EMAIL PROTECTED]
--

Re: SPAM

2000-02-28 Thread Mike Bennett 


On Mon, 28 Feb 2000, Andy Gardner wrote:

andy  Just keep in mind that ORBS amounts to a denial-of-service service. 
They
andy  do not verify the sites submitted before placing them on their black 
hole
andy  list.
andy  
andy  
andy  They run an open-relay test first.
andy  
andy  You're just upset because you ended up on a black list once.

No, a customer did, who had no idea what it was all about. A simple email
or call to them would have had it cleared up in a few minutes. Instead,
they were unable to receive email for a couple of days until they figured
it all out.

ergo... Denial of service.

Mike Bennett

--
SiliconBlue - Virtual Systems   http://siliconBLUE.com
[ siliconBLUE ] 021-533820/06-3777638/[EMAIL PROTECTED]
[ LiveWire ]021-533820/06-3788206/[EMAIL PROTECTED]
--