Re: [OpenWrt-Devel] Anyone interested in porting mailman and postfix to openwrt?
28.12.2010 02:51, Philip Prindeville wrote: Oddly, it was an Intel SSD (400GB). He had just spent two days installing to it (it was a complex install with multiple OS's and VM support), and he hadn't yet had a chance to back it up. Yeah, that's very strange. Looks like he had back luck to get an SSD with a fabric defect. Anyway, we're a bit offtopic now, so let's be polite and stop this discussion on the list - it has nothing to do with the porting of postfix to the openwrt. -- Best regards, Alexey Loukianov mailto:mooro...@mail.ru System Engineer,Mob.:+7(926)218-1320 *nix Specialist signature.asc Description: OpenPGP digital signature ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] Anyone interested in porting mailman and postfix to openwrt?
On 12/26/10 4:28 PM, Alexey Loukianov wrote: 26.12.2010 23:34, Philip Prindeville wrote: Flash drives have a limited number of writes on them. Mail service tends to do a *lot* of writes, especially in the mail queue directory. Yes, I know that modern flash and SSD is supposed to have write level to extend the life of the device... in theory. A colleague of mine was using PGP encryption on his SSD boot drive and had it fail after a couple of thousand writes. Many fewer than the 100,000 it was supposed to be rated for. Lost everything. Well, your colleague should have been more careful and follow the main rule of system administrators: backup endlessly, the more distinct copies you've got - the better. As for flash drives and wear leveling - it depends on the model of flashdrive you use. Simple USB flash sticks most of the times have their controller configured to skip wear leveling tasks and use lowest redundancy level of ECC - it improves write speed and total available capacity of the device at the cost of reliability. If you're geeky-enough you may search the internet for the proprietary tool compatible with the controller you've got inside your USB flash stick and use it to do low level format to reconfigure controller to enable wear leveling and instruct it to use more bits for ECC. Another option is to use block-to-mtd kernel level wrapper and format your USB stick into jffs2 filesystem. High-end SSD's from major vendors (Intel, Corsair, OCZ, e.t.c) tend to use better micro-controllers which cannot be configured to skip wear leveling. So in case you've got $200 32Gb SLC SSD drive with USB interface built-in - this drive should be OK for use as a mail queue storage - most probably it would be able to cope with such load for several years. And you always have got the possibility to connect 2,5 USB HDD to your router box - it would work flawlessly as a storage space for MTA. So I see nothing criminal if one wants to use his high-performance router as a mail server - it would work good enough for low amounts of mail traffic and would save user from having to have another server box serving as MTA. Oddly, it was an Intel SSD (400GB). He had just spent two days installing to it (it was a complex install with multiple OS's and VM support), and he hadn't yet had a chance to back it up. ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] Anyone interested in porting mailman and postfix to openwrt?
extend the life of the device... in theory. A colleague of mine was using PGP encryption on his SSD boot drive and had it fail after a couple of thousand writes. That's just an early drive failure, unrelated to the fact that flash memory wears out. Stefan ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] Anyone interested in porting mailman and postfix to openwrt?
Flash drives have a limited number of writes on them. Mail service tends to do a *lot* of writes, especially in the mail queue directory. Yes, I know that modern flash and SSD is supposed to have write level to extend the life of the device... in theory. A colleague of mine was using PGP encryption on his SSD boot drive and had it fail after a couple of thousand writes. Many fewer than the 100,000 it was supposed to be rated for. Lost everything. On 12/22/10 1:43 AM, Denis Shulyaka wrote: Hi Philip, Your opinion has strong points, but I can't agree with everything you have said. I've never experienced a mass attack or overheating of my box, and solving such problems now sounds like overkill for me. Anyway, I would prefer to attach an extra heat sink. UPS time neither bothers me now. I believe my DIR-825 is powerful enough to run small mailing lists with about 15 users and 5 msg/day. It has 680 Mhz MIPS CPU and external USB flash drive, so the only bottle neck is the RAM, but swap is also an option. Besides that, I don't have a large home network, the router box is the only device that is always on in my house apart from mobile phone, and I don't see enough reasons to buy a second identical box for intranet applications (and I will also need to port the software to it as well). The mailman mail archives would be on a usb flash, and I will be able to easily recover them if I replace a router. Other mail will be forwarded to another address and will not be kept on the router, I just want to have a mail with my domain and don't want to keep a big noisy pc in the wiring closet for that. I think an openwrt box is the best option for my applications, I'm just having troubles with porting some software on it. 2010/12/22 Philip Prindevillephilipp_s...@redfish-solutions.com: Why would you want to do this? There's a certain amount of desirability to get a lot of functionality into a one box solution, sure, but at some point one has to ask, how much is too much? Having services that are logically co-located (like firewalling and VPN) together makes sense, but there's no compelling reason to have email on a boundary machine. Indeed, there are several strong reasons not to: * boundary machines have a lot of attack surface, by virtue of being boundary machines * a router/firewall contains relatively little state, and can be replaced relatively quickly and easily in the case of corruption, catastrophic failure, or subversion. a mail server has a lot of state, in contrast, and needs to be backed up regularly. especially if it's also a message store for IMAP or POP. * email can contain a lot of personally identifiable information (full name, street address, employee id #, etc) that you wouldn't want to put at the edge of your network. I would sooner set up port-forwarding for SMTP (and possibly 587, 143, 993, etc) and bury that machine deep in my secure intranet. Lastly, message processing can be extremely compute intensive (especially if you're running spam filters) and use a lot of storage (and energy). These are not qualities associated with what's typically a border gateway or firewall. We have a box that consumes 12W and has the highest priority on our UPS, so it's the last thing shut down when power is off and the UPS is being depleted. Having a lot of storage and/or processing power on that box would make it have less run-time on UPS power. More power consumption also means more heat... you no longer have the option of sticking your firewall in a small, poorly ventilated wiring closet. On 12/21/10 8:54 AM, Denis Shulyaka wrote: Hi! I want my router to run mailing lists and receive the email, but it appears I have too little experience to make it myself alone. Therefore I'm looking for community help. I have managed to prepare Makefiles and build packages for both mailman and postfix but both still have some issues. If anyone else is interested, below are the problems I have faced. Note that you will need to have your rootfs on external storage device as explained in the wiki because the size of packages is too big. You can download my current makefiles for Trunk and ipk packages for D-Link DIR-825 from http://shulyaka.org.ru/devel/ (the link now points to the router BTW). Postfix: To compile postfix you need to compile it natively first for the host you are building on, because it executes postconf binary while installing. You need to modify Makefile and set correct path instead of /home/denis/postfix/src/utils/postconf. I still have to figure it out how to do it the right way. The package builds and installs fine, I even was able to send a message to one of my addresses, but however if I try to send it to gmail, it rejects it: Dec 21 19:44:30 shulyaka mail.info postfix/smtp[6411]: 248C476C: to=myaddr...@gmail.com, relay=gmail-smtp-in.l.google.com[74.125.77.27]:25, delay=5.7, delays=4.2/0.04/0.47/0.96, dsn=5.7.1, status=bounced (host gmail-smtp-in.l.google.com[74.125.77.27]
Re: [OpenWrt-Devel] Anyone interested in porting mailman and postfix to openwrt?
26.12.2010 23:34, Philip Prindeville wrote: Flash drives have a limited number of writes on them. Mail service tends to do a *lot* of writes, especially in the mail queue directory. Yes, I know that modern flash and SSD is supposed to have write level to extend the life of the device... in theory. A colleague of mine was using PGP encryption on his SSD boot drive and had it fail after a couple of thousand writes. Many fewer than the 100,000 it was supposed to be rated for. Lost everything. Well, your colleague should have been more careful and follow the main rule of system administrators: backup endlessly, the more distinct copies you've got - the better. As for flash drives and wear leveling - it depends on the model of flashdrive you use. Simple USB flash sticks most of the times have their controller configured to skip wear leveling tasks and use lowest redundancy level of ECC - it improves write speed and total available capacity of the device at the cost of reliability. If you're geeky-enough you may search the internet for the proprietary tool compatible with the controller you've got inside your USB flash stick and use it to do low level format to reconfigure controller to enable wear leveling and instruct it to use more bits for ECC. Another option is to use block-to-mtd kernel level wrapper and format your USB stick into jffs2 filesystem. High-end SSD's from major vendors (Intel, Corsair, OCZ, e.t.c) tend to use better micro-controllers which cannot be configured to skip wear leveling. So in case you've got $200 32Gb SLC SSD drive with USB interface built-in - this drive should be OK for use as a mail queue storage - most probably it would be able to cope with such load for several years. And you always have got the possibility to connect 2,5 USB HDD to your router box - it would work flawlessly as a storage space for MTA. So I see nothing criminal if one wants to use his high-performance router as a mail server - it would work good enough for low amounts of mail traffic and would save user from having to have another server box serving as MTA. -- Best regards, Alexey Loukianov mailto:mooro...@mail.ru System Engineer,Mob.:+7(926)218-1320 *nix Specialist signature.asc Description: OpenPGP digital signature ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] Anyone interested in porting mailman and postfix to openwrt?
Hi list, OK, I have resolved almost all problems, now mailman seems to be OK, postfix compiles out-of-the-makefile without any extra steps (but you will need libdb-devel package installed on your host), it sends the mails but still doesn't receive (therefore I can't test mailman fully yet). Here is what I see in the system log when I try to receive a message: Dec 23 17:53:39 shulyaka mail.warn postfix/smtpd[1615]: warning: 209.85.214.180: hostname mail-iw0-f180.google.r.arpa verification failed: Name or service not known Dec 23 17:53:39 shulyaka mail.info postfix/smtpd[1615]: connect from unknown[209.85.214.180] Dec 23 17:53:40 shulyaka mail.crit postfix/smtpd[1615]: fatal: statfs .: No such device Dec 23 17:53:41 shulyaka mail.warn postfix/master[1324]: warning: process /usr/libexec/postfix/smtpd pid 1615 exit status 1 Dec 23 17:53:41 shulyaka mail.warn postfix/master[1324]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling I'm still investigating it. The makefiles are still not perfect, but it's almost my first attempt at packaging, and postfix and mailman are not so trivial. When I'm done I will perform any kind of stress tests, CPU/memory/overheating measurements, etc. 2010/12/22 Denis Shulyaka shuly...@gmail.com: Hi, I've solved the postaliases problem, for some reason it doesn't want to work with 'hash' database types, but 'btree' types does work. 2010/12/21 Denis Shulyaka shuly...@gmail.com: Hi! I want my router to run mailing lists and receive the email, but it appears I have too little experience to make it myself alone. Therefore I'm looking for community help. I have managed to prepare Makefiles and build packages for both mailman and postfix but both still have some issues. If anyone else is interested, below are the problems I have faced. Note that you will need to have your rootfs on external storage device as explained in the wiki because the size of packages is too big. You can download my current makefiles for Trunk and ipk packages for D-Link DIR-825 from http://shulyaka.org.ru/devel/ (the link now points to the router BTW). Postfix: To compile postfix you need to compile it natively first for the host you are building on, because it executes postconf binary while installing. You need to modify Makefile and set correct path instead of /home/denis/postfix/src/utils/postconf. I still have to figure it out how to do it the right way. The package builds and installs fine, I even was able to send a message to one of my addresses, but however if I try to send it to gmail, it rejects it: Dec 21 19:44:30 shulyaka mail.info postfix/smtp[6411]: 248C476C: to=myaddr...@gmail.com, relay=gmail-smtp-in.l.google.com[74.125.77.27]:25, delay=5.7, delays=4.2/0.04/0.47/0.96, dsn=5.7.1, status=bounced (host gmail-smtp-in.l.google.com[74.125.77.27] said: 550-5.7.1 [1 The bigger problem is that I cannot set mail aliases. newaliases complains that there is no /etc/aliases, and if I create one, it segfaults. Could you give me any hints? Mailman: To set up uhttpd server for mailman I have moved luci to another port and added the following lines to /etc/config/uhttpd: config uhttpd mailman list listen_http 0.0.0.0:80 option home /usr/local/mailman/web option cgi_prefix /mailman no_symlinks 0 The web interface now works good (check http://shulyaka.org.ru/mailman/listinfo), but mailman doesn't seem to send emails, there is nothing in the system log. BTW, is it safe enough to run mailman as root? Dear community, I need your help! Best regards, Denis Shulyaka ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] Anyone interested in porting mailman and postfix to openwrt?
Hi Philip, Your opinion has strong points, but I can't agree with everything you have said. I've never experienced a mass attack or overheating of my box, and solving such problems now sounds like overkill for me. Anyway, I would prefer to attach an extra heat sink. UPS time neither bothers me now. I believe my DIR-825 is powerful enough to run small mailing lists with about 15 users and 5 msg/day. It has 680 Mhz MIPS CPU and external USB flash drive, so the only bottle neck is the RAM, but swap is also an option. Besides that, I don't have a large home network, the router box is the only device that is always on in my house apart from mobile phone, and I don't see enough reasons to buy a second identical box for intranet applications (and I will also need to port the software to it as well). The mailman mail archives would be on a usb flash, and I will be able to easily recover them if I replace a router. Other mail will be forwarded to another address and will not be kept on the router, I just want to have a mail with my domain and don't want to keep a big noisy pc in the wiring closet for that. I think an openwrt box is the best option for my applications, I'm just having troubles with porting some software on it. 2010/12/22 Philip Prindeville philipp_s...@redfish-solutions.com: Why would you want to do this? There's a certain amount of desirability to get a lot of functionality into a one box solution, sure, but at some point one has to ask, how much is too much? Having services that are logically co-located (like firewalling and VPN) together makes sense, but there's no compelling reason to have email on a boundary machine. Indeed, there are several strong reasons not to: * boundary machines have a lot of attack surface, by virtue of being boundary machines * a router/firewall contains relatively little state, and can be replaced relatively quickly and easily in the case of corruption, catastrophic failure, or subversion. a mail server has a lot of state, in contrast, and needs to be backed up regularly. especially if it's also a message store for IMAP or POP. * email can contain a lot of personally identifiable information (full name, street address, employee id #, etc) that you wouldn't want to put at the edge of your network. I would sooner set up port-forwarding for SMTP (and possibly 587, 143, 993, etc) and bury that machine deep in my secure intranet. Lastly, message processing can be extremely compute intensive (especially if you're running spam filters) and use a lot of storage (and energy). These are not qualities associated with what's typically a border gateway or firewall. We have a box that consumes 12W and has the highest priority on our UPS, so it's the last thing shut down when power is off and the UPS is being depleted. Having a lot of storage and/or processing power on that box would make it have less run-time on UPS power. More power consumption also means more heat... you no longer have the option of sticking your firewall in a small, poorly ventilated wiring closet. On 12/21/10 8:54 AM, Denis Shulyaka wrote: Hi! I want my router to run mailing lists and receive the email, but it appears I have too little experience to make it myself alone. Therefore I'm looking for community help. I have managed to prepare Makefiles and build packages for both mailman and postfix but both still have some issues. If anyone else is interested, below are the problems I have faced. Note that you will need to have your rootfs on external storage device as explained in the wiki because the size of packages is too big. You can download my current makefiles for Trunk and ipk packages for D-Link DIR-825 from http://shulyaka.org.ru/devel/ (the link now points to the router BTW). Postfix: To compile postfix you need to compile it natively first for the host you are building on, because it executes postconf binary while installing. You need to modify Makefile and set correct path instead of /home/denis/postfix/src/utils/postconf. I still have to figure it out how to do it the right way. The package builds and installs fine, I even was able to send a message to one of my addresses, but however if I try to send it to gmail, it rejects it: Dec 21 19:44:30 shulyaka mail.info postfix/smtp[6411]: 248C476C: to=myaddr...@gmail.com, relay=gmail-smtp-in.l.google.com[74.125.77.27]:25, delay=5.7, delays=4.2/0.04/0.47/0.96, dsn=5.7.1, status=bounced (host gmail-smtp-in.l.google.com[74.125.77.27] said: 550-5.7.1 [1 The bigger problem is that I cannot set mail aliases. newaliases complains that there is no /etc/aliases, and if I create one, it segfaults. Could you give me any hints? Mailman: To set up uhttpd server for mailman I have moved luci to another port and added the following lines to /etc/config/uhttpd: config uhttpd mailman list listen_http 0.0.0.0:80 option home /usr/local/mailman/web
Re: [OpenWrt-Devel] Anyone interested in porting mailman and postfix to openwrt?
Why would you want to do this? There's a certain amount of desirability to get a lot of functionality into a one box solution, sure, but at some point one has to ask, how much is too much? Having services that are logically co-located (like firewalling and VPN) together makes sense, but there's no compelling reason to have email on a boundary machine. Indeed, there are several strong reasons not to: * boundary machines have a lot of attack surface, by virtue of being boundary machines * a router/firewall contains relatively little state, and can be replaced relatively quickly and easily in the case of corruption, catastrophic failure, or subversion. a mail server has a lot of state, in contrast, and needs to be backed up regularly. especially if it's also a message store for IMAP or POP. * email can contain a lot of personally identifiable information (full name, street address, employee id #, etc) that you wouldn't want to put at the edge of your network. I would sooner set up port-forwarding for SMTP (and possibly 587, 143, 993, etc) and bury that machine deep in my secure intranet. Lastly, message processing can be extremely compute intensive (especially if you're running spam filters) and use a lot of storage (and energy). These are not qualities associated with what's typically a border gateway or firewall. We have a box that consumes 12W and has the highest priority on our UPS, so it's the last thing shut down when power is off and the UPS is being depleted. Having a lot of storage and/or processing power on that box would make it have less run-time on UPS power. More power consumption also means more heat... you no longer have the option of sticking your firewall in a small, poorly ventilated wiring closet. On 12/21/10 8:54 AM, Denis Shulyaka wrote: Hi! I want my router to run mailing lists and receive the email, but it appears I have too little experience to make it myself alone. Therefore I'm looking for community help. I have managed to prepare Makefiles and build packages for both mailman and postfix but both still have some issues. If anyone else is interested, below are the problems I have faced. Note that you will need to have your rootfs on external storage device as explained in the wiki because the size of packages is too big. You can download my current makefiles for Trunk and ipk packages for D-Link DIR-825 from http://shulyaka.org.ru/devel/ (the link now points to the router BTW). Postfix: To compile postfix you need to compile it natively first for the host you are building on, because it executes postconf binary while installing. You need to modify Makefile and set correct path instead of /home/denis/postfix/src/utils/postconf. I still have to figure it out how to do it the right way. The package builds and installs fine, I even was able to send a message to one of my addresses, but however if I try to send it to gmail, it rejects it: Dec 21 19:44:30 shulyaka mail.info postfix/smtp[6411]: 248C476C: to=myaddr...@gmail.com, relay=gmail-smtp-in.l.google.com[74.125.77.27]:25, delay=5.7, delays=4.2/0.04/0.47/0.96, dsn=5.7.1, status=bounced (host gmail-smtp-in.l.google.com[74.125.77.27] said: 550-5.7.1 [1 The bigger problem is that I cannot set mail aliases. newaliases complains that there is no /etc/aliases, and if I create one, it segfaults. Could you give me any hints? Mailman: To set up uhttpd server for mailman I have moved luci to another port and added the following lines to /etc/config/uhttpd: config uhttpd mailman list listen_http0.0.0.0:80 option home /usr/local/mailman/web option cgi_prefix /mailman no_symlinks 0 The web interface now works good (check http://shulyaka.org.ru/mailman/listinfo), but mailman doesn't seem to send emails, there is nothing in the system log. BTW, is it safe enough to run mailman as root? Dear community, I need your help! Best regards, Denis Shulyaka ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel