Re: xinetd config file for qmail

2001-06-28 Thread Charles Cazabon 

Kenneth [EMAIL PROTECTED] wrote:
 I missed the original disucssion but I never saw a config file posted to 
 the archive so here's one.

The reason you won't find much advice on inetd/xinetd configurations here is
because use of inetd and xinetd are deprecated.  tcpserver is simpler, more
reliable, more flexible, and more efficient.

 Critiques of the following setup are welcome.  However please note **This is
 a small qmail site and I am very familiar with tcpwappers already** So
 arguments about reliability at very high utilization rates don't sway me.
 xinetd has served me reasonably well  so I don't choose to learn a new way
 of accomplishing these tasks.

It's your ship; feel free to chop a hole in the bottom of it so you can see
the water better as well.

Charles
-- 
---
Charles Cazabon[EMAIL PROTECTED]
GPL'ed software available at:  http://www.qcc.sk.ca/~charlesc/software/
---

Re: xinetd config file for qmail

2001-06-28 Thread Thorkild Stray 

On Thu, 28 Jun 2001, Charles Cazabon wrote:

Kenneth [EMAIL PROTECTED] wrote:
The reason you won't find much advice on inetd/xinetd configurations here is
because use of inetd and xinetd are deprecated.  tcpserver is simpler, more
reliable, more flexible, and more efficient.

One thing that xinetd apparantly gives you is a way of doing resource
control. For example if someone pops each and every second, they will
block connection to your systems.

As far as I can tell you, tcpserver does not give you any advanced
resource management features.

-- 
Thorkild

Re: xinetd config file for qmail

2001-06-28 Thread Charles Cazabon 

Thorkild Stray [EMAIL PROTECTED] wrote:
 
 The reason you won't find much advice on inetd/xinetd configurations here is
 because use of inetd and xinetd are deprecated.  tcpserver is simpler, more
 reliable, more flexible, and more efficient.
 
 One thing that xinetd apparantly gives you is a way of doing resource
 control. For example if someone pops each and every second, they will
 block connection to your systems.

Err -- this is the whole problem.  If you're running inetd, I can get your
system to shut off the POP3 service for ten minutes simply by initiating five
or ten connections in a few seconds.  This is a bug, not a feature.

 As far as I can tell you, tcpserver does not give you any advanced resource
 management features.

On the contrary; tcpserver lets you set concurrency limits, which inetd cannot
do.  All other limits are provided by your OS, or by softlimit.

Charles
-- 
---
Charles Cazabon[EMAIL PROTECTED]
GPL'ed software available at:  http://www.qcc.sk.ca/~charlesc/software/
---

Re: xinetd config file for qmail

2001-06-28 Thread Thorkild Stray 

On Thu, 28 Jun 2001, Charles Cazabon wrote:

Err -- this is the whole problem.  If you're running inetd, I can get your

xinetd != inetd. Have you tested and seen that this is still a problem?

system to shut off the POP3 service for ten minutes simply by initiating five
or ten connections in a few seconds.  This is a bug, not a feature.

Yes, I know, very well, and this is the reason I would never put anything
like a SMTP server behind inetd.

On the contrary; tcpserver lets you set concurrency limits, which inetd cannot
do.

Concurrency-limits per connection from IP-adresses? How? Please tell me.
As far as I can see, you need to supply tcpserver with the normal
cdb-file, and yes, you can give different enviroment variables per
ip-range, but this file is static. Can you do more dynamic resource
management? As far as I can see, no (and I don't regard regenerating a cdb
file every half a minute as a good solution).

And, no, I don't know if xinetd is good as this eiter, that is what I am
planning to test (on a large scale system)

(But, don't misunderstand me, I don't have it in for tcpserver in any way,
I like the program and are using it several places. I just reacted to your
way of dismissing everything else).

-- 
Thorkild

xinetd config file for qmail

2001-06-27 Thread Kenneth 

I missed the original disucssion but I never saw a config file posted to 
the archive so here's one.

Critiques of the following setup are welcome. 
However please note **This is a small qmail site and I am very familiar 
with tcpwappers already**
So arguments about reliability at very high utilization rates don't sway 
me.  xinetd has served me reasonably well  so I don't choose to learn a 
new way of accomplishing these tasks.

kk


more /etc/xinetd.conf /etc/xinetd.d/qmail
::
/etc/xinetd.conf
::
#
# Simple configuration file for xinetd
#
# Some defaults, and include /etc/xinetd.d/

defaults
{
   instances   = 60
   log_type= SYSLOG authpriv
   log_on_success  = HOST PID
   log_on_failure  = HOST RECORD
}

includedir /etc/xinetd.d
::
/etc/xinetd.d/qmail
::
# default: off
# description: The qmail service provide MTA
service smtp
{
   flags   = NAMEINARGS
   socket_type = stream
   wait= no
   user= qmaild
   server  = /usr/sbin/tcpd
   server_args = /var/qmail/bin/tcp-env 
/var/qmail/bin/qmail-smtpd
   disable = no
}