Re: [qmailtoaster] possible inclusion in toaster
Alexey Loukianov wrote: Greetings, Dan. 31 января 2007 г., 21:54:03 you have wrote: Hello guys. I've built a few toasters over the last year. I love the process, quick and painless (at least till you need to modify spam settigns), anyway. For the most part most people use a stock rpm based *nix and throw in the toaster, which is what I do as well. the only software I add is a small program called denyhosts. this thing is a real lifesaver. Before using it I was getting upwards of 4000 break in attempts through ssh. now I'm down to a handful a day. It's easy enough to install but maybe you wanna think about including it? I know this will be just 1 more thing to support, but it seems my mail servers get hit much harder on ssh then my other servers. If not included maybe add it on the wiki, or related product page. Just my 2 cents. Don't think that it's worth including in QT, as a can barely see the relation between normal administration tasks for server (like preventing intrusion) and the maintenance of qmail toaster codebase. Hadn't you tried to place your mail servers behind firewall/router box in DMZ, and to restrict connections to SSH only for internal subnet? Also, as a general measure, it is always wise to use other that standard 22 port for SSH, and to permit root plain text passord logins over it. It looks like it could be useful for some. Maybe it'll make it's way into QTP. For now, I'd suggest creating a wiki page though, if you don't mind. smime.p7s Description: S/MIME Cryptographic Signature
[qmailtoaster] possible inclusion in toaster
Hello guys. I've built a few toasters over the last year. I love the process, quick and painless (at least till you need to modify spam settigns), anyway. For the most part most people use a stock rpm based *nix and throw in the toaster, which is what I do as well. the only software I add is a small program called denyhosts. this thing is a real lifesaver. Before using it I was getting upwards of 4000 break in attempts through ssh. now I'm down to a handful a day. It's easy enough to install but maybe you wanna think about including it? I know this will be just 1 more thing to support, but it seems my mail servers get hit much harder on ssh then my other servers. If not included maybe add it on the wiki, or related product page. Just my 2 cents. Dan Page P.S. There are already rpm's of the package at: http://dag.wieers.com/packages/denyhosts/ - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] possible inclusion in toaster
Greetings, Dan. 31 января 2007 г., 21:54:03 you have wrote: Hello guys. I've built a few toasters over the last year. I love the process, quick and painless (at least till you need to modify spam settigns), anyway. For the most part most people use a stock rpm based *nix and throw in the toaster, which is what I do as well. the only software I add is a small program called denyhosts. this thing is a real lifesaver. Before using it I was getting upwards of 4000 break in attempts through ssh. now I'm down to a handful a day. It's easy enough to install but maybe you wanna think about including it? I know this will be just 1 more thing to support, but it seems my mail servers get hit much harder on ssh then my other servers. If not included maybe add it on the wiki, or related product page. Just my 2 cents. Don't think that it's worth including in QT, as a can barely see the relation between normal administration tasks for server (like preventing intrusion) and the maintenance of qmail toaster codebase. Hadn't you tried to place your mail servers behind firewall/router box in DMZ, and to restrict connections to SSH only for internal subnet? Also, as a general measure, it is always wise to use other that standard 22 port for SSH, and to permit root plain text passord logins over it. -- Best Regards, Alexey Loukianov mailto:[EMAIL PROTECTED] Software Development Department, Lavtech Corp http://mnogo.ru, http://lavtech.ru - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] possible inclusion in toaster
Dan Page wrote: Hello guys. I've built a few toasters over the last year. I love the process, quick and painless (at least till you need to modify spam settigns), anyway. For the most part most people use a stock rpm based *nix and throw in the toaster, which is what I do as well. the only software I add is a small program called denyhosts. this thing is a real lifesaver. Before using it I was getting upwards of 4000 break in attempts through ssh. now I'm down to a handful a day. It's easy enough to install but maybe you wanna think about including it? I know this will be just 1 more thing to support, but it seems my mail servers get hit much harder on ssh then my other servers. If not included maybe add it on the wiki, or related product page. Just my 2 cents. Dan Page P.S. There are already rpm's of the package at: http://dag.wieers.com/packages/denyhosts/ I suppose it's easy enough to yum. Being a noarch script, I could include it in the qmailtoaster-plus package. I think it might fit well there. What do you think? -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] possible inclusion in toaster
DMZ, *scoff* real men (er administrators) don't need fancy firewalls, iptables and some magic is good enough. But really this program is great, I use it on all our linux servers. It works on BSD macOS X and Debian (probably more but these are all I've access too). anyway, I'm not gonna press the issue, but anyway it works great with toaster. Dan On Wed, 2007-01-31 at 22:14 +0300, Alexey Loukianov wrote: Greetings, Dan. 31 января 2007 г., 21:54:03 you have wrote: Hello guys. I've built a few toasters over the last year. I love the process, quick and painless (at least till you need to modify spam settigns), anyway. For the most part most people use a stock rpm based *nix and throw in the toaster, which is what I do as well. the only software I add is a small program called denyhosts. this thing is a real lifesaver. Before using it I was getting upwards of 4000 break in attempts through ssh. now I'm down to a handful a day. It's easy enough to install but maybe you wanna think about including it? I know this will be just 1 more thing to support, but it seems my mail servers get hit much harder on ssh then my other servers. If not included maybe add it on the wiki, or related product page. Just my 2 cents. Don't think that it's worth including in QT, as a can barely see the relation between normal administration tasks for server (like preventing intrusion) and the maintenance of qmail toaster codebase. Hadn't you tried to place your mail servers behind firewall/router box in DMZ, and to restrict connections to SSH only for internal subnet? Also, as a general measure, it is always wise to use other that standard 22 port for SSH, and to permit root plain text passord logins over it. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] possible inclusion in toaster
Dan Page wrote: Hello guys. I've built a few toasters over the last year. I love the process, quick and painless (at least till you need to modify spam settigns), anyway. For the most part most people use a stock rpm based *nix and throw in the toaster, which is what I do as well. the only software I add is a small program called denyhosts. this thing is a real lifesaver. Before using it I was getting upwards of 4000 break in attempts through ssh. now I'm down to a handful a day. It's easy enough to install but maybe you wanna think about including it? I know this will be just 1 more thing to support, but it seems my mail servers get hit much harder on ssh then my other servers. If not included maybe add it on the wiki, or related product page. Just my 2 cents. Dan Page P.S. There are already rpm's of the package at: http://dag.wieers.com/packages/denyhosts/ - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] I just change my ssh port. That stops most all of the breakin attempts. Set the new port in /etc/ssh/sshd_config and change the firewall script /etc/sysconfig/iptables to match. W - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] possible inclusion in toaster
Nice suggestion, but seriously it's not worth us supporting more packages than we already support. Dag does a great job with his packaging, it'd be best to use his package if it works for you. We're concentrating on making a mail system as best as it can be. We're not trying to handle every aspect of the system you are running. That's for the admin to determine. Thanks, Erik On 1/31/07, Dan Page [EMAIL PROTECTED] wrote: Hello guys. I've built a few toasters over the last year. I love the process, quick and painless (at least till you need to modify spam settigns), anyway. For the most part most people use a stock rpm based *nix and throw in the toaster, which is what I do as well. the only software I add is a small program called denyhosts. this thing is a real lifesaver. Before using it I was getting upwards of 4000 break in attempts through ssh. now I'm down to a handful a day. It's easy enough to install but maybe you wanna think about including it? I know this will be just 1 more thing to support, but it seems my mail servers get hit much harder on ssh then my other servers. If not included maybe add it on the wiki, or related product page. Just my 2 cents. Dan Page P.S. There are already rpm's of the package at: http://dag.wieers.com/packages/denyhosts/ - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] possible inclusion in toaster
I'd like to see it under TT for now. Thanks, Dan. dan page wrote: Okay, You've Convinced me to do a HOWTO. I like the idea of giving something back, because honestly I know ALOT of people who would have spent 5k or better on M$ exchange if weren't for the toaster (have I Mentioned I like QMT?) Just tell me where you want it. from the main page under 2. FAQ or additional resoures? could be user tips and tricks. Just say where and i'll throw somthing up Thanks for all the great work. Dan Page Erik Espinoza wrote: A wiki entry would be nice though, if you want to add one I'm sure the community would appreciate your howto. Thanks, Erik On 1/31/07, Erik Espinoza [EMAIL PROTECTED] wrote: Nice suggestion, but seriously it's not worth us supporting more packages than we already support. Dag does a great job with his packaging, it'd be best to use his package if it works for you. We're concentrating on making a mail system as best as it can be. We're not trying to handle every aspect of the system you are running. That's for the admin to determine. Thanks, Erik On 1/31/07, Dan Page [EMAIL PROTECTED] wrote: Hello guys. I've built a few toasters over the last year. I love the process, quick and painless (at least till you need to modify spam settigns), anyway. For the most part most people use a stock rpm based *nix and throw in the toaster, which is what I do as well. the only software I add is a small program called denyhosts. this thing is a real lifesaver. Before using it I was getting upwards of 4000 break in attempts through ssh. now I'm down to a handful a day. It's easy enough to install but maybe you wanna think about including it? I know this will be just 1 more thing to support, but it seems my mail servers get hit much harder on ssh then my other servers. If not included maybe add it on the wiki, or related product page. Just my 2 cents. Dan Page P.S. There are already rpm's of the package at: http://dag.wieers.com/packages/denyhosts/ -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]