Monthly Archives: August 2008

Linux

Anti-SPAM SMTP Gateway

Leave a comment

Ah joy of joys. One good, and bad, thing about Exchange 2007 is that you need to run a separate installation of an SMTP gateway. It’s good for security and also for lowering the load on the exchange server. It’s bad because that’s one extra point of failure, and it won’t work straight out of the box.

Up until recently we’ve been running a custom installed MAIA/Postfix/ClamAV/SpamAssassin server. The problem we’re encountering is the huge database files created by MAIA. Logging of every email is necessary, but we’re growing by 1GB every week. MySQL is a nice server, but even it has limits. One of those limits is when the server grows to the max of the HD – then all services stop. Never a fun time.

So as a backup plan, we installed a standard Ubuntu server running a standard SMTP postfix configuration. Only issue with that is it doesn’t have the anti-SPAM/greylisting (at least it has the AV installed). So instead of 99% of SPAM being blocked, it’s at 0%. Not fun.

Since I’m not the best at Postfix configuration, I decided to go with a package deal: ESVA (Email Security Virtual Appliance). Yes, it’s a virtual machine. You need to run a VMWare server of sorts (or workstation) in order to use this software suite. Click here for the website. So far it’s been a breeze to setup – it’s maintained by several people, has a forum board, and a few whitepapers on how to install/administer. I’ll be fully testing it out on a maiden voyage soon, so look for an update.

***UPDATE***

Here’s a few items that I learned during setup:
Stop “SPAM Not Delivered” messages
Edit /etc/MailScanner/MailScanner.conf and remove "notify" from the spam actions line.
Webmin stops working after an update or during initial setup. You MUST open webmin using the admin panel interface link (under tools).
If you want to edit the message body tags (the “scanned by ESVA” blah blah) go here:
/etc/MailScanner/reports/en
And edit the files you see (txt and html).
To keep /var low, do the following:
Turn on the script in /etc/cron.daily/clean.quarantine by changing the number 0 1
$days_to_keep = 14; in /etc/cron.daily/clean.quarantine
define(QUARANTINE_DAYS_TO_KEEP, 14); in /var/www/html/conf.php
INTERVAL 14 DAY in /usr/local/bin/mailwatch/tools/db_clean.php
esva-update and esva-configure are your friends
/etc/hosts is your friend too – You might need to add the IP of your mailserver and the name here

As a final update: I’m getting roughly 500MB worth of mail every day (SPAM and regular). It doesn’t appear to actually delete the SPAM as I have stated per the rules, but I set the days to keep quarantine to be 7 days instead of 14. 7 days X 500MB = 3.5GB. Weekends receive a ton less mail, so we’d probably be fine with 14, but I just want to make sure.

Microsoft

Show Extended Status Messages Windows

Leave a comment

I’m not a big fan of seeing the whole “windows is starting, please wait” crap that Microsoft makes me view upon startup. I like to know what’s really going on. Is it initializing something? Is it hung up? Am I wearing pants?

Well, that last part I can figure out on my own easy enough. And now I can figure out the first two as well. This requires the use of the trusty regedit application. Don’t make changes unless you know what you’re doing (or trust a guy who can tell if he is or is not wearing pants).

1.) Start >> Run >> Regedit
2.) Navigate to:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
3.) Add the following DWORD Key:
VerboseStatus
4.) Make sure the value of the DWORD is set to “1” (obviously no quotes)
5.) Reboot

Computer Hardware, Miscellaneous

Blackberry Curve 8300

Leave a comment

My work recently provided me with an all-expenses-paid Blackberry Curve 8300. Yay.

That’s both a good and a bad thing.
Good: I have a free phone that I can always check on my work email, personal email, sports scores, talk with people, take pictures of products, etc.
Bad: I have a device that keeps me always in contact with people that need my help.

So I’ve had it for about a month now. I stopped using the silly leather holder they provide in favor for a easier approach: I just lock it and throw it in the pocket.

Then, just yesterday, I stopped being able to move the ball to the left. Correction, I could move the ball to the left, but the cursor wouldn’t recognize any of my efforts. Up, down, right – they all worked just fine.

I’m not one to just sit around sulking, so I jammed a skinny flat screwdriver under the plastic (but metal looking) ring that holds the trackball in place. You can do the same – just above the T and Y keys. Just slowly pry it up, then the ring comes out. Then you can flip the whole phone upside down and the trackball assembly falls gently into your hand.

Blackberry Curve
Blackberry Curve

This is when I noticed a piece of crud (technical term, I know) on one of the wheels that spins. Crud free is the way for me!

Needless to say it all works now. Pretty sure I put the wheel back in upside down, but it doesn’t matter to the phone.

Linux, Troubleshooting

Ubuntu Repositories Download Speed

Leave a comment

I recently upgraded my working Ubuntu 7.10 to Ubuntu 8.04. I hadn’t used the computer in about a month, so there were quite a few updates to do. Namely 83 updates.

sudo apt-get update
sudo apt-get upgrade

It was flying at anywhere from 300KB/sec to 950KB/sec on most of the packages, but then would falter down to 4000bytes/sec (and sometimes even less). I figured it was the Repositories getting nailed, or my network connection becoming unruly.

But, after searching for a while, I found the answer: the us.archive.ubuntu servers are SLOW. Doesn’t matter that the servers reside in the same country I’m located.

Edit the /etc/apt/sources.list file to remove the “us.”

cd /etc/apt
cp /sources.list sources.list.old
nano sources.list

Anywhere it says “us.archive.ubuntu” remove the us., then it should say “http://archive.ubuntu” etc.