I recently setup a new VMWare server on one of our older Dell servers (2850 with 8GB RAM 6X300GB SAS). And since I’m eventually redoing the primary VMWare server, I wanted to move all the critical virtual machines to the secondary server (for obvious reasons).

So far everything has been moving great, but I did have one issue:
After moving our collaboration helpdesk server, I could no longer remotely access the virtual machine.

ifconfig showed that only the l0 was loading.
nano /etc/networking/interfaces displayed both the l0 and eth0 settings
ifconfig -a informed me that in the transition, the virtual machine decided to change the ethernet device to eth1
nano /etc/networking/interfaces and I changed all the eth0 to eth1
sudo /etc/init.d/networking restart or just reboot the server

Ah joy of joys. One good, and bad, thing about Exchange 2007 is that you need to run a separate installation of an SMTP gateway. It’s good for security and also for lowering the load on the exchange server. It’s bad because that’s one extra point of failure, and it won’t work straight out of the box.

Up until recently we’ve been running a custom installed MAIA/Postfix/ClamAV/SpamAssassin server. The problem we’re encountering is the huge database files created by MAIA. Logging of every email is necessary, but we’re growing by 1GB every week. MySQL is a nice server, but even it has limits. One of those limits is when the server grows to the max of the HD – then all services stop. Never a fun time.

So as a backup plan, we installed a standard Ubuntu server running a standard SMTP postfix configuration. Only issue with that is it doesn’t have the anti-SPAM/greylisting (at least it has the AV installed). So instead of 99% of SPAM being blocked, it’s at 0%. Not fun.

Since I’m not the best at Postfix configuration, I decided to go with a package deal: ESVA (Email Security Virtual Appliance). Yes, it’s a virtual machine. You need to run a VMWare server of sorts (or workstation) in order to use this software suite. Click here for the website. So far it’s been a breeze to setup – it’s maintained by several people, has a forum board, and a few whitepapers on how to install/administer. I’ll be fully testing it out on a maiden voyage soon, so look for an update.

***UPDATE***

Here’s a few items that I learned during setup:
Stop “SPAM Not Delivered” messages
Edit /etc/MailScanner/MailScanner.conf and remove "notify" from the spam actions line.
Webmin stops working after an update or during initial setup. You MUST open webmin using the admin panel interface link (under tools).
If you want to edit the message body tags (the “scanned by ESVA” blah blah) go here:
/etc/MailScanner/reports/en
And edit the files you see (txt and html).
To keep /var low, do the following:
Turn on the script in /etc/cron.daily/clean.quarantine by changing the number 0 1
$days_to_keep = 14; in /etc/cron.daily/clean.quarantine
define(QUARANTINE_DAYS_TO_KEEP, 14); in /var/www/html/conf.php
INTERVAL 14 DAY in /usr/local/bin/mailwatch/tools/db_clean.php
esva-update and esva-configure are your friends
/etc/hosts is your friend too – You might need to add the IP of your mailserver and the name here

As a final update: I’m getting roughly 500MB worth of mail every day (SPAM and regular). It doesn’t appear to actually delete the SPAM as I have stated per the rules, but I set the days to keep quarantine to be 7 days instead of 14. 7 days X 500MB = 3.5GB. Weekends receive a ton less mail, so we’d probably be fine with 14, but I just want to make sure.

This is for the free vmware server running on Linux.

I’m not going to explain what Hiren’s is or how to use it, but here’s the settings required to boot off the CD:

When a popup shows up asking to load the CDROM drivers, choose ATAPICD. Then don’t load any other drivers.

This is a step by step process to install Analog logging server for apache on Ubuntu Server.

Update your ubuntu server
sudo apt-get update
sudo apt-get upgrade

Install analog
sudo apt-get install analog

Edit analog config file
sudo nano /etc/analog.cfg

Now I ended up putting in the following:

OUTFILE /var/www/stats/report.html
HOSTNAME “My Site”
MONTHLY ON
WEEKLY ON
DAILYREP ON
REQUEST ON
DIRECTORY ON
SEARCHWORD ON
SEARCHQUERY ON
BROWSERSUM ON
OSREP ON
FAILURE ON
REQLINKINCLUDE pages
REFLINKINCLUDE *
REDIRREFLINKINCLUDE *
FAILREFLINKINCLUDE *
SUBBROW */*
SUBTYPE *.gz,*.Z

And I kept all the search engine and page include stuff by default.

You can then run a crontab to allow the script to run every hour or day or month.
For everyone’s reference, here’s my settings in Crontab:
sudo crontab -e
15-45 * * * * /usr/bin/analog
That forces analog to run 15 and 45 minutes after every hour, every day, every week, every month.