Posts tagged mail server
Server and Backup Layout
Dec 22nd
Both the master and slave servers reside on a host machine. Clearly the servers are virtual machines. Its strategic to use virtual machines because the host machine remains useful for a variety of other tasks. The virtual server compartmentalize the functions to a discretely backupable file. In my particular arrangement the master server is synchronized with the slave server. The slave server has the same applications installed as the master. A fully functional apache web server with php and mysql support. The mysql database is synchronized as a replicate in real time, and rsync is used to sync the apache web root. In the rsync function I skip the wordpress and wiki config files, in which I reference the mysql server on the slave machine. Doing so allows server2 to be a drop in replacement for the master just by switching the port forwarding settings in the router. I would have to reconfigure my.cnf as the master in such a transplanation. The mail server has spamassassin and clamav installed on master and slave and /var/mail are synchronized to keep a relatively real time backup.
Then once a day the slave server is backed up. Vboxtool handled this seamlessly. Vboxtool stops the virtual machine, transfers it, and automatically restarts it. The initial backup is done to backup1. Then rsync is used to backup the home folder on my host system. I also use the computer for my own personal things, which are effectively backed up to backup1. Then, subsequently, the host initiates an rsync of backup1 to backup2, then to backup3. I have a rsync duplicate of backup1 on backup2 and backup3.
The host also is a MythTV server, and backup3 is the client that is subsequently connected to the TV. I have my various hosts relatively diversified and multitasked.
Your Server – The Boot Process
Dec 9th
You want to isolate all your server features into background process. You don’t want any server features to be dependent on graphical or client side applications. I previously had my mail server dependent on the client side filtering capabilities of Thunderbird. This was a no no because it required me to maintain a desktop session. This was not optimal because during the day the desktop session was swapped to the hard drive and this caused substantial system lag when coming back to use the desktop. Now with VBoxTool, the web server is automatically booted with the host system, and all functions on the server are consolidated to background processes; there is no more dependency on client side filtering. The MythTV server also boots with the host, and the first screen the host encounters is the GDM login. Now the system is secure. Passwords are required to enter the system as a user.
Dovecot – Sieve, I Can’t Get Filtering to Work
Dec 1st
Maybe someone will help me. A rare thing to ask, but I cannot get sieve to work on my server. The plugin page, on the dovecot website, appears rather simple.
http://wiki.dovecot.org/LDA/Sieve
Install dovecot, then activate the sieve plugin. Here is what happens. I setup sendmail to use dovecot’s deliver and mail is no longer being accecpted from external ip address. The instructions say to create a dovecot.m4 file as reference it as a mailer in sendmail.mc. The file contains:
######################*****##############
### DOVECOT Mailer specification ###
##################*****##################
Mdovecot, P=/usr/local/libexec/dovecot/deliver, F=DFMPhnu9,
S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP/HdrFromSMTP,
T=DNS/RFC822/X-Unix,
A=deliver -d $u
And the reference is indeed in sendmail.mc. While using smtp, and local as mailers email is received from external addresses. When using the dovecot mailer only local messages are processed. Also the local messages are not processed by sieve. I place .dovecot.sieve in my users home directory, but it does not work. I have read that it needs to be compiled into .dovecot.sievec, but I cannot find a sievec binary in my Debian OS. I’m thinking this has to do with permission issues. Maybe if I setup a new mail server, and have dovecot use mailboxes within the root partition, directly from /var/mail/%u then dovecot will have read/write permissions to the mail folders. Maybe this will allow sieve to compile the filters. Time permitting I will try this.
The setup instructions seem so simple:
protocol lda {
# Support for dynamically loadable plugins. mail_plugins is a space separated
# list of plugins to load.
mail_plugins = cmusieve # … other plugins like quota
}
Above simply shows how to load the cmusieve plugin in the lda protocol. This makes sense because the lda protocol will be used when the dovecot.m4 file is called by sendmail. But ultimately I have no server side mail filtering. Currently I use Thunderbird, client side, to filter my mail. Sometimes there is a delay and a message marked as spam, by the server side spamassassin, makes its way to my cell phone.
I really want server side mail filtering so I can logoff the desktop environment when I am not at home. But because Thunderbird must be running, to provide me functional filtering services, I cannot logoff. I really want to work this out. Any input from a reader will be appreciated.
Ubuntu – Debian Spamassassin Integrate into Sendmail
Jul 24th
Ive had a mail server for a long time. Ive always used the built in Spamassasin that Thunderbird uses. I recently got a blackberry and was receiving the spam even though Thunderbird was successfully filtering the spam to the Junk folder. This is because the MTA, Dovecot in my instance, was transferring the mail to Thunderbird and the Blackberry at the same time leaving the mail unfiltered on the Blackberry. To resolve this I required server side spam labeling and filtering. First the mails needed to be labeled as spam. Spamassasin does this nicely. Install Spamassasin using:
sudo apt-get install spamassassin spamass-milter
Then in your sendmail.mc config file add:
# spamassassin settings INPUT_MAIL_FILTER(`spamassassin',`S=local:/var/run/spamass/spamass.sock, F=,T=S:4m;R:4m;E:10m')dnl
Now your going to configure Spamassassin to label spam mails as such. Open the config file with:
sudo nano /etc/mail/spamassassin/local.cf
Remove the pound # sign to uncomment:
rewrite_header Subject *****SPAM***** required_score 5.0 use_bayes 1 bayes_auto_learn 1
Make sure you build the sendmail.cf file. Restart sendmail. Now you have to train Spamassassin. In Thunderbird you have to sort all known spam to a particular folder. Place 200 or so spam messages in the Junk folder completely without any good emails. Then run:
sa-learn --showdots --mbox --spam mail/Junk
The above snipped is run from your users root directory. You can cd to the mail directory and run:
sa-learn --showdots --mbox --spam Junk
Then place known good emails in a particular directory and run:
sa-learn --showdots --mbox --ham mail/temp
Run this every once in a while to increase the accuracy of your spam filter. I have excellent spam detection after only a couple of days of training.
Diversifying Your Servers for Stability
Aug 18th
It is intuitive to spread out different servers across several machines. If one machine goes down it won’t take down all your services. I feel that the bare minimum is 2 machines. One for at least the web server, and the other for at least a backup of the servers files. I use two machines at the moment, 1 for the webserver, and the other for my mail server. I also use the mail server to backup my server files as said above. As described in a latter post, automatic backing up of a web server can be achived with two simple bash script run by cron. http://www.bgevolution.com/blog/index.php/cron-server-backup-scripts/ I would like to have an additional computer running the Mysql server. This would slightly minimize down time associated with the need for an occasional fresh OS install 
