Thursday, June 30, 2005

MailScanner + Postfix on debian, install guide

I recently installed MailScanner on the linux.ca, a Debian server. It wasnt' too hard and I decided to write a guide on debian-administration.org. By the same token, people will be able to comment on it, so that it can be improved and corrected if necessary.

Wednesday, June 29, 2005

m0n0wall


After trying unsuccessfully to get a decent commercial firewall, I discovered m0n0wall, which is open/free, and based on freeBSD. The stable version is very good, and the development version adds even more features. There is also another young product, called pfsense, that adds very interesting features (WAN load balancing, firewall failover, etc... and uses PF instead of IPFilter).

To me, the strenghts of m0n0 are its simplicity, robustness, and the ability to do complex firewall rules in a simple manner (bridging, NAT, filtered routing). It also supports an (almost) unlimited # of interface, pptp + ipsec VPN. m0n0wall is made to be used primarely on WRAP boards and Soekris. See the complete feature set here. It can run off a hard disk drive, but a more interesting setup is with a flash card of a bootable cd/floppy (the floppy is for saving the settings).

Using a WRAP board, it is possible to have a very good firewall appliance for about 150$.

Links:

m0n0wall
PFSense
WRAP
Soekris

Monday, June 27, 2005

Writing? Yes!

Looks like a magazine might be interested in an article from me ! :). It'd be a technical article related to MailScanner aimed at an intermediate-advanced audience. In fact it will be an article describing how to install MailScanner and its friends on a linux server. If I have enough space, I'll try to cover Redhat, Debian and FreeBSD. I must have the article ready for the 15th of Sep. So I guess it should be published in October. Well, gotta start working on it now :).

If you'd be interested in proofreading, please let me know... ugob at linux dot ca

Wednesday, June 22, 2005

Guitar

How come I forgot to talk about music... I try playing guitar as often as I can. It is really relaxing and helps me forget about the day's stress. I even started composing a couple of years ago... The result is quite good and I probably have about 10 compos up to now. The problem is that I'm a better composer than player. By this I mean that my compos are often a little too complex for me to play them perfectly. Maybe if I end up buying a classical it would fit my style (a lot of fingerpicking) better.

For now I have an acoustic guitar and an elecric bass: The acoustic is a Jasmine (can't remember model). Jasmine is the lower-end brand of Takamine. The electric bass is a hand-made MF. I'd love to be able to eventually put all those songs on a CD. I'll probably give it out. I lack time for practicing and playing with other musicians. I think that my music is good, but it would be even better with a little piano (or other instrument) and maybe some percussion around it. Here is my latest compo and one that features my friend on the piano on a short impro session.

Timesheet.php

Timesheet.php is a php-mysql based package that allows me to maintain how I spend my consulting time. I can easily create invoices based on the info I put in Timesheet. You can create different clients and tasks, so it is easy to create reports.

Dokuwiki

Dokuwiki is a very nice wiki that is easy to install and is aimed at documentation. I like it because there is no database backend, only text files. Si it is very easy to maintain, backup, migrate, upgrade... and it has a very nice index page. I use it for many clients and for my own documentation. I suggested using this wiki for the new documentation site for MailScanner, and, well, you can see at http://wiki.mailscanner.info.

Dokuwiki is available for download here.

Tuesday, June 21, 2005

Unison keeps directories in sync



I started using Unison today. It was the missing part of my backup strategy. My backup strategy is to have mondorescue run on each of my linux servers once a day. This creates one or more .iso files that can be burned directly to a cd, which would be bootable. Therefore, even if the system is not bootable, you can still restore with this cd. You can also use mondo directly and restore from the .iso file.

Once the .iso is created locally on the server, I use rsync to transfer it to a repository, where I store all my backups on a removable IDE drive. I have 2 drives like that, and I wanted to be able to bring one home every weekend, to make sure we don't loose data in case of a fire. I didn't need Unison just for that. The thing is that this server is also a repository for Symantec Ghost images, and I wanted to always have the most recent images on the hard drive. The solution? Well, I tried a simple tar, but that lasts 30 minutes. Unison recognizes which files has changed and copies only those ones. So if no image has changed, it takes about 1 second do complete.

Saturday, June 18, 2005

My lizard, Pod


Pod is now a little more than one year old. He's a Chinese Water Dragon. Some think that it is rather silly to have a lizard as a pet. What do you do with a lizard? -some say. Well, I'd love to have a dog, but I think it wouldn't have the attention and care it deserves. I always liked reptiles, so I bought a lizard. It is very simple to maintain. When I went to Virginia for a cycling camp in my last vacation, I left him with a few crickets in this terrarium and he was in a top shape when I came back. Of course, it is not very demonstrative, but you can guess by its behavior when it is unhappy. You can see more pictures here. Posted by Hello

Friday, June 17, 2005

MailScanner & al

Have I talked about MailScanner and its friends yet? Well, I guess I should. E-mail security has been my favourite topic in computing since I discovered MailScanner, which is an e-mail security package allowing one to filter spam, viruses, dangerous content, phishing attacks in an efficient, secure and robust way. It works with many other products (SpamAssassin, DCC, Pyzor, Razor, DNSBL for spam, up to 12 anti-virus engines, phpListAdmin, MailWatch, mailscanner-mrtg and Vispan for management/reporting) to provide a very complete solution. I also maintain a web page for the Most Asked Questions about MailScanner. I currently manage a MailScanner server here at home, one at my employer's premises, 3 for an e-mail security firm (Lastspam) and 9 for another one (FSL). Ah, and I'll probably install it on the primary mail server for linux.ca. FSL has worked very hard to develop SMGateway, which includes MailScanner and all the packages I just mentionned, with a very nice web interface to set preferences by domain, user, etc... For an appliance, you may want to check DefenderMX. Feel free to contact me if you have any questions on MailScanner or e-mail security in general. The mailing list is also a very good reference.

Live Help!

I finally installed Crafty Syntax Live Help on my production server. This package is used to provide a way to support people on your web site directly, with a chat session. I've known this program for a while, but I didn't want to install it untill I had time to translate it in french. Yes, my mother tongue is french. I've worked 3 days on the translation this week and I expect it to be finished before the end of next week. I suggest you try it and send a donation (or help me with the translation!).

VoIP

I just began reading about VoIP as I might have to implement a system soon. I kind of dream of setting up an Asterisk server, probably using the asterisk@home project (apparently based on CentOS!). I also discovered a very nice site about VoIP. I have many choice... Regular Telco lines, Meridian system, A mix of IP/Telco lines, or an Asterisk server with either only an IP connection a (DID, i think), Telco lines, or a mix. I've been shopping around and up to now the most responsive business is Netfone. If anyone has recommendations for me, please let me know.

Tuesday, June 14, 2005

Sysadmin Day

Don't forget the Sysadmin Day on the last friday of July. This year it is on the 29th of July.

Friday, June 03, 2005

MySQL replication

I have to do MySQL database replication at work.

I just tested it on VMWare virtual machines and it works very well. With the help of this article: , I did it easily and quickly. To synchronise the database, I just did a regular dump to text file from phpmyadmin, then restored it on the servers through phpmyadmin again.

Tao Linux -> CentOS

I've been using Tao Linux (a clone of Red Hat Enterprise Linux) for a while and I just switched my home server to CentOS, which seems to offer better support. I'll probably make a donation soon.

CentOS web site

Linux.ca

Hey, looks like it is coming to life! I'm a member of the CLUE (Canadian Linux Users Exchange). It provides its members with an alias, which I use for one of my e-mail addresses. They only have one server and when it goes down, we don't get our e-mails. So I offered my server as a backup mail server, that was almost one year ago. We finally did all that was needed this week and we're testing right now. Now linux.ca users benefit from mail server redundancy, but also from the MailScanner I've got on this server. Virus and Spam are not welcome anymore :).

If all goes fine, I'll install MailScanner + friends on the main server next week.

Know what? I think I found the problem with my keyboard. No more excuses allowed for typos!

Writing?

Yesteday, I sent a few e-mails to magazine editors. I'd like to see MailScanner discussed and mentionned a bit more. I might end up writing an article myself, how exciting ! :)

Know what? I think my keyboard is dying.

Mountain Biking

Started mountain biking last week-end. Very nice sport, though a little dangerous.

It is getting hot in here, summer seems to have finally managed to reach our part of the word :).