Previous Entry Share Next Entry
Mail and New Servers
photogeek
crschmidt
Since I have left the university, in one more semester my services from them will stop. This means that I will no longer have webspace with them, nor will I have access mail hosted by them of any kind. Although in many ways this is a good thing - 90% of my spam comes from my UIUC address at the moment, since I was relatively careless with putting it in public - it does have a downside in that once it's gone, I no longer have any reliable hosting for my email.

I've never set up a real mail hosting setup, but when I switched to everydns, my mail setup simply started working - mail delivered to anything @crschmidt.net moved to my personal box, which was nice in a lot of ways because it gave me a way to do mail that wasn't inherently tied to my school account. So, for a while, that worked out fine.

However, recently our DSL modem has been acting up about every two days, requiring a reboot of it and the router that serves the house internet - usually causing the IP to change, which means that my mail bounces while my IP repropogates. Not exactly the best solution, especially since I subscribe to a number of mailing lists I consider interesting, and the mailman installs are starting to get a bit upset at me for bouncing messages.

So, my plan is to move my mail to be hosted by wedu. One of the perks of working there is that I do have access to do what I want to on the server - so long as it doesn't cause any unreasonable load to be placed on the server. As such, I will probably be moving my crschmidt.net mail to be hosted there, at which point I will no longer have to worry about IP changes and so on, nor anything else, really - with our new server setup, we're going to be looking at a pretty high-availability system. (By the way, if anyone would like some high quality web hosting with pretty minimal limits, let me know - although wedu is mostly a marketing and advertising firm, we definitely do host web stuff. Same if you're interested in getting a website done: we have a designer and so on who does really impressive work. Sometimes I end up tearing the stuff she does to crap with my HTML, but man the layouts that come out sure do start out pretty.)

Pretty soon we're going to be adding spam blocking support, although I'm not sure exactly how. I know that at the moment we use both RBL and ORDB blocking, mostly due to the fact that our NAS is on its last legs and we need something else to slow down our rate of disk reads/writes. Adding in RBL and ORDB blocking limited our incoming mail to a 10th of what it had been before - and so far, we've only had one complaint of an improperly blocked mail (from a mail server in Israel, interestingly enough). I've never used spamassasin and the like, and have no idea what its ways of dealing with spam are. I'm probably going to be setting it up. Note that wedu hosts mail for approximately 90 companies, and it's important to not toss real messages, if at all possible.

Do people have any experience setting up large scale spam filtering with low false positives? Suggestions as to what's best? Do you think that RBL and ORDB blocking are good or bad ideas? What are the general resources to look at, and what can be provided to customers in terms of useful information as to what is happening to mail that tries to get to them?

I'm having fun with the things that we've bought. Two PowerEdge servers - 2.8GHz procs with 2 Gig of RAM per server - that will do mail, and probably MySQL, too. They're going to be set up in a heartbeat-based failover, with automounting of the RAID that's an external box set up in clustering mode. Files will be stored there too, with a regular rsync to the webservers so that even if it goes down, we can serve all the web requests that come in. In front of that, we're having two squid boxes, probably set up on a DNS roundrobin with heartbeat takeover of IP addresses. Then there will be three web boxes there, serving HTTP after the squid reverse proxy, which will pull all MySQL content from the back.

Most importantly though, we'll be dropping the Iomega NAS that has given us problems from Day One. And that, in my mind, means that my life will be a hell of a lot better off. We'll be set to host up to about 100 Gig of content reliably, and we shouldn't have any more random problems with crashing that we are now. We're rebuilding as Debian, which will be much nicer than the RedHat admin. We'll have a managed switch. Everything - including the equivilant of our NAS - will be failover, a situation we don't have now.

Anyway, just some minor technical ramblings that have been in the buffer since 8am. You can have this post and jump on it now. Oh, and for a bit more person note, the two wonderful girls jess and I have were camwhoring earlier, so check out some pictures on crschmidt.net.

?

Log in

No account? Create an account