[oclug] The power of OSS/GNU/Linux

Shad Young shad.young at sympatico.ca
Mon Oct 7 21:52:48 EDT 2002 

I am not talking system security so much, more about email relays and such.
System security is why I chose Qmail, as well as ease of setup. At that time
Sendmail still had a number of huge security holes that have long since been
plugged. But sendmail is a bit of a beast to configure for the uninitiated.

Using BIND (I did not know Qmail came with its own dns server these days) in
conjunction with Webmin should get you up and working quickly. You can have
fun and play around a bit, but make sure you disable them when you are done
playing at night until you are sure you have the open relays shut and BIND
security patched.

If not, I promise you, you will be turned into a spam server in less than 24
hours. Rootkit to follow. Email servers are like cracker attractors.

Shad
_______________________________________________________________________

Have an article, story or essay you want to publish online? We need content.
Ascendant: food for the thinking mind.  http://www3.sympatico.ca/sberaud
_______________________________________________________________________
----- Original Message -----
From: "Sandy Mac Donell" <sandymac1 at rogers.com>
To: <oclug at lists.oclug.on.ca>
Sent: Monday, October 07, 2002 9:09 PM
Subject: Re: [oclug] The power of OSS/GNU/Linux


> Shad
>
> Did you setup Qmail with BIND or the DNS that comes with Qmail?
>
> Sounds like you ran into some security issues.
> From what I read Qmail has no security holes as compared to the others.
>
> Sandy
>
> ----- Original Message -----
> From: "Shad Young" <shad.young at sympatico.ca>
> To: <oclug at lists.oclug.on.ca>
> Sent: Monday, October 07, 2002 7:27 PM
> Subject: Re: [oclug] The power of OSS/GNU/Linux
>
>
> > About half an hour... But
> >
> > It took me about two years to learn enough about Linux to be able to
> install
> > it *chuckle*. Actually the docs for it are very good. If you are having
> > trouble understanding them it may be due to the use of jargon like
ad-arpa
> > etc. The way I learned was to first get a clear understanding of
domains,
> > and domain name servers and their configuration. I have never attempted
to
> > setup Qmail without running my own DNS services.
> >
> > Understanding Domains then related clearly back to mail, as I now
> understood
> > what routing, and virtual meant. Now... That being said... I learned
about
> > DNS when I began to configure Apache for the first time. Before making a
> > server available to the world, I first built a local network out of
> > loop-back devices and the basic Caching Name Server from RH, then
> configured
> > Apache to use this. Once I understood the local domain, I then desired
the
> > ability to run multiple domains on the same host. This necessitated the
> use
> > of BIND and properly configured zone files.
> >
> > After all that and about two years I finally felt ready to handle a mail
> > configuration. It took months of reading and asking questions about this
> and
> > that here on the list before I got it working as I needed.
> >
> > So my friend, I would get a coffee and comfortable chair and get ready
for
> > long hours of reading, and then post, post, post your questions here (or
> on
> > the Qmail mailing list) and we will attempt to help you out as best we
> can.
> > :) . I am sorry if this sounds like a RTFM blow off, but with mail,
there
> > are too many issues like security, spam and open relays to be done
> > incorrectly. You could find yourself in serious trouble if it gets out
of
> > control, the least of which is the blacklisting of your domains..
> >
> > Cheers
> > Shad
> > _______________________________________________________________________
> >
> > Have an article, story or essay you want to publish online? We need
> content.
> > Ascendant: food for the thinking mind.  http://www3.sympatico.ca/sberaud
> > _______________________________________________________________________
> > ----- Original Message -----
> > From: "Sandy Mac Donell" <sandymac1 at rogers.com>
> > To: <oclug at lists.oclug.on.ca>
> > Sent: Monday, October 07, 2002 7:02 PM
> > Subject: Re: [oclug] The power of OSS/GNU/Linux
> >
> >
> > > Hello Shad,
> > >
> > > How long did it take you to setup Qmail?
> > >
> > > Sandy
> > >
> > >
> > > ----- Original Message -----
> > > From: "Shad Young" <shad.young at sympatico.ca>
> > > To: <oclug at lists.oclug.on.ca>
> > > Sent: Monday, October 07, 2002 6:51 PM
> > > Subject: [oclug] The power of OSS/GNU/Linux
> > >
> > >
> > > > I had an opportunity to engage in a debate with a fellow about the
> power
> > > of
> > > > Linux the other day. After I had begun to outline the virtues of the
> > Linux
> > > > environment I began to recall the enormity of what one machine could
> do.
> > > >
> > > > The machine:
> > > > unbelievably a K6 233 with 64 MB EDO RAM
> > > > 7 Gig Quantum HDD
> > > > 2 realtek 10baseT
> > > > Cheapo hub.
> > > > no video card (except during setup of X)
> > > > no keyboard
> > > > no mouse
> > > >
> > > > Services:
> > > > Red Hat 6.2 with Kernel 2.2.6
> > > > Fully configured Apache 1.3/CGI/Perl/PHP with a dozen websites
> averaging
> > > > 10,000 hits a month
> > > > BIND running 10 or so domains.
> > > > Qmail with 30 accounts
> > > > MySQL with webmin for a web forum
> > > > exported X for remote administration (sorry I am a gui person)
> > > > KDE 1
> > > > full development suite
> > > > six online games in active development
> > > > 2 on-line games operational with 10 to thirty players at any given
> time
> > > > 24 active accounts for developers and programmers with 2 or three
> logged
> > > on
> > > > at any given time.
> > > >
> > > > all that and my users were constantly amazed at its speed.
Recompiling
> > > their
> > > > game modules usually took minutes; and this from guys who developed
in
> > > > windows on 1 gig Athlons at home. (game runners would complain about
> the
> > > lag
> > > > when recompiling a kernel, but that's about it).
> > > >
> > > > I was going for an OCLUG record uptime and was on day 303, when our
> > > favorite
> > > > Catholic evangelist logged on and used Netscape (I forgot to
uninstall
> > the
> > > > stock version) which had an enormous memory leak. Nothing I tried
> would
> > > get
> > > > this machine to respond as it filled up the memory and 512 megs of
> swap
> > > > space and began to loop. My girlfriend thought I had hurt myself
when
> I
> > > > screamed in despair after I realized a hard shutdown was required.
It
> > took
> > > > literally an hour to respond to one keystroke as it swapped and
> swapped
> > > and
> > > > swapped ROFL. I could have killed you Francis ;).
> > > >
> > > > I would also like to thank Olaf Baumann and obone.ca for providing
me
> > with
> > > a
> > > > development platform and host for my current project. It is giving
me
> an
> > > > opportunity to learn about Debian in the process.
> > > >
> > > >
> > > > Cheers
> > > > Shad
> > > >
> _______________________________________________________________________
> > > >
> > > > Have an article, story or essay you want to publish online? We need
> > > content.
> > > > Ascendant: food for the thinking mind.
> http://www3.sympatico.ca/sberaud
> > > >
> _______________________________________________________________________
> > > >
> > > > _______________________________________________
> > > > oclug mailing list
> > > > oclug at lists.oclug.on.ca
> > > > http://www.oclug.on.ca/mailman/listinfo/oclug
> > >
> > > _______________________________________________
> > > oclug mailing list
> > > oclug at lists.oclug.on.ca
> > > http://www.oclug.on.ca/mailman/listinfo/oclug
> > >
> >
> > _______________________________________________
> > oclug mailing list
> > oclug at lists.oclug.on.ca
> > http://www.oclug.on.ca/mailman/listinfo/oclug
>
> _______________________________________________
> oclug mailing list
> oclug at lists.oclug.on.ca
> http://www.oclug.on.ca/mailman/listinfo/oclug

More information about the OCLUG mailing list