.:: Bots United ::. - View Single Post - Webserver SUMMER TIME was: Web-Server Spring-Break

Onno Kreuzinger · *Last edited by Onno Kreuzinger; 07-06-2007 at 22:44..*

Hi,

small update, no problems so far, apart the monitoring system being not yet 100% (a false alert, missing stats for some hours). The performace is fine, spamfiltering is not yet perfect, but that will improve soon.

Update2:
The stats had been wrong due to a OOM condition cause by multiple ssh password scans. I changed the ssh config accordingly (on all servers), the VE stuff (memory barrier and hard limit) prevented the running process from starving and apache + mysql (and mail ...) kept running.
We lost some viewers due to apache not being able to spawn more preforker processes for about 30 minutes, after all it was a good lesson

Update3:
Important for all BU Mailusers:
we now use greylisting (again), see wikipedia for detailed info on "what is that"

We use a softer variant, that is sending 421 temp failure SMTP codes on the first connection of a IP, after some minutes the next connect will succeed. The database stores any known ip/target-address for weeks, so the initial delay is payed of later on.
We also use DNS RBL blacklists, they generate a proper 5xx failure code, since those listed hosts will be rejected as long as they are listed.
Please complain to me, if you are having problems!

Both antispam systems send human readable error messages pointing the affected user to the cause of the delay or permanent reject.

For SENDING email nothing changes, the system recognizes, that you authenticate to the mailserver, thus you need no greylisting and by god no RBL list. Assuming you are on a dial-up line, your home ip should be listed in the blocklist. You are no mailserver

You might notice also, that any smtp connection is throttled heavily during handshake, this is intentionally and cost about 15 seconds. This way mailwaves cant make spamassasin go wild

But on the other hand websites testing your emailaddress have a delay and might even fail. (I only know one website rejecting a emailadress after a 421 error code, the error code is clear: you are fine (sender, recipent), but I cant accept mail from your: temp. local failure).

Cheers Onno

	(#11)
Onno Kreuzinger aka: memed / Server Admin Status: Offline Posts: 705 Join Date: Jan 2004 Location: germany	Re: Webserver SUMMER TIME was: Web-Server Spring-Break - 06-06-2007 Hi, small update, no problems so far, apart the monitoring system being not yet 100% (a false alert, missing stats for some hours). The performace is fine, spamfiltering is not yet perfect, but that will improve soon. Update2: The stats had been wrong due to a OOM condition cause by multiple ssh password scans. I changed the ssh config accordingly (on all servers), the VE stuff (memory barrier and hard limit) prevented the running process from starving and apache + mysql (and mail ...) kept running. We lost some viewers due to apache not being able to spawn more preforker processes for about 30 minutes, after all it was a good lesson Update3: Important for all BU Mailusers: we now use greylisting (again), see wikipedia for detailed info on "what is that" We use a softer variant, that is sending 421 temp failure SMTP codes on the first connection of a IP, after some minutes the next connect will succeed. The database stores any known ip/target-address for weeks, so the initial delay is payed of later on. We also use DNS RBL blacklists, they generate a proper 5xx failure code, since those listed hosts will be rejected as long as they are listed. Please complain to me, if you are having problems! Both antispam systems send human readable error messages pointing the affected user to the cause of the delay or permanent reject. For SENDING email nothing changes, the system recognizes, that you authenticate to the mailserver, thus you need no greylisting and by god no RBL list. Assuming you are on a dial-up line, your home ip should be listed in the blocklist. You are no mailserver You might notice also, that any smtp connection is throttled heavily during handshake, this is intentionally and cost about 15 seconds. This way mailwaves cant make spamassasin go wild But on the other hand websites testing your emailaddress have a delay and might even fail. (I only know one website rejecting a emailadress after a 421 error code, the error code is clear: you are fine (sender, recipent), but I cant accept mail from your: temp. local failure). Cheers Onno sunny morning view from my balcony: see our WIKI! see our filebase! Last edited by Onno Kreuzinger; 07-06-2007 at 22:44..