lessons in system configuration
<![CDATA[I'm sure this will be an ongoing topic...I'm working on a new mailserver to replace a box that is excruciatingly underpowered. Even though it's only running about a dozen users, it's a Pentium II/400 maxing out 256MB of physical RAM and swapping over 60MB regularly. This wasn't a real problem until I decided to upgrade my spam filtering backend (amavisd-new, SpamAssassin/ClamAV and Maia Mailguard,with a dose of policyd greylisting daemon). The system restarted everything fine, but then came to a screeching halt as amavisd completely swamped the RAM in the system and everything slowed to a crawl. Unfortunately, the RAM in the system is maxed out and I can't add any more.
Well, a couple of weeks ago I ordered a new system to replace this venerable dinosaur. The new box is a BioStar IDEQ N1, Sempron64 2800+, 1GB of PC3200 (400MHz) RAM. I’m recycling a spare 20GB drive, and loading with Fedora Core 4 (I don’t like 5 or 6…the MySQL 5 installed breaks some of the web apps that I use).
Now, on to the lesson of the day:
I started setting up the box last week with custom-compiled versions of Postfix, Dovecot IMAP server and several other packages. Now I’m starting to configure things to closely match the existing mail server, including Samba. This makes some administrative tasks a bit easier, like updating some web pages (this basically only hosts SquirrelMail and PostfixAdmin). There’s not much web service to do, but Samba makes it easier to move logfiles to the Windows box and copy new files over without having to run FTP or wget all the time. The problems started after I copied the smb.conf file (Samba config) from the existing server to the new box. I tweaked it, fixed some server-specific settings, and set it off. First, it wouldn’t even see itself as an SMB server. found and fixed that. Then, it appeared to be fighting with my WINS server (another Linux box) to be the master browser. Fixed that setting too. Finally was able to resolve itself by name and local IP. Now to get it to see the rest of the network (and the rest of the network to see it, as well). OK…started through the diagnostics document from Samba. Step 1…good. Step 2…good. Step 3…er…step 3….errors. Troubleshooting was going nowhere. 45 minutes later, had a thought…firewall? Iptables was running, since this box faces both the internet and my local lan on different NICs. turned off iptables and gee…it works! Start tweaking around with firewall rules. Seems the syntax has changed slightly between the Fedora Core 1 and Fedora Core 4 versions, so the rules from the old box don’t quite work on the new one. Found the system-config-firewall-tui utility, and set up custom rules for the right ports, and restarted both iptables then samba. Gee wiz, it works now! I can see it from the other computers, and it finds the rest of the network too! Well, that was a good waste of several hours that I’ll never get back. I guess the next step is to set up Postfix, policyd, amavisd and the new MailZu web interface for amavis. Oh, and pray that Dovecot 1.0 final will make it out in the next two weeks before I’m ready to bring the new monster live….
Posted on January 18, 2007, in Computers, Rants, Site Info. Bookmark the permalink. Leave a Comment.
Leave a Comment