|
Grex > Helpers > #140: Grex System Problems - Spring 2005 | |
|
| Author |
Message |
| 25 new of 457 responses total. |
keesan
|
|
response 164 of 457:
| 
May 1 15:54 UTC 2005 |
Could you set up a simple script that lets anyone who chooses to do so throw
out anything with an X-RBL warning? This would eliminate about half my spam.
I keep a log. And restore the 100K mail size limit somehow? Or let people
choose to throw out anything over that size, with the same script? People
who have tried to send me large attachments generally write me with a smaller
mail when they bounce and I explain to send elsewhere.
How old are the hard disks that grex is running on now? Can they be checked
regularly for bad spots or the likelihood of crashing? We used some program
on a disk that Scott gave us, which told us it was in imminent danger of
failing (it had already slowed down a lot).
|
drew
|
|
response 165 of 457:
|
May 1 18:03 UTC 2005 |
I've heard of such a program from, I think, Symantec. Designed to deal with
the fact that modern hard drives have circuitry which attempts to hide the
fact that some of the disk goes bad thoughout its service life by moving data
around to good sectors and lying about the actual state of the media. I forget
what it's called.
|
richard
|
|
response 166 of 457:
|
May 1 21:06 UTC 2005 |
STeve said:
"We need to alter the size of some of the partitions on Grex. In
particular the /var/mail partiton is too small. We keep on running
into this because of the ever increasing amounts of spam we're getting"
Is this not further evidence that grex needs to get out of the offsite
email business? grex should continue to offer email within the grex
site for all users, but to send or receive email outside grex, you
should have to be a paying member. Grex doesn't have the resources
anymore, if it ever did, to be a free email provider for the universe,
and too many people have and will abuse Grex with its free anonymous
email addresses, or worse use it for unethical purposes.
In fact, I'd think it a good possibility that the FBI probably has Grex
on a list of websites that could potentially be used to traffic
terrorist information, because grex gives out free anonymous email
addresses with an automated program and no verification. Do you keep
making the partitions larger and larger, and keep taking risks that
vandals or terrorists might be coming here, or do you finally
say, "enough is enough, go use hotmail or yahoo for email!"
|
steve
|
|
response 167 of 457:
|
May 1 21:56 UTC 2005 |
The disks were bought around May 2003. Checking disks for problems
is a difficult thing. There is a system that IBM delevoped for its
own disks that has failed to catch more problems than it has found,
in my usage of it. Grex munches on disks. We might want to consider
replacing them every X years, but figuring out what X should be is
interesting.
I don't see that needing to increase the size of /var as an
indication that we need to stop doing email. Disk is the one thing
that has dropped in cost over everything else. For about $250 we
could devote at 36G disk to mail and likely have enough disk for some
time. Also, with spam filtering our disk needs will slow down.
If Grex is on some government list, which I wouldn't be surprised
if true, it doesn't matter if we offer mail or not. The fact that
we're an open system is enough. This is still America and the secret
police aren't quite here yet. I'm not going to worry about it.
|
mcnally
|
|
response 168 of 457:
|
May 1 22:31 UTC 2005 |
re #166: I propose that Richard create a list of services that
he approves of or uses personally so that we can all know which
other services should be eliminated..
|
naftee
|
|
response 169 of 457:
|
May 2 01:09 UTC 2005 |
whoa, steVE! are your lungs ok ?!
|
aruba
|
|
response 170 of 457:
|
May 2 02:58 UTC 2005 |
I ordered the new disk form Leeron on Saturday. There was some confusion
about how dead the old disk is, and whether we should send it in for
warranty repair. The consensus was that we should send it in, but use the
replacement they send us back as a backup.
But, mostly, I've been draggin my heels because I've had other things to do.
So sorry for the delay. We should have a new disk within a week.
|
keesan
|
|
response 171 of 457:
|
May 2 02:59 UTC 2005 |
I have several friends who use grex ONLY for email and one of them was a paid
member (she may stop paying since she lives in Chelsea) but the others still
appreciate the email. I told them they should not feel obligated to pay for
light use. One of them also has an ISP with mail but got used to grex.
STeve, were these disks bought new in 2003 and only put into service a few
months ago? If so, would a warranty at least cover them going bad if we got
similar ones new now and they lasted under a year?
|
aruba
|
|
response 172 of 457:
|
May 2 03:02 UTC 2005 |
Re #171: Sindi - yes, the disks are warranteed by Seagate for 5 years. So
we should be able to get a replacement for the one that failed, as soon as
someone can pull it out of the machine and get it to me.
|
richard
|
|
response 173 of 457:
|
May 2 04:05 UTC 2005 |
,
|
steve
|
|
response 174 of 457:
|
May 2 04:13 UTC 2005 |
The warranty is almost irrevelant. Disks going down are a disaster for
any entity, and with Grex its even worse because of access and staff time
issues. I try to optimize on disks that have a decent record of not dying
and use those.
Replacement disks obtained from a warranty exchange make me queasy. They
are almost universally refurbished disks, meaning they came into the
manufacturer because of some problem and got "fixed". I've never liked using
this kind of disk in an intense environment, and thats exactly what Grex is.
These days we can get a 36G scsi disk for about $250, which is pretty amazing.
Thats a 15,000 rpm ultra-320 speed disk, too. Amazing.
|
cross
|
|
response 175 of 457:
|
May 2 11:53 UTC 2005 |
This response has been erased.
|
steve
|
|
response 176 of 457:
|
May 2 12:04 UTC 2005 |
In terms of disk I/O, it is.
|
gull
|
|
response 177 of 457:
|
May 2 13:42 UTC 2005 |
Spamassassin is a great program, and it'd be great if Grex could use it.
I'd suggest being very careful about implementing it, though, because
it can consume large amounts of CPU and memory. Here are my
suggestions, after playing with it for a while myself:
- Large messages should bypass Spamassassin. "Large" here meaning
anything over 100K or so. There messages are unlikely to be spam,
anyway, and scanning them takes far too long.
- Use spamd/spamc, don't call Spamassassin directly. Exim 4.50 and
later, or earlier versions with the Exiscan patch, can call spamd
directly from the DATA acl. I recommend this because it saves some
process overhead, and it allows a lot of flexibility.
- When you test it, monitor the CPU load carefully, and be ready to take
Spamassassin back out of the loop if you find it's consuming too many
resources.
- Running a caching nameserver can really speed up the Spamassassin
tests that rely on DNS-based blacklists. If there isn't already one on
the local LAN, you may want to run one.
|
cross
|
|
response 178 of 457:
|
May 2 15:36 UTC 2005 |
This response has been erased.
|
tod
|
|
response 179 of 457:
|
May 2 15:45 UTC 2005 |
re #163
Once I got over to Provide.net it became clear that the passwd file
was really messed up. Root's password wasn't what it should be, nor
were any others that I knew of. Booting Grex into single user mode
revealed an /etc/passwd file of about 1100 accounts, not the 24,000
that it should have had. Worse, the "master.passwd" main passwd file
and associated database (.db) files were messed up as well.
I hate to break it to you but it sounds like Grex was hacked. It'd be in
everyone's best interest to change their password and also any other passwords
they may have attempted to use here that match that of a login to a system
elsewhere. For more information on what I'm talking about, catch the article
on Arbornet in next months Fortune Magazine.
|
keesan
|
|
response 180 of 457:
|
May 2 15:53 UTC 2005 |
I thought the messed-up passwd file was due to a bad hard disk.
Most of my mails over 100K contain .zip viruses. Is grex going to start
bouncing 100K or over mails again? Fine with me if it does.
I have not lost a single real mail due to X-RBL filtering. On the other hand,
spamassassin routinely dumps all the emails from the electric company. How
about first using X-RBL filter to reduce the load on spamassassin?
|
tod
|
|
response 181 of 457:
|
May 2 16:00 UTC 2005 |
re #180
Every password cracker in existence relies on assumptions like that.
|
gull
|
|
response 182 of 457:
|
May 2 16:18 UTC 2005 |
Re resp:180: Why not just write a procmail filter to drop 100K+
messages, if that's what you want?
I hope staff gets the kinks worked out of Grex's new system, soon. So
far, it looks like the old Sun was more reliable.
|
naftee
|
|
response 183 of 457:
|
May 2 17:35 UTC 2005 |
i hope nobody hacked my account :(
|
albaugh
|
|
response 184 of 457:
|
May 2 18:59 UTC 2005 |
> Alternative: stamp your little feet and declare yourself a "paying member"
> of grex, which, I understand, accepts contributions.
News flash: That won't help the situation ONE BIT. Despite whatever revenues
grex may take in - which can pay for hardware and utilities - its labor and
brain power comes only from human volunteers. If the system is not reliable -
and lately it has not been - then grex users are at the mercy of whatever time
volunteer staff may or may not have available to give to grex, and access to
the new facility.
I have seen the light: grex has been so reliable for so long that I have come
to rely on that. And that was unwise, and unfair. If I'm smart I will start
to wean myself off grex...
|
nharmon
|
|
response 185 of 457:
|
May 2 19:14 UTC 2005 |
Or you can volunteer your time to help Grex get back up to being super
reliable.
|
tod
|
|
response 186 of 457:
|
May 2 19:21 UTC 2005 |
And see if the STeve of Oz lets you.
|
albaugh
|
|
response 187 of 457:
|
May 2 19:22 UTC 2005 |
Nope, I don't have the expertise necessary, nor the proximity to the location,
nor the inclination. If I want a reliable system, I should not be relying
on grex - that is the conclusion that all should recognize.
|
tod
|
|
response 188 of 457:
|
May 2 19:23 UTC 2005 |
MOVE ON -Mary Remmers
|