Migrating mails from old server to new server

I have done migrating my users' mails to new server. dbmail saves all mails into database (in my case mysql), backing up and restoring should be trivial.

1. backup (using mysqldump)
~#mysqldump -u user -pPassword dbmail > dbmail.sql

2. restore
~#mysql -u user -pPassword dbmail < dbmail.sql

Voila. It's done!.

I have users' preferences and address books saved in database too. So the method of backing up and restoring to the new server should be the same.

Greylisting with postgrey - a spam fighter

Hi there! A couple of days ago, I have setup postgrey. It eliminated 99.9999% of spams entering my users' mailbox. The implementation of greylisting is done at MTA level (postfix) reducing my mailserver load (especially my spam filter). It is like the front-end spam filter before the spams got filtered by anti-spam if they can pass through. It is designed as a complement to existing defenses against spam, and not as a replacement. So far so good. For time being, I guess no spam ever reach my users' mailbox as I went through a couple of test accounts.

*Note: There's one caveat - Greylisting delays all unknown e-mail, not just spam.

The source came with contributed script for reporting. Check it out to see whether your policy really works.

For those new to this, read below:

Your question : What in the hell is postgrey?
My Answer : Postgrey is a Postfix policy server implementing greylisting

Your question : What in the hell is greylisting?
My answer : (see below - taken from here )

Greylisting is a new method of blocking significant amounts of spam at the mailserver level, but without resorting to heavyweight statistical analysis or other heuristical (and error-prone) approaches. Consequently, implementations are fairly lightweight, and may even decrease network traffic and processor load on your mailserver.

Greylisting relies on the fact that most spam sources do not behave in the same way as normal mail systems. Although it is currently very effective by itself, it will perform best when it is used in conjunction with other forms of spam prevention. For a detailed description of the method, see the Whitepaper.

The term Greylisting is meant to describe a general method of blocking spam based on the behavior of the sending server, rather than the content of the messages. Greylisting does not refer to any particular implementation of these methods. Consequently, there is no single Greylisting product. Instead, there are many products that incorporate some or all of the methods described here.

Your question : How does it work actually?
My answer : (see below - taken from wikipedia)

Typically, a server that utilizes greylisting will record the following three pieces of information (known as a triplet) for each incoming mail message:

• The IP address of the connecting host.
• The envelope sender address.
• The envelope recipient address.

This is checked against the mail server's internal whitelist. If any of this information has never been seen before, the email is greylisted for a set period of time (how much time is dependent on the server configuration), and it is refused with a temporary rejection. The assumption is that since temporary failures are built into the RFC specifications for e-mail delivery, a legitimate server will attempt to connect again later on to deliver the e-mail. Don't forget there's still many mailservers do not conform to the RFC.

Greylisting is effective because many mass e-mail tools utilized by spammers are not set up to handle deferrals (they will never bother to retry a failed delivery), so the spam is never delivered.

More information can be obtained here

Your question : Can I use Greylisting on my personal mail account?

My answer : Because Greylisting methods are designed to work at the mail server level, unless you have control of your own mail server, or your ISP has installed a Greylisting implementation for you, you will not be able to take advantage of Greylisting.

Resources:

1. postgrey home
2. postfix greylisting policy
3. What is greylisting?
   

*UPDATE: I just found a better greylisting solution : sqlgrey.

Firefox 1.5.0.1 released

Get the latest stable and security update of Firefox browser here.


What's new in this release.

* Improved stability.
* Improved support for Mac OS X.
* International Domain Name support for Iceland (.is) is now enabled.
* Fixes for several memory leaks.
* Several security enhancements.

Read the release notes.

My New 1U HP server

This month I got my new server which I want to setup it as my mail server. It is an HP Proliant DL 140 Generation 2. It is a 1U type server. It fits the rack server nicely. This type of machine (I mean the 1U type) surprised me coz I never setup Linux on this *fancy* machine. I just thought that it should be the same as the normal-looking one ,lol. It is except one thing. It has SATA RAID controller. I haven't start installing an OS on it coz I haven't had a clue on how to setup one without CDROM. What? I hear you say. Yes. It has no CDROM. It only has CDROM bay. Damn!. I never checked the spec carefully. I should have known better.

I went to the supplier this afternoon and ordered a DVD-ROM drive. I learned something from this case. I should have checked the spec carefully. Damn!!.

Slackware Linux

Dear readers,

It's obvious thing to say that I really like Slackware Linux. Why? that's because of its stablity and simplicity. You know KISS? Keep It Simple Stupid!. You want to know Linux, learn Slackware. You want to get headache, you learn Slackware. :D . But once you master it, nothing beats it. For rock-solid stability of Linux, I gotta switch to Slackware. Mandrake could not fit the requirement. It has something to do with apic thing that got conflict with power management feature. This results in a hanging server . The solution always to hard reboot (by pressing the reset button). Don't get me wrong. Mandrake is a good distribution too but sometimes it contains unnecessary bells and whistles. For some reasons, it fails to run properly on certain machines.

To fix this problem (and after it gave me a lot of headaches and stomachache :P), I gave Slackware a go. Now after 3 days, I never notice a single hang and no slow whatsoever. This brings to happy users and the most important a happy system admin :-) . You can try access my webmail here.

Happy New Year!

Mannheim - The Open Source city

The technology decision makers have already moved the majority of Mannheim's 120 servers to the open-source operating system. Next, they plan to shift its 3,500 desktops to the open-source productivity application OpenOffice.org, running on Linux. The migration should help the city with its aim of using programs that support open standards, which can be used by any software, whether closed source or open source. Some U.S. states--notably Massachusetts and local and national governments have been embracing standard file formats such as the OpenDocument format used by OpenOffice, a move that ensures that public documents won't be beholden to a particular proprietary program.

"We want to decide our IT strategy in Mannheim, and not have Microsoft make the decision for Mannheim," said Gerd Armbruster, the IT infrastructure manager at the German city.

"We want to decide our IT strategy in Mannheim, and not have Microsoft make the decision for Mannheim."

The city's IT department changed from Microsoft Exchange Server 2003 to Oracle Collaboration Suite because ODS supports open standards, even though it is proprietary software, Armbruster said. The switch to Linux was predominantly driven by the department's wish to use OpenLDAP, an open-source software package, rather than Microsoft's proprietary Active Directory, he added. On the desktop, the planned migration to OpenOffice was similarly driven by the city's desire to use OpenDocument, which Microsoft has said it will not support in its Office application. In September, the state of Massachusetts decided to standardize on desktop applications with OpenDocument, a move that has attracted controversy. The decision has come under fire from state officials. Last week, the Massachusetts governor's office said that it is "optimistic" that Microsoft's Office formats, once standardized, will meet the state guidelines for open formats.

In contrast to many other large-scale moves, the cost of the Linux shift was largely irrelevant in Mannheim's decision, Armbruster said. The city recently paid approximately 1 million euros (about $1.18 million) to Microsoft to migrate from Office 2000 to the 2003 version, but that was not important in internal discussions, Armbruster said.

"We never said to our mayor that if we switch to Linux, we won't need to pay 1 million euros to Microsoft," he said.

Although the city will save some money by switching to open-source desktops, it is likely to have to spend a considerable sum migrating desktop applications from Windows to Linux.

"We need to change 145 applications so they will work on Linux. This will cost millions of euros," Armbruster said.

Migrating those applications will not only take money, it will take time. Because of this, Mannheim's shift to Linux on the desktop is not due to start for five or six years. However, the move to OpenOffice on Microsoft Windows will begin next year, with the aim of putting the open-source productivity application on 3,500 desktops across 40 departments by 2009.

"The migration to OpenOffice has to end when support for Office 2003 ends, so we have about four or five years to complete the migration," Armbruster said.

Talk to customersThe infrastructure manager believes that one of the most important factors for a successful migration is acceptance by the people who actually use the software.

"It is important for me to have no resistance from users," he said.

It is so important that the Mannheim IT department is providing every city employee with copies of OpenOffice and Linux for their home PC and will even provide support for home users. The department is attempting to include those employees in the desktop migration project by arranging meetings where they can discuss their concerns. Armbruster thinks that the lack of user engagement is one of the main problems causing a delay in Munich's migration to open-source desktops.

"Most of the problems in Munich are due to resistance from users--they don't want to change to Linux," Armbruster said.

"It's important for an open-source project that you inform your users. You need to talk with users and speak about their problems."

In September, the city of Munich said that its switch to Linux for desktop computing would not get going until next year--one year later than planned and three years after it first announced its move to the open-source operating system. The IT department there is expecting to move 14,000 desktops from Windows NT 4.0 to Linux and from Microsoft Office 97 and 2000 to OpenOffice. Armbruster is confident that these kinds of delays won't happen with his city's migration.

"We haven't seen any resistance from users in the city of Mannheim. We have talked with department managers and power users and they accept our strategy to slowly move to Linux," he said.

"Most of the problems in Munich are due to resistance from users--they don't want to change to Linux."

The problems with Munich's switch encouraged Armbruster to publicize Mannheim's process, to show that an open-source migration can go more smoothly.

"Microsoft is probably very happy about the project in Munich because of its problems," he said. "One year ago, I didn't want to go public about our migration. I have now gone public because the project in Munich is not a success, but our project is. I wanted to say, 'Here is a city with about 6,000 employees where open source and open standards work already.'"

The OpenOffice migrationThe first stage in Mannheim's migration to OpenOffice, the evaluation of its Microsoft Office documents, started earlier this month. It is using a migration analysis tool called SCAI MAS to scan 500,000 administration documents and so identify which files cannot be automatically converted to OpenOffice.

"We expect that maybe 10 or 20 percent of documents will have problems when we move from Word to OpenOffice.org," Armbruster said.

Some of the macros contained within the Microsoft Office documents can be automatically converted into OpenOffice macros, but some will need to be reengineered. The evaluation project is due to be finished in mid-January, after which the IT department will start migrating the first departments to OpenOffice. It plans to switch over only two departments in the first year, one of which will be the IT department. Although some Mannheim employees will not have access to OpenOffice.org for a few years, they have already been using at least one open-source application for almost two years--the Firefox browser. Armbruster says the city has been using the Mozilla browser since version 0.8 came out in February 2004. Microsoft's Internet Explorer is not used for Internet access for "security reasons," he said.

"We want to move to Linux on the desktop when it has the same look and feel as Windows."

When Mannheim has finished its move to OpenOffice, it will start its migration to desktop Linux. This delay will not only give the city time to replace its 145 Windows-specific applications with programs that will run on Linux, but it should also ensure that the Linux desktop environment is more mature by the time Mannheim adopts it.

"In every new Linux version we see more Windows functionality," Armbruster said. "We want to move to Linux on the desktop when it has the same look and feel as Windows."

Armbruster did not say what version of Linux it plans on installing in the future, but he is a fan of Ubuntu, a free Linux distribution based on Debian. Ubuntu is the distribution that will be offered to city employees to try out at home, Armbruster said.

"I think Ubuntu is very interesting, more interesting than SuSE or Red Hat's desktop products," he said. "I have friends who wanted to try Linux at home, and when they installed SuSE or Red Hat, they had 500 or 800 programs. You don't need 800 programs; with Ubuntu you get fewer applications,"

Although other German cities echo Mannheim's view on the importance of open standards, many are reluctant to change, as they have only recently moved to proprietary technologies such as Active Directory, Armbruster said. There are other reasons why government agencies may find it hard to follow Mannheim's lead in adopting open standards. Mannheim is a long-term user of Unix, which has meant that the migration to Linux is easier for it than for bodies that predominantly use Microsoft software.

Cost is also likely to be a prohibitive factor for many government agencies. Mannheim's migration to Linux is expected to cost millions of euros. That short-term cost could be difficult to justify to senior management executives, who are unlikely to fully understand the need for open standards.

-- source : ZDnet

dbmail - How to

First of all I would like to share with you all my experience setting up a *testing* mailserver using dbmail as the imap and postfix as the smtp server and of course on Linux. This time I used Slackware Linux 10.2 and this server is actually behind a firewall. For overview what is dbmail, please visit dbmail.org or read previous posting.

Requirements
You need all of these:

1. mysql server ( I used 4.1.14. This version supports InnoDB)*
   
2. dbmail package ( i used version 2.0.7 )
3. Postfix ( I used version 2.2.7 )
4. DBMail source (get the latest from dbmail.org)
   

* Since some DBMail tables can get VERY large (depending on your mailusage) we advise using InnoDB as database storage backend.

Let's get dirty!

Make sure mysql is running. First you'll need to create the DBMail database in MYSQL. You can do this by issueing the following command. This step is only necessary when you do not have a database for DBMail yet. Note that you will be prompted for the MySQL root password.

mysqladmin create dbmail -u root -p

This creates a database with the name "dbmail". Now you have to give a non-root user access to this database. Start the MySQL command-line client as root:

mysql -u root -p

and enter the following command:

GRANT ALL ON dbmail.* to dbmail@localhost identified by ''

Where should be replaced with the password you want for the dbmail user. After this step, the database is ready to be used by the dbmail user. The next step is the creation of the database tables used by DBMail. Log out of the MySQL client and run the following command from the command line. You will have to enter the password you set in the previous step.

mysql -u dbmail dbmail -p <>Copy the dbmail.conf file to /etc and edit the dbmail.conf file and set everything in there to your likeings. Make sure to set your database name, user and host are configured in dbmail.conf. Other options in the configuration file are documented there.

Run configure & make

Run the configure script. This script uses pg_config or mysql_config (depending on --with-mysql or --with-pgsql) to detect where the libraries and include files for these databases are. e.g. when working with PostgreSQL, this is the configure command:

./configure --with-pgsql

For MySQL,

./configure --with-mysql

After running configure, 'make all' will build the executables. Running 'make install' will install the executables in /usr/local/sbin.

Next you will need to create some users into the dbmail mailing sytem. Currently this can be done in two ways. One way is using the dbmail-users utility. The other way is doing it in the database itself. To do it using the dbmail-users utility and do the following:

dbmail-users -a -w -g -m [-s aliases]

clientid can be left 0 (this is if you want certain mailadministrators administer specific groups of mailusers). maxmail is the maximum number of bytes this user may have in his/her mailboxes. 0 is unlimited. Add K or M for kilobytes and megabytes. Aliases are a number of aliases for this user. @domain are domain aliases.

A user always needs to have at least one alias to receive mail, unless the users username is something like foo@bar.org, where bar.org is a domain the mailserver deliveres to.

example:

./dbmail-users -a zamri -w puttycat -g mail -m 25M -s zamri@dude.org zamri@dude.net @net.com

This will create a user zamri, with a password puttycat. It will set zamri's maillimit 25 Mb and all mail for zamri@dude.org, zamri@dude.net and @net.com will be sent to john. The @net.com is a fallback alias. This means that all mail that cannot be delivered to an existing alias for a @net.com address will sent to zamri.

Now for the postfix, i have to add this line in /etc/postfix/master.cf

dbmail-lmtp unix - - n - - lmtp

If you want verbose output in the mail log, add -v to lmtp, like this:

dbmail-lmtp unix - - n - - lmtp -v

Note : This is good for troubleshooting. Don't underestimate it but please note that you get a LOT of output in your logs when using this setting.

Now edit main.cf and add / change the mailbox_transport directive to:

mailbox_transport = dbmail-lmtp:localhost:24 ^
local_transport = dbmail-lmtp:localhost:24 *

*Note: This one to make sure local mail delivery to dbmail.
^Note: This is the step to make sure the mails use dbmail's transport but not including local delivery.

And then set this :

local_recipient_maps =

Note : This step is *VERY* important or mails from outside can not reach your mailbox. See INSTALL.postfix in source for more info.

Afterthat run this commands:

postmap /etc/postfix/transport
postfix reload

Run the dbmail's servers:

dbmail-lmtpd
dbmail-imapd

Make sure postfix and MySQL (or PostgreSQL) are running. Try sending and replying to local users first and if successful, you can then try the same to outside users.