Re: avoiding overload on port 587
- On 12/1/2012 2:26 PM, Wietse Venema wrote:
> Stan Hoeppner:Wietse you work in a "small corner" of IBM and may not know, but if you
>> ...and I have no experience and pay no
>> attention to what Oracle is doing with Solaris virtualization,
>> "containers" I believe they call it.
> Solaris containers are descendants from FreeBSD jails: they provide
> different userland namespaces(*) on top of a shared OS kernel.
> Hardware virtualization on the other hand provides different hardware
> namespaces(*) on top of a shared hypervisor.
> These are basically sandboxing methods with different levels of
> isolation and performance. I would not expect that jails/containers
> introduce new challenges with respect to missing interrupts.
> (*) Not just file or device names, but also
> memory addresses, disk blocks, and so on.
do or know who to ask, I'd like to know how IBM handles Linux guest
clocks on zSeries, and pSeries for that matter. Is there an IBM
document on this maybe?
- On Tue, Dec 04, 2012 at 07:46:10AM -0600, /dev/rob0 wrote:
> On Tue, Dec 04, 2012 at 11:59:01PM +1300, Peter wrote:Or better yet: replace it with postscreen.
> > I would still also set up port 587 on the mail.example.com
> > IP as submission as well and try to encourage your users (at
> > least the ones you can) to use port 587 from now on.
> What I would do, on Linux with IPv4 only, is create the submission
> port and use an iptables redirect for the alternate IP address:
> # iptables -vt nat -A PREROUTING -p tcp --dport smtp -d \
> mail.example.com -j REDIRECT --to-port submission
> This saves the overhead (system and administrative) of running
> another smtpd on [mail.example.com]:25; he can leave his "smtp ...
> smtpd" service alone in master.cf.
> I should also add as a reply to Stan in the other subthread: lookTo clarify, I meant that if those Outlook Expresses are not yet
> above at the first quoted paragraph: "Outlook Expresses setup with
> ... default configuration."
> Yikes, bad news, very bad. If not doing content filtering nor
> policy limitation of submission now, he will be soon. And possibly
> losing his job in any case. Tomas is not in a good place right now.
compromised by malware, they will be, soon.
http://rob0.nodns4.us/ -- system administration and consulting
Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: