Despite almost getting flushed away by rain during What The Hack Silke and I went on another camping event, the Hacking At Random. We arrived in Holland by car ferry early in the morning and drove to the campsite. When we got there we discovered that it was already quite full and it would be hard to find a spot for our somewhat spacious tent. Fortunately we found a suitable location on a small hill:
We hope this spot will also keep our tent dry in case of rain. Talking about rain: so far the weather is much nicer (fingers crossed and touch wood) than during What The Hack … probably because Silke and I are better prepared.
After setting up the tent and fetching all our stuff (too much as usual) from the car in the external car park we finally had time to roam through the camp. During our walk we met some old friends, bought the obligatory t-shirts, browsed the display of the book shop and finally had a nice dinner.
As a geek I firmly believe that there is no such thing as too much CPU power, main memory, disk space or network bandwidth. Recently however my beliefs were put to a test.
It started with a new 4GB CompactFlash card for our digital camera, an Olympus C5050 Zoom. The CF card was supposed to replace an old 1GB Microdrive to increase both the capacity and the battery lifetime of the camera. What was supposed to be a simple task (open camera, remove card, insert new card) took me hours. After a firmware update of the camera and various attempts I finally found out that the camera only supports the FAT16 file system which is limitted to 2GB. I managed to work around that restriction by manually creating a 2GB FAT16 file system on the CF card. This is not an ideal solution but still gives us twice as much disk space and better battery lifetime.
A few days later I wanted to install a firmware update onto the LO100c remote management card in my server. Unfortunately HP only supports two possible ways to do that:
- Update the firmware by running a program under Windows on the machine itself.
- Create a bootable USB stick with the update program on it under Windows.
As I don’t have Windows installed on my server (or anywhere else for that matter) I tried the second option with my brandnew 8GB USB stick. But the *rude language censored* update program complained that the USB stick was larger than 2GB and refused to write the software to it. I had to borrow my old 256MB stick from Silke to be able to complete the firmware update.
So does this all mean that you can have too much disk space? By no means! There is just a lot of outdated software out there. 🙁
Three weeks ago I finally managed to finish one of my longest lasting IT projects at home: replacing the Sendmail MTA on all my NetBSD systems with Postfix. There were plenty of reasons for this migration:
- Sendmail’s configuration files are incomprehensible to most people including me. You can build them from somewhat understandable templates. But that is still far from ideal.
- Sendmail’s monolithic architecture is prone to security problems.
- As Sendmail is basically an interpreter for a weird text processing language with builtin SMTP support it is not very efficient.
- Sendmail’s support for filtering spam e-mails is somewhat limited, at least if you don’t want to write rules for its configuration file manually.
- After Sendmail was removed from the NetBSD source tree convenience was no longer an excuse to use it on my NetBSD systems.
I picked Postfix as the replacement because it is now in the NetBSD source tree (very convenient), uses a secure architecture, provides powerfull builtin mail filtering and last but not least support for Sendmail mail filters (see below).
I started the migration almost three years ago by switching all my NetBSD clients to Postfix which wasn’t really difficult. However the last machine still running Sendmail was my main mail server which provides multiple services:
- It is used as mail relay by all our computers at home and by some of our friends and our family members.
- It is the primary mail server for a couple of domains like zhadum.org.uk.
- It provides backup mail services for a few other domains.
This server’s spam filtering was also reasonably complicated. Besides milter-greylist and milter-regex it used multiple home grown scripts which modified the configuration automatically. Porting all those extras to Postfix wouldn’t be an easy task.
A few weeks back I realized how long this project had dragged on and got back to my Postfix book. After I had finished reading it I finally set a date for the migration.
On the big day things went pretty well initially. I had warned my users and configured packet filter rules to prevent new e-mails from arriving before I finished. After a quick check on the backup mail server I stopped Sendmail and started working on the Postfix configuration. An hour later I had a configuration which seemed to be mostly working. Two problems remained however:
- procmail was reporting errors when it tried to save e-mails to a large mail folder.
- If Postfix was configured to use milter-greylist for mail filtering it stopped accepting E-Mails over SMTP.
Trying to solve both problems at the same time I made no headway at all. I finally decided to focus on the procmail problem and turned off mail filtering temporarily. After various futile attempts to debug the problem I finally resorted to ktrace(1) to figure out why procmail was failing. Reading the kernel trace data I finally found the cause of the problem: Postfix imposed a process limit which restricted the maximum file size that procmail could use. A quick look in the documentation revealed that the mailbox_size_limit setting controlled this behavior. After changing it to a suitable value procmail worked fine.
The milter problem was unfortunately much harder to solve. I spent hours checking my configuration and couldn’t find a problem. I finally began to debug Postfix itself and found a problem in the internal communication between two of its components. Thanks to Michael van Elst’s help I managed to fix the problem. Postfix and milter-greylist started to cooperate at long last and I finished my work at about 1:00 o’clock on Sunday morning.
Postfix worked very reliably ever since and I only had to make a few configuration changes. I’m also astonished how much faster than Sendmail it delivers e-mail. I didn’t think it would make such a difference on a fast machine connected via an A-DSL link.
Finally having finished this I’m not about to be idle tough as a new home IT project has emerged: migrating my friend’s server which is my backup mail server to Postfix as well. I hope that I’ll get this one done more timely. 🙂