>>
>> Have you started a straw-man on your system design?
>>
>
> Don't know what this means. Can you clarify?
It just means an overall plan. This is my personal preference that's
all. I basically work out all the design aspects of my system before I
get "under the hood" so to speak.
>
>> Some things I had to think about.
>> Bind: caching only or Authoritative for my domain?
>> I picked caching only and used my providers DNS servers as DNS
>> forwarders. My reason for this is because I have a grandfathered free
>> account at dyndns.org. They have redundant DNS servers which manage my
>> domain. If I ran authoritative then I would only have 1 server and it
>> would be attached to my VPS IP address. With my dyndns.org account
>> everything remains portable IP address wise. It is also free for me
>> where otherwise you would have to pay $24/year.
>>
>
> I know the difference between A, CNAME and PTR records, but I don't know
> enough to know whether I want authoritative or caching or whatever. The
> johncompanies folks tell me they'll slave to my nameserver. So I figured
> I'd be authoritative for my domains, and let them back me up.
If they offer to slave your DNS then that solves the redundancy issue.
If you are authoritative then all that means is the internet root DNS
servers list your server and johncompanies.com slave as the resolver for
your domain(s). You enter this information via your domain registrar.
You will still need local resolution of internet address and should ask
johncompanies.com what servers to use.
>
>> Web server: Apache or lighttpd.
>> I only have 128m/256swap on my vps. Comparatively Apache is
>> a pig compared to lighttpd. For my needs lighttpd is perfect. Apache
>> wins in the flexibility dept though.
>>
>
> These guys guarantee me 256M RAM (I suspect they're using UML). More
> importantly, though, I'd prefer to run something I *know*, which is Apache.
>
>> mail: Postfix. No brainer. With SMTP-AUTH and TLS
>>
>
> I agree on Postfix. Funny thing is that almost every hosting company
> I've used uses POP before SMTP, instead of TLS and such. I don't
> understand why, since it seems far more complicated to administer.
>
Agreed, POP before SMTP is cleartext as well as a seemingly kludgey
method IMO. All the popular mail clients these days support SSL\TLS
>> spam/virus: amavisd-new and clamav. Sing together in harmony. Seems
>> the most popular and well documented setup. It is a memory hog though.
>> The largest on my system.
>>
>
> Not too worried about this. I consider spam the customer's problem. If I
> have to implement something like this, I'd probably go with SpamAssassin
> and just *grade* the mail as opposed to /dev/nulling it.
I only /dev/null it when it is graded high by Spamassassin. Otherwise I
just X-Spam headers and [SPAM] in the subject line. This is all your
preference of course.
You should look into amavisd-new though. It provides a nice interface to
postfix. If you wanted to add virus scanning at a later date it's as
easy as installing clamav or similar and uncommenting a couple lines in
amavisd.conf. If you skip amavis then use the daemonized version of
spamassassin smapd/spamc. Performance is better for higher volume.
>
>> IMAP: Dovecot over SSL. This is how I get my mail.
>>
>
> Never used IMAP, I it would mean something else I'd have to learn. Ugh.
>
> Paul
Generally POP is used in your case. I use IMAP because as a default I
store my mail on the server. It is better suited to that.
Also, I consider myself a hobbyist in this realm. I am a network
engineer by trade. I've been running my domain for almost a decade and
have found the above to be the best fit for "my" needs.
My point is I hope other sluggers feel free to criticize what I am
saying :)
-Chris
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 17:56:29 EDT