hi ivo
for partitions...
- i prefer smallest/reasonable / partitions ( 64M or 128M etc )
- getting into single user mode is extremely important
- /var/spool/{mail,mqueue} in a mail server should
be its own "huge" partitions ???
- /home doesnt mean much for mail servers
( user stuff is all in /opt
ln -s /opt/home /
ln -s /opt/local /usr
- if you run secure imap, you'd have to worry about quota
for /home where their mail is saved
- i like having /tmp in its own partitions ( 128Mb? )
- i do NOT use /boot as separate partitions
- must not forget about swap partition ( 256M or so )
and if swap space is used constantly, add more memory
- i like having /opt to be the rest of the disk
- if you build your own kernel.. i claim you'd need to keep
the current initrd.gz or make your own custom initrd.gz
so that it can read the scsi disks... ( catch-22 issue )
- more partition-howtos
http://www.Linux-1U.net/Installation/partition.gwif.html
- Picture of partitions layout on a disk... ( middle of the page )
http://www.Linux-1U.net/Disks
- Debian Security howto
http://www.debian.org/doc/manuals/securing-debian-howto/
- for a secure mail server...
http://www.Linux-Sec.net
-- see the various hardening methodologies
http://www.Linux-Sec.net/Harden/howto.gwif.html
- harden the file system
- harden the daemons/services
- apply all the patches
- run secure pop3/imap if users insists on "pop-style" mua
- subscribe to security mailing lists and distro/app specific ml
- install one or more anti-virus sw
- backup your system daily ???
- users probably would like their mailboxes backed up hourly ??
http://www.Linux-Sec.net/Mail/#AntiVirus
http://www.Linux-Sec.net/Mail/secure_pop3.txt
- simulate a disk crash ( unplug it )
-
- see if you can recover
- how many/how much users emails did you lose ??
- should be zero with raid1 mirror
for runing a raid1 mirror ... that should be fun/simple to setup
- be sure to use the "fd" (raid autodetect) partitition type
http://www.1U-Raid5.net
have fun linuxing
alvin
On 17 Jan 2002, eim wrote:
> Hallo to everyone on the Debian Sec. List,
>
> I'm actually planing to install a new mailserver
> on network, the mailserver will substitute an existing
> one which runs of course Debain GNU/Linux potato and sendmail.
>
> The new server will be a P266Mhz 128 | 65 MB Ram with 2x 8GB
> IBM ULTRA WIDE SCSI HDD and oviously 100 MB network connection.
>
> The software I plan to run on the new server is Debian Potato
> with exim as MTA, mailman for the lists and some other stuff.
>
> My real problem is the HDD Organization, the actual server has
> all his / (root) in RAID 1 Mirrored via software on two IBM HDD
> which each one is 2 GB.
>
> I don't want to have only one big root parition on the new server,
> it's not recomanded, isnt' it ?
>
> I was thinking about a partition for /, one for boot, one for
> /var/spool/mail and some other important system parts.
>
> Has anyone real-life examples of running mailservers,
> maybe some HDD organization infos, MTA infos and other
> importante related know-how to run a secure and stable
> mailserver on my network.
>
> Thanks for any reply,
> Have a nice day...
