Re: [SAtalk] Newbie

[Russ]

I used to use an old 486 with 40 meg of ram running RH 7.3 as a firewall with iptables. Worked great 'til the scsi's died....just retired the box instead of trying to resurrect it. Your machines are plenty powerful enough for anything but windoze so you shouldn't have any problems.  What is your network topology?  I'd single purpose one of the boxes as the firewall and put your servers behind it.  You can have a single connection to the internet via the firewall and NAT via iptables.  Everything behind the firewall can have fixed ip addresses or you can set up DHCP on one of the boxes.....all pretty straight forward.  With only 40 users you've got plenty of horse power to do all of this with just three boxes.  One for the firewall, one for mail/http and one for squid/content filter.  The firewall box will need two NICs..... ----- Original Message ----- From: Chris Santerre To: 'Jean-Paul Natola' ; [EMAIL PROTECTED] Sent: Friday, August 08, 2003 11:12 AM Subject: RE: [SAtalk] Newbie That is PLENTY! :)  I'm running on 266 pentiums with 64!    Although Squid likes memory. The more the better. Find an extra stick somewhere and give it more if you can. But for the amount of users you said you had, 128 might be fine.   (I still know people running web sites off of 386s and 486s!)   --- Chris -----Original Message----- From: Jean-Paul Natola [mailto:[EMAIL PROTECTED] Sent: Friday, August 08, 2003 11:24 AM To: [EMAIL PROTECTED] Subject: Re: [SAtalk] Newbie are 433 celerons w 128 ram  good enough,  we have a few of them left, One already has IPCOP, so I thought one for SA  then the last one for SQUID ? ----- Original Message ----- From: Russ To: Chris Santerre ; 'Jean-Paul Natola' ; Ben Story ; [EMAIL PROTECTED] Sent: Friday, August 08, 2003 10:58 AM Subject: Re: [SAtalk] Newbie I'd recommend baby steps.  Get linux installed and SA working as you want it.  Then do iptables...there's a zillion places to learn it and many example scripts too.  Then tackle content filtering.  Along with squid you'll need something that does the actual filtering (DansGuardian - licensed, or there are several open source ones that do url filtering).  Trying to put all this together (especially on one box - and being somewhat of a newbie) is going to set you up for a *lot* of frustration if not failure. ----- Original Message ----- From: Chris Santerre To: 'Jean-Paul Natola' ; Ben Story ; [EMAIL PROTECTED] Sent: Friday, August 08, 2003 8:41 AM Subject: RE: [SAtalk] Newbie Squid proxy server can do this.  You can run it on the same box as SA, but I don't recomend it. Not unless you have some good iptable (or ipchain) rules to lock it down.   I've had a test box setup in my office running Squid for about 6 months now. I haven't touched it in 5 months! I need to clone myself to get more done.  :-)   But you're jumping into an ocean here. I know because I do it all the time. If you want to do things right, your going to suddenly have to learn:   Kernel Recompiles IPtables or ipchains CPAN (Not much to learn other then syntax, but still more stuff to cram into brain.) Spamassassin Squid Some MTA   Not trying to scare anyone away. But sometimes it gets overwhelming when you try to do the 'next' step and find you have to learn something else. But when you get all this free stuff running great on and old computer....man that feels good :)   Chris Santerre System Admin and SA Custom Rules Emporium keeper http://www.merchantsoverseas.com/wwwroot/gorilla/sa_rules.htm "A little nonsense now and then, is relished by the wisest men." - Willy Wonka -----Original Message----- From: Jean-Paul Natola [mailto:[EMAIL PROTECTED] Sent: Friday, August 08, 2003 9:13 AM To: Ben Story; [EMAIL PROTECTED] Subject: Re: [SAtalk] Newbie Now that i have this info,  is there any kind of Content filter  that is linux based,  if so ,   can it run on the same box as SA?     ----- Original Message ----- From: Ben Story To: 'Jean-Paul Natola' ; '[EMAIL PROTECTED]' Sent: Thursday, August 07, 2003 4:31 PM Subject: RE: [SAtalk] Newbie I would suggest using RedHat as there are many HOWTO's for using it with SA.  You can either buy the RH CD's from a retailer or download them from the Internet.   -- Benjamin Story Dot Foods, Inc.   -----Original Message----- From: Jean-Paul Natola [mailto:[EMAIL PROTECTED] Sent: Thursday, August 07, 2003 3:30 PM To: Ben Story; [EMAIL PROTECTED] Subject: Re: [SAtalk] Newbie   well we are tiny non-profit   40 internal  20 external email acts  (60 -total)   I also NEED to know what OS to run it under , red hat? i have used HP-UX for a few years at my old org, also where I can get the OS,   I understand red-hat is 4 cds for the OS is that what I should use or do I have other options? ----- Original Message ----- From: Ben Story To: 'Jean-Paul Natola' ; '[EMAIL PROTECTED]' Sent: Thursday, August 07, 2003 4:03 PM Subject: RE: [SAtalk] Newbie   Jean-Paul,   It really depends on your environment.  I'm currently running a P-III 500 as my company's spam filter (2000 employees), but we're going to give it a "real server" now that its worth has been proven.   -- Benjamin Story Dot Foods, Inc.   -----Original Message----- From: Jean-Paul Natola [mailto:[EMAIL PROTECTED] Sent: Thursday, August 07, 2003 2:56 PM To: [EMAIL PROTECTED] Subject: [SAtalk] Newbie   Hi all   I'm new to  this, so bear with me,   what kind of box do I need to load spamassasin on,  and where can I get it.   Note: I already downloaded the program spamassasin, just need to know where to get the OS to utilize   tia               Jean-Paul Natola   Systems Administrator   Information Technology   Family Care International   588 Broadway Suite 503   New York, NY 10012   Phone:212-941-5300 xt 36   Fax:    212-941-5563   Mailto: [EMAIL PROTECTED]