On Sun, Nov 25, 2001 at 11:04:45PM +0100, kuepper@in-secure.dyn.ee wrote: > > ----- Original Message ----- > From: eim <eim@eimbox.org> > To: Debian-Security List <debian-security@lists.debian.org> > Sent: Thursday, January 17, 2002 7:06 AM > Subject: Mailserver HDD organization > > > Hallo to everyone on the Debian Sec. List, > > I'm actually planing to install a new mailserver > on network, the mailserver will substitute an existing > one which runs of course Debain GNU/Linux potato and sendmail. > > The new server will be a P266Mhz 128 | 65 MB Ram with 2x 8GB > IBM ULTRA WIDE SCSI HDD and oviously 100 MB network connection. > > The software I plan to run on the new server is Debian Potato > with exim as MTA, mailman for the lists and some other stuff. > > i would suggest you to use not exim. exim is a very nice MTA but the best > mind of security and performance is qmail! > > My real problem is the HDD Organization, the actual server has > all his / (root) in RAID 1 Mirrored via software on two IBM HDD > which each one is 2 GB. > > I don't want to have only one big root parition on the new server, > it's not recomanded, isnt' it ? > > no it isn´t > > I was thinking about a partition for /, one for boot, one for > /var/spool/mail and some other important system parts. > > Has anyone real-life examples of running mailservers, > maybe some HDD organization infos, MTA infos and other > importante related know-how to run a secure and stable > mailserver on my network. > > here is one: > > 200 users > qmail server (smtp) > imapd > qpopper 4 > iptables > f-prot (virus scanner) > > / = 2 gb (300mb in use) > /home= 10 GB > /var= 20gb > /boot= 300mb Boot is where kernels live (placed at the start of the disk for old bioses that cannot read far into large disks ... your bios may not need it... experiment if you have time). I have "a lot" of kernels on my system, 6 and my boot directory takes only 7 meg. A very reasonable size for boot is 16 meg, 32 is surely more than you will ever need. If you plan to watch over your system, one big partition is not bad, it allows for easier administration as you are managing only 1 partition as opposed to many. If you want to be cautios, consider breaking out /var to prevent bad users from filling up their mail spools (likewise with /home if they are allowed to use imap folders) and to prevent your logs from filling your system. Realistically, for most real world small applications with the large size of disks today, one partition will likely work fine for you. As far as MTA software, they qmail package is renown for being secure, but also for the developer being hard to work with and for having a restrictive license. If licensing is not an issue for you then it may work well for you. Postfix has a nice license, is simple to understand and manage, and places a lot of emphasis on security. good luck, donfede
Attachment:
pgp3kjrXnKLBV.pgp
Description: PGP signature