On อ., 2005-07-05 at 13:18 +1000, Jeff Waugh wrote: > Hey, > > Short summary: window is essentially unconfigured, so sends mail out with an > envelope-from origin of 'window.gnome.org'. It was (recently?) configured to > only accept connections from other GNOME machines (and was never configured > to accept mail for window.gnome.org anyway), so for all these reasons it was > unable to deliver mail to hosts doing sender verification checks, such as my > mailservers and more importantly, sourceforge listservers. D'oh! I've made > an immediate fix by adding masquerade_domains rules for the domains window > needs to send mail as (will be watching to make sure). While this fixes the > problem, it's really just treating a symptom rather than curing the patient. > > Revolunteering: A number of times in the past, I have offered to configure, > fix and document the mail setup on the GNOME machines. I don't think I've > ever received clear encouragement to actually go and do it, but now we have > a new sysadmin team, and I'm sure you can all follow along. I'd start by: > > a) reanalysing mail requirements across the machines and applications > currently in use > > b) aggressively configuring mail.gnome.org as the central mail hub for > performance, security, reduction of crap email and minimisation of > maintenance/configuration tasks > > c) minimising configuration on all other hosts by using mail.gnome.org as > the central relay > > d) considering failover options once the configuration is sanitised >
If someone can come up with a), I'll be happy to make sure they get all the help and encouragement they need to carry it out in part b) :) Getting menubar sorted out properly once and for all is something I've wanted to do for ages too, but just haven't found the right moment. We can probably just do c) anyway. I guess for d) at the very least we ought to have a slave MX server somewhere. Ah, that reminds me. Who were those big name companies asking for our hardware wishlist again? I thought of 'network monitoring server' (so Toni and I could set up NAGIOS etc). I already mentioned 'development server'. We could add 'slave NS/MX server' to that list. It'd be nice if those big name companies could also host a couple of these servers too. Having resources outside of RedHat's Phoenix colo would give us improved redundancy/flexibility should any part of the internet lose connectivity to the Phoenix network. Perhaps even have them hosted outside the US completely (in Europe/Australia)? Just a thought. -- Ross _______________________________________________ Gnome-infrastructure mailing list [email protected] http://mail.gnome.org/mailman/listinfo/gnome-infrastructure
