|
Search tenon.com
Thanks to:
|
|
Post.Office
Re: New virus and post.office issues
I had a similar sequence of events this past weekend (unrelated , I think,
to the mydoom). Time-outs, slowdowns, stacking, the lot!
I rebooted. Then, I told PO to only accept 5 SMTP-Accepts (so it would still
chug away, but it would let me work on filters). Then I took down the
filters one by one. As the last filter was removed, the dam broke and PO
seemed to come alive again. I put the SMTP-Accepts up to 40 and went to bed.
In the morning, everyone had a lot more spam, but PO was back in gear.
I also found another way to give PO some breathing room is to block port 25
with your firewall. This will let PO recover so filter removal is faster. I
didn't try that tip so YMMV.
This is drastic and may not be the solution for you, but it worked for me.
We had about 10 filters and I am slowly reconstructing them to give our
users spam protection again. If only the PO filter interface had ON/OFF
checkboxes! Then you could switch off the filter without DESTROYING it. Ugh.
Pipe dreams.
dan
On 1/29/04 11:43 AM, "Dan Tappin" <dan.tappin@xxxxxxxxxxxxxxx> wrote:
> I seem to be having some serious network / virus / post.office issues the past
> few days.
>
> I am the admin here at our PC based office (50 desktops) with a Linux
> fileserver and a G4 gateway server running PO, Apache, NAT
> etc. sharing our DSL line.
>
> Here are my signs and symptoms:
>
> - possible desktops infected with the Novarg virus
> - PO stops responding to connections after an undetermined time (connection
> lost and timeout errors)
> - mail is 'stuck' in Outlook and Apple mail clients
> - STMP-Accept processes are stacking up all the time
> - stopping and restarting PO seems to be one only way to fix it (temporarily)
> - attachments seem to aggravate the situation
> - CPU usage is being used steady (see following MRTG sites):
>
> Primary Mail Server:
>
> http://mrtg.orourke.ca/firewall/
>
> Secondary Mail Server:
>
> http://mrtg.wavefront.ca/freya/
>
> I am running spamassassin and I have FirewalkX firewall on these systems.
>
> This is ugly. I am not sure where to start. Can anyone recommend a better
> firewall solution? I think this crap should be blocked
> at the TCP/IP level and should never even see the mail server.
>
> Is there a way to monitor the network and identify rouge systems that are
> infected? I did track down one via the pologs (250+ lost
> connections over the day).
>
> Dan
>
> ---------
> Tenon Intersystems' Post.Office Mailing List
> To unsubscribe: send mailto:post_office-request@xxxxxxxxxxxxxxx
> with the body only containing:
> unsubscribe
> Find the searchable mailing list archives at:
> http://postoffice.computeroil.com/
---------
Tenon Intersystems' Post.Office Mailing List
To unsubscribe: send mailto:post_office-request@xxxxxxxxxxxxxxx
with the body only containing:
unsubscribe
Find the searchable mailing list archives at:
http://postoffice.computeroil.com/
|
| Tenon Home |
Products |
Order |
Contact Us |
About Tenon |
Register |
Tech Support |
Resources |
Press Room |
Mailing Lists |
|
Copyright©2003 Tenon Intersystems, 232 Anacapa Street, Suite 2A, Santa Barbara,
CA 93101. All rights reserved.
Questions about our website - Contact:
webmaster@tenon.com.
|
|
