dadver's questions

I'm trying to have an e-mail address at my @example.org forward to an external e-mail address outside my domains.

When using my ISPs SMTP relay server, I get the following error:

Dec 27 15:10:40 bowser sm-mta[76444]: 0BREAbT3071556: to=<[email protected]>, delay=00:00:02, xdelay=00:00:01, mailer=relay, pri=32614, relay=my.isp.relay.host.example. [IPv4-address], dsn=5.7.1, reply=554 5.7.1 <[email protected]>: Sender address rejected: Access denied, stat=Service unavailable
Dec 27 15:10:40 bowser sm-mta[76444]: 0BREAbT3071556: 0BREAeT2076444: DSN: Service unavailable
Dec 27 15:10:40 bowser sm-mta[76444]: 0BREAeT2076444: to=<[email protected]>, delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=34394, relay=my.isp.relay.host.example. [IPv4-address], dsn=5.7.1, reply=554 5.7.1 <>: Sender address rejected: Null sender not allowed here, stat=Service unavailable
Dec 27 15:10:40 bowser sm-mta[76444]: 0BREAeT2076444: 0BREAeT3076444: return to sender: Service unavailable

Notice the <> after 5.7.1 on line 3

This problem only seems to come when I try to send an e-mail from a gmail account to my intended forward address, if I use the server's own internal mail to send to that address, e-mails are forwarded to the destination address as expected.

So I figured, maybe this gets solved by using the gmail SMTP server instead, but then I got this problem instead: every e-mail sent from my host to any external domain (e.g. @gmail.com) gets the Mail From:-header set to the authenticating gmail account's e-mail address, while the envelope-from and reply to-headers are set to the original sender's e-mail address. This causes GMail and others I'm sure to want to reply to "Firstname Lastname [email protected]" rather than "Firstname Lastname [email protected]"

I have some settings to my sendmail .mc file that have been been appended over the years to get things running, but I can't say with confidence that none of them are causing this issue and breaking the functionality I want. Redacted mc below:

divert(-1)
divert(0)
VERSIONID(`$bowser.example.org.mc 2020-12-27 16:50:00 dadver $')
OSTYPE(freebsd6)dnl
DOMAIN(generic)dnl

FEATURE(access_db, `hash -o -T<TMPF> /etc/mail/access')dnl
FEATURE(blocklist_recipients)dnl
FEATURE(local_procmail)dnl
FEATURE(authinfo, `hash /etc/mail/auth/client-info')dnl
FEATURE(mailertable, `hash -o /etc/mail/mailertable')dnl
FEATURE(virtusertable, `hash -o /etc/mail/virtusertable')dnl

define(`CERT_DIR', `/usr/local/etc/letsencrypt/live/mail.example.org/')dnl
define(`confCACERT_PATH', `CERT_DIR')dnl
define(`confCACERT', `CERT_DIR/chain.pem')dnl
define(`confSERVER_CERT', `CERT_DIR/cert.pem')dnl
define(`confSERVER_KEY', `CERT_DIR/privkey.pem')dnl
define(`confCRL', `/usr/local/certs/revoke.crl')
define(`confAUTH_OPTIONS', `A p y')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl

TRUST_AUTH_MECH(`EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl

FEATURE(no_default_msa)dnl ## overridden with DAEMON_OPTIONS below

CLIENT_OPTIONS(`Name=IPv4-client-mail.example.org, Family=inet')dnl
CLIENT_OPTIONS(`Name=IPv6-client-mail.example.org, Family=inet6')dnl
DAEMON_OPTIONS(`Name=IPv4-localhost, Addr=127.0.0.1, M=A, Family=inet')dnl
DAEMON_OPTIONS(`Name=IPv4-mail.example.org, Addr= my-public-ipv4-ip, M=A, Family=inet')dnl
DAEMON_OPTIONS(`Name=IPv6-mail.example.org, Addr= my-public-ipv6-ip, M=A, Family=inet6')dnl
DAEMON_OPTIONS(`Name=IPv6-localhost, Addr=::1, M=A, Family=inet6')dnl
DAEMON_OPTIONS(`Name=MSA-IPv4-localhost, Addr=127.0.0.1, Port=587, M=E')dnl
DAEMON_OPTIONS(`Name=MSA-IPv4-mail.example.org, Addr= my-public-ipv4-ip, Port=587, M=Ea')dnl
DAEMON_OPTIONS(`Name=MSA-IPv6-mail.example.org, Addr= my-public-ipv6-ip, Port=587, M=Ea, Family=inet6')dnl
DAEMON_OPTIONS(`Name=MSA-IPv6-localhost, Addr=::1, Port=587, M=E, Family=inet6')dnl

define(`SMART_HOST', `[my.isp.relay.server]')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl

INPUT_MAIL_FILTER(`spfmilter',`S=unix:/var/run/spfmilter.sock')dnl
INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass-milter/spamass-milter.sock, F=, T=C:15m;S:4m;R:4m;E:10m')

define(`confMILTER_MACROS_CONNECT',``b, j, _, {daemon_name}, {if_name}, {if_addr}, {client_addr}'')dnl

define(`confMILTER_MACROS_ENVRCPT',``b, r, v, Z, {rcpt_mailer}, {rcpt_host}, {rcpt_addr}'')dnl

INPUT_MAIL_FILTER(`milter-manager',`S=unix:/var/run/milter-manager/milter-manager.sock')dnl

INPUT_MAIL_FILTER(`dkim-filter', `S=unix:/var/run/dkim/opendkim.sock, F=T, T=R:2m')

define(`confCW_FILE', `-o /etc/mail/local-host-names')dnl

define(`confBIND_OPTS', `WorkAroundBrokenAAAA')dnl
define(`confNO_RCPT_ACTION', `add-to-undisclosed')dnl
define(`confPRIVACY_FLAGS', `authwarnings,noexpn,novrfy')dnl

MAILER(local)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl

I've tried adding From:gmail.com RELAY and To:destination-host-for-the-forward-to-address RELAY to the access file, adding the destination-host-for-the-forward-to-address to the relay-domains file in order to try to fix the first issue, but no difference.

We have an web application running on Tomcat 6 (on WS2K3) which is updated every week as of a new release. Currently, we have a very simple batch script that every night checks the content of one folder on the server, if a war file exists it closes the Tomcat service, removes the old application directory and war file, and we put a new war file in there and bring the service online again.

While this works OK and we're experiencing less than 5 minutes of downtime each of these deployments, growing business needs make us look for another solution.

The best solution I can think of would be to put a load balancer/proxy in front of the webserver, add another webserver for staging and load balancing, and during deployments disable one of these hosts in the load balancer configuration, deploy, then redirect all traffic to the webserver with the new version and so on.

Problem: I have no experience of these kinds of solutions and very little around these topics, if anyone could point me in the right direction in terms of solutions (is this even a good way to achieve near-0-downtime and flexible deployments?) or names of software (free are best, but proprietary is fine as well) that would be very appreciated.

I've often thought about why there aren't any diagnostics manual on a very broad level, a counterpart to the medical DSM-IV/ICD-10 manuals. From a troubleshooting perspective, the work of an investigative technician would be very much a like that of a physician: Gather information about the problem, investigate root cause and diagnose, provide information as to why the problem has occured, what is normal behavior and resolve it.

I would assume that a computer technician has better capabilities of understanding an IT problem since we've created computers and have defined how they should work (unlike medicine, which we're still learning many fundamentals of). If this assumption is correct, I imagine that it's possible to write such a manual that would also be very precise/exact.

So my thoughts are: Would it be beneficial to compile such a manual? Are there any obvious problems I've missed that makes this an impractical idea? Why haven't this already been done?

Let me start by saying that if I've missed out on some very basic papers, KBs or anything, feel free to link me in the right direction. I've checked some threads here and haven't found the answer to the questions I have.

I've created a simple script as per MS example for full backup (stsadmin with full backup option to a network drive). Now to the question:

Scenario: We have some kind of disaster destroying this server. How do we get it up again together with the content? I've gathered that the stsadmin tool backup everything important in terms of content and such, but what about settings and WSS itself? Would I just to install a new server with IIS, WSS 3.0 with the same configuration settings added as during the first install etc., and afterwards run the stsadmin tool to restore data, or am I missing anything here?

Thanks in advance.

We wish to enable some form of load balancing for a Tomcat webapp we're currently using today. Unfortunately, I know almost to nothing about Tomcat load balancing, clustering and so on.

Can anyone share resources that cover the different alternatives, give some handy pointers (maybe some solutions work better in certain types of environment?) or just some tips on solutions to try out? We're currently running Tomcat 5.5 if that makes any difference in features, however no critical obstacles for upgrading to 6.

We're currently in a situation where a Tomcat service is being brought offline by a batch script each night (or at the presence of a war archive, at least) in a Windows clustered environment.

The problem is that when Windows shuts down the tomcat service, it does not do so gracefully. This could mean (and has multiple times) that a service is listening and being used during the shutdown, alas terminating abnormally - or as in our case, we want to deploy a new webapp with the same name, but a jar file is being locked due to being in use.

Does anyone know of a nice way to gracefully shutdown the Tomcat service in this kind of solution? We're running Tomcat 5.5.

We've previously installed MS SQL Server 2005 in a fail-over cluster environment on two servers. After a major failure this weekend, the whole cluster has been recreated, but all the services are missing.

Does anyone know exactly what services I need to re-add in order to get MS SQL Server 2005 to be failover clustered again? I've taken a look at the services list, but there are too many services that I know -did not- belong in the cluster administrator.