Snafu.org.uk

Had a meeting about the new Print Accounting system today (Papercut). Mainly to check progress (slightly behind) and to make sure we haven’t missed anything. Things seem to be progressing fairly smoothly at this stage, which is good.

Also spent some time helping Q&A with a query about mail scanning. Looks like the document I wrote nearly a year ago is finally going to be published so that users have an idea about exactly what the mail system does and does not allow.

Spent a good hour updating Kentmail Sun cases and closing the ones that patches have fixed. Deployed a test CE patch to the testmail system and did some basic testing to ensure it fixed the bugs it was meant to. Handed over to testers for more extensive testing before deployment on the production.

Spent an hour or so today reconfiguring the external mailhubs with the new simple config. No complaints so far so I guess it’s working That was my main task of the day, spent the rest of the time doing Remedy queries and catching up outstanding emails which is pretty common for a Monday. Left at 16:00 as it’s my cover night, which was nice and quiet as usual.

Spent the day doing mostly routine stuff. Big backup day as it’s Friday so I spent about 2 hours over the course of the day shuffling tapes, making sure the libraries were stocked for the weekend and putting the used tape in the firesafe. Need to run a recalibration on the Vishnu jukebox when the backups have finished as the picker alignment seems to have gone out of whack when picking tapes from the caddy. Have to see about logging a call if it does it again.

Badminton at lunch, good games as usual. We’re trying out the new scoring system which runs to 21. Doubles took a bit of getting used to but only having a single serve per side seems to make the game fairer and more dynamic. Won 2, lost 1 if I remember rightly. Used some feather shuttles again which I love, though as they get destroyed quickly it could become rather pricey

My new exim config seems to be working well, other than a slight hiccup with the spam routing for the test mailhub which is now fixed. It got missed out of the new config as the two configs that were running weren’t in step as they should have been. This is the major reason that I’ve moved to the one config model as it makes configuration easier and less error prone. Also simplified the creation of virtual domains so that we no longer need to edit the exim configs to add a new one. Now you simply add the domain name to one file and create another file to hold the aliases and the routing happens automatically. Switching this from text files to a DB or LDAP would seem like a good plan for the future though.

Started off today going through my email to answer all the queries I get emailed instead of going into the helpdesk system like they should. Queries I get this way tend to be forgotten for weeks as the helpdesk system prods me and my email doesn’t. Still, after an hour of answering and deleting my inbox is once again a fairly sane size.

We had a short powercut today as well (apparantly affected most of Canterbury). It was enough to get our PCs to reboot but thankfully the UPS saved any of the critical services going down though it did highlight a couple of machines that need putting on the UPS. Nothing mission critical thankfully. As usual we’re putting together an incident report, though one issue today highlighted is the need to control access to the machineroom during an incident. Everyone and their dog wants a piece of the action which make our job checking equipment and the environment more difficult.
The only major problem is that some of the cardlocks have packed up. They failed safe into secure mode but it’s still a pain in the arse and worrying they haven’t survived a fairly minor failure…

Once the excitement was over I spent the afternoon  tidying up the Exim config on our mailhubs. The University was a very early adopter of Exim (pre V1 ) and has been running a continually upgraded version of the config for years. This meant that it was beginning to get seriously unreadable and not very efficient as some of the things it was trying to do were pretty much obsolete.
I therefore spent the afternoon pruning, commenting and adding various things to the config to bring it into the 21st century. Another bonus is that I’ve managed to get MailScanner to user a single config file instead of the two it was using before and we now only spawn two master exim processes instead of three.
I’ve also added in a load of resource handling config so that the service will degrade gracefully under load and hopefully offload some onto it’s siblings.
After some testing offline I’ve now bought the config into service on a single hub for testing. All seems to be fine and relay testing pronounced the hub secure so I haven’t accidentally opened us up. Provided all goes well overnight I’ll deploy the config to the rest of the hubs tomorrow.

Now that this basic work is done I’m thinking more about the other changes I want to make. These include

• Better virtual domain support - Needs to be more dynamic than text files, maybe ldap integration?
• Block more extensions at rcpt time - If we do this earlier, rather than later as we do now, it will save a lot of processing time
• AV scan at rcpt time - Dump the viruses before we even accept them.
• Block on certain RBLS or spam score at rcpt time - Dump really obvious spam before we accept
• Graylisting - May help somewhat, has had success in the library

It’s nice to actually get a little bit of time to sort Exim out, I’d forgotten how flexible and powerful it is. Maybe it’s time for another Exim course this year

Had a meeting over at the print unit today to discuss the image library project. I built the original box some 18 months ago but the project stalled for some reason. The people behind it have now got it going again so a meeting was called to try and find out a bit about the technical aspects. Thankfully it all seems fairly straight forward and from the ops point of view we just need to do routine admin and patching, which is good.

The meeting lasted from 10:30 till just before lunch. Badminton at lunch and then a hospital appointment straight afterwards until 15:30. Finally got some proper work done in the afternoon, mainly catching up on Remedy queries and sorting backups out as it’s my week.