Tuesday, December 25, 2007

PMX spam filter server and recieve emails for multiple domains in your exchange server

Recently, we receive alert from ISP about mail latency. Check Exchange server logs and everything looks fine. Compare logs. The process time between PMX and Exchange is quite short. In this case, either spam filter or routing is the source of the problem. Double check and no one has made any changes to the router.


Check the PMX server. The load and iostat is high. Looks like the bottleneck is on the local disk. Increase memory does not really help. The only other option is to take the database out and migrate it to another server. However, we don't have enough space in the rack since we plan to retire one more rack. We get an appliance from Sophos ES4000. Very easy to setup. Once installed, no more performace issue.


We only config inbound email pt to the appliance. Outbound email will bypass the appliance. Basically make sure routing is setup correctly (point to your exchange server). If you are config to receive emails for multiple domain, make sure include those domain in the PMX config. No more sendmail.mc, pmx.conf modification and recompile. Other than routing setup on the appliance, make sure you have MX record setup correctly on your DNS server and ISP. Also, make sure your recipient policy in your Exchange server include the other domains you are going to receive emails in your Exchange server.
For example, your company has a domain called first.com. Your Exchange server is config to receive email sent to first.com. However, you register another domain for your other product called second.com. You can receive emails sent to second.com on your Exchange server. First, contact your isp to add a MX record (may take 1 to 24 hrs to replicate). Then go to your DNS server (most likely ur DC and add the MX record) . Basically, point the MX record for second.com to your exchange server for first.com (for example, mail.first.com). Add second.com to the accepting mail domain in your PMX appliance. Lastly, goto your Exchange server default recipient policy, add SMTP for second.com. Force update the recipient policy so you can receive emails immediately for your second.com.


Posted by at No comments:
Labels:

Timeout on HBA

If you see Event ID 129 for your HBA as well as path connection drops by failover software,

The description for Event ID ( 129 ) in Source ( elxstor ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: \Device\RaidPort1.

Check your HBA driver, switch firmware and failover software. Also, make sure the SAN controller firmware is in support matrix. Sometimes, you may need to check the HBA settings to make sure those are supported by vendor. There are chance you may need to reapply firmware on HBA. Compare switch logs to see if GBIC requires replacement.
Posted by at No comments:
Labels:

Storport vs SCSIport

If you use some older HBA, you will see there are two sets of drivers; storport and SCSIport. Bascially, Storport provides better I/O performance and widely used for new HBA.

For old HBA, you can try to use Storport. However, SCSIport is more stable.

Here is the Microsoft article
http://download.microsoft.com/download/5/6/6/5664b85a-ad06-45ec-979e-ec4887d715eb/Storport.doc
Posted by at No comments:
Labels:

Tuesday, December 4, 2007

Security Configuration Wizard for Windows 2003 SP1

Security Configuration Wizard for Windows 2003 SP1 is a very handy tool to config security on Windows 2003 server with at least SP1 installed. I find out a lot of ppl don't know about this tool. Search the internet and find an introductory article about SCW.

The tool helps you config firewall, audting and services......

http://www.windowsecurity.com/articles/Security-Configuration-Wizard-Windows-Server-2003-SP1.html
Posted by at No comments:
Labels:

Registry fix for Windows 2000 server

It happened more than a month ago. We had a Windows 2000 server which would be retired. It crashed in the weekend. Most of the important roles were migrated. However, our diesel backup power generator connected to this domain controller. So, I have to get it back up and running because my manager cannot locate the monitoring software for the backup power generator.

I tried all the startup mode such as safe mode and it refused to boot with a bluescreen. Checked the backup logs over the weekend. Seems like the disk was bad. Eventually, I try the registry fix for Windows 2000. There is a warning some of the data may be lost when using the tool. However, we don't have any critical info. So we goto the following site to download the tool.

http://support.microsoft.com/kb/830570

We get it back up in 30 min.
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)