Taking Centos8 down for imaging.

     I will be taking centos7 down for approximately 1/2 hour to image the server (a form of backup).

     I decided to remove the Slackware from the shell servers today.

     1) It was not being used, about a month between logins on average and then only brief logins.

     2) It was not being maintained.  I’ve seen no updates for a long time.

     3) I could not get x2go to work on it.  There have been problems since it’s installation and they are not being resolved.

     4) It works only with non-GPT partition tables, and this precludes using boot-repair if something goes wrong.

     5) It uses the lilo boot loader, also precluding the use of boot-repair if something goes wrong.

     In short it was a lot of effort to maintain.  If it were getting used, I’d make that effort, but it was not.

     I needed to re-install ssh server on ubuntu.eskimo.com because there was a problem with the existing installation that caused it not to re-start automatically upon reboot.

     The result is the openssh encryption keys will have changed.  You can remove the old key from your .ssh/known_servers with:

     ssh-keygen -f “/home/nanook/.ssh/known_hosts” -R “ubuntu.eskimo.com”

     You will also be prompted if you use x2go.  Do not worry, this is NOT a man in the middle attack, it is simply an installation problem that needed to be corrected.

     The shell servers centos6.eskimo.com and scientific.eskimo.com have reached end of life and so have been retired.

     You can use any of the servers listed here:

        https://www.eskimo.com/services/shells/servers/

     I personally recommend ubuntu.eskimo.com or debian.eskimo.com.  These two have the widest assortment of software available.

     I was unable to get the locally compiled version to even run so now I am restoring the mail server from an earlier known working backup.  This may take up to 30 minutes.

     Postfix is acting up on mail.eskimo.com, I do not know if this is because of an update or exactly what is wrong.  Specifically, it is rejecting some clients even though I have explicitly told it to accept SASL authenticated clients regardless of EHLO status.  This is causing issues when sending e-mail from some phones when the IP address assigned has no inverse DNS OR when it is running off of WiFi and using a NAT address instead of a real IP address.

     I am attempting to compile the latest postfix which has a number of bug fixes after the version that Ubuntu supplies to see if it will correct this.  Also compiling the latest openSSL as the Ubuntu version is one release behind and does not have all the latest encryptions.  There will be some interruption of outgoing mail service as it will be necessary to remove the Ubuntu version before installing the locally compiled version.

     The additional spam filtering did not do as much as I had hoped, or for that matter as SpamHaus had suggested that it would.  I will continue to look for other ways to reduce spam.

       We will be implementing some new spam filtering capabilities from Spamhaus that I hope will increase the effectiveness of our spam filters.

     These consist of a domain reputation black list and an IP based system that will prevent our mail server from being used by spam botnets when credentials are compromised which should reduce the incentive for same.

     The existing blacklists incorporated in SpamAssassin are all IP based, but spamassassin 3.3.1 made available domain based black lists and SpamHaus has incorporated these.  We will be doing so shortly.  As before these won’t outright reject but rather divert mail identified as spam into your spam folder.