Welcome to Pegasus Mail & Mercury Sign in | Join | Help

Peter Strömblad

Peter lives in Sweden and is an independent contractor with hosting services.
Browser performance

Today a user called and complained, that their WebMail is so slow and they want another solution.
That's a normal reaction.
There's always something better isn't there? - or - the analogy - my computer is weird, let's re-install !

NO - as a sysop, technician, programmer and curious one too - I always want to look under the hood. As a teenager I did take things apart, frequently too, resulting in a number of loose screws when trying to reassemble an old car, my bike, the lawnmover, chainsaw, another lawnmover - and so on.

SO - what to respond to the end-user with the slow webmail. They do experience a problem, and of course there is a solution, or multiple - but first what is the cause or causes? Without knowing the cause, why take action.

EXAMINE - is what I did. The inbox contained 650MB and thousands of e-mails - over IMAP - now that's slow no matter what server/client solution we'd choose. Other reasons, massive amounts of folders.

CURE - Organize!, throw out the old - do a traditional cleaning. No one likes to live in a mess, with years of old stuff - that's why we clean our homes regularly. So keep the inbox clean, only with the messages that you need to work with/reply to. Catalog the rest, off the server in the client imap. If you worry about backup - you can always synchronize a local client IMAP folder with the server folder at any time.

BROWSERS matter too - and in this case, as well as with this community site - webmail today depends heavily on javascript. So I did a quick search, and remembered a company name/brand (dunno) futuremark that we used way back to benchmark. And they showed up with this do-it-yourself test at http://service.futuremark.com/peacekeeper/ which I couldn't resist in testing. The traditional overall results rank the browsers like this:

but is that really interesting to me? -

NO - what I use is not javascript graphics to any extent, but data and text. So the community index is much more interesting (besides compatibility of-course) and then the results are quite different. So here comes my rank:

Rank Browser CommunitySpeed text parse data average FutureMark Total
1 Safari v4.0.2 1732 2557 2880 2390 2129
2 Chrome v3.0.195.6 1662 2455 2455 2191 1789
3 Opera v10.0 1591 969 489 1016 1138
4 Opera v9.64 1490 476 503 823 836
5 Firefox v3.5.2 1302 895 1663 1287 1196
6 Explorer v8.0 504 561 424 496 480

FINALLY - does the javascript perfomance mean all? - no of course not - many more aspects of your favourite browser is of importance, and they're not all that compatible with standards, and thus behaves differently. But the test shows one very interesting aspect - different browsers do different things with differing speed and quality, and since we have the possibility to choose, why not choose the tool in each circumstance that does the job best, especially since they do not cost you a thing.

Network efficiency and spam fighting

We have Symantec SMSSMTP, as our mx hosts - charge nothing for the service, and it has filtered a total of 96% spam, straight down the waste bin. Does it do it's job? Sure does! - Should I complain? - yeah, because I expect more from such a costly product.

There hasn't been one false positive, still I'm bugged when my users get anything from 1 to 10 emails a day, from themselves, or the dreaded UPS tracking numbers - we seldom use UPS here, or when I get 30 spam messages in Swedish, that wasn't tagged because the reputation engine is tweaked for English words ... Our users are bugged to, but especially buggered am I when I need to administer the darned thing - it draws an enormous amount of resources. Even with 2GB of RAM, I still can't configure the thing without turning every processing module off.

I'll also be very honest, I haven't tested Lukas bayes filters, nor graywall or Clam. I bet they work ok, but as I understand - and this may be wrong - we host so many domains that it is impossible to work with domains manually, and SpamHalter needs domain administration manually and has no reputation service, and you need to combine it with some form of free dnsbl, and all lack dns spoofing controls, or reverse lookups, or spf configurability, - also Mercury lacks native support to relay domain based e-mails inbound/outbound - and again, there exists a daemon for this that made the light recently, but I feel I need something that I can operate easier, and also integrate with our back-end administration. - So in this area, for critical inbound e-mail traffic/filtering there is no cost effective solution in doing the labor manually each day - my users would definitely leave...

This leaves me to choose a box or virtual server product from Cisco, Symantec or others that I do not know much about yet.

So I was invited to a seminar in Malmo for a Swedish product, marketed all over the world, that on the surface looks like just the thing. In my world we've historically said, ok can test, or - ok looks good but we'll wait, and then at last ok - now it looks like it is usable. Meaning, it takes a darned long time to make something not just work, but also be usable - anyone remember Windows 98? - or maybe I should call it Sindows 98, because when Windows 98 SE came, that was something else - then Windows 98 was actually better than Windows 95.

So the products I'm talking about is the spam prevention gateway from HalonSecurity.Com. On the surface all looks good, but I'll cut straight down to the core - when they start talking teckie-limbo, I follow - and this is where I either leave a seminar or stay. In this case I understand the potential fully, as I totally understand and appreciate the technology they have invented behind the scenes. The Halon programmers have implemented their long time standing firewall technology into the spam prevention box, combining the two worlds into one. This is the same as a total integration of GrayWall and connection control into one single layer. Now if you think that's something, then I'd say that wasn't what blew my chimney - it was the fact that they rotate the connection pool, come again? - ! -- They rotate the connection pool, meaning they implement token ring ideals at the connection level - and this makes it impossible to DDOS the appliance. And, if that doesn't blow your chimney, then the entire configuration and management is reachable via SOAP - and that I know I can integrate - just like the Borg, assimilated it will be.

So in respect to any server based product, like Mercury, you can compare the connection control mechanisms in place in Halon - that exist uniquely for each module in any "normal" Mail server product, that you combine them all into one, with one single point of administration, rule set and monitoring. It is one base layer that has one sole purpose, to receive traffic - or reject it based on rules, static or cached, - and send the prompt response. As all of you know, the prompt response can be delayed, and this is where the second layer comes into play, that determines if the packet content is valid - be it obscure packet data, or wrong authentication, then send the prompt response.

As a side note; I'm very seldom blown or impressed today with software innovations, but this spam prevention gateway product is defenitely worth a test run.For all you who know about cultural differences, Swedes in general are not a competitive people, and this applies here as well. I promise it's worth a look.

 I can't wait to get my hands on it for a full scale test as front for our Mercury installations, our Symantec licens expires soon...

 Cheers / Peter

Software Development - this is how it works!

Suddenly it's just there, the latest creation of software with an incomprehensible help file and all possible legal statements about on your own risk as the result of a completely quality proven product. What you actually get, is the result of the following:

  1. The developer creates what he thinks is bug free code.
  2. The program is tested, and 20 bugs are found
  3. The developer corrects 10 bugs and declares that the remaining 10 are actually not bugs.
  4. The testers realizes that five of the fixes does not work, and finds another 15 bugs.
  5. Back to item 3...
  6. Back to item 4...
  7. Back to item 5..
  8. Back to item 6..
  9. Back to item 7..
  10. Back to item 8.
  11. Marketing department now demands release based on their much too early press-release, so the package is delivered.
  12. Early adopters identify 137 bugs....
  13. The developer has already gotten paid, and has left the building.
  14. A temporary development team co-operates and resolves nearly all bugs, but in the process they create 456 new ones.
  15. The testers get a postcard from Bali - from the developer. All testers resign.
  16. The business is sold to a company who made their profit from their latest creation, with 789 bugs....
  17. The board hires a new CEO, who hires a developer ready to develop from scratch.
  18. The developer creates what he thinks is bug free code...
CeBIT Fair - Quick Review

I'm just back from the CeBIT fair in Hannover, Germany.

 

The CeBIT fair is good as motivator - sometimes you find something extremely interesting, but most of the times you look at who/what is progressing, what companies are flashy/healthy and what the upcoming trends are.

 

This years trends are very visible, despite the loss of 25% exhibitors and 20% visitors, the exhibitors still complain about all the youngsters demanding chocolate, but the trends show - environmental awareness is growing, internet services are more and more important, still young and vibrant, and the third major area is security.

 

The fun thing about this, is that both Pegasus Mail and Mercury MTA appeals, to all three areas - which is something we should piggyback ride on. Mercury is extremely lean on resources, it's very secure, we can use wordings like "intelligent". The only area where Mercury needs to be smarter, is SPAM treatment. Lukas modules are all fine, but soon it is time they are interwoven per default and adapts to collective learning. We're fighting against appliance with this, and the appliance is a black box - self adaptive etc, and Mercury can be that too - it would in the next year be *the killer combination* if SpamHalter+GrayWall+ClamWall+Mercury became one product, f.ex. with NOD32, who had the most interesting sessions (Symantec wasn't even there...)

Live every day - as it's an important day!

Early this morning I got the message that a very close friend got hit by a car on her bike road to work yesterday morning. She sustained such severe trauma to the head that she died. She leaves husband and small children. The driver was temporary blinded by the rising sun, driving his two kids to pre-school.

Life is fragile, but we tend to think we are all immortal until something really painful comes too close. This accident came too close, and my thoughts wander astray to the driver, his wife and family, their innocent children, and Margaretha - her family, father, mother, brother and of course husband Jonas and their innocent children.

So - be friendly and nice to your next and do the things you love to do - because life is fragile.

/Peter

http://sydsvenskan.se/lund/article375811/Cyklist-ihjalkord-i-Lund.html

Repetitive work in SQL

Just wanted to share the two SQL scripts I produced last week. They are stored procedures that create standard looking CreateUpdate and Get procedures for any given table in SQL-Server. I've published the scripts at sqlservercentral.com and they are free to use and tweak.

Stored procedure mkProc_CreateUpdate

Stored procedure mkProc_Get

Here is a brief description for both of the procedures

mkProc_CreateUpdate v1.0 (c) Petena AB 1993-2008, http://www.petena.se/, http://www.praktit.se/

 Creates stored procedure of given table name for the purpose of adding or updating a record
    Primary keys are to be set to null to trigger the insert, and the key is returned.
    Signals null/not null and default values.

    Input Params:
        @_tableName - the table you want to script
        @prefix - add string here if you want your stored procedure name prefixed, like 'sp_'
        @AddParams - add additional parameters to the stored procedure call
        @DoCreate - true/false : when true the stored procedure is created
        @Debug - true/false : true only works when @DoCreate is false, presents all internal tables
    
    Example: Exec mkProc_CreateUpdate 'Orders', 'crm_', '@userID int,' false, true

C# Null, DBNull and Entities

I've been working like mad to get my 3-tier construction to work. As I'm not all that great in C# yet, I delightedly discovered that C# supports nullable types. Now finally I can match my database constructions with a proper entity in code, and as well build the business layer so that it deals with the values as it should.

Some of you know that a relational database is perfect when it comes to relating a drop down with a key value, then fetching the meaning of the key value from the related table. But if the drop down hasn't been selected, you should not store an arbitrary value - you store NULL = unknown.

Now I came across a tool with source from Rick Strahls weblog, called DataRowGenerator. I've managed to alter this so that it now suits my needs by creating one entity file for each datatable. Below is a sample of the code that the program now generates automatically for all my 54 tables.

Here are some reference links that you may find useful.

http://blogs.msdn.com/thottams/archive/2008/06/30/dbnull-and-nullable-types.aspx
http://sab39.netreach.com/Blog/Blog/12/vobId__172/pm__18/
http://www.codeproject.com/KB/architecture/three_tier_architecture.aspx
http://west-wind.com/weblog/posts/147.aspx

 

/* ArtikelGrp.cs (c) Petena AB 1994-2008, http://www.petena.se, http://www.praktit.se


DEVELOPMENT HISTORY: ******************************************************************************
v0.01
  20080825 PiS -> Start

BUGS & NOTES: *********** ( !=Warning, +=Additions to be made, -=Comment ) ************************
  - 
 */

using System;
using System.Collections;
using System.Collections.Generic;
using System.Data;
using System.Data.SqlClient;

namespace PraktIT.CRM.Data {

	[Serializable]
	public partial class ArtikelGrp {
				
    #region Private Members
		  private Int32? _ID = null;   //  
		  private Guid? _UID = null;   //  
		  private Int32? _ArtikelGrp_ID_Parent = null;   //  
		  private Int32? _Nr = null;   //  
		  private String _Kod = null;   //  
		  private String _Namn = null;   //  
		  private String _Titel = null;   //  
		  private Boolean? _Aktiv = null;   //  
		  private Guid? _Firma_UID_Owner = null;   //  

    #endregion

    #region Public Properties
        public Int32? ID
        {   get { return _ID; }
            set { _ID = value; }  }

        public Guid? UID
        {   get { return _UID; }
            set { _UID = value; }  }

        public Int32? ArtikelGrp_ID_Parent
        {   get { return _ArtikelGrp_ID_Parent; }
            set { _ArtikelGrp_ID_Parent = value; }   }

        public Int32? Nr
        {   get { return _Nr; }
            set { _Nr = value; }  }

        public String Kod
        {   get { return _Kod; }
            set { _Kod = value; }  }

        public String Namn
        {   get { return _Namn; }
            set { _Namn = value; }    }

        public String Titel
        {   get { return _Titel; }
            set { _Titel = value; }   }

        public Boolean? Aktiv
        {   get { return _Aktiv; }
            set { _Aktiv = value; }  }

        public Guid? Firma_UID_Owner
        {   get { return _Firma_UID_Owner; }
            set { _Firma_UID_Owner = value; }  }


    #endregion

    #region Populate
      public static ArtikelGrp Populate(IDataReader dr) 
      {
        ArtikelGrp _ArtikelGrp = new ArtikelGrp();
        Populate(dr, ref _ArtikelGrp);
        return _ArtikelGrp;
      }

      public static void Populate(IDataReader dr, ref ArtikelGrp _ArtikelGrp)
      {
        _ArtikelGrp.ID = dr["ID"] as Int32?;
        _ArtikelGrp.UID = dr["UID"] as Guid?;
        _ArtikelGrp.ArtikelGrp_ID_Parent = dr["ArtikelGrp_ID_Parent"] as Int32?;
        _ArtikelGrp.Nr = dr["Nr"] as Int32?;
        _ArtikelGrp.Kod = dr["Kod"] as String;
        _ArtikelGrp.Namn = dr["Namn"] as String;
        _ArtikelGrp.Titel = dr["Titel"] as String;
        _ArtikelGrp.Aktiv = dr["Aktiv"] as Boolean?;
        _ArtikelGrp.Firma_UID_Owner = dr["Firma_UID_Owner"] as Guid?;
        }
    #endregion

	}

	public class ArtikelGrpDataProvider : DataProvider {

  #region Get using Select
    public ArtikelGrp GetArtikelGrp(Int32 ArtikelGrp_ID)
    {
      SqlConnection conn = new SqlConnection(ConnectionString);
      string _SqlCmdTxt = "Select * FROM ArtikelGrp WHERE ID = @pk";
      SqlCommand cmd = new SqlCommand(_SqlCmdTxt, conn);
      cmd.Parameters.AddWithValue("@pk", ArtikelGrp_ID);
      conn.Open();
      SqlDataReader dr = cmd.ExecuteReader(CommandBehavior.CloseConnection);
      if (!dr.Read())
      {
        dr.Close();
        conn.Close();
        throw new Exception("ArtikelGrp not found!\r\nID = " + ArtikelGrp_ID);
      }
      else
      {
        ArtikelGrp _ArtikelGrp = ArtikelGrp.Populate(dr);
        dr.Close();
        conn.Close();
        return _ArtikelGrp;
      }
    }
  #endregion

  #region Get using Stored Procedure
    public ArtikelGrp GetArtikelGrp(Int32 ArtikelGrp_ID, Guid Person_UID)
    {
      SqlConnection conn = new SqlConnection(ConnectionString);
      SqlCommand cmd = new SqlCommand("sp_ArtikelGrp_Get", conn);
      cmd.CommandType = CommandType.StoredProcedure;
      cmd.Parameters.AddWithValue("@ID", ArtikelGrp_ID);
      cmd.Parameters.AddWithValue("@Person_UID", Person_UID);
      conn.Open();
      SqlDataReader dr = cmd.ExecuteReader(CommandBehavior.CloseConnection);
      if (!dr.Read())
      {
        dr.Close();
        conn.Close();
        throw new Exception("ArtikelGrp not found!\r\nID = " + ArtikelGrp_ID + "\r\nPerson_UID = " + Person_UID);
      }
      else
      {
        ArtikelGrp _ArtikelGrp = ArtikelGrp.Populate(dr);
        dr.Close();
        conn.Close();
        return _ArtikelGrp;
      }
    }
  #endregion
	}

}
 
Codename: Madmin

The time has come to start a long awaited project!

Madmin is my codename, until someone has a better name for it.

Madmin is short of Mailserver Administrator.

All the way back from 2000 we've administered our Mercury installations through a web interface, with a SQL-database and a separate program called MercurySynch.

Madmin's objective is to replace MercurySynch.

As such, it will be:
1. a webservice
2. utilizing IIS
3. directly manipulate one or more Mercury/32 Mailservers.

Our old MercurySynch polls the database at 20 minute intervals, but a webservice with direct access will do its work directly when called upon.

A webservice has the benefit that it is a stand alone application, and can just as Rolfs HTTPServer start, stop, pause, reload any instance via Windows Messaging. Designing a webservice also has the benefit that it is fairly easy to create administrational modules for that can be integrated into larger packages, or created as a stand-alone Mail Administrator web-site.

How do we begin?

Well, the only way to start is to iron out the relational data model. I have a few requisites:
1. Multiple Mercury installations has to be supported
2. Multiple domains
3. Local users, tied to organizational entity
4. Domains, tied to organizational entity
5. Alias handling
6. Relay
7. Autoresponders

Anything missed?

If you feel you want to be part of this, or if you have expectations or valuable input - now is the time to put that forth in the notes to this post.

Tool and reporting.

As I go along, I'll post my thoughts here - and I'll also update this space regularly as I make progress. When there is something to test I'll share it in the downloads section here at the community. I know we will later get into design issues, as well as PDA support for a proper and sleek Mail Server Administration web site. The tool I use is Visual Studio 2008 and the language will be C#.

You know Windows Update is flawed - don't you?

Automatic updates of software are good - aren't they? Well I'd answer yes in normal cases, but anything that is automatic can behave in ways the creators never imagined. So it is with fire alarms, burglar alarms, and of course with computing. This patch tuesday from Microsoft contains quite a number of fixes. Some that are very important to servers, regarding name resolution. However smart we are, automatic updates are not enabled on our servers - we consider them too dangerous - since in the past some driver updates have caused machines never to start again.

And so it happens - again. And now, with virtual servers running on top of the base server - when updates fail, you render three-four five or even eight machines stranded.

What happened then, why doesn't the server start as it should? - well it does, but just barely. I've never seen windows so inoperable that not even a task monitor is accessible, not even in safe mode. A small clue exists on sys\windows in the file WindowsUpdate.log - that is accessible over the network. It states

2008-08-17 10:19:44:472 4328 1594 AUClnt WARNING: Shell_NotifyIcon failed (dwMessage=0x0, uFlags=0x3, hr=0x80070002)
2008-08-17 10:19:44:472 4328 1594 CltUI FATAL: Failed to show client UI, directive=5, hr=80070002

Aha, something in the windows shell isn't starting as it should. And with the debate of removing Media Player from windows, since explorer is so tightly integrated, led me to investigate - what changes were made to explorer this time. Within KB953838-IE7.log I found it. It says:

6.937: DoInstallation:AnalyzeDiskUsage failed

Aha - so the sys volume ran out of disk space during the install - and let's not bother with the why or how at the moment. The reason I state that Windows Update is flawed, is that it requires a re-boot for some operations. This Patch Tuesday's pack of files required a re-start, and between the update and the restart, that continues the installation - disk space ran out. Sure, yes it probably did - but when updating really cruical files, shouldn't this be checked before? In fact it does, but the limit of free space is too tight - and there you have the result - a server heavily depended upon - needs to be re-installed.

Well, then, why wasn't 16 GB of system space enough? Because of all darned copies that Windows generates. In the Windows directory there are hidden KB directories. Besides these you have another directory called ServicePackFiles and another directory with files. Only the Windows directory contains more than 8 GB of files today, on a server that was installed december 2006. That is insane. To the downfall, we support many systems, older than some of my boys. When they we're installed with RAID controllers and high speed SCSI drives disk space was quite expensive and a total 32GB server system was considered more than enough. Some of the directories are safe to delete, some are not - and I haven't found any official information from Microsoft on how to conserve system volume space. If anyone has, please let me know.

So for the time being, take this advice if you run cruical machines:
Make sure you have plenty of free space on you system volume before running Windows Update aka Microsoft Update.

....

and now on to the task of backing up all drives (just about a terabyte of data.... - sigh)

arrrrgh web apps

Writing apps for the webb is a challenging task. What takes a normal hour when creating "normal" apps takes four times when working a three tier webb-app. There are simply so many pits you can fall in.

In any case I thought I'd share some very interesting read-up.

First of all, creating forms: Read up on Rick Strahl's excellent piece at msdn: http://msdn.microsoft.com/sv-se/magazine/cc163505(en-us).aspx

Then dwelve down into his weblog and you'll find an absolute excellent tool on how to create the windows classes directly from your database: http://www.west-wind.com/WebLog/posts/147.aspx.

So, after that we're on to Ajax. The resource for that is naturally http://asp.net.

There's a lot more. One needs to familiarize one self with css (zen-garden is excellent), sql calls, stored procedures, java-script, cookies, performance issues and not to forget loose binding. A web-app is always in a "new" state - there is very little you can do to compensate for the round-trips to the server side.

In the future I hope to share code when I get to hacking a Mercury web-service.

cheers for now / Peter

Time off

Imagine doing whatever you love most, 24 hours a day - how long would you be able to stay awake? My body and mind defenitely needed a good rest. Summer 2007 was the WORST summer I can remember. The first day my Wife (who has an ordinary job as a mech. constructor) got off for vacation was nice, but the following five weeks - the rain was pouring down. So I worked.... - This winter wasn't any better. The WARMEST winter ever in Sweden overall. Meaning, instead of snow we got .. - you guessed it - RAIN.

The day we left was finally a day of snow. Winter has normally passed by march 17th, but not this year. So on slippery summer tires, the car drove slowly at 0300h towards Copenhagen Airport. We we're going to Tenerife!

Of course the flight was delayed! What do you do with three small children (2,5,9 & ½all), and a wife who is terrified of flying, in an airport, when they are over-tired from having gotten up at 2.30 am - when your flight is delayed until lunch?2 Kids a sleep on the floor
Yep: You let them sleep on the floor !!! - at the gate!

Well, once we got there  it took a good week for us all to unwind, and another to recharge. One can say a lot about going on a charter trip, with Coco the clown entertaining the kids at 2000h - it is relaxing - especially since the TV is dubbed in a completely incomprehensible language (Spanish). What you do is fall asleep with the kids, in the middle of a bed time story, a long long time ago, in a galaxy far faaaaar aaaahhhh.....

Teide Daniel at the beach

At the firm we're not too many people, and my responsibility lies with the servers. Compared to the early 90s properly configured servers aren't likely to crash from hardware issues. It certainly pays off to get fault tolerant memory, redundant disks and redundant networking. Above all, is to stray off from wanting to put too much into one single server. Therefore on our E-Mail servers we tend to put nothing else, than just Windows, Windows Firewall, and an Antiviral program (currently NOD32). We also limit the rights of the auto-login account, so that it can't do any harm to the rest. Besides this we have a separate inbound email server that does all the anti-spam and anti-viral treatment. By far the Mercury/32 we run today is the steadiest software I know.

However getting a Windows Mobile phone to work IMAP over GPRS wasn't all that easy, I can see that as a pro on the road a lot. It will be convenient to work the Mercury/32 server with a simple web interface. Currently our add-on system lets me configure nearly all aspects, but I can't do the more server based tasks - like adding or altering a filter for both local delivery and forward to a customer in China. Nor can I work IMAP if something goes wrong. So in a Mobile world a lot remains to be done.

The creative side finally started to work again and I don't know if you guys think it is a good idea to have a specialized IMAP forum - sinze I believe this will be the key most important issue as the world goes more and more mobile. I had a number of problems, mostly due to that Microsoft Mobile Outlook 6 doesn't behave well. When f.ex. "standard" folders aren't there, the folders are not created - and to know this - when you're thousands of miles away - and only get a "Synchronization error" - there isn't much to do about it.

Finally if you have ideas on how we should develop the community, please let me know what you think. Also, if you have the chance to get some free time - take time off - it is truly vitalizing!

Cheers / Peter S.
ps - Thanks dad for celebrating your birthday by a pool side, sorry I beat you in Golf though... - ds

Sorry - site was inaccessible last nite

A fault occured last night, occupying the server at a 100% - thus making responses so slow that browsers timed out.

The problem wasn't all easy to locate, but eventually we found that the server logs, and database transaction logs had grown beyond reasonable sizes. Once we managed to shrink the transaction logs and the database, all was back to normal again.

I apologize for any inconvenience this caused.

cheers / Peter S.

Firewalling

No Fire, just a wall - or another brick ...

True Firewall Appliances are fine, complicated and feature rich. Some have a feature called DNS Doctoring, which means that a DNS A request is translated from one IP into another. This is very useful, when you have a private network but with only some public IP-addresses. F.ex. 192.168.0.2 could be translated into 84.20.9.2 as a DNS service. But this translation is done at the cost of also translating the originating caller IP.

Problems can turmoil quickly, since you can have a DMZ (De Militarized Zone) and a VPN-Tunnel. We have both!. If you have a VPN tunnel, you want the traffic to flow from one internal net to the other, without any restrictions or address translations. The problem arises when you combine these two, meaning DNS-Doctoring and a VPN-Tunnel - from two sites. When you do DNS-Doctoring from just one site, then there are no real hurdles. The actual obstacle lies in f.ex. DNS-redundancy.

Today I have spent most of the day trying to get my scenario to work. What it gives is actually a DMZ with private addresses, since you have to configure inbound and outbound rule sets for all the external addresses you want to use in both ends, and all explicit traffic - which is alot in an AD environment. The best solution would have been to separate the DNS A request translation from the actual traffic translation - but I guess that is too simple to ask.

Sorry for the technicality in this post, just wanted to write this off my chest.

Networking is sometimes a real mind job - sigh

Happy Holidays

Wish you all a nice couple of days off.

Cheers / Peter

Thank you

First of all, thank you all - for making the community work the way it works. I think it works very well, and I am very pleased to see that we have passed 700 registered users. This sunday we had over 200 visitors simultaneously, searching and browsing information. Very seldom I or other moderators have to delete or edit content in violation of the rules. When browsing deleted posts, I see that you who have deleted a post you have made, have indeed written a proper explanation - some even make me laugh.

My aim with the site was to make Pegasus Mail and Mercury much more visible. Now searching some of popular search sites on the internet for keywords of f.ex. "Pegasus Mail" or "Mercury" / "Mercury/32" the community is listed among the top results. I know the SEO can be a lot better, but I'm very pleased to see that many others are referring to the site for answers.

And the site has only been live for 2 months.

Statistics
For those of you who are interested in stats of the site, what it takes to run it here are some figures:

  • The first week of may, some 83000 pages were served. Every week the pages served is increasing. Last week 150' pages were sent out.
  • Time of the day difference isn't that big though UTC 0200 - 0500 are somewhat less intense
  • Sundays the traffic is lower than the other 6 days in a week.
  • Search engines that show any significance in traffic are Google, Live and Yahoo.
  • Among the search words are the most obvious ones most frequent, mail, mail server, Pegasus, Pegasus Mail, Mercury, Mercury Mail, SMTP and so on .
  • Web browser use, in order: Firefox, Netscape compatible, MSIE, Opera, ShopWiki and others
  • 52% of the traffic is coming from Windows clients
  • Majority of the page size is less than 100K, with a steep access curve down to 10K
  • An absolute majority is being served pages under half a second and only exceptional page requests are served longer than 2 seconds. (This is due to caching, and most likely lies under the administration pages that are not that frequented than the site in general)

Future
But, now is not the time to rest - What do you think should be improved? Should the site be available in other languages than English? Should there be nationalized forums? Make your opinion heard at the "about this site" forum!

During the summer I will start the transition to CS2007 and multi-language support of the site. I'm not making any promises about when the release is to be made. For the time being I'm coding what I hope will be the license handler for Mercury - it all depends on if David will approve of it once he sees it.

More Posts Next page »