Category Archive:NPO’s

Zimbra has been a bit hit.  I’m currently trying to get the software lifecycles synchronized.  Zimbra 7 has just been released.. unfortunately zimbra does not support Debian any longer.  Centos 6 is about to be released and I’m not a fan of Ubuntu.  Centos 5 expires in 2014 which is about the same time as Zimbra 7.  It looks like I’ll stick with Centos 5 until the EOL of Zimbra 7.  Then for Zimbra 8 change both the Zimbra version and the host operating system.

Servers:  One of the donated rackmounts is now running Astaro again.  Untangle let me down when it counted and the conduct of their founder and COO i find distateful.  I ahd a bad e-mail get past the Untangle system and infect one of my users computers.  I’ve since switched to Astaro and frankly I couldn’t be happier.  Not only has the spam detection gone up to near 99% or higher but false positives are nearly zero.  So far the Astaro is rejecting 90% of all spam mail before it even gets to the anti-spam and a/v engines.  This has led to a marked decrease in resource usage by the Zimbra server.  I honestly had no idea how much was getting by the Untangle until i installed Astaro.

I also had all the ups units in the server room fail.  Luckily I was able to get a new single, large ups that’s ultimately capable of running everything in the server room for at least 10 minutes.  Once i get the control software installed the main server will be able to send graceful shutdown signals to the mail server and firewall server if there is a sustained power disruption.  The file server will also shutdown gracefully meaning less chances of file system crashes or corruptions..:)

There’s a couple of large projects coming but i’m not going to talk about them until everything is in place..:)

Got the new server online months ago..sorry for the lack of news.  I wound up sticking with Debian.  Everything went smoothly and now there are several domains running off of this box including multiple streaming servers.  Now a bigger challenge looms…moving this station to a new location AND hooking everything up to it’s new location.  will keep folks posted as I can.

I have been doing IT work as a volunteer for a local radio station WTHU for a few years now.  Slowly but surely we have been moving along the technology track int he right direction.  We have a stout server in wash state that handles our streaming.  The costs for this are extremely reasonable but time have gotten tight and we have to find ways to cut costs even more.  That lead to a local vendor, Swift systems, that has kindly donated a 2u rackmount server, colocation,  power, and an unmetered 10 megabit port.  I went into Swift Systems today to install Debian onto said server.  This turned out to be quite the adventure.  Some of it was totally me..i was not familiar with Debian 5.  I’ve used several variants including the near ubiquitous Ubuntu(which I would NEVER put onto a server) but I wanted the real Debian.  The hardware issue is the cd-rom drive.  I don’t know why..but it’s sssssssllllloooowwwwwww.  Painfully slow.  However the rest of the box is very very fast.  Debian in it’s default install mode will only allow you to configure one interface at install time.  If you give it an address that does not have internet connectivity when it tries to build it’s mirror list it’ll timeout(after about 5-10 minutes) and use ONLY the cd-rom.  I found this out the hard way.  I was not going to do that.  I tried a reinstall but again was met with the sloooow cd-rom..:)  I tried to setup one interface via dhcp(so it would get a local ip) and then setup the other interface to static to no avail in the installer.  I setup the ilo with another static ip in the assigned range and will have them rack the box.  I should be able to get into the machine using hte ilo and then using hte console redirect instlal debian to the static range.  I should be able to then build the repos properly and have a working Debian install.

Why not Centos?  Centos 5 is less than 3 years from expiring.  I did not want to have to do an os upgrade anytime soon.  With Cent you have to reinstall for an upgrade.  With debian you just run apt-get and install the new version.  We will see if i can get Debian to install via the ILO.  If not i’ll go with centos and deal with the os upgrade later..:)

Well i got the servers in and really didn’t want to wait for the 12u rack…mainly because it’s not int he budget right now.  I took one of the servers and have installed untangle on it.  I now have 4 network cards in the thing.  One is red(internet), one is blue(free public wifi) and one is green(church’s internal network).  The 4th one is for future use(which I already have  a plan for).  What are the specs of this box?  It is an IBM x335 with dual xeon 2.8ghz cpu’s with HT , 4 gigs of ram, and two 36 gig 10k U320 SCSI hdd’s in hardware raid 1.  The thing just smokes..:)  I’m waiting for a couple of major events to really test the box:

1.  the Don Piper conference we are having

2.  Upward basketball.

Upward is going to be the bigger test as we’ll have hundreds of folks inside the new wing from 9am to 6pm sat and sun every week for about 3 months.  I’m hoping to get at least 20 folks on that so i can see how this box handles it.

I had a Dell Poweredge 1800 running Astaro as the firewall until this donation came in.  Our e-mail is run by a company called powweb and I have been hearing for a long time about unreliable service, crashing interfaces, and other issues for months now.  since the Dell is 64 bit compatible I decided to press that one into use as the new church e-mail server.  The test for the firewall is can it handle everything i’m going to throw at it?  e-mail, content filtering, anti-virus scanning, packet inspection, remote access..etc etc etc.  My research tells me it will.  The most fascinating thing about Untangle is it makes heavy use of Java.  Java is at the core of the entire system and ALL traffic passes through this Java core.  So far it’s worked without a hitch.  I’ve setup some simple traffic priority rules that say the church’s traffic has the highest priority and the free wifi has the lowest.  I’ll be watching the server closely to see how it does..not that I’m anticipating problems..but this is a new product that has impressed me..and i want to see it work under load as i look at the innards to see how it works..:)  Cost for all of this?  105$ and that was just to cover shipping,,:)  All of the software is free.

I just need to get the final list of current mailboxses and get the DNS switched over.  Staff meeting this Monday to see if they’ll give the green light.  I have found several extensions(called zimlets) that really extend the featureset of the Zimbra platform.  I know have built into the platform:

1.  Automatic detection of UPS and FEDEX tracking numbers.  The system will automatically highlight tracking numbers and auto-create hyperlinks.  Clicking the link takes directly to your tracking information

2.  Daily summary of tasks and appointments.  When the user logs in the zimlets checks their calednar for that day and sends them appriate reminders.

3.  Post Office tracking.  Along the same lines as the UPS Fedex trackers…this also will grab post office trackings form several other countries as well.

4.  Social network integration.  Twitter, Facebook and a couple of others can be integrated into your Zimbra interface

These are in addition to the base feature set available with the free version.  All of these zimlets are free as well.  The best thing….no more outlook.  FBC users can get to this anywhere they wish to via a https secured channel..:)

What are the needs that this server can address?

At this time the church’s website is hosted by powweb on their free package for non profits.  Unfortunately their e-mail services are horrendously unreliable.  We have a business class internet connection with a static ip.  We have more than enough outgoing bandwidth to handle e-mail.  While Google apps are available I don’t trust the cloud enough to host a NPO’s e-mail.  Now the decision is what mail server am I going to run?  Ms Exchange is one option…however i don’t want to be handcuffed to the office/outlook/exchange lock-in.  I am a huge fan of Linux and I use it everywhere I can.  I need the ability for the users to have Exchange functionality without having to be handcuffed to Outlook.  Ideally I would want to do everything inside a web browser.  There’s several options just read the list here.  I don’t want to pay for a software package that runs on top of a free operating system.  I also require the software to integrate with my currently installed Active Directory.  Out of all of the choices I chose Zimbra.  I made this choice due to the cost, available features, low system requirements, and overall reliability.  The ability to use shared contacts, calendar, and even inboxes are available in the free version.   I know of one large deployment at my wife’s employer…while it wasn’t done in a particularly good way it still just works.  While Zimbra has it’s own anti-spam and a/v I’m going to use my firewall’s spam and malware filtering as it’s quite powerful and already tweaked.  Also everything at a base level is done through a web browser which means i don’t have to use the outlook monstrosity.  While the interface is different retraining isn’t going to be that painful.

You can read about the donation here.  I have three IBM x335’s on the way with dual p-4 xeon 2.8 ghz cpu’s, dual 36 gig 10k rpm SCSI drives with hardware raid 1, 4 gigs of ram, all the cables needed including ILO, and rails.  All for the cost of shipping.  Why am I posting about it here?  I run the network at my church.  This will be the first time I can start something like this from the ground up and document what I do, how I do it, and what hardware and software I do it with.  I will also be able to show just how much free software can do and still integrate with an established Active Directory layout as well.  It’s something for other potential NPO clients to be able to see what some creative thinking can accomplish for little or no cost…:)  Stay tuned I’ve created a whole new category for this..:)