all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed
* Idea: mailman service (free for FOSS projects)
@ 2017-04-18 10:23 Pjotr Prins
  2017-04-18 11:18 ` ng0
  2017-04-19 20:34 ` Idea: mailman service (free for FOSS projects) Ludovic Courtès
  0 siblings, 2 replies; 17+ messages in thread
From: Pjotr Prins @ 2017-04-18 10:23 UTC (permalink / raw)
  To: guix-devel

Hi all,

I am looking for mailman hosting for a bunch of mailing lists. There
are commercial hosters but they usually charge per list and you get no
access to the host itself. Mailman hosting is non-trivial, you need a
chain of tools and (in)sane handling of SPAM. Also the setup needs to
be secure and capable of updates. I have some experience and ideas
here, but it is a bit much to do on my own.

I am thinking in this age of VPS' we could create a deployable Guix
instance which people can roll out by themselves with some guarantee
that it is safe and secure. There are also organisations willing to
fork out some money to outsource their mailing lists. Basically a
markup for running software on top of a running VPS (or maybe our own
array of pi servers ;)

Since we are the masters of deployment anyone interested building up a
little business this way? After mailman there could be git hosting,
etc. We can create FOSS solutions which do not depend on single
providers, an answer to people using Google Groups now, or github.

Pj.

^ permalink raw reply	[flat|nested] 17+ messages in thread

* Re: Idea: mailman service (free for FOSS projects)
  2017-04-18 10:23 Idea: mailman service (free for FOSS projects) Pjotr Prins
@ 2017-04-18 11:18 ` ng0
  2017-04-18 17:59   ` Idea: 'ethical hosting' [formerly mailman service (free for FOSS projects)] Pjotr Prins
  2017-04-19 20:34 ` Idea: mailman service (free for FOSS projects) Ludovic Courtès
  1 sibling, 1 reply; 17+ messages in thread
From: ng0 @ 2017-04-18 11:18 UTC (permalink / raw)
  To: Pjotr Prins; +Cc: guix-devel

Good and interesting idea, if you have the money.
I prefer to work on snippets and instructions, deploying more servers
than necessary isn't an option for myself at the moment.

Mantioning mailman and GuixSD: We'd first need to get all of Mailman
packaged. 2/3 parts are still missing, I have started to work on hyperkitty
but if you are interested and willing to continue it would be nice.

Afterwards we would need a system service, and then it would be good
to try this out in the wild (or intranet) to see what can be done to
run this service (and all connected ones) in a container.

Pjotr Prins transcribed 1.0K bytes:
> Hi all,
> 
> I am looking for mailman hosting for a bunch of mailing lists. There
> are commercial hosters but they usually charge per list and you get no
> access to the host itself. Mailman hosting is non-trivial, you need a
> chain of tools and (in)sane handling of SPAM. Also the setup needs to
> be secure and capable of updates. I have some experience and ideas
> here, but it is a bit much to do on my own.
> 
> I am thinking in this age of VPS' we could create a deployable Guix
> instance which people can roll out by themselves with some guarantee
> that it is safe and secure. There are also organisations willing to
> fork out some money to outsource their mailing lists. Basically a
> markup for running software on top of a running VPS (or maybe our own
> array of pi servers ;)
> 
> Since we are the masters of deployment anyone interested building up a
> little business this way? After mailman there could be git hosting,
> etc. We can create FOSS solutions which do not depend on single
> providers, an answer to people using Google Groups now, or github.
> 
> Pj.
> 

-- 
PGP and more: https://people.pragmatique.xyz/ng0/

^ permalink raw reply	[flat|nested] 17+ messages in thread

* Idea: 'ethical hosting' [formerly mailman service (free for FOSS projects)]
  2017-04-18 11:18 ` ng0
@ 2017-04-18 17:59   ` Pjotr Prins
  2017-04-18 18:11     ` ng0
  2017-04-18 20:13     ` Idea: 'ethical hosting' [formerly mailman service (free for FOSS projects)] Hartmut Goebel
  0 siblings, 2 replies; 17+ messages in thread
From: Pjotr Prins @ 2017-04-18 17:59 UTC (permalink / raw)
  To: Pjotr Prins, guix-devel

Continuing this train of thought: there is actually a business case
for something like ethical hosting. For us it is 'easy' to create
services such as mail servers with IMAP and web front-end, mail-main
servers, wikimedia servers etc. But it is not easy for everyone, And
it is certainly not easy to get it right, i.e., setup and security.

Individuals and companies are willing to pay for VPS, and I am sure
they are willing to pay for a full FOSS stack deployable on a VPS.
There is added value and therefore money. 

With Guix we can make configurable deployments that gives people to
deploy anywhere. I know many companies and organisations (such as
universities!) outsource their mail servers to companies such as
google and Microsoft. They ought to be getting concerned about
privacy, not least because of recent changes in American law - let
alone those that operate in less lawful countries.

It is too much to achieve for one person, but I think if we can get a
number of people together we can turn Guix work into cash. Mailman
would be a good start. Next a configurable mail server with webmail to
compete with gmail and protonmail?

On Tue, Apr 18, 2017 at 11:18:14AM +0000, ng0 wrote:
> Good and interesting idea, if you have the money.
> I prefer to work on snippets and instructions, deploying more servers
> than necessary isn't an option for myself at the moment.

I don't think we should offer VPS (at first). But we can offer the
choice of using other VPS'. The VPS marked is overcrowded and very
competitive - I would not want to compete with that. I want to compete
with companies that offer hosting, but do not provide the software
stack. I also want people to have access to their own VPS. That is the
ethical part.

> Mantioning mailman and GuixSD: We'd first need to get all of Mailman
> packaged. 2/3 parts are still missing, I have started to work on hyperkitty
> but if you are interested and willing to continue it would be nice.

Yes. postfix we also need.

> Afterwards we would need a system service, and then it would be good
> to try this out in the wild (or intranet) to see what can be done to
> run this service (and all connected ones) in a container.

Aye, Guix rocks so much it hurts ;).

Pj.

-- 

^ permalink raw reply	[flat|nested] 17+ messages in thread

* Re: Idea: 'ethical hosting' [formerly mailman service (free for FOSS projects)]
  2017-04-18 17:59   ` Idea: 'ethical hosting' [formerly mailman service (free for FOSS projects)] Pjotr Prins
@ 2017-04-18 18:11     ` ng0
  2017-04-18 18:50       ` Pjotr Prins
  2017-04-18 20:13     ` Idea: 'ethical hosting' [formerly mailman service (free for FOSS projects)] Hartmut Goebel
  1 sibling, 1 reply; 17+ messages in thread
From: ng0 @ 2017-04-18 18:11 UTC (permalink / raw)
  To: Pjotr Prins; +Cc: guix-devel

Pjotr Prins transcribed 2.2K bytes:
> Continuing this train of thought: there is actually a business case
> for something like ethical hosting. For us it is 'easy' to create
> services such as mail servers with IMAP and web front-end, mail-main
> servers, wikimedia servers etc. But it is not easy for everyone, And
> it is certainly not easy to get it right, i.e., setup and security.
> 
> Individuals and companies are willing to pay for VPS, and I am sure
> they are willing to pay for a full FOSS stack deployable on a VPS.
> There is added value and therefore money. 
> 
> With Guix we can make configurable deployments that gives people to
> deploy anywhere. I know many companies and organisations (such as
> universities!) outsource their mail servers to companies such as
> google and Microsoft. They ought to be getting concerned about
> privacy, not least because of recent changes in American law - let
> alone those that operate in less lawful countries.
> 
> It is too much to achieve for one person, but I think if we can get a
> number of people together we can turn Guix work into cash. Mailman
> would be a good start. Next a configurable mail server with webmail to
> compete with gmail and protonmail?
> 
> On Tue, Apr 18, 2017 at 11:18:14AM +0000, ng0 wrote:
> > Good and interesting idea, if you have the money.
> > I prefer to work on snippets and instructions, deploying more servers
> > than necessary isn't an option for myself at the moment.
> 
> I don't think we should offer VPS (at first). But we can offer the
> choice of using other VPS'. The VPS marked is overcrowded and very
> competitive - I would not want to compete with that. I want to compete
> with companies that offer hosting, but do not provide the software
> stack. I also want people to have access to their own VPS. That is the
> ethical part.

Okay, then I do not understandand completely where you are going with this.
For a hosted service you need a host first. Do you want to offer consulting
work, so that this can be deployed at service (which furthermore would
require some legal annoyance), as a service? In other words, some of us
probably to cover the legal part with a contract at Guix Europe e.v. (if
the registered association law in France works similar to the ones in Germany)
will set up services on demand for interested people and organizations?

> > Mantioning mailman and GuixSD: We'd first need to get all of Mailman
> > packaged. 2/3 parts are still missing, I have started to work on hyperkitty
> > but if you are interested and willing to continue it would be nice.
> 
> Yes. postfix we also need.

But we do have OpenSMTPD and Dovecot, which is enough already to make Postfix
not an blocking issue. All I know about Mailman is that it needs some MTA.
My only contact with it so far was administration and packaging.

> 
> > Afterwards we would need a system service, and then it would be good
> > to try this out in the wild (or intranet) to see what can be done to
> > run this service (and all connected ones) in a container.
> 
> Aye, Guix rocks so much it hurts ;).
> 
> Pj.
> 
> -- 
> 

-- 
PGP and more: https://people.pragmatique.xyz/ng0/

^ permalink raw reply	[flat|nested] 17+ messages in thread

* Re: Idea: 'ethical hosting' [formerly mailman service (free for FOSS projects)]
  2017-04-18 18:11     ` ng0
@ 2017-04-18 18:50       ` Pjotr Prins
  2017-04-18 19:52         ` ng0
                           ` (2 more replies)
  0 siblings, 3 replies; 17+ messages in thread
From: Pjotr Prins @ 2017-04-18 18:50 UTC (permalink / raw)
  To: Pjotr Prins, guix-devel

On Tue, Apr 18, 2017 at 06:11:41PM +0000, ng0 wrote:
> > I don't think we should offer VPS (at first). But we can offer the
> > choice of using other VPS'. The VPS marked is overcrowded and very
> > competitive - I would not want to compete with that. I want to compete
> > with companies that offer hosting, but do not provide the software
> > stack. I also want people to have access to their own VPS. That is the
> > ethical part.
> 
> Okay, then I do not understandand completely where you are going with this.
> For a hosted service you need a host first. Do you want to offer consulting
> work, so that this can be deployed at service (which furthermore would
> require some legal annoyance), as a service? In other words, some of us
> probably to cover the legal part with a contract at Guix Europe e.v. (if
> the registered association law in France works similar to the ones in Germany)
> will set up services on demand for interested people and organizations?

This is one example for hosting mailman: https://www.mailmanhost.com/.
They host it on some other VPS service.

What I want to do is provide something similar with a slick web
interface where people click on a service, say a VPS with mailman,
configure it and launch it on a VPS hoster of their choice - we can
offer multiple solutions on multiple hosting parties. Then the client
has a running and configured server. We charge a fee on top of the VPS
fee.

No consulting required unless something goes wrong. So we need to
probably factor in monitoring and minimal support for paying clients.

That is the general idea. Guix Europe is a non-profit, I don't think
that would be a suitable vehicle. Better to set up a limited liability
company when dealing with clients.

I believe in fairness, so we'd have to come up with a way of
distributing any income fairly and giving some back to Guix. But that
is a separate discussion with the people who want to do this. That
does probably not belong on the mailing list. It needs thought.

The software is all FOSS, so anyone can fork of any time and start a
business. If we make some money together or separately that is
cool because we can sustain our efforts that way. Be nice to share
knowledge, build up on that, and grow Guix.

Anyway, just an idea that may or may not work.

Pj.

^ permalink raw reply	[flat|nested] 17+ messages in thread

* Re: Idea: 'ethical hosting' [formerly mailman service (free for FOSS projects)]
  2017-04-18 18:50       ` Pjotr Prins
@ 2017-04-18 19:52         ` ng0
  2017-04-19  4:55           ` Pjotr Prins
  2017-04-19  3:59         ` Christopher Allan Webber
  2017-04-19 21:06         ` Ludovic Courtès
  2 siblings, 1 reply; 17+ messages in thread
From: ng0 @ 2017-04-18 19:52 UTC (permalink / raw)
  To: Pjotr Prins; +Cc: guix-devel

Pjotr Prins transcribed 2.2K bytes:
> On Tue, Apr 18, 2017 at 06:11:41PM +0000, ng0 wrote:
> > > I don't think we should offer VPS (at first). But we can offer the
> > > choice of using other VPS'. The VPS marked is overcrowded and very
> > > competitive - I would not want to compete with that. I want to compete
> > > with companies that offer hosting, but do not provide the software
> > > stack. I also want people to have access to their own VPS. That is the
> > > ethical part.
> > 
> > Okay, then I do not understandand completely where you are going with this.
> > For a hosted service you need a host first. Do you want to offer consulting
> > work, so that this can be deployed at service (which furthermore would
> > require some legal annoyance), as a service? In other words, some of us
> > probably to cover the legal part with a contract at Guix Europe e.v. (if
> > the registered association law in France works similar to the ones in Germany)
> > will set up services on demand for interested people and organizations?
> 
> This is one example for hosting mailman: https://www.mailmanhost.com/.
> They host it on some other VPS service.
> 
> What I want to do is provide something similar with a slick web
> interface where people click on a service, say a VPS with mailman,
> configure it and launch it on a VPS hoster of their choice - we can
> offer multiple solutions on multiple hosting parties. Then the client
> has a running and configured server. We charge a fee on top of the VPS
> fee.
> 
> No consulting required unless something goes wrong. So we need to
> probably factor in monitoring and minimal support for paying clients.

Okay, thanks for making it more clear.

> That is the general idea. Guix Europe is a non-profit, I don't think
> that would be a suitable vehicle. Better to set up a limited liability
> company when dealing with clients.

(I am not a lawyer, and I haven't read every bit and piece of the German Vereinsrecht
so far)
With a registered non-profit under the Vereinsrecht in Germany it would not
conflict with the non-profit status as long as the work supports the mission
and structures of Guix Europe.
I haven't read the charta of GE in a while and haven't compared the two countries.

> I believe in fairness, so we'd have to come up with a way of
> distributing any income fairly and giving some back to Guix. But that
> is a separate discussion with the people who want to do this. That
> does probably not belong on the mailing list. It needs thought.

It's difficult. Maybe where you have your permanent residence it is easier,
I've had some expedition into legal entities in Germany for the last few
weeks with the result that I delayed it for now (TL;DR: get professional
advice offered by the state). Still some useful outcome in the process,
you can contact me off list if you are interested.

> The software is all FOSS, so anyone can fork of any time and start a
> business. If we make some money together or separately that is
> cool because we can sustain our efforts that way. Be nice to share
> knowledge, build up on that, and grow Guix.
> 
> Anyway, just an idea that may or may not work.
> 
> Pj.
> 

-- 
PGP and more: https://people.pragmatique.xyz/ng0/

^ permalink raw reply	[flat|nested] 17+ messages in thread

* Re: Idea: 'ethical hosting' [formerly mailman service (free for FOSS projects)]
  2017-04-18 17:59   ` Idea: 'ethical hosting' [formerly mailman service (free for FOSS projects)] Pjotr Prins
  2017-04-18 18:11     ` ng0
@ 2017-04-18 20:13     ` Hartmut Goebel
  2017-04-19  4:39       ` Pjotr Prins
  1 sibling, 1 reply; 17+ messages in thread
From: Hartmut Goebel @ 2017-04-18 20:13 UTC (permalink / raw)
  To: guix-devel

Am 18.04.2017 um 19:59 schrieb Pjotr Prins:
> there is actually a business case for something like ethical hosting.

I also see some demand for ethical hosting, esp. for collaboration
services like mailman, chat, file-share, a simple web-site, etc. I get
questions about this quite often. But most times the people are neither
capable to setup and maintain a server at all – or they don't want to
spend the money.

E.g. at 1blu.de you can get a vServer with Plesk admin interface for 8 €
per month. This includes KVM virtualization (or virtuozzo if you
prefer), a web-mailer, mailinglists via plesk (mailman in the
background) and a domain.

So I don't see a business case here :-(

-- 
+++hartmut

| Hartmut Goebel            |                       |
| hartmut@goebel-consult.de | www.goebel-consult.de |

^ permalink raw reply	[flat|nested] 17+ messages in thread

* Re: Idea: 'ethical hosting' [formerly mailman service (free for FOSS projects)]
  2017-04-18 18:50       ` Pjotr Prins
  2017-04-18 19:52         ` ng0
@ 2017-04-19  3:59         ` Christopher Allan Webber
  2017-04-19 21:06         ` Ludovic Courtès
  2 siblings, 0 replies; 17+ messages in thread
From: Christopher Allan Webber @ 2017-04-19  3:59 UTC (permalink / raw)
  To: Pjotr Prins; +Cc: guix-devel

Pjotr Prins writes:

> On Tue, Apr 18, 2017 at 06:11:41PM +0000, ng0 wrote:
>> > I don't think we should offer VPS (at first). But we can offer the
>> > choice of using other VPS'. The VPS marked is overcrowded and very
>> > competitive - I would not want to compete with that. I want to compete
>> > with companies that offer hosting, but do not provide the software
>> > stack. I also want people to have access to their own VPS. That is the
>> > ethical part.
>> 
>> Okay, then I do not understandand completely where you are going with this.
>> For a hosted service you need a host first. Do you want to offer consulting
>> work, so that this can be deployed at service (which furthermore would
>> require some legal annoyance), as a service? In other words, some of us
>> probably to cover the legal part with a contract at Guix Europe e.v. (if
>> the registered association law in France works similar to the ones in Germany)
>> will set up services on demand for interested people and organizations?
>
> This is one example for hosting mailman: https://www.mailmanhost.com/.
> They host it on some other VPS service.
>
> What I want to do is provide something similar with a slick web
> interface where people click on a service, say a VPS with mailman,
> configure it and launch it on a VPS hoster of their choice - we can
> offer multiple solutions on multiple hosting parties. Then the client
> has a running and configured server. We charge a fee on top of the VPS
> fee.
>

Note that that vision of building a web UI on top of a declarative
system to make deploying and maintaining servers easier is what
originally drew me to Guix.  Still hasn't left my mind as something
valuable.

^ permalink raw reply	[flat|nested] 17+ messages in thread

* Re: Idea: 'ethical hosting' [formerly mailman service (free for FOSS projects)]
  2017-04-18 20:13     ` Idea: 'ethical hosting' [formerly mailman service (free for FOSS projects)] Hartmut Goebel
@ 2017-04-19  4:39       ` Pjotr Prins
  0 siblings, 0 replies; 17+ messages in thread
From: Pjotr Prins @ 2017-04-19  4:39 UTC (permalink / raw)
  To: Hartmut Goebel; +Cc: guix-devel

On Tue, Apr 18, 2017 at 10:13:23PM +0200, Hartmut Goebel wrote:
> Am 18.04.2017 um 19:59 schrieb Pjotr Prins:
> > there is actually a business case for something like ethical hosting.
> 
> I also see some demand for ethical hosting, esp. for collaboration
> services like mailman, chat, file-share, a simple web-site, etc. I get
> questions about this quite often. But most times the people are neither
> capable to setup and maintain a server at all – or they don't want to
> spend the money.

We provide the actual images for free, so they could start up anywhere.

> E.g. at 1blu.de you can get a vServer with Plesk admin interface for 8 €
> per month. This includes KVM virtualization (or virtuozzo if you
> prefer), a web-mailer, mailinglists via plesk (mailman in the
> background) and a domain.
> 
> So I don't see a business case here :-(

Heh. It is actually proof that there is a business there, otherwise
they would not do it. The underlying VPS costs 3/m, so their markup is
5/m. And that is without any monitoring or tuning - just a simple
installation.

For a 2-person business you need about 10K/m. So you can compute how
many clients we need. And taking over a company mail server with
webmail and mailman, I am sure we can ask 5-10K per year. 

You can grow in either direction. Main problem is starting up as it
needs some investment.

Pj.

^ permalink raw reply	[flat|nested] 17+ messages in thread

* Re: Idea: 'ethical hosting' [formerly mailman service (free for FOSS projects)]
  2017-04-18 19:52         ` ng0
@ 2017-04-19  4:55           ` Pjotr Prins
  0 siblings, 0 replies; 17+ messages in thread
From: Pjotr Prins @ 2017-04-19  4:55 UTC (permalink / raw)
  To: Pjotr Prins, guix-devel

On Tue, Apr 18, 2017 at 07:52:58PM +0000, ng0 wrote:
> (I am not a lawyer, and I haven't read every bit and piece of the German Vereinsrecht
> so far)
> With a registered non-profit under the Vereinsrecht in Germany it would not
> conflict with the non-profit status as long as the work supports the mission
> and structures of Guix Europe.

Exactly. It would confuse things. Guix-Europe has its own agenda,
currently hosting the build farm.

There is also the administrative overhead and choices one has to make.
I think any company has to be focused on its offerings.

> I haven't read the charta of GE in a while and haven't compared the two countries.
> 
> > I believe in fairness, so we'd have to come up with a way of
> > distributing any income fairly and giving some back to Guix. But that
> > is a separate discussion with the people who want to do this. That
> > does probably not belong on the mailing list. It needs thought.
> 
> It's difficult. Maybe where you have your permanent residence it is easier,
> I've had some expedition into legal entities in Germany for the last few
> weeks with the result that I delayed it for now (TL;DR: get professional
> advice offered by the state). Still some useful outcome in the process,
> you can contact me off list if you are interested.

I have set up limited companies in the past. Not hard and you need
about 2-3K per year in administrative costs. One interesting option is
Estonia. When you become an e-citizen you can set up a limited company
remotely with a group. It is within the EU and all legal. Estonia only
taxes 20% on dividend - which you can avoid paying when you have
enough expenses. 

My idea is that if we have an interesting business case we can
register a company any time. Estonia, NL and UK are interesting
possibilities. Anyway, this is a bit beyond the scope of this ML.

This is an example of a mailman setup I just had to analyse: 

* Mailman

I installed htop, mc and git.

** Ad hoc management

I don't think any form of software deployment is in place (other than
yum) - let alone deterministic software deployment. 

** No git in /etc (fixed)

Especially with shared sys admin I suggest to run git in /etc. I have done
it for you (after installing git with yum)

: cd /etc
: git init
: chmod 0600 .git
: git add .
: git commit -a -m init

Anyone doing updates should check git and commit changes.

** Firewall

Firewall rules are basic. Only ssh gets checked by fail2ban:

: iptables -L
:   fail2ban-SSH  tcp  --  anywhere             anywhere             tcp dpt:ssh

fail2ban is actually a running daemon. The /etc/hosts.deny file keeps
getting edited (currently 7K lines which means lookups get
slower!). There are multiple fail2ban's running - maybe that is by
design. fail2ban does not modify the firewall rules.

Also running is denyhosts.py - is it part of fail2ban? - which takes
25.7% of RAM(!?).

: 11061 root      30  10  344m 151m 2348 S  0.0 25.7  19:50.20 denyhosts.py

: root     27642  0.0  0.8 429812  5348 ?        Sl   Apr15   0:21 /usr/bin/python2.7 /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x

which can be replaced by the following firewall rules which do not put the load, nor the
complexity beyond the firewall:

:            tcp  --  anywhere             anywhere             tcp dpt:ssh flags:FIN,SYN,RST,ACK/SYN recent: SET name: ssh side: source
: DROP       tcp  --  anywhere             anywhere             tcp dpt:ssh flags:FIN,SYN,RST,ACK/SYN recent: CHECK seconds: 127 hit_count: 10 name: ssh side: source
: ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh

** CRON

Virus checker gets restarted every day (apparently it crashes)

: 0 7 * * * /sbin/service restart mimedefang

** ssh

No password login allowed, good.

Root can access ssh with remote commands (but not shell and using keys only).

** RAM

RAM is fully in use which means SWAP is used quite a bit.

The following python processes

: 11061 root      30  10  344m 151m 2348 S  0.0 25.7  19:50.20 denyhosts.py
: 21223 defang    20   0  272m 116m 4624 S  0.0 19.8   3:28.71 mimedefang.pl
:  1643 mailman   20   0  338m  61m 1964 S  0.0 10.3  98:22.97 python2.7
: 23823 defang    20   0  182m  55m 4536 S  0.0  9.5   0:17.10 mimedefang.pl

take up more than half the RAM. denyhosts is part of sshd screening
(see firewall). Mimedefang does mail filtering of virusses (see CRON).

** CPU

Running htop for a while is interesting. The single core instance is
maxed out regularly every time a mail comes in.

Mailman qrunner and mimedefang.pl are the main culprits.

: Example:
:
:  CPU[|||||||||||||||||||||||||||||||||||||||||||100.0%]     Tasks: 84, 44 thr; 10 running
:  Mem[||||||||||||||||||||||||||||||||||||||||525/589MB]     Load average: 6.49 3.69 2.00
:  Swp[|||||||||                              738/4095MB]     Uptime: 8 days, 11:40:46
:
:   PID USER      PRI  NI  VIRT   RES   SHR S CPU% MEM%   TIME+  Command
: 26009 defang     20   0 72160 18908  3792 R 14.0  3.1  0:02.87 /usr/bin/perl /usr/bin/mimedefang.pl -server
: 26008 defang     20   0 72688 19312  3672 R 14.0  3.2  0:03.08 /usr/bin/perl /usr/bin/mimedefang.pl -server
: 25970 defang     20   0  118M 42388  4540 R 13.0  7.0  0:08.01 /usr/bin/perl /usr/bin/mimedefang.pl -server
: 21223 defang     20   0  319M 84720  4928 R 11.0 14.0  6:47.68 /usr/bin/perl /usr/bin/mimedefang.pl -server
: 25905 defang     20   0  179M 74812  7552 R 10.0 12.4  0:24.85 /usr/bin/perl /usr/bin/mimedefang.pl -server
: 23823 defang     20   0  189M 64584  6288 R 10.0 10.7  0:52.37 /usr/bin/perl /usr/bin/mimedefang.pl -server
: (...)

some messages coming in together here ... In fact, my terminal stopped
responding for a while.

** Disk space

: Filesystem      Size  Used Avail Use% Mounted on
: /dev/xvda1       15G  7.7G  6.9G  53% /
: devtmpfs        274M   28K  274M   1% /dev
: tmpfs           295M     0  295M   0% /dev/shm
: /dev/xvdg1       25G   17G  6.8G  71% /mailman

Using 'du' is very very slow for some reason. Probably because
both RAM and CPU are maxing out.

The mailman
/mailman/var-lib-mailman/archives/private/mailteam/attachments/ folder
is by far the largest and contains all sidelined MIME
attachments. Looking in these you can see they often have fake mail
addresses. Which can be stopped when mail comes in.

Also this attachment folder can be emptied - no need to keep these
around for more than 3 months. It would shave of 7G of the 17G stored for
mailman now.

** mailman

Mailman 2.1.15 is installed in /usr/lib/mailman/ and the configuration
file sits in the source tree. Installation date is 2015. Mailman's
security record is pretty good, but at least one security advisory is
probably relevant: https://www.debian.org/security/2016/dsa-3668

** sendmail

Sendmail accepts non-existing domains at this point.

Sendmail is used as a relay by events.xxxx.

Spamassassin is switched off.

Rbl lookups are switched off.

No checks on MX records of incoming mail.

The current configuration of sendmail/mailmain does not plug in the
correct host name of the sending server. My mailserver bounces this:

  Apr 6 11:11:03 mail postfix/smtpd[6691]: NOQUEUE: reject: RCPT from
  []: 450 4.7.1
  <ip-10-187-26-41.ec2.internal>: Helo command rejected: Host not
  found; from=<mailman-bounces@ip.ec2.internal>
  to=<pjotr.public@thebird.nl> proto=ESMTP
  helo=<ip.ec2.internal>

I.e., only the internal ec2 name is sent.

** MX settings

mailman has no backup MX (good!)

Although DNS configuration is outside this server, the TXT record of
mailman does not contain an spf in the TXT record. See,
for example,
https://support.rackspace.com/how-to/create-an-spf-txt-record/.

If you do a search against my own mail server:

   dig -t TXT mail.thebird.nl

you should see something like

   "v=spf1 ip4:95.154.246.10 +mx -all"

These days, an increasing number of mail daemons check the
SPF. Especially Microsoft is fussy and it means that people may not be
receiving mail, or it goes into SPAM.

^ permalink raw reply	[flat|nested] 17+ messages in thread

* Re: Idea: mailman service (free for FOSS projects)
  2017-04-18 10:23 Idea: mailman service (free for FOSS projects) Pjotr Prins
  2017-04-18 11:18 ` ng0
@ 2017-04-19 20:34 ` Ludovic Courtès
  2017-04-19 21:56   ` ng0
  1 sibling, 1 reply; 17+ messages in thread
From: Ludovic Courtès @ 2017-04-19 20:34 UTC (permalink / raw)
  To: Pjotr Prins; +Cc: guix-devel

Heya!

Pjotr Prins <pjotr.public12@thebird.nl> skribis:

> I am thinking in this age of VPS' we could create a deployable Guix
> instance which people can roll out by themselves with some guarantee
> that it is safe and secure. There are also organisations willing to
> fork out some money to outsource their mailing lists. Basically a
> markup for running software on top of a running VPS (or maybe our own
> array of pi servers ;)
>
> Since we are the masters of deployment anyone interested building up a
> little business this way? After mailman there could be git hosting,
> etc. We can create FOSS solutions which do not depend on single
> providers, an answer to people using Google Groups now, or github.

I agree with this vision!  I think OS declarations make this pretty
simple (this and also specialized distros à la FreedomBox, Tails, etc.,
but that’s another story.)

ng0 packaged a whole bunch of Mailman’s and Kallithea’s (source code
hosting) dependencies already:

  https://bugs.gnu.org/25733
  https://bugs.gnu.org/25736

Ludo’.

^ permalink raw reply	[flat|nested] 17+ messages in thread

* Re: Idea: 'ethical hosting' [formerly mailman service (free for FOSS projects)]
  2017-04-18 18:50       ` Pjotr Prins
  2017-04-18 19:52         ` ng0
  2017-04-19  3:59         ` Christopher Allan Webber
@ 2017-04-19 21:06         ` Ludovic Courtès
  2017-04-20  6:01           ` Idea: setting up a company [formerly 'ethical hosting' [formerly mailman service (free for FOSS projects)]] Pjotr Prins
  2 siblings, 1 reply; 17+ messages in thread
From: Ludovic Courtès @ 2017-04-19 21:06 UTC (permalink / raw)
  To: Pjotr Prins; +Cc: guix-devel

Pjotr Prins <pjotr.public12@thebird.nl> skribis:

> This is one example for hosting mailman: https://www.mailmanhost.com/.
> They host it on some other VPS service.
>
> What I want to do is provide something similar with a slick web
> interface where people click on a service, say a VPS with mailman,
> configure it and launch it on a VPS hoster of their choice - we can
> offer multiple solutions on multiple hosting parties. Then the client
> has a running and configured server. We charge a fee on top of the VPS
> fee.

For the record, YunoHost develops such a Web interface that allows
people to select services to run on their machine:

  https://yunohost.org/

It’s designed to drive a Debian system, but I guess making something
similar for GuixSD would be easier.  We could have Exim, Mailman,
MediaGoblin, and all that!

> No consulting required unless something goes wrong. So we need to
> probably factor in monitoring and minimal support for paying clients.

Heh, sounds like a plan.  :-)

Thanks for the brainstorming session!

Ludo’.

^ permalink raw reply	[flat|nested] 17+ messages in thread

* Re: Idea: mailman service (free for FOSS projects)
  2017-04-19 20:34 ` Idea: mailman service (free for FOSS projects) Ludovic Courtès
@ 2017-04-19 21:56   ` ng0
  0 siblings, 0 replies; 17+ messages in thread
From: ng0 @ 2017-04-19 21:56 UTC (permalink / raw)
  To: Ludovic Courtès; +Cc: guix-devel

Ludovic Courtès transcribed 1.1K bytes:
> Heya!
> 
> Pjotr Prins <pjotr.public12@thebird.nl> skribis:
> 
> > I am thinking in this age of VPS' we could create a deployable Guix
> > instance which people can roll out by themselves with some guarantee
> > that it is safe and secure. There are also organisations willing to
> > fork out some money to outsource their mailing lists. Basically a
> > markup for running software on top of a running VPS (or maybe our own
> > array of pi servers ;)
> >
> > Since we are the masters of deployment anyone interested building up a
> > little business this way? After mailman there could be git hosting,
> > etc. We can create FOSS solutions which do not depend on single
> > providers, an answer to people using Google Groups now, or github.
> 
> I agree with this vision!  I think OS declarations make this pretty
> simple (this and also specialized distros à la FreedomBox, Tails, etc.,
> but that’s another story.)
> 
> ng0 packaged a whole bunch of Mailman’s and Kallithea’s (source code
> hosting) dependencies already:
> 
>   https://bugs.gnu.org/25733
>   https://bugs.gnu.org/25736
> 
> Ludo’.
> 

A side note: Kallithea is on hold as they seem to be preparing for a new release,
or at least I hope so. The forced version numbers are old and there's an open
but slow discussion on this.
Meanwhile I've seen many dependencies I've packaged added as dependencies for
other python packages. duplicate efforts, not so good but it happens.
-- 
PGP and more: https://people.pragmatique.xyz/ng0/

^ permalink raw reply	[flat|nested] 17+ messages in thread

* Re: Idea: setting up a company [formerly 'ethical hosting' [formerly mailman service (free for FOSS projects)]]
  2017-04-19 21:06         ` Ludovic Courtès
@ 2017-04-20  6:01           ` Pjotr Prins
  2017-04-20  8:52             ` ng0
  0 siblings, 1 reply; 17+ messages in thread
From: Pjotr Prins @ 2017-04-20  6:01 UTC (permalink / raw)
  To: Ludovic Courtès; +Cc: guix-devel

> For the record, YunoHost develops such a Web interface that allows
> people to select services to run on their machine:
> 
>   https://yunohost.org/
> 
> It’s designed to drive a Debian system, but I guess making something
> similar for GuixSD would be easier.  We could have Exim, Mailman,
> MediaGoblin, and all that!
> 
> > No consulting required unless something goes wrong. So we need to
> > probably factor in monitoring and minimal support for paying clients.
> 
> Heh, sounds like a plan.  :-)
> 
> Thanks for the brainstorming session!

Now I have a crazy idea. I propose to set up a company that targets
'ethical hosting'. We'll design that company to be fair. Every step
will happen online and anyone can participate. It will be both an
experiment - as a company, an opportunity for people to earn and give
back, and a guide for geeks to set up their own. This is an
interesting age with people working from different countries on FOSS
projects, funding schemes like crowd sourcing, and plenty ideas. What
seems to be missing is is a guide for individuals to start up.

I have been much inspired by Pieter Hintjens, one of the FOSDEM
organizers who sadly passed away last year. You can still read his
BLOG online and see what I mean.

Do you think we can create a Guix-based business? I do. I am willing
to take the lead.

Pj.
-- 

^ permalink raw reply	[flat|nested] 17+ messages in thread

* Re: Idea: setting up a company [formerly 'ethical hosting' [formerly mailman service (free for FOSS projects)]]
  2017-04-20  6:01           ` Idea: setting up a company [formerly 'ethical hosting' [formerly mailman service (free for FOSS projects)]] Pjotr Prins
@ 2017-04-20  8:52             ` ng0
  2017-04-20 12:18               ` Pjotr Prins
  0 siblings, 1 reply; 17+ messages in thread
From: ng0 @ 2017-04-20  8:52 UTC (permalink / raw)
  To: Pjotr Prins; +Cc: guix-devel

Pjotr Prins transcribed 1.3K bytes:
> > For the record, YunoHost develops such a Web interface that allows
> > people to select services to run on their machine:
> > 
> >   https://yunohost.org/
> > 
> > It’s designed to drive a Debian system, but I guess making something
> > similar for GuixSD would be easier.  We could have Exim, Mailman,
> > MediaGoblin, and all that!
> > 
> > > No consulting required unless something goes wrong. So we need to
> > > probably factor in monitoring and minimal support for paying clients.
> > 
> > Heh, sounds like a plan.  :-)
> > 
> > Thanks for the brainstorming session!
> 
> Now I have a crazy idea. I propose to set up a company that targets
> 'ethical hosting'. We'll design that company to be fair. Every step
> will happen online and anyone can participate. It will be both an
> experiment - as a company, an opportunity for people to earn and give
> back, and a guide for geeks to set up their own. This is an
> interesting age with people working from different countries on FOSS
> projects, funding schemes like crowd sourcing, and plenty ideas. What
> seems to be missing is is a guide for individuals to start up.

Yeah, that was exactly my impression when I've started looking into
what I'm doing, although not with the very same motivation or goal.

Like I told you offlist, we could use the gnunet.org mumble server
to shape the idea(s) and solve questions like funding etc.

> I have been much inspired by Pieter Hintjens, one of the FOSDEM
> organizers who sadly passed away last year. You can still read his
> BLOG online and see what I mean.
> 
> Do you think we can create a Guix-based business? I do. I am willing
> to take the lead.
> 
> Pj.
> -- 
> 

-- 
PGP and more: https://people.pragmatique.xyz/ng0/

^ permalink raw reply	[flat|nested] 17+ messages in thread

* Re: Idea: setting up a company [formerly 'ethical hosting' [formerly mailman service (free for FOSS projects)]]
  2017-04-20  8:52             ` ng0
@ 2017-04-20 12:18               ` Pjotr Prins
  2017-04-23 18:19                 ` pelzflorian (Florian Pelz)
  0 siblings, 1 reply; 17+ messages in thread
From: Pjotr Prins @ 2017-04-20 12:18 UTC (permalink / raw)
  To: Pjotr Prins, Ludovic Courtès, guix-devel

> Yeah, that was exactly my impression when I've started looking into
> what I'm doing, although not with the very same motivation or goal.
> 
> Like I told you offlist, we could use the gnunet.org mumble server
> to shape the idea(s) and solve questions like funding etc.

Sure. What I'll do first is write my ideas up in a BLOG and we open
for discussion. There is no rush, I am taking the long view.

Pj.

^ permalink raw reply	[flat|nested] 17+ messages in thread

* Re: Idea: setting up a company [formerly 'ethical hosting' [formerly mailman service (free for FOSS projects)]]
  2017-04-20 12:18               ` Pjotr Prins
@ 2017-04-23 18:19                 ` pelzflorian (Florian Pelz)
  0 siblings, 0 replies; 17+ messages in thread
From: pelzflorian (Florian Pelz) @ 2017-04-23 18:19 UTC (permalink / raw)
  To: guix-devel

On 04/20/2017 02:18 PM, Pjotr Prins wrote:
>> Yeah, that was exactly my impression when I've started looking into
>> what I'm doing, although not with the very same motivation or goal.
>>
>> Like I told you offlist, we could use the gnunet.org mumble server
>> to shape the idea(s) and solve questions like funding etc.
> 
> Sure. What I'll do first is write my ideas up in a BLOG and we open
> for discussion. There is no rush, I am taking the long view.
> 
> Pj.
> 

Let me ask: What is the vision for the future, not just for this
business?  What is sustainable in the long run?

What I would like to see is more on-site self hosting to make a more
peer to peer rather than federated network.  Virtual private servers
allow for more load balancing between different customers, but self
hosting seems better for at least some people or companies, because:
· There is no vendor lock-in.
· It is probably (?) cheaper in the long run to own and not rent the
hardware (and the software, kind of, if it is libre).
· There is no interference from others, e.g. when updates are delayed by
others or when other customers on the same node suffer a DoS attack.
· Self hosting could be more secure because it is more minimal and less
trust in a single third party is required.

With our current non-GNU IPv4 internet, such on-site self hosting would
for most people need dynamic DNS like afraid.org.  I have no experience
with how well that works, especially when it comes to the half-hearted
e-mail spam protection using reverse DNS queries and SPF, but I believe
one could make it work.

The hardware I’d want for this is RYF-certified and modular like an
EOMA68 microdesktop [1] (well, this EOMA68 implementation will
_presumably_ be certified once it is released) instead of some Pi
computer.  I have hope that such devices will not only be more libre but
also cheaper in the long run because of their modularity.

One should be able to plug in a computer display and administer Guix and
the services from a nice, explorable GUI desktop without using a console
terminal.  (Such administration could also be offered via Web or VNC,
but for self hosting, why not make it as comfortable and simple as a
desktop?)

As for making money from self hosting, I suppose one could make a
business selling servers, setting them up, customizing them and offering
customer support.  This should eventually be offered by many independent
professionals, I believe.

Of course, we don’t live in a nice and GNU future yet.  This may not be
the right business case for today.  Also maybe it will not by itself
become a full time job?

Regards,
Florian

[1] https://www.crowdsupply.com/eoma68/micro-desktop

^ permalink raw reply	[flat|nested] 17+ messages in thread

end of thread, other threads:[~2017-04-23 18:19 UTC | newest]

Thread overview: 17+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-04-18 10:23 Idea: mailman service (free for FOSS projects) Pjotr Prins
2017-04-18 11:18 ` ng0
2017-04-18 17:59   ` Idea: 'ethical hosting' [formerly mailman service (free for FOSS projects)] Pjotr Prins
2017-04-18 18:11     ` ng0
2017-04-18 18:50       ` Pjotr Prins
2017-04-18 19:52         ` ng0
2017-04-19  4:55           ` Pjotr Prins
2017-04-19  3:59         ` Christopher Allan Webber
2017-04-19 21:06         ` Ludovic Courtès
2017-04-20  6:01           ` Idea: setting up a company [formerly 'ethical hosting' [formerly mailman service (free for FOSS projects)]] Pjotr Prins
2017-04-20  8:52             ` ng0
2017-04-20 12:18               ` Pjotr Prins
2017-04-23 18:19                 ` pelzflorian (Florian Pelz)
2017-04-18 20:13     ` Idea: 'ethical hosting' [formerly mailman service (free for FOSS projects)] Hartmut Goebel
2017-04-19  4:39       ` Pjotr Prins
2017-04-19 20:34 ` Idea: mailman service (free for FOSS projects) Ludovic Courtès
2017-04-19 21:56   ` ng0

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.