Access .rules files via HTTP ?

Dennis Willson taz at taz-mania.com
Tue Aug 22 19:37:47 IST 2006


What I do is; I have a master configuration server where all it does in 
hold the configuration files for a number of distributed services, but 
actually runs nothing itself. I edit any config files there and then I 
have a series of scripts I run when I complete the edit. I use rsync to 
push the changes out to all the servers. In the case of MailScanner, I 
have it configured to stop and restart itself once an hour so any 
changes take effect within an hour. I also don't have to edit multiple 
files on multiple servers. One drawback is at upgrade time. If the conf 
files have been upgraded then you have to be very sure you upgrade all 
servers and the admin master all at once (or at least prior to executing 
a change from the master).

I thought about making the MailScanner directory on each server an NFS 
mount to the master which would allow me to edit the configs and rules 
"on the fly", but if the tunnels I have connecting the datacenters goes 
down or the master for some reason goes down, all the actual working 
machines will stop and will not be able to start back up until the 
tunnel/connection is restored. The way I have it now if the tunnel drops 
I cannot do updates, but the servers all continue to run and even if 
they failed while the connection was down they can startup by themselves.

I'm going to make some changes where all the rules are stored in a 
database (MySQL) and script runs that builds the actual config and rule 
files then rsyncs them in place. I will do a JSP front end to edit the 
rules that are in the database so I can edit them from anywhere on the WEB.

Julian Field wrote:
> You could easily write a very short script to wget the configuration 
> files, then do a "service MailScanner reload". Set this up as a "cron" 
> job and it will get done regularly for you.
>
> Mike Wilson wrote:
>>
>> Hello everyone,
>>
>> I’m new to the list, but have been using MailScanner for over a year, 
>> anyway, here is my question.
>>
>> Is there a way to specify that the .conf files can be read over http?
>>
>> We edit the spam whitelist 2-3 times a day on 2 different MailScanner 
>> servers.
>>
>> Is there a way to configure MailScanner to read this file for a 
>> centralized web server instead of from the local file?
>>
>> Mike Wilson
>>
>>
>> -- 
>> This message has been scanned for viruses and
>> dangerous content by *MailScanner* <http://www.mailscanner.info/>, 
>> and is
>> believed to be clean. 
>



More information about the MailScanner mailing list