I've just had a brief interchange with a small charity that uses
DigitalOcean for some of their systems. A password-change mail from
their website was binned by my exim instance, for a score of 8.8 given
to it by the Bitfolk SpamAssassin (5.0 of that for coming from Digital
Ocean).
Can anyone suggest how, if at all, I can whitelist mail from that
particular domain in my (Debian) exim4 config, given that I'm using
the Bitfolk SpamAssassin and therefore have no control over it?
Thanks,
Hugo.
--
Hugo Mills | No names... I want to remain anomalous.
hugo@... carfax.org.uk |
http://carfax.org.uk/ |
PGP: E2AB1DE4 |
Hi All,
On https://boeser.ch/files/sys-arch.svg I published our sketches on
different system architectures. On the various sketches you see
node-1, node-2, node-A and node-B. In all sketches node-1 and 2 are
always considered to be containers (lxc-1, lxc-2). node-A and B are in
some sketches containers (LXC-A, LXC-B) and VMs in others (VM-A,
VM-B).
We have in mind two different admins for the red and the white parts
in the sketches. Obviously red admin has more power than white admin.
It is our primary goal to achieve a good trade off between strong
isolation/security and performance.
We consider the advantages of virtual machines as follows:
- a VMM (Xen, KVM) is considered to be more secure than a random linux
distribution that hosts containerization (LXD, Docker)
- isolation between virtual machines is stronger compared to
containers
- probably better support to run other OS (e.g. Windows, BSD etc.)
We consider the advantages of containers as follows:
- efficient in both resources and performance since kernel is shared
- faster startup then VMs
- "build once run everywhere"
Are there any reports you know of about how performance is reduced in
a VMM setup compared to a container setup? Or, do you have some
experience yourself?
Do you have any other thoughts when looking at the sketches?
Regards,
Sam
