http://kerneltrap.org/node/14148

Here is a useful info I quote from slashdot:

quote begin:
Stopping and Starting a disk causes the most wear on the disk. When in an idle state the spinning disk has fully lubricated bearings and is using just a tiny amount of energy. Strap in a stop and start and you have bearings on start that don't have their lubrication optimally spread (gravity and lack of motion cause the metal to get closer together and depending on the manufacturer may have some of the bearings without lubrication), and the spinup of the disks themselves is on average a 6W draw (idle is like .3W). Plus, when the disks are fully spinning wobble is going to be constrained a bit by the speed, whereas on startup and stopping the minor imperfections in the disk can let the minor wobbles show which strains the bearings and causes wear and tear. See if the bearings start to fail and are say 20% shot, the motor on the drive can just use a little more energy to drive them, but the startup cost might exceed what the motor is capable of outputing. Using the example above, the .3W draw on idle might climb to .6W, but on startup that could translate in moving from 6W to 12W (and exceeding what the motor can physically provide).

And if you don't believe any of that you shouldn't have any trouble using google to find Admins who tell horror stories about having to reboot a drive and losing the entire drive because the bearings were shot to the point that once the disks stopped the motor couldn't generate enough force to restart them. But the disk could have lasted years more as long as it wasn't stopped. In fact in companies where a lot of data is stored the disks are put on their own power source at least partially because the disks don't have to be stopped if a server needs to be rebooted because of failure or updates. This is also one of the reasons to be wary of purchasing used storage arrays. Might have worked great when they shut it off, but you might be able to restart the array.

quote end

quote start:
I can't believe that I haven't seen more people coming down on the side of atime. I use it to troubleshoot very frequently. For example, if I try to start something up and it fails, I can easily see if it got as far as reading its config file by checking the atime on it. When I'm looking through a machine to find out what files are relevant to its current config, I can do an ls -lUrt and see what files were read recently and which haven't been touched for years. Yes, there are machines out there that have been cranking away doing production work for years. To do something, and then see what that something touched, is very handy.

Also, you can kind of see what an intruder did on a machine by looking at the atimes on the shared libraries, header files, etc. on a machine that you think may have been compromised, especially if that machine normally just grinds away doing a couple different things most of the time.

Seriously, that's what the noatime flag is for if you want it. But I would never use it unless I had a damn good reason.

quote end

Lately, there seems burst of spam bot attack, I see rising of spamhous blacklist queries from Postfix maillog, this does raise the network traffic and spamhous is blocking heavy queries even from small site.

OpenBSD spamd http://www.openbsd.org/spamd/ is the right tool to combat spam bot attack, it act as MTA front end protector, combined with OpenBSD packet filtering (PF), it stops spam reaching to MTA.

I setup the OpenBSD as transparent bridge firewall to filter smtp packet coming to my MTA, so there is no need to reconfigure the network, I have two ethernet interfaces (msk0, xl0) on OpenBSD, msk0 connect to switch port, xl0 connect to MTA with cross over ethernet cable. the configuration goes like this:
---------

external ethernet: (/etc/hostname.msk0)
inet ip_address 255.255.255.0 NONE

internal ehternet: (/etc/hostname.xl0)
up

bridge: (/etc/bridgename.bridge0)

add xl0 blocknonip xl0
add msk0 blocknonip msk0
up

/etc/rc.conf.local:

pf=YES
spamd_flags="-v -S 90 -n Postfix -h hostname_of_MTA -G 25:4:864"
spamd_grey=YES
pf_rules=/etc/pf.conf

/etc/pf.conf:

int_if="xl0"
ext_if="msk0"
admin_ip="my_admin_ip

table <spamd> persist
table <spamd-white> persist
table <whitelist> persist file "/etc/whitelist.txt"
table <blacklist> persist file "/etc/blacklist.txt"

#-------------------trick 0 start--------

no rdr proto tcp from <whitelist> to any

rdr on $ext_if inet proto tcp from <spamd> to port smtp \
-> 127.0.0.1 port spamd
rdr on $ext_if inet proto tcp from !<spamd-white> to port smtp \
-> 127.0.0.1 port spamd

# "log" so you can watch the connections getting trapped

pass in log on $ext_if route-to lo0 inet proto tcp to 127.0.0.1 port spamd

#-------------------trick 0 end-------------
#ssh
pass in quick on $ext_if inet proto tcp from $admin_ip to $ext_if port 22
block in on $ext_if inet proto tcp from any to $ext_if port 22

pass out on $ext_if
pass in on $int_if
pass out on $int_if

/etc/sysctl.conf:

net.inet.ip.forwarding=1

-------------------

That is all configurations, I run OpenBSD on a cheap PC bought from staples with only 300 bucks, since I put it in front of my MTA, It almost reduced 90% of spam traffic to my MTA, and Postfix, SpamAssassin just rest there, feels nothing to do.

While setting up a new user from Panther server, the user mailbox is not created automatically, leads to non-delieverble email to this user. it has always been working and why suddenly stops working as usual.run cyradm -u cyrus localhost and sam the_user_mailbox id all always give me system I/O error, so there is no way I could delete it, rename it...what about cyrus reconstruct command? so I su to user cyrus and run reconstruct -r user/the_user, it works, still not sure why the system misbehaves though???

I coded up a simple math subtraction addition script game using Asterisk Perl AGI library, this script will call Festival app to read question and answers to callers, check the script here:

http://bl0g.blogdns.com/asterisk/math.agi

Just setup text2speech software festival to work with asterisk, festival should be patched to work with asterisk, but there is simple way to patch it, read the festival.README in asterisk source contrib directory.

start festival first, then add extension in asterisk:

[incoming]

; incoming calls from the FXO port are directed to this context from zapata.conf

exten => s,1,Answer
exten => s,n,Festival(Welcome to open source asterisk pbx telephone system. this is vincent. press one reach me at office. press two reach me at home. press three leave me message. press four play subtraction addition game. press five listen my favorite song. press six ping an eye-p address type pound sign as dot)