Category: Blog

Making the clustered admin panel stand-alone

Multiplexing the SOAP requests in the web administration is important, because typical installations have anything between 2 and 20 email gateway nodes. Some time ago we blogged about how the made the SOAP client in the end-user interface asynchronous. However, in the email gateway’s admin interface the multiplexing has been supported by the rpcmplexd (that you might have noticed in the top display) since many years, because we couldn’t use the end-user interface’s curl_multi_*-based code since it doesn’t support verifying TLS certificates based on fingerprints. This wasn’t an issue for the end-user interface, because administrators could simply import a certificate on the server. In the email gateway however, it was a showstopper since the configuration’s remote_system__* (clustering) only contains the fingerprint; not the full certificate.

Philosophically, there’s one compelling reason to get rid of rpcmplexd; its the last thing that ties the admin interface to the email gateway. Our security model in which the backend‘s SOAP API is the only way to interact with the system has enabled us to run the admin interface in a sandbox for a long time. Theoretically, one could copy the entire /var/www/htdocs directory and put it on another web server, just pointing the SOAP client at a mail gateway node instead of localhost. If it wasn’t for rpcmplexd

Well, no more! We’ve replaced it with a future-based class which extends SoapClient. It’s a stream_socket_client-based HTTP client that supports chunks and TLS using stream_socket_enable_crypto (with fingerprint verification; that’s where it all started, remember?), which is made asynchronous (using STREAM_CLIENT_ASYNC_CONNECT, stream_set_blocking and stream_select). It’s used like a typical futures-API

$future1 = $client1->future()->getVersion();
$future2 = $client2->future()->getVersion();
try {
	$result1 = $future1->get()->result;
	$result2 = $future2->get()->result;
} catch (SoapFault $f) {
	echo $f->faultstring;
}

and will be part of the next release. While we don’t expect any administrators to actually move the admin interface of the cluster nodes, we still wanted to share with you some of the under-the-hood changes we’re doing. The next release will also add a SetTLS function to the pre-delivery script (yet another way of handling mail servers with broken SSL implementations) and a pie chart function called q() that can be used to visualize the queue and quarantine. We’re testing the upcoming release both as a minor update to 3.3 (based on FreeBSD 10.1) and as a major (binary-diff wise) update based on FreeBSD 10.2.

hostingcon_top

HostingCon, thank you!

Had a great time as always, thank you all for coming! If you want to get in contact or you need more information, please send us an email.

Enjoy the rest of your summer and we hope to see you soon again.

ps. did you read our new case studies on how you can reduce your costs and improve support and customer values? Download them directly form our site.

hostingcon_blog2

HostingCon Global in San Diego around the corner

As we’ve previously mentioned Halon Security will be exhibiting at HostingCon Global, taking place on the 27th until 29th of July.  Will you be there?

During the show we will have 2 announcements for you to read up on. These announcements are followed by 2 separate case studies, to support you in the understanding of the uniqueness and value of The Halon Email Platform. The case studies will be available online on our website – but also distributed in our booth #633 during HostingCon.

The Halon Agenda

  • Business Connection Session, on the 27th (Monday) at 2.30 pm, room 7B. Jonas – our CEO will participate and answer your questions, make sure to join in.
  •  Open Sessions at 11am and 3 pm (Tuesday and Wednesday), Halon booth. We advise you to step by for an informative and interactive live demo. If you join in you get a free Starbuck card as a small token of our appreciation for participating.

Get in contact

Booked a demo session with us? Give Imtinan a shout and he will make sure to take care of you. You’ll reach him on imtinan.hussain@halonsecurity.com or on +1-408-832-4854

See you soon!

The Halon Team

 

ps. We of course come packed with goodies to tickle your taste buds…

    Nina Offen      Blog
ispaawards

A night at the Awards!

Yesterday the ISPA Awards took place in the City of London. The Award is run by UK’s Internet Services Providers’ Association (ISPA) and have been rewarding and celebrating the best in the UK internet sector since 1999.

Halon joined in as sponsors of the event and got the possibility to present the award for the Best Business Customer Service. For more information about the winners and nominees please visit the ISPA website.

The Internet Services Providers’ Association  is the UK’s Trade Association for providers of internet services. ISPA brings together the UK internet industry to provide essential support through innovation, knowledge and experience in order to benefit the UK economy and society. Promoting collaboration and constructive dialogue between its members and the wider internet community, ISPA is an all important driving force for the industry.

 

Thank you all for a great evening, we look forward to seeing you soon again.

    Nina Offen      Blog
teamday

Activity day, thank you team Halon!

Halon has its headquarter in Sweden, but of course we are represented all over the world. This week we had the chance to bring part of our team together for some face-2-face strategy meetings, future planning and for some good old team building activities.

We had a great time and we’ve proven to be even stronger and more focused then ever, which is a great foundation for all the exciting things happening in the nearby future.

Again, thank you all for joining and for sharing good laughs and great ideas. Next time we hope to bring our whole team together for the continuation in strengthening our multi international team for establishing even more solid support, perfect fit product offering and highly valuable returns to our clients.

    Nina Offen      Blog