Thank you Joachim. Now, regarding spamd(8), I knew that I need help
from pf. Regarding SpamAssassin: I did pkg_add, I followed
the instructions on modifying /etc/procmailrc I started spamd (spamc
should have been called for every message). Nothing happened.
No mail message was scanned. I have procmail installed (I'll try to use
amavisd). I use Sendmail (the idea is to get used to the most terrifying
mail server and then switch to a newer one). I will work on the source
code with great care when the time comes...
Regarding that sysctl: shouldn't we add it?
Regarding the upgrade: I will build the distribution using this machine
(3GHz P4, 1GB RAM) - my server is not under heavy load in this
period of the week. I just hoped binpatch could be a better solution.
The bug report is about a small condition: I was adding a user when the
root partition filled (I was transferring some data by NFS).
The processes failed, /etc/passwd and /etc/master.passwd got out of sync
and I couldn't use userdel or useradd (from what I remember)
anymore. The solution was to delete the line that represented the user
in /etc/master.passwd (that line was not present in /etc/passwd).
(I don't remember very well what happened there, but I'm not planning to
reproduce this). Maybe the program/script for adding users should
have a lock or something like that (the 2 files should be modified at
the same time) - anyway, it's hard to imagine such a situation in real
conditions.
Yours in BSDness,
Gabriel George POPA
Joachim Schipper wrote:
>On Thu, Mar 16, 2006 at 05:26:01PM +0200, Gabriel George POPA wrote:
>
>
>> I have four basic questions:
>>1) I have upgraded my server (both hw and sw). I switched from Slackware
>>GNU/Linux 10.1 to OpenBSD 3.8. Now I have problems
>>(re)installing SpamAssassin (I followed the instructions in the
>>micro-HOWTO, but it didn't help). Does anyone have some suggestions?
>>
>>
>
>Yes, produce a more precise question - I'm afraid we can't do much
>without a more detailed report.
>
>FWIW, I have SpamAssassin running from amavisd, in conjunction with
>Postfix, and that works fine.
>
>
>
>>2) How can I make my SPAMD act efficiently (at this moment it seems to
>>me that is rather formal, running there - I receive a lot of spam).
>>I use the configuration shipped with OpenBSD 3.8. How can I find some
>>free, usable and efficient lists to be used by SPAMD?
>>
>>
>
>spamd(8) uses greylisting, mostly. As to blacklists, they need to be
>updated pretty often; search for DNSRBL and similar. This is far
>superior to static blacklisting.
>
>Do note that spamd(8) needs some help from pf(4) to do any good.
>
>
>
>>3) I used FreeBSD a lot. I know they had a setting called see_other_uids
>>- or something like that - a sysctl, maybe the name is not accurate.
>>The effect of setting this sysctl was that a user could not see the
>>processes of any other user (do we have such a thing in OpenBSD 3.8?).
>>
>>
>
>To the best of my knowledge, no.
>
>
>
>>4) I've heard about binpatch and I've tried to use it once (I must apply
>>some security/reliability patches here). For me it's impractical to
>>recompile the entire system (I have the power to do that, I did it a
>>million times on FreeBSD, but now I'm running a production system and
>>I'm afraid that I should spoil some settings). I saw that you must edit
>>a Makefile (it seems rather complicated). I don't know how to edit this
>>(how can I learn to modify it or where can I find an already edited
>>Makefile?). Don't we have a service for automatic binary patch distribution
>>(like SuSE for example)? Maybe we should; OpenBSD rivals most UNIX
>>systems (documentation is excellent and the overall impression is
>>that of an OS for which you have paid a lot of money - without the usual
>>hassle from the producer (indoctrination and others)).
>>
>>
>
>The most reliable solution is to build your own release, on another
>machine, and update using that. Aside from rebooting to load the new
>kernel, this works flawlessly on (almost - as in, there are probably
>race conditions but I've never seen them) every try.
>
>See the FAQ (section 5.4, http://www.openbsd.org/faq/faq5.html#Release)
>for building your own release. It's really quite easy.
>
>
>
>> I also have a small bug report. What is the best method of submitting it?
>>
>>
>
>sendbug(1), usually.
>
>
>
>> Unfortunately, my income (I work for an University) does not allow me
>>to make a donation (and I cannot convince the people here to make
>>one), but I hope in the near future I will be able to help the OpenBSD
>>project with works to the ports collection or for the base system.
>>
>>
>
>That could be quite helpful, too, if done properly. Or so I believe...
>
> Joachim
