Re: DNS : pas de résolution en local

2019-08-20 Thread Pascal Hambourg 

Le 20/08/2019 à 11:00, Daniel Huhardeaux a écrit :

Le 20/08/2019 à 10:55, Daniel Caillibaud a écrit :

Le 20/08/19 à 00:47, Migrec  a écrit :

Ça peut paraître logique car la box n'a pas connaissance de mon réseau
local (elle est juste en liaison avec le serveur). Mais pourquoi l'échec
de la résolution ne passe pas la main au serveur DNS local ?


Parce qu'il me semble que la résolution n'utilise le 2e dns que si le 
1er ne répond pas.


En effet. Ou alors répond qu'une erreur interne l'empêche de fournir une 
réponse (SERVFAIL, REFUSED...). En revanche NXDOMAIN (domaine 
inexistant) n'est pas considéré comme une absence de réponse.



Ici le 1er répond que le nom n'existe pas, donc ça s'arrête là.


En fait ici il ne dit pas que le nom n'existe pas, sinon il aurait 
répondu avec status=NXDOMAIN. Il répond avec status=NOERROR et ANSWER=0, 
ce qui signifie normalement que le nom existe mais qu'il n'a pas 
d'enregistrement du type demandé (A=adresse IPv4). Pour un client cela 
revient au même, mais cette réponse n'est pas correcte. Si je fais la 
même requête à mon serveur DNS, j'obtiens bien status=NXDOMAIN.


Ou alors les nameserver sont interrogés en même temps et la réponse du 
1er répondant est utilisée.


Non.

Conclusion : tous les DNS mentionnés dans resolv.conf doivent être 
équivalents.

Re: duckduckgo

2019-08-20 Thread Reco 
On Wed, Aug 21, 2019 at 03:41:34AM +, Finn wrote:
> arne wrote:
> > I am allergic to ads.
> > 
> > So I use an adblocker, ublock origin.
> > I have squid and privoxy proxy's running.
> > Have a local searx as search engine.
> > 
> 
> Are you running Searx instance in your system locally? If so, how? Searx
> isn't packed for Debian yet.

On the contrary, it is:

$ apt policy searx
searx:
  Installed: (none)
  Candidate: 0.15.0+dfsg1-1
  Version table:
 0.15.0+dfsg1-1 500
500 http://deb.debian.org/debian buster/main amd64 Packages

Reco

Re: Re: Segfault in different packages after recent automatic ffmpeg update

2019-08-20 Thread Nikolay Turpitko

Re: Re: Segfault in different packages after recent automatic ffmpeg update

2019-08-20 Thread Nikolay Turpitko

Re: Re: Segfault in different packages after recent automatic ffmpeg update

2019-08-20 Thread Nikolay Turpitko 

Sven,

Thank you very much for your reply.

I executed `dpkg -V` and it listed 
`/usr/lib/x86_64-linux-gnu/libavcodec.so.58.35.100`.


I purged `libavcodec58` and installed `libavcodec-extra`, which, 
obviously, installed `libavcodec-extra58` under the hood.


This solved my segfault issue. I've executed `dpkg -V` again and yeah, 
now it reports only some locally changed config files.


I have no idea why it affected only me. Everyone else installed extra 
package as dependency may be? Anyway, thank you again for rescuing me 
from this frustration.


--
Best,

Nikolay Turpitko
niko...@turpitko.com

Re: duckduckgo

2019-08-20 Thread Finn 
arne wrote:
> I am allergic to ads.
> 
> So I use an adblocker, ublock origin.
> I have squid and privoxy proxy's running.
> Have a local searx as search engine.
> 

Are you running Searx instance in your system locally? If so, how? Searx
isn't packed for Debian yet. Probably installed using Docker or compiled
by yourself. Or, using some Searx public instance?

> 99.% of the visited sites are without ads, no tracking.
> 
> Hope this helps. 
> 
> 
>> Question: is this due to a belief that such sites are (at least for
>> your use cases) at best marginally more useful than their non-JS
>> utilizing alternatives, or due to a desire to punish such sites or an
>> ethical objection to them? I certainly need to use numerous sites
>> (bill paying, banking, etc.) that require JS to function.
>>
>> Celejar
>>
>

Re: Bash isn't reading ~/.profile file when login from GNOME

2019-08-20 Thread Vipul 
Andrei POPESCU wrote:
> On Ma, 20 aug 19, 10:36:19, Greg Wooledge wrote:
>> On Tue, Aug 20, 2019 at 02:27:40PM +, Vipul wrote:
>>> Hi there,
>>>
>>> From few days, I'm trying find answer of a question "which program does
>>> read ~/.profile if I login from graphical user interface (for ex: GNOME)?".
>>
>> https://wiki.debian.org/Xsession
>> https://wiki.debian.org/EnvironmentVariables
>>
>> These are, of course, incomplete.
>>
>> The short answer is: if you login through a Display Manager (a graphical
>> login program), NOTHING reads ~/.profile.  Ever.
> 
> Some (most?) X terminal emulators have the option to start a login 
> shell, which would read ~/.profile.
> 

Probably, gnome-terminal is not a X terminal emulator but, it does able
to recognize variables set in ~/.profile file when login from GNOME
interface. Why is so?



signature.asc
Description: OpenPGP digital signature

Re: Bash isn't reading ~/.profile file when login from GNOME

2019-08-20 Thread Vipul 
Greg Wooledge wrote:
> On Tue, Aug 20, 2019 at 02:27:40PM +, Vipul wrote:
>> Hi there,
>>
>> From few days, I'm trying find answer of a question "which program does
>> read ~/.profile if I login from graphical user interface (for ex: GNOME)?".
> 
> https://wiki.debian.org/Xsession
> https://wiki.debian.org/EnvironmentVariables
> 
> These are, of course, incomplete.
> 
> The short answer is: if you login through a Display Manager (a graphical
> login program), NOTHING reads ~/.profile.  Ever.
> 

Try this if you're using GNOME with bash as a default shell. Export two
variables in $TEST_PRO and $TEST_BASH by adding these line `export
TEST_PRO="Hello from profile"` and `export TEST_BASH="Hello from bash"`
in ~/.profile and ~/.bash_profile file respectively.

Now, login from GNOME interface and run following command in gnome-terminal

$ echo "$TEST_PRO"
Hello from profile

$ echo "$TEST_BASH"

(output is empty string that means TEST_BASH variable is unset. see
below output of hd command)

$ hd <<< "$TEST_BASH"
  0a|.|
0001

Whereas, login from console then behavior is reversed

$ echo "$TEST_PRO"

(output is empty string. see below output of hd command)

$ hd <<< "$TEST_PRO"
  0a|.|
0001

$ echo "$TEST_BASH"
Hello from bash

which is kind of expected behavior because is presence of
~/.bash_profile file login shell (bash) will not read ~/.profile but,
not clear who reads ~/.profile when login from GNOME interface.
I think, it's sh (bourne) shell because according to INVOCATION
section bash man page if bash is invoked as sh, it tries to mimic bash
behavior by reading ~/.profile.

This behavior have something to do with Debian default configuration not
with any part of graphical interface program.

> So, let's try to guess what the actual goal is here.
> 
> If your goal is to set an environment variable in every program in your X
> session, and you're not using GNOME, then you can put an export command
> in ~/.xsessionrc and it should work great.
> 
> If you are using GNOME, please find out how to do it, and then tell us,
> because as far as I've been able to determine, GNOME makes this completely
> impossible.
> 

I asked this on #gnome:gnome.org they said try ~/.config/environment.d/

> Normal window managers run programs as children of themselves, using the
> standard Unix fork-and-exec model.  The window manager is executed with
> various environment variables, umask, resource limits, and so on, and
> its children inherit these.  So, the standard Unix login configuration
> stuff all works.  You edit a magic dot file, you login, the dot file is
> read by a shell, the shell executes your window manager, the WM inherits
> your desired environment, and everything launched from the WM also
> inherits this environment.  Easy peasy.
> 
> But with GNOME, applications are launched by sending a message to dbus,
> and then dbus spawns things as *its* children.  They are not children of
> the WM.  They do not inherit the environment from the WM.  They inherit
> the environment from dbus.
> 
> And there is no known way to configure the environment of dbus in a way
> that is useful to end users.
> 



signature.asc
Description: OpenPGP digital signature

gzip and old files Solved.

2019-08-20 Thread Martin McCormick 
This exercise was a good training session and was sort of
a trip down Memory Lane.  I am thankful that floppy disks are
mostly history but as long as the hardware is still there, it was
good to get useful tools that can on rare occasions, get one out
of a jam.

One of the things I learned while working with tomsrtbt
is that while it is possible to format 1.4 MB floppies to 1.7
megabytes, we must take care to make sure we know we are working
with one of the over-stuffed disks.

If you use the normal mount command such as

mount /media/floppy or some variation of that theme, the OS will
try to mount it as a 1.4 MB diskette and the mount will succeed
but nothing else will.

If you write to such a disk, you'll probably ruin it's
contents so if it is a valuable archive of some kind, you will
have trashed it.

If in doubt, slide the Write-Protect tab so that the hole
it covers is open.  That way nothing can trigger a write.

You can add a device to /dev that makes the drive run on
21 sectors/82 tracks as in

#sudo mknod /dev/fd0u1722 b 2 60
#sudo mount /dev/fd0u1722 /media/floppy

When you mount it properly, it behaves like all the other
possible formats.  If you mount a 1.72 disk the wrong way so the
system thinks it is 1.4 MB, an empty diskette will show lots of
dots .

$mount /media/floppy
mount: /media/floppy0: WARNING: device write-protected, mounted read-only.
$ls /media/floppy
.÷÷÷  .÷÷÷  .÷÷÷  .÷÷÷  .÷÷÷
.÷÷÷  .÷÷÷  .÷÷÷  .÷÷÷  .÷÷÷
.÷÷÷  .÷÷÷  .÷÷÷  .÷÷÷  .÷÷÷
.÷÷÷  .÷÷÷  .÷÷÷  .÷÷÷  .÷÷÷
.÷÷÷  .÷÷÷  .÷÷÷  .÷÷÷  .÷÷÷
.÷÷÷  .÷÷÷  .÷÷÷  .÷÷÷  .÷÷÷
.÷÷÷  .÷÷÷  .÷÷÷  .÷÷÷  .÷÷÷
.÷÷÷  .÷÷÷  .÷÷÷  .÷÷÷  .÷÷÷
.÷÷÷  .÷÷÷  .÷÷÷  .÷÷÷
.÷÷÷  .÷÷÷  .÷÷÷  .÷÷÷
$umount /media/floppy

That was a 1.7 MB mounted wrongly as 1.4 MB.  Here is the same
empty diskette mounted correctly.

$sudo mount /dev/fd0u1722 /media/floppy
mount: /media/floppy0: WARNING: device write-protected, mounted read-only.
$ls /media/floppy
$df -h /media/floppy
Filesystem  Size  Used Avail Use% Mounted on
/dev/fd0u1722   1.7M 0  1.7M   0% /media/floppy0
$exit

If the disk is empty, df -h will still show it as 1.7
which is okay but a populated 1.7 MB diskette will lie to you by
not showing it's capacity.

Here is a full disk mounted wrong.

$mount /media/floppy
mount: /media/floppy0: WARNING: device write-protected, mounted read-only.
$ls /media/floppy
boot.b  bz2bzImage  map  rc.custom.gz  settings.s
$df -h /media/floppy
Filesystem  Size  Used Avail Use% Mounted on
/dev/fd0862K  836K   26K  97% /media/floppy0
$exit

There was nothing shown for capacity.

The rc.custom.gz file that was corrupt was really not
corrupt when mounted correctly and writing the modified zip file
back to the disk worked perfectly as long as the disk has no bad
sectors.

Let's see.  If I was going to backup the hard drive on my
main Linux box, I'd need about 300-thousand of these storage
items so I thought I'd put it in a modern perspective.

The last floppy backup I did was around 2006 or so and I
don't miss not doing them at all, especially now with 512 GB hard
drives.

If you ever end up recovering any data with floppies,
write protect them especially if you are not sure how they were
made in the first place.  

Martin McCormick

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Michael Stone 

On Wed, Aug 21, 2019 at 07:43:26AM +1000, elvis wrote:

I installed postgrey, my spam went from maybe 10 a day (that were caught by 
spammassain) to maybe 1 or 2 a month.


Very little of my spam was blocked by postgrey, but it did break some 
legitimate messages from providers not big enough to land in the default 
whitelist.

Re: bash: impossible de régler le groupe de processus du terminal (20286): Ioctl() inapproprié pour un périphérique

2019-08-20 Thread Basile Starynkevitch 


On 8/21/19 1:27 AM, G2PC wrote:

Le 18/08/2019 à 12:19, Étienne Mollier a écrit :

Pour les opérations un tantinet plus avancées, préférez les
scripts à part entière.
En particulier, considérez les scripts dans des langages meilleurs que 
Bash, par exemple GNU guile  (qui 
est qualifié de langage de script préférentiel pour GNU) ou Lua 
.


Observez aussi que GNU emacs  est 
scriptable en E-lisp (et sait "presque" tout faire).




--


Basile STARYNKEVITCH   == http://starynkevitch.net/Basile
opinions are mine only - les opinions sont seulement miennes
Bourg La Reine, France; 
(mobile phone: cf my web page / voir ma page web...)

Re: bash: impossible de régler le groupe de processus du terminal (20286): Ioctl() inapproprié pour un périphérique

2019-08-20 Thread G2PC 
Le 18/08/2019 à 12:19, Étienne Mollier a écrit :
> Pour les opérations un tantinet plus avancées, préférez les
> scripts à part entière.  Ça vous évitera d'avoir un fichier
> .bashrc enflé jusqu'à démesure, et rendra plus rapide, et moins
> gourmande en mémoire l'exécution de votre shell au jour le jour.
>
> Ou à minima utilisez des fonctions.  En l'occurrence, vous aurez
> les même problèmes pour les charger dans l'environnement de cron
> que les alias.  Mais en général, vous pourrez lancer des
> commandes plus construites, réellement gérer les arguments,
> avoir possibilité de les déclencher par des "trap" pour gérer
> les exceptions,

Merci, je prend note.
Je verrais à faire d'avantage de fonctions pour mes scripts.
Je vais intégrer vos conseils sur mon wiki pour conserver ça sur la durée.

Bonne semaine.

Re: Solution to "pathetic email complaints"

2019-08-20 Thread elvis 




No need to. I have a single question - do you use SpamAssassin or Rspamd?




I installed postgrey, my spam went from maybe 10 a day (that were caught by 
spammassain) to maybe 1 or 2 a month.





--
Money not found. (A)pply for Bankruptcy, (R)efinance, (F)lee?

Normas Listas Debian (ERA: Actualizacion debian)

2019-08-20 Thread Debian 




El 20/8/19 a las 16:59, Fran Torres escribió:

Buenas,

pregunto yo una cosa a raíz de esto:

la migración versión por versión, no acaba engordando el sistema sin necesidad?
2. Que es el top postting que se ha comentado por aquí?

Fran.




Top posting es justamente lo que vos haćés.
Dificulta seguir el hilo de la conversación.

Las listas de correo Debian siguen ciertas normas explicitadas aquí:

https://wiki.debian.org/es/NormasLista

Las listas son fuente de información invaluable para cuando se busca 
solucionar un problema.
Las preguntas, sus respuestas y lo que aquellos que trata de solucionar 
han ido haciendo para llegar a buen término, ayuda mucho al momento de 
toparse con nuevos problemas.


El caso especial de "Top posting", está explicitado aquí:

https://es.wikipedia.org/wiki/Top-posting

JAP

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Michael Stone 

On Tue, Aug 20, 2019 at 11:10:08PM +0300, Reco wrote:

On Tue, Aug 20, 2019 at 03:45:31PM -0400, Michael Stone wrote:

On Tue, Aug 20, 2019 at 08:39:43PM +0300, Reco wrote:
> On Tue, Aug 20, 2019 at 01:22:27PM -0400, Michael Stone wrote:
> > On Tue, Aug 20, 2019 at 07:14:01PM +0300, Reco wrote:
> > > So it boils down to "MTA needs care on a regular basis" and "some
> > > blacklist can add your MTA for no good reason". First one is universal
> > > (applies to any Internet-facing service), second one can be beat with a
> > > creative use of hosting. Also, https://mxtoolbox.com. A non-free
> > > service, but a useful one.
> >
> > Way to oversimplify, and "creative use of hosting" basically means
> > "hope and pray". It's also not actually true that there's hosting
> > magic which makes you immune to blacklist stupidity unless your
> > hosting is gmail or something equally too large to block.
>
> Unless a blacklist adds victims by AS number, a change of MTA's IP
> (hence the hosting) and an appropriate DNS reconfiguration is
> sufficient to sidestep it.

And cause different issues, because you're no longer on an IP with an
established history.


A blank slate. There's nothing wrong with it. 


Except that other anti-spam algorithms take into account how long a 
domain has been around, and how long a specific IP has been in use for 
that domain. (In order to try to counteract spammers doing exactly what 
you're recommending in order to avoid IP based blocklists.)



Blacklists are called that
for a reason, they do not block whole IPv4/IPv6 address space.


Sure they do. Even in this thread you've heard people advocate blocking 
entire countries. You seem to be arguing based on some particular 
blacklist implementation without recognizing that other recipients use 
other blacklists, some of which may even have policies that you might 
think are idiotic. If you're trying to send an email to someone whose 
provider implements idiotic policies, your assessment of their policies 
is basically irrelevant. (Though it may eventually encourage you to 
simply stop caring about whether the email gets delivered.)



You're also assuming that they're blocking by IP rather than domain,
which is quite bold assumption since the blacklist is a black box and
domain based blacklists most certainly exist.


Haven't encountered one yet, but I trust you on this.


As an example, see https://www.spamhaus.org/dbl/ and "RHSBL"


Or, you're trying to send to someone who's blacklisting broad ranges
of IPs or ASs and you're just wasting your time changing IPs. Nothing
like find that out after going down that road.


And that's where "hosting" comes into play. Blacklisting, say, whole
Amazon AS is a little extreme, don't you think?


See above. Also, there are certainly recipients who are more skeptical 
of amazon IPs exactly because they're so easy to spin up. Also, amazon 
themselves will ask questions if you start hopping IPs and asking for 
PTRs on each of them for email delivery.


Again, each of these things is usually surmountable, but rational people 
eventually have to ask whether it's worth the effort vs throwing in the 
towel and outsourcing to a first tier provider.

Re: Bash isn't reading ~/.profile file when login from GNOME

2019-08-20 Thread Greg Wooledge 
On Tue, Aug 20, 2019 at 11:24:55PM +0300, Andrei POPESCU wrote:
> On Ma, 20 aug 19, 10:36:19, Greg Wooledge wrote:
> > On Tue, Aug 20, 2019 at 02:27:40PM +, Vipul wrote:
> > > Hi there,
> > > 
> > > From few days, I'm trying find answer of a question "which program does
> > > read ~/.profile if I login from graphical user interface (for ex: 
> > > GNOME)?".
> > 
> > https://wiki.debian.org/Xsession
> > https://wiki.debian.org/EnvironmentVariables
> > 
> > These are, of course, incomplete.
> > 
> > The short answer is: if you login through a Display Manager (a graphical
> > login program), NOTHING reads ~/.profile.  Ever.
> 
> Some (most?) X terminal emulators have the option to start a login 
> shell, which would read ~/.profile.

Yeah, the old 1980s academia memes strike back.  We come full circle.

"I can't get GNOME to do anything I tell it, so I'll work around that
by making GNOME make dbus make footerminalizer run my shell as a login
shell, and that'll read my dot files that should've been read a dozen
processes ago!"

All the lessons that we learned, all the wisdom that we dispensed, all
the FAQs we wrote, all the heartache and agony and repetition, all the
sheer bloody WORK that we have put in for the last 20 years to try to
teach people the right way to do things...

... has all gone up in smoke, because of fucking GNOME.  You can't do
things the right way now.  You have to do them the wrong way.

And now people will think that running login shells in every terminal
session is the RIGHT way.  And thus we start from scratch.

Cue a thousand newbies asking why there's a .bashrc file and why it
doesn't get read unless they source it from their profile, and why
they can't just put everything in profile.  Cue ten thousand people
giving wrong answers, partly wrong answers, anecdotes, offtopic
digressions.

Re: Bash isn't reading ~/.profile file when login from GNOME

2019-08-20 Thread Andrei POPESCU 
On Ma, 20 aug 19, 10:36:19, Greg Wooledge wrote:
> On Tue, Aug 20, 2019 at 02:27:40PM +, Vipul wrote:
> > Hi there,
> > 
> > From few days, I'm trying find answer of a question "which program does
> > read ~/.profile if I login from graphical user interface (for ex: GNOME)?".
> 
> https://wiki.debian.org/Xsession
> https://wiki.debian.org/EnvironmentVariables
> 
> These are, of course, incomplete.
> 
> The short answer is: if you login through a Display Manager (a graphical
> login program), NOTHING reads ~/.profile.  Ever.

Some (most?) X terminal emulators have the option to start a login 
shell, which would read ~/.profile.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: No Audio after suspend on Lenovo Ideapad 130s Debian Buster

2019-08-20 Thread John Kerr Anderson 
Thank you to everyone for your help!  I just added the
"snd_hda_intel.probe_mask=0x01" permanently to grub and it seems to be
working fine.

It's actually preferable to not have the HDMI audio work because I'd
normally have plugged in speakers through the microphone anyway and this
way I don't have to change the audio settings every time.  At least Jessie
would make me do that.


Regards,

John


On Tue, 20 Aug 2019 at 04:50, Curt  wrote:

> On 2019-08-20, Nektarios Katakis 
> wrote:
>  Intel Corporation Device 3198 (rev 03)
> >
> > If I understand correctly the problem was solved? If so you can check
> > `man alcactl` on how to persist the configuration generated from the
> > init command you ran.
> >
>
> I think this is a bug in a kernel module/driver, so updating alsa would
> be of no utility.
>
> As the workaround masks HDMI audio output, if the OP doesn't require
> that output, I'd just leave well enough alone.
>
>
> --
> “We are all in the gutter, but some of us are looking at the stars.”
> ― Oscar Wilde, Lady Windermere's Fan
>
>

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Reco 
On Tue, Aug 20, 2019 at 03:45:31PM -0400, Michael Stone wrote:
> On Tue, Aug 20, 2019 at 08:39:43PM +0300, Reco wrote:
> > On Tue, Aug 20, 2019 at 01:22:27PM -0400, Michael Stone wrote:
> > > On Tue, Aug 20, 2019 at 07:14:01PM +0300, Reco wrote:
> > > > So it boils down to "MTA needs care on a regular basis" and "some
> > > > blacklist can add your MTA for no good reason". First one is universal
> > > > (applies to any Internet-facing service), second one can be beat with a
> > > > creative use of hosting. Also, https://mxtoolbox.com. A non-free
> > > > service, but a useful one.
> > > 
> > > Way to oversimplify, and "creative use of hosting" basically means
> > > "hope and pray". It's also not actually true that there's hosting
> > > magic which makes you immune to blacklist stupidity unless your
> > > hosting is gmail or something equally too large to block.
> > 
> > Unless a blacklist adds victims by AS number, a change of MTA's IP
> > (hence the hosting) and an appropriate DNS reconfiguration is
> > sufficient to sidestep it.
> 
> And cause different issues, because you're no longer on an IP with an
> established history.

A blank slate. There's nothing wrong with it. Blacklists are called that
for a reason, they do not block whole IPv4/IPv6 address space.


> You're also assuming that they're blocking by IP rather than domain,
> which is quite bold assumption since the blacklist is a black box and
> domain based blacklists most certainly exist.  That said, I have in
> the past configured specific domains to recieve email from specific
> IPs because they arbitrarily stopped accepting mail from other IPs.

Haven't encountered one yet, but I trust you on this.


> > Of course, one can get an already blacklisted IP, so a certain amount of
> > "hope and pray" applies here.
> 
> Or, you're trying to send to someone who's blacklisting broad ranges
> of IPs or ASs and you're just wasting your time changing IPs. Nothing
> like find that out after going down that road.

And that's where "hosting" comes into play. Blacklisting, say, whole
Amazon AS is a little extreme, don't you think?


> > > In my experience with the younger generation, they already don't
> > > consider email a primary means of communication except within a closed
> > > environment like a school.
> > 
> > That's something I agree with. Still, I propose to wait until
> > post-Generation Z gets their first job.
> 
> Why? Current young working age people are alredy far less invested in
> email than their older peers. This isn't changing as they continue to
> work.

I disagree. "We do things this way because we got used to it" still
holds some weight.

> If anything, they're pushing companies away from using email as
> a primary means of internal communication.

But they lack weight to do so effectively yet. Certain positions come
with an age.


> > > In business the trend is increasingly toward outsourcing email to a
> > > large cloud provider (e.g., MS/outlook) so a future in which
> > > businesses mainly communicate between a small number of very large
> > > providers is not all that remote.
> > 
> > The trend is here, sure, as long as you consider small business.
> > Large one - not so much.
> 
> Maybe not ten years ago, but CIOs need to now have a good answer to why *not* 
> outsource email.

Privacy of internal communications? Risk limiting? A good CIO should
always have pro- and contra- arguments for any proposition.


> For the most part, large businesses that aren't IT providers don't
> particularly want to manage email servers. It might be hard for them
> to change their existing infrastructure, but in my experience it's
> something they're definitely looking at.

I'll believe it then I'll see it.

Reco

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Brian 
On Tue 20 Aug 2019 at 15:29:41 -0400, Celejar wrote:

> On Tue, 20 Aug 2019 19:29:54 +0100
> Brian  wrote:
> 
> ...
> 
> > The existence of an Internet swamped with spam has led to spam fighters
> > policing it and users demanding a means not to receive it. Between the
> > two, sending email directly has become more and more difficult. Spam
> > hasn't disappeared or been reduced, but the spam fighters have impacted
> 
> The potential fallacy here is that spam may not have been reduced from
> its levels of previous years, but the real question is whether it is
> less than it would be *today* without the efforts of the spam fighters.

It is your job to demonstrate that the spam fighters have had a
significant impact on the flow of spam over the internet. My
contention is that they will have simply brought the use of mail
to the point of uselessness if their ideas gain a significant
amount of traction.

-- 
Brian.

Re: Actualizacion debian

2019-08-20 Thread Fran Torres 
Buenas,

pregunto yo una cosa a raíz de esto:

la migración versión por versión, no acaba engordando el sistema sin necesidad?
2. Que es el top postting que se ha comentado por aquí?

Fran.

El 20/8/19, Itzcoalt Alvarez  escribió:
> Yo recieen migre 3 servidores de esa versión a la 10,
>
> Después de varios laboratorios,nos fuimos por la instalación desde cero.
>
> Pero en tu caso, debes probar, la migración version por version
>
> Saludos
>
>
>
>
> El mar., 20 ago. 2019 a las 10:57, Ing. Mariana Ramón
> ()
> escribió:
>
>> Hola buenos dias:
>>
>> Una disculpa, ya realice la revision y la version que di en el primero
>> correo (3.2.88-1) es erronea. la version correcta es la 7.11.
>> Tendria que igual instalar de 0 o se podria actualizar sin problemas con
>> el systemd?.
>>
>> saludos cordiales.
>>
>> El mar., 20 ago. 2019 a las 10:41, Itzcoalt Alvarez
>> ()
>> escribió:
>>
>>> Recomiendo instalación desde cero.
>>>
>>> Documenten los servicios y/o sistemas que expone este equipo, y validen
>>> la compatibilidad en Debian 10, la utilización de una maquina virtual es
>>> recomendable.
>>>
>>> Tampoco olviden hacer un plan de migración, mas si  el servidor es
>>> productivo.
>>>
>>>
>>>
>>> El mar., 20 ago. 2019 a las 10:15, Ing. Mariana Ramón (<
>>> ladiva...@gmail.com>) escribió:
>>>
 Buen dia.
 Actualmente cuento con la version de debian 3.2.88-1, sin embargo
 requiero actualizar a la ultima version, tengo la siguiente duda.

 1.-¿Se puede actualizar de golpe de la version 3.2.88-1 a la 10, sin
 perder o dañar todos mis archivos? o se tiene que ir actualizando poco
 a
 poco?.

 Quedo en espera de sus comentarios.

 Saludos.


 --
 Ing. Mariana Ramón




>>>
>>> --
>>>
>>>
>>
>> --
>> Ing. Mariana Ramón
>>
>>
>>
>>
>
> --
>

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Michael Stone 

On Tue, Aug 20, 2019 at 01:45:52PM -0400, Henning Follmann wrote:

I was referring to "add your MTA for no good reason".
That is vague and really not true.


Why do you think that? Your ability to find out why a specific domain 
got on a blacklist is pretty close to zero. You may be able to look at 
every single email being send from the domain, you might be able to 
verify that there's nothing bad there (no spambots, etc), but you can't 
find out what message got the domain on the blacklist. You can't even 
validate that the message which caused the block passed the SPF checks 
and was actually sent from infrastructure controlled by the domain in 
question. Once upon a time you could actually get that kind of 
information but those days are long gone.



However as a person I depend on e-mail and I really never had any of
these issues.


How would you know? Honest question. Unless you get a reply to every 
mail you send, you can't actually know whether every mail was recieved.



I look at how these heuristic based filter work and it is easy to
maintain a form of communication where the likelihood of blocked
is low.
Pretty much don't do anything marketers do.
Do not use binary content.
Do not use HTML
No links either
Avoid explicit words.
I could go on.


So if you do that and end up on a blacklist, what's your next step?


So, a Debian contributor Alice sends a private e-mail to a Debian
contributor Bob. Both Alice and Bob use arbitrary e-mail servers, most
likely beyond their control. E-mail bounces, Alice does not get any
meaningful diagnostics, Bob does not get a e-mail. It can happen.



It can happen, you could win the lottery :)
Could, Would, if and but. All vague forms of arguing.


It does happen, whether you want to accept it or not. Either your 
assessment of the odds are wrong or I want to find out where you play 
the lottery.

Re: Segfault in different packages after recent automatic ffmpeg update

2019-08-20 Thread Sven Joachim 
On 2019-08-20 16:38 +0700, Nikolay Turpitko wrote:

> Sorry to bother you. But is seems something is wrong after recent
> automatic update of ffmpeg package on Debian Buster on my laptop.
>
> I tried to fill the bug with reportbug, but it seems it haven't sent
> the mail.
>
> Packages that were upgraded:
> ffmpeg libavcodec58 libavdevice58 libavfilter7 libavformat58
> libavresample4 libavutil56 libpostproc55 libswresample3 libswscale5
>
> After that those programs began to fail with similar segfault error:
>
> ffmpeg
> mplayer
> cmus
> chromium
> telegram-desktop

Normally I would say that this might be due to an improperly backported
patch, but ffmpeg in buster-security is essentially the same version as
in bullseye/sid, and apparently nobody has reported segfaults in it.

Maybe one of the upgraded libraries is corrupt?  You can use
"dpkg --verify" to test their integrity.

Cheers,
   Sven

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Michael Stone 

On Tue, Aug 20, 2019 at 08:39:43PM +0300, Reco wrote:

On Tue, Aug 20, 2019 at 01:22:27PM -0400, Michael Stone wrote:

On Tue, Aug 20, 2019 at 07:14:01PM +0300, Reco wrote:
> So it boils down to "MTA needs care on a regular basis" and "some
> blacklist can add your MTA for no good reason". First one is universal
> (applies to any Internet-facing service), second one can be beat with a
> creative use of hosting. Also, https://mxtoolbox.com. A non-free
> service, but a useful one.

Way to oversimplify, and "creative use of hosting" basically means
"hope and pray". It's also not actually true that there's hosting
magic which makes you immune to blacklist stupidity unless your
hosting is gmail or something equally too large to block.


Unless a blacklist adds victims by AS number, a change of MTA's IP
(hence the hosting) and an appropriate DNS reconfiguration is
sufficient to sidestep it.


And cause different issues, because you're no longer on an IP with an 
established history. You're also assuming that they're blocking by IP 
rather than domain, which is quite bold assumption since the blacklist 
is a black box and domain based blacklists most certainly exist. That 
said, I have in the past configured specific domains to recieve email 
from specific IPs because they arbitrarily stopped accepting mail from 
other IPs. 


Of course, one can get an already blacklisted IP, so a certain amount of
"hope and pray" applies here.


Or, you're trying to send to someone who's blacklisting broad ranges of 
IPs or ASs and you're just wasting your time changing IPs. Nothing like 
find that out after going down that road.



In my experience with the younger generation, they already don't
consider email a primary means of communication except within a closed
environment like a school.


That's something I agree with. Still, I propose to wait until
post-Generation Z gets their first job.


Why? Current young working age people are alredy far less invested in 
email than their older peers. This isn't changing as they continue to 
work. If anything, they're pushing companies away from using email as a 
primary means of internal communication.



In business the trend is increasingly toward outsourcing email to a
large cloud provider (e.g., MS/outlook) so a future in which
businesses mainly communicate between a small number of very large
providers is not all that remote.


The trend is here, sure, as long as you consider small business.
Large one - not so much.


Maybe not ten years ago, but CIOs need to now have a good answer to why 
*not* outsource email. For the most part, large businesses that aren't 
IT providers don't particularly want to manage email servers. It might 
be hard for them to change their existing infrastructure, but in my 
experience it's something they're definitely looking at.



So which is it? A small email domain isn't a big deal to manage or it is?


I saw no unsolvable problems in doing it so far, hence my interest to
your statements. And yes, I do not consider myself an expert in all
things related to SNMP, MTAs and the like.


I never said the problems were unsolvable. (For the most part. I have 
seen horror stories where the best solution was to abandon a domain.) I 
do propose that the effort involved is so large that for most people it 
isn't worth it. As the number of people who care to try continues to 
shrink, the motivation for the large providers to bother worrying about 
small providers shrinks even faster. At some point the percentage of 
non-spam email originating from providers with less than a million users 
will be so small that the benefits in just cutting it off will outweigh 
the cost of doing so. We're already well past the point where sending 
from a gmail account is an accepted diagnostic step--which makes it hard 
to explain to an ordinary person why it wouldn't be the default.

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Brian 
On Tue 20 Aug 2019 at 14:43:08 -0400, Henning Follmann wrote:

> On Tue, Aug 20, 2019 at 09:16:58PM +0300, Reco wrote:
> [...]
> > > I could go on.
> > 
> > No need to. I have a single question - do you use SpamAssassin or Rspamd?
> > 
> >
> In most cases I use spamassassin.
> However my main defense line is spamhaus and spamcop.
> On spamcop I use also their service to submit complains. This is
> really nice, they will send a notification to the admin mailbox.
> And it often really works.
> with the two DNSBL I pretty much filter 90% of all spam.
> Spamassassin almost gets the rest and a few hit the actual mailboxes.
> With spamassassin it is very important for your users to understand
> the difference between unwanted mail a unsolicited mass spam when
> they submit for training the system.
> 
> In some cases I block complete regions (geoip blocking). This
> obviously works only for "local" mailservers.
> But if you business doesn't have international clients, dropping
> ru, tw, hk, br lowers the traffic by 80%.

You are entitled to *receive* whatever mail you want. But geoip
blocking? This is the antithesis of communication. "I plug my
ears if the someone from Russia or Hong Kong wants to talk with
me". It's relatively easy to do; I hope you do not expect a pat
on the back.

-- 
Brian.

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Celejar 
On Tue, 20 Aug 2019 19:29:54 +0100
Brian  wrote:

...

> The existence of an Internet swamped with spam has led to spam fighters
> policing it and users demanding a means not to receive it. Between the
> two, sending email directly has become more and more difficult. Spam
> hasn't disappeared or been reduced, but the spam fighters have impacted

The potential fallacy here is that spam may not have been reduced from
its levels of previous years, but the real question is whether it is
less than it would be *today* without the efforts of the spam fighters.

Celejar

Re: Compiling Linux with "bdver2" gcc optimization option

2019-08-20 Thread Franco Martelli 
On 19/08/19 at 21:18, Étienne Mollier wrote:
> Franco Martelli, on 2019-08-19:
>> I was thinking to submit a bug report against gcc-8 package. Now that I
>> have a work around, "bdver1" compiles without warnings, I can say
>> enough, what do you think about?
> 
> I don't know, to me it sounds more like little bugs on kernel
> side,
[ ... ]
> Gcc-8 on its side is just trying its best to help one to develop
> better code.  Its heuristics may not apply very well on kernel
> object code however.  If you can reproduce this issue and
> identify it as a false positive with a sample code, that is
> another story of course.

you're right, I compiled tar and hello program with -march=bdver2 option
without problem so gcc-8 is sure. I saw that all warnings that they
appear during kernel compilation process concern "objtool"

mm/memory.o: warning: objtool: remap_pfn_range()+0xd5: unsupported
intra-function call

that it's part of linux-kbuild-4.19 package maybe I should submit a bug
report to this package or is another one a better choice?

Best regards

-- 
Franco Martelli

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Celejar 
On Tue, 20 Aug 2019 12:58:05 -0400
Henning Follmann  wrote:

...

> I also block constantcontact and mailchimp, because they are basically
> commercial spamming services and anyone can add anyone on any mailing list.

See, this just illustrates the problem with aggresive blocking. Those
policies may work for you, but I'm involved with a small, legitimate
organization that uses Constant Contact to communicate with our
subscribers. Some (including me!) may feel that they are getting too
much email, but we make good faith efforts to only subscribe those who
want to be subscribed, and we certainly honor unsubscribe requests.

Celejar

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Dan Clery 
An eye opener for me was when my site got blacklisted as a spammer because
I was sending bounce messages for every email I refused to accept (due to
spam).

False positives happen more often then you'd think when you're receiving
legitimate emails in English, from international non-native speakers,
discussing legitimate wire-transfers (because when you send your kid to
another country for school, you might want to send them money). I still
think that it's super important to know when your email gets dropped on the
floor.

On Tue, Aug 20, 2019 at 2:30 PM Brian  wrote:

> On Tue 20 Aug 2019 at 11:24:42 -0400, Michael Stone wrote:
>
> > On Tue, Aug 20, 2019 at 05:57:40PM +0300, Reco wrote:
> > > On Tue, Aug 20, 2019 at 10:48:44AM -0400, Michael Stone wrote:
> > > > On Tue, Aug 20, 2019 at 07:31:57AM -0400, Henning Follmann wrote:
> > > > > If you setup your DNS properly create SPF an DKIM almost all
> > > > > providers will accept your email IF (and that's a very big if)
> > > > > you do not spam.
> > > >
> > > > That's a nice idea, but simply not true. You'll be ok right up until
> > > > you aren't, and as a small site you have no recourse to find out what
> > > > the problem is.
> > >
> > > Such statement is incomplete without some examples.
> > > Judging from your long history of contribution at Debian project,
> > > surely you have some that can be shared with the list.
> >
> > It's really hard to share specific examples without naming domains, so
> no.
> > In general terms, It's almost unheard of to get any kind of response from
> > the RFC-standard postmaster@ address these days. Most of the time, the
> best
> > you can hope for is a bounce (rather than your message silently going
> into
> > the recipient's spam box). If you're lucky the bounce will say something
> > like "sender on blacklist X". If blacklist X is reasonably well known you
> > can probably verify that the sender is on blacklist X. If you ask
> blacklist
> > X why the sender is on the blacklist you'll get no response. Maybe
> something
> > misattributed a spoofed email (relatively few sites actually care about
> SPF
> > etc so spoofs are still extremely common), maybe someone hit the spam
> button
> > accidently, maybe somebody doesn't like your ISP, maybe they don't like
> your
> > country, who knows? At that point you descend into a shady world of
> > extortion schemes, and need to make decisions about whether to pay third
> > parties to "certify" your domain to a blacklist. In the old days losing
> an
> > email was considered unacceptible; these days, there is so much junk that
> > false positives are expected and routine. Yeah, I've been doing this for
> a
> > long time--more than 20 years of dealing with email servers--but I don't
> > really think email in its traditional form will exist much longer. Heck,
> > there are even debian contributors whose personal email domains bounce
> > emails from other debian contributors. Who knows if they're even aware of
> > that?
>
> The existence of an Internet swamped with spam has led to spam fighters
> policing it and users demanding a means not to receive it. Between the
> two, sending email directly has become more and more difficult. Spam
> hasn't disappeared or been reduced, but the spam fighters have impacted
> on the basic concept of email communication and are achieving what the
> spammers haven't achieved - making email communication fraught and
> unreliable.
>
> --
> Brian.
>
>
>

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Joe 
On Tue, 20 Aug 2019 11:24:42 -0400
Michael Stone  wrote:


>  Heck, there are even debian
> contributors whose personal email domains bounce emails from other
> debian contributors. Who knows if they're even aware of that?
> 

I would be. Every day I read an email from my server listing every
sender's email address where my server has refused to accept the mail
and which were sent to one of the three real names my server deals
with. 

It's not a big task, as the overwhelmingly vast majority of refused spam
is sent to obviously made-up names on my domains in the hope of getting
a bounce to the spoofed From: address.

Fifteen or so years ago, out of curiosity, I said to hell with fake
email addresses, I'd go on using the Net with a real address (the one
in the headers has been my main address all those years) and see if I
could deal with the consequences. I've had to give up one of my main
weapons, the DNS check, as so many small businesses now outsource to
some other small business which doesn't really understand email. Also,
a lot of domestic ISPs now give their users PTR records. I've
compromised by routing the PTR-less stuff straight to a spam folder.
and glancing at it occasionally. 

It has worked out pretty well, I don't see a lot of spam, because I
refuse all the NDR stuff, and don't have a backup mail server. Much of
what I do see is 'real' spam, bloody idiots in my own country who
genuinely believe that the way to sell me stuff is to send me
unsolicited email. Repeatedly. 

I keep my own blacklist, and the mailing companies and tiny ISPs who
provide services to these spammers go into it. I used to complain a lot
to abuse addresses, but it never helped, and the big people don't even
have abuse addresses now.

-- 
Joe

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Henning Follmann 
On Tue, Aug 20, 2019 at 09:16:58PM +0300, Reco wrote:
[...]
> > I could go on.
> 
> No need to. I have a single question - do you use SpamAssassin or Rspamd?
> 
>
In most cases I use spamassassin.
However my main defense line is spamhaus and spamcop.
On spamcop I use also their service to submit complains. This is
really nice, they will send a notification to the admin mailbox.
And it often really works.
with the two DNSBL I pretty much filter 90% of all spam.
Spamassassin almost gets the rest and a few hit the actual mailboxes.
With spamassassin it is very important for your users to understand
the difference between unwanted mail a unsolicited mass spam when
they submit for training the system.

In some cases I block complete regions (geoip blocking). This
obviously works only for "local" mailservers.
But if you business doesn't have international clients, dropping
ru, tw, hk, br lowers the traffic by 80%.



-- 
Henning Follmann   | hfollm...@itcfollmann.com

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Brian 
On Tue 20 Aug 2019 at 11:24:42 -0400, Michael Stone wrote:

> On Tue, Aug 20, 2019 at 05:57:40PM +0300, Reco wrote:
> > On Tue, Aug 20, 2019 at 10:48:44AM -0400, Michael Stone wrote:
> > > On Tue, Aug 20, 2019 at 07:31:57AM -0400, Henning Follmann wrote:
> > > > If you setup your DNS properly create SPF an DKIM almost all
> > > > providers will accept your email IF (and that's a very big if)
> > > > you do not spam.
> > > 
> > > That's a nice idea, but simply not true. You'll be ok right up until
> > > you aren't, and as a small site you have no recourse to find out what
> > > the problem is.
> > 
> > Such statement is incomplete without some examples.
> > Judging from your long history of contribution at Debian project,
> > surely you have some that can be shared with the list.
> 
> It's really hard to share specific examples without naming domains, so no.
> In general terms, It's almost unheard of to get any kind of response from
> the RFC-standard postmaster@ address these days. Most of the time, the best
> you can hope for is a bounce (rather than your message silently going into
> the recipient's spam box). If you're lucky the bounce will say something
> like "sender on blacklist X". If blacklist X is reasonably well known you
> can probably verify that the sender is on blacklist X. If you ask blacklist
> X why the sender is on the blacklist you'll get no response. Maybe something
> misattributed a spoofed email (relatively few sites actually care about SPF
> etc so spoofs are still extremely common), maybe someone hit the spam button
> accidently, maybe somebody doesn't like your ISP, maybe they don't like your
> country, who knows? At that point you descend into a shady world of
> extortion schemes, and need to make decisions about whether to pay third
> parties to "certify" your domain to a blacklist. In the old days losing an
> email was considered unacceptible; these days, there is so much junk that
> false positives are expected and routine. Yeah, I've been doing this for a
> long time--more than 20 years of dealing with email servers--but I don't
> really think email in its traditional form will exist much longer. Heck,
> there are even debian contributors whose personal email domains bounce
> emails from other debian contributors. Who knows if they're even aware of
> that?

The existence of an Internet swamped with spam has led to spam fighters
policing it and users demanding a means not to receive it. Between the
two, sending email directly has become more and more difficult. Spam
hasn't disappeared or been reduced, but the spam fighters have impacted
on the basic concept of email communication and are achieving what the
spammers haven't achieved - making email communication fraught and
unreliable.

-- 
Brian.

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Reco 
On Tue, Aug 20, 2019 at 01:45:52PM -0400, Henning Follmann wrote:
> On Tue, Aug 20, 2019 at 08:22:23PM +0300, Reco wrote:
> > On Tue, Aug 20, 2019 at 12:58:05PM -0400, Henning Follmann wrote:
> > > On Tue, Aug 20, 2019 at 07:14:01PM +0300, Reco wrote:
> > > > On Tue, Aug 20, 2019 at 11:24:42AM -0400, Michael Stone wrote:
> > > > > On Tue, Aug 20, 2019 at 05:57:40PM +0300, Reco wrote:
> > > > > > On Tue, Aug 20, 2019 at 10:48:44AM -0400, Michael Stone wrote:
> > > > > > > On Tue, Aug 20, 2019 at 07:31:57AM -0400, Henning Follmann wrote:
> > > > 
> > > > So it boils down to "MTA needs care on a regular basis" and "some
> > > > blacklist can add your MTA for no good reason". First one is universal
> > > > (applies to any Internet-facing service), second one can be beat with a
> > > > creative use of hosting. Also, https://mxtoolbox.com. A non-free
> > > > service, but a useful one.
> > > >
> > > 
> > > Can we be more vague? This is how conspiracy theories spawn.
> > 
> > What's so vague about "you've got into some blacklist, and they require
> > some monetary compensation to whitelist you"? These things happen.
> > Said blacklist does not affect your ability to receive mail, but can
> > affect sending it.
> 
> I was referring to "add your MTA for no good reason".
> That is vague and really not true.

I'll leave you to your option. Not that I agree with it.


> > > > > In the old days losing an email was considered unacceptible;
> > > > 
> > > > It still is, you just have to consider a corporate communications as
> > > > well.
> > > > 
> > > > > these days, there is so much junk that false positives are expected
> > > > > and routine.
> > > > 
> > > > That haven't changed much in the last 15 years.
> > > 
> > > How is that to be expected? This all sounds like hear-say but
> > > did this actually happened?
> > 
> > Either you filter spam, and accept a certain amount of collateral damage
> > (i.e. some legitimate mail goes into spam), or you accept anything and
> > your users are drown in spam and viri (viruses? whatever). Or you try to
> > find a reasonable in-between and accept that occasional spam letter once
> > in a while. Surely you agree that it's been this way for a long time.
> >
> 
> Sure, I understand this.
> However as a person I depend on e-mail and I really never had any of
> these issues.

Consider yourself lucky. IMO all it takes is a single online purchase by
a single user of yours.


> I look at how these heuristic based filter work and it is easy to
> maintain a form of communication where the likelihood of blocked
> is low.
> Pretty much don't do anything marketers do.

Agreed.

> Do not use binary content.

Disagreed. Sending a binary attachment here and there is useful, so is
receiving it. A size of said attachment should not exceed a reasonable
limit of course.

> Do not use HTML

Tell it to Thunderbird users. Or that toy Android MUA (K-9 or whatever
it called). Or, that poor soul who uses outlook.com instead of e-mail.

> No links either

In this maillist they tend to do it. Occasionally.

> Avoid explicit words.

That's the can of worms that I refuse to open. The reason being the
constantly shifting definition of "explicit", and its dependency on a
current political situation.

> I could go on.

No need to. I have a single question - do you use SpamAssassin or Rspamd?


> > > > I somehow doubt that Debian project membership requires to be an expert
> > > > in any MTA, or to have any system administration skills for that matter.
> > > > In another words, of course it's not normal, but is something that's to
> > > > be expected.
> > > 
> > > Well, yes,
> > > I block random domains. But doing so is not random.
> > > I first try to contact the e-mail owner and the admin. But if they do
> > > no stop sending spam they are banned (usually forever).
> > > I also block constantcontact and mailchimp, because they are basically
> > > commercial spamming services and anyone can add anyone on any mailing 
> > > list.
...
> 
> Sorry I wasn't clear in my text.
> I absolutely understand We are talking about getting your e-mail out and
> accepted. I was basically describing the thought process of the
> receiving side, why you could be ending up being blocked. And
> how it is mainly your responsibility if you end up in trouble (not
> only as an e-mail admin, applies to life in general).
> 
> 
> > So, a Debian contributor Alice sends a private e-mail to a Debian
> > contributor Bob. Both Alice and Bob use arbitrary e-mail servers, most
> > likely beyond their control. E-mail bounces, Alice does not get any
> > meaningful diagnostics, Bob does not get a e-mail. It can happen.
> >
> 
> It can happen, you could win the lottery :)
> Could, Would, if and but. All vague forms of arguing.

I do not know the specifics of the cases Michael mentioned. Hence the
vague guessing.

Reco

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Henning Follmann 
On Tue, Aug 20, 2019 at 08:22:23PM +0300, Reco wrote:
> On Tue, Aug 20, 2019 at 12:58:05PM -0400, Henning Follmann wrote:
> > On Tue, Aug 20, 2019 at 07:14:01PM +0300, Reco wrote:
> > > On Tue, Aug 20, 2019 at 11:24:42AM -0400, Michael Stone wrote:
> > > > On Tue, Aug 20, 2019 at 05:57:40PM +0300, Reco wrote:
> > > > > On Tue, Aug 20, 2019 at 10:48:44AM -0400, Michael Stone wrote:
> > > > > > On Tue, Aug 20, 2019 at 07:31:57AM -0400, Henning Follmann wrote:
> > > 
> > > So it boils down to "MTA needs care on a regular basis" and "some
> > > blacklist can add your MTA for no good reason". First one is universal
> > > (applies to any Internet-facing service), second one can be beat with a
> > > creative use of hosting. Also, https://mxtoolbox.com. A non-free
> > > service, but a useful one.
> > >
> > 
> > Can we be more vague? This is how conspiracy theories spawn.
> 
> What's so vague about "you've got into some blacklist, and they require
> some monetary compensation to whitelist you"? These things happen.
> Said blacklist does not affect your ability to receive mail, but can
> affect sending it.

I was referring to "add your MTA for no good reason".
That is vague and really not true.

> 
> 
> > > > In the old days losing an email was considered unacceptible;
> > > 
> > > It still is, you just have to consider a corporate communications as
> > > well.
> > > 
> > > > these days, there is so much junk that false positives are expected
> > > > and routine.
> > > 
> > > That haven't changed much in the last 15 years.
> > 
> > How is that to be expected? This all sounds like hear-say but
> > did this actually happened?
> 
> Either you filter spam, and accept a certain amount of collateral damage
> (i.e. some legitimate mail goes into spam), or you accept anything and
> your users are drown in spam and viri (viruses? whatever). Or you try to
> find a reasonable in-between and accept that occasional spam letter once
> in a while. Surely you agree that it's been this way for a long time.
>

Sure, I understand this.
However as a person I depend on e-mail and I really never had any of
these issues.
I look at how these heuristic based filter work and it is easy to
maintain a form of communication where the likelihood of blocked
is low.
Pretty much don't do anything marketers do.
Do not use binary content.
Do not use HTML
No links either
Avoid explicit words.
I could go on.


> 
> > > > Heck, there are even debian
> > > > contributors whose personal email domains bounce emails from other
> > > > debian contributors. Who knows if they're even aware of that?
> > 
> > Are you aware of one? Really _KNOW_ this to be true?
> 
> No, but I'm not a Debian contributor. I see no reason not to trust
> Michael's word on this.
> 
> 
> > > I somehow doubt that Debian project membership requires to be an expert
> > > in any MTA, or to have any system administration skills for that matter.
> > > In another words, of course it's not normal, but is something that's to
> > > be expected.
> > 
> > Well, yes,
> > I block random domains. But doing so is not random.
> > I first try to contact the e-mail owner and the admin. But if they do
> > no stop sending spam they are banned (usually forever).
> > I also block constantcontact and mailchimp, because they are basically
> > commercial spamming services and anyone can add anyone on any mailing list.
> 
> I see a certain amount of confusion here. What you're talking about is
> receiving mail. An important part of any mail system, sure.
> What the quoted sentence refers is sending e-mail.
>

Sorry I wasn't clear in my text.
I absolutely understand We are talking about getting your e-mail out and
accepted. I was basically describing the thought process of the
receiving side, why you could be ending up being blocked. And
how it is mainly your responsibility if you end up in trouble (not
only as an e-mail admin, applies to life in general).


> So, a Debian contributor Alice sends a private e-mail to a Debian
> contributor Bob. Both Alice and Bob use arbitrary e-mail servers, most
> likely beyond their control. E-mail bounces, Alice does not get any
> meaningful diagnostics, Bob does not get a e-mail. It can happen.
>

It can happen, you could win the lottery :)
Could, Would, if and but. All vague forms of arguing.


> 
> > OTOH I really do not have any issues with my mailservices. I run
> > a couple of domains and there were really no issues in the past.
> > I am maintaining still the point that being blocked has 99% to do
> > with how you run your service. If you are not spamming people you
> > also will not end up on a blacklist. No one is really interested
> > just to mess with your e-mail if you are not bugging anyone.
> 
> My point exactly.
> 
> Reco
> 

-- 
Henning Follmann   | hfollm...@itcfollmann.com

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Reco 
On Tue, Aug 20, 2019 at 01:22:27PM -0400, Michael Stone wrote:
> On Tue, Aug 20, 2019 at 07:14:01PM +0300, Reco wrote:
> > So it boils down to "MTA needs care on a regular basis" and "some
> > blacklist can add your MTA for no good reason". First one is universal
> > (applies to any Internet-facing service), second one can be beat with a
> > creative use of hosting. Also, https://mxtoolbox.com. A non-free
> > service, but a useful one.
> 
> Way to oversimplify, and "creative use of hosting" basically means
> "hope and pray". It's also not actually true that there's hosting
> magic which makes you immune to blacklist stupidity unless your
> hosting is gmail or something equally too large to block.

Unless a blacklist adds victims by AS number, a change of MTA's IP
(hence the hosting) and an appropriate DNS reconfiguration is
sufficient to sidestep it.
Of course, one can get an already blacklisted IP, so a certain amount of
"hope and pray" applies here.


> > With all it's disadvantages, SMTP is one of the few examples of
> > successful federated (i.e. - non-centralized) form of Internet
> > communications. The other ones are slowly dying IRC and dead XMPP.
> > So I disagree. They can put all the fancy additions (like SPF, DMARC and
> > DANE) to it, but SMTP has a strong chance to outlive a current
> > generation.
> 
> We can agree to disagree. I think like the regular old telephone,
> people will suddenly realize that as a communication tool the noise is
> outweighing the signal and drop it.

Landlines still have their use here. They are shrinking to business and
government communications, sure. But it's curious how many people still
rely on that "you leave your job at office" principle.


> In my experience with the younger generation, they already don't
> consider email a primary means of communication except within a closed
> environment like a school.

That's something I agree with. Still, I propose to wait until
post-Generation Z gets their first job.


> In business the trend is increasingly toward outsourcing email to a
> large cloud provider (e.g., MS/outlook) so a future in which
> businesses mainly communicate between a small number of very large
> providers is not all that remote.

The trend is here, sure, as long as you consider small business.
Large one - not so much.


> > I somehow doubt that Debian project membership requires to be an expert
> > in any MTA, or to have any system administration skills for that matter.
> > In another words, of course it's not normal, but is something that's to
> > be expected.
> 
> So which is it? A small email domain isn't a big deal to manage or it is?

I saw no unsolvable problems in doing it so far, hence my interest to
your statements. And yes, I do not consider myself an expert in all
things related to SNMP, MTAs and the like.

Reco

Re: Actualizacion debian

2019-08-20 Thread Itzcoalt Alvarez 
Yo recieen migre 3 servidores de esa versión a la 10,

Después de varios laboratorios,nos fuimos por la instalación desde cero.

Pero en tu caso, debes probar, la migración version por version

Saludos




El mar., 20 ago. 2019 a las 10:57, Ing. Mariana Ramón ()
escribió:

> Hola buenos dias:
>
> Una disculpa, ya realice la revision y la version que di en el primero
> correo (3.2.88-1) es erronea. la version correcta es la 7.11.
> Tendria que igual instalar de 0 o se podria actualizar sin problemas con
> el systemd?.
>
> saludos cordiales.
>
> El mar., 20 ago. 2019 a las 10:41, Itzcoalt Alvarez ()
> escribió:
>
>> Recomiendo instalación desde cero.
>>
>> Documenten los servicios y/o sistemas que expone este equipo, y validen
>> la compatibilidad en Debian 10, la utilización de una maquina virtual es
>> recomendable.
>>
>> Tampoco olviden hacer un plan de migración, mas si  el servidor es
>> productivo.
>>
>>
>>
>> El mar., 20 ago. 2019 a las 10:15, Ing. Mariana Ramón (<
>> ladiva...@gmail.com>) escribió:
>>
>>> Buen dia.
>>> Actualmente cuento con la version de debian 3.2.88-1, sin embargo
>>> requiero actualizar a la ultima version, tengo la siguiente duda.
>>>
>>> 1.-¿Se puede actualizar de golpe de la version 3.2.88-1 a la 10, sin
>>> perder o dañar todos mis archivos? o se tiene que ir actualizando poco a
>>> poco?.
>>>
>>> Quedo en espera de sus comentarios.
>>>
>>> Saludos.
>>>
>>>
>>> --
>>> Ing. Mariana Ramón
>>>
>>>
>>>
>>>
>>
>> --
>>
>>
>
> --
> Ing. Mariana Ramón
>
>
>
>

--

Re: webmail and email from command line

2019-08-20 Thread loredana 
On Wed, Aug 14, 2019 at 4:24 PM loredana  wrote:
>
> Greetings,
>
> I posted the following message to debian-accessibility and I post it
> again as suggested.

My mistake.
I can't cope with this threading hijacking. As I said in my first
post, I do have a serious problem I am trying to solve.

I will browse the mailing list for a while, just in case somebody out
there wants to help and I will be back (to debian-accessibility) once
I find a working solution.

For the time being, I need to give to my mailbox a well deserved break.

Thanks again to those who helped.

Bye,
Loredana

"A chi piu' sa, piu' perder tempo spiace" - Dante Alighieri

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Michael Stone 

On Tue, Aug 20, 2019 at 12:58:05PM -0400, Henning Follmann wrote:

On Tue, Aug 20, 2019 at 11:24:42AM -0400, Michael Stone wrote:
> Heck, there are even debian
> contributors whose personal email domains bounce emails from other
> debian contributors. Who knows if they're even aware of that?



Are you aware of one? Really _KNOW_ this to be true?


Why else would I say it?


OTOH I really do not have any issues with my mailservices. I run
a couple of domains and there were really no issues in the past.
I am maintaining still the point that being blocked has 99% to do
with how you run your service.


1% of a couple billion people is still a lot of people, no?


If you are not spamming people you also will not end up on a blacklist.


Well, actual real-world experience shows that to not be true.

Re: Actualizacion debian

2019-08-20 Thread Debian 

El 20/8/19 a las 12:56, Ing. Mariana Ramón escribió:

Hola buenos dias:

Una disculpa, ya realice la revision y la version que di en el primero 
correo (3.2.88-1) es erronea. la version correcta es la 7.11.
Tendria que igual instalar de 0 o se podria actualizar sin problemas con 
el systemd?.


saludos cordiales.

El mar., 20 ago. 2019 a las 10:41, Itzcoalt Alvarez 
(mailto:itzcoal...@joiz.net>>) escribió:


Recomiendo instalación desde cero.

Documenten los servicios y/o sistemas que expone este equipo, y
validen la compatibilidad en Debian 10, la utilización de una
maquina virtual es recomendable.

Tampoco olviden hacer un plan de migración, mas si  el servidor es
productivo.



El mar., 20 ago. 2019 a las 10:15, Ing. Mariana Ramón
(mailto:ladiva...@gmail.com>>) escribió:

Buen dia.
Actualmente cuento con la version de debian 3.2.88-1, sin
embargo requiero actualizar a la ultima version, tengo la
siguiente duda.

1.-¿Se puede actualizar de golpe de la version 3.2.88-1 a la 10,
sin perder o dañar todos mis archivos? o se tiene que ir
actualizando poco a poco?.

Quedo en espera de sus comentarios.

Saludos.
-- 
Ing. Mariana Ramón





Eso es "wheezy"; si bien tuvo un LTS hasta hace poco, es algo viejo.

Mi primer pregunta es sobre el equipo, el soporte físico.
¿Qué máquina tenés corriendo, qué tenés montado y para qué?

Siendo TAN viejo, mi recomendación en que preserves los datos operativos 
(/home y usuarios), y hagas una instalación limpia.


Qué instalación, depende de la máquina que tengas y para qué.


Otras cosas:
1 - No incluyas contenido remoto en los mensajes.
2 - No hagas "top posting".
3 - Escribe en texto plano.

JAP

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Michael Stone 

On Tue, Aug 20, 2019 at 07:14:01PM +0300, Reco wrote:

So it boils down to "MTA needs care on a regular basis" and "some
blacklist can add your MTA for no good reason". First one is universal
(applies to any Internet-facing service), second one can be beat with a
creative use of hosting. Also, https://mxtoolbox.com. A non-free
service, but a useful one.


Way to oversimplify, and "creative use of hosting" basically means "hope 
and pray". It's also not actually true that there's hosting magic which 
makes you immune to blacklist stupidity unless your hosting is gmail or 
something equally too large to block.



With all it's disadvantages, SMTP is one of the few examples of
successful federated (i.e. - non-centralized) form of Internet
communications. The other ones are slowly dying IRC and dead XMPP.
So I disagree. They can put all the fancy additions (like SPF, DMARC and
DANE) to it, but SMTP has a strong chance to outlive a current
generation.


We can agree to disagree. I think like the regular old telephone, people 
will suddenly realize that as a communication tool the noise is 
outweighing the signal and drop it. In my experience with the younger 
generation, they already don't consider email a primary means of 
communication except within a closed environment like a school. In 
business the trend is increasingly toward outsourcing email to a large 
cloud provider (e.g., MS/outlook) so a future in which businesses mainly 
communicate between a small number of very large providers is not all 
that remote.



I somehow doubt that Debian project membership requires to be an expert
in any MTA, or to have any system administration skills for that matter.
In another words, of course it's not normal, but is something that's to
be expected.


So which is it? A small email domain isn't a big deal to manage or it is?

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Reco 
On Tue, Aug 20, 2019 at 12:58:05PM -0400, Henning Follmann wrote:
> On Tue, Aug 20, 2019 at 07:14:01PM +0300, Reco wrote:
> > On Tue, Aug 20, 2019 at 11:24:42AM -0400, Michael Stone wrote:
> > > On Tue, Aug 20, 2019 at 05:57:40PM +0300, Reco wrote:
> > > > On Tue, Aug 20, 2019 at 10:48:44AM -0400, Michael Stone wrote:
> > > > > On Tue, Aug 20, 2019 at 07:31:57AM -0400, Henning Follmann wrote:
> > > > > > If you setup your DNS properly create SPF an DKIM almost all
> > > > > > providers will accept your email IF (and that's a very big if)
> > > > > > you do not spam.
> > > > > 
> > > > > That's a nice idea, but simply not true. You'll be ok right up until
> > > > > you aren't, and as a small site you have no recourse to find out what
> > > > > the problem is.
> > > > 
> > > > Such statement is incomplete without some examples.
> > > > Judging from your long history of contribution at Debian project,
> > > > surely you have some that can be shared with the list.
> > > 
> > > It's really hard to share specific examples without naming domains, so
> > > no. In general terms, It's almost unheard of to get any kind of
> > > response from the RFC-standard postmaster@ address these days. Most of
> > > the time, the best you can hope for is a bounce (rather than your
> > > message silently going into the recipient's spam box). If you're lucky
> > > the bounce will say something like "sender on blacklist X". If
> > > blacklist X is reasonably well known you can probably verify that the
> > > sender is on blacklist X. If you ask blacklist X why the sender is on
> > > the blacklist you'll get no response. Maybe something misattributed a
> > > spoofed email (relatively few sites actually care about SPF etc so
> > > spoofs are still extremely common), maybe someone hit the spam button
> > > accidently, maybe somebody doesn't like your ISP, maybe they don't
> > > like your country, who knows? At that point you descend into a shady
> > > world of extortion schemes, and need to make decisions about whether
> > > to pay third parties to "certify" your domain to a blacklist.
> > 
> > So it boils down to "MTA needs care on a regular basis" and "some
> > blacklist can add your MTA for no good reason". First one is universal
> > (applies to any Internet-facing service), second one can be beat with a
> > creative use of hosting. Also, https://mxtoolbox.com. A non-free
> > service, but a useful one.
> >
> 
> Can we be more vague? This is how conspiracy theories spawn.

What's so vague about "you've got into some blacklist, and they require
some monetary compensation to whitelist you"? These things happen.
Said blacklist does not affect your ability to receive mail, but can
affect sending it.


> > > In the old days losing an email was considered unacceptible;
> > 
> > It still is, you just have to consider a corporate communications as
> > well.
> > 
> > > these days, there is so much junk that false positives are expected
> > > and routine.
> > 
> > That haven't changed much in the last 15 years.
> 
> How is that to be expected? This all sounds like hear-say but
> did this actually happened?

Either you filter spam, and accept a certain amount of collateral damage
(i.e. some legitimate mail goes into spam), or you accept anything and
your users are drown in spam and viri (viruses? whatever). Or you try to
find a reasonable in-between and accept that occasional spam letter once
in a while. Surely you agree that it's been this way for a long time.


> > > Heck, there are even debian
> > > contributors whose personal email domains bounce emails from other
> > > debian contributors. Who knows if they're even aware of that?
> 
> Are you aware of one? Really _KNOW_ this to be true?

No, but I'm not a Debian contributor. I see no reason not to trust
Michael's word on this.


> > I somehow doubt that Debian project membership requires to be an expert
> > in any MTA, or to have any system administration skills for that matter.
> > In another words, of course it's not normal, but is something that's to
> > be expected.
> 
> Well, yes,
> I block random domains. But doing so is not random.
> I first try to contact the e-mail owner and the admin. But if they do
> no stop sending spam they are banned (usually forever).
> I also block constantcontact and mailchimp, because they are basically
> commercial spamming services and anyone can add anyone on any mailing list.

I see a certain amount of confusion here. What you're talking about is
receiving mail. An important part of any mail system, sure.
What the quoted sentence refers is sending e-mail.

So, a Debian contributor Alice sends a private e-mail to a Debian
contributor Bob. Both Alice and Bob use arbitrary e-mail servers, most
likely beyond their control. E-mail bounces, Alice does not get any
meaningful diagnostics, Bob does not get a e-mail. It can happen.


> OTOH I really do not have any issues with my mailservices. I run
> a couple of domains and there were really no issues in the

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Henning Follmann 
On Tue, Aug 20, 2019 at 07:14:01PM +0300, Reco wrote:
> On Tue, Aug 20, 2019 at 11:24:42AM -0400, Michael Stone wrote:
> > On Tue, Aug 20, 2019 at 05:57:40PM +0300, Reco wrote:
> > > On Tue, Aug 20, 2019 at 10:48:44AM -0400, Michael Stone wrote:
> > > > On Tue, Aug 20, 2019 at 07:31:57AM -0400, Henning Follmann wrote:
> > > > > If you setup your DNS properly create SPF an DKIM almost all
> > > > > providers will accept your email IF (and that's a very big if)
> > > > > you do not spam.
> > > > 
> > > > That's a nice idea, but simply not true. You'll be ok right up until
> > > > you aren't, and as a small site you have no recourse to find out what
> > > > the problem is.
> > > 
> > > Such statement is incomplete without some examples.
> > > Judging from your long history of contribution at Debian project,
> > > surely you have some that can be shared with the list.
> > 
> > It's really hard to share specific examples without naming domains, so
> > no. In general terms, It's almost unheard of to get any kind of
> > response from the RFC-standard postmaster@ address these days. Most of
> > the time, the best you can hope for is a bounce (rather than your
> > message silently going into the recipient's spam box). If you're lucky
> > the bounce will say something like "sender on blacklist X". If
> > blacklist X is reasonably well known you can probably verify that the
> > sender is on blacklist X. If you ask blacklist X why the sender is on
> > the blacklist you'll get no response. Maybe something misattributed a
> > spoofed email (relatively few sites actually care about SPF etc so
> > spoofs are still extremely common), maybe someone hit the spam button
> > accidently, maybe somebody doesn't like your ISP, maybe they don't
> > like your country, who knows? At that point you descend into a shady
> > world of extortion schemes, and need to make decisions about whether
> > to pay third parties to "certify" your domain to a blacklist.
> 
> So it boils down to "MTA needs care on a regular basis" and "some
> blacklist can add your MTA for no good reason". First one is universal
> (applies to any Internet-facing service), second one can be beat with a
> creative use of hosting. Also, https://mxtoolbox.com. A non-free
> service, but a useful one.
>

Can we be more vague? This is how conspiracy theories spawn.


> 
> > In the old days losing an email was considered unacceptible;
> 
> It still is, you just have to consider a corporate communications as
> well.
> 
> 
> > these days, there is so much junk that false positives are expected
> > and routine.
> 
> That haven't changed much in the last 15 years.

How is that to be expected? This all sounds like hear-say but
did this actually happened?


> 
> 
> > Yeah, I've been doing this for a long time--more than 20 years of
> > dealing with email servers--but I don't really think email in its
> > traditional form will exist much longer.
> 
> With all it's disadvantages, SMTP is one of the few examples of
> successful federated (i.e. - non-centralized) form of Internet
> communications. The other ones are slowly dying IRC and dead XMPP.
> So I disagree. They can put all the fancy additions (like SPF, DMARC and
> DANE) to it, but SMTP has a strong chance to outlive a current
> generation.
>

With this I agree!

> 
> > Heck, there are even debian
> > contributors whose personal email domains bounce emails from other
> > debian contributors. Who knows if they're even aware of that?
>

Are you aware of one? Really _KNOW_ this to be true?

> I somehow doubt that Debian project membership requires to be an expert
> in any MTA, or to have any system administration skills for that matter.
> In another words, of course it's not normal, but is something that's to
> be expected.
> 
> Reco
>

Well, yes,
I block random domains. But doing so is not random.
I first try to contact the e-mail owner and the admin. But if they do
no stop sending spam they are banned (usually forever).
I also block constantcontact and mailchimp, because they are basically
commercial spamming services and anyone can add anyone on any mailing list.

OTOH I really do not have any issues with my mailservices. I run
a couple of domains and there were really no issues in the past.
I am maintaining still the point that being blocked has 99% to do
with how you run your service. If you are not spamming people you
also will not end up on a blacklist. No one is really interested
just to mess with your e-mail if you are not bugging anyone.


-H

-- 
Henning Follmann   | hfollm...@itcfollmann.com

Re: Actualizacion debian

2019-08-20 Thread Ing . Mariana Ramón 
Hola buenos dias:

Una disculpa, ya realice la revision y la version que di en el primero
correo (3.2.88-1) es erronea. la version correcta es la 7.11.
Tendria que igual instalar de 0 o se podria actualizar sin problemas con el
systemd?.

saludos cordiales.

El mar., 20 ago. 2019 a las 10:41, Itzcoalt Alvarez ()
escribió:

> Recomiendo instalación desde cero.
>
> Documenten los servicios y/o sistemas que expone este equipo, y validen la
> compatibilidad en Debian 10, la utilización de una maquina virtual es
> recomendable.
>
> Tampoco olviden hacer un plan de migración, mas si  el servidor es
> productivo.
>
>
>
> El mar., 20 ago. 2019 a las 10:15, Ing. Mariana Ramón (<
> ladiva...@gmail.com>) escribió:
>
>> Buen dia.
>> Actualmente cuento con la version de debian 3.2.88-1, sin embargo
>> requiero actualizar a la ultima version, tengo la siguiente duda.
>>
>> 1.-¿Se puede actualizar de golpe de la version 3.2.88-1 a la 10, sin
>> perder o dañar todos mis archivos? o se tiene que ir actualizando poco a
>> poco?.
>>
>> Quedo en espera de sus comentarios.
>>
>> Saludos.
>>
>>
>> --
>> Ing. Mariana Ramón
>>
>>
>>
>>
>
> --
>
>

-- 
Ing. Mariana Ramón

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Reco 
On Tue, Aug 20, 2019 at 11:24:42AM -0400, Michael Stone wrote:
> On Tue, Aug 20, 2019 at 05:57:40PM +0300, Reco wrote:
> > On Tue, Aug 20, 2019 at 10:48:44AM -0400, Michael Stone wrote:
> > > On Tue, Aug 20, 2019 at 07:31:57AM -0400, Henning Follmann wrote:
> > > > If you setup your DNS properly create SPF an DKIM almost all
> > > > providers will accept your email IF (and that's a very big if)
> > > > you do not spam.
> > > 
> > > That's a nice idea, but simply not true. You'll be ok right up until
> > > you aren't, and as a small site you have no recourse to find out what
> > > the problem is.
> > 
> > Such statement is incomplete without some examples.
> > Judging from your long history of contribution at Debian project,
> > surely you have some that can be shared with the list.
> 
> It's really hard to share specific examples without naming domains, so
> no. In general terms, It's almost unheard of to get any kind of
> response from the RFC-standard postmaster@ address these days. Most of
> the time, the best you can hope for is a bounce (rather than your
> message silently going into the recipient's spam box). If you're lucky
> the bounce will say something like "sender on blacklist X". If
> blacklist X is reasonably well known you can probably verify that the
> sender is on blacklist X. If you ask blacklist X why the sender is on
> the blacklist you'll get no response. Maybe something misattributed a
> spoofed email (relatively few sites actually care about SPF etc so
> spoofs are still extremely common), maybe someone hit the spam button
> accidently, maybe somebody doesn't like your ISP, maybe they don't
> like your country, who knows? At that point you descend into a shady
> world of extortion schemes, and need to make decisions about whether
> to pay third parties to "certify" your domain to a blacklist.

So it boils down to "MTA needs care on a regular basis" and "some
blacklist can add your MTA for no good reason". First one is universal
(applies to any Internet-facing service), second one can be beat with a
creative use of hosting. Also, https://mxtoolbox.com. A non-free
service, but a useful one.


> In the old days losing an email was considered unacceptible;

It still is, you just have to consider a corporate communications as
well.


> these days, there is so much junk that false positives are expected
> and routine.

That haven't changed much in the last 15 years.


> Yeah, I've been doing this for a long time--more than 20 years of
> dealing with email servers--but I don't really think email in its
> traditional form will exist much longer.

With all it's disadvantages, SMTP is one of the few examples of
successful federated (i.e. - non-centralized) form of Internet
communications. The other ones are slowly dying IRC and dead XMPP.
So I disagree. They can put all the fancy additions (like SPF, DMARC and
DANE) to it, but SMTP has a strong chance to outlive a current
generation.


> Heck, there are even debian
> contributors whose personal email domains bounce emails from other
> debian contributors. Who knows if they're even aware of that?

I somehow doubt that Debian project membership requires to be an expert
in any MTA, or to have any system administration skills for that matter.
In another words, of course it's not normal, but is something that's to
be expected.

Reco

Re: Actualizacion debian

2019-08-20 Thread Debian 

El 20/8/19 a las 11:57, Ing. Mariana Ramón escribió:

Buen dia.
Actualmente cuento con la version de debian 3.2.88-1, sin embargo 
requiero actualizar a la ultima version, tengo la siguiente duda.


1.-¿Se puede actualizar de golpe de la version 3.2.88-1 a la 10, sin 
perder o dañar todos mis archivos? o se tiene que ir actualizando poco a 
poco?.


Quedo en espera de sus comentarios.

Saludos.


--
Ing. Mariana Ramón






¿3.2.88-1? Eso es una versión de kernel, no una versión de Debian.
Por lo que supongo que estás usando "jessie" o "stretch"; ese kernel es 
del 2017.


No, las versiones de Debian no se pueden saltear.
Salvo que hagas formato e instales desde cero, sin perder datos de /home 
de usuarios.


Asumo que estás usando un equipo de 64 bits (amd64)

Si estás en jessie, debés primero pasar a stretch,
usando esta guía.
https://www.debian.org/releases/stretch/amd64/release-notes/ch-upgrading.es.html

Si estás en stretch, puedes seguir esta guía:
https://www.debian.org/releases/stable/amd64/release-notes/ch-upgrading.es.html

Espero te sirva

JAP

Re: Actualizacion debian

2019-08-20 Thread Itzcoalt Alvarez 
Recomiendo instalación desde cero.

Documenten los servicios y/o sistemas que expone este equipo, y validen la
compatibilidad en Debian 10, la utilización de una maquina virtual es
recomendable.

Tampoco olviden hacer un plan de migración, mas si  el servidor es
productivo.



El mar., 20 ago. 2019 a las 10:15, Ing. Mariana Ramón ()
escribió:

> Buen dia.
> Actualmente cuento con la version de debian 3.2.88-1, sin embargo requiero
> actualizar a la ultima version, tengo la siguiente duda.
>
> 1.-¿Se puede actualizar de golpe de la version 3.2.88-1 a la 10, sin
> perder o dañar todos mis archivos? o se tiene que ir actualizando poco a
> poco?.
>
> Quedo en espera de sus comentarios.
>
> Saludos.
>
>
> --
> Ing. Mariana Ramón
>
>
>
>

--

Re: Actualizacion debian

2019-08-20 Thread juan 
sin duda nejor desde cero, tal vez primero en una particion y luego de 
rescatar todos los documentos  eliminas ese debian cavernicola :)


El 20/8/19 a las 17:33, Paynalton escribió:


Si un ave no rompe su huevo morirá antes de nacer.
Nosotros somos el ave y el mundo es nuestro huevo.
POR LA REVOLUCIÓN DEL MUNDO

Ciudad de México


El mar., 20 ago. 2019 a las 10:15, Ing. Mariana Ramón 
(mailto:ladiva...@gmail.com>>) escribió:


Buen dia.
Actualmente cuento con la version de debian 3.2.88-1, sin embargo
requiero actualizar a la ultima version, tengo la siguiente duda.


pfff, es bastante vieja, el problema principal será que muchos 
paquetes ya no contarán con soporte o ya no estarán disponibles en el 
repositorio.


1.-¿Se puede actualizar de golpe de la version 3.2.88-1 a la 10,
sin perder o dañar todos mis archivos? o se tiene que ir
actualizando poco a poco?.


Lo mejor es poco a poco, pero en el medio tendrás que enfrentarte a la 
migración de systemd que fue un verdadero dolor de cabeza. Considera 
mejor rescatar datos y migrarlos a un sistema nuevo instalado desde 0.


Quedo en espera de sus comentarios.

Saludos.


-- 
Ing. Mariana Ramón

Re: Actualizacion debian

2019-08-20 Thread Paynalton 
Si un ave no rompe su huevo morirá antes de nacer.
Nosotros somos el ave y el mundo es nuestro huevo.
POR LA REVOLUCIÓN DEL MUNDO

Ciudad de México


El mar., 20 ago. 2019 a las 10:15, Ing. Mariana Ramón ()
escribió:

> Buen dia.
> Actualmente cuento con la version de debian 3.2.88-1, sin embargo requiero
> actualizar a la ultima version, tengo la siguiente duda.
>
>
pfff, es bastante vieja, el problema principal será que muchos paquetes ya
no contarán con soporte o ya no estarán disponibles en el repositorio.


> 1.-¿Se puede actualizar de golpe de la version 3.2.88-1 a la 10, sin
> perder o dañar todos mis archivos? o se tiene que ir actualizando poco a
> poco?.
>
>
Lo mejor es poco a poco, pero en el medio tendrás que enfrentarte a la
migración de systemd que fue un verdadero dolor de cabeza. Considera mejor
rescatar datos y migrarlos a un sistema nuevo instalado desde 0.


> Quedo en espera de sus comentarios.
>
> Saludos.
>
>
> --
> Ing. Mariana Ramón
>
>
>
>

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Michael Stone 

On Tue, Aug 20, 2019 at 05:57:40PM +0300, Reco wrote:

On Tue, Aug 20, 2019 at 10:48:44AM -0400, Michael Stone wrote:

On Tue, Aug 20, 2019 at 07:31:57AM -0400, Henning Follmann wrote:
> If you setup your DNS properly create SPF an DKIM almost all
> providers will accept your email IF (and that's a very big if)
> you do not spam.

That's a nice idea, but simply not true. You'll be ok right up until
you aren't, and as a small site you have no recourse to find out what
the problem is.


Such statement is incomplete without some examples.
Judging from your long history of contribution at Debian project,
surely you have some that can be shared with the list.


It's really hard to share specific examples without naming domains, so 
no. In general terms, It's almost unheard of to get any kind of response 
from the RFC-standard postmaster@ address these days. Most of the time, 
the best you can hope for is a bounce (rather than your message silently 
going into the recipient's spam box). If you're lucky the bounce will 
say something like "sender on blacklist X". If blacklist X is reasonably 
well known you can probably verify that the sender is on blacklist X. If 
you ask blacklist X why the sender is on the blacklist you'll get no 
response. Maybe something misattributed a spoofed email (relatively few 
sites actually care about SPF etc so spoofs are still extremely common), 
maybe someone hit the spam button accidently, maybe somebody doesn't 
like your ISP, maybe they don't like your country, who knows? At that 
point you descend into a shady world of extortion schemes, and need to 
make decisions about whether to pay third parties to "certify" your 
domain to a blacklist. In the old days losing an email was considered 
unacceptible; these days, there is so much junk that false positives are 
expected and routine. Yeah, I've been doing this for a long time--more 
than 20 years of dealing with email servers--but I don't really think 
email in its traditional form will exist much longer. Heck, there are 
even debian contributors whose personal email domains bounce emails from 
other debian contributors. Who knows if they're even aware of that?

Actualizacion debian

2019-08-20 Thread Ing . Mariana Ramón 
 Buen dia.
Actualmente cuento con la version de debian 3.2.88-1, sin embargo requiero
actualizar a la ultima version, tengo la siguiente duda.

1.-¿Se puede actualizar de golpe de la version 3.2.88-1 a la 10, sin perder
o dañar todos mis archivos? o se tiene que ir actualizando poco a poco?.

Quedo en espera de sus comentarios.

Saludos.


-- 
Ing. Mariana Ramón

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Reco 
Hi.

On Tue, Aug 20, 2019 at 10:48:44AM -0400, Michael Stone wrote:
> On Tue, Aug 20, 2019 at 07:31:57AM -0400, Henning Follmann wrote:
> > If you setup your DNS properly create SPF an DKIM almost all
> > providers will accept your email IF (and that's a very big if)
> > you do not spam.
> 
> That's a nice idea, but simply not true. You'll be ok right up until
> you aren't, and as a small site you have no recourse to find out what
> the problem is.

Such statement is incomplete without some examples.
Judging from your long history of contribution at Debian project,
surely you have some that can be shared with the list.

Reco

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Michael Stone 

On Tue, Aug 20, 2019 at 07:31:57AM -0400, Henning Follmann wrote:

If you setup your DNS properly create SPF an DKIM almost all
providers will accept your email IF (and that's a very big if)
you do not spam.


That's a nice idea, but simply not true. You'll be ok right up until you 
aren't, and as a small site you have no recourse to find out what the 
problem is.

Re: Bash isn't reading ~/.profile file when login from GNOME

2019-08-20 Thread Reco 
On Tue, Aug 20, 2019 at 10:36:19AM -0400, Greg Wooledge wrote:
> And there is no known way to configure the environment of dbus in a way
> that is useful to end users.

dbus-update-activation-environment(1) says otherwise.

Reco

Re: Bash isn't reading ~/.profile file when login from GNOME

2019-08-20 Thread Greg Wooledge 
On Tue, Aug 20, 2019 at 02:27:40PM +, Vipul wrote:
> Hi there,
> 
> From few days, I'm trying find answer of a question "which program does
> read ~/.profile if I login from graphical user interface (for ex: GNOME)?".

https://wiki.debian.org/Xsession
https://wiki.debian.org/EnvironmentVariables

These are, of course, incomplete.

The short answer is: if you login through a Display Manager (a graphical
login program), NOTHING reads ~/.profile.  Ever.

So, let's try to guess what the actual goal is here.

If your goal is to set an environment variable in every program in your X
session, and you're not using GNOME, then you can put an export command
in ~/.xsessionrc and it should work great.

If you are using GNOME, please find out how to do it, and then tell us,
because as far as I've been able to determine, GNOME makes this completely
impossible.

Normal window managers run programs as children of themselves, using the
standard Unix fork-and-exec model.  The window manager is executed with
various environment variables, umask, resource limits, and so on, and
its children inherit these.  So, the standard Unix login configuration
stuff all works.  You edit a magic dot file, you login, the dot file is
read by a shell, the shell executes your window manager, the WM inherits
your desired environment, and everything launched from the WM also
inherits this environment.  Easy peasy.

But with GNOME, applications are launched by sending a message to dbus,
and then dbus spawns things as *its* children.  They are not children of
the WM.  They do not inherit the environment from the WM.  They inherit
the environment from dbus.

And there is no known way to configure the environment of dbus in a way
that is useful to end users.

Bash isn't reading ~/.profile file when login from GNOME

2019-08-20 Thread Vipul 
Hi there,

From few days, I'm trying find answer of a question "which program does
read ~/.profile if I login from graphical user interface (for ex: GNOME)?".

I'm trying to get colored man page output by sourcing ~/.less_termcap"
[1] file from ~/.profile [2] but, LESS_TERMCAP_xx unset and empty

$ hd <<< "$LESS_TERMCAP_mb"
  0a|.|
0001

To fix this problem I've to source ~/.profile from gnome-terminal
(output after running `source ~/.profile` in gnome-terminal)

$ hd <<< "$LESS_TERMCAP_mb"
  1b 5b 31 3b 33 32 6d 0a   |.[1;32m.|
0008

This problem only happens when I login from graphical interface whereas,
login from console works perfectly fine means value of LESS_TERMCAP_xx
set correctly and gets colored man page output.

I've asked this question on some IRC channels (#debian, ##linux, #bash)
but, didn't get the right answer. Some says
* "Login from graphical interface doesn't trigger login shell" then
who reads ~/.profile file?
* "Bash isn't started as login shell" but bash is my default login
shell which I verified by login from console and check default login
shell entry in /etc/passwd file.
* "Graphical Desktop Managers don't read ~/.profile file" with which
I agreed. But, I've a counter question if no one reads ~/.profile file,
how does value of PATH variable set correctly which I've set in
~/.profile file.

$ echo "$PATH"
/home/finn/.local/bin:/home/finn/.local/bin:/home/finn/.local/lib/npm/bin:/home/finn/scripts:/home/finn/bin:/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games


From this, I've concluded that some program must reads ~/.profile when I
login from graphical interface but, not by bash may be some other shell
(for ex: sh, ksh etc) despite of being bash as default login shell.
Please correct if I'm wrong.

Any help would be greatly appreciated.

## Additional info:

Debian Stretch (v9.9) with GNOME interface.

$ bash --version
GNU bash, version 4.4.12(1)-release (x86_64-pc-linux-gnu)

## References:

[1]: https://salsa.debian.org/snippets/316 (link to ~/.less_termcap file)
[2]: https://salsa.debian.org/snippets/314 (link to ~/.profile file)



signature.asc
Description: OpenPGP digital signature

Re: Solution to "pathetic email complaints"

2019-08-20 Thread mick crane 

On 2019-08-19 19:35, Richard Owlett wrote:


IOW
  *CHEAPSKATES LOSE*


You've been to the Isle of Wight haven't you.

--
Key ID4BFEBB31

Ważne Pytanie

2019-08-20 Thread Agencja Interaktywna 

Dzień dobry,



zajmujemy się tworzeniem nowoczesnych *STRON i SKLEPÓW* WWW



Jeżeli chcieliby Państwo otrzymać propozycję w tym zakresie dla Państwa firmy 
prosimy o odpowiedź *TAK* na ten e-mail.



Profesjonalna witryna internetowa jest obecnie niezbędnym elementem każdej, 
dobrze rozwijającej się firmy.


...


Z pozdrowieniami ,

Agencja Kreatywna

Re: SLAPD_SENTINEL_FILE problem and openldap / slapds jessie changelog missing

2019-08-20 Thread Greg Wooledge 
On Tue, Aug 20, 2019 at 11:10:12AM +0200, Neo wrote:
> This seems also broken
> 
> [root@host~]# apt changelog slapd
> Err Changelog for slapd 
> (http://packages.debian.org/changelogs/pool/updates/main/o/openldap/openldap_2.4.40+dfsg-1+deb8u5/changelog)
>   404  Not Found [IP: 5.153.231.3 80]
> Err Changelog for slapd 
> (http://security.debian.org/pool/updates/main/o/openldap/openldap_2.4.40+dfsg-1+deb8u5.changelog)
>   404  Not Found [IP: 151.101.240.204 80]
> E: changelog download failed

Jessie, eh?

root@meglin2:~# apt-cache policy slapd
slapd:
  Installed: (none)
  Candidate: 2.4.40+dfsg-1+deb8u5
  Version table:
 2.4.40+dfsg-1+deb8u5 0
500 http://security.debian.org/ jessie/updates/main amd64 Packages
 2.4.40+dfsg-1+deb8u4 0
500 http://ftp.us.debian.org/debian/ jessie/main amd64 Packages
root@meglin2:~# apt changelog slapd
E: Invalid operation changelog

Don't know quite what to tell you.  If you can't install the pacakge,
verify that you're using a sane sources.list for jessie.  I don't know
why your "apt" has a changelog subcommand.  Did you mix releases?

Turns out, it's in "apt-get" in jessie, not in "apt" or "apt-cache".

root@meglin2:~# apt-cache changelog slapd
E: Invalid operation changelog
root@meglin2:~# apt-get changelog slapd
Err Changelog for slapd 
(http://packages.debian.org/changelogs/pool/updates/main/o/openldap/openldap_2.4.40+dfsg-1+deb8u5/changelog)
  404  Not Found
Err Changelog for slapd 
(http://security.debian.org/pool/updates/main/o/openldap/openldap_2.4.40+dfsg-1+deb8u5.changelog)
  404  Not Found
E: changelog download failed

... and not working here either.  Oh well.  Maybe that's one of the things
that LTS doesn't bother with?

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Celejar 
On Tue, 20 Aug 2019 07:31:57 -0400
Henning Follmann  wrote:

> On Mon, Aug 19, 2019 at 05:15:41PM -0400, Michael Stone wrote:
> > On Mon, Aug 19, 2019 at 03:57:32PM -0500, Christopher Marlow wrote:
> > > On 8/19/19 3:41 PM, Michael Stone wrote:
> > > > And, there are paid mail services which are nonetheless pretty
> > > > terrible. All that using a paid mail service means is that you
> > > > aren't using a free mail service.
> > > > 
> > > 
> > > I disagree... I like having my domain and email..
> > 
> > What does that have to do with whether there are bad paid services? Whether
> > the service is free or paid, you need to evaluate whether it's meeting your
> > needs and, if not, pick a different service. Just paying for it doesn't
> > guarantee anything.
> > 
> > That said, owning a domain does at least make it easier to change
> > providers--and I recommend doing so for just that reason--but that's a
> > slightly different thing than just paying for an email address. It's also
> > worth noting that it's increasingly difficult to implement reliable email
> > service for a domain that isn't something like gmail.com (because third
> > parties may randomly direct people to stop accepting mail from your domain)
> > and smaller email providers may not have the resources to deal with the
> > these issues.
> > 
> 
> Well,
> while I agree it is difficult setup an email service, but not
> prohibitively so.
> If you setup your DNS properly create SPF an DKIM almost all
> providers will accept your email IF (and that's a very big if)
> you do not spam. And just the fact that you think you got an

But IIUC, it's not just that *you* don't spam: other servers will take
into account things like your IP "neighborhood":

https://luxsci.com/blog/how-do-i-fix-the-reputation-of-my-ip-address.html

And, of course, who had that IP address before you, which practically
means that you need a static IP address.

Celejar

Re: configuration de gammu

2019-08-20 Thread Benoit B 
Salut,
En fait ma clé 4G, n'est pas dans la liste des périphériques reconnus,
c'est peut-être la cause...
https://fr.wammu.eu/phones/

Je n'ai pas installé le service gammu-smsd.

Merci pour cette piste

--
Benoit

Le sam. 3 août 2019 à 10:00, Patg  a écrit :
>
> Salut,
> J'ai eu un problème identique il y a quelques temps. Ce n'est peut-être pas 
> la même configuration, car j'utilisais un modem gprs avec un service sms 
> dessus. En arretant le service gammu-smsd ça avait résolu le problème. 
> J'avais a nouveau accès au périphérique.
> Cdt,
>
> Le 1 août 2019 14:53:14 GMT+02:00, benoit...@ouvaton.org a écrit :
>>
>> Bonjour à tous,
>>
>> J'ai une clé 4G qui fonctionne et est automatiquement configurée par
>> network-manager.
>>
>> j'aimerais aussi l'utiliser avec gammu qui ne la reconnais pas :
>>
>> gammu identify
>> Error opening device, it doesn't exist.
>>
>>
>> lsusb
>>
>> Bus 001 Device 005: ID 12d1:14dc Huawei Technologies Co., Ltd. E33372
>> LTE/UMTS/GSM HiLink Modem/Networkcard
>>
>>
>> cat /etc/udev/rules.d/98-usb-serial.rules
>> SUBSYSTEM=="tty", ATTRS{idVendor}=="12d1", ATTRS{idProduct}=="14dc",
>> SYMLINK+="USB_4_G"
>>
>> Le système crée /dev/sg1 avec ou sans la ligne qui précède. Il
>> semblerait qu'elle ne fonctionne pas.
>>
>>
>> cat /etc/gammurc
>> [gammu]
>>
>> port = /dev/USB_4_G
>> model =
>> connection = at19200
>> synchronizetime = yes
>> logfile =
>> logformat = nothing
>> use_locking =
>> gammuloc =
>>
>> Si je remplace "USB_4_G" par "sg1" dans
>> /etc/udev/rules.d/98-usb-serial.rules et /etc/gammurc
>>
>> J'ai :
>> gammu identify
>> Error opening device. Unknown, busy or no permissions.
>>
>>
>>
>> Merci d'avance
>>
>> Benoit
>>
>
> --
> Pat2

Re: Solution to "pathetic email complaints"

2019-08-20 Thread Henning Follmann 
On Mon, Aug 19, 2019 at 05:15:41PM -0400, Michael Stone wrote:
> On Mon, Aug 19, 2019 at 03:57:32PM -0500, Christopher Marlow wrote:
> > On 8/19/19 3:41 PM, Michael Stone wrote:
> > > And, there are paid mail services which are nonetheless pretty
> > > terrible. All that using a paid mail service means is that you
> > > aren't using a free mail service.
> > > 
> > 
> > I disagree... I like having my domain and email..
> 
> What does that have to do with whether there are bad paid services? Whether
> the service is free or paid, you need to evaluate whether it's meeting your
> needs and, if not, pick a different service. Just paying for it doesn't
> guarantee anything.
> 
> That said, owning a domain does at least make it easier to change
> providers--and I recommend doing so for just that reason--but that's a
> slightly different thing than just paying for an email address. It's also
> worth noting that it's increasingly difficult to implement reliable email
> service for a domain that isn't something like gmail.com (because third
> parties may randomly direct people to stop accepting mail from your domain)
> and smaller email providers may not have the resources to deal with the
> these issues.
> 

Well,
while I agree it is difficult setup an email service, but not
prohibitively so.
If you setup your DNS properly create SPF an DKIM almost all
providers will accept your email IF (and that's a very big if)
you do not spam. And just the fact that you think you got an
email address legally (and maybe with some consent) does that
mean You can enter that address anywhere else or send unlimited
amount of junk. But if you are reasonable non of these providers
are difficult to deal with (office365 being the exception, they are
f**king insane)





-- 
Henning Follmann   | hfollm...@itcfollmann.com

Segfault in different packages after recent automatic ffmpeg update

2019-08-20 Thread Nikolay Turpitko 



Hello,

Sorry to bother you. But is seems something is wrong after recent 
automatic update of ffmpeg package on Debian Buster on my laptop.


I tried to fill the bug with reportbug, but it seems it haven't sent the 
mail.


Packages that were upgraded:
ffmpeg libavcodec58 libavdevice58 libavfilter7 libavformat58
libavresample4 libavutil56 libpostproc55 libswresample3 libswscale5

After that those programs began to fail with similar segfault error:

ffmpeg
mplayer
cmus
chromium
telegram-desktop

Log messages are as follows:


Aug 20 13:33:46 n76vj kernel: [18791.638293] chromium[31480]: segfault 
at 8 ip 7fe4386db62f sp 7ff

ecbfc53d0 error 4 in ld-2.28.so[7fe4386cc000+1e000]
Aug 20 13:33:46 n76vj kernel: [18791.638302] Code: 44 24 10 4c 8b 60 08 
41 80 3c 24 00 75 18 48 8b 05 e6 70 01 00 4c 8b 20 48 8d 05 eb f8 00 00 
4d 85 e4 4c 0f 44 e0 48 8b 45 68 <4c> 8b 70 08 48 8d 05 e6 70 01 00 f6 
00 10 0f 85 c5 01 00 00 48 8b
Aug 20 13:34:03 n76vj kernel: [18809.126135] cmus[31587]: segfault at 8 
ip 7f438bbde62f sp 7fff85e 108a0 error 4 in 
ld-2.28.so[7f438bbcf000+1e000]
Aug 20 13:34:03 n76vj kernel: [18809.126144] Code: 44 24 10 4c 8b 60 08 
41 80 3c 24 00 75 18 48 8b 05 e6 70 01 00 4c 8b 20 48 8d 05 eb f8 00 00 
4d 85 e4 4c 0f 44 e0 48 8b 45 68 <4c> 8b 70 08 48 8d 05 e6 70 01 00 f6 
00 10 0f 85 c5 01 00 00 48 8b
Aug 20 13:40:57 n76vj kernel: [19222.952932] mplayer[2280]: segfault at 
8 ip 7fc95514f62f sp 7ffc7f1ad900 error 4 in 
ld-2.28.so[7fc95514+1e000]
Aug 20 13:40:57 n76vj kernel: [19222.952938] Code: 44 24 10 4c 8b 60 08 
41 80 3c 24 00 75 18 48 8b 05 e6 70 01 00 4c 8b 20 48 8d 05 eb f8 00 00 
4d 85 e4 4c 0f 44 e0 48 8b 45 68 <4c> 8b 70 08 48 8d 05 e6 70 01 00 f6 
00 10 0f 85 c5 01 00 00 48 8b
Aug 20 13:41:03 n76vj kernel: [19228.714435] ld-linux-x86-64[2386]: 
segfault at 8 ip 7f100360e62f sp 7ffe8dfa1620 error 4 in 
ld-2.28.so[7f10035ff000+1e000]
Aug 20 13:41:03 n76vj kernel: [19228.714441] Code: 44 24 10 4c 8b 60 08 
41 80 3c 24 00 75 18 48 8b 05 e6 70 01 00 4c 8b 20 48 8d 05 eb f8 00 00 
4d 85 e4 4c 0f 44 e0 48 8b 45 68 <4c> 8b 70 08 48 8d 05 e6 70 01 00 f6 
00 10 0f 85 c5 01 00 00 48 8b
Aug 20 13:43:21 n76vj kernel: [19366.862479] ffmpeg[2862]: segfault at 8 
ip 7fae4eb0662f sp 7ffc8efbf610 error 4 in 
ld-2.28.so[7fae4eaf7000+1e000]
Aug 20 13:43:21 n76vj kernel: [19366.862493] Code: 44 24 10 4c 8b 60 08 
41 80 3c 24 00 75 18 48 8b 05 e6 70 01 00 4c 8b 20 48 8d 05 eb f8 00 00 
4d 85 e4 4c 0f 44 e0 48 8b 45 68 <4c> 8b 70 08 48 8d 05 e6 70 01 00 f6 
00 10 0f 85 c5 01 00 00 48 8b 



Could you please help me to properly report this issue?

--
Best,

Nikolay Turpitko
niko...@turpitko.com

Re: SLAPD_SENTINEL_FILE problem and openldap / slapds jessie changelog missing

2019-08-20 Thread Neo 



On 19.08.2019 22:03, Andrei POPESCU wrote:

apt changelog slapd


Thanks for your answer Andrei

This seems also broken

[root@host~]# apt changelog slapd
Err Changelog for slapd 
(http://packages.debian.org/changelogs/pool/updates/main/o/openldap/openldap_2.4.40+dfsg-1+deb8u5/changelog)

  404  Not Found [IP: 5.153.231.3 80]
Err Changelog for slapd 
(http://security.debian.org/pool/updates/main/o/openldap/openldap_2.4.40+dfsg-1+deb8u5.changelog)

  404  Not Found [IP: 151.101.240.204 80]
E: changelog download failed

Re: DNS : pas de résolution en local

2019-08-20 Thread Migrec 



Le 20/08/2019 à 11:00, Daniel Huhardeaux a écrit :

Le 20/08/2019 à 10:55, Daniel Caillibaud a écrit :

Le 20/08/19 à 00:47, Migrec  a écrit :

Ça peut paraître logique car la box n'a pas connaissance de mon réseau
local (elle est juste en liaison avec le serveur). Mais pourquoi 
l'échec

de la résolution ne passe pas la main au serveur DNS local ?


Parce qu'il me semble que la résolution n'utilise le 2e dns que si le 
1er ne répond pas.

Ici le 1er répond que le nom n'existe pas, donc ça s'arrête là.


Ou alors les nameserver sont interrogés en même temps et la réponse du 
1er répondant est utilisée.




Visiblement, le premier répond que le nom n'existe pas.






Si j'inverse les 2 IP dans /etc/resolv.conf, ça fonctionne.


C'est donc tout à fait logique ;-)

Mais si tu as un resolver local, tu ne devrais utiliser que celui-là, 
ce sera plus efficace

(celui des box laissant parfois à désirer…)


Quand je dis celui de la box, c'est celui de mon FAI en fait. Mon 
serveur obtient son IP en DHCP depuis la box et le DNS est fournit avec.
Avant la mise à jour, ça fonctionnait bien, j'ai du modifier un 
paramètre DHCP/DNS mais je ne sais pas lequel.


PS : désolé de ne pas avoir répondu aux autres messages, je ne les ai 
pas tous eu (bounce).

--
Migrec

Re: DNS : pas de résolution en local

2019-08-20 Thread Daniel Huhardeaux 

Le 20/08/2019 à 10:55, Daniel Caillibaud a écrit :

Le 20/08/19 à 00:47, Migrec  a écrit :

Ça peut paraître logique car la box n'a pas connaissance de mon réseau
local (elle est juste en liaison avec le serveur). Mais pourquoi l'échec
de la résolution ne passe pas la main au serveur DNS local ?


Parce qu'il me semble que la résolution n'utilise le 2e dns que si le 1er ne 
répond pas.
Ici le 1er répond que le nom n'existe pas, donc ça s'arrête là.


Ou alors les nameserver sont interrogés en même temps et la réponse du 
1er répondant est utilisée.





Si j'inverse les 2 IP dans /etc/resolv.conf, ça fonctionne.


C'est donc tout à fait logique ;-)

Mais si tu as un resolver local, tu ne devrais utiliser que celui-là, ce sera 
plus efficace
(celui des box laissant parfois à désirer…)


+1

--
Daniel

Re: DNS : pas de résolution en local

2019-08-20 Thread Daniel Caillibaud 
Le 20/08/19 à 00:47, Migrec  a écrit :
> Ça peut paraître logique car la box n'a pas connaissance de mon réseau 
> local (elle est juste en liaison avec le serveur). Mais pourquoi l'échec 
> de la résolution ne passe pas la main au serveur DNS local ?

Parce qu'il me semble que la résolution n'utilise le 2e dns que si le 1er ne 
répond pas.
Ici le 1er répond que le nom n'existe pas, donc ça s'arrête là.

> Si j'inverse les 2 IP dans /etc/resolv.conf, ça fonctionne.

C'est donc tout à fait logique ;-)

Mais si tu as un resolver local, tu ne devrais utiliser que celui-là, ce sera 
plus efficace
(celui des box laissant parfois à désirer…)

-- 
Daniel

Je sais qu'il n'y a qu'une chance sur un million d'être dévoré
vivant par un lion sur les Champs Elysées, mais il suffit d'une fois.

Re: No Audio after suspend on Lenovo Ideapad 130s Debian Buster

2019-08-20 Thread Curt 
On 2019-08-20, Nektarios Katakis  wrote:
 Intel Corporation Device 3198 (rev 03)
>
> If I understand correctly the problem was solved? If so you can check
> `man alcactl` on how to persist the configuration generated from the
> init command you ran.
>

I think this is a bug in a kernel module/driver, so updating alsa would
be of no utility.

As the workaround masks HDMI audio output, if the OP doesn't require
that output, I'd just leave well enough alone.


-- 
“We are all in the gutter, but some of us are looking at the stars.” 
― Oscar Wilde, Lady Windermere's Fan

Re: No Audio after suspend on Lenovo Ideapad 130s Debian Buster

2019-08-20 Thread tomas 
On Tue, Aug 20, 2019 at 08:48:17AM +0100, Nektarios Katakis wrote:

[...]

> If I understand correctly the problem was solved? If so you can check
> `man alcactl` [...]
   ^^^
Possibily "alsactl"

Cheers
-- t


signature.asc
Description: Digital signature

Re: No Audio after suspend on Lenovo Ideapad 130s Debian Buster

2019-08-20 Thread Nektarios Katakis 
On Mon, 19 Aug 2019 11:18:18 -0400
John Kerr Anderson  wrote:

> I tried the suggestions by Curt to add
> "snd_hda_intel.probe_mask=0x01" and it seemed to work after boot.
> 
> Nektarios suggestion to run "alsactl init" which returned this:
> 
> Found hardware: "HDA-Intel" "Realtek ALC269VC"
> "HDA:10ec0269,17aa380f,00100203 HDA:8086280d,80860101,0010"
> "0x17aa" "0x3807"
> Hardware is initialized using a generic method
> 
> "cat /proc/asound/cards" returned this:
> 
>  0 [PCH]: HDA-Intel - HDA Intel PCH
>   HDA Intel PCH at 0xa131 irq 130
> 
> Do I need to manually update Alsa to get the audio to work properly?
> Any suggestions would be helpful, thank you everyone for their input.
> 
> Regards,
> 
> John
> 
> On Mon, 19 Aug 2019 at 05:50, Nektarios Katakis <
> nektar...@mail.nektarioskatakis.xyz> wrote:
> 
> > On Sun, 18 Aug 2019 18:09:50 -0400
> > John Kerr Anderson  wrote:
> >
> > > Here is the output when it is working:
> > >
> > > aplay -l
> > >  List of PLAYBACK Hardware Devices 
> > > card 0: PCH [HDA Intel PCH], device 0: ALC269VC Analog [ALC269VC
> > > Analog] Subdevices: 1/1
> > >   Subdevice #0: subdevice #0
> > > card 0: PCH [HDA Intel PCH], device 3: HDMI 0 [HDMI 0]
> > >   Subdevices: 1/1
> > >   Subdevice #0: subdevice #0
> > > card 0: PCH [HDA Intel PCH], device 7: HDMI 1 [HDMI 1]
> > >   Subdevices: 1/1
> > >   Subdevice #0: subdevice #0
> > > card 0: PCH [HDA Intel PCH], device 8: HDMI 2 [HDMI 2]
> > >   Subdevices: 1/1
> > >   Subdevice #0: subdevice #0
> > > card 0: PCH [HDA Intel PCH], device 9: HDMI 3 [HDMI 3]
> > >   Subdevices: 1/1
> > >   Subdevice #0: subdevice #0
> > > card 0: PCH [HDA Intel PCH], device 10: HDMI 4 [HDMI 4]
> > >   Subdevices: 1/1
> > >   Subdevice #0: subdevice #0
> > >
> > >
> > > And here it is when it isn't working:
> > >
> > > ~$ aplay -l
> > >  List of PLAYBACK Hardware Devices 
> > > card 0: PCH [HDA Intel PCH], device 0: ALC269VC Analog [ALC269VC
> > > Analog] Subdevices: 0/1
> > >   Subdevice #0: subdevice #0
> > > card 0: PCH [HDA Intel PCH], device 3: HDMI 0 [HDMI 0]
> > >   Subdevices: 1/1
> > >   Subdevice #0: subdevice #0
> > > card 0: PCH [HDA Intel PCH], device 7: HDMI 1 [HDMI 1]
> > >   Subdevices: 1/1
> > >   Subdevice #0: subdevice #0
> > > card 0: PCH [HDA Intel PCH], device 8: HDMI 2 [HDMI 2]
> > >   Subdevices: 1/1
> > >   Subdevice #0: subdevice #0
> > > card 0: PCH [HDA Intel PCH], device 9: HDMI 3 [HDMI 3]
> > >   Subdevices: 1/1
> > >   Subdevice #0: subdevice #0
> > > card 0: PCH [HDA Intel PCH], device 10: HDMI 4 [HDMI 4]
> > >   Subdevices: 1/1
> > >   Subdevice #0: subdevice #0
> > >
> > > card 0: PCH [HDA Intel PCH], device 0: ALC269VC Analog [ALC269VC
> > > Analog] Subdevices: 1/1
> > >
> > > I notice when it's working the first entry says "Subdevices: 1/1"
> > > but after I suspended the machine it says "Subdevices: 0/1"
> > >
> > > Also after I bring it up from suspend I notice when I use the
> > > hotkeys to adjust the volume it goes from the internal speakers to
> > > headphones.  If I plug headphones in I also don't have any audio
> > > either.  Any suggestions on what I should do now?  Thank you for
> > > the response so far!
> > >
> > > Regards,
> > >
> > > John
> > >
> > >
> > > On Sun, 18 Aug 2019 at 17:50, Nektarios Katakis <
> > > nektar...@mail.nektarioskatakis.xyz> wrote:
> > >
> > > > On Sun, 18 Aug 2019 14:06:57 -0400
> > > > John Kerr Anderson  wrote:
> > > >
> > > > > Hello today,  I've got an Ideapad and after I suspend I cannot
> > > > > get the audio to work when the system resumes.
> > > > >
> > > > > lspci -v returns the following for the audio section:
> > > > >
> > > > > 00:0e.0 Audio device: Intel Corporation Device 3198 (rev 03)
> > > > > Subsystem: Lenovo Device 3807
> > > > > Flags: bus master, fast devsel, latency 0, IRQ 25
> > > > > Memory at a131 (64-bit, non-prefetchable) [size=16K]
> > > > > Memory at a100 (64-bit, non-prefetchable) [size=1M]
> > > > > Capabilities: [50] Power Management version 3
> > > > > Capabilities: [80] Vendor Specific Information: Len=14 
> > > > > Capabilities: [60] MSI: Enable- Count=1/1 Maskable- 64bit+
> > > > > Capabilities: [70] Express Root Complex Integrated Endpoint,
> > > > > MSI 00 Kernel driver in use: snd_hda_intel
> > > > > Kernel modules: snd_hda_intel, snd_soc_skl
> > > > >
> > > > > In the system log I found the following audio related error
> > > > > message as well:
> > > > >
> > > > > Aug 18 12:34:57 ideapad kernel: [   51.672003] snd_hda_intel
> > > > > :00:0e.0: azx_get_response timeout, switching to polling
> > > > > mode: last cmd=0x20bf8100 Aug 18 12:34:57 ideapad kernel:
> > > > > [   52.684197] snd_hda_intel :00:0e.0: No response from
> > > > > codec, disabling MSI: last cmd=0x20bf8100 Aug 18 12:34:57
> > > > > ideapad kernel: [   53.695872] snd_hda_intel :00:0e.0:
> > > > > azx_get_response timeout, switching to single_cmd mode: last
> > > > > cmd=0x20bf8100 Aug 18

Re: Reprendre une migration échouée lors d'un apt- upgrade

2019-08-20 Thread Migrec 




Le 19/08/2019 à 16:27, fab a écrit :


Oui. Mais comme j'ai abandonné la configuration de cacti, le paquet a 
été noté comme installé donc rien n'est proposé.


si tu utilises aptitude:

aptitude reinstall cacti


Parfait, ça a fonctionné ! Merci.
--
Migrec

Re: Network/Settings (ou l'applet network-manager) fait disparaître la connexion bridge créée si on la désactive

2019-08-20 Thread Fabien R 
On 19/08/2019 18:59, roger.tar...@free.fr wrote:
> le code est là :
> https://github.com/GNOME/gnome-control-center/tree/gnome-3-30
> https://github.com/GNOME/gnome-control-center/tree/gnome-3-30/panels/network
Tu peux publier ton problème dans "issue" pour commencer.
> 
> J'aimerais essayer la 3.32 qui est disponible pour voir si le problème 
> perdure.
> Comment faire ça proprement et de manière réversible sans casser mon système 
> Debian Buster tout neuf ?
> Jene fais jamais ça d'habitude.
Tu ne peux pas le desinstaller ?
> 
> Ensuite, je peux essayer de voir ce que je comprends  dans le  code (C) et 
> effectuer des modifications mineures.
> S'il faut appréhender tout le code de network, ça va être plus complexe.
> As-tu une idée de par quel bout commencer ?
Il y a un début à tout.
Tu fais un fork.

--
Fabien