Invitation to connect on LinkedIn
LinkedIn I'd like to add you to my professional network on LinkedIn. - Siju Confirm that you know Siju George https://www.linkedin.com/e/isd/822151356/DQCGCAk9/ Every day, millions of professionals like Siju George use LinkedIn to connect with colleagues, find experts, and explore opportunities. -- (c) 2009, LinkedIn Corporation
Re: smtpd rejecting users
you need to start smtpd with -dv not -bv to enable debug logging :-) Gilles On Mon, Oct 26, 2009 at 11:13:29PM +0100, Robert wrote: Setup: Running as user1 I sent an email to testuser (local) and I expected it to end up in the root mbox since that was what I configured in aliases. (note: I know that you shouldn't receive email as root, this is just a test setup for trying out the new smtpd) /etc/mail/smtpd.conf --- listen on lo0 map aliases { source db /etc/mail/aliases.db } accept from 127.0.0.1 for local deliver to mbox --- /etc/mail/aliases (I've run newaliases after editing) --- # # $OpenBSD: aliases,v 1.30 2009/05/20 21:10:06 thib Exp $ # # Aliases in this file will NOT be expanded in the header from # Mail, but WILL be visible over networks or from /usr/libexec/mail.local. # # The program newaliases must be run after #NOTE this file is updated for any changes to # show through to sendmail. # # Basic system aliases -- these MUST be present MAILER-DAEMON: postmaster postmaster: root # General redirections for important pseudo accounts daemon: root ftp-bugs: root operator: root uucp: root www:root # Redirections for pseudo accounts that should not receive mail _afs: /dev/null _bgpd: /dev/null _btd: /dev/null _dhcp: /dev/null _dvmrpd: /dev/null _fingerd: /dev/null _ftp: /dev/null _hostapd: /dev/null _identd: /dev/null _isakmpd: /dev/null _kadmin: /dev/null _kdc: /dev/null _mopd: /dev/null _ntp: /dev/null _ospfd: /dev/null _ospf6d: /dev/null _pflogd: /dev/null _portmap: /dev/null _ppp: /dev/null _rbootd: /dev/null _relayd: /dev/null _ripd: /dev/null _rstatd: /dev/null _rtadvd: /dev/null _rusersd: /dev/null _rwalld: /dev/null _smtpd: /dev/null _snmpd: /dev/null _spamd: /dev/null _syslogd: /dev/null _tcpdump: /dev/null _tftpd: /dev/null _x11: /dev/null _ypldap: /dev/null bin:/dev/null named: /dev/null nobody: /dev/null popa3d: /dev/null proxy: /dev/null smmsp: /dev/null sshd: /dev/null # Well-known aliases -- these should be filled in! # root: # manager: # dumper: # RFC 2142: NETWORK OPERATIONS MAILBOX NAMES abuse: root # noc: root security: root # RFC 2142: SUPPORT MAILBOX NAMES FOR SPECIFIC INTERNET SERVICES # hostmaster: root # usenet: root # news: usenet # webmaster:root # ftp: root # uncomment this for msgs: # msgs: |/usr/bin/msgs -s testuser: root --- command run on local machine --- mail -s test2 testuser test2 . --- smtpd -bv --- warning: could not load cert: lo0, no SSL/TLS/AUTH support startup [debug mode] smtpd: max open files 1024 smtpd: will accept at most 768 clients parent_send_config: configuring smtp parent_send_config_client_certs: configuring smtp parent_send_config_ruleset: reloading rules and maps parent_send_config_ruleset: reloading rules and maps smtp_setup_events: listen on IPv6:fe80:3::1 port 25 flags 0x0 cert lo0 smtp_setup_events: listen on IPv6:::1 port 25 flags 0x0 cert lo0 smtp_setup_events: listen on 127.0.0.1 port 25 flags 0x0 cert lo0 smtp_accept: incoming client on listener: 0x2051b6000 smtp_accept: accepted client on listener: 0x2051b6000 lookup_ptr 127.0.0.1 lookup_ptr success session_pickup: greeting client command: EHLO args: pcc.abc.test command: MAIL From args: us...@pcc.abc.test session_rfc5321_mail_handler: sending notification to mfa matching: pcc.abc.test to localhost matching: pcc.abc.test to pcc.abc.test matching: pcc.abc.test to localhost matching: pcc.abc.test to pcc.abc.test smtp_dispatch_mfa: mfa handled return path queue_dispatch_smtp: creating message file smtp_dispatch_queue: queue handled message creation command: RCPT Toargs: testu...@pcc.abc.test matching: pcc.abc.test to localhost matching: pcc.abc.test to pcc.abc.test smtp_dispatch_mfa: mfa handled return path command: DATA args: (null) command: RSET args: (null) command: RSET args: (null) command: MAIL From args: session_rfc5321_mail_handler: sending notification to mfa matching: to localhost matching: to pcc.abc.test smtp_dispatch_mfa: mfa handled return path queue_dispatch_smtp: creating message file smtp_dispatch_queue: queue handled message creation command: RCPT Toargs: us...@pcc.abc.test matching: pcc.abc.test to localhost matching: pcc.abc.test to pcc.abc.test smtp_dispatch_mfa: mfa handled return path command: DATA args: (null) command: RSET args: (null) command: RSET args: (null) command: MAIL From args: session_rfc5321_mail_handler: sending notification to mfa matching: to localhost matching: to pcc.abc.test smtp_dispatch_mfa: mfa handled return path queue_dispatch_smtp: creating message file smtp_dispatch_queue: queue handled message creation command: RCPT Toargs: postmas...@pcc.abc.test matching: pcc.abc.test to
Re: smtpd support DIGEST MD5 AUTH ?
no need to do this, you can setup startls and ssmtp within a minute following the instruction in man starttls. Gilles On Tue, Oct 27, 2009 at 01:40:34PM +1100, Aaron Mason wrote: If you really want to secure the transmission, you could always connect to it via stunnel or something similar. On Tue, Oct 27, 2009 at 2:48 AM, Fernando Quintero fernando.a.quint...@gmail.com wrote: uhmm ok, I got it, smtpd is interfaced to bsdauth (thx gregory) so, I will search in that way, really I'm just trying things and I'm verifying the simplicity of the configuration, I want to write a HowTo (spanish), about OpenSMTPD + auth +pop3s + imaps + webmail, etc ... Thanks a lot. On Mon, Oct 26, 2009 at 4:12 AM, Gilles Chehade gil...@openbsd.org wrote: On Mon, Oct 26, 2009 at 02:01:01AM -0500, Fernando Quintero wrote: Hi all, first, thx to gilles for this great software, jacekm@ did a lot of work on it too ;-) I'm testing smtpd with TLS and SSL an it works ok, I noticed that the AUTH command uses PLAIN LOGIN. The question is: smtpd supports another thing different to PLAIN LOGIN for AUTH?, is possible integrate it to SASL ? currently, smtpd only supports PLAIN and LOGIN on top of tls/ssmtp and there's slight chances this will change in a short timeframe as there are lots of higher priority things to do. what are you trying to achieve ? Gilles -- Gilles Chehade freelance developer/sysadmin/consultant http://www.poolp.org -- -- Fernando Quintero http://nonroot.blogspot.com/ *Just a nonroot User* If you really want to secure the transmission, you could always connect to it via stunnel or something similar. -- Aaron Mason - Programmer, open source addict - Oh, why does everything I whip leave me? -- Gilles Chehade freelance developer/sysadmin/consultant http://www.poolp.org
Free alternative for BMC Patrol
Hi all, can't find it with searches on Google or in archives on marc.info but I'm sure that there was some post about in the past. Do you know free alternative for similar monitoring infrastructure tool under BSD licence ? Can't remember its name. Thx -- http://www.openbsd.org/lyrics.html
Re: smtpd rejecting users
;) just a typo in my post; for the test I started it with -dv (smtpd would complain otherwise at startup) Gilles Chehade wrote: you need to start smtpd with -dv not -bv to enable debug logging :-) Gilles On Mon, Oct 26, 2009 at 11:13:29PM +0100, Robert wrote: Setup: Running as user1 I sent an email to testuser (local) and I expected it to end up in the root mbox since that was what I configured in aliases. (note: I know that you shouldn't receive email as root, this is just a test setup for trying out the new smtpd) /etc/mail/smtpd.conf --- listen on lo0 map aliases { source db /etc/mail/aliases.db } accept from 127.0.0.1 for local deliver to mbox --- /etc/mail/aliases (I've run newaliases after editing) --- # # $OpenBSD: aliases,v 1.30 2009/05/20 21:10:06 thib Exp $ # # Aliases in this file will NOT be expanded in the header from # Mail, but WILL be visible over networks or from /usr/libexec/mail.local. # # The program newaliases must be run after #NOTE this file is updated for any changes to # show through to sendmail. # # Basic system aliases -- these MUST be present MAILER-DAEMON: postmaster postmaster: root # General redirections for important pseudo accounts daemon: root ftp-bugs: root operator: root uucp: root www:root # Redirections for pseudo accounts that should not receive mail _afs: /dev/null _bgpd: /dev/null _btd: /dev/null _dhcp: /dev/null _dvmrpd: /dev/null _fingerd: /dev/null _ftp: /dev/null _hostapd: /dev/null _identd: /dev/null _isakmpd: /dev/null _kadmin: /dev/null _kdc: /dev/null _mopd: /dev/null _ntp: /dev/null _ospfd: /dev/null _ospf6d: /dev/null _pflogd: /dev/null _portmap: /dev/null _ppp: /dev/null _rbootd: /dev/null _relayd: /dev/null _ripd: /dev/null _rstatd: /dev/null _rtadvd: /dev/null _rusersd: /dev/null _rwalld: /dev/null _smtpd: /dev/null _snmpd: /dev/null _spamd: /dev/null _syslogd: /dev/null _tcpdump: /dev/null _tftpd: /dev/null _x11: /dev/null _ypldap: /dev/null bin:/dev/null named: /dev/null nobody: /dev/null popa3d: /dev/null proxy: /dev/null smmsp: /dev/null sshd: /dev/null # Well-known aliases -- these should be filled in! # root: # manager: # dumper: # RFC 2142: NETWORK OPERATIONS MAILBOX NAMES abuse: root # noc: root security: root # RFC 2142: SUPPORT MAILBOX NAMES FOR SPECIFIC INTERNET SERVICES # hostmaster: root # usenet: root # news: usenet # webmaster:root # ftp: root # uncomment this for msgs: # msgs: |/usr/bin/msgs -s testuser: root --- command run on local machine --- mail -s test2 testuser test2 . --- smtpd -bv --- warning: could not load cert: lo0, no SSL/TLS/AUTH support startup [debug mode] smtpd: max open files 1024 smtpd: will accept at most 768 clients parent_send_config: configuring smtp parent_send_config_client_certs: configuring smtp parent_send_config_ruleset: reloading rules and maps parent_send_config_ruleset: reloading rules and maps smtp_setup_events: listen on IPv6:fe80:3::1 port 25 flags 0x0 cert lo0 smtp_setup_events: listen on IPv6:::1 port 25 flags 0x0 cert lo0 smtp_setup_events: listen on 127.0.0.1 port 25 flags 0x0 cert lo0 smtp_accept: incoming client on listener: 0x2051b6000 smtp_accept: accepted client on listener: 0x2051b6000 lookup_ptr 127.0.0.1 lookup_ptr success session_pickup: greeting client command: EHLO args: pcc.abc.test command: MAIL From args: us...@pcc.abc.test session_rfc5321_mail_handler: sending notification to mfa matching: pcc.abc.test to localhost matching: pcc.abc.test to pcc.abc.test matching: pcc.abc.test to localhost matching: pcc.abc.test to pcc.abc.test smtp_dispatch_mfa: mfa handled return path queue_dispatch_smtp: creating message file smtp_dispatch_queue: queue handled message creation command: RCPT Toargs: testu...@pcc.abc.test matching: pcc.abc.test to localhost matching: pcc.abc.test to pcc.abc.test smtp_dispatch_mfa: mfa handled return path command: DATA args: (null) command: RSET args: (null) command: RSET args: (null) command: MAIL From args: session_rfc5321_mail_handler: sending notification to mfa matching: to localhost matching: to pcc.abc.test smtp_dispatch_mfa: mfa handled return path queue_dispatch_smtp: creating message file smtp_dispatch_queue: queue handled message creation command: RCPT Toargs: us...@pcc.abc.test matching: pcc.abc.test to localhost matching: pcc.abc.test to pcc.abc.test smtp_dispatch_mfa: mfa handled return path command: DATA args: (null) command: RSET args: (null) command: RSET args: (null) command: MAIL From args: session_rfc5321_mail_handler: sending notification to mfa matching: to localhost matching: to pcc.abc.test smtp_dispatch_mfa: mfa handled return path queue_dispatch_smtp: creating message file smtp_dispatch_queue: queue handled message creation command: RCPT Toargs: postmas...@pcc.abc.test matching: pcc.abc.test to localhost matching: pcc.abc.test to
Re: smtpd rejecting users
are you running -current ? Gilles Robert a C)crit : ;) just a typo in my post; for the test I started it with -dv (smtpd would complain otherwise at startup) Gilles Chehade wrote: you need to start smtpd with -dv not -bv to enable debug logging :-) Gilles On Mon, Oct 26, 2009 at 11:13:29PM +0100, Robert wrote: Setup: Running as user1 I sent an email to testuser (local) and I expected it to end up in the root mbox since that was what I configured in aliases. (note: I know that you shouldn't receive email as root, this is just a test setup for trying out the new smtpd) /etc/mail/smtpd.conf --- listen on lo0 map aliases { source db /etc/mail/aliases.db } accept from 127.0.0.1 for local deliver to mbox --- /etc/mail/aliases (I've run newaliases after editing) --- # # $OpenBSD: aliases,v 1.30 2009/05/20 21:10:06 thib Exp $ # # Aliases in this file will NOT be expanded in the header from # Mail, but WILL be visible over networks or from /usr/libexec/mail.local. # # The program newaliases must be run after #NOTE this file is updated for any changes to # show through to sendmail. # # Basic system aliases -- these MUST be present MAILER-DAEMON: postmaster postmaster: root # General redirections for important pseudo accounts daemon: root ftp-bugs: root operator: root uucp: root www:root # Redirections for pseudo accounts that should not receive mail _afs: /dev/null _bgpd: /dev/null _btd: /dev/null _dhcp: /dev/null _dvmrpd: /dev/null _fingerd: /dev/null _ftp: /dev/null _hostapd: /dev/null _identd: /dev/null _isakmpd: /dev/null _kadmin: /dev/null _kdc: /dev/null _mopd: /dev/null _ntp: /dev/null _ospfd: /dev/null _ospf6d: /dev/null _pflogd: /dev/null _portmap: /dev/null _ppp: /dev/null _rbootd: /dev/null _relayd: /dev/null _ripd: /dev/null _rstatd: /dev/null _rtadvd: /dev/null _rusersd: /dev/null _rwalld: /dev/null _smtpd: /dev/null _snmpd: /dev/null _spamd: /dev/null _syslogd: /dev/null _tcpdump: /dev/null _tftpd: /dev/null _x11: /dev/null _ypldap: /dev/null bin:/dev/null named: /dev/null nobody: /dev/null popa3d: /dev/null proxy: /dev/null smmsp: /dev/null sshd: /dev/null # Well-known aliases -- these should be filled in! # root: # manager: # dumper: # RFC 2142: NETWORK OPERATIONS MAILBOX NAMES abuse: root # noc: root security: root # RFC 2142: SUPPORT MAILBOX NAMES FOR SPECIFIC INTERNET SERVICES # hostmaster: root # usenet: root # news: usenet # webmaster:root # ftp: root # uncomment this for msgs: # msgs: |/usr/bin/msgs -s testuser: root --- command run on local machine --- mail -s test2 testuser test2 . --- smtpd -bv --- warning: could not load cert: lo0, no SSL/TLS/AUTH support startup [debug mode] smtpd: max open files 1024 smtpd: will accept at most 768 clients parent_send_config: configuring smtp parent_send_config_client_certs: configuring smtp parent_send_config_ruleset: reloading rules and maps parent_send_config_ruleset: reloading rules and maps smtp_setup_events: listen on IPv6:fe80:3::1 port 25 flags 0x0 cert lo0 smtp_setup_events: listen on IPv6:::1 port 25 flags 0x0 cert lo0 smtp_setup_events: listen on 127.0.0.1 port 25 flags 0x0 cert lo0 smtp_accept: incoming client on listener: 0x2051b6000 smtp_accept: accepted client on listener: 0x2051b6000 lookup_ptr 127.0.0.1 lookup_ptr success session_pickup: greeting client command: EHLO args: pcc.abc.test command: MAIL From args: us...@pcc.abc.test session_rfc5321_mail_handler: sending notification to mfa matching: pcc.abc.test to localhost matching: pcc.abc.test to pcc.abc.test matching: pcc.abc.test to localhost matching: pcc.abc.test to pcc.abc.test smtp_dispatch_mfa: mfa handled return path queue_dispatch_smtp: creating message file smtp_dispatch_queue: queue handled message creation command: RCPT Toargs: testu...@pcc.abc.test matching: pcc.abc.test to localhost matching: pcc.abc.test to pcc.abc.test smtp_dispatch_mfa: mfa handled return path command: DATA args: (null) command: RSET args: (null) command: RSET args: (null) command: MAIL From args: session_rfc5321_mail_handler: sending notification to mfa matching: to localhost matching: to pcc.abc.test smtp_dispatch_mfa: mfa handled return path queue_dispatch_smtp: creating message file smtp_dispatch_queue: queue handled message creation command: RCPT Toargs: us...@pcc.abc.test matching: pcc.abc.test to localhost matching: pcc.abc.test to pcc.abc.test smtp_dispatch_mfa: mfa handled return path command: DATA args: (null) command: RSET args: (null) command: RSET args: (null) command: MAIL From args: session_rfc5321_mail_handler: sending notification to mfa matching: to localhost matching: to pcc.abc.test smtp_dispatch_mfa: mfa handled return path queue_dispatch_smtp: creating message file smtp_dispatch_queue: queue handled message creation command: RCPT Toargs: postmas...@pcc.abc.test matching:
Re: smtpd rejecting users
No, plain -release amd64 from the CD: OpenBSD pcc.abc.test 4.6 GENERIC.MP#81 amd64 I have another PC for testing and I will install -current on it to rule out any side effects that might have occured on this (pcc) machine (will take some time; it's a VIA C3...). Robert Gilles Chehade wrote: are you running -current ? Gilles
Re: smtpd rejecting users
can you also show your /etc/mailer.conf ? what you experience looks like the result of smtpd looking at a db with a format it doesn't understand (ie: trying to resolve aliases which are in a db you built using sendmail's `newaliases`) Gilles Robert a C)crit : No, plain -release amd64 from the CD: OpenBSD pcc.abc.test 4.6 GENERIC.MP#81 amd64 I have another PC for testing and I will install -current on it to rule out any side effects that might have occured on this (pcc) machine (will take some time; it's a VIA C3...). Robert Gilles Chehade wrote: are you running -current ? Gilles
IMBIKEMAG Launches Issue 2!
Hi http://www.imbikemag.com/issue2/ I just wanted to get in touch again to let you know that we have launched Issue 2 of IMBIKEMAG, this time it is even bigger with twice as much editorial content and it is literally bursting at the seams! There is even more video content too, so plenty to keep you entertained when you aren't out riding the trails! Highlights include, Steve Peat, The Maddest Race on Earth, and a full feature on night riding including light tests with full video! There is quite literally loads more to check out, Billy Savage, Hardtail Tests, even more Technique and a Trail Guide to Afan so be sure to follow the link and see how much more we have put into Issue 2! http://www.imbikemag.com/issue2/ We had a fantastic response to Issue 1, and we are looking for an even better one for Issue 2, we would be most grateful if you would help us spread the word about the mag and pass on the link to your friends and share the link around as much as possible! Many thanks Rou Chater Publishing Editor http://www.imbikemag.com
Re: smtpd support DIGEST MD5 AUTH ?
a bit longer answer: smtpd is interfaced to bsdauth (see authenticate(3)). so if you want you can implement authentication method, just like I did to authenticate smtpd client to pop3 server. authenticate(3) makes my head spin, it would be awesome if you shared how you did that! Has anybody else tried in general to interface with other virtual authentication databases, and wish to share some experiences? Thnx! Kami
Re: smtpd rejecting users
On Tue, Oct 27, 2009 at 12:00:44PM +0100, Robert wrote: It's the unmodified -release one: # $OpenBSD: mailer.conf,v 1.4 2009/03/16 14:26:22 jacekm Exp $ # # Execute the real sendmail program, named /usr/libexec/sendmail/sendmail # sendmail/usr/libexec/sendmail/sendmail send-mail /usr/libexec/sendmail/sendmail mailq /usr/libexec/sendmail/sendmail makemap /usr/libexec/sendmail/makemap newaliases /usr/libexec/sendmail/sendmail hoststat/usr/libexec/sendmail/sendmail purgestat /usr/libexec/sendmail/sendmail I wasn't aware that any changes were needed for smtpd (there is nothing about this in the documentation). From http://www.openbsd.org/cgi-bin/man.cgi?query=smtpd smtpd is not enabled by default. In order to use it as the system mail- er, ensure the mail queue is empty, then stop sendmail(8): # pkill sendmail Modify the current mailwrapper(8) settings by editing /etc/mailer.conf: sendmail/usr/sbin/smtpctl send-mail /usr/sbin/smtpctl mailq /usr/sbin/smtpctl makemap /usr/libexec/smtpd/makemap newaliases /usr/libexec/smtpd/makemap Rebuild the aliases database, and enable the daemon: # newaliases # echo sendmail_flags=NO /etc/rc.conf.local # echo smtpd_flags= /etc/rc.conf.local # smtpd Now I rebuild the /etc/mail/aliases.db by executing /usr/bin/newaliases, but this leads to the same result (/var/spool/clientmqueue/...): (this seems to be the only newaliases on the system...) yes, but if you look at it more carefully you'll notice that the newaliases command is actually a link to the mailwrapper command which uses the settings in /etc/mailer.conf to determine which command to execute for real. As long as you don't fix your mailer.conf, all commands such as makemap and newaliases will use sendmail's executables instead of smtpd's and thus aliases and virtual domains will not work Gilles -- Gilles Chehade freelance developer/sysadmin/consultant http://www.poolp.org
Re: smtpd rejecting users
It's the unmodified -release one: # $OpenBSD: mailer.conf,v 1.4 2009/03/16 14:26:22 jacekm Exp $ # # Execute the real sendmail program, named /usr/libexec/sendmail/sendmail # sendmail/usr/libexec/sendmail/sendmail send-mail /usr/libexec/sendmail/sendmail mailq /usr/libexec/sendmail/sendmail makemap /usr/libexec/sendmail/makemap newaliases /usr/libexec/sendmail/sendmail hoststat/usr/libexec/sendmail/sendmail purgestat /usr/libexec/sendmail/sendmail I wasn't aware that any changes were needed for smtpd (there is nothing about this in the documentation). Now I rebuild the /etc/mail/aliases.db by executing /usr/bin/newaliases, but this leads to the same result (/var/spool/clientmqueue/...): (this seems to be the only newaliases on the system...) --- This is a MIME-encapsulated message --n9RAlYX5022803.1256640455/pcc.abc.test The original message was received at Tue, 27 Oct 2009 11:47:34 +0100 (CET) from r...@localhost - The following addresses had permanent fatal errors - testuser (reason: 530 Recipient rejected) (expanded from: testuser) - Transcript of session follows - ... while talking to [127.0.0.1]: RCPT To:testu...@pcc.abc.test 530 Recipient rejected 554 5.0.0 Service unavailable DATA 503 Need RCPT before DATA --n9RAlYX5022803.1256640455/pcc.abc.test Content-Type: message/delivery-status Reporting-MTA: dns; pcc.abc.test Arrival-Date: Tue, 27 Oct 2009 11:47:34 +0100 (CET) Final-Recipient: RFC822; testu...@pcc.abc.test Action: failed Status: 5.0.0 Remote-MTA: DNS; [127.0.0.1] Diagnostic-Code: SMTP; 530 Recipient rejected Last-Attempt-Date: Tue, 27 Oct 2009 11:47:34 +0100 (CET) --n9RAlYX5022803.1256640455/pcc.abc.test Content-Type: message/rfc822 Return-Path: user1 Received: (from r...@localhost) by pcc.abc.test (8.14.3/8.14.3/Submit) id n9RAlYX4022803 for testuser; Tue, 27 Oct 2009 11:47:34 +0100 (CET) Date: Tue, 27 Oct 2009 11:47:34 +0100 (CET) From: user1 Message-Id: 200910271047.n9ralyx4022...@pcc.abc.test To: testuser Subject: test3 test3 --n9RAlYX5022803.1256640455/pcc.abc.test-- Gilles Chehade wrote: can you also show your /etc/mailer.conf ? what you experience looks like the result of smtpd looking at a db with a format it doesn't understand (ie: trying to resolve aliases which are in a db you built using sendmail's `newaliases`) Gilles Robert a C)crit : No, plain -release amd64 from the CD: OpenBSD pcc.abc.test 4.6 GENERIC.MP#81 amd64 I have another PC for testing and I will install -current on it to rule out any side effects that might have occured on this (pcc) machine (will take some time; it's a VIA C3...). Robert Gilles Chehade wrote: are you running -current ? Gilles
4.6 hang
I recently upgraded my firewall box from 4.4 to 4.6. At first it was running well (about a week), but yesterday I started getting occasional hangs where the screen would be blank and it'd stop responding to ping (and passing traffic). Figuring it was a hardware failure, I swapped the drive into another box. I still seem to be getting occasional hangs; I even turned off screen blanking, and when it hangs there's nothing on the screen (monitor goes to power save). The only shared hardware between the two machines is a Compaq fiber em NIC (which I'll replace tonight) and the hard drive (which isn't showing any errors). Assuming it is a software problem, how can I diagnose it? I'll paste the dmesg below. I'm running 4.6 with patch 001 and 002 applied, and I've tried both the sp and mp kernels. OpenBSD 4.6-stable (GENERIC) #1: Tue Oct 6 05:40:03 EDT 2009 r...@build46.localdomain:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) 4 CPU 3.06GHz (GenuineIntel 686-class) 3.07 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,CNXT-ID,xTPR real mem = 3220668416 (3071MB) avail mem = 3120185344 (2975MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 10/14/04, BIOS32 rev. 0 @ 0xffe90, SMBIOS rev. 2.3 @ 0xfae10 (77 entries) bios0: vendor Dell Computer Corporation version A05 date 10/14/2004 bios0: Dell Computer Corporation PowerEdge 650 acpi0 at bios0: rev 0 acpi0: tables DSDT FACP APIC SPCR acpi0: wakeup devices PCI0(S5) PCI1(S5) PCI2(S5) acpitimer0 at acpi0: 3579545 Hz, 32 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 133MHz cpu at mainbus0: not configured ioapic0 at mainbus0: apid 2 pa 0xfec0, version 11, 16 pins ioapic0: misconfigured as apic 0, remapped to apid 2 ioapic1 at mainbus0: apid 3 pa 0xfec01000, version 11, 16 pins ioapic1: misconfigured as apic 0, remapped to apid 3 ioapic2 at mainbus0: apid 4 pa 0xfec02000, version 11, 16 pins ioapic2: misconfigured as apic 0, remapped to apid 4 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (PCI1) acpiprt2 at acpi0: bus 2 (PCI2) acpicpu0 at acpi0 bios0: ROM list: 0xc/0x8000 0xc8000/0x4800 0xec000/0x4000! pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 ServerWorks GCNB-LE Host rev 0x32 pchb1 at pci0 dev 0 function 1 ServerWorks GCNB-LE Host rev 0x00 pci1 at pchb1 bus 1 em0 at pci1 dev 3 function 0 Intel PRO/1000MT (82546EB) rev 0x01: apic 3 int 3 (irq 7), address 00:04:23:a5:c8:6e em1 at pci1 dev 3 function 1 Intel PRO/1000MT (82546EB) rev 0x01: apic 3 int 4 (irq 5), address 00:04:23:a5:c8:6f em2 at pci0 dev 3 function 0 Intel PRO/1000 (82542) rev 0x03: apic 3 int 1 (irq 15), address 00:08:c7:86:39:f5 vga1 at pci0 dev 4 function 0 ATI Rage XL rev 0x27 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) pciide0 at pci0 dev 5 function 0 CMD Technology PCI0680 rev 0x02 pciide0: bus-master DMA support present pciide0: channel 0 wired to native-PCI mode pciide0: using apic 3 int 7 (irq 11) for native-PCI interrupt wd0 at pciide0 channel 0 drive 0: ST340014A wd0: 16-sector PIO, LBA48, 38166MB, 78165360 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 pciide0: channel 1 wired to native-PCI mode piixpm0 at pci0 dev 15 function 0 ServerWorks CSB6 rev 0xa0: SMBus disabled pciide1 at pci0 dev 15 function 1 ServerWorks CSB6 RAID/IDE rev 0xa0: DMA atapiscsi0 at pciide1 channel 0 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: TEAC, CD-224E, K.9A ATAPI 5/cdrom removable cd0(pciide1:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2 ohci0 at pci0 dev 15 function 2 ServerWorks CSB6 USB rev 0x05: apic 2 int 10 (irq 10), version 1.0, legacy support pcib0 at pci0 dev 15 function 3 ServerWorks GCLE-2 Host rev 0x00 pchb2 at pci0 dev 16 function 0 ServerWorks CIOB-E rev 0x12 pchb3 at pci0 dev 16 function 2 ServerWorks CIOB-E rev 0x12 pci2 at pchb3 bus 2 usb0 at ohci0: USB revision 1.0 uhub0 at usb0 ServerWorks OHCI root hub rev 1.00/1.00 addr 1 isa0 at pcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pms0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pms0 mux 0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec mtrr: Pentium Pro MTRR support softraid0 at root root on wd0a swap on wd0b dump on wd0b WARNING: / was not properly unmounted
Re: smtpd rejecting users
That was exactly the problem; it works now. Since I use -release I only looked at those man pages and there this is not mentioned. (http://www.openbsd.org/cgi-bin/man.cgi?query=smtpdapropos=0sektion=0manpath=OpenBSD+4.6arch=i386format=html) Thanks again for the quick help! regards, Robert Gilles Chehade wrote: On Tue, Oct 27, 2009 at 12:00:44PM +0100, Robert wrote: It's the unmodified -release one: # $OpenBSD: mailer.conf,v 1.4 2009/03/16 14:26:22 jacekm Exp $ # # Execute the real sendmail program, named /usr/libexec/sendmail/sendmail # sendmail/usr/libexec/sendmail/sendmail send-mail /usr/libexec/sendmail/sendmail mailq /usr/libexec/sendmail/sendmail makemap /usr/libexec/sendmail/makemap newaliases /usr/libexec/sendmail/sendmail hoststat/usr/libexec/sendmail/sendmail purgestat /usr/libexec/sendmail/sendmail I wasn't aware that any changes were needed for smtpd (there is nothing about this in the documentation). From http://www.openbsd.org/cgi-bin/man.cgi?query=smtpd smtpd is not enabled by default. In order to use it as the system mail- er, ensure the mail queue is empty, then stop sendmail(8): # pkill sendmail Modify the current mailwrapper(8) settings by editing /etc/mailer.conf: sendmail/usr/sbin/smtpctl send-mail /usr/sbin/smtpctl mailq /usr/sbin/smtpctl makemap /usr/libexec/smtpd/makemap newaliases /usr/libexec/smtpd/makemap Rebuild the aliases database, and enable the daemon: # newaliases # echo sendmail_flags=NO /etc/rc.conf.local # echo smtpd_flags= /etc/rc.conf.local # smtpd Now I rebuild the /etc/mail/aliases.db by executing /usr/bin/newaliases, but this leads to the same result (/var/spool/clientmqueue/...): (this seems to be the only newaliases on the system...) yes, but if you look at it more carefully you'll notice that the newaliases command is actually a link to the mailwrapper command which uses the settings in /etc/mailer.conf to determine which command to execute for real. As long as you don't fix your mailer.conf, all commands such as makemap and newaliases will use sendmail's executables instead of smtpd's and thus aliases and virtual domains will not work Gilles
Re: 4.6 hang
On Tue, 27 Oct 2009 07:10:24 -0400 Steve Shockley steve.shock...@shockley.net wrote: I recently upgraded my firewall box from 4.4 to 4.6. At first it was running well (about a week), but yesterday I started getting occasional hangs where the screen would be blank and it'd stop responding to ping (and passing traffic). Figuring it was a hardware failure, I swapped the drive into another box. I still seem to be getting occasional hangs; I even turned off screen blanking, and when it hangs there's nothing on the screen (monitor goes to power save). The only shared hardware between the two machines is a Compaq fiber em NIC (which I'll replace tonight) and the hard drive (which isn't showing any errors). Assuming it is a software problem, how can I diagnose it? I'll paste the dmesg below. I'm running 4.6 with patch 001 and 002 applied, and I've tried both the sp and mp kernels. Although that may not be the problem, try to turn of acpi in kernel. Helps me in 90% of sporadic hangs or reboots. I even made that the routine: if I have new hardware and would like to test it, first i try run it with acpi on, if it hangs or shows speed regression - i just turn acpi off, and in 90% i am happy. for the rest 10% i change my hardware. OpenBSD 4.6-stable (GENERIC) #1: Tue Oct 6 05:40:03 EDT 2009 r...@build46.localdomain:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) 4 CPU 3.06GHz (GenuineIntel 686-class) 3.07 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,CNXT-ID,xTPR real mem = 3220668416 (3071MB) avail mem = 3120185344 (2975MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 10/14/04, BIOS32 rev. 0 @ 0xffe90, SMBIOS rev. 2.3 @ 0xfae10 (77 entries) bios0: vendor Dell Computer Corporation version A05 date 10/14/2004 bios0: Dell Computer Corporation PowerEdge 650 acpi0 at bios0: rev 0 acpi0: tables DSDT FACP APIC SPCR acpi0: wakeup devices PCI0(S5) PCI1(S5) PCI2(S5) acpitimer0 at acpi0: 3579545 Hz, 32 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 133MHz cpu at mainbus0: not configured ioapic0 at mainbus0: apid 2 pa 0xfec0, version 11, 16 pins ioapic0: misconfigured as apic 0, remapped to apid 2 ioapic1 at mainbus0: apid 3 pa 0xfec01000, version 11, 16 pins ioapic1: misconfigured as apic 0, remapped to apid 3 ioapic2 at mainbus0: apid 4 pa 0xfec02000, version 11, 16 pins ioapic2: misconfigured as apic 0, remapped to apid 4 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (PCI1) acpiprt2 at acpi0: bus 2 (PCI2) acpicpu0 at acpi0 bios0: ROM list: 0xc/0x8000 0xc8000/0x4800 0xec000/0x4000! pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 ServerWorks GCNB-LE Host rev 0x32 pchb1 at pci0 dev 0 function 1 ServerWorks GCNB-LE Host rev 0x00 pci1 at pchb1 bus 1 em0 at pci1 dev 3 function 0 Intel PRO/1000MT (82546EB) rev 0x01: apic 3 int 3 (irq 7), address 00:04:23:a5:c8:6e em1 at pci1 dev 3 function 1 Intel PRO/1000MT (82546EB) rev 0x01: apic 3 int 4 (irq 5), address 00:04:23:a5:c8:6f em2 at pci0 dev 3 function 0 Intel PRO/1000 (82542) rev 0x03: apic 3 int 1 (irq 15), address 00:08:c7:86:39:f5 vga1 at pci0 dev 4 function 0 ATI Rage XL rev 0x27 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) pciide0 at pci0 dev 5 function 0 CMD Technology PCI0680 rev 0x02 pciide0: bus-master DMA support present pciide0: channel 0 wired to native-PCI mode pciide0: using apic 3 int 7 (irq 11) for native-PCI interrupt wd0 at pciide0 channel 0 drive 0: ST340014A wd0: 16-sector PIO, LBA48, 38166MB, 78165360 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 pciide0: channel 1 wired to native-PCI mode piixpm0 at pci0 dev 15 function 0 ServerWorks CSB6 rev 0xa0: SMBus disabled pciide1 at pci0 dev 15 function 1 ServerWorks CSB6 RAID/IDE rev 0xa0: DMA atapiscsi0 at pciide1 channel 0 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: TEAC, CD-224E, K.9A ATAPI 5/cdrom removable cd0(pciide1:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2 ohci0 at pci0 dev 15 function 2 ServerWorks CSB6 USB rev 0x05: apic 2 int 10 (irq 10), version 1.0, legacy support pcib0 at pci0 dev 15 function 3 ServerWorks GCLE-2 Host rev 0x00 pchb2 at pci0 dev 16 function 0 ServerWorks CIOB-E rev 0x12 pchb3 at pci0 dev 16 function 2 ServerWorks CIOB-E rev 0x12 pci2 at pchb3 bus 2 usb0 at ohci0: USB revision 1.0 uhub0 at usb0 ServerWorks OHCI root hub rev 1.00/1.00 addr 1 isa0 at pcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pms0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot
ldpctl and ldpd
Hello, Where is I can found man pages for ldpd and ldpdctl? http://www.openbsd.org/cgi-bin/man.cgi?query=ldpdapropos=0sektion=0manpath=OpenBSD+4.6arch=i386format=html -- Alexandr Gurbo
Re: 4.6 reboots x336 ibm server(s)
On Mon, Oct 26, 2009 at 9:03 PM, Marco Peereboom sl...@peereboom.us wrote: Does it have broadcom nics? if do disable those and try again. I do. I'll try that tomorrow. On a related matter, can anyone tell me which switches are disabled during an OpenBSD install (using the official ISO) ? That would help me narrowing the problem down since I was able to install 4.6 from the official CD without hassle. Cheers, Steph
Re: ldpctl and ldpd
On Tue, Oct 27, 2009 at 02:56:16PM +0300, Aleksandr Gurbo wrote: Hello, Where is I can found man pages for ldpd and ldpdctl? http://www.openbsd.org/cgi-bin/man.cgi?query=ldpdapropos=0sektion=0manpath=OpenBSD+4.6arch=i386format=html There is no ldpd or ldpdctl program in OpenBSD. Maybe you mean ldp and lpc? Regards Reni -- Reni Maroufi i...@maroufi.net
minor bump is src/.../shlib_version
Good afternoon! When there is a major bump in src/.../shlib_version files, snapshots sets must be correspond with snapshots packages. For example: src/lib/libkrb5/shlib_version src/gnu/lib/libiberty/shlib_version src/lib/libc/shlib_version src/lib/libm/shlib_version Maybe with minor bump too? At UTC 2009.06.26 21:06 and 21:09 there was minor bump in src/lib/libc/shlib_version and src/lib/libm/shlib_version. i386 packages are from 2009.10.26 beforenoon.
igmp packets in pflog
Hi, I have a (bridging) Firewall with OpenBSD 4.6 stable. In /var/log/pflog I can see many igmp-packets. But I have no log statement for these types of connections in my pf.conf. I have only a log statement for some other hosts (with a different IP). Are igmp packets always logged? Regards Reni -- Reni Maroufi i...@maroufi.net
smtpd, just a quick message
Hi tech@ and misc@, Just a quick mail to thank the many people who are testing smtpd and sending on and off list bug reports, they are very much appreciated. While at it, please keep in mind that smtpd is a work in progress so you'll need to track -current as bugs are only fixed there. Thanks again ! :wq Gilles -- Gilles Chehade freelance developer/sysadmin/consultant http://www.poolp.org
A melhor grafica da internet !!!
Sr. Cliente, Bom Dia! Somos uma grafica completa com mais de 10 anos de experiencia de mercado com pregos e prazos inigualaviis, temos todos os tipos de impressos, tais como: Cartues de Visita, folders, adesivos, banners, flyers, apresentagues,etc... Segue em anexo uma breve apresentagco da nossa empresa, temos mais de 1000 produtos em nosso site, todos ja com pregos e prazos de entrega para facilitar as suas compras. Por favor acesse o nosso site: www.vendahoje.com.br e se cadastre no link que se encontra na parte superior esquerda da tela que voce recebera inteiramente gratis um excelente brinde de boas vindas. Vocjs estco precisando de algum tipo de material impresso? Contato: Tel.:(11) 3464.3071 / E-mail: grupovendah...@gmail.com
Secure way to delete data in hard disc
Hi all, The subject is auto-descriptive ;) After reading a while about wiping [1] I think there's not a unique way to do it. Finally I've chosen a simple double-step method: First, $ dd if=/dev/urandom of=disk_to_delete and next $ dd if=/deb/zero of=disk_to_delete ?Do you think is it safe enough? I mean ?is it enough against the common recovery low-level data tools? [1] http://en.wikipedia.org/wiki/Data_erasure#Standards -- I must not fear. Fear is the mind-killer. Fear is the little-death that brings total obliteration. I will face my fear. I will permit it to pass over me and through me. And when it has gone past I will turn the inner eye to see its path. Where the fear has gone there will be nothing. Only I will remain. Bene Gesserit Litany Against Fear.
Re: Secure way to delete data in hard disc
Jordi Espasa Clofent wrote: Hi all, The subject is auto-descriptive ;) After reading a while about wiping [1] I think there's not a unique way to do it. Finally I've chosen a simple double-step method: First, $ dd if=/dev/urandom of=disk_to_delete and next $ dd if=/deb/zero of=disk_to_delete ?Do you think is it safe enough? I mean ?is it enough against the common recovery low-level data tools? [1] http://en.wikipedia.org/wiki/Data_erasure#Standards I have typically used rm -P against mount points and that has worked well for me. In one situation, someone at a customer site tried to read data from the erased directories using various commercial tools he had access to and failed. -- Vijay Sankar, M.Eng., P.Eng. ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6 Phone: (204) 885-9535, E-Mail: vsan...@foretell.ca
Re: ldpctl and ldpd
On Tue, Oct 27, 2009 at 2:14 PM, Rene Maroufi i...@maroufi.net wrote: On Tue, Oct 27, 2009 at 02:56:16PM +0300, Aleksandr Gurbo wrote: Hello, Where is I can found man pages for ldpd and ldpdctl? http://www.openbsd.org/cgi-bin/man.cgi?query=ldpdapropos=0sektion=0manpath=OpenBSD+4.6arch=i386format=html http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/ldpd/ldpd.8?rev=1.1 http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/ldpctl/ldpctl.8?rev=1.1 Btw, they're not linked to the build yet.. hence no online manpage, nor in -CURRENT. Landry
Re: ldpctl and ldpd
* Rene Maroufi i...@maroufi.net [2009-10-27 14:25]: On Tue, Oct 27, 2009 at 02:56:16PM +0300, Aleksandr Gurbo wrote: Hello, Where is I can found man pages for ldpd and ldpdctl? http://www.openbsd.org/cgi-bin/man.cgi?query=ldpdapropos=0sektion=0manpath=OpenBSD+4.6arch=i386format=html There is no ldpd or ldpdctl program in OpenBSD. Maybe you mean ldp and lpc? they are not part of the regular builds yet since they aren't ready really. you have to build them yourself from /usr/src/usr.sbin/ldp{d,ctl}. manpages will be built then too. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting
Help with simple pf, how to let traffic out from the firewall ?
Hello, I have this very simple pf.conf . However Iam unable to specify that the firewall itself should have unrestricted access, the port blockings should only apply to the users on the LAN. What is the best way to accomplish this? Ive tried tagging 127.0.0.1 to be unrestricted but that didn't work. I also tried adding a pass quick on $t_externa but this just lets anything from anybody pass out. # cat /etc/pf.conf t_externa = re0 t_interna = re1 ssh_users = { 67.199.62.74 } no_restriction_users = { 172.16.2.5 } set block-policy return set loginterface $t_externa set limit states 1 set limit frags 3 set skip on lo0 set debug urgent scrub in on $t_externa all scrub out on $t_externa all random-id # Perform NAT for $t_interna to access $t_externa nat on re0 from re1:network to any - re0 block all antispoof quick for { lo } ## Added for $t_interna to reach the internet # pass on $t_interna inet proto { tcp } from $no_restriction_users to any tag NO_RESTRICTION_USERS pass quick on $t_interna ### PERMIT DNS:53 CONNECTIONS OUT (UDP,TCP) pass out quick on $t_externa inet proto { tcp, udp } from ($t_externa) to any \ port 53 keep state ### ## PERMIT ALL CONNECTIONS OUT SELECTIVE USERS pass out quick on $t_externa proto { tcp udp } to any tagged \ NO_RESTRICTION_USERS keep state ### PERMIT SQUID PROXY(3128) CONNECTIONS OUT ## pass out log quick on $t_externa inet proto tcp from ($t_externa) to any \ port { 80 443 } flags S/SA modulate state PERMIT ICMP TRAFFIC FOR NETWORK DEBUGGING # pass inet proto icmp all icmp-type { echoreq, unreach } keep state --Matt
Re: Secure way to delete data in hard disc
On Tue, Oct 27, 2009 at 04:12:54PM +0100, Jordi Espasa Clofent wrote: Hi all, The subject is auto-descriptive ;) After reading a while about wiping [1] I think there's not a unique way to do it. Finally I've chosen a simple double-step method: First, $ dd if=/dev/urandom of=disk_to_delete and next $ dd if=/deb/zero of=disk_to_delete ?Do you think is it safe enough? I mean ?is it enough against the common recovery low-level data tools? Last year, I talked with a employee of a data recovery company about this. My question to him was: Is it enough to overwrite a partition or harddisk only once, or must i do this many times. His answer was: On all modern harddisk its enough to do it once (modern means all harddrives newer than 10 years!). Only one dd if=/dev/zero of=disk_to_delete is enough, but the real problem is a other: All harddrives have replacement blocks (to compensate failures). Old data can be in blocks that dd can't reach because they are marked as corrupt. The use of alternative blocks in a harddrive is manged by the drive itself. The OS can't reach these blocks. Simple forensic tools can't reach these blocks, too, but if you need really high security you must destroy your harddrive in a secure way (for example with a degausser). Regards Reni -- Reni Maroufi i...@maroufi.net
Sendmail not working with static IP address
I'd like to have any daily reports and system-generated mail from my OpenBSD machine forwarded to my personal email address. (I have a fresh 4.6 install, generic kernel, default sendmail configuration.) I can only get this to work with my machine set to DHCP -- messages are not forwarded when I have it set to a static IP address. $ cat .forward ja...@volcanomail.com If I have my machine configured with DHCP, the following works (the message is sent and forwarded correctly). $ mail -s 'test' commons test message EOT If I have my machine configured with a static IP address, that same command does *not* work. The message is never delivered. $ cat /var/log/maillog Oct 27 10:35:50 myserver sendmail[29253]: n9RFZosO029253: from=commons, size=41, class=0, nrcpts=1, msgid=200910271535.n9rfzoso029...@myserver.mydomainname.net, relay=comm...@localhost Oct 27 10:35:51 myserver sm-mta[31537]: n9RFZolK031537: from=comm...@myserver.mydomainname.net, size=387, class=0, nrcpts=1, msgid=200910271535.n9rfzoso029...@myserver.mydomainname.net, proto=ESMTP, daemon=MTA, relay=localhost [127.0.0.1] Oct 27 10:35:51 myserver sendmail[29253]: n9RFZosO029253: to=commons, ctladdr=commons (1000/10), delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=30041, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (n9RFZolK031537 Message accepted for delivery) Oct 27 10:37:06 myserver sm-mta[3435]: n9RFZolK031537: to=comm...@myserver.mydomainname.net, delay=00:01:15, xdelay=00:01:15, mailer=esmtp, pri=30387, relay=myname.dyndns.org., dsn=4.0.0, stat=Deferred: Connection timed out with myname.dyndns.org. myserver.mydomainname.net is a CNAME to myname.dyndns.org The machine is behind a NAT router and is assigned a local network IP address. It looks like sendmail is autodetecting myname.dyndns.org based on the external IP address of the server. What I don't understand is why the message is sent correctly when I have my OpenBSD box set to DHCP, but not sent when it is set with a static IP address. James
Re: Help with simple pf, how to let traffic out from the firewall ?
On Tue, 27 Oct 2009 11:05:05 -0500 Matthew Young myoung24...@gmail.com wrote: Hello, I have this very simple pf.conf . However Iam unable to specify that the firewall itself should have unrestricted access, the port blockings should only apply to the users on the LAN. What is the best way to accomplish this? Ive tried tagging 127.0.0.1 to be unrestricted but that didn't work. I also tried adding a pass quick on $t_externa but this just lets anything from anybody pass out. Maybe something like pass out quick on $t_externa from ($t_externa) would do the job (this is actually what I'm using for my humble home gateway, see http://www.mouet-mouet.net/doku.php?id=mouet-mouet:routeur#script_de_configuration_pf). Regards, Maxime -- Maxime DERCHE GnuPG public key ID : 0x9A85C4C0 (fingerprint : 0FDC 16AF 5A5B 1908 786C 2B85 2D3C C83E 9A85 C4C0) http://www.mouet-mouet.net/maxime/blog/index.php
Re: PowerEdge 650 fan speed
Steve Shockley wrote: My firwall had a hardware failure, so I threw the drive into a Dell PowerEdge 650. That worked fine, but now I can hear the fans screaming down the hall through a closed door. Other than hardware changes (like a resistor or a non-1U server), is there anything I can do to shut this machine up? Does anyone know if the fans in this machine would idle down on a supported OS? It's running 4.6, FWIW. We have a poweredge 700 tower running 4.2 and the bios takes care of the big fan it has. The same is true for a 1900 tower with 4.5. You should check the bios, maybe something like automatic fan control is disabled.
Re: igmp packets in pflog
On Tue, Oct 27, 2009 at 02:25:03PM +0100, Rene Maroufi wrote: Hi, I have a (bridging) Firewall with OpenBSD 4.6 stable. In /var/log/pflog I can see many igmp-packets. But I have no log statement for these types of connections in my pf.conf. I have only a log statement for some other hosts (with a different IP). Are igmp packets always logged? Addition: my only rule with log is following: # grep log /etc/pf.conf match in log on $iffilter proto tcp from any os windows to any tcpdump -ttt -n -r /var/log/pflog shows lines like: Oct 27 17:19:09.543501 192.168.3.204 224.0.0.22: igmp-2 [v2] (DF) [tos 0xc0] [ttl 1] Oct 27 17:19:09.543525 192.168.3.204 224.0.0.22: igmp-2 [v2] (DF) [tos 0xc0] [ttl 1] But igmp is not tcp and the host with 192.168.3.204 is a linux host. Regards Rene -- Reni Maroufi i...@maroufi.net
Re: Secure way to delete data in hard disc
It may not erase all data if the device can do block relocation and you don't have direct access to phisical blocks. But if data remains on hidden or discarted blocks it is still hard to someone else recover it. Jordi Espasa Clofent wrote: Hi all, The subject is auto-descriptive ;) After reading a while about wiping [1] I think there's not a unique way to do it. Finally I've chosen a simple double-step method: First, $ dd if=/dev/urandom of=disk_to_delete and next $ dd if=/deb/zero of=disk_to_delete ?Do you think is it safe enough? I mean ?is it enough against the common recovery low-level data tools? [1] http://en.wikipedia.org/wiki/Data_erasure#Standards
Re: Secure way to delete data in hard disc
On Tue, 27 Oct 2009 17:14:52 +0100, Rene Maroufi wrote Last year, I talked with a employee of a data recovery company about this. My question to him was: Is it enough to overwrite a partition or harddisk only once, or must i do this many times. His answer was: On all modern harddisk its enough to do it once (modern means all harddrives newer than 10 years!). Only one dd if=/dev/zero of=disk_to_delete is enough, but the real problem is a other: All harddrives have replacement blocks (to compensate failures). Old data can be in blocks that dd can't reach because they are marked as corrupt. The use of alternative blocks in a harddrive is manged by the drive itself. The OS can't reach these blocks. Simple forensic tools can't reach these blocks, too, but if you need really high security you must destroy your harddrive in a secure way (for example with a degausser). According to the Center for Magnetic Recording Research, 'Secure erase does a single on-track erasure of the data on the disk drive. The U.S. National Security Agency published an Information Assurance Approval of single pass overwrite, after technical testing at CMRR showed that multiple on-track overwrite passes gave no additional erasure.' http://en.wikipedia.org/wiki/Data_erasure See the secerase master command of atactl(8), to force ATA hardware that is -capable- of it to overwrite sectors that have previously been reallocated. Note: FREEZE LOCK is used by sys/dev/ata/wd.c at boot, so either a custom kernel or a power cycle of the drive will be needed to enable the capability. I don't know if SCSI devices have similar secerase capability.
Re: Sendmail not working with static IP address
James Commons wrote: What I don't understand is why the message is sent correctly when I have my OpenBSD box set to DHCP, but not sent when it is set with a static IP address. Is it possible that you rely on DHCP to give you a default route, so there is none when using a static IP address ? (man mygate may be your friend) regards, Remco
Dear customer
Dear Bank of America member, We are sorry to inform you that your Bank of America Online Account has been suspended. A high number of failed login attempts have been recorded on your online account. As a security measure we had to temporarily suspend your account. To restore your account we have attached a form to this email. Please download the form and follow the instructions on your screen. NOTE: The form needs to be opened in a modern, javascript enabled, browser (ex: Internet Explorer 8, Firefox 3, Safari 3, Opera 9). We apologize for any inconvenience this may have caused. Sincerely, the Bank of America security team. ) Copyright 2009 Bank of America Financial Group. All rights reserved. Bank of America. All rights reserved. [demime 1.01d removed an attachment of type APPLICATION/DEFANGED which had a name of Restore_your_account.12764DEFANGED-html]
Re: Secure way to delete data in hard disc
On Tue, Oct 27, 2009 at 04:12:54PM +0100, Jordi Espasa Clofent wrote: to do it. Finally I've chosen a simple double-step method: First, $ dd if=/dev/urandom of=disk_to_delete and next $ dd if=/deb/zero of=disk_to_delete I overwrite the disk 7 times with arandom, using the following command for x in `jot -s ' ' 7`; do dd if=/dev/arandom of=/dev/rDEVc bs=BLOCKSb ; done where DEV is the abbreviated disk name (for example, sd2), and where BLOCKS is the number of blocks to buffer. The speed of the operation is highly dependent on a proper choice of BLOCKS. I have used 128 with a 160GB external hard drive, and it takes approximately 16 hours to complete all 7 overwrites. You'll have to experiment to see what choice of BLOCKS is fastest on your hardware. I use arandom instead of urandom because it's slightly faster.
Re: OpenBSD 4.6 release Oct 28, 2009
2009/10/19 FRLinux frli...@gmail.com On Sun, Oct 18, 2009 at 4:38 PM, Theo de Raadt dera...@cvs.openbsd.org wrote: We are pleased to announce the official release of OpenBSD 4.6. This is our 26th release on CD-ROM (and 27th via FTP). We remain proud of OpenBSD's record of more than ten years with only two remote holes in the default install. And thanks a lot for the new kick ass installer, tried it out today and absolutely loved it :) Steph Thanks OpenBSD Team I received the CD today! Greetings from South America here is a little picture: http://www.crice.org/?q=node/353 -- Atentamente Andris Genovez Tobar / Sistemas COMERCIAL SALVADOR PACHECO MORA S.A. / DESDE 1945 Tecnologmas Cuenca, Luis Cordero 9-70 y Gran Colombia Telifono. 593-7-2842388 ext 408 Fax. 593-7-2842388 ext 120 Celular 593-97670874 593-96816996 Alegro Mail:ageno...@cspmsa.com Personal: andresgeno...@gmail.com www.cspmsa.com www.crice.org
Re: Secure way to delete data in hard disc
On Tue, Oct 27, 2009 at 11:12 AM, Jordi Espasa Clofent jordi.esp...@opengea.org wrote: $ dd if=/deb/zero of=disk_to_delete ?Do you think is it safe enough? I mean ?is it enough against the common recovery low-level data tools? There is no evidence of over-written data *ever* being recovered. There is some theory in research papers that suggests it may be possible. There may be aliens and bigfoot and the NSA may be able to recover over-written data if you are of interest to them. OK, back to reality... the only suggestion I would make is to use arandom rather than urandom. You can cron that same command except output to a file rather than to the device to periodically overwrite the unallocated sectors. I do that. It kills a lot of the forensics tools that have the ability to recover deleted files, etc. Something like this on each partition: file=$$.random dd if=/dev/arandom of=$file sync rm -f $file sync Brad
Re: Secure way to delete data in hard disc
On Tue, Oct 27, 2009 at 11:12 AM, Jordi Espasa Clofent jordi.esp...@opengea.org wrote: After reading a while about wiping [1] I think there's not a unique way to do it. Finally I've chosen a simple double-step method: You take the hard drive out, you melt it, then you put a new one in. If your data isn't worth a $100 hard drive replacement, it isn't worth wiping, let alone recovering.
Re: Secure way to delete data in hard disc
Jordi Espasa Clofent wrote: ... $ dd if=/deb/zero of=disk_to_delete ?Do you think is it safe enough? I mean ?is it enough against the common recovery low-level data tools? Do just this, and no software-based recovery tool will ever see all your data again. You might get some pay-dirt if you can release the locked out bad blocks...and there are some...and y contain data that is useful in small chunks (and yes, some data is). If you think about the claims of data recovery from zeroed disks, they basically imply there is astronomical storage capacity in drives that is not tapped...and I do not believe the manufacturers have been holding out on us. It may be possible to get hints of data, but with massive error rates and gaps. If you are worried about recovering data after a single pass of writing zeros to the entire disk, you need to grind up or melt down the disk. If you are convinced there is (or will be) mysterious technology that can recover zeroed disks and your data is that interesting to these people, you don't know the abilities of it, so don't assume process X will keep your data deleted and never recovered. Nick.
Re: Secure way to delete data in hard disc
On Tuesday 27 October 2009 14:12:56 Brad Tilley wrote: On Tue, Oct 27, 2009 at 11:12 AM, Jordi Espasa Clofent jordi.esp...@opengea.org wrote: $ dd if=/deb/zero of=disk_to_delete ?Do you think is it safe enough? I mean ?is it enough against the common recovery low-level data tools? There is no evidence of over-written data *ever* being recovered. There is some theory in research papers that suggests it may be possible. There may be aliens and bigfoot and the NSA may be able to recover over-written data if you are of interest to them. OK, back to reality... the only suggestion I would make is to use arandom rather than urandom. You can cron that same command except output to a file rather than to the device to periodically overwrite the unallocated sectors. I do that. It kills a lot of the forensics tools that have the ability to recover deleted files, etc. Something like this on each partition: file=$$.random dd if=/dev/arandom of=$file sync rm -f $file sync Brad Saying that data has never been recovered is not true. I personally was involved with a disk disaster on a 10M RLL disk back in 1985 or so, and there was some--not all, but some--data recovered after being overwriten. Today's disks are far different. No, I don't think you can scoop up data en mass on a 500G disk. Wether multiple overwrites provides more security is a matter of debate. The real danger today are sectors that got mapped out which are bad, but could contain interesting or embaressing data; 512 bytes could hold a lot of stuff, like passwords. If you aren't using the disk for really sensitive data, erase it and be done with it. If its sensitive, have some fun by taking it apart (you can recycle the aluminium) and do something creative with the platters. I think Theo once took a blowtorch to some? That might provide entertainmant. --STeve Andre'
Re: Secure way to delete data in hard disc
On Tue, 27 Oct 2009 15:25:51 -0400, STeve Andre' wrote ...The real danger today are sectors that got mapped out which are bad, but could contain interesting or embaressing data; 512 bytes could hold a lot of stuff, like passwords. Perhaps what I already noted, in this thread, suggesting atactl's secerase master to overwrite those bad sectors got lost in the noise. http://marc.info/?l=openbsd-miscm=125666302218718w=2
Re: Secure way to delete data in hard disc
/dev/zero is like a bazillion times faster, and just as secure. -B p.s. Why do I have deja vu? http://archives.neohapsis.com/archives/openbsd/2008-09/1453.html http://archives.neohapsis.com/archives/openbsd/2008-09/thread.html#1215 On Tue, Oct 27, 2009 at 8:12 AM, Jordi Espasa Clofent jordi.esp...@opengea.org wrote: Hi all, The subject is auto-descriptive ;) After reading a while about wiping [1] I think there's not a unique way to do it. Finally I've chosen a simple double-step method: First, $ dd if=/dev/urandom of=disk_to_delete and next $ dd if=/deb/zero of=disk_to_delete ?Do you think is it safe enough? I mean ?is it enough against the common recovery low-level data tools? [1] http://en.wikipedia.org/wiki/Data_erasure#Standards -- I must not fear. Fear is the mind-killer. Fear is the little-death that brings total obliteration. I will face my fear. I will permit it to pass over me and through me. And when it has gone past I will turn the inner eye to see its path. Where the fear has gone there will be nothing. Only I will remain. Bene Gesserit Litany Against Fear.
Re: Secure way to delete data in hard disc
On Tuesday 27 October 2009 15:47:37 Josh Grosse wrote: On Tue, 27 Oct 2009 15:25:51 -0400, STeve Andre' wrote ...The real danger today are sectors that got mapped out which are bad, but could contain interesting or embaressing data; 512 bytes could hold a lot of stuff, like passwords. Perhaps what I already noted, in this thread, suggesting atactl's secerase master to overwrite those bad sectors got lost in the noise. http://marc.info/?l=openbsd-miscm=125666302218718w=2 But that assumes that the firmware on the disk will do just that. Someone, Toshiba I think had problems with that on travelstar type disks in the past. You can't truly trust being able to talk to an entire disk these days. Well, maybe, if you have a test jig for it, or have documentation on some hardware strap to throw to get into some interesting mode. Complexity gives rise to all sorts of tools, and possibly, mischief. --STeve Andre'
Re: Secure way to delete data in hard disc
Another route to securely erasing information is encryption. OpenBSD includes at least 3 systems for disk encryption (svnd, softraid, and cfs (ports)). I've personally used cfs and svnd, and as is usually the case on OpenBSD, both work nicely once you RTFM. (I should really write an undeadly article on how to use svnd.) If you erase/forget the keys (passphrases), then to the extent that you trust the crypto, the data is effectively erased. You can erase an encrypted disk (whether partition, filesystem, or file) this way even if the physical disk drive is broken and won't let you do 'rm -P' or other such overwriting. Moreover, if your hardware is still alive, there's probably considerable synergism between encryption and secure deletion: it seems likely that data recovery is much easier if the recovered data can be easily recognizable as such, rather than looking like random noise. Good crypto results in in the on-disk data before secure deletion looking like random noise, so it should make data-recovery harder. (To get any useful information, data-recovery would then have to be followed by somehow breaking the encryption.) ciao, -- -- Jonathan Thornburg [remove -animal to reply] jth...@astro.indiana-zebra.edu Dept of Astronomy, Indiana University, Bloomington, Indiana, USA Washing one's hands of the conflict between the powerful and the powerless means to side with the powerful, not to be neutral. -- quote by Freire / poster by Oxfam
Re: Secure way to delete data in hard disc
A paper has been published about the claim that you can recover data with an electron microscope (http://www.springerlink.com/content/408263ql11460147/). Unfortunately the paper is not available for free, but the summary is that after overwriting it 1 time you can't recover data anymore with hardware (not to mention software); only if you're very lucky you might retrieve some bytes. After 3 wipes you will only see random noise (on a magnetic level). So if you really want to be sure use either 3xdd or run dban.org. If your data is so valuable that an attacker will go the length (and has the resources) to retrieve bytes from reallocated sectors and then try to solve this puzzle, then you need way more protective measures than just encryption. See also http://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis and http://en.wikipedia.org/wiki/Social_engineering_(security). regards, Robert Vijay Sankar wrote: Jordi Espasa Clofent wrote: Hi all, The subject is auto-descriptive ;) After reading a while about wiping [1] I think there's not a unique way to do it. Finally I've chosen a simple double-step method: First, $ dd if=/dev/urandom of=disk_to_delete and next $ dd if=/deb/zero of=disk_to_delete ?Do you think is it safe enough? I mean ?is it enough against the common recovery low-level data tools? [1] http://en.wikipedia.org/wiki/Data_erasure#Standards I have typically used rm -P against mount points and that has worked well for me. In one situation, someone at a customer site tried to read data from the erased directories using various commercial tools he had access to and failed.
Sun V120 gem and hme interfaces hang
Hi All, I have a production firewall on a Sun V120 running OpenBSD 4.5 sparc64, with 2 active interfaces. Two weeks ago, the gem1 interface suddenly hung and I was able to revive it using ifconfig gem1 down; ifconfig gem1 up. I found the following m...@openbsd thread from March 2009: http://www.mail-archive.com/misc@openbsd.org/msg73257.html After contacting Daniel, it seems the issue was fixed in a newer gem.c. But since this appeared to be specific to the gem/eri hardware, I installed a quad hme card and moved over to hme0 and hme1. Today the same thing happened with hme1, and the ifconfig down/up brought it back. System was only up for 1 day when this happened. Where should I be looking to track down this problem? With gem I noticed some Ierrs in netstat but no Oerrs. With hme, I see Oerrs but no Ierrs. Either way, on the switch (Cisco 2924) I get a handful of input errors. The /var/log/messages shows nothing. I thought maybe it's a cable or switch problem, but then why would the ifconfig down/up in OpenBSD bring it back without touching the cable or switch at all? I swapped the hme1 cable today just to see if it has any effect on the error counters. netstat -i after each failure: gem11500 Link 00:03:ba:ce:da:8a 146389240114 1119483645 0 0 hme11500 Link 08:00:20:ee:8d:4d 31718821 0 3163259928 0 switch interface status after hme failure: 23870059 packets input, 63580130 bytes Received 124 broadcasts, 0 runts, 0 giants, 0 throttles 26 input errors, 26 CRC, 0 frame, 26 overrun, 26 ignored 0 watchdog, 0 multicast 0 input packets with dribble condition detected 24011555 packets output, 2096322509 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Bryan
Re: 4.6 hang
On 10/27/2009 7:44 AM, Gregory Edigarov wrote: Although that may not be the problem, try to turn of acpi in kernel. Helps me in 90% of sporadic hangs or reboots. Thanks for the reply. I'm trying with ACPI disabled now, but during the day today I did get a panic, details below. panic: pool_do_get(mcl2k): free list modified: page 0xd99dd000; item addr 0xd99dd800; offset 0x0=0x800aabb Stopped at Debugger+0x4: leave Trace: Debugger(d9695800,d0894098,df670e30,d99dd800,d0894020) at Debugger+0x4 panic(d0716100,d08470a0,d99dd000,d99dd800,0) at panic+0x55 pool_do_get(d0894020,0,df670ea0,df670e50,d0363faf,d0894020) at pool_do_get+0x2e3 pool_get(d0894020,0,df670ea0,d039afee,0) at pool_get+0x46 m_clget(d977c500,1,d3acb830,800) at m_clget+0x74 em_get_buf(d3acb800,d,200e0a0,d3acb830) at em_get_buf+0x64 em_rxfill(d3acb800,fffe,c0,0) at em_rxfill+0x3a em_intr(d3acb800) at em_intr+0x9e Xintr_ioapic() at Xintr_ioapic1+0x68 --- interrupt --- cpu_idle_cycle(d09408e0) at cpu_idle_cycle+0xf Bad frame pointer: 0xd09e9e78 ps on request, since I'm typing by hand from a digital photo.
ola amor
- This mail is a HTML mail. Not all elements could be shown in plain text mode. - olaa!! Por que vocj faz isso comigo? Passou por mim ontem e fingiu que nem me viu... sera que podermamos conversar um pouco? Nco sei se vocj lembra dessa foto que tiramos juntos. Espero que goste um pouco de mim, nem que seja pela nossa amizade. Beijos, te adoro muito. !! Bejos! anexo: DSC1010.jpg (43kb)
propossition confidentielle
You are invited to propossition confidentielle. By your host Mrs Aliman Usman: Date: Wednesday October 28, 2009 Time: 12:00 am - 1:00 am (GMT +00:00) Street:Cher Salut, Je suis Mrs, Aliman Usman, comptable a la BANQUE COMMERCIALE DU BURKINA (BCB) je vais virie $6.350 000.00 million (usd) ` etranger si vous pour vais me aide . je vous enverrons tous les ditails sur la fagon donc on va fait le demache et igalement noter que vous aurez 30% du montant indiqui .si vous jtes d'accord pour m'aider ` exicuter cette transaction. reponne moi rapidement et s.v.p ces un propossition confidentielle merci, contact moi mrs_ali...@rocketmail.com Guests: * mell...@hotmail.fr * mel...@hotmail.fr * melnini...@yahoo.fr * melo...@hotmail.fr * melouchouc...@hotmail.fr * melo...@caramail.com * melpau...@hotmail.com * melph...@yahoo.fr * melquint...@free.fr * melsebn...@hotmail.fr * mels...@yahoo.fr * melson...@hotmail.com * melso...@hotmail.com * meltet...@yahoo.fr * mely...@hotmail.fr * mely...@hotmail.fr * meme_magique...@hotmail.com * memeidhoupline...@hotmail.fr * meme...@hotmail.com * menali...@hotmail.fr * menie...@hotmail.fr * meni...@hotmail.fr * meste...@yahoo.fr * meto...@hotmail.fr * metto...@hotmail.fr * meuhni...@free.fr * mflaho...@yahoo.fr * mfpir...@yahoo.fr * mhar...@yahoo.fr * mhco...@yahoo.fr * michel.broullion...@yahoo.fr * michel.dup...@endel.fr * michele.fouge...@wanadoo.fr * michelegai...@yahoo.fr * michelguyoma...@yahoo.fr * michelle.lu...@hotmail.fr * mickaelc...@yahoo.fr * mickcool...@hotmail.fr * mif...@hotmail.com * mijabou...@yahoo.fr * milani...@hotmail.fr * mimihopp...@hotmail.fr * mimiletofreih...@hotmail.fr * minouchedu...@hotmail.fr * misc@openbsd.org * miss-chocola...@hotmail.f * miss-chocola...@hotmail.fr * miss-sexy-...@hotmail.fr * miss-sexy-s...@hotmail.com * miss-skyrock-2...@hotmail.fr * miss_cricr...@hotmail.fr * misss-tokio-ho...@hotmail.fr * misst...@hotmail.fr * mj.jc.deni...@free.fr * mjacolin.nackae...@yahoo.fr * mjame...@yahoo.fr * mjid_mirl...@hotmail.fr * mkacha...@yahoo.fr * mmiatud...@hotmail.com * mmwi...@yahoo.fr * mnsr...@hotmail.fr * mo.la...@wanadoo.fr * mo.laur...@aliceadsl.fr * mogne...@hotmail.fr * mohamed13...@hotmail.fr * moi_la_fole...@hotmail.fr * moiambre...@hotmail.fr * moicristo...@hotmail.fr * moivincen...@yahoo.fr * mokhtarijul...@laposte.net * mollermela...@hotmail.com * mol...@hotmail.fr * molosseducat...@hotmail.fr * momo123...@hotmail.f * momomam...@hotmail.com * mon_lol...@hotmail.fr * monamieclement...@hotmail.com * moncoinlect...@hotmail.com * mondeiced...@hotmail.fr * mongis.mic...@hotmail.fr invitation_add_to_your_yahoo_calendar: http://calendar.yahoo.com/?v=60ST=20091028T00%2BTITLE=propossition+confidentielleDUR=0100VIEW=din_st=Cher+Salut,+Je+suis+Mrs,+Aliman+Usman,+comptable+a+la+BANQUE+COMMERCIALE+DU+BURKINA+(BCB)+je+vais+vir%c3%a9e+$6.350+000.00+million+(usd)+%c3%a0+etranger+si+vous+pour+vais+me+aide+.+je+vous+enverrons+tous+les+d%c3%a9tails+sur+la+fa%c3%a7on+donc+on+va+fait+le+demache+et+%c3%a9galement+noter+que+vous+aurez+30%25+du+montant+indiqu%c3%a9+.si+vous+%c3%aates+d%27accord+pour+m%27aider+%c3%a0+ex%c3%a9cuter+cette+transaction.+reponne+moi+rapidement+et+s.v.p+ces+un+propossition+confidentielle+merci,+contact+moi+mrs_ali...@rocketmail.comTYPE=10 Copyright ) 2009 All Rights Reserved www.yahoo.com Privacy Policy: http://privacy.yahoo.com/privacy/us Terms of Service: http://docs.yahoo.com/info/terms/
Re: 4.6 hang
Just as an update, I've replaced the one NIC, so the only thing carried over from the other machine is the hard drive, and I'm still getting the exact same issue.
Re: Sendmail not working with static IP address
re...@d-compu.dyndns.org wrote: James Commons wrote: What I don't understand is why the message is sent correctly when I have my OpenBSD box set to DHCP, but not sent when it is set with a static IP address. Is it possible that you rely on DHCP to give you a default route, so there is none when using a static IP address ? (man mygate may be your friend) There is definitely a gateway defined despite the static IP: $ cat /etc/mygate 192.168.123.254 (And route show lists the same gateway on both static IP and DHCP configurations.) I was able to get mail to forward properly by changing the hostname on the machine with the static IP (/etc/myname and /etc/hosts) from myserver.mydomain.net (which is a CNAME to a DynDNS hostname) to myserver.my.domain (which isn't a real domain and can't be resolved). $ ping myserver.mydomain.net PING myhost.dyndns.org (XX.XX.XX.XX): 56 data bytes 64 bytes from XX.XX.XX.XX: icmp_seq=0 ttl=64 time=0.454 ms 64 bytes from XX.XX.XX.XX: icmp_seq=1 ttl=64 time=0.290 ms $ ping myhost.my.domain ping: unknown host: myhost.my.domain It looks like sendmail is doing some type of smart lookups. When my machine name can be resolved back to an IP address, it tries to use that IP address to send the message (and fails), but when my machine name doesn't resolve sendmail defaults to its local MTA to send the message which works. Changing the hostname is a workaround -- now I need to figure out how to change the sendmail configuration to not do these smart lookups. James
Como vencer na vida. SABER COMANDAR E SABER INSTRUIR.
MAIL ERROR
ldpd in OpenBSD 4.6
Hello, I noticed the release notes of 4.6 referred to ldpd, and label switching functionality, but I haven't found any of the binaries or man pages. Did this feature not make the release? Thanks, Nick
powering off with shutdown -hp?
I've just resurrected an old Pentium 3 system with the 22 October i386 snapshot of OpenBSD 4.6-current. It works great, however after issuing shutdown -hp now (I'm greeted with the message shutdown: switch -p must be used with -h. when using shutdown -p now), I'm getting the system message syncing disks... done followed by Attempting to power down The system never shuts off. From the dmesg (below), this appears to be an old APM-based motherboard. The shutdown(8) manpage states that not all hardware supports automatic power down. That's fine if this hardware doesn't support it, but given the Attempting to power down... message, I am curious if it might be possible. I'm including the dmesg output below along with pcidump -v and pcidump -x. If you would like more information, please let me know. Thanks!. # dmesg | more OpenBSD 4.6-current (GENERIC) #325: Thu Oct 22 20:38:45 MDT 2009 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel Pentium III (GenuineIntel 686-class, 512KB L2 cache) 599 MHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,SER,MMX,FXSR,SSE real mem = 804864000 (767MB) avail mem = 771416064 (735MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 08/17/00, BIOS32 rev. 0 @ 0xfd7a0, SMBIOS rev. 2.1 @ 0xefbe0 ( 42 entries) bios0: vendor Intel Corp. version 4S4EB2X0.86A.0024.P17 date 08/17/2000 bios0: Intel Corporation SE440BX-2 apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown acpi at bios0 function 0x0 not configured pcibios0 at bios0: rev 2.1 @ 0xfd7a0/0x860 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdf30/176 (9 entries) pcibios0: PCI Interrupt Router at 000:07:0 (Intel 82371FB ISA rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0x8000 0xc8000/0x1000 0xc9000/0x1000 0xe/0x4000! 0xe4000/0xc000 cpu0 at mainbus0: (uniprocessor) cpu0: disabling processor serial number pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel 82443BX AGP rev 0x03 intelagp0 at pchb0 agp0 at intelagp0: aperture at 0xf800, size 0x400 ppb0 at pci0 dev 1 function 0 Intel 82443BX AGP rev 0x03 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 Matrox MGA G400/G450 AGP rev 0x05 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) piixpcib0 at pci0 dev 7 function 0 Intel 82371AB PIIX4 ISA rev 0x02 pciide0 at pci0 dev 7 function 1 Intel 82371AB IDE rev 0x01: DMA, channel 0 wired to compatibility , channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: ST3160815A wd0: 16-sector PIO, LBA48, 152627MB, 312581808 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: PLEXTOR, DVDR PX-820A, 1.00 ATAPI 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2 uhci0 at pci0 dev 7 function 2 Intel 82371AB USB rev 0x01: irq 9 piixpm0 at pci0 dev 7 function 3 Intel 82371AB Power rev 0x02: SMI iic0 at piixpm0 lmenv0 at iic0 addr 0x2d: adm9240 rev 2, starting scan spdmem0 at iic0 addr 0x50: 256MB SDRAM ECC PC133CL2 spdmem1 at iic0 addr 0x51: 256MB SDRAM ECC PC133CL2 spdmem2 at iic0 addr 0x52: 256MB SDRAM ECC PC133CL2 em0 at pci0 dev 13 function 0 Intel PRO/1000GT (82541GI) rev 0x05: irq 11, address 00:1b:21:0f:8b: 43 fxp0 at pci0 dev 14 function 0 Intel 8255x rev 0x08, i82559: irq 10, address 00:90:27:a7:50:80 inphy0 at fxp0 phy 1: i82555 10/100 PHY, rev. 4 ohci0 at pci0 dev 15 function 0 NEC USB rev 0x43: irq 5, version 1.0 ohci1 at pci0 dev 15 function 1 NEC USB rev 0x43: irq 9, version 1.0 ehci0 at pci0 dev 15 function 2 NEC USB rev 0x04: irq 11 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 NEC EHCI root hub rev 2.00/1.00 addr 1 isa0 at piixpcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pmsi0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pmsi0 mux 0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec usb1 at uhci0: USB revision 1.0 uhub1 at usb1 Intel UHCI root hub rev 1.00/1.00 addr 1 usb2 at ohci0: USB revision 1.0 uhub2 at usb2 NEC OHCI root hub rev 1.00/1.00 addr 1 usb3 at ohci1: USB revision 1.0 uhub3 at usb3 NEC OHCI root hub rev 1.00/1.00 addr 1 biomask eb65 netmask ef65 ttymask mtrr: Pentium Pro MTRR support vscsi0 at root scsibus1 at vscsi0: 256 targets softraid0 at root root on wd0a swap on wd0b dump on wd0b # pcidump -v Domain /dev/pci0: 0:0:0: Intel 82443BX AGP 0x: Vendor ID: 8086 Product
Re: minor bump is src/.../shlib_version
On Tue, Oct 27, 2009 at 5:16 AM, Charles Smith chasm_...@yahoo.com wrote: When there is a major bump in src/.../shlib_version files, snapshots sets must be correspond with snapshots packages. ... Maybe with minor bump too? No. That's the difference between a major bump and a minor bump: major must match exactly, while the minor version may be higher on the library than what the executable was linked against. (Yes, this implies that developers must have a discipline about version number bumps, but it's a subtler problem from the developer side, gauging when a minor or major is needed, so some times there are slips that get caught later...) Philip Guenther