Re: OT - secondary DNS recommendations

[SJP Lists]

On 9 December 2010 13:26, Daniel Melameth dan...@melameth.com wrote:
 On Wed, Dec 8, 2010 at 9:49 AM, Scott McEachern sc...@blackstaff.ca wrote:
 Given the (general) support of WikiLeaks here, I was wondering if anyone
 could recommend a free alternative to replace EveryDNS.net?

 I know how to use Google to find free alternatives, I'm looking for
 *recommendations* for a simple two-domain home network.

 I don't care much for the propaganda on this list as of late, but,
 regardless, I've been happily using http://freedns.afraid.org for home
 use for several years.

Would this be propaganda too?

http://www.google.com.au/images?hl=enq=Iraqi+child

Re: OT - secondary DNS recommendations

[Randal L. Schwartz]

 Scott == Scott McEachern sc...@blackstaff.ca writes:

Scott  It seems my free-as-in-beer secondary DNS service, EveryDNS.net, has
Scott abandoned WikiLeaks, so I'd like to return the favour.

Scott Given the (general) support of WikiLeaks here, I was wondering if anyone 
could
Scott recommend a free alternative to replace EveryDNS.net?

1) Get a free tunnelbroker.net account from Hurricane Electric
by signing up.

2) secondary up to 25 domains using that account, for free, on DNS
servers that are geographically diverse and ipv6 enabled.

3) if you're feeling lucky, use two of your five free tunnels to have an
endpoint in the USA (to see streaming media available only in the USA)
and the UK (to use BBC iplayer).  Of course, the tunnels are meant for
you to have ipv6 anywhere.  I just consider that a bonus. :)

-- 
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
mer...@stonehenge.com URL:http://www.stonehenge.com/merlyn/
Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc.
See http://methodsandmessages.posterous.com/ for Smalltalk discussion

Re: OpenBSD Access Point?

[Cato Auestad]

On Tue, Dec 7, 2010 at 10:38 PM, Lists Account li...@y42.org wrote:
 Hi All,

 First post to misc. I'd like to create an OpenBSD based router + wifi
 access point. I thought I might buy myself one of these for Christmas:

I'm not sure whether this is useful for you or not, but I wrote this down
some weeks ago in case anyone wanted to try it out:

http://bleakgadfly.com/notes/openbsd_wifi.html
(the DHCP-part is how my setup is, not necessarily what you should use).

-- 
Cato Auestad
bleakgadfly
www.bleakgadfly.me
www.bleakgadfly.com
0x19ABF872

Re: Donations

[Dmitrij D. Czarkoff]

  Untill one is found guilty by court, any public occusations against him are
  considered defamation (criminal activity on it's own).

 So you have to pay for due process?

Why? Either I don't understand Your point, or You don't understand mine. You
don't have to pay to report a crime to entitled public bodies.

  So, according to legal regulations PayPal's activity towards Wikileaks 
  account
  should be brought to court as a defamation case.

 So you have to pay for due process?

In Russia it would be a criminal case, so the one to pay would be the
government. The civil case (damages due) could be run within criminal case or
afterwards, but it would be rather automated process, not a very big deal in
terms of mony.

--
Dmitrij D. Czarkoff

hotplugd(8) ignoring devices attached before boot

[MERIGHI Marcus]

hello all, 

for quite some time and until recently (1) hotplugd(8) used to pick up
devices (2) that were attached before boot once it started. this behaviour
has ceased with a snapshot just fetched (``OpenBSD 4.8-current (GENERIC)
#512: Tue Dec  7 23:06:47 MST 2010'').
has anyone else noticed the different behaviour?
if this is confirmed, is it a bug or a feature? :-)

bye and thanks in advance, 

marcus

(1) recently is hard to define in that case since I was running a
patched kernel until today. last but one snapshot I downloaded (and
still have) at 2010-12-01 (``OpenBSD 4.8-current (GENERIC) #502: Tue Nov
30 15:05:27 MST 2010''). I dimly remember the change was
already there but could test if need be. before that I still got ``OpenBSD
4.8-current (GENERIC) #495: Mon Nov 22 11:31:16 MST 2010'' and if my
memory serves right hotplugd was picking up the devices at that time. 

(2) devices I tested with: ``ath0 at cardbus0'', ``ubt0 at uhub1''.

OpenBSD 4.8-current (GENERIC) #512: Tue Dec  7 23:06:47 MST 2010
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Mobile Intel(R) Pentium(R) 4 - M CPU 2.00GHz (GenuineIntel 686-class) 2 
GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,CNXT-ID,xTPR
real mem  = 1072721920 (1023MB)
avail mem = 1045118976 (996MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 06/12/03, BIOS32 rev. 0 @ 0xfd7e0, SMBIOS 
rev. 2.31 @ 0xe0010 (48 entries)
bios0: vendor IBM version 1IET66WW (2.05 ) date 06/12/2003
bios0: IBM 2366EG9
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP SSDT ECDT TCPA BOOT
acpi0: wakeup devices LID_(S3) SLPB(S3) UART(S3) PCI0(S4) PCI1(S4) DOCK(S4) 
USB0(S3) USB1(S3) USB2(S3) AC97(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpiec0 at acpi0
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (AGP_)
acpiprt2 at acpi0: bus 2 (PCI1)
acpicpu0 at acpi0: C3, C2, FVS, 2000, 1200 MHz
acpipwrres0 at acpi0: PUBS
acpitz0 at acpi0: critical temperature 94 degC
acpibtn0 at acpi0: LID_
acpibtn1 at acpi0: SLPB
acpibat0 at acpi0: BAT0 model IBM-COMPATIBLE serial 20884 type LION oem GW
acpibat1 at acpi0: BAT1 not present
acpiac0 at acpi0: AC unit online
acpithinkpad0 at acpi0
acpidock0 at acpi0: DOCK not docked (0)
bios0: ROM list: 0xc/0x1 0xdc000/0x4000! 0xe/0x1
cpu0 at mainbus0: (uniprocessor)
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 Intel 82845 Host rev 0x04
intelagp0 at pchb0
agp0 at intelagp0: aperture at 0xe000, size 0x400
ppb0 at pci0 dev 1 function 0 Intel 82845 AGP rev 0x04
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 ATI Radeon Mobility M7 rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
radeondrm0 at vga1: irq 11
drm0 at radeondrm0
uhci0 at pci0 dev 29 function 0 Intel 82801CA/CAM USB rev 0x02: irq 11
uhci1 at pci0 dev 29 function 1 Intel 82801CA/CAM USB rev 0x02: irq 11
uhci2 at pci0 dev 29 function 2 Intel 82801CA/CAM USB rev 0x02: irq 11
ppb1 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0x42
pci2 at ppb1 bus 2
mem address conflict 0x5000/0x1000
mem address conflict 0x5100/0x1000
cbb0 at pci2 dev 0 function 0 TI PCI1520 CardBus rev 0x01: irq 11
cbb1 at pci2 dev 0 function 1 TI PCI1520 CardBus rev 0x01: irq 11
fxp0 at pci2 dev 8 function 0 Intel PRO/100 VE rev 0x42, i82562: irq 11, 
address 00:09:6b:3f:67:a8
inphy0 at fxp0 phy 1: i82562ET 10/100 PHY, rev. 0
cardslot0 at cbb0 slot 0 flags 0
cardbus0 at cardslot0: bus 3 device 0 cacheline 0x8, lattimer 0xb0
pcmcia0 at cardslot0
cardslot1 at cbb1 slot 1 flags 0
cardbus1 at cardslot1: bus 6 device 0 cacheline 0x8, lattimer 0xb0
pcmcia1 at cardslot1
ichpcib0 at pci0 dev 31 function 0 Intel 82801CAM LPC rev 0x02
pciide0 at pci0 dev 31 function 1 Intel 82801CAM IDE rev 0x02: DMA, channel 0 
configured to compatibility, channel 1 configured to compatibility
wd0 at pciide0 channel 0 drive 0: WDC WD3200BEVE-00A0HT0
wd0: 16-sector PIO, LBA48, 305245MB, 625142448 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
wd1 at pciide0 channel 1 drive 0: WDC WD1600BEVE-00WZT0
wd1: 16-sector PIO, LBA48, 152627MB, 312581808 sectors
wd1(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 5
ichiic0 at pci0 dev 31 function 3 Intel 82801CA/CAM SMBus rev 0x02: irq 11
iic0 at ichiic0
auich0 at pci0 dev 31 function 5 Intel 82801CA/CAM AC97 rev 0x02: irq 11, 
ICH3 AC97
ac97: codec id 0x41445348 (Analog Devices AD1881A)
ac97: codec features headphone, Analog Devices Phat Stereo
audio0 at auich0
usb0 at uhci0: USB revision 1.0
uhub0 at usb0 Intel UHCI root hub rev 1.00/1.00 addr 1
usb1 at uhci1: USB revision 1.0
uhub1 at usb1 Intel UHCI root hub rev 1.00/1.00 addr 1
usb2 at uhci2: USB revision 1.0
uhub2 at usb2 Intel UHCI root hub rev 1.00/1.00 addr 1
isa0 at ichpcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pckbc0 

Re: Donations

[Hugo Osvaldo Barrera]

On 05/12/10 23:04, Adam M. Dutko wrote:

I hope that one day due process is denied you.


I am wondering what type of due process should be granted to these
individuals.  What basis/jurisdiction of law are we talking about?  Natural
human rights? US law? International Law?  I'm just wondering because I think
it's critical to the whole discussion.  Julian Assange isn't a US citizen so
the US Government probably feels justified doing whatever they want even if
it is unethical, yet many think he should be protected by some of the US
justice code/process.  Is due process universal?



If I kill a cow, should I be deported to India, and processed there for 
that crime?  (Note that in most parts of india, it IS a crime).
Oh, I live in Argentina, the largest exporter of cow-meat.  Maybe we 
should all be deported there.


--
Hugo Osvaldo Barrera

Re: Donations

[Hugo Osvaldo Barrera]

On 05/12/10 23:54, Fred Elwood wrote:

--- On Mon, 12/6/10, Theo de Raadtdera...@cvs.openbsd.org  wrote:


From:

Theo de Raadtdera...@cvs.openbsd.org

Subject: Re: Donations
To: Fred

Elwoodfred.elw...@yahoo.com

Cc: misc@openbsd.org
Date: Monday,

December 6, 2010, 1:42 AM

PayPal's terms of use do not

permit soliciting

crime.

Paypal's terms of use are just that; terms of use.
The account

was

being run by the German charity WHS.

Noone has said that wikileaks

has commited a crime.

What statute
are you talking about?


Wikileaks

solicits the
holders of US security clearances to violate

their

non-disclosure agreements.
That is a crime.

I hereby ask

anyone who holds secrets that the world should

know
of, which may contain

indications of real crimes having

been commited
should send them to

wikileaks.

Did I just commit a crime?

No.


Oh, remember I do not

live

in the US.

Hypothetical cleared US personnel who took you up on this
request WOULD be committing a crime.


Some people think it should not

be a crime. But it

is.  Some people

think that it matters that WIkileaks

says that they do

not ask for

submissions.  That matters about as much

as a mob

boss saying that he

didn't ask anyone to shoot so-and-so, just

that

wouldn't it be

fortunate if someone
did?  Wikileaks model is

predicated on breaking

NDAs, and based on what their
cite on their

front pages, breaking NDAs

on US classified information is their


biggest product center.

You think it should be a crime.  You just

justified

skipping due process.


Against whom?  Due process rights exist
in criminal and civil proceedings, not in business arrangements.  Wikileaks
has no more due process rights against PayPal than Wim has against you; they
might be able to sue for breach of contract, but that's it.  Due process has
nothing to do with this case.  The nickel summary is that due process is not
in play if the cops are not directly involved.

The crime I am talking about
is the crime of the cleared individuals disclosing the classified information.
PayPal did not terminate Wikileaks for committing a crime, but for using
PayPal in support of their soliciting crimes (unlawful disclosure/conveyance
of classified information), which is against their terms of service.



Wikileaks is not guilty of any crimes until it's there's been a due 
process.  It's just accused of for now.

creating large files for testing

[LOhit]

Hello Everyone,

I apologize in advance if this question sounds stupid or has been answered
already. I need to create large dummy files for testing. I would like to
know if there is a way to do it using C on OpenBSD.

This is what I want to achieve. I tried looking for mkfile command, but I
couldn't find it either.

dd if=/dev/zero of=/testing/file0 bs=512 count=65536


Thanks in advance.
-LOhit

En France ou ailleurs, il faut se faire payer

[EUROPE RECOUVREMENT]

Bonjour, 

Vous avez des impayis ` encaisser en France, en Europe ou dans le reste du 
Monde ? 

Confiez vos impayis ` Europe Recouvrement, spicialisi en recouvrement de 
criances ` l'international depuis 1970. 

Les interventions amiables et judiciaires sont basies sur un principe de 
risultats obtenus pour votre compte : PAS DE SUCCES, PAS D'HONORAIRES. 

Europe Recouvrement c'est : 

- Des interventions personnalisies en 7 langues, 
- Des services certifiis ` la norme ISO 9001, 
- Des iquipes de juristes expirimentis, 
- Des risultats garantis dans les 30 jours. 

En ce moment, un chhque de riduction de 100 ? vous est offert ` valoir sur les 
honoraires d'encaissement de votre deuxihme impayi remis. 


Je demeure ` votre entihre disposition pour tous renseignements 
complimentaires. 

Trhs cordialement, 

EUROPE RECOUVREMENT 




Pour vous disabonner, collez ce lien dans votre navigateur : 
http://www.esmailer-475.com/unsuscribe.asp?lang=francaisid_formulaire=4email=m...@openbsd.orgid_message=367

Re: Donations

[Chandrakant Kumar]

On Thursday 09 December 2010 05:39 PM, Hugo Osvaldo Barrera wrote:

On 05/12/10 23:04, Adam M. Dutko wrote:

I hope that one day due process is denied you.


I am wondering what type of due process should be granted to these
individuals.  What basis/jurisdiction of law are we talking about?  
Natural
human rights? US law? International Law?  I'm just wondering because 
I think
it's critical to the whole discussion.  Julian Assange isn't a US 
citizen so
the US Government probably feels justified doing whatever they want 
even if
it is unethical, yet many think he should be protected by some of 
the US

justice code/process.  Is due process universal?



If I kill a cow, should I be deported to India, and processed there 
for that crime?  (Note that in most parts of india, it IS a crime).
Oh, I live in Argentina, the largest exporter of cow-meat.  Maybe we 
should all be deported there.


--
Hugo Osvaldo Barrera



We are waiting for you here in India ;)

Re: creating large files for testing

[Guillaume Dualé]

On Thu, 9 Dec 2010 18:15:35 +0530, LOhit lohi...@gmail.com wrote:
 Hello Everyone,
 
 I apologize in advance if this question sounds stupid or has been answered
 already. I need to create large dummy files for testing. I would like to
 know if there is a way to do it using C on OpenBSD.
 
 This is what I want to achieve. I tried looking for mkfile command, but I
 couldn't find it either.
 
 dd if=/dev/zero of=/testing/file0 bs=512 count=65536
 
 
 Thanks in advance.
 -LOhit

Hi,
first link in Google :
http://bytes.com/topic/c/answers/733896-how-create-large-files-c

Guillaume.

Re: creating large files for testing

[LOhit]

Thanks Guillaume. So, it was the former :)

2010/12/9 Guillaume Duali g.du...@otasc.org

 On Thu, 9 Dec 2010 18:15:35 +0530, LOhit lohi...@gmail.com wrote:
  Hello Everyone,
 
  I apologize in advance if this question sounds stupid or has been
 answered
  already. I need to create large dummy files for testing. I would like to
  know if there is a way to do it using C on OpenBSD.
 
  This is what I want to achieve. I tried looking for mkfile command, but
 I
  couldn't find it either.
 
  dd if=/dev/zero of=/testing/file0 bs=512 count=65536
 
 
  Thanks in advance.
  -LOhit

 Hi,
 first link in Google :
 http://bytes.com/topic/c/answers/733896-how-create-large-files-c

 Guillaume.

Re: OpenBSD Access Point?

[Kurt Mosiejczuk]

Todd Carson wrote:

 Which chip/card is it, if you don't mind?
 I have issues with my RT2561 and am considering trying to replace it.

 (To be specific, it sometimes stops accepting association requests and
 requires a power cycle -- not just an ifconfig down/up or warm reboot --
 to be reset. I haven't found a reliable way to reproduce it and I'm not
 sure whether it's a driver bug or hardware/firmware issue...)

ral0 at pci2 dev 4 function 0 Ralink RT2561S rev 0x00: irq 54, address
00:0c:09:30:01:b3
ral0: MAC/BBP RT2561C, RF RT2527

So, mine is a RT2561C not sure how different that may be from your
RT2561.  I have not had such problems with mine.

--Kurt

-- 
Kurt Mosiejczuk
Software Engineering
Rochester Institute of Technology
70-1527
134 Lomb Memorial Drive
Rochester, New York 14623
585-475-5999
k...@se.rit.edu

CONFIDENTIALITY NOTE: The information transmitted, including
attachments, is intended only for the person(s) or entity to which it
is addressed and may contain confidential and/or privileged material.
Any review, retransmission, dissemination or other use of, or taking
of any action in reliance upon this information by persons or entities
other than the intended recipient is prohibited. If you received this
in error, please contact the sender and destroy any copies of this
information.

OT - gmail alternatives

[lh]

Hi,

what are the good available alternatives (security/privacy) for gmail
you're using?

Cheers!

Re: OT - gmail alternatives

[Gilles Chehade]

Own box :-)

lh maig...@netvisao.pt wrote:

Hi,

what are the good available alternatives (security/privacy) for gmail
you're using?

Cheers!

Re: OT - gmail alternatives

[Kapetanakis Giannis]

On 09/12/10 17:01, lh wrote:

Hi,

what are the good available alternatives (security/privacy) for gmail
you're using?

Cheers!


I believe privacy and gmail cannot coexist ...

Giannis

Re: OT - gmail alternatives

[Marco Peereboom]

!gmail

On Thu, Dec 09, 2010 at 03:01:03PM +, lh wrote:
 Hi,
 
 what are the good available alternatives (security/privacy) for gmail
 you're using?
 
 Cheers!

Re: OT - gmail alternatives

[Gonzalo L. R.]

hotmail or live of course.

On 12/09/10 12:01, lh wrote:
 Hi,
 
 what are the good available alternatives (security/privacy) for gmail
 you're using?
 
 Cheers!
 

-- 
Sending from my Computer.

nfs / mail related freezes with OpenBSD 4.8-current

[Michael Lechtermann]

Hello,

since updating to 4.8-current two of my boxes, one i386 and one sparc64,
keep freezing just seconds after the boot.

I managed to find out that it has something to do with mail and the
mailboxes being inside an NFS share on another server.

For now I moved the mailboxes back into the system, but a solution would
really be nice.

So, someone know whats going on? Patches to try out are welcome. ;-)

Thanks in advance,
Michael


Trace, ps and dmesg:

ddb{0} trace
intr_list_handler(400081c2b00, 0, e0017ec8, 2, 14536c0, 180f3b8) at
intr_list_h
andler+0x28
sparc_interrupt(40012671d80, 1, 0, 800deafbeef, 0, deafbeef) at
sparc_interrupt
+0x2a8
m_get(1, 1, 800, fee99540, 0, 0) at m_get+0x30
m_copym0(400137d7540, 40012670180, 3b9aca00, 1, 0, deafbeef) at
m_copym0+0x148
nfs_receive(0, 40013b5fac0, 4004a2fb998, 15441a0, 1, 15441a8) at
nfs_receive+0x
1a4
nfs_reply(0, 1, 4004a2fb9d0, 4004a2fb9c0, 4004a2fb9b0, 18ad8f0) at
nfs_repl
y+0x60
nfs_request(0, 400088fca00, 4004a2fbbe0, 1802000, 15441f0, 180e000) at
nfs_requ
est+0x1d4
nfs_writerpc(400126760a0, 4004a2fbcf8, 2, 4004a2fbc00, 4004a2fbc10,
18ad8f0) at
 nfs_writerpc+0x16c
nfs_doio(400123a13c0, 100, 15443b0, 0, 0, 18ad000) at nfs_doio+0x21c
nfssvc_iod(400123a1ae0, 1800, 2, 18ad5f0, 1800, 0) at nfssvc_iod+0x218
proc_trampoline(0, 0, 0, 0, 0, 0) at proc_trampoline+0x14



db{0} ps
   PID   PPID   PGRPUID  S   FLAGS  WAIT  COMMAND
 26310   7093   7093  10006  3   0x2044180  getblkimap
 11103   7093   7093518  3   0x2004180  kqreadimap-login
  2505   2820   2505  0  2   0x2004480top
 20521   7093   7093518  3   0x2004180  kqreadimap-login
 32527   7093   7093518  3   0x2004180  kqreadimap-login
  1168   7093   7093518  3   0x2004180  kqreadimap-login
 24675   7093   7093518  3   0x2004180  kqreadmanagesieve-logi
 31831   7093   7093518  3   0x2004180  kqreadmanagesieve-logi
 14797   7093   7093518  3   0x2004180  kqreadmanagesieve-logi
 11476  1  11476  0  2   0x2004080getty
   981  1981  0  2   0x2000480cron
 10474  1  10474  0  2   0x2080480sensorsd
  6853   7093   7093  0  2   0x2004580dovecot-auth
  7093  1   7093  0  7   0x2000480dovecot
  2314  28480  28480  0  3   0x280  lockf saslauthd
 17033  28480  28480  0  3   0x280  lockf saslauthd
 25787  28480  28480  0  3   0x280  lockf saslauthd
   212  28480  28480  0  3   0x280  lockf saslauthd
 28480  1  28480  0  3   0x280  netconsaslauthd
 28457  1  28457527  2   0x2000580milter-regex
  7981  14251  14251569  2   0x2000580dkim-filter
 14251  1  14251569  3   0x2000180  poll  dkim-filter
  7034  16894  16894 67  3   0x2000180  semwait   httpd
 11225  1  11225539  2   0x2000580clamd
 21557  16894  16894 67  3   0x2000180  semwait   httpd
 18571  21865  16894  0  3   0x2004080  piperdrotatelogs
 25714   5279  16894  0  3   0x2004080  piperdrotatelogs
 12101  16894  16894 67  3   0x2000180  semwait   httpd
 15100  16894  16894 67  3   0x2000180  semwait   httpd
 20937  16894  16894 67  3   0x2000180  semwait   httpd
  8033  16894  16894 67  3   0x2000180  semwait   httpd
 31942  11447  16894  0  3   0x2004080  piperdrotatelogs
  2032  15434  16894  0  3   0x2004080  piperdrotatelogs
 24276  27450  16894  0  3   0x2004080  piperdrotatelogs
 12937  16894  16894 67  3   0x2000180  semwait   httpd
  7284  16894  16894 67  3   0x2000180  semwait   httpd
  2596  12503  16894  0  3   0x2004080  piperdrotatelogs
 16353  16894  16894 67  3   0x2000180  semwait   httpd
 28969  16894  16894 67  3   0x2000180  selecthttpd
 19600   8742  16894  0  3   0x2004080  piperdrotatelogs
 15724  14730  16894  0  3   0x2004080  piperdrotatelogs
 17889  16894  16894 67  3   0x2000180  semwait   httpd
  7688  16894  16894 67  3   0x2000180  semwait   httpd
 28764  10753  16894  0  3   0x2004080  piperdrotatelogs
 11583  16773  16894  0  3   0x2004080  piperdrotatelogs
 21865  16894  16894  0  3   0x2004080  pause sh
 15434  16894  16894  0  3   0x2004080  pause sh
 12503  16894  16894  0  3   0x2004080  pause sh
  5279  16894  16894  0  3   0x2004080  pause sh
 11447  16894  16894  0  3   0x2004080  pause sh
 10753  16894  16894  0  3   0x2004080  pause sh
 14730  16894  16894  0  3   0x2004080  pause sh
 27450  16894  16894  0  3   0x2004080  pause sh
  8742  16894  16894  0  3   0x2004080  pause 

Votre campagne d'emailing ... Offerte

[Pauline]

Si vous ne lisez pas correctement ce mail vous devez le visualiser en html

Re: OT - gmail alternatives

[Andres Perera]

supossedly hushmail but no pop/imap (free version)

however, hushmail will get you laughed at

On Thu, Dec 9, 2010 at 10:31 AM, lh maig...@netvisao.pt wrote:
 Hi,

 what are the good available alternatives (security/privacy) for gmail
 you're using?

 Cheers!

Re: OT - gmail alternatives

[Francesco Vollero]

Il 09/12/10 16.07, Gilles Chehade ha scritto:

Own box :-)


Thumbs up for Gilles! He's right, There are no better mail system than 
your.own.server



lhmaig...@netvisao.pt  wrote:


Hi,

what are the good available alternatives (security/privacy) for gmail
you're using?

Cheers!

Re: OT - gmail alternatives

[Hugo Osvaldo Barrera]

On 09/12/10 12:01, lh wrote:

Hi,

what are the good available alternatives (security/privacy) for gmail
you're using?

Cheers!



A box you own and control.
Gmail is NOT secure OR private.
I don't expect hotmail, yahoo, etc. to be so either.
Also, a few times hotmail released new versions of their web interface, 
they only worked for IE for about a week or two.


As long as you don't own and control the mail server, someone else has 
physical access to it; hence it's not really secure.
Personally, I run my own mail server on a VPS I rent (to ARP Network, by 
the way).  Not the BEST of choices, but I sure trust them more than GOOGLE.


If you *really* need privacy for emails, start using something like GPG.

Re: OT - gmail alternatives

[Jordi Espasa Clofent]

+1

Very happy and safe running my own mailserver.

--
I must not fear. Fear is the mind-killer. Fear is the little-death
that brings total obliteration. I will face my fear. I will permit it
to pass over me and through me. And when it has gone past I will turn
the inner eye to see its path. Where the fear has gone there will be
nothing. Only I will remain.

-- Bene Gesserit Litany Against Fear.

Re: Donations

[Mehma Sarja]

On 12/9/10 4:54 AM, Chandrakant Kumar wrote:

On Thursday 09 December 2010 05:39 PM, Hugo Osvaldo Barrera wrote:

On 05/12/10 23:04, Adam M. Dutko wrote:

I hope that one day due process is denied you.


I am wondering what type of due process should be granted to these
individuals.  What basis/jurisdiction of law are we talking about?  
Natural
human rights? US law? International Law?  I'm just wondering because 
I think
it's critical to the whole discussion.  Julian Assange isn't a US 
citizen so
the US Government probably feels justified doing whatever they want 
even if
it is unethical, yet many think he should be protected by some of 
the US

justice code/process.  Is due process universal?



If I kill a cow, should I be deported to India, and processed there 
for that crime?  (Note that in most parts of india, it IS a crime).
Oh, I live in Argentina, the largest exporter of cow-meat.  Maybe we 
should all be deported there.


--
Hugo Osvaldo Barrera



We are waiting for you here in India ;)

That's why Americans call cowburgers hamburgers, for fear of 
repercussions from the holy land. But seriously, re-incarnation takes 
care of all that. Meaning, if you kill a cow in this life, you come back 
as a cow and someone can kill you. It's the Indian version of an eye for 
an eye.


Mehma

Re: nfs / mail related freezes with OpenBSD 4.8-current

[Jan Stary]

On Dec 09 16:57:10, Michael Lechtermann wrote:
 Hello,
 
 since updating to 4.8-current two of my boxes, one i386 and one sparc64,
 keep freezing just seconds after the boot.
 
 I managed to find out that it has something to do with mail and the
 mailboxes being inside an NFS share on another server.

So, your /var/mail is nfsmounted from server:/var/mail or what?
How exactly is it mounted? What's the fstab line? How exactly is it
exported? What's the exports line?


 For now I moved the mailboxes back into the system, but a solution would
 really be nice.
 
 So, someone know whats going on? Patches to try out are welcome. ;-)
 
 Thanks in advance,
 Michael
 
 
 Trace, ps and dmesg:
 
 ddb{0} trace
 intr_list_handler(400081c2b00, 0, e0017ec8, 2, 14536c0, 180f3b8) at
 intr_list_h
 andler+0x28
 sparc_interrupt(40012671d80, 1, 0, 800deafbeef, 0, deafbeef) at
 sparc_interrupt
 +0x2a8
 m_get(1, 1, 800, fee99540, 0, 0) at m_get+0x30
 m_copym0(400137d7540, 40012670180, 3b9aca00, 1, 0, deafbeef) at
 m_copym0+0x148
 nfs_receive(0, 40013b5fac0, 4004a2fb998, 15441a0, 1, 15441a8) at
 nfs_receive+0x
 1a4
 nfs_reply(0, 1, 4004a2fb9d0, 4004a2fb9c0, 4004a2fb9b0, 18ad8f0) at
 nfs_repl
 y+0x60
 nfs_request(0, 400088fca00, 4004a2fbbe0, 1802000, 15441f0, 180e000) at
 nfs_requ
 est+0x1d4
 nfs_writerpc(400126760a0, 4004a2fbcf8, 2, 4004a2fbc00, 4004a2fbc10,
 18ad8f0) at
  nfs_writerpc+0x16c
 nfs_doio(400123a13c0, 100, 15443b0, 0, 0, 18ad000) at nfs_doio+0x21c
 nfssvc_iod(400123a1ae0, 1800, 2, 18ad5f0, 1800, 0) at nfssvc_iod+0x218
 proc_trampoline(0, 0, 0, 0, 0, 0) at proc_trampoline+0x14
 
 
 
 db{0} ps
PID   PPID   PGRPUID  S   FLAGS  WAIT  COMMAND
  26310   7093   7093  10006  3   0x2044180  getblkimap
  11103   7093   7093518  3   0x2004180  kqreadimap-login
   2505   2820   2505  0  2   0x2004480top
  20521   7093   7093518  3   0x2004180  kqreadimap-login
  32527   7093   7093518  3   0x2004180  kqreadimap-login
   1168   7093   7093518  3   0x2004180  kqreadimap-login
  24675   7093   7093518  3   0x2004180  kqreadmanagesieve-logi
  31831   7093   7093518  3   0x2004180  kqreadmanagesieve-logi
  14797   7093   7093518  3   0x2004180  kqreadmanagesieve-logi
  11476  1  11476  0  2   0x2004080getty
981  1981  0  2   0x2000480cron
  10474  1  10474  0  2   0x2080480sensorsd
   6853   7093   7093  0  2   0x2004580dovecot-auth
   7093  1   7093  0  7   0x2000480dovecot
   2314  28480  28480  0  3   0x280  lockf saslauthd
  17033  28480  28480  0  3   0x280  lockf saslauthd
  25787  28480  28480  0  3   0x280  lockf saslauthd
212  28480  28480  0  3   0x280  lockf saslauthd
  28480  1  28480  0  3   0x280  netconsaslauthd
  28457  1  28457527  2   0x2000580milter-regex
   7981  14251  14251569  2   0x2000580dkim-filter
  14251  1  14251569  3   0x2000180  poll  dkim-filter
   7034  16894  16894 67  3   0x2000180  semwait   httpd
  11225  1  11225539  2   0x2000580clamd
  21557  16894  16894 67  3   0x2000180  semwait   httpd
  18571  21865  16894  0  3   0x2004080  piperdrotatelogs
  25714   5279  16894  0  3   0x2004080  piperdrotatelogs
  12101  16894  16894 67  3   0x2000180  semwait   httpd
  15100  16894  16894 67  3   0x2000180  semwait   httpd
  20937  16894  16894 67  3   0x2000180  semwait   httpd
   8033  16894  16894 67  3   0x2000180  semwait   httpd
  31942  11447  16894  0  3   0x2004080  piperdrotatelogs
   2032  15434  16894  0  3   0x2004080  piperdrotatelogs
  24276  27450  16894  0  3   0x2004080  piperdrotatelogs
  12937  16894  16894 67  3   0x2000180  semwait   httpd
   7284  16894  16894 67  3   0x2000180  semwait   httpd
   2596  12503  16894  0  3   0x2004080  piperdrotatelogs
  16353  16894  16894 67  3   0x2000180  semwait   httpd
  28969  16894  16894 67  3   0x2000180  selecthttpd
  19600   8742  16894  0  3   0x2004080  piperdrotatelogs
  15724  14730  16894  0  3   0x2004080  piperdrotatelogs
  17889  16894  16894 67  3   0x2000180  semwait   httpd
   7688  16894  16894 67  3   0x2000180  semwait   httpd
  28764  10753  16894  0  3   0x2004080  piperdrotatelogs
  11583  16773  16894  0  3   0x2004080  piperdrotatelogs
  21865  16894  16894  0  3   0x2004080  pause sh
  15434  16894  16894  0  3   0x2004080  pause sh
  12503  16894  16894  0  3   0x2004080  pause sh
   5279  16894  16894  0  3   0x2004080  

Re: Donations

[Bret S. Lambert]

 you come back as a cow
 ^^^
I thought it was a toilet brush?

You just can't trust reincarnation this life.

Re: Donations

[Otto Moerbeek]

On Thu, Dec 09, 2010 at 06:15:50PM +0100, Bret S. Lambert wrote:

  you come back as a cow
  ^^^
 I thought it was a toilet brush?
 
 You just can't trust reincarnation this life.

In my former life I used to believe in reincarnation, but now I know
it's bullshit.

pf: default queue issues

[David Hardy]

I have an openbsd box doing queuing for 200+ users, each with their own cbq
queue to limit bandwidth on a per-client basis. My issue is that I'm seeing
a good 60-80% of the traffic on the client-facing interface going into the
default queue, rather than it going into the individual client queues.

my queuing is set up thusly:

altq on $cus cbq bandwidth 100Mb queue { cusdefqrx, resqrx, torrqrx }
queue cusdefqrx bandwidth 10% priority 1 cbq(borrow,ecn,default)
queue torrqrx bandwidth 1%  priority 0 cbq(ecn)
queue resqrx bandwidth 89% priority 5 cbq(borrow,ecn) { 493qrx,
026qrx, 025qrx,
024qrx, 023qrx, 502qrx, etc }

and the client queues:

queue 493qrx bandwidth 1013Kb priority 1
queue 026qrx bandwidth 5940Kb priority 6
queue 025qrx bandwidth 2475Kb priority 1
queue 024qrx bandwidth 2475Kb priority 1
queue 023qrx bandwidth 1013Kb priority 1
queue 502qrx bandwidth 1013Kb priority 1
...etc

and then there are a bunch of rules that assign traffic to each queue:

x493={ 192.168.4.136/32 }
pass out quick on $cus from any to $x493 label 493rx queue
493qrx no state
pass in  quick on $cus from $x493 to any label 493tx no
state

...etc, for every IP address in use, such that all traffic on the interface
is assigned to a queue.

pftop -s 1 -v queue shows:

root_fxp1 100M cbq0  731630 771766K   0   00 0
  0  893  952K
 cusdefqrx 10M cbq   426563 519181K   0   00 0
  0  513  737K
 torrqrx  1000K cbq0   0  0   0   00 0
  00 0
 resqrx 89M cbq5   0  0   0   00 0
  00 0

The problem is that queuing for each client doesn't seem to be working.
tcpdump shows traffic to a particular client which is not being assigned to
their queue. What really odd is that the labels for that rule ARE working,
so that traffic is hitting that rule.

Is there a way to see what packets are going into the default queue?

thanks for any insight.

David

Re: Donations

[roberth]

On Thu, 09 Dec 2010 08:42:00 -0800
Mehma Sarja mehmasa...@gmail.com wrote:

 That's why Americans call cowburgers hamburgers, for fear of 
 repercussions from the holy land. But seriously, re-incarnation takes 
 care of all that. Meaning, if you kill a cow in this life, you come
 back as a cow and someone can kill you. It's the Indian version of an
 eye for an eye.

The percentage of people that (have to) kill their own food is so low
that nobody cares. Hamburgers are grown in the supermarket, hm'k?

sha256 hash for /bsd

[OpenBSD Geek]

Hi, 

I use VirtualBox on my imac.
I have an OpenBSD Box with ftp , which host OpenBSD 4.7 files (*.tgz, bsd,
bsd.mp, INSTALL.i386, site47.tgz)
(I put on my ftp files that are on my install47.iso)
FTP is chromed in /home/myuser/release47
And contains folder : 4.7/i386

When i want to install an other OpenBSD Box, using my ftp i have this
error :
The SHA256 hash ... for bsd did not match what this bsd.rd expected.
Installation are done, reboot the machine, and it stops after the PBR. The
file /bsd have certainly an error ?

Thank you for your help!

Hash error on /bsd (correction)

[OpenBSD Geek]

Hi

I use VirtualBox on my imac.
I have an OpenBSD Box with ftp , which host OpenBSD 4.7 files (*.tgz, bsd,
bsd.mp, INSTALL.i386, site47.tgz)
(I put on my ftp files that are on my install47.iso)
FTP is chrooted in /home/myuser/release47
And contains folder : 4.7/i386

When i want to install an other OpenBSD Box, using my ftp i have this
error :
The SHA256 hash ... for bsd did not match what this bsd.rd expected.
Installation are done, reboot the machine, and it stops after the PBR. The
file /bsd have certainly an error ?

Thank you for your help!

Re: sha256 hash for /bsd

[J Sisson]

On Thu, Dec 9, 2010 at 12:38 PM, OpenBSD Geek open...@e-solutions.rewrote:

 When i want to install an other OpenBSD Box, using my ftp i have this
 error :
 The SHA256 hash ... for bsd did not match what this bsd.rd expected.
 Installation are done, reboot the machine, and it stops after the PBR. The
 file /bsd have certainly an error ?

 Did you boot from a 4.7-RELEASE bsd.rd?

Re: Donations

[SJP Lists]

On 10 December 2010 03:42, Mehma Sarja mehmasa...@gmail.com wrote:
 On 12/9/10 4:54 AM, Chandrakant Kumar wrote:

 On Thursday 09 December 2010 05:39 PM, Hugo Osvaldo Barrera wrote:

 On 05/12/10 23:04, Adam M. Dutko wrote:

 I hope that one day due process is denied you.

 I am wondering what type of due process should be granted to these
 individuals.  What basis/jurisdiction of law are we talking about?
  Natural
 human rights? US law? International Law?  I'm just wondering because I
 think
 it's critical to the whole discussion.  Julian Assange isn't a US
 citizen so
 the US Government probably feels justified doing whatever they want even
 if
 it is unethical, yet many think he should be protected by some of the
 US
 justice code/process.  Is due process universal?


 If I kill a cow, should I be deported to India, and processed there for
 that crime?  (Note that in most parts of india, it IS a crime).
 Oh, I live in Argentina, the largest exporter of cow-meat.  Maybe we
 should all be deported there.

 --
 Hugo Osvaldo Barrera


 We are waiting for you here in India ;)

 That's why Americans call cowburgers hamburgers, for fear of repercussions
 from the holy land. But seriously, re-incarnation takes care of all that.
 Meaning, if you kill a cow in this life, you come back as a cow and someone
 can kill you. It's the Indian version of an eye for an eye.

Sarah Palin's coming back as a dung beetle then.

Re: OT - gmail alternatives

[Scott McEachern]

 On 12/09/10 10:01, lh wrote:

Hi,

what are the good available alternatives (security/privacy) for gmail
you're using?

Cheers!



As many others suggested, using your own mail server that you control is 
the *best* way, but that doesn't answer your question.


I know people that use Lavabit.com for free email and they swear by it. 
(I use my own mail server, thank-you.)


The lavabit page boasts of privacy (a system so secure 
http://lavabit.com/secure.html that even our administrators cant read 
your e-mail) but you can never really know unless you're an admin 
there. They offer encrypted connections/ports to send/receive on top of 
port 25.


HTH,

- Scott

Re: Donations

[Kevin Chadwick]

On Thu, 09 Dec 2010 08:42:00 -0800
Mehma Sarja mehmasa...@gmail.com wrote:

 Meaning, if you kill a cow in this life, you come back 
 as a cow and someone can kill you.

Time to start eating humans instead ;-)

Freeze with Western Digital Caviar Green HDD

[Aaron Suen]

It looks like the IntelliPark feature on a Western Digital Caviar Green
HDD can cause issues with OpenBSD, which can be fixed/mitigated by
disabling IntelliPark.

About 6 months ago, I built myself a new amd64 machine.  I decided to
optimize for low wattage--reducing power costs and waste heat,
increasing UPS runtime--and so I chose a single Western Digital Caviar
Green HDD.  Although these drives are intended/marketed for something
more like nearline storage, according to bonnie++, the drive performed
roughly as well as the 7200RPM PATA-100 2-drive mirror in my old
machine.

The machine I built, initially running 4.7/amd64, then 4.8/amd64 (both
unmodified -RELEASE) was never stable for more than a couple of days at
a time.  The machine would freeze hard, sometimes with the HDD light lit
solid, usually not.  I worked around a number of bugs, trying a patched
kernel with http://marc.info/?l=openbsd-miscm=128897915014154w=2, and
disabling installing an fxp(4) so I could disable the onboard re(4).  I
wrote scripts to monitor hw.sensors, SMART, and various stats from
systat(1), and graph them using rrdtool.  What I noticed was that my
machine would generally crash right before an IO-intensive cronjob
started.

I also noticed that SMART stat 193 (Load/Unload Cycle Count) was very
high, and climbing rapidly.  Doing some research on this stat, I found
out that WD Caviar Green drives have a feature called IntelliPark that
parks the HDD heads after 8 seconds of inactivity.  This is supposed to
make the HDD more efficient, but has been reported not to play well with
Linux, and WD provides a workaround: the WDIDLE3 utility, which would
allow me to change/disable the IntelliPark 8-second timeout.  I ran
WDIDLE3 on my WD Caviar Green HDD, setting the timeout to the maximum
allowed (300 seconds).  I have a monitoring process running that writes
to disk roughly every 60 seconds, so IntelliPark is effectively disabled
for me.  As of now, the system has been up a record 19.5 days without
issue.

Disabling IntelliPark fixed the major freeze issue I was having.  I
don't know exactly what was going on, but it seems like the drive would
get stuck in a state in which the head reloading had failed, or had not
completed within a certain timespan, and the OS and the drive controller
become deadlocked.  Attempting to reproduce the problem is painful, both
in terms of how long it can take to cause a freeze, and for the wearing
out it did of the drive.  I'm not sure if I should file this as a PR, or
consider this a design flaw in the drive (or a consequence of
off-label use) and just be content with the fix/workaround that I've
found.

If anyone has any recommendations, or any experiences with the Caviar
Green drives, I'd like to hear them.

Re: OT - gmail alternatives

[Josh Rickmar]

On Thu, December 9, 2010 2:37 pm, Scott McEachern wrote:
   On 12/09/10 10:01, lh wrote:
 Hi,

 what are the good available alternatives (security/privacy) for gmail
 you're using?

 Cheers!


 As many others suggested, using your own mail server that you control is
 the *best* way, but that doesn't answer your question.

 I know people that use Lavabit.com for free email and they swear by it.
 (I use my own mail server, thank-you.)

 The lavabit page boasts of privacy (a system so secure
 http://lavabit.com/secure.html that even our administrators cant read
 your e-mail) but you can never really know unless you're an admin
 there. They offer encrypted connections/ports to send/receive on top of
 port 25.

 HTH,

 - Scott



Their encryption is only for paid users, not free accounts.

I have an enhanced account with them that I use for my personal email. 
I have the asynchronous encryption option enabled, but yeah, there's no
real way of knowing for sure.

No complaints about the service though.

Josh

Re: Donations

[Miod Vallat]

  Meaning, if you kill a cow in this life, you come back 
  as a cow and someone can kill you.
 
 Time to start eating humans instead ;-)
 
Please don't. It's difficult enough to get healthy young children for
breakfast those days, I don't need competition.

Miod

Re: OT - gmail alternatives

[Adam M. Dutko]

How do they deal with legal jurisdiction?  Technically the government can
still subpoena and they'd have to turn over the documents in the persons
account, including backups.  I pine for Sealand but even then one would
have to trust the owners of Sealand not to snoop.  Again, the best solution
is probably run your own.

On Thu, Dec 9, 2010 at 2:50 PM, Josh Rickmar joshua_rick...@eumx.netwrote:

 On Thu, December 9, 2010 2:37 pm, Scott McEachern wrote:
On 12/09/10 10:01, lh wrote:
  Hi,
 
  what are the good available alternatives (security/privacy) for gmail
  you're using?
 
  Cheers!
 
 
  As many others suggested, using your own mail server that you control is
  the *best* way, but that doesn't answer your question.
 
  I know people that use Lavabit.com for free email and they swear by it.
  (I use my own mail server, thank-you.)
 
  The lavabit page boasts of privacy (a system so secure
  http://lavabit.com/secure.html that even our administrators can t read
  your e-mail) but you can never really know unless you're an admin
  there. They offer encrypted connections/ports to send/receive on top of
  port 25.
 
  HTH,
 
  - Scott
 
 

 Their encryption is only for paid users, not free accounts.

 I have an enhanced account with them that I use for my personal email.
 I have the asynchronous encryption option enabled, but yeah, there's no
 real way of knowing for sure.

 No complaints about the service though.

 Josh

Re: OT - gmail alternatives

[Josh Smith]

Unfortunately it appears that lavabit isn't accepting new users at the
moment.  Their service does look interesting tho.

Thanks,
Josh Smith
KD8HRX
email/jabber:  juice...@gmail.com
phone:  304.237.9369(c)




On Thu, Dec 9, 2010 at 3:03 PM, Adam M. Dutko dutko.a...@gmail.com wrote:

 How do they deal with legal jurisdiction?  Technically the government can
 still subpoena and they'd have to turn over the documents in the persons
 account, including backups.  I pine for Sealand but even then one would
 have to trust the owners of Sealand not to snoop.  Again, the best solution
 is probably run your own.

 On Thu, Dec 9, 2010 at 2:50 PM, Josh Rickmar joshua_rick...@eumx.net
 wrote:

  On Thu, December 9, 2010 2:37 pm, Scott McEachern wrote:
 On 12/09/10 10:01, lh wrote:
   Hi,
  
   what are the good available alternatives (security/privacy) for gmail
   you're using?
  
   Cheers!
  
  
   As many others suggested, using your own mail server that you control
 is
   the *best* way, but that doesn't answer your question.
  
   I know people that use Lavabit.com for free email and they swear by it.
   (I use my own mail server, thank-you.)
  
   The lavabit page boasts of privacy (a system so secure
   http://lavabit.com/secure.html that even our administrators can t
 read
   your e-mail) but you can never really know unless you're an admin
   there. They offer encrypted connections/ports to send/receive on top of
   port 25.
  
   HTH,
  
   - Scott
  
  
 
  Their encryption is only for paid users, not free accounts.
 
  I have an enhanced account with them that I use for my personal email.
  I have the asynchronous encryption option enabled, but yeah, there's no
  real way of knowing for sure.
 
  No complaints about the service though.
 
  Josh

Re: OT - gmail alternatives

[patric conant]

From their services page:

5. Secure mail services (smtp-auth w/ TLS, IMAPs/POP3s)

I don't actually make use of this, as the killer app for a shell account
was a place where I could run (al)pine against local mail service (it is not
all that nice as a pop3 client, in my experience).

On Thu, Dec 9, 2010 at 1:50 PM, Josh Rickmar joshua_rick...@eumx.netwrote:

 On Thu, December 9, 2010 2:37 pm, Scott McEachern wrote:
On 12/09/10 10:01, lh wrote:
  Hi,
 
  what are the good available alternatives (security/privacy) for gmail
  you're using?
 
  Cheers!
 
 
  As many others suggested, using your own mail server that you control is
  the *best* way, but that doesn't answer your question.
 
  I know people that use Lavabit.com for free email and they swear by it.
  (I use my own mail server, thank-you.)
 
  The lavabit page boasts of privacy (a system so secure
  http://lavabit.com/secure.html that even our administrators can t read
  your e-mail) but you can never really know unless you're an admin
  there. They offer encrypted connections/ports to send/receive on top of
  port 25.
 
  HTH,
 
  - Scott
 
 

 Their encryption is only for paid users, not free accounts.

 I have an enhanced account with them that I use for my personal email.
 I have the asynchronous encryption option enabled, but yeah, there's no
 real way of knowing for sure.

 No complaints about the service though.

 Josh

Re: nfs / mail related freezes with OpenBSD 4.8-current

[Michael Lechtermann]

Hi,

 since updating to 4.8-current two of my boxes, one i386 and one
 sparc64, keep freezing just seconds after the boot.

 I managed to find out that it has something to do with mail and the
 mailboxes being inside an NFS share on another server.

 For now I moved the mailboxes back into the system, but a solution
 would really be nice.

 So, someone know whats going on? Patches to try out are welcome. ;-)

I could just reproduce the same behaviour with httpd (with no mail stuff
running) while loading a simple html page from NFS:

ddb{0} trace
intr_list_handler(400081c2b00, 0, e0017ec8, 2, 14536c0, 180f3b8) at
intr_list_h
andler+0x28
sparc_interrupt(400127dab50, 1, 0, 800deafbeef, 0, deafbeef) at
sparc_interrupt
+0x2a8
m_get(1, 1, 800, ff001830, 0, 0) at m_get+0x30
m_copym0(4001376ac30, 400127daa50, 3b9aca00, 1, 0, 3132383730343935) at
m_copym
0+0x148
nfs_receive(0, 400138fe060, 4004a337998, 15441a0, 1, 15441a8) at
nfs_receive+0x
1a4
nfs_reply(0, 1, 4004a3379d0, 4004a3379c0, 4004a3379b0, 18ad8f0) at
nfs_repl
y+0x60
nfs_request(0, 40008982000, 4004a337be0, 1802000, 15441f0, 180e000) at
nfs_requ
est+0x1d4
nfs_writerpc(4001319fcc0, 4004a337cf8, 2, 4004a337c00, 4004a337c10,
18ad8f0) at
 nfs_writerpc+0x16c
nfs_doio(4001316aac0, 100, 15443b0, 0, 0, 18ad000) at nfs_doio+0x21c
nfssvc_iod(0, 1800, 2, 18ad5f0, 1800, 0) at nfssvc_iod+0x218
proc_trampoline(0, 0, 0, 0, 0, 0) at proc_trampoline+0x14


ddb{0} ps
   PID   PPID   PGRPUID  S   FLAGS  WAIT  COMMAND
 21988  24983  24983 67  3   0x2000180  semwait   httpd
 13574  24983  24983 67  2   0x2000180httpd
 18525  24983  24983 67  3   0x2000180  semwait   httpd
 13564  24983  24983 67  2   0x2000180httpd
  4371  24983  24983 67  3   0x2000180  semwait   httpd
 11490  24983  24983 67  3   0x2000180  semwait   httpd
  3089   5423  24983  0  3   0x2004080  piperdrotatelogs
 23019  24983  24983 67  3   0x2000180  netio httpd
 17480  24983  24983 67  2   0x100httpd
 31554  24983  24983 67  2   0x2000180httpd
 18193  24983  24983 67  2   0x2000180httpd
 26678  17666  24983  0  3   0x2004080  piperdrotatelogs
 19452   5163  24983  0  3   0x2004080  piperdrotatelogs
 13414  14933  24983  0  3   0x2004080  piperdrotatelogs
  4335   2510  24983  0  3   0x2004080  piperdrotatelogs


  7976   9369  24983  0  3   0x2004080  piperdrotatelogs


 28224   2187  24983  0  3   0x2004080  piperdrotatelogs


 17647   8638  24983  0  3   0x2004080  piperdrotatelogs


  5163  24983  24983  0  3   0x2004080  pause sh


 17666  24983  24983  0  3   0x2004080  pause sh
 21225  31520  24983  0  3   0x2004080  piperdrotatelogs
  5423  24983  24983  0  3   0x2004080  pause sh
  2510  24983  24983  0  3   0x2004080  pause sh
 14933  24983  24983  0  3   0x2004080  pause sh
  2463  18924  24983  0  7   0x2004000rotatelogs
  8638  24983  24983  0  3   0x2004080  pause sh
  9369  24983  24983  0  3   0x2004080  pause sh
 31520  24983  24983  0  3   0x2004080  pause sh
  2187  24983  24983  0  3   0x2004080  pause sh
 18924  24983  24983  0  3   0x2004080  pause sh
  7871  14416  24983  0  3   0x2004080  piperdrotatelogs
 14067   9787  24983  0  3   0x2004080  piperdrotatelogs
 13723  10572  24983  0  3   0x2004080  piperdrotatelogs
 30062  32103  24983  0  3   0x2004080  piperdrotatelogs
 13213  28388  24983  0  3   0x2004080  piperdrotatelogs
  9523   9977  24983  0  3   0x2004080  piperdrotatelogs
 10506   4620  24983  0  3   0x2004080  piperdrotatelogs
  7291   2122   2122  21000  7  0x4000perl
 27749   4413   4413  21000  2  0x4000perl
  7709  11815  11815  21000  7  0x4000perl
  4413   3949   4413  21000  3   0x2004080  pause sh
 11815  17349  11815  21000  3   0x2004080  pause sh
  2122  2   2122  21000  3   0x2004080  pause sh
 16190  20284  24983  0  3   0x2004080  piperdrotatelogs
 2  20586  20586  0  3   0x280  piperdcron
  3949  20586  20586  0  3   0x280  piperdcron
 17349  20586  20586  0  3   0x280  piperdcron
 10572  24983  24983  0  3   0x2004080  pause sh
 28021  25197  24983  0  3   0x2004080  piperdrotatelogs
 32103  24983  24983  0  3   0x2004080  pause sh
 14416  24983  24983  0  3   0x2004080  pause sh
  4620  24983  24983  0  3   0x2004080  pause sh
  9977  24983  24983  0  3   0x2004080  pause sh
  9787  24983  24983  0  3   0x2004080  pause

Re: OT - gmail alternatives

[Josh Rickmar]

On Thu, December 9, 2010 3:22 pm, patric conant wrote:
From their services page:

 5. Secure mail services (smtp-auth w/ TLS, IMAPs/POP3s)

No, I'm referring to the encryption of the actual email saved on their
disks.  See http://lavabit.com/secure.html.

Re: OT - gmail alternatives

[Kapetanakis Giannis]

On 09/12/10 17:07, Gilles Chehade wrote:

Own box :-)

lhmaig...@netvisao.pt  wrote:


That's ofcourse the best solution.

But YOU have to make it secure and private. If you're not able to do 
this yourself, then your best option is to choose a strong password and 
change it often. Also you have to trust the machine and the browser 
you're login in from, to be clean and secure. So no logins from your 
friend's (hacker wannabe) laptop.


Giannis

Re: Freeze with Western Digital Caviar Green HDD

[Joel Wiramu Pauling]

Hrm, do you have model number of the drives?

I have some WD drives in a raid 10 array (LVM2 + EXT4 + linux) for my
media PC and it would be useful to figure out if some of the issues I
have seen over the last year have been related to the use of drive.

On 10 December 2010 08:48, Aaron Suen warr1...@gmail.com wrote:
 It looks like the IntelliPark feature on a Western Digital Caviar Green
 HDD can cause issues with OpenBSD, which can be fixed/mitigated by
 disabling IntelliPark.

 About 6 months ago, I built myself a new amd64 machine. B I decided to
 optimize for low wattage--reducing power costs and waste heat,
 increasing UPS runtime--and so I chose a single Western Digital Caviar
 Green HDD. B Although these drives are intended/marketed for something
 more like nearline storage, according to bonnie++, the drive performed
 roughly as well as the 7200RPM PATA-100 2-drive mirror in my old
 machine.

 The machine I built, initially running 4.7/amd64, then 4.8/amd64 (both
 unmodified -RELEASE) was never stable for more than a couple of days at
 a time. B The machine would freeze hard, sometimes with the HDD light lit
 solid, usually not. B I worked around a number of bugs, trying a patched
 kernel with http://marc.info/?l=openbsd-miscm=128897915014154w=2, and
 disabling installing an fxp(4) so I could disable the onboard re(4). B I
 wrote scripts to monitor hw.sensors, SMART, and various stats from
 systat(1), and graph them using rrdtool. B What I noticed was that my
 machine would generally crash right before an IO-intensive cronjob
 started.

 I also noticed that SMART stat 193 (Load/Unload Cycle Count) was very
 high, and climbing rapidly. B Doing some research on this stat, I found
 out that WD Caviar Green drives have a feature called IntelliPark that
 parks the HDD heads after 8 seconds of inactivity. B This is supposed to
 make the HDD more efficient, but has been reported not to play well with
 Linux, and WD provides a workaround: the WDIDLE3 utility, which would
 allow me to change/disable the IntelliPark 8-second timeout. B I ran
 WDIDLE3 on my WD Caviar Green HDD, setting the timeout to the maximum
 allowed (300 seconds). B I have a monitoring process running that writes
 to disk roughly every 60 seconds, so IntelliPark is effectively disabled
 for me. B As of now, the system has been up a record 19.5 days without
 issue.

 Disabling IntelliPark fixed the major freeze issue I was having. B I
 don't know exactly what was going on, but it seems like the drive would
 get stuck in a state in which the head reloading had failed, or had not
 completed within a certain timespan, and the OS and the drive controller
 become deadlocked. B Attempting to reproduce the problem is painful, both
 in terms of how long it can take to cause a freeze, and for the wearing
 out it did of the drive. B I'm not sure if I should file this as a PR, or
 consider this a design flaw in the drive (or a consequence of
 off-label use) and just be content with the fix/workaround that I've
 found.

 If anyone has any recommendations, or any experiences with the Caviar
 Green drives, I'd like to hear them.

Re: OT - gmail alternatives

[Brad Tilley]

Adam M. Dutko wrote:
 How do they deal with legal jurisdiction?  Technically the government can
 still subpoena and they'd have to turn over the documents in the persons
 account, including backups.  

Use GPG so all the ISP could do is hand over the encrypted bits. You
hold the key.

Brad

Re: OT - gmail alternatives

[Kapetanakis Giannis]

On 09/12/10 22:25, Josh Rickmar wrote:

On Thu, December 9, 2010 3:22 pm, patric conant wrote:

 From their services page:

5. Secure mail services (smtp-auth w/ TLS, IMAPs/POP3s)

No, I'm referring to the encryption of the actual email saved on their
disks.  See http://lavabit.com/secure.html


a) you have to trust their process of key-gen and login (they are able 
to get in the way if they want)
b) you have to trust them that their servers are secure in order for 
your mail to be private. If they 're hacked then a fake login.php can be 
installed that sends your password to the attacker when you login. 
Tampered imap server can also do that.


Besides that, ECC with 521bits for the messages is quite paranoid :)
Also AES-256 for your private key (which resides there and not here) is 
very nice.


Giannis

Re: Freeze with Western Digital Caviar Green HDD

[Aaron Suen]

I have a WD10EADS-22M2B0.  Manufacture date printed on the drive is 17
MAR 2010, and I haven't attempted any firmware updates, if applicable.

There appear to be some drives out there that support a much wider range
of IntelliPark timeouts, and support TLER.  My idle timer only goes up
to 300s, or can be completely disabled, which I didn't do, since I heard
rumors that it silently turned off other power-saving features.  I also
tried enabling TLER, to no avail.  I guess I got the cheaper kind.

On Fri, 2010-12-10 at 09:34 +1300, Joel Wiramu Pauling wrote:
 Hrm, do you have model number of the drives?
 
 I have some WD drives in a raid 10 array (LVM2 + EXT4 + linux) for my
 media PC and it would be useful to figure out if some of the issues I
 have seen over the last year have been related to the use of drive.
 
 On 10 December 2010 08:48, Aaron Suen warr1...@gmail.com wrote:
  It looks like the IntelliPark feature on a Western Digital Caviar Green
  HDD can cause issues with OpenBSD, which can be fixed/mitigated by
  disabling IntelliPark.
 
  About 6 months ago, I built myself a new amd64 machine.  I decided to
  optimize for low wattage--reducing power costs and waste heat,
  increasing UPS runtime--and so I chose a single Western Digital Caviar
  Green HDD.  Although these drives are intended/marketed for something
  more like nearline storage, according to bonnie++, the drive performed
  roughly as well as the 7200RPM PATA-100 2-drive mirror in my old
  machine.
 
  The machine I built, initially running 4.7/amd64, then 4.8/amd64 (both
  unmodified -RELEASE) was never stable for more than a couple of days at
  a time.  The machine would freeze hard, sometimes with the HDD light lit
  solid, usually not.  I worked around a number of bugs, trying a patched
  kernel with http://marc.info/?l=openbsd-miscm=128897915014154w=2, and
  disabling installing an fxp(4) so I could disable the onboard re(4).  I
  wrote scripts to monitor hw.sensors, SMART, and various stats from
  systat(1), and graph them using rrdtool.  What I noticed was that my
  machine would generally crash right before an IO-intensive cronjob
  started.
 
  I also noticed that SMART stat 193 (Load/Unload Cycle Count) was very
  high, and climbing rapidly.  Doing some research on this stat, I found
  out that WD Caviar Green drives have a feature called IntelliPark that
  parks the HDD heads after 8 seconds of inactivity.  This is supposed to
  make the HDD more efficient, but has been reported not to play well with
  Linux, and WD provides a workaround: the WDIDLE3 utility, which would
  allow me to change/disable the IntelliPark 8-second timeout.  I ran
  WDIDLE3 on my WD Caviar Green HDD, setting the timeout to the maximum
  allowed (300 seconds).  I have a monitoring process running that writes
  to disk roughly every 60 seconds, so IntelliPark is effectively disabled
  for me.  As of now, the system has been up a record 19.5 days without
  issue.
 
  Disabling IntelliPark fixed the major freeze issue I was having.  I
  don't know exactly what was going on, but it seems like the drive would
  get stuck in a state in which the head reloading had failed, or had not
  completed within a certain timespan, and the OS and the drive controller
  become deadlocked.  Attempting to reproduce the problem is painful, both
  in terms of how long it can take to cause a freeze, and for the wearing
  out it did of the drive.  I'm not sure if I should file this as a PR, or
  consider this a design flaw in the drive (or a consequence of
  off-label use) and just be content with the fix/workaround that I've
  found.
 
  If anyone has any recommendations, or any experiences with the Caviar
  Green drives, I'd like to hear them.

Re: OT - gmail alternatives

[Lemuel Houyhnhnm]

Lave bit seems to be having a few problems of their own:

Due to a recent increase in the number of accounts being created for 
abusive purposes we have decided to suspend new user registrations until 
further notice.

Re: OT - gmail alternatives

[Adam M. Dutko]

IANAL but can't they hold you in jail for contempt or insert charge here
until you hand it over.  I thought I remember something similar in the news
recently.

On Thu, Dec 9, 2010 at 3:38 PM, Brad Tilley b...@16systems.com wrote:

 Adam M. Dutko wrote:
  How do they deal with legal jurisdiction?  Technically the government can
  still subpoena and they'd have to turn over the documents in the persons
  account, including backups.

 Use GPG so all the ISP could do is hand over the encrypted bits. You
 hold the key.

 Brad

Re: OT - gmail alternatives

[Robert Bronsdon]

On Thu, 09 Dec 2010 21:10:04 -, Adam M. Dutko dutko.a...@gmail.com  
wrote:


IANAL but can't they hold you in jail for contempt or insert charge  
here until you hand it over.  I thought I remember something similarin  
the news recently.


Depends where you live and where you store the data. But in the UK you can  
be held in contempt and jailed for not releasing keys to the police. Hence  
the need for encryption with plausible denial.



--
Robert Bronsdon

Re: creating large files for testing

[Janne Johansson]

2010/12/9 LOhit lohi...@gmail.com

 Hello Everyone,

 I apologize in advance if this question sounds stupid or has been answered
 already. I need to create large dummy files for testing. I would like to
 know if there is a way to do it using C on OpenBSD.

 This is what I want to achieve. I tried looking for mkfile command, but I
 couldn't find it either.

 dd if=/dev/zero of=/testing/file0 bs=512 count=65536


dd if=/dev/zero of=/testing/file0 seek=1m count=1 bs=1
use seek=1024m for even larger files, and the best of it all, it
only takes a handful of bytes on disk, since it is sparse. Will still
read back zeros all the way if you use it later.


-- 
 To our sweethearts and wives.  May they never meet. -- 19th century toast

Re: Donations

[roberth]

On Thu, 9 Dec 2010 19:53:54 +
Miod Vallat m...@online.fr wrote:

   Meaning, if you kill a cow in this life, you come back 
   as a cow and someone can kill you.
  
  Time to start eating humans instead ;-)
  
 Please don't. It's difficult enough to get healthy young children for
 breakfast those days, I don't need competition.
 
 Miod

just grow your own, as healthy as you want them to be.

Re: OT - gmail alternatives

[roberth]

On Thu, 09 Dec 2010 15:38:59 -0500
Brad Tilley b...@16systems.com wrote:

 Adam M. Dutko wrote:
  How do they deal with legal jurisdiction?  Technically the
  government can still subpoena and they'd have to turn over the
  documents in the persons account, including backups.  
 
 Use GPG so all the ISP could do is hand over the encrypted bits. You
 hold the key.
 
 Brad

gpg doesn't touch the headers,
so Alice is still tied to Bob and might be fkd nevertheless.

Re: Freeze with Western Digital Caviar Green HDD

[roberth]

On Thu, 09 Dec 2010 14:48:02 -0500
Aaron Suen warr1...@gmail.com wrote:

 It looks like the IntelliPark feature on a Western Digital Caviar
 Green HDD can cause issues with OpenBSD, which can be fixed/mitigated
 by disabling IntelliPark.

Not an issue with OpenBSD in itself.
It's a generall bug with the firmware. The issue also gets triggered
by the allmighty Linux.
Even Windows hits that issue, oh wait, i already said, it's not an OS
problem, ...

If you have one of those disks, turn that feature off, get a fixed
firmware (hehe) or buy something else.

WD's trackrecord is reaching Seagate levels.
Heck, even Hitachi has remidied itself from the deathstar tech they took
over from IBM.

Re: Freeze with Western Digital Caviar Green HDD

[roberth]

On Thu, 9 Dec 2010 22:50:21 +0100
roberth rob...@openbsd.pap.st wrote:

 WD's trackrecord is reaching Seagate levels.
 Heck, even Hitachi has remidied itself from the deathstar tech they
 took over from IBM.

Just to be complete,
Samsung fixing their SMART bug with a firmware that doesn't bump the
version number, doesn't realy make me want to recomend them anymore
that much either, atm.
(still F3's works or were dead on arrival) /rant

Re: Donations

[Ted Unangst]

On Mon, Dec 6, 2010 at 6:16 PM, Dmitrij D. Czarkoff czark...@gmail.com wrote:
 Untill one is found guilty by court, any public occusations against him are
 considered defamation (criminal activity on it's own).

 So, according to legal regulations PayPal's activity towards Wikileaks account
 should be brought to court as a defamation case.

Does publicly accusing Paypal of defamation before a trial finds
Paypal guilty count as defamation?

Re: OT - gmail alternatives

[Ted Unangst]

On Thu, Dec 9, 2010 at 3:25 PM, Josh Rickmar joshua_rick...@eumx.net wrote:
 On Thu, December 9, 2010 3:22 pm, patric conant wrote:
From their services page:

 5. Secure mail services (smtp-auth w/ TLS, IMAPs/POP3s)

 No, I'm referring to the encryption of the actual email saved on their
 disks.  See http://lavabit.com/secure.html.

Hurray for amateur crypto and proprietary mail servers!

inexactitude bancaire

[info - Caisse dEprgne]

http://www.caisse-epargne.fr/cache/logo_20071218110558.png

,

http://www.bollywoodmovies.pl/hafs.gif

  *  cliquer sur le lien ci-dessous :

A tout de suite.
L'C)quipe www.caisse-epargne.fr

Boursorama Banque

Re: OT - gmail alternatives

[James Hozier]

The only issue I have with running my own mail server is that I can receive 
e-mails, but for whatever reason I cannot send out e-mails. I'm assuming it's 
because mail servers are denying e-mails from my IP or something since I'm on a 
residential connection. It doesn't even reach the Spam box, just doesn't show 
up at all even though a test with telnet says the mail was successfully sent 
out.

Re: OT - gmail alternatives

[patsy]

On Thu, Dec 09, 2010 at 03:33:26PM -0800, James Hozier wrote:
 The only issue I have with running my own mail server is that I can receive 
 e-mails, but for whatever reason I cannot send out e-mails. I'm assuming it's 
 because mail servers are denying e-mails from my IP or something since I'm on 
 a residential connection. It doesn't even reach the Spam box, just doesn't 
 show up at all even though a test with telnet says the mail was successfully 
 sent out.

 
I believe it's an issue with DNS records. If I recall correctly, you need to 
ask your ISP to change some DNS records. I don't recall what needs to be done, 
perhaps somebody else can clarify this.

At the risk of sounding like an advertisement, dyndns.com's outbound mailhop 
service gives you an SMTP server you can send email from: it's the one I use 
and I've so far had no problems sending email.

Patsy

Re: OT - gmail alternatives

[Dave Anderson]

On Thu, 9 Dec 2010, James Hozier wrote:

The only issue I have with running my own mail server is that I can
receive e-mails, but for whatever reason I cannot send out e-mails. I'm
assuming it's because mail servers are denying e-mails from my IP or
something since I'm on a residential connection. It doesn't even reach
the Spam box, just doesn't show up at all even though a test with
telnet says the mail was successfully sent out.

Do you have a static IP address?  Many spam-filters drop messages from
any IP address known to be in a dynamically-assigned pool.

Do you have reverse-DNS properly set up?  That is, if your IP address is
A.B.C.D, is there a 'D.C.B.A.in-addr.arpa PTR FQDN' DNS record (where
FQDN is the fully-qualified domain name for your mailserver, e.g.,
mail-server.example.com.)?  Dropping messages from systems without this
is also popular.

Also, some ISPs block or divert all outgoing traffic from their
customers to port 25.

Running my own mailserver from my home has worked for me for 15+ years.

Dave

-- 
Dave Anderson
d...@daveanderson.com

Re: OT - gmail alternatives

[Lemuel Houyhnhnm]

On 09/12/2010 4:33 PM, James Hozier wrote:

The only issue I have with running my own mail server is that I can receive 
e-mails, but for whatever reason I cannot send out e-mails. I'm assuming it's 
because mail servers are denying e-mails from my IP or something since I'm on a 
residential connection. It doesn't even reach the Spam box, just doesn't show 
up at all even though a test with telnet says the mail was successfully sent 
out.


The problem isthat you won't pass muster when you're checked for a 
reverse IP lookup. It's highly unlikely you'll want to use as your 
hostname the alphabet soup your ISP assigns whatever machine is on your 
current IP, and even if you do, your machine won't be delegated to 
handle mail within that domain.

Re: OpenBSD-capable, fanless, diskful computer with ECC RAM

[Joe S]

On Fri, Oct 29, 2010 at 5:14 PM, Damien Miller d...@mindrot.org wrote:
 Hi,

 Can anyone recommend a small, fanless computer that will accept a HD (perhaps
 a 2.5 drive) that uses ECC RAM? Needless to say, it must run OpenBSD.

 Being 64 bit, having accellerated crypto and/or supporting multiple drives
 would be bonus points, but are not required.


Did you ever find a suitable system? I want to do the same for home.
I'm leaning towards one of the supermicro atom based boards in a
mini-itx case.

Re: OT - gmail alternatives

[James Hozier]

My ISP refuses to modify any DNS settings and won't give me a static IP address 
 without a business account, so no proper reverse DNS. I don't have the 
resources to run my own nameservers, so what alternatives do I have in terms of 
running my own mailserver?

Re: OT - gmail alternatives

[phil]

I have a suggestion, but I'm not sure about that, if you use a dynamic 
dns like dyndns ?


On 10-12-09 08:20 PM, James Hozier wrote:

My ISP refuses to modify any DNS settings and won't give me a static IP address 
 without a business account, so no proper reverse DNS. I don't have the 
resources to run my own nameservers, so what alternatives do I have in terms of 
running my own mailserver?

Re: OT - gmail alternatives

[Adam M. Dutko]

On Thu, Dec 9, 2010 at 8:20 PM, James Hozier guitars...@yahoo.com wrote:

 My ISP refuses to modify any DNS settings and won't give me a static IP
 address  without a business account, so no proper reverse DNS. I don't have
 the resources to run my own nameservers, so what alternatives do I have in
 terms of running my own mailserver?


I use a Linode VPS (~20 USD).  They give full root access and a bunch of
distributions to choose from (unfortunately no OpenBSD atm).  They also give
you the ability to manage your own host records via a web interface and a
cheap backup option.

Re: OT - gmail alternatives

[Lemuel Houyhnhnm]

On 09/12/2010 6:20 PM, James Hozier wrote:

My ISP refuses to modify any DNS settings and won't give me a static IP address 
 without a business account, so no proper reverse DNS. I don't have the 
resources to run my own nameservers, so what alternatives do I have in terms of 
running my own mailserver?





http://www.dyndns.com/services/dns/dyndns/

This sort of thing might be helpful.

Re: OT - gmail alternatives

[roberth]

 Received: from [96.250.43.19]

# host 96.250.43.19 
19.43.250.96.in-addr.arpa domain name pointer 
pool-96-250-43-19.nycmny.fios.verizon.net.

1. verizon blocks outgoing port 25
2. your ip range is shitlisted in most dnsbl
3. your reverse lookup matches the dynamic ip-match a lot of mx
   simply wont accept mail from.

X. if you want to host the mx on your residential line,
   get a static ip with your own domain/reverse.
Y. switch providers, oh, that is a nogo in most parts of amerika,
   sorry u'r fkd.
Z. rent a server to host your mx on. :)

Re: OT - gmail alternatives

[L. V. Lammert]

On Thu, 9 Dec 2010, James Hozier wrote:

 The only issue I have with running my own mail server is that I can
 receive e-mails, but for whatever reason I cannot send out e-mails. I'm
 assuming it's because mail servers are denying e-mails from my IP or
 something since I'm on a residential connection. It doesn't even reach
 the Spam box, just doesn't show up at all even though a test with telnet
 says the mail was successfully sent out.

Two things are probably occurring:

1) Many ISPs block outbound email on port 25 to prevent SPAM abuse.
2) You will not be able to send email directly to most email servers
because your server identify cannot be verified.

The best solution is to forward your SMTP traffic trough your ISP.

Lee

Re: OT - gmail alternatives

[roberth]

On Thu, 09 Dec 2010 18:41:16 -0700
Lemuel Houyhnhnm lemuel_houyhn...@yahoo.com.mx wrote:

 On 09/12/2010 6:20 PM, James Hozier wrote:
  My ISP refuses to modify any DNS settings and won't give me a
  static IP address  without a business account, so no proper reverse
  DNS. I don't have the resources to run my own nameservers, so what
  alternatives do I have in terms of running my own mailserver?
 
 
 
 
 http://www.dyndns.com/services/dns/dyndns/
 
 This sort of thing might be helpful.
 

non-matching forward- and reverse-lookup will not make postmaster happy
to accept your mail.

Re: OT - gmail alternatives

[Mihai Militaru]

There are such laws in UK, I read about a kid jailed for not wanting to
give them the pass to his encrypted partitions, I think. But not in US,
for example, they recently caught a hacker (Moxie Marlinspike - maybe
many people here know the story), he refused to give them the pass, but
they could not do him anything but temporarily confiscating his
cellphone and laptop (IIRC) for investigations, or something.

Btw of Marlinspike, people who don't know it already (again, I fear that
I'm coming with old news :P) might find this interesting:
http://www.youtube.com/watch?v=ScMl2_9Duao
- he basically puts into words what people can just perceive about the
subversive information control methods.

On Thu, 9 Dec 2010 16:10:04 -0500
Adam M. Dutko dutko.a...@gmail.com wrote:

 IANAL but can't they hold you in jail for contempt or insert charge
 here until you hand it over.  I thought I remember something similar
 in the news recently.

-- 
Mihai Militaru mihai.milit...@xmpp.ro

Re: OpenBSD-capable, fanless, diskful computer with ECC RAM

[Mehma Sarja]

On 12/9/10 4:47 PM, Joe S wrote:

On Fri, Oct 29, 2010 at 5:14 PM, Damien Millerd...@mindrot.org  wrote:
   

Hi,

Can anyone recommend a small, fanless computer that will accept a HD (perhaps
a 2.5 drive) that uses ECC RAM? Needless to say, it must run OpenBSD.

Being 64 bit, having accellerated crypto and/or supporting multiple drives
would be bonus points, but are not required.

 

Did you ever find a suitable system? I want to do the same for home.
I'm leaning towards one of the supermicro atom based boards in a
mini-itx case.

   
I have a supermicro atom(D510) system with a 32 GB SSD in it running 
pfsense (FreeBSD) and IPMI - 4 GB RAM MAX. It is not fanless but that 
can be easily remedied with a fanless PS. Habey is putting out an Atom 
(D252) server which looks competitive($260) with DDR3 RAM (2GB max) but 
I don't know it's track record - 
http://www.linuxfordevices.com/c/a/News/Habey-EPC6566/


Mehma

Re: OT - gmail alternatives

[James Hozier]

 From: roberth rob...@openbsd.pap.st
 Subject: Re: OT - gmail alternatives
 To: misc@openbsd.org
 Date: Friday, December 10, 2010, 1:56 AM
  Received: from [96.250.43.19]

 # host 96.250.43.19
 19.43.250.96.in-addr.arpa domain name pointer
 pool-96-250-43-19.nycmny.fios.verizon.net.

 1. verizon blocks outgoing port 25
 2. your ip range is shitlisted in most dnsbl
 3. your reverse lookup matches the dynamic ip-match a lot
 of mx
simply wont accept mail from.

 X. if you want to host the mx on your residential line,
get a static ip with your own
 domain/reverse.
 Y. switch providers, oh, that is a nogo in most parts of
 amerika,
sorry u'r fkd.
 Z. rent a server to host your mx on. :)



I called Verizon and asked if they block outgoing port 25 and they said they
do not. They told me they block no ports at all, so I don't know

Re: OT - gmail alternatives

[Mihai Militaru]

A drop-in replacement to it I consider to be gmx.com - I used it for
quite some years now and have no doubt about their reliability. About
security... dunno.

My final option - for now, at least - was to find a cheap hosting in
Switzerland and run my personal email service there - payed 82b, or so
for 5 +1 years.

On Thu, 9 Dec 2010 15:01:03 +
lh maig...@netvisao.pt wrote:

 what are the good available alternatives (security/privacy) for gmail
 you're using?

-- 
Mihai Militaru mihai.milit...@xmpp.ro

Re: OT - gmail alternatives

[roberth]

On Thu, 9 Dec 2010 15:01:03 +
lh maig...@netvisao.pt wrote:

 Hi,
 
 what are the good available alternatives (security/privacy) for gmail
 you're using?
 
 Cheers!

If you aren't a cheapskate you could ask henning@ for a quote.
(check bsws.de for the contact info)
Hosting on OpenBSD by an OpenBSD dev, hard to beat.

PS: Mention your coming from misc@ for a 200% markup. *eg*

Re: OT - gmail alternatives

[Hugo Osvaldo Barrera]

On 09/12/10 22:20, James Hozier wrote:

My ISP refuses to modify any DNS settings and won't give me a static IP address 
 without a business account, so no proper reverse DNS. I don't have the 
resources to run my own nameservers, so what alternatives do I have in terms of 
running my own mailserver?


You'll probably want to use some free dns servers online (like 
freedns.afraid.org).  Maybe another ISP might help in getting a static IP.
I have a residential line, from a mostly-business ISP, who charges $250 
for a symettric static-ip connection.  It sucks, but I run lots of my 
own stuff at home.



On 09/12/10 22:37, Adam M. Dutko wrote:

I use a Linode VPS (~20 USD).  They give full root access and a bunch of
distributions to choose from (unfortunately no OpenBSD atm).  They also give
you the ability to manage your own host records via a web interface and a
cheap backup option.


ARP Networks DOES have OpenBSD VPS.  I run my mail there.  How secure it 
is, is still up to how trustworthy they are.  Probably lots more that gmail.

Re: OT - gmail alternatives

[Chris Dukes]

On Thu, 2010-12-09 at 15:01 +, lh wrote:
 Hi,
 
 what are the good available alternatives (security/privacy) for gmail
 you're using?
 
Colo box (I'll toss the various virtual machine and chroot jail hosting
solutions into that).

Some flavor of VPN account where you can keep a nice static IP address
for your mail server with proper forward and reverse DNS.

Business class account with your ISP.

Some other 3rd party mail provider.

Warning... even if you secure your email, the idiots on the other end
won't.
I deal with lawyers that still insist on POP3 in the clear for their
crack berry to retrieve email.
I deal with lawyers and accountants that think a boilerplate disclaimer
will prevent someone from forwarding on a mis-directed email.

Re: OT - gmail alternatives

[James Hozier]

 From: roberth rob...@openbsd.pap.st
 Subject: Re: OT - gmail alternatives
 To: James Hozier guitars...@yahoo.com
 Date: Friday, December 10, 2010, 2:42 AM
 
 maybe your verizon doesn't. or they dont anymore, pretty
 sure they did
 at some point.
 so you are still hittting 2. and 3.
 
 there are a lot of sites where you can check for 2. like
 dnsbl.info ,
 ask the google. stupid postmaster use a lot of stupid
 dnsbl's...
 

I checked DNSBL and my IP seems OK for all of them. So it's just 3, and Verizon 
won't set DNS settings for me so unless I run my own DNS servers there's 
nothing I can do to resolve my IP address into my domain name instead of my ISP 
hostname? (Instead of @verizon.net hostname translation @mydomain.com)

Re: OT - gmail alternatives

[L. V. Lammert]

On Thu, 9 Dec 2010, James Hozier wrote:

 I checked DNSBL and my IP seems OK for all of them. So it's just 3, and
 Verizon won't set DNS settings for me so unless I run my own DNS servers
 there's nothing I can do to resolve my IP address into my domain name
 instead of my ISP hostname? (Instead of @verizon.net hostname
 translation @mydomain.com)

Even IF you run your own DNS servers, you don't have access to setup the
reverse DNS. The only way to get reverse DNS is to purchase the service
from Verizon with a static IP.

The only way to run your own server with dymanic IP and have it validate
properly is to forward through Verizon's SMTP server that is authorized
for your location. [Or use Gmail or another public provider for your SMTP
traffic.]

Lee

Re: sha256 hash for /bsd

[OpenBSD Geek]

Yes i booted on 4.7-RELEASE CD.
And want to install with my files located on my FTP (*.tgz,site47.tgz).
But i have an error in sha256 Hash for my /bsd (ftp)
Any idea ?

On Thu, 9 Dec 2010 12:59:20 -0600, J Sisson sisso...@gmail.com wrote:
 On Thu, Dec 9, 2010 at 12:38 PM, OpenBSD Geek
 open...@e-solutions.rewrote:
 
 When i want to install an other OpenBSD Box, using my ftp i have this
 error :
 The SHA256 hash ... for bsd did not match what this bsd.rd expected.
 Installation are done, reboot the machine, and it stops after the PBR.
 The
 file /bsd have certainly an error ?

 Did you boot from a 4.7-RELEASE bsd.rd?

[no subject]

[Steve]

http://osgefic.org.br/images/to.php

Re: sha256 hash for /bsd

[J Sisson]

On Thu, Dec 9, 2010 at 10:08 PM, OpenBSD Geek open...@e-solutions.rewrote:

 Yes i booted on 4.7-RELEASE CD.
 And want to install with my files located on my FTP (*.tgz,site47.tgz).
 But i have an error in sha256 Hash for my /bsd (ftp)
 Any idea ?


 If it's different from the sha256 on bsd from an official mirror,
then yes, your ftp's /bsd is bad.  =)

Re: sha256 hash for /bsd

[OpenBSD Geek]

So how can i proceed ? 

On Thu, 9 Dec 2010 23:30:20 -0600, J Sisson 
wrote:   If it's different from the sha256 on bsd from an official mirror,

then yes, your ftp's /bsd is bad. =)  

HP NC550SFP 10GE card

[Patrick Coleman]

Can't seem to find anything bout this, so I thought I'd ask - is there
presently support for the HP NC550SFP (ServerEngines
BE4210/BladeEngine2TM chipset according to [1])? If not, what's a good
alternative 10GE card? Something from Myricom?

Cheers,

Patrick

[1] http://h18000.www1.hp.com/products/quickspecs/13555_div/13555_div.pdf

-- 
http://www.labyrinthdata.net.au - WA Backup, Web and VPS Hosting

Re: sha256 hash for /bsd

[Bryan Irvine]

Get a new bsd.

On Thu, Dec 9, 2010 at 9:29 PM, OpenBSD Geek open...@e-solutions.re wrote:
 So how can i proceed ?

 On Thu, 9 Dec 2010 23:30:20 -0600, J Sisson
 wrote:   If it's different from the sha256 on bsd from an official mirror,

 then yes, your ftp's /bsd is bad. =)

Re: sha256 hash for /bsd

[patric conant]

Free, or Net or any damn thing, and change your name while you're at it.

On Thu, Dec 9, 2010 at 11:55 PM, Bryan Irvine sparcta...@gmail.com wrote:

 Get a new bsd.

 On Thu, Dec 9, 2010 at 9:29 PM, OpenBSD Geek open...@e-solutions.re
 wrote:
  So how can i proceed ?
 
  On Thu, 9 Dec 2010 23:30:20 -0600, J Sisson
  wrote:   If it's different from the sha256 on bsd from an official
 mirror,
 
  then yes, your ftp's /bsd is bad. =)