Re: alix 2d13 + 6.4: should it work?
"Theo de Raadt" writes: > First time you need to > > stty com0 > set tty com0 > > then you can boot. > > The installer will remember this for next time, but our kernel does not > know the speed so early on. Strictly speaking the installer _asks_ you if you would like it to remember the setting for next time, which I find to be a nice touch as I may want to install a server using the serial console but run it without one. Matthew
Re: XORG Doesnt start after syspatch
If you are using startx, it won't work anymore after 001 security fix. Please switch to using xenodm(1). There were a couple of discussions on this list about this, you can search archives for more details. On Wed, Nov 21, 2018, at 4:12 PM, Manuel Solis wrote: > Hello Misc. > > I have installed 64 in a macbook and it works great and out of the box, > however i notice that after i run syspatch and reboot, xorg doesn´t start > at all. > > I have done several tries like install64 - syspatch - error ; install64 > -fw_update -syspatch - error; > > May i missing some sysctl trick ? > > Thank you all. > > Manuel > > === > === Xorg.0.log after syspatch with Xorg not working === > === > [39.473] > X.Org X Server 1.19.6 > Release Date: 2017-12-20 > [39.536] X Protocol Version 11, Revision 0 > [39.562] Build Operating System: OpenBSD 6.4 amd64 > [39.570] Current Operating System: OpenBSD mac.book 6.4 GENERIC.MP#364 > amd64 > [39.579] Build Date: 25 October 2018 11:39:05PM > [39.588] > [39.596] Current version of pixman: 0.34.0 > [39.605] Before reporting problems, check http://wiki.x.org > to make sure that you have the latest version. > [39.605] Markers: (--) probed, (**) from config file, (==) default > setting, > (++) from command line, (!!) notice, (II) informational, > (WW) warning, (EE) error, (NI) not implemented, (??) unknown. > [39.639] (==) Log file: "/home/msolis/.local/share/xorg/Xorg.0.log", > Time: Wed Nov 21 17:44:59 2018 > [39.649] (==) Using system config directory > "/usr/X11R6/share/X11/xorg.conf.d" > [39.650] (==) No Layout section. Using the first Screen section. > [39.650] (==) No screen section available. Using defaults. > [39.650] (**) |-->Screen "Default Screen Section" (0) > [39.650] (**) | |-->Monitor "" > [39.650] (==) No monitor specified for screen "Default Screen Section". > Using a default monitor configuration. > [39.650] (==) Automatically adding devices > [39.650] (==) Automatically enabling devices > [39.650] (==) Not automatically adding GPU devices > [39.650] (==) Max clients allowed: 256, resource mask: 0x1f > [39.654] (==) FontPath set to: > /usr/X11R6/lib/X11/fonts/misc/, > /usr/X11R6/lib/X11/fonts/TTF/, > /usr/X11R6/lib/X11/fonts/OTF/, > /usr/X11R6/lib/X11/fonts/Type1/, > /usr/X11R6/lib/X11/fonts/100dpi/, > /usr/X11R6/lib/X11/fonts/75dpi/ > [39.654] (==) ModulePath set to "/usr/X11R6/lib/modules" > [39.654] (II) The server relies on wscons to provide the list of input > devices. > If no devices become available, reconfigure wscons or disable > AutoAddDevices. > [39.654] (II) Loader magic: 0x2de2fe71000 > [39.654] (II) Module ABI versions: > [39.654] X.Org ANSI C Emulation: 0.4 > [39.654] X.Org Video Driver: 23.0 > [39.654] X.Org XInput driver : 24.1 > [39.654] X.Org Server Extension : 10.0 > [39.654] (WW) checkDevMem: failed to open /dev/xf86 and /dev/mem > (Permission denied) > Check that you have set 'machdep.allowaperture=1' > in /etc/sysctl.conf and reboot your machine > refer to xf86(4) for details > [39.654] linear framebuffer access unavailable > [39.654] (II) LoadModule: "glx" > [39.656] (II) Loading /usr/X11R6/lib/modules/extensions/libglx.so > [39.663] (II) Module glx: vendor="X.Org Foundation" > [39.663] compiled for 1.19.6, module version = 1.0.0 > [39.663] ABI class: X.Org Server Extension, version 10.0 > [39.663] (==) Assigned the driver to the xf86ConfigLayout > [39.663] (EE) No drivers available. > [39.663] (EE) > Fatal server error: > [39.671] (EE) no screens found(EE) > [39.680] (EE) > Please consult the The X.Org Foundation support > at http://wiki.x.org > for help. > [39.688] (EE) Please also check the log file at > "/home/msolis/.local/share/xorg/Xorg.0.log" for additional information. > [39.697] (EE) > [39.706] (EE) Server terminated with error (1). Closing log file. > > == > ===working Xorg.0.log just after new installation = > == > [50.434] (WW) checkDevMem: failed to open /dev/xf86 and /dev/mem > (Operation not permitted) > Check that you have set 'machdep.allowaperture=1' > in /etc/sysctl.conf and reboot your machine > refer to xf86(4) for details > [50.434] linear framebuffer access unavailable > [50.457] (--) Using wscons driver on /dev/ttyC4 > [50.471] > X.Org X Server 1.19.6 > Release Date: 2017-12-20 > [50.471] X Protocol Version 11, Revision 0 > [50.471] Build Operating System: OpenBSD 6.4 amd64 > [50.472] Current Operating System: OpenBSD
XORG Doesnt start after syspatch
Hello Misc. I have installed 64 in a macbook and it works great and out of the box, however i notice that after i run syspatch and reboot, xorg doesn´t start at all. I have done several tries like install64 - syspatch - error ; install64 -fw_update -syspatch - error; May i missing some sysctl trick ? Thank you all. Manuel === === Xorg.0.log after syspatch with Xorg not working === === [39.473] X.Org X Server 1.19.6 Release Date: 2017-12-20 [39.536] X Protocol Version 11, Revision 0 [39.562] Build Operating System: OpenBSD 6.4 amd64 [39.570] Current Operating System: OpenBSD mac.book 6.4 GENERIC.MP#364 amd64 [39.579] Build Date: 25 October 2018 11:39:05PM [39.588] [39.596] Current version of pixman: 0.34.0 [39.605] Before reporting problems, check http://wiki.x.org to make sure that you have the latest version. [39.605] Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. [39.639] (==) Log file: "/home/msolis/.local/share/xorg/Xorg.0.log", Time: Wed Nov 21 17:44:59 2018 [39.649] (==) Using system config directory "/usr/X11R6/share/X11/xorg.conf.d" [39.650] (==) No Layout section. Using the first Screen section. [39.650] (==) No screen section available. Using defaults. [39.650] (**) |-->Screen "Default Screen Section" (0) [39.650] (**) | |-->Monitor "" [39.650] (==) No monitor specified for screen "Default Screen Section". Using a default monitor configuration. [39.650] (==) Automatically adding devices [39.650] (==) Automatically enabling devices [39.650] (==) Not automatically adding GPU devices [39.650] (==) Max clients allowed: 256, resource mask: 0x1f [39.654] (==) FontPath set to: /usr/X11R6/lib/X11/fonts/misc/, /usr/X11R6/lib/X11/fonts/TTF/, /usr/X11R6/lib/X11/fonts/OTF/, /usr/X11R6/lib/X11/fonts/Type1/, /usr/X11R6/lib/X11/fonts/100dpi/, /usr/X11R6/lib/X11/fonts/75dpi/ [39.654] (==) ModulePath set to "/usr/X11R6/lib/modules" [39.654] (II) The server relies on wscons to provide the list of input devices. If no devices become available, reconfigure wscons or disable AutoAddDevices. [39.654] (II) Loader magic: 0x2de2fe71000 [39.654] (II) Module ABI versions: [39.654] X.Org ANSI C Emulation: 0.4 [39.654] X.Org Video Driver: 23.0 [39.654] X.Org XInput driver : 24.1 [39.654] X.Org Server Extension : 10.0 [39.654] (WW) checkDevMem: failed to open /dev/xf86 and /dev/mem (Permission denied) Check that you have set 'machdep.allowaperture=1' in /etc/sysctl.conf and reboot your machine refer to xf86(4) for details [39.654] linear framebuffer access unavailable [39.654] (II) LoadModule: "glx" [39.656] (II) Loading /usr/X11R6/lib/modules/extensions/libglx.so [39.663] (II) Module glx: vendor="X.Org Foundation" [39.663] compiled for 1.19.6, module version = 1.0.0 [39.663] ABI class: X.Org Server Extension, version 10.0 [39.663] (==) Assigned the driver to the xf86ConfigLayout [39.663] (EE) No drivers available. [39.663] (EE) Fatal server error: [39.671] (EE) no screens found(EE) [39.680] (EE) Please consult the The X.Org Foundation support at http://wiki.x.org for help. [39.688] (EE) Please also check the log file at "/home/msolis/.local/share/xorg/Xorg.0.log" for additional information. [39.697] (EE) [39.706] (EE) Server terminated with error (1). Closing log file. == ===working Xorg.0.log just after new installation = == [50.434] (WW) checkDevMem: failed to open /dev/xf86 and /dev/mem (Operation not permitted) Check that you have set 'machdep.allowaperture=1' in /etc/sysctl.conf and reboot your machine refer to xf86(4) for details [50.434] linear framebuffer access unavailable [50.457] (--) Using wscons driver on /dev/ttyC4 [50.471] X.Org X Server 1.19.6 Release Date: 2017-12-20 [50.471] X Protocol Version 11, Revision 0 [50.471] Build Operating System: OpenBSD 6.4 amd64 [50.472] Current Operating System: OpenBSD mac.my.domain 6.4 GENERIC.MP#364 amd64 [50.472] Build Date: 11 October 2018 01:50:08PM [50.472] [50.472] Current version of pixman: 0.34.0 [50.472] Before reporting problems, check http://wiki.x.org to make sure that you have the latest version. [50.472] Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. [
Re: alix 2d13 + 6.4: should it work?
First time you need to stty com0 set tty com0 then you can boot. The installer will remember this for next time, but our kernel does not know the speed so early on. > Quick question, should the PC Engines ALIX 2D13 work with 6.4? Or is the > hardware too old? > > Or (perhaps more likely :-)) did I screw up the installation process > somehow? > > I created an install media (cf card) and boot functions but as the kernel > is loading, the system reboots: > > PC Engines ALIX.2 v0.99m > 640 KB Base Memory > 261120 KB Extended Memory > Waiting for HDD ... > > 01F0 Master 044A CF 8GB > Phys C/H/S 15538/16/63 Log C/H/S 974/255/63 LBA > Using drive 0, partition 3. > Loading... > probing: pc0 com0 com1 mem[640K 255M a20=on] > disk: hd0+ > >> OpenBSD/i386 BOOT 3.34 > boot> > cannot open hd0a:/etc/random.seed: No such file or directory > booting hd0a:/6.4/i386/bsd.rd: 3111423+1360896+3362824+0+454656 > [363995+98+289392+283301]=0x8ced6c > entry point at 0x2000d4 > PC Engines ALIX.2 v0.99m > 640 KB Base Memory > 261120 KB Extended Memory > Waiting for HDD ... > > > I did: > fetch https://cdn.openbsd.org/pub/OpenBSD/6.4/i386/install64.fs > dd if=/dev/random of=/dev/rsdd bs=512 count=256 iflag=fullblock > sync ; sync ; sync > dd if=/home/robb/Downloads/install64.fs of=/dev/rsdd bs=1M > sync ; sync ; sync > udisksctl power-off -b /dev/sdd > > The same hardware was previously running OpenBSD (5.6 I think) quite > happily. > > Cheers, > Robb. >
alix 2d13 + 6.4: should it work?
Quick question, should the PC Engines ALIX 2D13 work with 6.4? Or is the hardware too old? Or (perhaps more likely :-)) did I screw up the installation process somehow? I created an install media (cf card) and boot functions but as the kernel is loading, the system reboots: PC Engines ALIX.2 v0.99m 640 KB Base Memory 261120 KB Extended Memory Waiting for HDD ... 01F0 Master 044A CF 8GB Phys C/H/S 15538/16/63 Log C/H/S 974/255/63 LBA Using drive 0, partition 3. Loading... probing: pc0 com0 com1 mem[640K 255M a20=on] disk: hd0+ >> OpenBSD/i386 BOOT 3.34 boot> cannot open hd0a:/etc/random.seed: No such file or directory booting hd0a:/6.4/i386/bsd.rd: 3111423+1360896+3362824+0+454656 [363995+98+289392+283301]=0x8ced6c entry point at 0x2000d4 PC Engines ALIX.2 v0.99m 640 KB Base Memory 261120 KB Extended Memory Waiting for HDD ... I did: fetch https://cdn.openbsd.org/pub/OpenBSD/6.4/i386/install64.fs dd if=/dev/random of=/dev/rsdd bs=512 count=256 iflag=fullblock sync ; sync ; sync dd if=/home/robb/Downloads/install64.fs of=/dev/rsdd bs=1M sync ; sync ; sync udisksctl power-off -b /dev/sdd The same hardware was previously running OpenBSD (5.6 I think) quite happily. Cheers, Robb.
OpenIKED traffic question
Hello,
I have a semi-working vpn from Windows 10 client to OpenBSD 6.4
running iked using machine certificates authentication method.
When I connect to the VPN, I can ping from Win 10 to the ip address of
enc0 on the other side (10.1.0.2). Unbound is listening on that ip
address, and DNS queries from my Windows 10 machine get to the unbound
and work correctly.
Unfortunately, regular web browsing from the Windows 10 PC does not
work. It appears the VPN or else my pf rules are not directing the
traffic back out of the egress interface, but I can't figure out why.
Likewise if I start a ping to a public IP address while the VPN is
running, the ping doesn't work. I do have net.inet.ip.forwarding=1
enabled in /etc/sysctl.conf. If I do the same ping without the VPN,
it works fine.
I have tried a few things as I'm having trouble understanding
basic VPN concepts, and therefore I can't seem to understand what might
be the cause of the problem.
1. Put a line "from 0.0.0.0/0 to 10.2.0.0/24" into the configuration.
2. Remove the "configure address 10.2.0.1/24" line
3. Various incarnations with/without srcid or "local peer any"
4. Turning off Windows firewall
5. Trying to pass more and more traffic through pf
6. Rearranging the match out...nat-to lines at the bottom of pf.conf
My iked.conf and pf.conf configurations are down below.
Also some info about the vpn ca and certificates--The server cert CN is
the server ip. It's also named the server ip. The Windows 10 cert is
just named desktop- and the CN is the same. The CA cert is on the
machine store Trusted Auth. The desktop- cert is on the machine
store Personal.
Is there anything obviously wrong in the configuration? Can anyone point
me in the direction of the mistake?
Any help would be greatly appreciated. Thanks in advance.
V/r,
Bryan
# $OpenBSD: iked.conf,v 1.1 2014/07/11 21:20:10 deraadt Exp $
#
# See iked.conf(5) for syntax and examples.
ikev2 "win10" passive esp \
from 10.1.0.0/24 to 10.2.0.0/24 \
local any peer any \
srcid ...OMITTED... \
config address 10.2.0.1/24 \
config name-server 10.1.0.2 \
tag "$name-$id"
# $OpenBSD: pf.conf,v 1.54 2014/08/23 05:49:42 deraadt Exp $
#
# See pf.conf(5) and /etc/examples/pf.conf
ssh_nets="{ ...OMITTED... }"
set skip on { lo0, enc0 }
set limit table-entries 40
# rules for spamd(8)
table persist
table persist file "/etc/mail/common_domains_white"
table persist file "/etc/mail/nospamd"
table persist
block drop log all
antispoof for egress
match in all scrub (no-df max-mss 1440)
pass quick inet proto icmp icmp-type { echoreq, unreach }
pass in on egress inet proto tcp from $ssh_nets to egress:0 port 22
pass in on egress inet proto udp from any to egress:0 port 53
pass in on egress inet proto tcp from any to egress:0 \
port { 53 80 443 }
pass in on egress inet proto tcp from $ssh_nets to egress:0 \
port { 465 587 993 }
pass in on egress proto { ah, esp } from any to any
pass in on egress proto udp from any to any port { 500, 4500 }
pass in on egress inet proto tcp from any to any port smtp \
rdr-to lo0 port spamd
pass in on egress inet proto tcp from to any port smtp \
rdr-to lo0 port smtp
pass in log on egress inet proto tcp from to any \
port smtp rdr-to lo0 port smtp
pass in log on egress inet proto tcp from to any \
port smtp rdr-to lo0 port smtp
pass in log quick on egress inet proto tcp from \
to any port smtp rdr-to lo0 port smtp
pass on { vether tap }
pass out all
match out on egress inet from vether0:network nat-to (egress)
match out on egress inet from enc0:network nat-to (egress)
Re: smtpd.conf and junk
On Wed, Nov 21, 2018 at 09:21:46PM +0100, Thuban wrote: > * Gilles Chehade le [21-11-2018 21:06:39 +0100]: > > On Wed, Nov 21, 2018 at 06:38:43PM +0100, Thuban wrote: > > > * Edgar Pettijohn le [21-11-2018 11:32:43 > > > -0600]: > > > > > > > > On Nov 21, 2018 8:22 AM, Thuban wrote: > > > > > > > > > > Hi, > > > > > I can't figure how to make this "junk" argument to work as > > > > > mentioned in The smtpd.conf manpages : > > > > > > > > > > If the junk argument is provided, the message will be > > > > > moved to the Junk folder if it contains a positive X-Spam > > > > > header. > > > > > > > > > > > > > > > spams detected by spamassassin have multiple X-Spam-* headers, but > > > > > aren't placed > > > > > into Junk folder. > > > > > > > > > > Any advice ? > > > > > > > > > > > > > > > > > > > > -- > > > > > ?? thuban > > > > > > > > > It looks for a header matching: > > > > > > > > X-Spam: Yes > > > > > > > > You may need to configure spamassassin to write it that way. I believe > > > > that the default is different, but I can't check right now. > > > > > > > > > > I tried to add this in spamassassin.conf [0] : > > > > > > add_header spam X-Spam > > > > > > But if you read the link [0] closely, it can't work because spamassassin > > > add > > > headers "X-Spam-someting", never "X-Spam" : > > > > > > All headers begin with X-Spam- (so a header_name Foo will generate a > > > header called X-Spam-Foo) > > > > > > I guess the "junk" keyword in smtpd.conf was written to be handy, so I > > > miss > > > something. Where ? > > > > > > > You didn't miss anything, the maildir agent only supports X-Spam headers > > as of today so this will need a diff to support SpamAssassin if it can't > > generate a X-Spam header. > > > > Okay, thanks, I doubt since english is not my main language. > > > SpamAssassin wasn't a target when I wrote that feature but it's just one > > diff away ;-) > > > > Just need to check "X-Spam-Flag: YES" or "X-Spam-Status: Yes,.*" then. > indeed, I think X-Spam-Flag is the right candidate. > Just curious, what was the target of that 'junk' feature ? rspamd ? Another ? > rspamd was my target yes -- Gilles Chehade @poolpOrg https://www.poolp.org tip me: https://paypal.me/poolpOrg
Re: smtpd.conf and junk
* Gilles Chehade le [21-11-2018 21:06:39 +0100]: > On Wed, Nov 21, 2018 at 06:38:43PM +0100, Thuban wrote: > > * Edgar Pettijohn le [21-11-2018 11:32:43 -0600]: > > > > > > On Nov 21, 2018 8:22 AM, Thuban wrote: > > > > > > > > Hi, > > > > I can't figure how to make this "junk" argument to work as > > > > mentioned in The smtpd.conf manpages : > > > > > > > > If the junk argument is provided, the message will be > > > > moved to the Junk folder if it contains a positive X-Spam > > > > header. > > > > > > > > > > > > spams detected by spamassassin have multiple X-Spam-* headers, but > > > > aren't placed > > > > into Junk folder. > > > > > > > > Any advice ? > > > > > > > > > > > > > > > > -- > > > > ?? thuban > > > > > > > It looks for a header matching: > > > > > > X-Spam: Yes > > > > > > You may need to configure spamassassin to write it that way. I believe > > > that the default is different, but I can't check right now. > > > > > > > I tried to add this in spamassassin.conf [0] : > > > > add_header spam X-Spam > > > > But if you read the link [0] closely, it can't work because spamassassin add > > headers "X-Spam-someting", never "X-Spam" : > > > > All headers begin with X-Spam- (so a header_name Foo will generate a > > header called X-Spam-Foo) > > > > I guess the "junk" keyword in smtpd.conf was written to be handy, so I miss > > something. Where ? > > > > You didn't miss anything, the maildir agent only supports X-Spam headers > as of today so this will need a diff to support SpamAssassin if it can't > generate a X-Spam header. > Okay, thanks, I doubt since english is not my main language. > SpamAssassin wasn't a target when I wrote that feature but it's just one > diff away ;-) > Just need to check "X-Spam-Flag: YES" or "X-Spam-Status: Yes,.*" then. Just curious, what was the target of that 'junk' feature ? rspamd ? Another ? Regards. -- thuban
Re: smtpd.conf and junk
On Wed, Nov 21, 2018 at 06:38:43PM +0100, Thuban wrote: > * Edgar Pettijohn le [21-11-2018 11:32:43 -0600]: > > > > On Nov 21, 2018 8:22 AM, Thuban wrote: > > > > > > Hi, > > > I can't figure how to make this "junk" argument to work as > > > mentioned in The smtpd.conf manpages : > > > > > > If the junk argument is provided, the message will be > > > moved to the Junk folder if it contains a positive X-Spam > > > header. > > > > > > > > > spams detected by spamassassin have multiple X-Spam-* headers, but aren't > > > placed > > > into Junk folder. > > > > > > Any advice ? > > > > > > > > > > > > -- > > > ?? thuban > > > > > It looks for a header matching: > > > > X-Spam: Yes > > > > You may need to configure spamassassin to write it that way. I believe that > > the default is different, but I can't check right now. > > > > I tried to add this in spamassassin.conf [0] : > > add_header spam X-Spam > > But if you read the link [0] closely, it can't work because spamassassin add > headers "X-Spam-someting", never "X-Spam" : > > All headers begin with X-Spam- (so a header_name Foo will generate a > header called X-Spam-Foo) > > I guess the "junk" keyword in smtpd.conf was written to be handy, so I miss > something. Where ? > You didn't miss anything, the maildir agent only supports X-Spam headers as of today so this will need a diff to support SpamAssassin if it can't generate a X-Spam header. SpamAssassin wasn't a target when I wrote that feature but it's just one diff away ;-) -- Gilles Chehade @poolpOrg https://www.poolp.org tip me: https://paypal.me/poolpOrg
Re: smtpd.conf and junk
* Edgar Pettijohn le [21-11-2018 11:32:43 -0600]: > > On Nov 21, 2018 8:22 AM, Thuban wrote: > > > > Hi, > > I can't figure how to make this "junk" argument to work as > > mentioned in The smtpd.conf manpages : > > > > If the junk argument is provided, the message will be > > moved to the Junk folder if it contains a positive X-Spam > > header. > > > > > > spams detected by spamassassin have multiple X-Spam-* headers, but aren't > > placed > > into Junk folder. > > > > Any advice ? > > > > > > > > -- > > thuban > > > It looks for a header matching: > > X-Spam: Yes > > You may need to configure spamassassin to write it that way. I believe that > the default is different, but I can't check right now. > I tried to add this in spamassassin.conf [0] : add_header spam X-Spam But if you read the link [0] closely, it can't work because spamassassin add headers "X-Spam-someting", never "X-Spam" : All headers begin with X-Spam- (so a header_name Foo will generate a header called X-Spam-Foo) I guess the "junk" keyword in smtpd.conf was written to be handy, so I miss something. Where ? Regards. [0] https://spamassassin.apache.org/full/3.1.x/doc/Mail_SpamAssassin_Conf.html#basic_message_tagging_options
Re: smtpd.conf and junk
On Nov 21, 2018 8:22 AM, Thuban wrote: > > Hi, > I can't figure how to make this "junk" argument to work as > mentioned in The smtpd.conf manpages : > > If the junk argument is provided, the message will be > moved to the Junk folder if it contains a positive X-Spam > header. > > > spams detected by spamassassin have multiple X-Spam-* headers, but aren't > placed > into Junk folder. > > Any advice ? > > > > -- > thuban > It looks for a header matching: X-Spam: Yes You may need to configure spamassassin to write it that way. I believe that the default is different, but I can't check right now.
Re: smtpd.conf and junk
* Gilles Chehade le [21-11-2018 16:31:31 +0100]:
> On Wed, Nov 21, 2018 at 03:22:45PM +0100, Thuban wrote:
> > Hi,
> > I can't figure how to make this "junk" argument to work as
> > mentioned in The smtpd.conf manpages :
> >
> > If the junk argument is provided, the message will be
> > moved to the Junk folder if it contains a positive X-Spam
> > header.
> >
> >
> > spams detected by spamassassin have multiple X-Spam-* headers, but aren't
> > placed
> > into Junk folder.
> >
> > Any advice ?
> >
>
> without seeing examples of these headers and your config, it's hard to
> understand what's incorrect ;-)
>
Sorry, I thought this was quite common.
A spam has these headers when detected by spamassassin :
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
ledzep.yeuxdelibad.net
X-Spam-Flag: YES
X-Spam-Level: ***
X-Spam-Status: Yes, score=19.0 required=5.0 tests=BAYES_99,BAYES_999,
Here is my smtpd.conf, incoming mails are analysed by spamassassin
(dafault configuration).
table aliases file:/etc/mail/aliases
table domains file:/etc/mail/domains
table passwd passwd:/etc/mail/passwd
table virtuals file:/etc/mail/virtuals
pki acmecert key "/etc/ssl/acme/private/yeuxdelibad.net.key"
pki acmecert cert "/etc/ssl/acme/yeuxdelibad.net-fullchain.pem"
## LISTEN ##
# envelopes signed by dkimproxy
listen on lo0 port 10028 tag DKIM
# envelopes checked by spamassassin
listen on lo0 port 10026 tag NOSPAM
# local
listen on lo0
# incoming
listen on egress tls pki acmecert tag INCOMING
# sending
listen on egress port submission tls-require pki acmecert auth
tag OUTGOING
## ACTIONS ##
action "relay" relay
action dkimproxy relay host smtp://127.0.0.1:10027
action spamassassin relay host smtp://127.0.0.1:10025
action "local_mbox" mbox alias
action virtual_maildir maildir
"/var/_vmail/%{dest.domain}/%{dest.user}/Maildir" junk virtual
## MATCH ##
match for local action local_mbox
match tag NOSPAM from any for domain action virtual_maildir
match from any for domain action spamassassin
match tag DKIM for any action "relay"
match auth tag DKIM from any for any action "relay"
match auth from any for any action dkimproxy
match for any action dkimproxy
Re: Courier Imap not accepting connections after updat to -curent
On 11/18/18 10:35 PM, Theodore Wynnychenko wrote: > Hello > > I just updated to -current using a snapshot. > > I then updated packages (pkg_add -vui), which updated courier-imap. > > pkg_info | grep courier > courier-authlib-0.68.0p4 authentication library for courier > courier-authlib-mysql-0.68.0p3 mysql authentication module for > courier-authLib > courier-imap-4.18.2p0 imap server for maildir format mailboxes > courier-pop3-4.18.2p0 pop3 server for maildir format mailboxes > courier-unicode-2.0p0 courier unicode library > > Courier does start, and is listening for imap-ssl connections: > > netstat -an | grep 993 > tcp 0 0 *.993 *.* LISTEN > tcp6 0 0 *.993 *.* LISTEN > what's the output of openssl s_client -connect $YOURIP:993 does it works without ssl ? There were some issues recently fixed in libssl land, can you try very latest snapshot ? Cheers Giovanni
Re: smtpd.conf and junk
On Wed, Nov 21, 2018 at 03:22:45PM +0100, Thuban wrote: > Hi, > I can't figure how to make this "junk" argument to work as > mentioned in The smtpd.conf manpages : > > If the junk argument is provided, the message will be > moved to the Junk folder if it contains a positive X-Spam > header. > > > spams detected by spamassassin have multiple X-Spam-* headers, but aren't > placed > into Junk folder. > > Any advice ? > without seeing examples of these headers and your config, it's hard to understand what's incorrect ;-) -- Gilles Chehade @poolpOrg https://www.poolp.org tip me: https://paypal.me/poolpOrg
smtpd.conf and junk
Hi, I can't figure how to make this "junk" argument to work as mentioned in The smtpd.conf manpages : If the junk argument is provided, the message will be moved to the Junk folder if it contains a positive X-Spam header. spams detected by spamassassin have multiple X-Spam-* headers, but aren't placed into Junk folder. Any advice ? -- thuban
Re: Courier imap not accepting connections after update to -curent
On 2018-11-19, Theodore Wynnychenko wrote: > Hello > > I just updated to -current using a snapshot. > > I then updated packages (pkg_add -vui), which updated courier-imap. What were you running before? > pkg_info | grep courier > courier-authlib-0.68.0p4 authentication library for courier > courier-authlib-mysql-0.68.0p3 mysql authentication module for > courier-authLib > courier-imap-4.18.2p0 imap server for maildir format mailboxes > courier-pop3-4.18.2p0 pop3 server for maildir format mailboxes > courier-unicode-2.0p0 courier unicode library > > Courier does start, and is listening for imap-ssl connections: > > netstat -an | grep 993 > tcp 0 0 *.993 *.* LISTEN > tcp6 0 0 *.993 *.* LISTEN > > I can also confirm the port is open from the connecting machine. > > However, mail clients cannot connect to the imap server. They indicate the > server is not responding. Mail clients are often bad at giving feedback about errors. How does "nc -vvc mail.host.name 993" look? To help diagnosis: Does a plaintext connection on 143 work? If not, does a plaintext connection work if you disable SSL/TLS in Courier? ?
OpenBSD 6.4 on Asus TP200SA doesn't boot
Hey everyone. I'm trying to install OpenBSD 6.4 on an Asus TP200SA (ASUS Transformer Book Flip TP200SA) since days. The Wifi adapter wasn't recognized during installation (and that laptop has no LAN nic - only Wifi), anyway, finished the setup, rebooted, voila, it directly goes to the BIOS. It doesn't boot at all. Not even hitting the bootloader. Tried both MBR and GPT options for the disk during the installation, that didn't work. Tried enabling/disabling options like secure boot, CSM on BIOS, and on each try - a new system installation - didn't boot neither. I'm tired. Post Scriptum: The laptop has a 32 GB micro sd card as "harddrive", the installation program recognizes it well, though. Any idea? Thanks, --- Özgür Kazancci https://ozgur.kazancci.com
Re: Missing LVM (Logical Volume Manager)
On 11/18/18 9:11 AM, Jordan Geoghegan wrote: > > > On 11/17/18 10:53, Predrag Punosevac wrote: >> On Sat, Nov 17, 2018 at 01:35:05AM +0100, Willi Rauffer wrote: >> >>> Hello, >>> >>> we want to make one logical volume out of several physical volumes, >>> but there is no \ >>> LVM (Logical Volume Manager) in OpenBSD! >>> Will there be a LVM in OpenBSD in the future? >>> >>> Thanks...Willi Rauffer, UNOBank.org >> P.S. OpenBSD's NFSv3 server and client implementation is pretty slow so >> that begs the question how you are going to access that data pool. >> > I have an OpenBSD 6.3 NFS server, and it is able to achieve gigabit line > speed no problem. I've transferred hundreds of terrabytes through that > thing and it hasn't let me down once. Most of the NFS clients connected > to it are CentOS 7 machines, and after a bit of fiddling, line speed was > achieved without issue. The OpenBSD NFS client does seem to be a a tad > slow though, and much fiddling was required to get anywhere close to > line speed with it. > Out of interest, could you detail some of the fiddles?
