On Sat, Mar 23, 2013 at 10:16 PM, Doug Hardie bc...@lafn.org wrote:
On 23 March 2013, at 21:51, Mehmet Erol Sanliturk m.e.sanlit...@gmail.com
wrote:
Using Static IP in the client side , and checking Static IP of the user
may be a possibility :
In that way , any message from another IP
On Sun, Mar 24, 2013 at 9:03 AM, CeDeROM cede...@tlen.pl wrote:
Why don't you just use PKI for authentication (you can generate your
own certificates)? You can easily upload keys/certificated to client
machines (PC, Android, Apple, ...). That should work :-)
You can additionally encrypt
On Sat, Mar 23, 2013 at 9:22 PM, Doug Hardie bc...@lafn.org wrote:
Basically, my outgoing mail server is being systematically attacked to try
passwords looking for one that works. When they do find one, we get
inundated by spam sent through that account throughout the world. The
situation
On 24 March 2013, at 01:03, CeDeROM cede...@tlen.pl wrote:
Why don't you just use PKI for authentication (you can generate your
own certificates)? You can easily upload keys/certificated to client
machines (PC, Android, Apple, ...). That should work :-)
Thats exactly what I have been
On 23 March 2013, at 22:59, Mehmet Erol Sanliturk m.e.sanlit...@gmail.com
wrote:
The following steps may be another idea :
Assume that you supply to your users a small login program prepared for them
specifically ( since you are using SSH ) :
Compile that program for each user with a
On Sun, 24 Mar 2013 01:16:33 -0700, Doug Hardie wrote:
On 24 March 2013, at 01:03, CeDeROM cede...@tlen.pl wrote:
Why don't you just use PKI for authentication (you can generate your
own certificates)? You can easily upload keys/certificated to client
machines (PC, Android, Apple, ...).
On 24 March 2013, at 01:10, Waitman Gobble gobble...@gmail.com wrote:
You might consider disabling external smtp auth service and using ssh tunnel
to server to connect to mail. Also provide web based convenience service.
I am not convinced that a ssh tunnel is going to be easy for my
Certificate + Password/PIN should be okay. You can maybe create a
policy for the target system to enable a screensaver to block the
screen after short period that will force user to enter his/hers
password..? I know in theory all seems easy :-) :-) Good luck! :-)
--
CeDeROM, SQ7MHZ,
On 24 March 2013, at 01:22, Polytropon free...@edvax.de wrote:
Wouldn't there be a possibility to combine key _and_ password?
The key shouldn't have to be removed, but it should only work
with a password (which again is kept individual to each user).
The process has to be made more
On Sun, Mar 24, 2013 at 1:21 AM, Doug Hardie bc...@lafn.org wrote:
On 23 March 2013, at 22:59, Mehmet Erol Sanliturk m.e.sanlit...@gmail.com
wrote:
The following steps may be another idea :
Assume that you supply to your users a small login program prepared for
them specifically (
At 11:22 PM 3/23/2013, you wrote:
I am not sure this is the best place to ask this, but I didn't see any other
maillists that seemed more appropriate.
Basically, my outgoing mail server is being systematically attacked to try
passwords looking for one that works.
brute force attacks are easily
On 24/03/2013 05:22, Doug Hardie wrote:
Basically, my outgoing mail server is being systematically attacked to try
passwords looking for one that works.
Have you investigated to identify where these attacks originate from?
Even if the IP is not fixed, they often belong to ranges assigned to
On Tue, Mar 12, 2013 at 08:55:49AM -0500, Mark Felder wrote:
Hi guys,
I seem to be having problems getting my front headphones jack to work.
I've read the snd_hda man page and perhaps I'm doing this wrong, but
here's my setup:
...
If I am looking at this right I believe I need to
On Tue, Mar 19, 2013 at 11:06:25PM +0100, kalth...@googlemail.com wrote:
Hi,
I was wondering how to update microcode of an Intel CPU and came across
cpucontrol and sysutils/devcpu-data . But last mentioned port is not
up-to-date
anymore. I searched Intel's webpages for microcode
Doug Hardie bc...@lafn.org writes:
That is an interesting idea, but unfortunately our users tend to
travel a lot and need to be able to access mail from anywhere. Also,
static IPs can get quite expensive from some ISPs. Our users are
pretty much on fixed incomes and any expense is a
Doug Hardie wrote:
my outgoing mail server is being systematically attacked to try
passwords looking for one that works. When they do find one,
we get inundated by spam sent through that account throughout the world.
How such spam is injected into your mail relay - via SMTP?
most of our
Stephan Schindel s...@tp1.rub.de wrote:
i've got a problem attaching a geli device on boot. My setup:
ada0 and ada1 full geli setup (no partition schemes). ZFS on both. ada0
is my root device. I can boot into the system there is no problem with
it. But now I want to attach ada1 on boot as
Hi,
I'm getting the folowing error when I try to start X using intel drivers:
[ 8669.844] (II) Loading /usr/local/lib/xorg/modules/drivers/intel_drv.so
[ 8669.844] (WW) VGA arbiter: cannot open kernel arbiter, no multi-card support
[ 8669.844] drmOpenDevice: node name is /dev/dri/card0
[
Hi,
On Sun, 24 Mar 2013 14:14:28 +
uki uka...@gmail.com wrote:
Hi,
I'm getting the folowing error when I try to start X using intel
drivers:
[ 8669.844] (II)
Loading /usr/local/lib/xorg/modules/drivers/intel_drv.so [ 8669.844]
(WW) VGA arbiter: cannot open kernel arbiter, no
On Sat, 23 Mar 2013, Doug Hardie wrote:
On 23 March 2013, at 21:51, Mehmet Erol Sanliturk m.e.sanlit...@gmail.com
wrote:
Using Static IP in the client side , and checking Static IP of the user
may be a possibility : In that way , any message from another IP will
not be accepted .
If
Thank you for your answer.
Are you sure that It is the geli rc script and not the kernel
itself which could happen if the BOOT flag was set on ada1.
I tried (un)setting the BOOT flag. With boot flag no key files are
defined in loader.conf, which is fine:
ada1 at ata5 bus 0 scbus5 target 0
On Sun, Mar 24, 2013 at 1:25 AM, Doug Hardie bc...@lafn.org wrote:
On 24 March 2013, at 01:10, Waitman Gobble gobble...@gmail.com wrote:
You might consider disabling external smtp auth service and using ssh
tunnel to server to connect to mail. Also provide web based convenience
How about refusing to
relay mail from addresses in a good DNSBL?
Bad idea. Legitimate users connecting from dynamic IP-addresses is normal.
DNSBLs list a dynamic IP-address permanently
or for long time after a zombied Windows spewed spam from it.
Some DNSBLs warn about that explicitly, for
On 24/03/2013 17:50, Waitman Gobble wrote:
On Sun, Mar 24, 2013 at 1:25 AM, Doug Hardie bc...@lafn.org wrote:
One idea is to run a different server process on 25 which does not do SMTP
AUTH,, then run SMTP AUTH on 465 or 587. I don't really see a reason to
advertise SMTP AUTH on 25, for some
That was not it (tried), the reason was my kernconf was wrong (didn't
yet figure out the details), because the GENERIC works flawlessly.
Cheers,
Łukasz Gruner
2013/3/24 Erich Dollansky erichsfreebsdl...@alogt.com:
Hi,
On Sun, 24 Mar 2013 14:14:28 +
uki uka...@gmail.com wrote:
Hi,
This is the output at boot time:
Configuring Disk Encryption for ada1.
geli: Cannot read metadata from ada1: Inappropriate file type or format.
Attach failed; attempt 1 of 3.
...
And the Configuring... part is from /etc/rc.d/geli. One the system is
ready the same attempt works fine:
OK I found the issue:
I reinitialized the provider, same problem. Then I put a partition
scheme (BSD) on it here it works fine. My guess is this is not
intended and might be a bug. Geli should work fine for the whole disk
(no scheme at all). It works fine for the root device, but fails when
You have been invited to the following event.
Title: attn
Dear Good day to you, I am so sorry for sending you this unsolicited and
unexpected Email.
I got your contact from a Business Directory in my agents office and I
decided to contact you
directly for the sake of business.
My full
On Sun, 24 Mar 2013 18:59:09 +0200
l...@lena.kiev.ua articulated:
Bad idea. Legitimate users connecting from dynamic IP-addresses is
normal.
I disagree. There is no legitimate reason a user cannot use a bonafide
ISP to send mail. I block dynamic ISPs by default. I have found that
99% of it is
Hi,
On Sun, 24 Mar 2013 17:30:48 +
uki uka...@gmail.com wrote:
That was not it (tried), the reason was my kernconf was wrong (didn't
yet figure out the details), because the GENERIC works flawlessly.
I have an i7 and use no drm in the kernel. Just load the modules when
you need them.
Jerry je...@seibercom.net wrote:
How about refusing to
relay mail from addresses in a good DNSBL?
Bad idea. Legitimate users connecting from dynamic IP-addresses is normal.
I disagree. There is no legitimate reason a user cannot use a bonafide
ISP to send mail.
The talk is about
31 matches
Mail list logo