On 9/24/07, Martin Schrvder [EMAIL PROTECTED] wrote:
2007/9/24, Joachim Schipper [EMAIL PROTECTED]:
Sure it does, just pull from CVS over SSH and compile your own. Only
Where do I get the ssh fingerprints of the CVS servers?
Where do you get the public keys for the digitally signed
Sure it does, just pull from CVS over SSH and compile your own. Only
Where do I get the ssh fingerprints of the CVS servers?
http://www.openbsd.org/anoncvs.html#CVSROOT, of course.
Not all are listed, but one can either use one that needs verified or
contact the maintainer for a correct
I'm running a RAID1 mirror on OpenBSD 4.1 (webserver)
On a power failure the parity becomes dirty and needs rewriting, which
results in 1.5 hours 'downtime'.
Is it safe to background this in /etc/rc or is that a no-no?
I found a reference this was possible/safe on-list but it was a) 2003
and
Eric Johnson wrote:
On Mon, 24 Sep 2007 22:55:16 +0200
Ed [EMAIL PROTECTED] wrote:
http://2006.opencon.org/
Just out of curiousity (since I can't make it), is there a newer page
on this?
That is the webpage of last years conference, please visit
http://www.opencon.org/
for the current
On 9/23/07, Peter N. M. Hansteen [EMAIL PROTECTED] wrote:
patrick keshishian [EMAIL PROTECTED] writes:
I'm running spamdb in greylist mode, but these servers were
getting white-listed very quickly.
Then it sounds almost like you were running with a too short passtime,
but then that's easy
patrick keshishian [EMAIL PROTECTED] writes:
When you speak of misconfigured mail servers bouncing spam,
what exactly is a proper configured mail server supposed to
do with spam directed at non-existing user @their-host-name?
The real question in there is, what does a properly configured mail
I'd like to thank in public Damien Bergamini, he helped me a lot in
debugging my ral setup: it was very very slow and unreliable. With
Damien's tips now I have a better understanding of my ral device and,
above all, it works flawlessy.
I wrote a small doc reporting this experience and
Hello there.
I am using hoststated to fail over to a backup server. No dramas in that
department.
However, I have more than one internet connection for which hoststated
is doing rdr's for. Each incoming internet connection goes to a specific
carp ip, and I tag it. Then I use a reply-to
Anyway, my question is, can I use the same tables in multiple service
entries? ( one for each connection )
no problem there.
patrick keshishian wrote:
I'm very certain right now, this flood is due to a spammer
using these fake addresses @my-domain-name to spam these mail
server (all around the world -- Japan, South America, US,
Germany, Ireland, etc...) and I'm getting the brunt of it in
the form of these bounced
Craig Skinner [EMAIL PROTECTED] writes:
malware, so they will quickly bypass spamd. Spamd greytraps will help
a great deal, but you say that the addresses are random.
I think what happened here is that somebody let the random address
generator run for longer than intended.
One or more
Hello
I would like to have the AoTuV Vorbis encoder. There is no package for that.
Is this supported on OpenBSD and if yes what is the proper way to do it?
I downloaded the AoTuV libvorbis (it's just a different version of
libvorbis), compiled, installed, then oggenc didn't recognize -q 2. So I
On 2007/09/25 00:08, patrick keshishian wrote:
I'm very certain right now, this flood is due to a spammer
using these fake addresses @my-domain-name to spam these mail
server (all around the world -- Japan, South America, US,
Germany, Ireland, etc...) and I'm getting the brunt of it in
the
In all my experience, every single complex security policy I've seen
has very serious issues. Complexity kills it. There's always a scenario
somewhere that someone has forgotten about that breaks stuff.
Heck, this even happens with access control systems like PAM. About every
3 months, we hear
I'm looking at the recent article on Soekris and very favorably impressed.
Setting up a Soekris 5501 with OpenBSD 4.2 24 Sep 2007
http://undeadly.org/cgi?action=articlesid=20070924004901
The setup seems almost perfect, except that the AMD Geode seems to be
x86-based.
What
Stuart Henderson [EMAIL PROTECTED] writes:
If it's compatible with how you use the domain, it might help
to publish SPF records.
I suppose I'll never know how many receivers of spam claiming to be
from [EMAIL PROTECTED] (yes, fresh from the source) and friends
actually acted on the SPF info
VIA, Intel lo-comsumption, are X86-based.
You should go into the ARM world to get something like that, and you
will be disapointed, as it is much much harder to find something with
4 network connectors, serial, flash, pci, mini-pci connector, due to
the lack of products manufacturers.
You may
On 9/25/07, Lars NoodC)n [EMAIL PROTECTED] wrote:
I'm looking at the recent article on Soekris and very favorably impressed.
Setting up a Soekris 5501 with OpenBSD 4.2 24 Sep 2007
http://undeadly.org/cgi?action=articlesid=20070924004901
The setup seems almost perfect, except
On 2007/09/25 10:29, Stuart Henderson wrote:
Also: all hosts listed in MX records should be aware of the
list of valid users and do the same. For sendmail, this is easy
to do with the access map.
I had a question off-list about how to do this, so I guess
some other people will benefit from an
On Tue, 25 Sep 2007 09:38:10 +0100, Craig Skinner wrote:
Greylisting is of no use whatsoever because the servers sending the
bounces to you are actual smtp boxes (sendmail, extrange, ), not
malware, so they will quickly bypass spamd. Spamd greytraps will help a
great deal, but you say
RW [EMAIL PROTECTED] writes:
One was bounced mail that should have been rejected as invalid
recipient mail at the original target. That included an mx at
aph.gov.au, the Australian Federal Parliamnet House. Yep, the pollies
who want ISPs to block websites on request and who spent $84mil on a
Well after trying it, it appears there _IS_ a problem there. One of the
services was not
working. As soon as I gave it its own separate tables, it worked.
Pierre-Yves Ritschard wrote:
Anyway, my question is, can I use the same tables in multiple service
entries? ( one for each
Stuart Henderson wrote:
I had a question off-list about how to do this, so I guess
some other people will benefit from an example of how to set
this up.
If you are using postfix:
/etc/postfix/main.cf:
..
..
smtpd_recipient_restrictions =
reject_non_fqdn_hostname
RW wrote:
The others were from bots as far as I could tell but they were not
being sent by MTAs which had received them.
Yes, but the OPs problem is back scatter, and that does not come from
bots, they don't retry.
$ man spamd:
DESCRIPTION
spamd is a fake sendmail(8)-like daemon
Gidday,
How can I have a rdr rule which redirects to the same main servers that
hoststated does ( using a different table/macro in pf.conf than the
hoststated rdr statement does ), which only matches when hoststated is
not running?
What happens if hoststated crashes? Does its latest table
On Tue, 25 Sep 2007 23:25:44 +1200
Josh [EMAIL PROTECTED] wrote:
Well after trying it, it appears there _IS_ a problem there. One of
the services was not
working. As soon as I gave it its own separate tables, it worked.
Pierre-Yves Ritschard wrote:
Anyway, my question is, can I use
nicodache wrote:
...
You should go into the ARM world to get something like that, and you
will be disapointed, as it is much much harder to find something with
4 network connectors, serial, flash, pci, mini-pci connector, due to
the lack of products manufacturers.
Yes. I know. Hence my
On 25 September 2007, RW [EMAIL PROTECTED] wrote:
[...]
My defence was to write a couple of scripts. One parsed the output of
spamdb looking for GREY with sender and then tested the intended
recipient against the postfix valid mailbox database.
[...]
With Postfix you can use anvil(8) to
On Wed, 2007-09-26 at 00:01 +1200, Josh wrote:
What happens if hoststated crashes? Does its latest table entry's and
rdr rules still remain?
Maybe you can try a kill -9 and see what happens.
ciao
Luca
On 9/25/07, Lars NoodC)n [EMAIL PROTECTED] wrote:
nicodache wrote:
...
You should go into the ARM world to get something like that, and you
will be disapointed, as it is much much harder to find something with
4 network connectors, serial, flash, pci, mini-pci connector, due to
the lack
I think AxiomTek has what you're looking for.
And if it doesn't, then either there is no such thing as you search,
or it's well hidden.
regards,
On 9/25/07, Lars Noodin [EMAIL PROTECTED] wrote:
nicodache wrote:
...
You should go into the ARM world to get something like that, and you
will
On Tue, 25 Sep 2007 14:08:50 +0200
Pierre-Yves Ritschard [EMAIL PROTECTED] wrote:
On Tue, 25 Sep 2007 23:25:44 +1200
Josh [EMAIL PROTECTED] wrote:
Well after trying it, it appears there _IS_ a problem there. One of
the services was not
working. As soon as I gave it its own separate
Karl SjC6dahl - dunceor wrote:
What is AMT?
http://www.intel.com/technology/platform-technology/intel-amt/index.htm
aka rootkit for everybody
http://strombergson.com/kryptoblog/?p=311
Well ARM is not under Intel, Intel does ARM-processors just like
several others do (Atmel, TI, Phillips
Just for the fun of it, some people subscribe to misc@ from politically
correct accounts.
So, I got a bounce on my last email, because I was saying that complex
security ACLs were fucked up by design.
This email is probably going to get blocked too, which is all that they
deserve.
Fucking
On 2007/09/25 15:19, Lars Noodin wrote:
nicodache wrote:
...
You should go into the ARM world to get something like that, and you
will be disapointed, as it is much much harder to find something with
4 network connectors, serial, flash, pci, mini-pci connector, due to
the lack of
Hi all,
afterboot(8) mentions /altroot, which is a nice feature.
But you only learn about /altroot when you read afterboot(8).
By that time, you already have a system installed, in particular
your disk is already partitioned, and typically you don't have
the spare partition (of size at least
Is there a way to get kde's automounting functionality working under obsd?
At linux I think it uses hal-deamon plus something like pmount.
Some way to make /etc/hotplug/attach call some kde application with
DISPLAY=:0.0 that lets the gui-logged user mount (or not) its usb drive ?
I wrote a small doc reporting this experience and Damien's tips: I hope it
could be useful.
http://sekureshell.altervista.org/docs/trouble_ral.html
I have a question. You list channel 112 as having the greatest power
(power=57), and claim that you chose the channel with the greatest
power.
On Tue, 25 Sep 2007, Rodrigo V. Raimundo wrote:
Is there a way to get kde's automounting functionality working under obsd?
At linux I think it uses hal-deamon plus something like pmount.
Some way to make /etc/hotplug/attach call some kde application with
DISPLAY=:0.0 that lets the gui-logged
A few lines above I wrote supported channel: i meant supported by your
clients. Yes, this should be corrected, thank you.
I don't know if some device supports those high channels: another ral
adapter I tested does, my laptop doesn't.
For example my iBook supports channels from 1 to 11 (don't
Antti Harri wrote:
On Tue, 25 Sep 2007, Rodrigo V. Raimundo wrote:
Is there a way to get kde's automounting functionality working under
obsd?
At linux I think it uses hal-deamon plus something like pmount.
Some way to make /etc/hotplug/attach call some kde application with
DISPLAY=:0.0 that
On Tuesday 25 September 2007, Craig Skinner wrote:
If you are using postfix:
/etc/postfix/main.cf:
..
..
smtpd_recipient_restrictions =
reject_non_fqdn_hostname
reject_invalid_hostname
reject_non_fqdn_sender
reject_non_fqdn_recipient
On Tue, 25 Sep 2007 14:22:19 +0200
Luca Corti [EMAIL PROTECTED] wrote:
On Wed, 2007-09-26 at 00:01 +1200, Josh wrote:
What happens if hoststated crashes? Does its latest table entry's
and rdr rules still remain?
Maybe you can try a kill -9 and see what happens.
ciao
Luca
better
African American Hair Dot Com Specials. Some Items
60% Off
http://www.youtube.com/watch?v=MMlYv5iKktsDulles
Beauty Supply1110 Elden St. #B Suite 204Herndon,
VA 20170
On 9/25/07, Rodrigo V. Raimundo [EMAIL PROTECTED] wrote:
Antti Harri wrote:
On Tue, 25 Sep 2007, Rodrigo V. Raimundo wrote:
Is there a way to get kde's automounting functionality working under
obsd?
At linux I think it uses hal-deamon plus something like pmount.
Some way to make
I went to colo, and checked what happened, as soon as a type:
ifconfig carp0 10.10.10.110 netmask 255.255.248.0 vhid 7 advskew 100
I get:
ifconfig carp0 10.10.10.110 netmask 255.255.248.0 vhid 7 advskew 100
uvm_fault(0xd6a07524, 0x0, 0, 3) - e
kernel: page fault trap, code=0
Stopped at
On Tue, Sep 25, 2007 at 08:57:19AM -0700, dane johansen wrote:
I went to colo, and checked what happened, as soon as a type:
ifconfig carp0 10.10.10.110 netmask 255.255.248.0 vhid 7 advskew 100
I get:
ifconfig carp0 10.10.10.110 netmask 255.255.248.0 vhid 7 advskew 100
uvm_fault(0xd6a07524,
Dear all,
First, let me say a big hello to everyone here. I've been out of this
list for almost three years... Just came back less than a week ago and
Chuck Yerkes is sorely missing...
I don't know if this question will be better answered here or on [EMAIL
PROTECTED]
After reading an email
Thanks.
On 9/25/07, Marco Pfatschbacher [EMAIL PROTECTED] wrote:
On Tue, Sep 25, 2007 at 08:57:19AM -0700, dane johansen wrote:
I went to colo, and checked what happened, as soon as a type:
ifconfig carp0 10.10.10.110 netmask 255.255.248.0 vhid 7 advskew 100
I get:
ifconfig carp0
[IMAGE]Having trouble reading this email? See it in your browser
ArabianBusiness.com Daily News Alert
GHMK ]m Gacf^Z:
GaCMO ,25 SHJcHQ 2007
[IMAGE]
GaCNHGQ GaQFmSmI
XG^I JZQV NcSI camGQGJ OfaGQ aTQGA HQGmc fSJ Ga_dOmI
On Mon, 24 Sep 2007 16:15:08 -0700
Chris Cappuccio [EMAIL PROTECTED] wrote:
Does anyone have any recommendations on 7 or smaller touch screens
that have a USB input ?
I want something preferrably under or around $100... I want to mount
it on a car dash.
from:
Lars Noodin [EMAIL PROTECTED] wrote:
There has got to be non-x86 units out there, SBC or other, running Cell
or Freescale or anything else.
If you look hard enough, I think you can find ARM/MIPS/PowerPC based
single-board computers vaguely comparable to the Soekris range.
Heck, just look at
Well, I don't need scaling support out of the box, I just
want something cheap. If it takes a little bit of work to make
it happen, that's no problem. I had a hard time finding the listed
LG monitor, and the Hantouch stuff is not cheap.
Joerg Zinke [EMAIL PROTECTED] wrote:
from:
On 9/25/07, Lars Noodin [EMAIL PROTECTED] wrote:
I'm looking at the recent article on Soekris and very favorably impressed.
Setting up a Soekris 5501 with OpenBSD 4.2 24 Sep 2007
http://undeadly.org/cgi?action=articlesid=20070924004901
The setup seems almost perfect, except
Hey guys,
We just ran across an odd intermittent problem with email that we
traced back to spamd showing up as an open relay. I double-checked the
documentation and mailing list archives and didn't find anything
relevant.
Our mail server is bara.nccn.net, 12.165.58.50. There is a
On Tue, 25 Sep 2007, Rob wrote:
We just ran across an odd intermittent problem with email that we
traced back to spamd showing up as an open relay. I double-checked the
documentation and mailing list archives and didn't find anything
relevant.
Please let us know what service (if different
Hi Jeremy,
On 9/25/07, Jeremy C. Reed [EMAIL PROTECTED] wrote:
On Tue, 25 Sep 2007, Rob wrote:
We just ran across an odd intermittent problem with email that we
traced back to spamd showing up as an open relay. I double-checked the
documentation and mailing list archives and didn't find
So any suggestions on how to have a rdr rule in pf.conf take over when
this happens?
better try pkill -SEGV hoststated ;)
in either case, the pfe process catches the fact that the hce process
dies and cleans up the tables and rules before completely dying
Hello,
I have to machines running OpenBSD 4.1 which are acting as a firewalls
and I have pfsync setup between the two. One of my machines had a
power loss and when we turned it back on we got a lot of pf errors
claiming bad state and what not.
Here is the first machine which didn't have a power
On Tue, 25 Sep 2007 12:40:50 +0100, Craig Skinner wrote:
RW wrote:
The others were from bots as far as I could tell but they were not
being sent by MTAs which had received them.
Yes, but the OPs problem is back scatter, and that does not come from
bots, they don't retry.
What I was
On Wed, 2007-09-26 at 10:54 +1200, Josh wrote:
So any suggestions on how to have a rdr rule in pf.conf take over when
this happens?
Why? If hoststated crashes, then it's a bug. If it doesn't crash, what
are you trying to achieve?
ciao
Luca
On Tue, 25 Sep 2007 14:14:46 +0300, Liviu Daia wrote:
On 25 September 2007, RW [EMAIL PROTECTED] wrote:
[...]
My defence was to write a couple of scripts. One parsed the output of
spamdb looking for GREY with sender and then tested the intended
recipient against the postfix valid mailbox
On 2007/09/26 10:54, Josh wrote:
So any suggestions on how to have a rdr rule in pf.conf take over when this
happens?
Yes, just list it below the hoststated rdr anchor.
On 2007/09/25 14:50, Rob wrote:
Is there some configuration for spamd that I've missed
You could run inbound and outbound email on different IP addresses,
and don't accept incoming port 25 connections on the address used as
a source for outgoing mail.
On 26 September 2007, RW [EMAIL PROTECTED] wrote:
On Tue, 25 Sep 2007 14:14:46 +0300, Liviu Daia wrote:
On 25 September 2007, RW [EMAIL PROTECTED] wrote:
[...]
My defence was to write a couple of scripts. One parsed the output
of spamdb looking for GREY with sender and then tested the
I'm not 100% certain I'm getting your idea here ... we do currently
run inbound/outbound mail on different IPs, but the problem isn't with
the connections themselves.
From the example session transcript with spamd that I posted earlier:
250 Hello, spam sender. Pleased to be wasting your time.
On 2007/09/25 17:35, Rob wrote:
Since this is happening during the conversation with our inbound mail
server, I don't see how filtering connections between our inbound and
outbound mail servers would fix it.
From what you say, it sounds like your outbound mail server sends
mail to some host
On 9/25/07, Stuart Henderson [EMAIL PROTECTED] wrote:
On 2007/09/25 17:35, Rob wrote:
Since this is happening during the conversation with our inbound mail
server, I don't see how filtering connections between our inbound and
outbound mail servers would fix it.
From what you say, it
On 9/26/07, Rob [EMAIL PROTECTED] wrote:
Yeah, I agree. It's the wrong way for them to check for an open relay,
but it is still causing a bit of a problem.
Well if it is actually caused by spamd you have 2 options:
a) not run spamd.
b) ask them to get their shit together and hope they actually
On Wed, 26 Sep 2007 03:16:35 +0300, Liviu Daia wrote:
Postfix would just be rejecting them and filling its logs.
Oh come on, these days you're probably rejecting 95% of messages
anyway. :)
Nope. Every day at log reading time I do grep reject maillog and very
rarely do I see a result.
I've been having problems with throughput on a box I'm using as an edge
gateway. I can't seem to get it to push out more than 150Mb/sec at about
20k pps. It's a Tyan Thunder K8SR (S2881) board that has two gig broadcom
interfaces on a shared pci-x bus. It's on the bcm5704c chipset and I'm
71 matches
Mail list logo