* Bryan Irvine [EMAIL PROTECTED] [2007-05-21 09:01]:
Older versions of bdb went bad a fairly regular basis. I had DB's go
corrupt as often as once a day under older verson of OL using bdb.
This hasn't been a problem for a while though. I havn't had a db go
bad in 2 years, even after power
* Dave Harrison [EMAIL PROTECTED] [2007-05-21 08:26]:
Henning Brauer wrote:
* Uv Pzaf [EMAIL PROTECTED] [2007-05-20 23:12]:
I wonder why OpenBSD packages (i.e. openldap-server-2.3.24.tgz) still
uses ldbm as database backend especially since the OpenLDAP folks are
stating that this is no
Henning Brauer wrote:
* Dave Harrison [EMAIL PROTECTED] [2007-05-21 08:26]:
Henning Brauer wrote:
* Uv Pzaf [EMAIL PROTECTED] [2007-05-20 23:12]:
I wonder why OpenBSD packages (i.e. openldap-server-2.3.24.tgz) still
uses ldbm as database backend especially since the OpenLDAP folks are
Hi,
On Mon, 21.05.2007 at 18:00:30 +0200, Toni Mueller [EMAIL PROTECTED] wrote:
Is this problem worth opening a bug on the OpenBSD web site?
after reading the great advice of Rob Waite, the answer is obviously NO.
Sorry for the noise.
Best,
--Toni++
Hello,
I just used dnsstuff to test one of my domain names and it showed me
(the first time only) that my server is an openrelay, which is obviously
not true. This is due to the default behaviour of spamd of accepting
everything, even when a spamd.alloweddomains file is present. I think
this
Bryan Irvine wrote:
I've upgraded my firewall to 4.1 and all of the packages. Now squid
fails to start with the new version.
I get the following errors:
2007/05/21 16:22:32| aclParseAclLine: WARNING: empty ACL: acl
BlockSites url_regex /etc/squid/blocksites.txt
2007/05/21 16:22:32|
hi all,
i have an Adsl internet connection with the tiscali provider
and i just solved my problem of getting the IP address on my openbsd machine.
i wish to share my experience here, feel free to correct my english :P
tiscali's adsl support only pppoa protocol (rfc 2364) and this is a problem
if
Renaud Allard [EMAIL PROTECTED] writes:
I just used dnsstuff to test one of my domain names and it showed me
(the first time only) that my server is an openrelay, which is obviously
not true. This is due to the default behaviour of spamd of accepting
everything, even when a
Marcos Laufer wrote:
Hello,
I am testing pf in an OpenBSD 4.1. This same configuration works fine on
OpenBSD 3.9, but in 4.1 it is not filtering anything, everything is passing
thru,
just like as if there was no 'block all'. What worries me most is that
anyone
on the outside can see my ssh
I am testing pf in an OpenBSD 4.1. This same configuration works fine on
OpenBSD 3.9, but in 4.1 it is not filtering anything, everything is passing
thru, just like as if there was no 'block all'.
Is pf enabled? (pfctl -si)
Did your ruleset load ok? (pfctl -sr)
What worries me most is that
Marcos Laufer [EMAIL PROTECTED] writes:
I am testing pf in an OpenBSD 4.1. This same configuration works
fine on OpenBSD 3.9, but in 4.1 it is not filtering anything,
everything is passing thru, just like as if there was no 'block
all'.
Are you sure that your rule set actually does get
WPA is not implemented in OpenBSD
On 5/22/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Hello!
The man page of the wpi driver states that WEP is supported, but i
cannot
see WPA (WPA2) mentioned.
I have a laptop with a 3945 wifi chipset that works under linux
with WPA2.
I need WPA2,
Hi list.
My network is extremely strange i know, nothing i can do about about it.
Just working with what i got.
I have a local network 10.0.0.0/16. This local network has several
gateways to the internet. for example 10.0.1.1, 10.0.2.1, 10.0.3.1 are
all gateways to the net. I want to make a
Peter N. M. Hansteen wrote:
Renaud Allard [EMAIL PROTECTED] writes:
I just used dnsstuff to test one of my domain names and it showed me
(the first time only) that my server is an openrelay, which is obviously
not true. This is due to the default behaviour of spamd of accepting
everything,
Renaud Allard [EMAIL PROTECTED] writes:
Indeed, but it could cause you to get blacklisted by some automated
checkers, which is clearly something you don't want. I know this kind of
checker is not accurate, but some local checkers will do it that way and
you will end up with the problems.
The following items are clearance priced and will
be discontinued after our in stock quantity has
been sold.nbsp; Please click on the corresponding
link to order a product.nbsp; Please forward to
anyone who may find it useful.nbsp; Thank you for
your continuing patronage.
Product and Price
Peter N. M. Hansteen wrote:
Renaud Allard [EMAIL PROTECTED] writes:
Indeed, but it could cause you to get blacklisted by some automated
checkers, which is clearly something you don't want. I know this kind of
checker is not accurate, but some local checkers will do it that way and
you will
On 2007/05/22 14:49, Renaud Allard wrote:
I speak mostly of SMTP-time checkers. Imagine you are sending a mail to
someone and while you are doing the SMTP transaction, the remote host
also connects to your server to see if it may be an openrelay.
They are broken then... Workaround: use
Hello, all!
I run an OpenBSD 4.0 system, all patches installed. The installation is
rather basic, the only port open to the world is ssh, which provides
access to a subversion server and to shell logins, both via keys, or
one-time :skey passwords. As the system is exposed to the net, I
Stuart Henderson wrote:
They are broken then... Workaround: use different mailer instances on
different IP addresses for incoming and outgoing mail (this is often a
good idea anyway).
This workaround only works if the checker connects to your MX, not to
the host sending the mail. I know they
On Sat, May 19, 2007 at 10:16:33PM -0700, Bryan Vyhmeister wrote:
On May 18, 2007, at 2:09 PM, Daniel Ouellet wrote:
[drive 137GB on Sun X1?]
No it doesn't. I have about 30 of them and putting any drives
bigger then that will simply not work. Well, actually it work, but
you can't use
On 2007/05/22 15:50, Renaud Allard wrote:
Stuart Henderson wrote:
They are broken then... Workaround: use different mailer instances on
different IP addresses for incoming and outgoing mail (this is often a
good idea anyway).
This workaround only works if the checker connects to your
Stuart Henderson wrote:
On 2007/05/22 15:50, Renaud Allard wrote:
Stuart Henderson wrote:
You wouldn't need spamd on the address of a send-only instance..
(if mail's only submitted on 587/465 or from known address ranges, it
could just RST port 25 to the rest of the world).
Good point :)
Renaud Allard wrote:
I think a better solution would be for *more* people to use greylisting
implementations which do this, so that more MSexchange users will either
bother Microsoft to fix their bug, or script 'net stop smtpsvc;net start
smtpsvc' to run a few times a day so they can send
On 2007/05/22 17:12, Renaud Allard wrote:
I have only seen this when the 4xx error is sent at DATA time, not when
sent at RCPT TO.
How about: --i-dont-want-to-receive-mail-from-people-using-exchange-2003
and --i-dont-want-to-receive-mail-from-people-using-callout-verification
Those are
Hello ,
Just found out what was wrong. I knew that the ruleset was allright...
I just forgot to activate pf by placing pf=YES in rc.local.conf
I'm glad that OpenBSD works just fine, and it's me who needs to be repaired
:)
I am very sorry for the noise , thanks to everybody for the tips and
On May 22, 2007, at 7:09 AM, T. Ribbrock wrote:
On Sat, May 19, 2007 at 10:16:33PM -0700, Bryan Vyhmeister wrote:
That's too bad. I was hoping I could put larger drives in them. Oh
well, 120 GB it is.
Maybe you can use the same approach I used with my U10 - I've put in a
Promise PCI IDE
On 22/05/07, T. Ribbrock [EMAIL PROTECTED] wrote:
I don't know whether the X1 has free PCI slots, but if it has, it might
be an option.
I just checked mine. It has no PCI slots, however there are USB ports.
You could add an external one, but I wouldnt rely on it for production
environments.
I just moved my super-fantastic spamd soekris in front of a new mail
server that requires SMTP Auth to send mail... and it broke. No one
can send mail from that server.
My old server didn't require SMTP Auth and it worked fine.
I couldn't find anything in the docs or on the net that suggests
On Mon, May 21, 2007 at 08:41:18AM +0200, [EMAIL PROTECTED] wrote:
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Anthony Howe
Sent: 18 May 2007 07:00 PM
Cc: misc@openbsd.org
Subject: Re: flowcharts
[EMAIL PROTECTED] wrote:
Thanks to
Stuart Henderson wrote:
On 2007/05/22 17:12, Renaud Allard wrote:
I have only seen this when the 4xx error is sent at DATA time, not when
sent at RCPT TO.
How about: --i-dont-want-to-receive-mail-from-people-using-exchange-2003
and
Stephen Schaff wrote:
I just moved my super-fantastic spamd soekris in front of a new mail
server that requires SMTP Auth to send mail... and it broke. No one
can send mail from that server.
My old server didn't require SMTP Auth and it worked fine.
i have spamd setup at work and have users
I just used dnsstuff to test one of my domain names and it showed me
(the first time only) that my server is an openrelay, which is obviously
not true. This is due to the default behaviour of spamd of accepting
everything, even when a spamd.alloweddomains file is present. I think
this could
have your smtp-auth people use port 587/465[1]. That will also solve
the problem of traveling users being blocked at public access points.
[1] smtp+sasl or smtp wrapped in ssl, depending on the client. Don't
forget to enable this in your MTA.
On 2007 May 22 (Tue) at 10:22:19 -0600
Bob Beck wrote:
Any automated test I've ever set up for open relay, (and I run
them) as well as any sane ones I ever see test for open relay by
actually relaying a message not looking at the smtp dialoge.
You're making much ado over nothing and spreading FUD -
the tester you
Jacob Yocom-Piatt wrote:
Renaud Allard wrote:
I think a better solution would be for *more* people to use greylisting
implementations which do this, so that more MSexchange users will
either
bother Microsoft to fix their bug, or script 'net stop smtpsvc;net
start
smtpsvc' to run a few
Bob Beck wrote:
Any automated test I've ever set up for open relay, (and I run
them) as well as any sane ones I ever see test for open relay by
actually relaying a message not looking at the smtp dialoge.
You're making much ado over nothing and spreading FUD -
the tester you
Hi,
does anybody get on a OpenBSD 4.x tcpdstat installed?
Tcpdstat from
http://staff.washington.edu/dittrich/talks/core02/tools/tcpdstat-uw.tar
is a very nice tool to get summary information of a tcpdump file.
The output includes the number of packets, the average rate and its standard
Since having users change their settings can be problematic in many
environments, instead change the MX record. This way you can
implement spamd right away and your users will not have to change
anything. Though I would suggest moving the users to 587/465 in the
future so that they don't
We've been having a locking up problem with our openbsd based router for a
while now. I upgraded to 4.1 about a week ago and so far it has not locked.
Later this week we have scheduled some time to take down the router and run
some memory / disk tests on it to make sure its not a hardware
I just noticed this which seemed a little unusual, so thought I'd throw
it out here in case anyone's interested in looking at it.
I just mounted a CD on my desktop machine to copy some files across to
my laptop (in this case OpenBSD 4.1 CD1, but the same happens with other
CDs that I tried).
I
I still want to push this little points directly from the OpenLDAP faq:
* back-ldbm is /obsolete/ and /should not be used/.
*As a historical note, the back-ldbm code is a direct descendant of the
original University of Michigan code. The age of the code and its
byzantine data structures were
Hi,
On Fri, 11.05.2007 at 08:33:03 -0400, Lars D. Noodin [EMAIL PROTECTED] wrote:
However, by connecting MS Windows machines into your VPN you neutralize
many of the security benefits that you may have in place.
I'd say that depends on your setup. Imho, for many people, using a VPN
is meant to
Hi.
I know this is not a proper bug report, but I wanted to know if other
landisk owners experienced the infamous re0: watchdog timeout?
When using the landisk as NFS server, I can't write to it without
getting this error which basically cut the network for a minute.
I have hundreds of entries
Trust me - bit the bullet and change to 587/465 anyway.
we had to for road warriors because 25 is blocked in so many
places anyway from walkups. You're better just getting your
users to switch.
* Chad M Stewart [EMAIL PROTECTED] [2007-05-22 12:46]:
Since having users change
Darth Lists wrote:
Unfortunately, this little MS-behaviour is very likely to be the last
straw that gets our greylisting turned off here.
Despite my logs that prove that greylisting has removed over 95% of
incoming spam before spamassassin has to deal with it, the fact that
some legitimate
That's a really good point. However we have about 200 users we'd have
to get to switch their mail settings - 99% of don't know what mail
settings are of course.
Changing ports could prove very painful. I will definitely consider
it though, given how painful email is without greylisting.
just deduced from trial and error. Also greylisting should happen at
RCPT TO, and probably not at DATA as there are some widely used MTAs
that are buggy and choke when a 4xx error is sent in the DATA phase.
I've been running this at DATA for months, and not seen any
issues with it.
Write them step by step instructions, with screenshots for the client
they use. Tell them they have 30 days (for example), remind them at 15
and the day before.
I've done the above at several work sites (400ish and 50ish), and once
management was on board, it was very simple. A tiny bit of
Stephen Schaff wrote:
That's a really good point. However we have about 200 users we'd have to
get to switch their mail settings - 99% of don't know what mail settings
are of course.
Changing ports could prove very painful. I will definitely consider it
though, given how painful email is
On Mon, May 21, 2007 at 12:50:05AM +0200, Martin Toft wrote:
On Sun, May 20, 2007 at 12:02:11PM -0700, Myk Taylor wrote:
I used to have this problem as well. It went away when I upgraded
the remote endpoint (your AP, in this model) to OpenSSH_4.5p1.
Okay. Thanks for the advice :)
I'll
arlo guthrie
...
We walked in, sat down, Obie brought up the the help desk page with
the twenty seven 800 x 600 colour glossy screenshots with circles and
arrows and a paragraph below each one explaining what each one was to
be used to show Windows users what to do. Luser came in and
Bob Beck wrote:
just deduced from trial and error. Also greylisting should happen at
RCPT TO, and probably not at DATA as there are some widely used MTAs
that are buggy and choke when a 4xx error is sent in the DATA phase.
I've been running this at DATA for months, and not seen any
I manage about 30 mail servers, all using greylisting for years (not
OpenBSD spamd, but a version running in the MTA). But as I greylist at
RCPT TO, I only noticed the problem it when clamav did go down and the
server was producing a 4xx error at DATA when it should have scanned the
mail.
We have a need for a low power OpenBSD device or handheld that can connect
to a small SCADA device (serial or USB) to collect some temperature and
voltage data, plus control one light switch, on a remote solar powered
wifi repeater tower.
Any suggestions on the lowest powered OpenBSD runnable box
Bob Beck wrote:
I have definately seen issues here with other implemntations,
because the 4XX code given, the XX's matter... Have you seen
this with OpenBSD spamd? (As opposed to something else..)
I have seen this with 451 errors, not on spamd but with the exact same
error code as
On 2007/05/22 15:54, Austin Hook wrote:
We have a need for a low power OpenBSD device or handheld that can connect
to a small SCADA device (serial or USB) to collect some temperature and
voltage data, plus control one light switch, on a remote solar powered
wifi repeater tower.
Soekris 4501
Ah, yes. That refers to normal instructions, usually by corporations
that charge you obscene amounts of money to send you gibberish. But it
is possible to write instructions that people can follow. And if you get
mgmt to agree, you can require people read your instructions. Do this,
or your
Hi,
We have a need for a low power OpenBSD device or handheld that can connect
to a small SCADA device (serial or USB) to collect some temperature and
voltage data, plus control one light switch, on a remote solar powered
wifi repeater tower.
Any suggestions on the lowest powered OpenBSD
On Tue, 22 May 2007 16:08:10 -0600, Bob Beck wrote:
arlo guthrie
...
We walked in, sat down, Obie brought up the the help desk page with
8snip
And you can get anything you want at Bob Beck's Restaurant,
as long as it's moose!
Loved it Bob!
You are not just a good coder.
Thanks, the
On 5/19/07, Reiner Jung [EMAIL PROTECTED] wrote:
At the moment the OpenBSD core system is not controlled by the EAR so long
you don't download it
from a US server.
As a private person it is not a problem, but when a company want use
OpenBSD and there is US crypto
in, the thing will become very
We have a need for a low power OpenBSD device or handheld that can connect
to a small SCADA device (serial or USB) to collect some temperature and
voltage data, plus control one light switch, on a remote solar powered
wifi repeater tower.
Soekris 4501 or 4801 would be ideal, they use around
Thus Austin Hook [EMAIL PROTECTED] spake on Tue, 22 May 2007
15:54:32 -0700 (MST):
We have a need for a low power OpenBSD device or handheld that can
connect to a small SCADA device (serial or USB) to collect some
temperature and voltage data, plus control one light switch, on a
remote solar
63 matches
Mail list logo