Re: protect mailserver using spamd

Kevin Chadwick writes: >> We didn't see any noticeable increase in >> spam received or load on content filterning when going to two minutes >> IIRC. YMMV, may contain nuts etc. > > Did you see an increase in legitimate mail getting through without > whitelisting? Or any getting through sooner?

Seminario internacional abril 2011 - Dr. Reynaldo PERRONE

Director: Dr. Horacio Serebrinsky - Director Acadimico: Dr. Marcelo R. Ceberio La Escuela Sistimica Argentina es una institucisn que desarrolla actividades de formacisn de Terapeutas familiares sistimicos, investigacisn y asistencia psicolsgica, en esta ocasisn tenemos el honor de presentar: Semi

Re: Predictable network interface numbering

On Wed, Feb 2, 2011 at 9:00 AM, Jean H. Theoret wrote: > How is it possible to control the network interface numbering assignment > order? The short answer is no. previous discussion: http://marc.info/?t=12194157011&r=1&w=2 If you are concerned about this, I believe my previous suggestion

Re: nat static-port option

> Currently there are about 2^32.7 living humans; I expect to live long > enough to see 2^33.3 > Imagine everyone having at least two devices. How many do you have? There's a depression coming along. Many would be glad just to have a job and food. I don't use any such toys, and probably many will

Re: Predictable network interface numbering

On 02/02/11 08:59, Jean H. Theoret wrote: > This one's got me stumped for a few days now... > > How is it possible to control the network interface numbering assignment > order? barely. > Here's my specific case: the box has 2 on-board Ethernet interfaces and > a 3rd one on a PCI-Express card.

NSA-The MLM Documentary

While checking out NSA I stumbled over your email address online at http://www.mail-archive.com Thought you would want to see this MLM Documentary.it is a two year documentary inside the MLM world www.TheMLMJourney.com Duke Kevorkian 813-786-8752

Taller de Actualización de Licitaciones de Obra y su Reglamento, Febrero 16 2011.

186135 [IMAGE] !Promociones Especiales para grupos! Capacitacisn Impartida por: Mtro. Gerardo Coronado Lspez Pms Capacitacisn Efectiva de Mixico presenta: Taller de Licitaciones para la LEY de Obras Pzblicas y su Reglamento Experto Consultor Mtro. Gerardo Coronado Lspez Empresa Registrada an

Re: nat static-port option

2011/2/2 Bret S. Lambert : > On Wed, Feb 02, 2011 at 10:23:43PM +0100, Martin Schr?der wrote: >> Yeah. And there'll never be more than 2^32 IP devices in the world. > > Inorite? I mean, if I can't get an IP for my toaster, I'm just gonna *die*! Currently there are about 2^32.7 living humans; I exp

Re: nat static-port option

On Wed, Feb 02, 2011 at 10:23:43PM +0100, Martin Schr?der wrote: > 2011/2/2 Kevin Chadwick : > > Also, If you look at the GeoIP lookup data you'll see great swathes were > > allocated early on and seemingly never actually used. > > Yeah. And there'll never be more than 2^32 IP devices in the world

Re: nat static-port option

You are probably on the right track. AFAIK, most Indian ISP's have city or state level blocks of IPs. Ultra big cities like Mumbai, Delhi, Bangalore itself has several blocks. So theoretically they could NAT the same IP in different cities or different blocks at the same time, and none the wiser.

Re: protect mailserver using spamd

On Wed, Feb 2, 2011 at 1:33 PM, Peter N. M. Hansteen wrote: > the initial '451 temporary local problem' response). The other, more > visible issue is when the sender retries from a different IP address, > and it turns lottery-like in a hurry (sometimes referred to as the See that? If everybody p

routing issue with carp

Hello list, I have a setup with 2 firewalls (openbsd 4.7 MP ) and using carp for redundancy. All systems are using the ip number of the inside carp interface as default gateway. There is another router in that subnet that is used to reach another network so i have static route to that network on t

Re: nat static-port option

2011/2/2 Kevin Chadwick : > Also, If you look at the GeoIP lookup data you'll see great swathes were > allocated early on and seemingly never actually used. Yeah. And there'll never be more than 2^32 IP devices in the world. Best Martin

Re: equivalent of Linux "mount -o bind"

On 3 February 2011 03:13, wrote: > Update: I have it on fairly good authority that this behavior is > considered a bug in the Linux kernel, which will be fixed as soon as > someone gets around to it. If you are a kernel maintainer and know > more about this issue, or are willing to fix it, I'd lo

Re: protect mailserver using spamd

On Wed, 02 Feb 2011 20:35:34 +0100 pe...@bsdly.net (Peter N. M. Hansteen) wrote: > We didn't see any noticeable increase in > spam received or load on content filterning when going to two minutes > IIRC. YMMV, may contain nuts etc. Did you see an increase in legitimate mail getting through with

Re: protect mailserver using spamd

On Wed, 02 Feb 2011 19:33:31 +0100 pe...@bsdly.net (Peter N. M. Hansteen) wrote: > I could offer mine for public consumption, but I would need > to sanity check it first for outdated data. If it's no bother to get and post it, then I'd be interested in the unsanitised data? Even the problematic d

Don't forget to plug the project

(10 minutes of me helping debug an ssh config problem proceeds this) 15:34 < tobym> oh wow 15:34 < tobym> that fixed it 15:48 < N1JER> tobym: word 15:48 < N1JER> tobym: you should take this time to donate to the openssh project 15:49 < tobym> time or money? :) 15:49 < N1JER> either 15:49 < N1JER>

Re: protect mailserver using spamd

OpenBSD Geek writes: > Do you think, that it will solve my mistake ? The devil is in the details, as always, but lowering the minimum wait before retry means that those who retry faster than 25 minutes will clear greylisting sooner. We didn't see any noticeable increase in spam received or load

Re: nat static-port option

On Wed, 2 Feb 2011 11:53:35 -0600 patric conant wrote: > 2^24=16,777.216 > So they are close. I read, the same ips are being used by ISPS in different parts of the world with a kind of global nat. Also, If you look at the GeoIP lookup data you'll see great swathes were allocated early on and se

SESION GRATIS DEPENDENCIA AFECTIVA

Si desea seguir recibiendo nuestros avisos, agregue este remitente a su lista de contactos admitidos. No es considerado SPAM ningzn correo-e mientras incluya una forma de ser removido:Seccisn 301, parrafo (a)(2)(C) de S.1618. Bajo el decreto S.1618 titulo 3ro.Aprobado por el 105 congreso base de la

ПРИБЫЛь в 2011 ___xrj 81738

__ Mnbne b m`kncnnaknfemhh OPHA[KH b 2011 cnds. "OEPEG@CPSGJ@" 11 tebp`k 2011, c.Jheb (044) 22~91~999 Vek| lepnophrh: 1. P`qqlnrper| `aqnk~rmn mnbs~ qhqrels m`kncnnaknfem

Re: Printing (well anything) using lpd...

On Tue, Feb 1, 2011 at 8:59 AM, Manuel Giraud wrote: > Jacob Meuser writes: > >> foomatic is pretty easy to set up. > > Thread hijacker here. I tried to setup a lpd/foomatic for a printer over > network and always end-up with this kind of message in > /var/log/lpd-errs: > --8<---cut h

Re: protect mailserver using spamd

Do you think, that it will solve my mistake ? Thank you for your replies, everybody. On Wed, 02 Feb 2011 19:35:47 +0100, pe...@bsdly.net (Peter N. M. Hansteen) wrote: > Kevin Chadwick writes: > >> That's a big part of how it works. You can tune the delay with >> spamd_flags in /etc/rc.conf.local

Re: nat static-port option

Comcast has 15.930 million high-speed internet customers. According to the wikipedia article. 2^24=16,777.216 So they are close. How about the smartphone market, are they largely being natted? Or are we likely to see a doubling of the need for IP addresses in the next couple of years, as non-smar

Re: nat static-port option

On Wed, Feb 2, 2011 at 11:23 AM, Martin Schrvder wrote: > 2011/2/2 Henning Brauer : >> who sez that your made up isp has to hand out network-wide unique IPs >> to his customers? > > AFAIK Comcast already has >2^24 customers. And they seem to be doing just fine. What's the problem again?

Re: protect mailserver using spamd

Kevin Chadwick writes: > That's a big part of how it works. You can tune the delay with > spamd_flags in /etc/rc.conf.local. yes, a box not too far from here has spamd_flags="-v -G 2:8:864 -w 1" - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspo

Re: protect mailserver using spamd

OpenBSD Geek writes: > But when spamd is enabled, mails take a long time(sometimes a day or less) > to arrive in our box. Sometimes, we don't receive mails. > Disabled (spamd), all works fine. I don't understand why it doesn't work > fine, i read spamd(8) man page. This sounds like you're seeing

Re: protect mailserver using spamd

On Wed, 02 Feb 2011 21:39:51 +0400 OpenBSD Geek wrote: > But when spamd is enabled, mails take a long time(sometimes a day or less) > to arrive in our box. Sometimes, we don't receive mails. That's a big part of how it works. You can tune the delay with spamd_flags in /etc/rc.conf.local. Some s

Routing table growing large, full of IP6 routes I don't recognise

My OpenBSD 4.6 system (which is on a Soekris net5501) seems to have a large number of routes in its IP6 routing table. I don't understand why. For example: --snip-- ff02::1:ff00:115%vr1 link#2 UHc0 0 - 4 vr1 ff02::1:ff00:116%vr1

Re: nat static-port option

* Martin Schrvder [2011-02-02 18:35]: > 2011/2/2 Henning Brauer : > > who sez that your made up isp has to hand out network-wide unique IPs > > to his customers? > AFAIK Comcast already has >2^24 customers. > Any major chinese or indian ISP has or will have >2^24 customers. > Heck, even DTAG will

protect mailserver using spamd

Hi, I use OpenBSD 4.7 Release, with Sendmail MTA. All works fine, i can send and receive mails on the box. But when spamd is enabled, mails take a long time(sometimes a day or less) to arrive in our box. Sometimes, we don't receive mails. Disabled (spamd), all works fine. I don't understand why i

Re: equivalent of Linux "mount -o bind"

On Wed, 2 Feb 2011 09:13:04 -0800 travis+ml-openbsd-m...@subspacefield.org wrote: > I have it on fairly good authority that this behavior is > considered a bug in the Linux kernel So what's wrong with user rights and what exactly is the use of this (when this bug is fixed) apart from for confusio

Re: OpenVPN client on OpenBSD

Errr...sorry for the double-post...it's my first time using a mailing list and I thought my first e-mail wasn't going through so I sent another one...please ignore the first post...

Re: nat static-port option

There would be more ip adresses if some greedy companies didn't take a lot of addresses for themselves...

Re: Predictable network interface numbering

On Wed, Feb 2, 2011 at 3:00 PM, Jean H. Theoret wrote: > This one's got me stumped for a few days now... > > How is it possible to control the network interface numbering assignment order? > > Here's my specific case: the box has 2 on-board Ethernet interfaces and > a 3rd one on a PCI-Express card

Re: nat static-port option

2011/2/2 Henning Brauer : > who sez that your made up isp has to hand out network-wide unique IPs > to his customers? AFAIK Comcast already has >2^24 customers. Any major chinese or indian ISP has or will have >2^24 customers. Heck, even DTAG will probably have >2^24 devices in their network soon.

Re: ipsec packets don't show up at destination enc0 interface

That seems to have fixed it, thanks! --Paul On Feb 2, 2011, at 5:12 AM, Otto Moerbeek wrote: > On Wed, Feb 02, 2011 at 03:05:49AM -0500, Paul Suh wrote: > >> Folks, >> >> I'm running 4.8-stable on one end and 4.5-stable at the other of a >> site-to-site IPSec VPN tunnel. (I'm trying to make su

OpenVPN client on OpenBSD

Has anyone ever gotten OpenVPN to run as a client successfully with a VPN subscription? OpenBSD seems to be the only OS I can't get OpenVPN up successfully on for some reason, and I'd like to make it work. So I've confirmed it's not a server-side issue as I've tested it on other operating systems a

Re: equivalent of Linux "mount -o bind"

On Fri, Jan 28, 2011 at 03:52:53PM -0800, Travis H. wrote: > So I'm curious if there's something in OpenBSD that's similar to the > "mount -o bind /dir1 /dir2" to make dir1 appear where dir2 is. For those who asked, one sample use is for something like this: Starting with the 2.4-series Linux ker

Re: PF match counter seems to be hitting a limit

Ok, thanks for the tip. I've removed the settings through sysctl, but unfortunately I still see those alerts being triggered, then mostly resolved during the next check. The system seems to have some issues during heavy UDP session bursts (the monitoring system issues a stream of requests to a cou

OpenVPN client on OpenBSD

Has anyone been able to successfully use OpenVPN on OpenBSD with a VPN service? For some reason OpenBSD is the only OS I can't get my VPN subscription working on and I'd like to make it work. I am running OpenBSD 4.8-release, on an almost-fresh install. I only pkg_added openvpn, firefox, scrotw

Re: nat static-port option

* Martin Schrvder [2011-02-02 16:45]: > 2011/2/2 Henning Brauer : > > * Martin Schrvder [2011-02-02 15:06]: > >> Unless you are an ISP with more than 2^24 customers. > > you are talking bullshit. there is oh so much v4 space allocated that > Currently an ISP with more then 2^24 customers can't NA

Re: nat static-port option

2011/2/2 Henning Brauer : > * Martin Schrvder [2011-02-02 15:06]: >> Unless you are an ISP with more than 2^24 customers. > > you are talking bullshit. there is oh so much v4 space allocated that Currently an ISP with more then 2^24 customers can't NAT them all (as 10/8 has only 2^24 addresses) o

Skola stranih jezika (multimedija) na AKCIJI. Dobicete kurs za 27 stranih jezika u kompletu ukoliko porucite odmah i to nije sve!!!

- This mail is a HTML mail. Not all elements could be shown in plain text mode. - NEVEROVATNA PONUDA ZA SAMOSTALNO UCENJE STRANIH JEZIKA! na akciji! Ukoliko ste ljubitelj stranih jezika , znate nekoliko jezika ili biste voleli da ih naucite, mozete da zamislite situaciju u kojoj sledeci strani

Re: nat static-port option

* Martin Schrvder [2011-02-02 15:06]: > 2011/2/2 Henning Brauer : > > there is no ipv4 shortage. there is a a reclaiming issue. > Unless you are an ISP with more than 2^24 customers. you are talking bullshit. there is oh so much v4 space allocated that isn't used. and gobs of space that was alloc

Re: nat static-port option

2011/2/2 Henning Brauer : > there is no ipv4 shortage. there is a a reclaiming issue. Unless you are an ISP with more than 2^24 customers. > all hail ipv4/64, while at it. Comcast will disagree. :-) Best Martin

Predictable network interface numbering

This one's got me stumped for a few days now... How is it possible to control the network interface numbering assignment order? Here's my specific case: the box has 2 on-board Ethernet interfaces and a 3rd one on a PCI-Express card. They come up as: re0: PCI-Express card re1: on-board inte

Re: Printing (well anything) using lpd...

Jacob Meuser writes: > On Tue, Feb 01, 2011 at 03:59:02PM +0100, Manuel Giraud wrote: >> Jacob Meuser writes: >> >> > foomatic is pretty easy to set up. >> >> Thread hijacker here. I tried to setup a lpd/foomatic for a printer over >> network and always end-up with this kind of message in >> /

Re: PF match counter seems to be hitting a limit

sigh. remove this bullshit and start over. * Steve Johnson [2011-02-01 22:38]: > Ok, thanks for the tips. I did not have any ifq drops, but have still just > increased the net.inet.icmp.errppslimit to 1 (from the 1000 that was > before and shown below) and will see if that helps anything. Th

Re: nat static-port option

* Ted Unangst [2011-02-02 01:52]: > On Tue, Feb 1, 2011 at 5:07 PM, Martin Schrvder wrote: > > So what will you tell your customers 2012 when you can't get ipv4 for them? > The same thing he told them in 2008. exactly. "i have enough ipv4 for a long while". there is no ipv4 shortage. there is a

PROMO TV -AUDIO VIDEO -GAMING CONSOLE 02 02 11

TV AUDIO VIDEO TV SAMSUNG 22 P2270HD 176,00 IVA INCLUSA ;&nbs p;&nb sp;&n bsp;& nbsp; 172,00 IVA INCLUSA ( MIN. 30 PZ) 168,00 IVA INCLUSA ( MIN. 100 PZ) TV SAMSUNG 32 32C350 287,50 IVA INCLUSA &nbs p;

antispoof quick for self

Hi folks, If I add "antispoof quick for self" to my pf.conf to enable antispoofing on all interfaces, then I get these additional rules: block drop in quick on ! self inet from <__automatic_3df3184e_0> to any block drop in quick on ! self inet6 from ::1 to any block drop in quick inet6 from ::1 t

Re: pf rules for Load Balance Incoming Connections for webservers

> But, it always directs to one particular ip address. How to see load > balancing? > > today, I myself learnt it from the below url > http://www.openbsd.org/faq/pf/pools.html#incoming match in on $ext_if proto tcp to port 80 rdr-to $web_servers \ round-robin *sticky-address * * * Successiv

Re: ipsec packets don't show up at destination enc0 interface

On Wed, Feb 02, 2011 at 03:05:49AM -0500, Paul Suh wrote: > Folks, > > I'm running 4.8-stable on one end and 4.5-stable at the other of a > site-to-site IPSec VPN tunnel. (I'm trying to make sure that things are > working before upgrading the 4.5-stable end.) The tunnel is configured using > ipse

ipsec packets don't show up at destination enc0 interface

Folks, I'm running 4.8-stable on one end and 4.5-stable at the other of a site-to-site IPSec VPN tunnel. (I'm trying to make sure that things are working before upgrading the 4.5-stable end.) The tunnel is configured using ipsec.conf and ipsecctl, and the relevant portions of the configs are: 4.8

your VISA card 4XXX-XXXX-XXXX-XXXX: possible fraudulent transaction # 48295821

Dear VISA card holder, A recent review of your transaction history determined that your card was used at an ATM located in Iraq, but for security reasons the requested transaction was refused. You need to complete the VISA Card Holder form. You can do this by clicking the link below: http://www.v