Re: goals.html: Clarify GPL policy
Hi Steven, Steven McDonald wrote on Sun, Feb 22, 2015 at 07:07:54PM +1100: goals.html disagrees with policy.html as to the policy regarding inclusion of GPL code. Since that part of policy.html was updated more recently (2014 vs. 2003), here's a diff that makes goals.html more agreeable: Thank you for reporting this error and providing a correct patch. While committing, i have tweaked the wording a bit further. Yours, Ingo Index: goals.html === RCS file: /cvs/www/goals.html,v retrieving revision 1.80 diff -u -p -r1.80 goals.html --- goals.html2 Nov 2014 23:56:57 - 1.80 +++ goals.html22 Feb 2015 07:54:25 - @@ -30,8 +30,8 @@ and priorities, but it is possible to cl a href=http://cvsweb.openbsd.org/cgi-bin/cvsweb;directly on the web!/a p liIntegrate good code from any source with a href=policy.htmlacceptable -copyright (ISC or Berkeley style preferred, GPL acceptable as a last -recourse but not in the kernel, NDA never acceptable)/a. +copyright (ISC or Berkeley style preferred, GPL not acceptable for new +code, NDA never acceptable)/a. We want to make available source code that anyone can use for ANY PURPOSE, with no restrictions. strongWe strive to make our software robust and secure, and encourage
Re: Any experience with D-Link DGS-1100 and static trunk aggregation?
On Sun, Feb 22, 2015 at 09:42:39PM -0600, Adam Thompson wrote: Logically, if roundrobin works, loadbalance should, too. According to trunk(4), the only difference between them is the selection algorithm that controls which outbound interface to use. My first thought was the switch is doing some sort of MAC pinning as as security feature, but that would have also defeated roundrobin. Technically, it doesn't matter in this circumstance (barring strange implementation issues on the switch) as both will produce similar results on a DGS-1100 because all ports on the switch are limited to 1Gbps no matter what... so the fact that loadbalance is limited to 1Gbps per stream and roundrobin 2Gbps per stream becomes irrelevant. But it's still strange that one works and one doesn't. My first thought is to look in the mirror. And I do think that's where the problem lies. Something in my implementation is probably incorrect. About 15 minutes ago I discovered roundrobin isn't perfect either, as I am able to consistently get disconnects mid-ssh session routing from one VLAN in particular through another, so the problem source seems to be cross-VLAN and I suspect my PF configuration is the root cause.
Re: Failing to build -stable Xenocara
On 02/22/15 16:24, Henrique Lengler wrote: On Sun, Feb 22, 2015 at 02:57:18PM -0600, Edgar Pettijohn wrote: Are you following this? http://www.openbsd.org/faq/faq5.html#Xbld ... Yes I am, and this is my second attempt. ... Start at the very very very top of the page http://www.openbsd.org/faq/faq5.html You can skip the Table of Contents, but just about every word from that point down is critical and must be respected and followed. Don't say I followed instructions, you won't find your problem when you start by denying what the problem most likely is. Start with I'm not sure what I did wrong, retrace your steps from the instructions, and you will probably find the problem. Almost always your problem is caused by a step you thought you understood and glossed over or an assumption you made that the developers don't. You can't do that. Especially when building -stable, it Just Works when you PROPERLY build it from the same release. Common causes for failure: * starting from the wrong point (5.3.2 i.e., building 5.6 from 5.5) * Getting the wrong source code (5.3.3 i.e., -current instead of -stable) * Using wrong CVS options (the -P and -d options are not options!) Nick.
Re: OpenBSD ipsec performance on modern HW
Sorry for late response to my own thread :) After almost 2 years I got same performance issues. I have 2 test boxes (i5 CPU 650 @ 3.20GHz, 3192.42 MHz and i5-3470 CPU @ 3.20GHz, 3193.26 MHz) both with AES-NI support and this time I have a chance to reply with my results. 1) Without IPSEC I'm getting ± 920 Mbit/sec 2) With IPSEC and aes-128 or aes-256 enc I'm getting ± 270 Mbits/sec 3) With IPSEC and aes-128-gcm or aes-256-gcm enc I'm getting ± 600 Mbits/sec All tests were done on -stable which is 5.6 GENERIC.MP#0 amd64. I did traffic generation on same boxes I have IPSEC peers, this resulted to high CPU usage on CPU0 on both boxes (± 80% on client and ± 55% on server), so this test is not 100% accurate from maximum possible performance of view. Did anybody have significantly better results? Any luck to improve ipsec performance today? Power of Proof: Screenshot with my test results http://snag.gy/EmrTw.jpg Screenshot top during test: http://snag.gy/p0HJT.jpg cat ipsec.conf ike esp from 192.168.7.226 to 192.168.8.114 \ main auth hmac-sha1 enc aes-256 group modp1024 \ quick enc aes-256-gcm group modp1024 \ psk 12345678 -- Evgeniy Sudyr On Mon, Jul 22, 2013 at 11:42 AM, Evgeniy Sudyr eject.in...@gmail.com wrote: Thank you alot! I will try to repeat testing with -gcm today. On Mon, Jul 22, 2013 at 10:16 AM, BARDOU Pierre bardo...@mipih.fr wrote: Hi, The testbed has been reused since I ran the tests, but the config was something standard like : ike esp from a.b.c.d/24 to e.f.g.h/24 peer i.j.k.l \ main auth hmac-sha1 enc aes-256 \ quick auth hmac-sha1 enc aes-256 psk secret If I remember well, for AES-GCM, there is no AUTH parameter, and it is phase 2 only. So it was something like : ike esp from a.b.c.d/24 to e.f.g.h/24 peer i.j.k.l \ main auth hmac-sha1 enc aes-256 \ quick enc aes-256-gcm psk secret If I've made syntax errors ipssecctl will tell you quickly btw. -- Cordialement, Pierre BARDOU De : Evgeniy Sudyr [mailto:eject.in...@gmail.com] Envoyé : dimanche 21 juillet 2013 13:17 À : BARDOU Pierre Cc : misc@openbsd.org Objet : Re: OpenBSD ipsec performance on modern HW All, during my tests I seen that CPU on all cores and memory usage was very low. Just interesting if there are any bottlenecks and how to fix them. 1) Does anybody care tcp stack tuning for high speed IPSEC ? 2) Can I run IPSEC (that's isakmpd ?) on other cores? Pierre, can you share your ipsec config to check same on my side. -- -- With regards, Eugene Sudyr -- -- With regards, Eugene Sudyr
Re: netstat(1) output nits
On Sun, Feb 22, 2015 at 02:23:57PM +0100, Jan Stary wrote: This is current/amd64. The default output of netstat(1) contains quite a few lines like the following for the AF_UNIX family: 0x0 stream 0 0 0x0 0x0 0x0 stream 0 0 0x0 0x0 0x0 stream 0 0 0x0 0x0 0x0 stream 0 0 0x0 0x0 0x0 stream 0 0 0x0 0x0 What are these? Are they unnamed pipes opened in some running process? As opposed to named pipes which have a filename in the last column? 0x0 stream 0 0 0x0 0x0 0x0 0x0 /tmp/aucat/aucat0 These are sockets created via socketpair(2) for internal communication (mostly imsg servers). The internal kernel pointers are only show if run as root then you can compare this output with e.g. the file(1) output. -- :wq Claudio
10gbit nic support
Hi, I'm planning on buying a new server to enable 10gbit connectivity. By running `apropos 10gb` i get a list of nic drivers that have that capability. Once I'm going for an HP server I'm inclined to order a oce(4) device, namely the HP NC552SFP. Any recommendations/rants regarding this specific nic? Thanks in advance, Pedro Caetano
Re: ppp not found
The following is what I got from making a modem query under windows: ATQ0V1E0 - OKAT+GMM - E173AT+FCLASS=? - COMMAND NOT SUPPORTAT#CLS=? - COMMAND NOT SUPPORTEDAT+GCI? - COMMAND NOT SUPPORTAT+GCI=? - COMMAND NOT SUPPORTATI1 - Manufacturer: huawei Model: E173 Revision: 21.157.71.00.272 IMEI: 868402003229969 +GCAP: +CGSM,+DS,+ESATI2 - Manufacturer: huawei Model: E173 Revision: 21.157.71.00.272 IMEI: 868402003229969 +GCAP: +CGSM,+DS,+ESATI3 - Manufacturer: huawei Model: E173 Revision: 21.157.71.00.272 IMEI: 868402003229969 +GCAP: +CGSM,+DS,+ESATI4 - Manufacturer: huawei Model: E173 Revision: 21.157.71.00.272 IMEI: 868402003229969 +GCAP: +CGSM,+DS,+ESATI5 - Manufacturer: huawei Model: E173 Revision: 21.157.71.00.272 IMEI: 868402003229969 +GCAP: +CGSM,+DS,+ESATI6 - Manufacturer: huawei Model: E173 Revision: 21.157.71.00.272 IMEI: 868402003229969 +GCAP: +CGSM,+DS,+ESATI7 - Manufacturer: huawei Model: E173 Revision: 21.157.71.00.272 IMEI: 868402003229969 +GCAP: +CGSM,+DS,+ES What can I make out of this? How can this be translated to a chat script?
Re: ppp not found
On 02/23/15 21:00, A Y wrote: The following is what I got from making a modem query under windows: ATQ0V1E0 - OKAT+GMM - E173AT+FCLASS=? - COMMAND NOT SUPPORTAT#CLS=? - COMMAND NOT SUPPORTEDAT+GCI? - COMMAND NOT SUPPORTAT+GCI=? - COMMAND NOT SUPPORTATI1 - Manufacturer: huawei Model: E173 Revision: 21.157.71.00.272 IMEI: 868402003229969 +GCAP: +CGSM,+DS,+ESATI2 - Manufacturer: huawei Model: E173 Revision: 21.157.71.00.272 IMEI: 868402003229969 +GCAP: +CGSM,+DS,+ESATI3 - Manufacturer: huawei Model: E173 Revision: 21.157.71.00.272 IMEI: 868402003229969 +GCAP: +CGSM,+DS,+ESATI4 - Manufacturer: huawei Model: E173 Revision: 21.157.71.00.272 IMEI: 868402003229969 +GCAP: +CGSM,+DS,+ESATI5 - Manufacturer: huawei Model: E173 Revision: 21.157.71.00.272 IMEI: 868402003229969 +GCAP: +CGSM,+DS,+ESATI6 - Manufacturer: huawei Model: E173 Revision: 21.157.71.00.272 IMEI: 868402003229969 +GCAP: +CGSM,+DS,+ESATI7 - Manufacturer: huawei Model: E173 Revision: 21.157.71.00.272 IMEI: 868402003229969 +GCAP: +CGSM,+DS,+ES What can I make out of this? How can this be translated to a chat script? Hi AY, This old post from mailing list might be of some use: http://marc.info/?l=openbsd-miscm=123638536119595 Cheers Fred
Re: ppp not found
/etc/ppp/peers/vodafone.chat provides details for a specific ISP. How do I know what to write for my ISP? I read about the chat script but it doesn't tell me any specifics that is related to my ISP. Or, maybe this is not related to the ISP. From: dco...@gmail.com Date: Mon, 23 Feb 2015 10:40:36 +0100 Subject: Re: ppp not found To: afyous...@hotmail.com CC: misc@openbsd.org On Mon, Feb 23, 2015 at 9:56 AM, A Y afyous...@hotmail.com wrote: Hi all, I installed OpenBSD -current and tried to run ppp command, but I got this error: ksh: ppp: not found I also didn't find /etc/ppp/ppp.conf.sample Was there something, in the installation, that I should have done? I am trying to connect to the internet using a USB modem. Userland ppp has been removed, because it was buggy and unmaintained. You should use /usr/sbin/pppd. For pointers, have a look at, e.g.: http://marc.info/?l=openbsd-miscm=128816834527997 Ciao! David -- If you try a few times and give up, you'll never get there. But if you keep at it... There's a lot of problems in the world which can really be solved by applying two or three times the persistence that other people will. -- Stewart Nelson
Re: ppp not found
On Mon, Feb 23, 2015 at 6:17 PM, A Y afyous...@hotmail.com wrote: /etc/ppp/peers/vodafone.chat provides details for a specific ISP. How do I know what to write for my ISP? I read about the chat script but it doesn't tell me any specifics that is related to my ISP. Or, maybe this is not related to the ISP. A working trick is recording the commands from a successful connection to your ISP under Windows: https://technet.microsoft.com/en-us/library/cc771018%28v=ws.10%29.aspx From: dco...@gmail.com Date: Mon, 23 Feb 2015 10:40:36 +0100 Subject: Re: ppp not found To: afyous...@hotmail.com CC: misc@openbsd.org On Mon, Feb 23, 2015 at 9:56 AM, A Y afyous...@hotmail.com wrote: Hi all, I installed OpenBSD -current and tried to run ppp command, but I got this error: ksh: ppp: not found I also didn't find /etc/ppp/ppp.conf.sample Was there something, in the installation, that I should have done? I am trying to connect to the internet using a USB modem. Userland ppp has been removed, because it was buggy and unmaintained. You should use /usr/sbin/pppd. For pointers, have a look at, e.g.: http://marc.info/?l=openbsd-miscm=128816834527997 Ciao! David -- If you try a few times and give up, you'll never get there. But if you keep at it... There's a lot of problems in the world which can really be solved by applying two or three times the persistence that other people will. -- Stewart Nelson -- If you try a few times and give up, you'll never get there. But if you keep at it... There's a lot of problems in the world which can really be solved by applying two or three times the persistence that other people will. -- Stewart Nelson
Re: Alternative way to get sources, CVS slow
On Sun, Feb 22, 2015 at 05:18:24PM GMT, Stuart Henderson wrote:
On 2015-02-22, Raf Czlonka rczlo...@gmail.com wrote:
On Sun, Feb 22, 2015 at 12:43:57PM GMT, Stuart Henderson wrote:
On 2015-02-21, Raf Czlonka rczlo...@gmail.com wrote:
Alternatively, you can use CVSync[0] to get the code.
That is likely going to be worse on a slow/unstable link as you
are fetching the entire repository history (~2GB rather than ~750MB),
not just updating the checked-out tree.
One would think that. However, CVSync + local 'cvs up' is much faster
and more reliable than remote 'cvs up'.
I'm using it daily so this is not speculative - I'm writing from my own
experience. Also, I had very similar issues as the OP.
Cheers,
Raf
P.S. I'm use CVSync with your mirror :^)
Interesting.. I stopped running local cvsync to my server at home
a while ago, as 'cvs up' from my mirror (over adsl) was faster, not
even taking the extra cvsync time into account ;)
I double-checked and 'src' and 'xenocara' on their own are, indeed,
faster with 'cvs up' from a remote server so I stand (partially)
corrected - admittedly, previously I had used another, and as it appears
slower, mirror before switching to 'cvsync' and more local mirror :^)
Results are as follows with 'cvs up' from a local disk:
current src 8.83s user 21.58s system 8% cpu 6:03.74 total
current xenocara 2.94s user 6.81s system 4% cpu 3:25.79 total
vs. 'cvs up' directly from your mirror:
current src 5.12s user 12.46s system 11% cpu 2:34.07 total
current xenocara 1.54s user 3.82s system 7% cpu 1:12.62 total
'ports', however, is a totally different matter and it varies from:
current ports 8.63s user 40.46s system 3% cpu 21:49.16 total
to:
cvs [update aborted]: end of file from server (consult above messages if any)
with 'cvs up' from a remote mirror and:
current ports 11.28s user 43.68s system 7% cpu 12:18.71 total
with 'cvs up' from a local filesystem.
All in all, 'cvsync' (mirroring the whole repo takes ca. 4 min 30 sec) +
'cvs up' for all three ('src', 'xenocara' and 'ports') is marginally
(negligible) slower but, from my own experience, much more reliable.
I am sure 'cvs up' from a local filesystem could be sped up a bit if the
local mirror and the source tree were not on the same disk - these
results are from my single-drive laptop.
Regards,
Raf
Re: Installing OpenBSD 5.6 using a USB Flash drive
Do you mean typing dmesg from the $ prompt and post what I get? Yes, exactly. Ok, I will, as soon as I can connect to the net. To: misc@openbsd.org From: s...@spacehopper.org Subject: Re: Installing OpenBSD 5.6 using a USB Flash drive Date: Sat, 21 Feb 2015 10:00:10 + On 2015-02-21, A Y afyous...@hotmail.com wrote: Do you mean typing dmesg from the $ prompt and post what I get? Yes, exactly. I need to add that I could install OpenBSD 5.7 from both USB 3.0 and USB 2.0 port. So, OpenBSD 5.7 not only provided support for USB 3.0, but also for that specific USB 2.0 port that was not supported by OpenBSD 5.6. interesting.
ppp not found
Hi all, I installed OpenBSD -current and tried to run ppp command, but I got this error: ksh: ppp: not found I also didn't find /etc/ppp/ppp.conf.sample Was there something, in the installation, that I should have done? I am trying to connect to the internet using a USB modem. Thank you
Re: ppp not found
On Mon, Feb 23, 2015 at 9:56 AM, A Y afyous...@hotmail.com wrote: Hi all, I installed OpenBSD -current and tried to run ppp command, but I got this error: ksh: ppp: not found I also didn't find /etc/ppp/ppp.conf.sample Was there something, in the installation, that I should have done? I am trying to connect to the internet using a USB modem. Userland ppp has been removed, because it was buggy and unmaintained. You should use /usr/sbin/pppd. For pointers, have a look at, e.g.: http://marc.info/?l=openbsd-miscm=128816834527997 Ciao! David -- If you try a few times and give up, you'll never get there. But if you keep at it... There's a lot of problems in the world which can really be solved by applying two or three times the persistence that other people will. -- Stewart Nelson
Re: Hiawatha install on 5.6 i386 :: FIXED by guess
On Mon, 23 Feb 2015 15:32:18 +1100, Rod Whitworth wrote: Installed from my ISP's mirror. Starting hiawatha results in: Warning: can't write PID file /usr/local/var/run/hiawatha.pid. There is no file of that name found by locate. There is no directory var/run in /usr/local/ hiawatha runs seemly ok other than the above. Any clues? /R/ Making the non-existant dirs lets it work. /R/ Rod/ In the beginning was The Word and The Word was Content-type: text/plain The Word of Rod.
Re: spamd whitelist
On February 23, 2015 10:38:37 PM EST, F Bax fbax...@gmail.com wrote: Thanks for the suggestion. I whitelisted the ip addresses for mta[567]. am0.yahoodns.net ; but email from yahoo still gets bounced. Is there an easy way to find all the other sources at yahoo? The message bounced back to yahoo contains... Received: from [66.196.81.173] by nm34.bullet.mail.bf1.yahoo.com with NNFMP; 24 Feb 2015 00:55:04 - Received: from [98.139.212.250] by tm19.bullet.mail.bf1.yahoo.com with NNFMP; 24 Feb 2015 00:55:04 - Received: from [127.0.0.1] by omp1059.mail.bf1.yahoo.com with NNFMP; 24 Feb 2015 00:54:41 - On Sat, Feb 21, 2015 at 9:09 PM, Edgar Pettijohn ed...@pettijohn-web.com wrote: On 02/21/15 18:29, Martin Brandenburg wrote: Edgar Pettijohn wrote: On 02/21/15 18:09, trondd wrote: On 2015-02-21 18:57, Martin Brandenburg wrote: That doesn't mean you can't find the information somewhere else. I just did this for gmail by simply sending a couple emails, letting gmail retry for a couple hours and grabbing the IPs out of spamdb. Tim. $ host yahoo.com yahoo.com has address 98.138.253.109 yahoo.com has address 98.139.183.24 yahoo.com has address 206.190.36.45 yahoo.com mail is handled by 1 mta5.am0.yahoodns.net. yahoo.com mail is handled by 1 mta6.am0.yahoodns.net. yahoo.com mail is handled by 1 mta7.am0.yahoodns.net. $ nslookup mta5.am0.yahoodns.net Server: 192.168.1.1 Address:192.168.1.1#53 Non-authoritative answer: Name: mta5.am0.yahoodns.net Address: 66.196.118.34 Name: mta5.am0.yahoodns.net Address: 66.196.118.36 Name: mta5.am0.yahoodns.net Address: 98.136.216.25 Name: mta5.am0.yahoodns.net Address: 66.196.118.35 Name: mta5.am0.yahoodns.net Address: 98.136.216.26 Name: mta5.am0.yahoodns.net Address: 98.138.112.35 Name: mta5.am0.yahoodns.net Address: 98.138.112.32 Name: mta5.am0.yahoodns.net Address: 98.138.112.37 so on and so forth for the following mta's. add the ip's to your whitelist and it should be good to go. Just because you send mail to Yahoo through those IPs doesn't mean they send mail to you from those IPs. It's not unheard of for incoming and outgoing mail to go through different servers once you get to a certain size. (It may well be that they do go through the same servers. A lot of this is guesswork anyway without information direct from the source.) -- Martin I agree its possible, but its a good place to start. $ dig yahoo.com mx ; DiG 9.4.2-P2 yahoo.com mx ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 24018 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;yahoo.com. IN MX ;; ANSWER SECTION: yahoo.com. 1000IN MX 1 mta7.am0.yahoodns.net. yahoo.com. 1000IN MX 1 mta5.am0.yahoodns.net. yahoo.com. 1000IN MX 1 mta6.am0.yahoodns.net. no need to cc me i'm on the list Did you run spamdb and look at what IPs it greylisted?
Re: spamd whitelist
Thanks for the suggestion. I whitelisted the ip addresses for mta[567]. am0.yahoodns.net ; but email from yahoo still gets bounced. Is there an easy way to find all the other sources at yahoo? The message bounced back to yahoo contains... Received: from [66.196.81.173] by nm34.bullet.mail.bf1.yahoo.com with NNFMP; 24 Feb 2015 00:55:04 - Received: from [98.139.212.250] by tm19.bullet.mail.bf1.yahoo.com with NNFMP; 24 Feb 2015 00:55:04 - Received: from [127.0.0.1] by omp1059.mail.bf1.yahoo.com with NNFMP; 24 Feb 2015 00:54:41 - On Sat, Feb 21, 2015 at 9:09 PM, Edgar Pettijohn ed...@pettijohn-web.com wrote: On 02/21/15 18:29, Martin Brandenburg wrote: Edgar Pettijohn wrote: On 02/21/15 18:09, trondd wrote: On 2015-02-21 18:57, Martin Brandenburg wrote: That doesn't mean you can't find the information somewhere else. I just did this for gmail by simply sending a couple emails, letting gmail retry for a couple hours and grabbing the IPs out of spamdb. Tim. $ host yahoo.com yahoo.com has address 98.138.253.109 yahoo.com has address 98.139.183.24 yahoo.com has address 206.190.36.45 yahoo.com mail is handled by 1 mta5.am0.yahoodns.net. yahoo.com mail is handled by 1 mta6.am0.yahoodns.net. yahoo.com mail is handled by 1 mta7.am0.yahoodns.net. $ nslookup mta5.am0.yahoodns.net Server: 192.168.1.1 Address:192.168.1.1#53 Non-authoritative answer: Name: mta5.am0.yahoodns.net Address: 66.196.118.34 Name: mta5.am0.yahoodns.net Address: 66.196.118.36 Name: mta5.am0.yahoodns.net Address: 98.136.216.25 Name: mta5.am0.yahoodns.net Address: 66.196.118.35 Name: mta5.am0.yahoodns.net Address: 98.136.216.26 Name: mta5.am0.yahoodns.net Address: 98.138.112.35 Name: mta5.am0.yahoodns.net Address: 98.138.112.32 Name: mta5.am0.yahoodns.net Address: 98.138.112.37 so on and so forth for the following mta's. add the ip's to your whitelist and it should be good to go. Just because you send mail to Yahoo through those IPs doesn't mean they send mail to you from those IPs. It's not unheard of for incoming and outgoing mail to go through different servers once you get to a certain size. (It may well be that they do go through the same servers. A lot of this is guesswork anyway without information direct from the source.) -- Martin I agree its possible, but its a good place to start. $ dig yahoo.com mx ; DiG 9.4.2-P2 yahoo.com mx ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 24018 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;yahoo.com. IN MX ;; ANSWER SECTION: yahoo.com. 1000IN MX 1 mta7.am0.yahoodns.net. yahoo.com. 1000IN MX 1 mta5.am0.yahoodns.net. yahoo.com. 1000IN MX 1 mta6.am0.yahoodns.net. no need to cc me i'm on the list
