Hi, there!
Since understanding this problem is way beyond my current level, I would like
some help to find out what might be reason of this problem.
Thanks very much in advance, and happy new year to all list members.
Regards,
Jose
Dec 28 11:24:19 wall /bsd: panic: pool_get(mclpl): free list
Some more info might be of help.
This machine is configured as a bridge with spamd.
This error has occurred for the second time in less than a week. It never
occurred before, since installation, in June this year.
Regards,
Jose
--
___
Play
Hi,
FAQ 10.2 explains how to duplicate a filesystem. I would like to put that
one-liner in a shell script to be run periodically through crontab. I mean, I
would like:
cd /SRC; dump 0f - . | (cd /DST; restore -rf - )
in a shell script.
Whenever this script is run, I see an error message
Hi,
I have set up a NIS server using OpenBSD and a NIS client using FreeBSD. I can
authenticate without problems. But when I try to change a user password with
yppasswd
on the FreeBSD client, after retyping the new password, after a somewhat long
period,
I get an error like:
yppasswd:
Hi all,
Is there a straight-forward way to know if write cache is
enabled on a SCSI disk? I installed 4.2 (both i386 and
amd64) on a ibm x-series 336, and a simple mv of src.tar.gz
from a dir to another in the same filesystem takes more
than 10 seconds.
0m10.49s real 0m0.00s user 0m0.10s system
Hi, Stuart! Thanks for the hint. # scsi -f /dev/rsd0c -m 8
IC: 0
ABPF: 0
CAP: 0
DISC: 1
SIZE: 0
WCE: 0
MF: 0
RCD: 0
Demand Retention Priority: 0
Write Retention Priority: 0
Disable Pre-fetch Transfer Length: 65535
Minimum Pre-fetch: 0
Maximum Pre-fetch: 65535
Maximum Pre-fetch
Hi, $ cat top
load averages: 0.12, 0.12, 0.0814:30:38
21 processes: 20 idle, 1 on processor
CPU states: 0.0% user, 0.0% nice, 0.0% system, 0.1% interrupt, 99.8%
idle
Memory: Real: 8216K/145M act/tot Free: 856M Swap: 0K/1024M used/tot PID
USERNAME PRI NICE SIZE RES STATEWAIT
Hi,
If I see messages like last message repeated n times showing up
in my spamd log file, and the last message is of type
disconnected after ... seconds. lists: , is it correct to
assume that n spam attempts were caught from the same remote
host, by the same blacklist(s), wasting the same amount
Hi,
The output of pfctl -t ... -T show goes to stdout by default.
But the output of pfctl -t ... -T test goes to stderr. Is there
a particular reason for this?
I am trying to write a perl script that in some moment tests
if an IP address is already whitelisted and I have not many
skills for
Hi,
I am assuming the lack of replies is due to the fact that
I was not clear enough in my questioning. So I will try
to rephrase my question.
I run opbsd 4.2 on a i386 machine. I am trying to analyse
the spamd log file (I changed syslog.conf so that it will
send logging information only to
Hi,
Is it normal to have white and grey entries from the same
IP address showing up in the output of spamdb?
Should the GREY entries not be deleted once the IP address
is whitelisted?
GREY|217.130.91.233|qanr.comunitel.net|from-email|to-email|
1205058895|1205060468|1205073295|6|0
Hi,
Following a suggestion from a misc member after I complained
about slow IO on a IBM xSeries 336 (see 'write cache on scsi'),
I tried to install a snapshot.
Except for the very slow filesystems creation, the install
process went through ok.
But when I tried to boot the newly installed
Hi,
Let us say I run a script which analyses the spamd log file saved
more than 4 hours ago. Can I assume that the messages of the type:
...: ipaddress1: disconnected after X seconds.
that do not specify a list and for which ipaddress1 is not
whitelisted at the momentare spams caught by the
Hi,
I forgot to say that I am runnning OpenBSD 4.2 and spamd
in greylisting mode and all default parameters (-G).
My understanding is that if an IP address, after 4 hours
of the initial greylist entry, has not been whitelisted
yet, then it was a spammer who gave up because of the
greylisting
Hi,
I searched the FAQ and the man pages (for pf, pf.conf and pfctl.conf),
but I did not find a definition for the src-limit counter which is
showed by the command pfctl -si.
With pfctl -sa I saw this:
LIMITS:
stateshard limit 20
src-nodes hard limit1
frags
Hi,
Since I am not able to test this now in the real world, I
would like to know how would spamd behave when it
received SMTP connections to a fake low priority MX
address and the real MTA was unavailable at the time.
I mean, would the connection be rejected with error 450?
Would there be any
Hi, Martin!
Thanks for your reply.
The real MTA is not involved here. What's important is that spamd with
the
low priority MX address active must see all the greylist changes for a
higher priority MX host for the same domains, either by being synchro-
nised with it, or by receiving the
Hi,
Anyone written scripts that analyse SPAMD logs and generate
html reports, and could share them with us?
Thanks in advance.
Regards,
Jose
--
Want an e-mail address like mine?
Get a free e-mail account today at www.mail.com!
Hi Stuart,
If you run spamd -M then you must have more than one IP address
that is handled by spamd.
e.g.
MX 0 mailhost
MX 10 spamd
MX 20 spamd (-M address)
Sorry. I forgot to explain. My spamd box is running as a bridge.
So it is not an MX. The correct setup is:
MX 0 mailhost
MX 10
Hi,
A while ago, a message was posted in this list stating the sk based NICs were
supposed to be good in performance and stability.
Now, I have already had quite a few problems with D-LINK DGE-530T when used on
Intel motherboards. On several ocasions,
these NICs ended up causing WATCHDOG
: watchdog timeout
Please, let me know if you need any additional information.
Best regards,
Josi
- Original Message -
From: Reyk Floeter
To: Jose Fragoso
Subject: Re: bad SK NICs ??
Date: Mon, 29 May 2006 23:28:54 +0200
hi,
On Mon, May 29, 2006 at 09:58:44AM -0500, Jose Fragoso
Hi,
I would like some help to setup an environment which could be used
in most xDSL clients. These clients normally host their real DNS
and email at some place like dreamhost. I would like to bring via
pop3 these emails (for each user) and then do some filtering (spam,
virus, etc.) and host them
Hi,
In OpenBSD 4.3, is there a way to find out via script the
current size of the spamd blacklist?
Thanks in advance.
Regards,
Jose
--
Mail.com Autos- Powered by Oncars.com: Drive By Today!
http://www.oncars.com
Hi,
I am working to setup a spamd environment where we will have
two OpenBSD/spamd bridges running in synchronization mode, one
at each Internet link we have.
One of these bridges is already running and has already its
white and grey lists populated.
I now plan to active the second bridge, and
I forgot to mention that both bridges will run i386
kernel.
If anyone with experience in this kind of setup
would like to comment, I would appreciate.
Regards,
Jose
--
See Exclusive Videos: 10th Annual Young Hollywood Awards
http://www.hollywoodlife.net/younghollywoodawards2008/
Hi,
I apologize to replying to myself. I am just trying to
provide more info about my question so that maybe someone
will be able to give an answer.
1)
I wanted to run the new version of spamd (with the up to
date sync protocol) without having to upgrade to CURRENT.
I guess I can not or should
Hi,
I am running OpenBSD 4.3 STABLE in an i386 machine.
The man page for pf.conf says at some point:
Any lines beginning with a # are treated as comments and ignored.
Now, if a comment line ends with \, should the next line
be also treated as comment? I noticed this behaviour and I do
not know
Hi,
I am having some problems while trying to run spamd in greylisting
mode in a bridge.
For some reason, spamd is not greylisting, and the all the connections
(even the initial ones) seem to timeout. I see no added GREY entry with
spamdb. If I try to connect (say, using telnet ipaddr smtp) to
Hi again,
It seems that I needed:
set skip on lo0
Funny thing is that the same ruleset works on 4.3 without the
need for this statement.
Was there some change in the route-to logic from 4.3 to 4.4?
This may be of interest for someone running spamd in a bridge
setup.
Kind regards,
Jose.
--
Hi,
I am running spamd on a OpenBSD 4.1 box with the greyscanner.41 running every
10 minutes.
Recently I noticed the following log entry:
Aug 26 15:47:58 gwint greytrapper[11467]: Trapped 91.82.157.211:
Senders/Tuples ration is 9/8 senders/tuples ( 0.85)
Now my question is how is it possible
?
Regards,
Jose
- Original Message -
From: Raimo Niskanen [EMAIL PROTECTED]
To: Jose Fragoso [EMAIL PROTECTED], misc@openbsd.org
Subject: Re: question about Bob Beck's greyscanner
Date: Wed, 27 Aug 2008 11:44:20 +0200
On Tue, Aug 26, 2008 at 06:04:22PM -0300, Jose Fragoso wrote:
Hi
Hi,
I am running OpenBSD 4.4, spamd and greyscanner41 in a box.
Looking at the log entries from the greyscanner, I found this
entry and others which I find a bit strange:
Aug 28 12:55:44 wall greytrapper[25604]: Trapped 209.85.132.241:
Mailed from sender gmail.com with no MX or A
Now, this IP
Meanwhile,
The reason for the original problem from which this thread
was generated is yet to be discussed.
Any comments on that would be appreciated.
Regards,
Jose
--
Nothing says Labor Day like 500hp of American muscle
Visit OnCars.com today.
Hi,
How would it know that dns is down? Ask again and hope it works?
There's no difference between the answers you get for this domain
doesn't exist and the network is broken.
I can understand that. It makes a lot of sense now.
One thing I could do is to increase the timeout value of the
Hi,
I just installed OpenBSD 4.0 on an IBM xSeries 336. I have noticed that, for
some reason,
I/O operations are not carried out as fast as one would expect for a machine
with SCSI
disks. For instance, the creation of a 50GB partion took a really long time.
The command
4tar xzvf ports.tar.gz4
thats very... vague...
Sorry. I agree.
where are you creating this 50G partitiong? in the installer, or in
the installed operating system? what command did you use?
In the installer.
how long did it actually take? a really long time could be 5
seconds if you're expectations are too high.
can i see a dmesg as well? if you're running the machine as an
amd64, can you try it again as an i386?
I am running as an i386
$ arch
OpenBSD.i386
The dmesg follows.
Thanks in advance.
Regards,
Jose
OpenBSD 4.0 (GENERIC.MP) #936: Sat Sep 16 19:27:28 MDT 2006
[EMAIL
Hi,
I am running OpenBSD 4.0 stable. I updated the ports tree and tried
cd /usr/ports/databases/openldap
env FLAVOUR=bdb make install
Although I think the script is building both client and server, it
only adds the client package.
autoconf-2.13p0 automatically configure source code on many
Hi,
I am planning to setup a network with a OpenBSD/SPAMD firewall,
and an internal POSTFIX server with SASL SMTP AUTH.
While think about it, I realized that I have a problem here.
Whenever a mobile user wants to send mail (relaying) through
the POSTFIX server, he will have to go through the
Hi,
Thanks for the tip on using submission, SSL or TLS
ports. That solves many of my problems.
But I still think that dynmically allocated IPs should be
treated somehow differently by SPAMD greylisting process.
My point is that if a remote SMTP server goes through the
greylisting process and
Hi,
Actually, it is still there. But the format has changed
and spamd is not being able to handle it because the IP
address is now in the second column, like in:
2009-06-24T12:28+0200 117.199.144.132
So, for the time being, the best thing to do is to use
wrapper script.
Regards,
Jose
--
Be
Hi,
I wrote a quick and dirty diff to Bob Beck's greyscanner that
traps hosts using a badfrom/BADFROM similar to the existing
badrcpt/BADRCPT procedure.
I started using this script to trap hosts that try to send
mail using my own destination domain in the 'from:' field.
It is catching many
Hi,
I am running spamd/obsd 4.5 on a bridge using the i386 kernel.
Is there a limit to the size a spamd blacklist may reach?
Can one estimate the impact on performance if any of adding
a new blacklist of say 100 IP addresses?
Thanks in advance.
Regards,
Jose.
--
Be Yourself @ mail.com!
Hi,
Is it possible to automate the process of
running
fsck -y
after a power or other type of failure,
in cases the automatic file system check fails?
Thanks in advance.
Regards,
Jose
--
An Excellent Credit Score is 750
See Yours in Just 2 Easy Steps!
Hi,
If that was a wisething to do, we would have already done so. In other
words, it is not wise. It's foolish.
-Otto
I totally agree with you. This should not be in the release.
However, I have a few obsd boxes working at places where I can
not reach with ease. What I want to avoid
Hi,
I am running openbsd 4.2 on a box and I would like
help trying to identify networking bottlenecks.
While trying to download a file from another obsd
box at the network using wget, I get very low rate.
# wget http://192.168.1.254/bsd1
--18:03:29-- http://192.168.1.254/bsd1
=
Hi,
This list has gone quite small in size recently. The size changed from
above 10 IP addresses to only 1 now. Could it be because
University of Alberta is not being targeted so often anymore? Or is
it because they have become more selective in trapping addresses?
Thanks for any
Hi,
If a host is responsible for sending outgoing messages from multiple
domains, should it always use the same HELO command (ie. the same
hostname) or could it use a different HELO command when sending
mail from different domains?
Thanks for your help.
Regards,
Jose.
--
Be Yourself @
Hi,
I guess most domain admins have come across this problem,
and have an opinion about how to best deal with it.
The user account is open. The user starts to opt-in some
mailing lists. He is added to some others with opt-out
policy. Sometime later, the user is removed before
he opts-out of the
Hi,
I have two obsd machines running OpenBSD 4.9 STABLE and CARP
for failover.
Each machine has 3 interfaces:
sk1(external)
sk0(internal)
em0(sync)
em0 has a direct cable connecting the two machines.
Both machines use exactly the same dhcpd.conf file
to serv IP addresses on sk0.
I have
Hi again,
Is it possible that the dhcp sync messages are not being
sent/received through the sync iface (em0) because the
Ip address associated with this iface is not in the same
subnet of the IP addresses of the dhcpd servers?
Should I be able to view the sync packets on the lo0
iface?
kind
Hi,
Thanks a lot for your hint.
Now, I can see (what I guess should be) the sync packets
going through the em0 iface:
07:54:32.877138 00:22:64:89:64:79 01:00:5e:00:01:f0 0800
142: 10.1.1.2.8067 224.0.1.240.8067: udp 100 [ttl 1]
(id 20862, len 128)
07:54:32.877187 00:22:64:89:67:6a
Hi again,
The strange thing is that spamd is getting the sync messages from
the master firewall and updating the spamd tables and log files.
But, although the dhcpd sync messages seem to go through the
em0 iface, the dhcpd in the backup firewall is not displaying
sync updates in the log
Hi again,
Since I am now seeing some IP address conflicts, I am understanding that
dhcpd lease synchronization is not working properly.
The funny thing is that I see dhcpd sync packets being sent through the
sync interface and being received at the other side.
I still can't see at the log files
Hi,
I have a pair of firewalls running Obsd 4.9 and carp
(in active-passive mode).
I see a lot of icmp redirect packets in the network using tcpdump.
I tried to block them with PF (both incomming and outgoing).
block drop out log quick on $int_if inet proto icmp icmp-type redir
block
Hi,
What's the source of these? Are you sure they aren't being generated by
your firewall?
Some are. But I think that the firewall is generating redirects only when
it sees other icmp redirects from other sources.
Anyway, I would like to stop that. But how? I tried to block using PF and
56 matches
Mail list logo