Re: I hate Spam
--- SpamTrap [Wed, May 11, 2011 at 04:51:19PM +0200]: --- I'm new to this list and to OpenBSD, and currently signed up for misc, ports and www lists, and receive a lot of spam mail through the lists. taken from: http://www.openbsd.org/mail.html The OpenBSD mailing lists use spamd(8) in greylisting mode as well as SpamAssassin to keep down the spam volume but things do sneak through--deal with it. In addition, the list server also has regex-based rules to reject based on some common spam and virus telltales. If you get spam through one of the OpenBSD mailing lists, you don't need to send a copy to the list owner--chances are he's already seen it. Also, please do not submit spam received through the mailing lists to spamcop as this will result in the list server being added to their RBL. Complaining about and commenting upon spam on the list proper is counter-productive as it generates more traffic than the spam itself.
make build failing 4.8-stable i386
I found this thread: http://marc.info/?t=12905517382r=1w=2 I too had a much tested build script that I was using, and like OP I have modified my procedure not to export DESTDIR to the environment. I am now stuck with a make build that failed thusly. I'm still poking around, but I haven't found anything that is helping out here. It looks like gcc just kinda broke. I double checked I had a fresh /usr/obj before beginning. I don't recall seeing anything come across misc that might pertain to other changes I might need to consider. install -d -o root -g bin -m 755 /usr/lib/gcc-lib/i386-unknown-openbsd4.8/4.2.1 install -c -s -o root -g bin -m 555 cc /usr/bin/cc /usr/src/gnu/usr.bin/cc/cc/../cc/obj/cc -dumpspecs /usr/lib/gcc-lib/i386-unknown-openbsd4.8/4.2.1/specs /bin/sh: /usr/src/gnu/usr.bin/cc/cc/../cc/obj/cc: not found *** Error code 127 Stop in /usr/src/gnu/usr.bin/cc/cc (line 25 of Makefile). *** Error code 1 Stop in /usr/src/gnu/usr.bin/cc (line 48 of /usr/share/mk/bsd.subdir.mk). *** Error code 1 Stop in /usr/src/gnu/usr.bin (line 48 of /usr/share/mk/bsd.subdir.mk). *** Error code 1 Stop in /usr/src/gnu (line 48 of /usr/share/mk/bsd.subdir.mk). *** Error code 1 Stop in /usr/src (line 48 of /usr/share/mk/bsd.subdir.mk). *** Error code 1 Stop in /usr/src (line 74 of Makefile).
Re: pf.conf
--- Guilherme Ferreira Ros?rio [Mon, Oct 25, 2010 at 02:26:47PM -0200]: --- Good afternoon lords, I upgraded my openbsd 4.6 to 4.7 I always used it only for firewall and port redirector with rdr command, I tried to use some scripts manual openbsd even more so I can not stress more the internal network when you request a port in Specific be redirected to another server such as a squid transparent, follow my rules, http://pastebin.ca/1972254 error: all tcp 192.168.0.10:1863 (65.55.64.254:1863) - 192.168.0.20:54570 CLOSED:SYN_SENT all tcp 192.168.0.20:54570 - 192.168.0.10:1863 SYN_SENT:CLOSED If you haven't, look over this: http://marc.info/?l=openbsd-miscm=125181847818600w=2 and this: http://www.openbsd.org/faq/upgrade47.html
Re: pf question: no rdr problem, upgraded 4.2-4.7
--- David Hardy [Thu, Jul 15, 2010 at 12:09:07PM -0600]: --- I'm upgrading a obsd firewall/router to 4.7 from 4.2 and am having to make all kinds of changes, but one I can't figure out is why it's choking on: no rdr on $cus inet proto tcp from noproxy to any port www we use a web cache, but want to exempt some clients from being transparently proxied to it. what happened to no rdr? have you checked out this: http://www.openbsd.org/faq/upgrade47.html and this: http://marc.info/?l=openbsd-miscm=125181847818600w=2
Re: OpenBSD 4.7 Released, May 19 2010
--- Bob Beck [Wed, May 19, 2010 at 06:48:35AM -0600]: --- May 19, 2010. We are pleased to announce the official release of OpenBSD 4.7. congrats! and more importantly: THANK YOU!
Re: 4.7 release date?
--- Kapetanakis Giannis [Tue, May 04, 2010 at 01:21:04PM +0300]: --- Hi, Is there any planned date for releasing 4.7 in ftp? from http://www.openbsd.org/47.html : May 19, 2010
Re: [ot] spam
--- Leonardo Carneiro - Veltrac [Tue, May 04, 2010 at 08:54:38AM -0300]: --- Hi list. Why do we get spam on this list? Does it allow to unsubscribed users to email us or the spam is comming from subscribers? This is ***not*** a flame war start about spam. I'm just curious. from http://www.openbsd.org/mail.html The OpenBSD mailing lists use spamd(8) in greylisting mode as well as SpamAssassin to keep down the spam volume but things do sneak through--deal with it. In addition, the list server also has regex-based rules to reject based on some common spam and virus telltales. If you get spam through one of the OpenBSD mailing lists, you don't need to send a copy to the list owner--chances are he's already seen it. Also, please do not submit spam received through the mailing lists to spamcop as this will result in the list server being added to their RBL. Complaining about and commenting upon spam on the list proper is counter-productive as it generates more traffic than the spam itself. Note that if you are sending mail from a dynamic IP address you will probably not be able to post to the mailing lists. In this case you should use a smart host sendmail configuration that utilizes your ISP's mail server. See the comments in /usr/share/sendmail/cf/openbsd-proto.mc for how to do this.
uvm_fault, possibly fstat(1) related
i was troubleshooting some work i'm doing with python, and ran fstat(1),
as root, with no arguments.
machine is rack-mounted in a data center, far away from me, but with an
assist, i was able to get the following screen cap:
http://imgur.com/kdbaW.jpg
here's the text included therein:
uvm_fault(0xd8227010, 0x0, 0, 1) - e
kernel: page fault trap, code=0
Stopped at fill_file2+0x346: movl 0x44(%edx),%eax
ddb{0}
unfortunately, due to some problems on my end, i wasn't able to get a
remote console. after the machine came back up, i ran fstat as an
unprivileged user, again with no arguments and the host crashed again.
no screen cap/scrape from the 2nd lock, however. as soon as i get my
KVM/java nonsense sorted, i'll be able to test further.
but for now, i'll not be running fstat(1) again, but i have a gut feeling
this is symptomatic of something else, that probably needs attention
sooner rather than later.
i saw in the archive that Stuart Henderson posted something similar a
while back, but didn't see any follow-up. any hints to get me looking in
the right direction?
i'm running 4.6-STABLE, SMP kernel. dmesg attached:
OpenBSD 4.6 (build) #5: Thu Nov 12 10:28:47 EST 2009
j...@cosmicnetworks.net:/usr/local/build
cpu0: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz (GenuineIntel 686-class) 2.41 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16,xTPR
real mem = 2145677312 (2046MB)
avail mem = 2065956864 (1970MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 09/17/07, BIOS32 rev. 0 @ 0xf0010, SMBIOS
rev. 2.5 @ 0xfd620 (27 entries)
bios0: vendor American Megatrends Inc. version 080012 date 09/17/2007
bios0: PCCHIPS P17G
acpi0 at bios0: rev 0
acpi0: tables DSDT FACP APIC MCFG OEMB HPET
acpi0: wakeup devices P0P2(S4) P0P1(S4) WOL_(S4) PS2K(S3) PS2M(S3) UAR1(S4)
EUSB(S4) MC97(S4) USB0(S3) USB1(S3) USB2(S3) USB3(S3) P0P4(S4) P0P5(S4)
P0P6(S4) P0P7(S4) P0P8(S4) P0P9(S4) SLPB(S4) PWRB(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 266MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz (GenuineIntel 686-class) 2.40 GHz
cpu1:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16,xTPR
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (P0P1)
acpiprt2 at acpi0: bus -1 (P0P4)
acpiprt3 at acpi0: bus -1 (P0P5)
acpiprt4 at acpi0: bus -1 (P0P6)
acpiprt5 at acpi0: bus -1 (P0P7)
acpiprt6 at acpi0: bus -1 (P0P8)
acpiprt7 at acpi0: bus -1 (P0P9)
acpicpu0 at acpi0: PSS
acpicpu1 at acpi0: PSS
acpitz0 at acpi0: critical temperature 60 degC
acpibtn0 at acpi0: SLPB
acpibtn1 at acpi0: PWRB
bios0: ROM list: 0xc/0xae00!
cpu0: Enhanced SpeedStep 2400 MHz: speeds: 2394, 1596 MHz
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 Intel 82945G Host rev 0x02
vga1 at pci0 dev 2 function 0 Intel 82945G Video rev 0x02
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
intagp0 at vga1
agp0 at intagp0: aperture at 0xd000, size 0x1000
inteldrm0 at vga1: apic 2 int 16 (irq 10)
drm0 at inteldrm0
uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x01: apic 2 int 23
(irq 5)
uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x01: apic 2 int 19
(irq 11)
uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x01: apic 2 int 18
(irq 15)
uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x01: apic 2 int 16
(irq 10)
ehci0 at pci0 dev 29 function 7 Intel 82801GB USB rev 0x01: apic 2 int 23
(irq 5)
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1
ppb0 at pci0 dev 30 function 0 Intel 82801BA Hub-to-PCI rev 0xe1
pci1 at ppb0 bus 1
rl0 at pci1 dev 5 function 0 Realtek 8139 rev 0x10: apic 2 int 20 (irq 3),
address 00:19:21:4d:b2:07
rlphy0 at rl0 phy 0: RTL internal PHY
ichpcib0 at pci0 dev 31 function 0 Intel 82801GB LPC rev 0x01: PM disabled
pciide0 at pci0 dev 31 function 1 Intel 82801GB IDE rev 0x01: DMA, channel 0
configured to compatibility, channel 1 configured to compatibility
pciide0: channel 0 disabled (no drives)
pciide0: channel 1 ignored (disabled)
pciide1 at pci0 dev 31 function 2 Intel 82801GB SATA rev 0x01: DMA, channel 0
configured to native-PCI, channel 1 configured to native-PCI
pciide1: using apic 2 int 19 (irq 11) for native-PCI interrupt
wd0 at pciide1 channel 0 drive 0: WDC WD2500AAKS-22B3A0
wd0: 16-sector PIO, LBA48, 238475MB, 488397168 sectors
wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5
ichiic0 at pci0 dev 31 function 3 Intel 82801GB SMBus rev 0x01: apic 2 int 19
(irq 10)
iic0 at ichiic0
Re: uvm_fault, possibly fstat(1) related
--- Philip Guenther [Sun, Dec 27, 2009 at 03:46:33PM -0800]: --- On Sun, Dec 27, 2009 at 10:25 AM, John Cosimano j...@cosmicnetworks.net wrote: ... i saw in the archive that Stuart Henderson posted something similar a while back, but didn't see any follow-up. any hints to get me looking in the right direction? You have a reference to his post handy? it was on tech@ now that i recall, which probably even makes it irrelevant for having mentioned here in the first place. if it's not too OT to mention here: http://archives.neohapsis.com/archives/openbsd/2009-07/1051.html i'm running 4.6-STABLE, SMP kernel. dmesg attached: OpenBSD 4.6 (build) #5: Thu Nov 12 10:28:47 EST 2009 ? ?...@cosmicnetworks.net:/usr/local/build Ahem. You're running a non-standard kernel and yet don't call that out or describe what the difference is between it and the standard GENERIC.MP config is? Ah well, I guess I've typed this far, so I'll send this response instead of deleting it... sorry for not stating. i run an unmodified GENERIC.MP, i just build outside of /usr/src when i apply patches that require a kernel rebuild. shant happen again, sir.
testing smtpd; can someone hit me with a cluestick
i'm testing smtpd (OpenBSD/i386 -STABLE; stock GENERIC.MP)
here're the full headers from a mail i sent from a host at $work. my
domain is cna.org , not cna.org.net . but i cannot figure out if
something i have done is appending that ``.net'' after the ``.org''. my
employer doesn't even own our equivalent .net domain, so i'm not sure
this is a mail relay or something that's configured incorrectly in our
enterprise. i've seen DNS mis-configurations append things to the end of
hostnames when you forget a dot, but i can't see how that's involved
here. but if so, please educate me.
you'll see this in the envelope from and From: and a few others.
i'm aware that there is no header rewriting at the moment, so it's
perfectly OK that the hostname isn't being stripped out. but obviously
that hostname doesn't resolve in the DNS outside of our enterprise
proper. i can't suss out if that has anything to do with what i'm
seeing though. i'm assuming that's why SpamAssassin is complaining with
UNPARSEABLE_RELAY below.
my /etc/mail/smtpd.conf is very basic:
listen on lo0
map aliases { source db /etc/mail/aliases.db }
accept for local deliver to mbox
accept for all relay via mail.cna.org
smtpd -n returns ``configuration OK'', so i will assume that my config
is OK. it is worth noting that mail.cna.org is a not-very-`wise' product
from Novell that exhibits all sort of brain-deadness from time to time.
it's mangled by others; i have some 4.5 boxen still on base sendmail
that behaves as i expect.
i didn't attempt to obfuscate any info in the headers, as that can
sometimes cause confusion for folks who are trying to help. any nudges
in the right direction much appreciated.
final note: i'm using /usr/bin/mail -v to send these test messages.
(sorry for the odd line wraps)
From j...@radbsd1.cna.org.net Thu Nov 5 18:42:35 2009
Return-Path: j...@radbsd1.cna.org.net
Received: from sender2.cna.org (sender2.cna.org [192.189.236.25])
by cosmicnetworks.net (8.14.3/8.14.3) with ESMTP id
nA5IgSol019411
for j...@cosimano.net; Thu, 5 Nov 2009 18:42:29 GMT
Received: from sender.CNA.ORG (unknown [192.168.200.13])
by sender2.cna.org (Spam Virus Firewall) with ESMTP id
41AA0F6CA6
for j...@cosimano.net; Thu, 5 Nov 2009 13:42:23 -0500 (EST)
Received: from sender.CNA.ORG ([192.168.200.13]) by sender2.cna.org with
ESMTP id ErZ9TZCoxVxa9fDG for j...@cosimano.net; Thu,
05 Nov 2009 13:42:23 -0500 (EST)
Received: from radbsd1.cna.org ([192.168.156.252])
by sender.CNA.ORG with ESMTP; Thu, 05 Nov 2009 13:42:21 -0500
X-OpenSMTPD-Loop: j...@cosimano.net
Received: from radbsd1.cna.org (localhost [IPv6:::1])
by radbsd1.cna.org (OpenSMTPD) with ESMTP id
1257446540.BsYROsckto8emQkk
for j...@cosimano.net; Thu, 5 Nov 2009 13:42:20 -0500 (EST)
Received: (from j...@localhost, uid 1000)
by radbsd1.cna.org
Thu, 5 Nov 2009 13:42:20 -0500 (EST)
From: jmc j...@radbsd1.cna.org.net
Date: Thu, 5 Nov 2009 13:42:20 -0500 (EST)
Message-Id: 5400691765769033861.enqu...@radbsd1.cna.org
To: j...@cosimano.net
Subject: testing net
X-SMTP-Vilter-Version: 1.3.6
X-Spamd-Symbols: TVD_SPACE_RATIO,UNPARSEABLE_RELAY
laksdfjakljdfa
Re: does pf make sense for a desktop computer?
--- Moritz Herrmann [Wed, Nov 04, 2009 at 11:51:52AM +0100]: --- Hi all, since the upgrade to version 4.6 had pf activated by default, I was confronted with the question wheather it is reasonable to use it on my desktop computer or not. I would like to know if someone is using it that way and if it's worth to invest my time into the configuration of pf. well i guess it depends on how hostile your environment where you have this machine is. but personally, i think egress filtering is always worthwhile.
thanks for 4.6!
received my pre-order about the same time as others. just upgraded 3 machines (from 4.5) in less than 90 minutes. my machines aren't super-customized, so sysmerge(8) works like a dream for me. i de-installed screen(1) and will start using tmux(1), as it's in base. thanks for the effort of doing that---screen was always among the very first packages i installed on a virgin system. currently these machines don't handle any mail, but in the coming months, at least one will be so i look forward to exercising smtpd(8) a bit. grazie mille!
Re: thanks for 4.6!
--- Brad Tilley [Wed, Oct 21, 2009 at 01:16:23PM -0400]: --- de-installed screen(1) and will start using tmux(1), as it's in base. thanks for the effort of doing that---screen was always among the very first packages i installed on a virgin system. Same here. For the tmux newbies rather than the Ctrl+A keys use Ctrl+B otherwise, the syntax of tmux is very similar to screen. Nice to have it in the base OS. i seem to remember a thread here on misc@ that was meant to be a tmux guide for experienced screen users. haven't dug that up yet, as i'm not sure if i'm better off starting anew or trying to make this as much like screen as i possibly can. leaning toward a forklift upgrade of my terminal multiplexing skills.
Re: thanks for 4.6!
--- Brad Tilley [Wed, Oct 21, 2009 at 02:52:10PM -0400]: --- On Wed, Oct 21, 2009 at 1:45 PM, John Cosimano j...@cosmicnetworks.net wrote: i seem to remember a thread here on misc@ that was meant to be a tmux guide for experienced screen users. One thing that screen got right is the A key. It's a lot closer to Ctrl than B. *especially* if you have a proper keyboard with the ctrl key in the right location, ie, directly left of the `a'. just got ahold of a Sun Type 6 USB kbd and loving it.
Re: smtp-vilter is cranky
--- Chris [Wed, Sep 16, 2009 at 01:44:51PM -0400]: --- Hi, I have been playing with this for hours now, and I'm getting really frustrated. I'm building an email server, and I want to use smtp-vilter to send my emails through spamassassin and clamav. I'm using obsd 4.5 and sendmail. I keep getting this in my logs: Milter (smtp-vilter): local socket name /var/smtp-vilter/smtp-vilter.sock unsafe can't recall if it's the default setting or not, but my smtp-vilter is chrooted to /var/smtp-vilter . have you taken that into consideration? i'm using exactly the same setup and i don't recall any difficulty.
Re: mail issue
--- Stuart VanZee [Thu, Aug 27, 2009 at 11:55:39AM -0400]: --- I am using OpenBSD 4.5 When I try to use mail to send email from a user account I get an error: can not chdir(/var/spool/mqueue/): Permission denied Program mode requires special privileges, e.g., root or TrustedUser. what are the filesystem permissions on /var/spool/mqueue and /usr/libexec/sendmail/sendmail ? what MUA are you using to send?
Re: Contemporary Sendmail, Clamav, SpamAssassin et al
--- Chris [Thu, Jul 30, 2009 at 12:01:43PM -0400]: --- Hello. About 4 years ago I installed this combo on an obsd 3.6 box, and it has worked quite well for me. I really like the obsd way of things. Now I'm ready to undertake this again, but rather than just blindly recreate what I had before, I wanted to check how this is handled in this day age -- with obsd 4.5. i built up a 4.5 box this past spring, and sendmail, clamav, and spamassassin are what i used. for me the only question was to use sendmail or postfix. in the end, i chose sendmail because it's in base. that's really all it came down to for me---i don't like the idea of passing up all the hardwork that goes into sendmail by the devs for something shiny and new. i get to (have to?) support postfix at $work, so at least i do get the resume-building benefit of knowing more than one MTA. Specifically, I wanted to know how clamav and spamassassin are invoked by sendmail. In the old days, I used smtp-vilter. Is that still the method of choice? i belive that balmer@ wrote smtp-vilter, so i'd venture to say there's not much need to look elsewhere. this is what i ended up with. works flawlessly for me. Also What are people using these days for IMAP/POP/SMTP and encryption of those protocols as well as encryption of smtp? I've been reading a bit on Dovecot for IMAP/POP -- any opinions there? For smtp auth I used Cyrus-sasl... that still recommended. Also interested in the best way implement tls/ssl on smtp now days as well. i went with Dovecot in this case. although i haven't done much with TLS/SSL on sendmail, i am pretty sure ssl(8) has most of what you'll be looking for. i think there's a writeup mostly apropos at calomel.org, but last i recall looking at it, it might have been a bit stale. it will most certainly get you in the right direction.
