On Sun, 2 Dec 2007 20:48:42 -0500, Douglas A. Tutty wrote:
On Sun, Dec 02, 2007 at 03:48:14PM -0700, Darren Spruell wrote:
On Dec 2, 2007 2:21 PM, Douglas A. Tutty [EMAIL PROTECTED] wrote:
On Sun, Dec 02, 2007 at 12:56:11PM -0700, Anthony Roberts wrote:
I have seen several installations of
On Tue, 27 Nov 2007 10:14:43 +0800, PowerBSD wrote:
I use ssh connect to remote sshd server 192.168.1.191 , then i us
# ssh 192.168.1.1911
Stop right there!
What the hell does that 1911 mean? and all the 1912, 1913 etc stuff
too.
Those are not valid addresses, at least in the IPv4 universe.
On Mon, 19 Nov 2007 14:47:37 -0700, Bob Beck wrote:
RW [EMAIL PROTECTED] [2007-11-11 22:39]:
It seems that the migrated database works but new entries go on the end
- no SORT of order, and SPAMTRAP entries (that I entered using a
script) ended up showing in two bunches in the midst of other
On Mon, 19 Nov 2007 22:05:02 -0700, Shane Harbour wrote:
For the last few hours I've been knocking my head against my desk. I'm
trying to setup spamd for the first time and keep receiving syntax
errors on my redirect statements. My redirect statements are:
nat-anchor ftp-proxy/*
rdr-anchor
I'm not sure which is the correct place to raise this, so a smack in
the appropriate direction is fine.
I noticed a bunch of suspicious grey listed entries in spamdb output.
On checking the origins (122.136.48|49.x) I wondered why the China list
didn't tarpit them immediately. Spamd logs showed
On Sun, 11 Nov 2007 22:31:13 -0500, Daniel Ouellet wrote:
Douglas A. Tutty wrote:
I tried making a very sparse file (100 MB data, 1000 GB sparseness) and
gave up trying to compress it. gzip has to process the whole thing,
sparseness and all. Sure it would probably end up with a very small
I just got through updating a mailserver that had been running 4.0 to
4.2 using a new HDD, fresh install of OS and required packages. All old
scripts settings etc preserved on original HDD now sitting in an
accessible older box so I can grab anything forgotten.
The one thing that hit me was the
On Thu, 8 Nov 2007 20:40:00 -0500, Steven Surdock wrote:
I assume you are running OpenVPN in UDP mode? ...
Yes. But I also run a second OpenVPN process in TCP mode (port 443) to
get around a few (very few) places that still only allow 80/443. UDP
has less overhead and feels faster, but I have
On Tue, 6 Nov 2007 18:26:04 -0500, Douglas A. Tutty wrote:
Jest
Perhaps there needs to be a new fork: OldBSD: Unix for the Ages.
s/Ages/Aged/ ??
Given that I joined IBM in 1962, I am allowed to make such jokes.
~|^
=
From the land down under: Australia.
Do we look umop apisdn from up over?
On Mon, 05 Nov 2007 14:26:48 -0500, Brian A Seklecki (Mobile) wrote:
- PIX/ASA has some magical black-box inline transparent protocol
fixups
People who have met those when trying to send mail will tell you that,
at least for smtp, that quoted word at the end of the above sentence
has a spelling
On Fri, 2 Nov 2007 12:35:28 -0400, Calomel wrote:
Rod,
You are absolutely correct. Using the --reject *iso directive for wget in
the instructions will now filter out all iso files from downloading. The
wording on the web page has been cleaned up and clarified.
Thanks for your feedback, it is
On Fri, 2 Nov 2007 20:43:49 +0100, Marc Espie wrote:
This was really shortly mentioned on undeadly, because it probably deserves
a separate announcement and article.
and lots more informative stuff
Gosh it's nice to hear the process in this form Marc.
Totally comprehensible for those of us who
On Thu, 1 Nov 2007 20:01:16 -0400, Calomel wrote:
Making a custom, bootable OpenBSD install CD
http://calomel.org/bootable_openbsd_cd.html
Calomel, I think you need to rapidly go edit your instructions and the
script to get rid of the wildcard in the wget command to get the
install files.
On Sun, 28 Oct 2007 22:48:20 -0400, Nick Holland wrote:
This thread is a bit bothersome for a lot of reasons. However, there
is a lack of hard info so far.
Well, I read Theo's message and I know we can't ask for any changes to
the issue CDs.
Shit happens.
I just get my terrier genes showing a
On Mon, 29 Oct 2007 18:42:19 +, Stuart Henderson wrote:
On 2007/10/29 10:49, Austin Hook wrote:
I understand that some people have experienced boot problems with CD #1 in
the new 4.2 release set, mainly with older machines.
I don't have a suitable machine to try it on, but amd64 boot
On Mon, 29 Oct 2007 17:29:42 -0400, Barry Miller wrote:
On Mon, Oct 29, 2007 at 06:42:19PM +, Stuart Henderson wrote:
On 2007/10/29 10:49, Austin Hook wrote:
I understand that some people have experienced boot problems with CD #1 in
the new 4.2 release set, mainly with older machines.
On Mon, 29 Oct 2007 10:49:09 -0700 (MST), Austin Hook wrote:
I understand that some people have experienced boot problems with CD #1 in
the new 4.2 release set, mainly with older machines. There are cases
where the same CD works with a newer machine, but fails to boot with an
older one. I
On 10/28/07, Karel Kulhavy [EMAIL PROTECTED] wrote:
On Sun, 28 Oct 2007 12:15:28 +0530, Karthik Kumar wrote:
Loads of irrelevant waffle which belongs somewhere else.
How about you two start your own blog somewhere and recruit a willing
coterie who are at least mildly interested.
Anybody here
On Sun, 28 Oct 2007 11:51:37 +, Edd Barrett wrote:
Hi,
On 28/10/2007, RW [EMAIL PROTECTED] wrote:
So maybe that narrows it a bit if we can find out what relevant factor
changed between those and release.
I guess it would be around here somplace:
http://www.openbsd.org/cgi-bin/cvsweb/src
of plus 2 laptops that won't
swap drives with the desktops.
Besides I have the 4 identical boxes with MX36LE A-Open mobos that I
posted dmesgs from yesterday. There are 2 with Diamond 52X CDR, one
with a combo drive and the one that made me think I had a buggy DVD 2
layer/dvd-ram/+/-/cdr/rw/ latest
On Sat, 27 Oct 2007 19:30:27 -0400, Barry Miller wrote:
On Sat, Oct 27, 2007 at 07:01:04PM +0100, Edd Barrett wrote:
A couple of friends have been wanting to try out OpenBSD 4.2 on their
machines, but the 4.2 disk will not boot whereas the 4.1 disk will.
[...]
Has anyone else had problems
On Sun, 28 Oct 2007 01:48:54 +, Edd Barrett wrote:
But why are these machines not booting the CD's properly?
I was testing snapshots up to build #374.
One of my no-boot on #375 (release) boxes was installed from either
#373 or #374 (can't tell now) using snapshot .iso file
So maybe that
On Sat, 20 Oct 2007 09:59:26 +, Tom Van Looy wrote:
on unix everything is a file?
Always has been.
At least as far back as I can remember - about early 1978.
Probably always will.
And, given the thread running here, my second edition of the Unix
Programmers Manual vol 1 from those days
I have a GENERIC 4.1 box running ntpd as a server that is now part of
au.pool.ntp.org and suddenly (once the world discovered it) the logs
began to fill with entries like:
Oct 19 16:46:05 freya ntpd[12012]: malformed packet received from
121.216.235.111
Oct 19 16:46:19 freya ntpd[12012]: malformed
On Sat, 13 Oct 2007 11:43:46 +0200, Karel Kulhavy wrote:
I want to make my OS return 127.0.0.1 on google-analytics.com and
ad.doubleclick.net to speed up the work with Sourceforge.
I put
127.0.0.1 google-analytics.com
127.0.0.1 ad.doubleclick.net
into /etc/hosts
and checked that
I have seen plenty of QA about multibooting OpenBSD and
Windows/Linux/whatever and although I did a lot of that stuff way back,
I generally don't need it in the days of almost zero cost PC that are
plenty good enough to run OpenBSD.
So why this question? Well I was blessed by a client who had
On Wed, 10 Oct 2007 22:51:26 +0200, Tilo Stritzky wrote:
On 10/10/07 21:37 RW wrote:
Then (the devil made me do it!) I thought: Why not four OpenBSDs as in
Release, Release minus one, current and some experimental stuff. Just
multiboot to whichever and away.
Is it at all possible? If so
On Mon, 8 Oct 2007 20:04:15 +0200, ropers wrote:
On 08/10/2007, Tom Van Looy [EMAIL PROTECTED] wrote:
I think it should have been 101 instead of 11.
Gord wrote:
Someone is giving it a go:
http://slashdot.org/~TheRaven64/journal/184027
That's real interesting, guys.
TheRaven64 writes
On Wed, 26 Sep 2007 17:26:22 +0200, Peter N. M. Hansteen wrote:
Or take advantage of the (by default) 25 minute window to use other
means to detect that this address is sending spam. Perhaps spamd should
be extended to look for excessive attempts to send messages from an
address during that
On Tue, 25 Sep 2007 09:38:10 +0100, Craig Skinner wrote:
Greylisting is of no use whatsoever because the servers sending the
bounces to you are actual smtp boxes (sendmail, extrange, ), not
malware, so they will quickly bypass spamd. Spamd greytraps will help a
great deal, but you say
On Tue, 25 Sep 2007 12:40:50 +0100, Craig Skinner wrote:
RW wrote:
The others were from bots as far as I could tell but they were not
being sent by MTAs which had received them.
Yes, but the OPs problem is back scatter, and that does not come from
bots, they don't retry.
What I
On Tue, 25 Sep 2007 14:14:46 +0300, Liviu Daia wrote:
On 25 September 2007, RW [EMAIL PROTECTED] wrote:
[...]
My defence was to write a couple of scripts. One parsed the output of
spamdb looking for GREY with sender and then tested the intended
recipient against the postfix valid mailbox
On Wed, 26 Sep 2007 03:16:35 +0300, Liviu Daia wrote:
Postfix would just be rejecting them and filling its logs.
Oh come on, these days you're probably rejecting 95% of messages
anyway. :)
Nope. Every day at log reading time I do grep reject maillog and very
rarely do I see a result.
On Fri, 21 Sep 2007 23:48:11 -0500, Aaron wrote:
... SNIP
Is anyone using solid state drives yet?
CF is effectively IDE.
Witness (a firewall here):
# disklabel wd0
# Inside MBR partition 3: type A6 start 63 size 1000881
# /dev/rwd0c:
type: ESDI
disk: ESDI/IDE disk
label: SanDisk
On Thu, 20 Sep 2007 10:26:14 -0500, [EMAIL PROTECTED] wrote:
You'd be unhappy with the write cycle longevity of a flash drive for
regular use anyway. Flash and super dense mag drives seem fine for use
if write/erase only happens occasionally (i.e. embedded/mp3 etc...)
The next step:
The next
On Thu, 20 Sep 2007 19:25:40 -0500, [EMAIL PROTECTED] wrote:
I guess they are great and I'm an idiot, nuff said...
No. I don't think so.
There are lots of things (in techy stuff particularly) that are true at
some point.
Later on that thing becomes no longer true but the meme hangs around
and
On Fri, 14 Sep 2007 16:06:56 +0100, Rui Miguel Silva Seabra wrote:
There's no blind so bad as that which refuses to see. There's nothing I
can do to change that.
Pot, Kettle, Black.
R/
Write a wise saying and your name will live on forever. - Anonymous
On Thu, 13 Sep 2007 20:35:35 -0400, Stephan Andre' wrote:
I hope one day soon OpenBSD will adopt a nice ncurses setup similar
to something like FreeBSD with ease to it.
Honestly, I don't see why. How does making the installer more
complicated is going to help anything.
I recently sat a
On Mon, 03 Sep 2007 17:15:02 -0400, Paolo Supino wrote:
Hi
I have a firewall that also acts as a VPN peer for 2 VPNs. One of
the VPNs is IPSEC that connects between the main office and a branch
office. The second VPN is OpenVPN that connects windows based road
warriors to the branch office. I
On Mon, 03 Sep 2007 20:26:14 -0400, Paolo Supino wrote:
Hi RW
Except for the branch VPN to the main office subnet (line# 3) I have
the other IPSEC rules: peer to peer, 2 subnets to 1 subnet (and vice
versa on the main office VPN peer). Why do I need to setup a tunnel
between the branch
On Sun, 19 Aug 2007 14:42:31 +0900, vladas wrote:
I am about to buy UPS, but would really appreciate your
opinions to make sure I throw money away in the right
direction.
Time is not on my side. I have got OMRON BX35F's.
(4.2 GENERIC #338)
/bsd: uhidev1 at uhub3 port 1 configuration 1
On Sun, 19 Aug 2007 16:33:58 +0900, vladas wrote:
You really should do a bit more reading of the readily available
information.
e.g. http://ports.openbsd.nu/sysutils/nut says:
Nut also has a network communications layer that allows other
nut was mentioned in my post.
machines to
On Tue, 7 Aug 2007 18:31:53 -0500, Mike Piety wrote:
On Tue, 7 Aug 2007 15:46:41 -0400
Austin Murphy [EMAIL PROTECTED] wrote:
I inherited a transparent bridging firewall running
OpenBSD 3.8 and pf. I would like to add two new filter
rules without disrupting the current network traffic. The
On Tue, 24 Jul 2007 06:01:07 -0500, Jacob Yocom-Piatt wrote:
for domains that have multiple MX records, it might be nice to have all
those IPs whitelisted when sending to that domain. maybe this is already
done or there is a reason it isn't :). guess someone could publish a
list of bogus IPs
On Mon, 23 Jul 2007 20:51:33 -0700, Darrin Chandler wrote:
Also, though spamd works GREAT, it is what it is. As I mentioned above,
it will not stop spam from real mail servers, whether open relays or
spam house servers. You may get to the point where you do want to add
ports/packages). I deal
On Tue, 3 Jul 2007 22:32:01 -0300, Joco Salvatti wrote:
Hi all,
Having Read about computer security, one of the parts that mostly
called up my atention were the access control mechanisms. I've found
out that the mechanism used by mostly of the Unix-like systems is DAC
(Discretionary Access
On Mon, 25 Jun 2007 10:48:20 -0700, John N. Brahy wrote:
I was wondering what the general census on port knocking in the OpenBSD
community is. I like the idea of hiding services but I don't like the
idea of relying on a piece of code that's not part of the OpenBSD core.
I know when it comes down
On Tue, 12 Jun 2007 03:04:23 -0700 (PDT), Praveen wrote:
Hi,
From the man page it appears that spamd relies on
static information about spam originators.
Why not a more dynamic scheme ?.
Why not run the content of the mail through a spam
detector (like dspam), find the spam score and make
I have a Commell LE564 which will work happily with a serial console
including doing BIOS stuff.
The BIOS allows use of a USB CD drive and that works too. Well, it
works perfectly if you can just time it right and blindly type in the
magic string to redirect the console to com0 and then you can
On Mon, 04 Jun 2007 08:55:09 -0500, Jacob Yocom-Piatt wrote:
uh, pxeboot? you can put the CD contents on your pxeboot server and
there's no need to hook up a CD drive. me thinks that's how you're
supposed to do it for headless machines.
have had the same bad magic errors in the past when using
The list of mini-pci cards that work with ral does not include one I
obtained recently.
It is an MSI MP54G5 and it seems to work well as an AP. More testing
coming up and I'll send an alert if I see any problems.
It shows up in dmesg as:
ral0 at pci0 dev 20 function 0 Ralink RT2560 rev 0x01:
I am helping a friend by setting up dual boot HDDs to swap back and
forth between DOS (for a legacy data entry app) and OpenBSD (to push
the data to a backup box to burn CDs for short term archival use.)
It just works for every machine bar one. dmesg below.
The problem is that the drive boots to
On Mon, 28 May 2007 16:38:31 -0600, Daniel Melameth wrote:
8--
snipped lots of good info, thanks.
8
Any thoughts... or anyone know of a 802.11g card/driver combination
with that legendary wi reliability?
I have an MSI PCI card in a Soekris 4850. It looks like this (in
dmesg):
ral0 at pci0
On Tue, 22 May 2007 16:08:10 -0600, Bob Beck wrote:
arlo guthrie
...
We walked in, sat down, Obie brought up the the help desk page with
8snip
And you can get anything you want at Bob Beck's Restaurant,
as long as it's moose!
Loved it Bob!
You are not just a good coder.
Thanks, the
In the past I have always applied relevant patches and recompiled
whatever was needed to take care of errata items.
Nearly a week ago I decided to use a spare machine to track i386 4.1
stable, did what I was told (FAQ, thanks Nick et al!) : untarred
sources, cvs updates, makes all went without
On Mon, 7 May 2007 23:01:15 -0600, Joel Knight wrote:
--- Quoting RW on 2007/04/30 at 16:52 +1000:
Existing setup:
Head Office:
WAN IP=165.x.y.z
LAN = 172.22.22.0/24
Extranet gateway = 10.x.y.1
Branch Office:
WAN IP=150.x.y.z
LAN= 172.22.23.0/24
IPsec endpoints are OpenBSD
Existing setup:
Head Office:
WAN IP=165.x.y.z
LAN = 172.22.22.0/24
Extranet gateway = 10.x.y.1
Branch Office:
WAN IP=150.x.y.z
LAN= 172.22.23.0/24
IPsec endpoints are OpenBSD firewalls and LAN to LAN connectivity is
fine.
My challenge is to get traffic to pass from a host on the Branch LAN
On Wed, 18 Apr 2007 17:40:49 -0700, Bryan Vyhmeister wrote:
On Apr 18, 2007, at 5:31 PM, Bray Mailloux wrote:
shared-network LOCAL-NET{
option domain-name theamericanbray.com;
option domain-name-servers 208.204.224.11, 208.204.224.33
subnet 192.168.0.0 netmask 255.255.255.0 {
On Fri, 13 Apr 2007 09:37:14 -0400, stuart van Zee wrote:
Sorry if this belongs elsewhere but I was sure someone here would know.
I was under the impression that when using SFTP to transfer files they
were automatically treated as Binary files. So if the remote file uses
CRLF to terminate
On Thu, 5 Apr 2007 18:06:29 -0700, John N. Brahy wrote:
I've been looking at the source and I've read the man page but I don't
see a way to convert a greylisted entry to a whitelisted entry.
Is it possible or just unnecessary?
# spamdb -a 12.34.56.78
# spamdb | grep 12.34.56.78
On Thu, 22 Mar 2007 05:30:45 -0600, Jacob Yocom-Piatt wrote:
RW wrote:
I have a simple setup.
Sydney to Melbourne and the ipsec.conf is one of the nice easy ones
whilst I learn to do more complex setups. It has been working for
months.
Today doing ipsecctl -s all at either end generates
On a firewall that is not mine but where the admins run to me for help
8-) somebody noticed that name resolution was not working.
rc.conf.local says:
named_flags=
named.conf is the default (caching with recursion only for local
clients)
uname says:
OpenBSD fw.example.com.au 3.9 GENERIC#617 i386
I have a simple setup.
Sydney to Melbourne and the ipsec.conf is one of the nice easy ones
whilst I learn to do more complex setups. It has been working for
months.
Today doing ipsecctl -s all at either end generates the expected
output. Each is a mirror of the other.
netstat -rnf encap shows
On Tue, 20 Mar 2007 03:54:41 -0400, Gordon Willem Klok wrote:
I'm one of those users with my atheros-based
wireless card I'm using right now. I know what I'm doing. I don't feel
less safe. I don't audit every single driver I use. And I'm happy to use
OS which gives me the choice.
I'm one of
On Mon, 19 Mar 2007 11:59:51 -0400, Dan Farrell wrote:
I thought it was free as in beer, but because of the blobs, not
necessarily free as in you can do whatever you want with it...
Because what can you do with a blob? Are you allowed to use a blob
anywhere you want, in any situation? Are you
On Mon, 19 Mar 2007 16:26:12 -0500, Marco Peereboom wrote:
Yes but since these are production machines in a lab that requires
clearance I can't share. We keep backups around for all these machines
since every now and then we lose one for no good reason. In contrast
the windows and openbsd
On Wed, 28 Feb 2007 11:48:52 -0800, Tom Bombadil wrote:
I wonder how people are coping with master downtime when using spamd?
Is it a good idea to regularly dump spamd-white into a file, rsync it
to the backup carp server, and load these IPs in a separate table?
I was thinking of lowering
On Tue, 27 Feb 2007 13:55:50 -0800, Tom Bombadil wrote:
Greetings...
By any chance, will spamd delete any IPs that I add manually to spamd-white?
spamd(8) says:
spamd regularly scans the /var/db/spamd database and configures all
whitelist addresses as the spamd-white pf(4) table.
How exactly
On Mon, 26 Feb 2007 22:31:08 -0600, Default User wrote:
When will we ever see binary updates for OpenBSD? Taking a system
off-line for over 20 hours to do a source code rebuild is just too long,
and just tracking RELEASE means running an insecure system.
Binary updating - try it, you'll like
We have an IPsec tunnel setup between two OpenBSD firewalls and
normally it just works (thanks developers!)
Over the past day or so the tunnel breaks.
ipsecctl -sa shows no flows or SADB entries.
The log entries at the Sydney end show lines like:
Feb 24 05:59:21 pps35001 isakmpd[9204]:
On Sun, 18 Feb 2007 16:30:36 +1300, [EMAIL PROTECTED] wrote:
hi,
i am rsyncing -current packages taking advantage of rsync's pattern
matching to avoid specifying the package versions, to make a local
repository for upgrades.
there are several packages that i _don't_ want to retrieve flavours
On Wed, 14 Feb 2007 17:00:55 -0800, Bryan Irvine wrote:
I'm going to be installing on a soekris box (probably on flash media),
and I'm trying to figure out what the bare minimum I need to install.
Is there somewhere I can see what files are included in the
base40.tgz, etc40.tgz etc... so I know
On Thu, 15 Feb 2007 01:08:28 +, Jamie Penman-Smithson wrote:
On 15/02/07, Stuart Henderson [EMAIL PROTECTED] wrote:
I'm attempting to setup openbsd 4.0 as a router, the system has two
interfaces, rl0 and rl1. It looks something like this (apologies if
this looks really odd):
router
On Wed, 7 Feb 2007 11:49:07 +0100, Toni Mueller wrote:
Hi,
On Sat, 03.02.2007 at 21:26:36 +0100, Andreas Maus [EMAIL PROTECTED] wrote:
But the mailwraper provides a more generic way for
OpenBSD to use mail without dealing much about
the uses mail system. (sendmail,postfix,exim,qmail, ...)
On 01 Feb 2007 12:26:09 +0100, Artur Grabowski wrote:
[EMAIL PROTECTED] writes:
I just moved a 200GB hard drive from a 3.7 box to a 4.0 box, and since
my data was all backed up, I decided to run disklabel, create a fresh
partition that spanned the whole disk, and then run newfs on that
On Sun, 28 Jan 2007 19:19:09 +, John wrote:
The only other thing I'm trying to find out now is whether whitelist.txt
can use domains rather than dotted quads
No. It doesn't do DNS as it is a fast lightweight single purpose
MTA-like daemon.
Besides which: Are you expecting to trust the domain
76 matches
Mail list logo