RE: [CentOS] Re: DKIM
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Karanbir Singh Sent: Thursday, September 25, 2008 11:47 AM To: CentOS mailing list Subject: Re: [CentOS] Re: DKIM Toby Bluhm wrote: > BTW - very informative thread. > I wonder if someone might take the bits of info in this thread and put it into a wiki page around Mail Servers and perhaps start a best practices section... Would http://wiki.centos.org/HowTos#head-49a3d6a9a0c95cff0676b0209eae985780e41678 be a good place to consolidate under ? JohnStanley Writes: An excellent thought Second That! Bob does indeed have some pretty decent notes up on his site. JohnStanley ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Telnet & ssh connection limit and idle timeout
lingu wrote: Dear all, * I am running centos 4 update 5. I want to limit user connection(maximum 10 simultaneous connection are only allowed) to server (for telnet & ssh sessions).In the mean time i like to remove all dead and idle connections(ssh & telnet session) of more that 24 hours. Any one guide me how to do this. Regards Lingu * ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos for telnet, intall telnet-server and in /etc/xinetd.d/telnet , append instances= total number of instances and per_source=,the number of simultaneous connections per IP address - it can not exceed the total number of instances. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SIze of reformatted USB drive
William L. Maltby wrote: Yes, for the reasons the others posted. However, if you know the "profile" of what you'll have on there, a substantial amount of space can be recovered by 1) make sure you have large block size and 2) reducing the i-nodes allocated to suit. Do a little thinking before you make these adjustments. I've used these (along with the reducing root-reserved) for years w/o problems. But if you get too radical and/or miss the reality with your profile substantially, you'll be in a "rework" scenario. i just used the tune2fs command to recover space on my secondary drive. Afterwards i unmounted the drive and ran a e2fsck -f . No error was reported. Actually i used the tune2fs when the device was mounted so i just became paranoid. now the e2fsck reported no error does that mean my filesystem is still intact and no potential harm has been done ? when i remount the drive and run df -h i see an extra 6G of free space. does e2fsck also check for data corruption or data integrity ? William, can you please tell in details if more space can be recovered by using your two options and lastly is tweaking the default options of file system a good thing or bad thing ? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SIze of reformatted USB drive
On Thu, 2008-09-25 at 19:31 -0400, Robert Moskowitz wrote: > I just reformatted an 8Gb USB drive as ext3. > > While as FAT32, it was reported as having well over 7Gb free (did not > note the exact capacity). > > I reformatted with mkfs.ext3 /dev/sda1 > > Now it is reported (oh, this is with properties in Nautilus) as having > 6.8Gb capacity (free space actually). > > Does this makes sense that ext3 has less available space than fat32? Yes, for the reasons the others posted. However, if you know the "profile" of what you'll have on there, a substantial amount of space can be recovered by 1) make sure you have large block size and 2) reducing the i-nodes allocated to suit. Do a little thinking before you make these adjustments. I've used these (along with the reducing root-reserved) for years w/o problems. But if you get too radical and/or miss the reality with your profile substantially, you'll be in a "rework" scenario. > -- Bill ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: SIze of reformatted USB drive
On Thu, Sep 25, 2008 at 19:40, Scott Silva <[EMAIL PROTECTED]> wrote: >> Does this makes sense that ext3 has less available space than fat32? > > Ext3 reserves some space for root by default. I think it is like 5 or 10 %. > That might be it. 5% by default. You can change it to 1% for your filesystem with this command: tune2fs -m 1 /dev/sda1 HTH, Filipe ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: SIze of reformatted USB drive
on 9-25-2008 4:31 PM Robert Moskowitz spake the following: I just reformatted an 8Gb USB drive as ext3. While as FAT32, it was reported as having well over 7Gb free (did not note the exact capacity). I reformatted with mkfs.ext3 /dev/sda1 Now it is reported (oh, this is with properties in Nautilus) as having 6.8Gb capacity (free space actually). Does this makes sense that ext3 has less available space than fat32? Ext3 reserves some space for root by default. I think it is like 5 or 10 %. That might be it. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] SIze of reformatted USB drive
I just reformatted an 8Gb USB drive as ext3. While as FAT32, it was reported as having well over 7Gb free (did not note the exact capacity). I reformatted with mkfs.ext3 /dev/sda1 Now it is reported (oh, this is with properties in Nautilus) as having 6.8Gb capacity (free space actually). Does this makes sense that ext3 has less available space than fat32? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] "Treason uncloaked!"
On Thu, Sep 25, 2008 at 6:24 PM, Ralph Angenendt <[EMAIL PROTECTED]> wrote: > No, you can't. Those messages turn up in the kernel ring buffer (aka dmesg). I > don't find anything in the rsyslog (or rklogd) manual page on filtering or > redirecting those. > > I might be wrong, but ... It's entirely possible that I'm confusing rsyslog versions here, but I was under the impression that this could be filtered with '$ModLoad imklog' and then redirecting the regex'd statements elsewhere. It would not affect what shows up in dmesg exactly, but would provide a way to clean up other logging. -- During times of universal deceit, telling the truth becomes a revolutionary act. George Orwell ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Telnet & ssh connection limit and idle timeout
On 9/24/08, lingu <[EMAIL PROTECTED]> wrote: > > *I am running centos 4 update 5. I want to limit user connection(maximum > 10 simultaneous connection are only allowed) to server > (for telnet & ssh sessions).In the mean time i like to remove all dead and > idle connections(ssh & telnet session) of more that 24 hours.* > Sorry that no one has help you yet on this. Check-out limits.conf (e.g., "man limits.conf"). This will allow you to limit the number of concurrent user logins. -rak- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Reformatting a USB drive
On Thu, Sep 25, 2008 at 2:05 PM, Robert Moskowitz <[EMAIL PROTECTED]> wrote: > Found this old message about formatting a USB drive and it leaves a few > questions for me: > Would you please stop top-posting? Thanks. mhr ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] "Treason uncloaked!"
Jim Perrin wrote: > On Thu, Sep 25, 2008 at 5:15 AM, John R Pierce <[EMAIL PROTECTED]> wrote: >> got a centos5.2 web/database server thats on a public coloc, its dmesg >> fills >> up with >> TCP: Treason uncloaked! Peer 84.158.80.177:61931/8032 shrinks window >> 3243232020:3243237180. Repaired. >> >> I know thats because of random bogosity coming in from the internet, and I >> really don't care. can I suppress that from filling up the dmesg buffer >> so I can see more important things like scsi soft errors? > > You can filter these messages to their own log when using rsyslog and > its regex features. No, you can't. Those messages turn up in the kernel ring buffer (aka dmesg). I don't find anything in the rsyslog (or rklogd) manual page on filtering or redirecting those. I might be wrong, but ... Cheers, Ralph pgpmtSrjU3aCW.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: DKIM
Toby Bluhm wrote: > Scott Silva wrote: > . > . > . >> A "one stop shop" on everything CentOS. >> > > > I like that approach better. A new list for email only would probably > lead to email threads on *both* lists, users being reminded to take the > discussion to the other list, etc. We have no application specific lists yet (not counting centos-virt, true), and I don't think we should have. E-Mail is the same on *every* unix and sometimes even on windows. So someone having problems with sendmail or exim or postfix should go to the lists specific for those applications. I know I also put some fuel into this fire, but I think we should let this thread die. As Karanbir said: There were some really interesting issues in this thread, so if someone wants to come up and put a summary of this thread on the CentOS Wiki, nobody will stop him or her. Cheers, Ralph pgpeRhRCC9Ij5.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Implementing LVS changes made in Piranha GUI
Quoting David Dyer-Bennet <[EMAIL PROTECTED]>: > > On Thu, September 25, 2008 14:43, Barry Brimer wrote: > > Quoting David Dyer-Bennet <[EMAIL PROTECTED]>: > > > >> > >> On Thu, September 25, 2008 14:13, Barry Brimer wrote: > >> > >> > Is the service itself active? > >> > > >> > Do you have a line above these that says something like: > >> > > >> > virtual example.com { > >> > active = 1 > >> > >> Yes; and it shows as active in Piranha, too, and nannys got started for > >> the three real servers. It just didn't tell ipvs to actually route to > >> them. > > > > What happens when you run the service check by hand? > > Don't know what "service check" means (guessing you mean what nanny does > to decide a service is working?). But raising the issue of whether > something below the level of what I thought I had changed was changed has > been somewhat productive. > > While I can ping the realservers, turns out I can't access the services on > them. Don't know why yet, but that's something I can investigate. (Still > don't see why it changed when it did; but if I can't access the services > from the lvs, then it can't route to them either, and the nanny checks > will fail, etc., so that must be fixed before anything can work.) I will > chase this down, and either fix it or have different questions :-). Thank > you! > > > Do you have your IP addresses for different services on different devices > > Yes, they're on separate devices, and they're set up the same was as when > it worked yesterday, so I don't think it's anything that basic that's > wrong. > > I think I've been mis-understanding the startup order. Is this what > really happens: > > 1. pulse started > > 2. lvsd started by pulse > > 3. nanny for each (active) realserver started by lvsd > > 4. When a nanny gets a successful test, either it or lvsd *then* enables > that realserver for receiving traffic > > That would explain why I have nannys running, but no realservers listed by > ipvsadm. I expected things to start out on, and only get turned off if > the nannys failed; but in fact doing what I listed above makes more sense, > it's better if you *have* a nanny to make sure the nanny reports ok > *first*. By service check, I mean the send or send program line which "expects" the result of the "expect" line to determine that the service is "up". IME, ipvsadm does not show a host (even at startup) until it is successful from the send/send program / expect tests. Barry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Reformatting a USB drive
On Thu, Sep 25, 2008 at 17:05, Robert Moskowitz <[EMAIL PROTECTED]> wrote: > Do I unmount the drive after inserting it before I issue: > mkfs.ext3 /dev/sda1 Yes, if it's mounted, unmount it before running the mkfs command. > BTW, when I do a 'man mkfs.ext3' it takes me to the man pages for mke2fs. Yes, they are the same. > After the format is done, do I have to do anything to make sure everything > is 'written' to the drive before pulling it from the system? After formatting, no, the empty ext3 filesystem should be written on the drive and safe. If you mount it and write data to it, you should unmount it before unplugging, otherwise you may lose data. HTH, Filipe ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Reformatting a USB drive
Found this old message about formatting a USB drive and it leaves a few questions for me: I am going to format it as ext3 to keep permissions. I don't need to use this drive on any M$ system. Do I unmount the drive after inserting it before I issue: mkfs.ext3 /dev/sda1 BTW, when I do a 'man mkfs.ext3' it takes me to the man pages for mke2fs. After the format is done, do I have to do anything to make sure everything is 'written' to the drive before pulling it from the system? Jim Perrin wrote: On 5/24/07, Todd Cary <[EMAIL PROTECTED]> wrote: I have a USB drive that has been formatted as NTFS. Can I reformat it? I have identified these properties about it /dev/sda1 /media/Extrnl_Bkup Not sure what to do next since the GUI will not mount a NTFS disk (expected). There are kernel ntfs modules, but really, the most universally supported option is to format with vfat. This way it will work on windows, mac and linux systems, fully supported all the way around. There are some limitations to fat32, 4G file sizes and the like. The quick and easy way is mkfs.vfat /dev/sda1tap fingers for a minute... then unplug/reinsert. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: Install via VNC
It is working. Got through disk druid to set the drive how I like, then did the desktop setup. It is now formatting the drive, and should be all installed before long. Then the updates :) And finally fix up the anaconda-ks.cfg so I can use it to build the other 3 the same way... Scott Silva wrote: on 9-25-2008 1:09 PM Robert Moskowitz spake the following: Scott Silva wrote: on 9-25-2008 12:31 PM Robert Moskowitz spake the following: First try did not work dnk wrote: On 24/09/08 8:27 AM, "Robert Moskowitz" <[EMAIL PROTECTED]> wrote: http://wiki.centos.org/TipsAndTricks/VncHeadlessInstall Only thing I don't know how to do is have vncviewer in 'listen' mode. I am the one that wrote that wiki article. How to put the client into listen mode depends on which VNC client you are using, and on what platform. Building the CD was relatively easy. BTW, if you copy the Centos 5.2 1of6 iso image to a system with gnome, Nautlius 'open with Archive Manager' makes it trivial to extract all the files from the image. The rest of your build instructions were easy to follow. I am using: kernel vmlinuz vnc vncconnect=1.2.3.5 headless ip=dhcp ksdevice=eth0 method=http://me.htt-consult.com/centos/5.2/os/i386 lang=en_US keymap=us Change the above to ; kernel vmlinuz (crlf) append initrd=initrd.img ramdisk_size=8192 upgradeany vnc vncconnect=1.2.3.5 headless ip=dhcp ksdevice=eth0 method=http://me.htt-consult.com/centos/5.2/os/i386 lang=en_US keymap=us (with the append line being one line) You can leave out the upgradeany command, it has been in there for a long time and I don't do upgrades very often. And what about the ramdisk_size=8192? Seems I have seen that somewhere, but it is not on the current append initrd line in the .cfg file. Like I said it has "been around the block" and was first used on CentOS 4 since I think it was the first one to have the vnc option. When I first started using it, the ramdisk size was too small to work properly. I don't know if the defaults are different, but it doesn't hurt as I did an install with it about 2 weeks ago on a 64 bit server with CentOS 5. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Implementing LVS changes made in Piranha GUI
On Thu, September 25, 2008 14:43, Barry Brimer wrote: > Quoting David Dyer-Bennet <[EMAIL PROTECTED]>: > >> >> On Thu, September 25, 2008 14:13, Barry Brimer wrote: >> >> > Is the service itself active? >> > >> > Do you have a line above these that says something like: >> > >> > virtual example.com { >> > active = 1 >> >> Yes; and it shows as active in Piranha, too, and nannys got started for >> the three real servers. It just didn't tell ipvs to actually route to >> them. > > What happens when you run the service check by hand? Don't know what "service check" means (guessing you mean what nanny does to decide a service is working?). But raising the issue of whether something below the level of what I thought I had changed was changed has been somewhat productive. While I can ping the realservers, turns out I can't access the services on them. Don't know why yet, but that's something I can investigate. (Still don't see why it changed when it did; but if I can't access the services from the lvs, then it can't route to them either, and the nanny checks will fail, etc., so that must be fixed before anything can work.) I will chase this down, and either fix it or have different questions :-). Thank you! > Do you have your IP addresses for different services on different devices Yes, they're on separate devices, and they're set up the same was as when it worked yesterday, so I don't think it's anything that basic that's wrong. I think I've been mis-understanding the startup order. Is this what really happens: 1. pulse started 2. lvsd started by pulse 3. nanny for each (active) realserver started by lvsd 4. When a nanny gets a successful test, either it or lvsd *then* enables that realserver for receiving traffic That would explain why I have nannys running, but no realservers listed by ipvsadm. I expected things to start out on, and only get turned off if the nannys failed; but in fact doing what I listed above makes more sense, it's better if you *have* a nanny to make sure the nanny reports ok *first*. -- David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/ Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/ Photos: http://dd-b.net/photography/gallery/ Dragaera: http://dragaera.info ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: "Treason uncloaked!"
Scott Silva wrote: on 9-25-2008 2:15 AM John R Pierce spake the following: got a centos5.2 web/database server thats on a public coloc, its dmesg fills up with TCP: Treason uncloaked! Peer 82.135.195.32:64905/8032 shrinks window 354477433:354478918. Repaired. TCP: Treason uncloaked! Peer 82.135.195.32:64905/8032 shrinks window 354477433:354478918. Repaired. TCP: Treason uncloaked! Peer 82.135.195.32:64905/8032 shrinks window 354477433:354478918. Repaired. TCP: Treason uncloaked! Peer 84.158.80.177:61931/8032 shrinks window 3243223020:3243237180. Repaired. TCP: Treason uncloaked! Peer 84.158.80.177:61931/8032 shrinks window 3243227520:3243237180. Repaired. TCP: Treason uncloaked! Peer 84.158.80.177:61931/8032 shrinks window 3243232020:3243237180. Repaired. I know thats because of random bogosity coming in from the internet, and I really don't care. can I suppress that from filling up the dmesg buffer so I can see more important things like scsi soft errors? Don't you love some of the more "interesting" messages from the kernel? I'm surprised they didn't use "Here be dragons"! Or revive "Don't worry, Max; everything's gonna be O.K." ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: Install via VNC
on 9-25-2008 1:09 PM Robert Moskowitz spake the following: Scott Silva wrote: on 9-25-2008 12:31 PM Robert Moskowitz spake the following: First try did not work dnk wrote: On 24/09/08 8:27 AM, "Robert Moskowitz" <[EMAIL PROTECTED]> wrote: http://wiki.centos.org/TipsAndTricks/VncHeadlessInstall Only thing I don't know how to do is have vncviewer in 'listen' mode. I am the one that wrote that wiki article. How to put the client into listen mode depends on which VNC client you are using, and on what platform. Building the CD was relatively easy. BTW, if you copy the Centos 5.2 1of6 iso image to a system with gnome, Nautlius 'open with Archive Manager' makes it trivial to extract all the files from the image. The rest of your build instructions were easy to follow. I am using: kernel vmlinuz vnc vncconnect=1.2.3.5 headless ip=dhcp ksdevice=eth0 method=http://me.htt-consult.com/centos/5.2/os/i386 lang=en_US keymap=us Change the above to ; kernel vmlinuz (crlf) append initrd=initrd.img ramdisk_size=8192 upgradeany vnc vncconnect=1.2.3.5 headless ip=dhcp ksdevice=eth0 method=http://me.htt-consult.com/centos/5.2/os/i386 lang=en_US keymap=us (with the append line being one line) You can leave out the upgradeany command, it has been in there for a long time and I don't do upgrades very often. And what about the ramdisk_size=8192? Seems I have seen that somewhere, but it is not on the current append initrd line in the .cfg file. Like I said it has "been around the block" and was first used on CentOS 4 since I think it was the first one to have the vnc option. When I first started using it, the ramdisk size was too small to work properly. I don't know if the defaults are different, but it doesn't hurt as I did an install with it about 2 weeks ago on a 64 bit server with CentOS 5. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: Install via VNC
Scott Silva wrote: on 9-25-2008 12:31 PM Robert Moskowitz spake the following: First try did not work dnk wrote: On 24/09/08 8:27 AM, "Robert Moskowitz" <[EMAIL PROTECTED]> wrote: http://wiki.centos.org/TipsAndTricks/VncHeadlessInstall Only thing I don't know how to do is have vncviewer in 'listen' mode. I am the one that wrote that wiki article. How to put the client into listen mode depends on which VNC client you are using, and on what platform. Building the CD was relatively easy. BTW, if you copy the Centos 5.2 1of6 iso image to a system with gnome, Nautlius 'open with Archive Manager' makes it trivial to extract all the files from the image. The rest of your build instructions were easy to follow. I am using: kernel vmlinuz vnc vncconnect=1.2.3.5 headless ip=dhcp ksdevice=eth0 method=http://me.htt-consult.com/centos/5.2/os/i386 lang=en_US keymap=us Change the above to ; kernel vmlinuz (crlf) append initrd=initrd.img ramdisk_size=8192 upgradeany vnc vncconnect=1.2.3.5 headless ip=dhcp ksdevice=eth0 method=http://me.htt-consult.com/centos/5.2/os/i386 lang=en_US keymap=us (with the append line being one line) You can leave out the upgradeany command, it has been in there for a long time and I don't do upgrades very often. And what about the ramdisk_size=8192? Seems I have seen that somewhere, but it is not on the current append initrd line in the .cfg file. above is all one long line If you are going to do a remote install source, just use the netboot cd image. It is much smaller, and doesn't have to deal with the media check. What does that save me? I already have the 1of6 iso image here... I do installs like this all the time on headless servers in my site. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] "Treason uncloaked!"
John R Pierce wrote: > > got a centos5.2 web/database server thats on a public coloc, its dmesg > fills up with > > > TCP: Treason uncloaked! Peer 82.135.195.32:64905/8032 shrinks window > 354477433:354478918. Repaired. > TCP: Treason uncloaked! Peer 82.135.195.32:64905/8032 shrinks window > 354477433:354478918. Repaired. > TCP: Treason uncloaked! Peer 82.135.195.32:64905/8032 shrinks window > 354477433:354478918. Repaired. > TCP: Treason uncloaked! Peer 84.158.80.177:61931/8032 shrinks window > 3243223020:3243237180. Repaired. > TCP: Treason uncloaked! Peer 84.158.80.177:61931/8032 shrinks window > 3243227520:3243237180. Repaired. > TCP: Treason uncloaked! Peer 84.158.80.177:61931/8032 shrinks window > 3243232020:3243237180. Repaired. > > I know thats because of random bogosity coming in from the internet, and > I really don't care. can I suppress that from filling up the dmesg > buffer so I can see more important things like scsi soft errors? You could try turning TCP window scaling off which should stop that part of the stack from executing. How much it will affect the network performance of your box depends on the clients connecting to it... -Ross __ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Implementing LVS changes made in Piranha GUI
Quoting David Dyer-Bennet <[EMAIL PROTECTED]>: > > On Thu, September 25, 2008 14:13, Barry Brimer wrote: > > > Is the service itself active? > > > > Do you have a line above these that says something like: > > > > virtual example.com { > > active = 1 > > Yes; and it shows as active in Piranha, too, and nannys got started for > the three real servers. It just didn't tell ipvs to actually route to > them. What happens when you run the service check by hand? Do you have your IP addresses for different services on different devices .. i.e. eth0:0 eth0:1 eth0:2? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: Install via VNC
on 9-25-2008 12:31 PM Robert Moskowitz spake the following: First try did not work dnk wrote: On 24/09/08 8:27 AM, "Robert Moskowitz" <[EMAIL PROTECTED]> wrote: http://wiki.centos.org/TipsAndTricks/VncHeadlessInstall Only thing I don't know how to do is have vncviewer in 'listen' mode. I am the one that wrote that wiki article. How to put the client into listen mode depends on which VNC client you are using, and on what platform. Building the CD was relatively easy. BTW, if you copy the Centos 5.2 1of6 iso image to a system with gnome, Nautlius 'open with Archive Manager' makes it trivial to extract all the files from the image. The rest of your build instructions were easy to follow. I am using: kernel vmlinuz vnc vncconnect=1.2.3.5 headless ip=dhcp ksdevice=eth0 method=http://me.htt-consult.com/centos/5.2/os/i386 lang=en_US keymap=us Change the above to ; kernel vmlinuz (crlf) append initrd=initrd.img ramdisk_size=8192 upgradeany vnc vncconnect=1.2.3.5 headless ip=dhcp ksdevice=eth0 method=http://me.htt-consult.com/centos/5.2/os/i386 lang=en_US keymap=us (with the append line being one line) You can leave out the upgradeany command, it has been in there for a long time and I don't do upgrades very often. above is all one long line For my setup. Where the real IP address I am using is what I got from ifconfig on my notebook. I have 'vncviewer -listen' running in a terminal window on my Centos notebook, and it reports to be listenting on port 5500. 'iptables -L' reports ACCEPT for fcp-addr-srvr1 (which google tells me is port 5500), and I have opened port 5500 within my Intranet. Boot from CD (there is actually a screen on my OQO, but at only 800x480, I would not know if there was something at the bottom of the display) and I watch it start up and proceed all the way to the Centos5 X screen and sit there. Nothing on the client. Guess I am going to have to open a monitor port on the switch the OQO is plugged into and watch with tcpdump to see if anything is actually happening. hmmm, for the 'heck of it', I pressed and the install took off. Asked me what language and such I wanted (the 'standard' two dialog windows). The third brought me to Disk Druid. That kernel line is NOT working quite right. It is clear the changes to the first two lines 'took': prompt 0 timeout 0 As the install did not wait for any command line input. So what is wrong with that kernel line? I editted isolinux.cfg with gedit, and I just looked at the file on the iso build server with vi and it shows that as all one line. What is wrong here? Should I break out wireshark, or is there a problem with: kernel vmlinuz vnc vncconnect=1.2.3.5 headless ip=dhcp ksdevice=eth0 method=http://me.htt-consult.com/centos/5.2/os/i386 lang=en_US keymap=us where 1.2.3.5 is really the IP address of my client system. and me.htt-consult.com replace with the fqdn of my repo server (this works just fine with a 'linux askmethod'). If you are going to do a remote install source, just use the netboot cd image. It is much smaller, and doesn't have to deal with the media check. I do installs like this all the time on headless servers in my site. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Re: DKIM
John Hinton wrote: > Toby Bluhm wrote: > > Scott Silva wrote: > > > > > > A "one stop shop" on everything CentOS. > > > > I like that approach better. A new list for email only would > > probably lead to email threads on *both* lists, users being > > reminded to take the discussion to > > the other list, etc. > > My point is we go unhelped by CentOS. There is no way I'm going to > post mail issues to this list. And this list would become unusable if > we started this. Talking about spam filters, milters and on and on > and on. Look what just happened. One single very simple question of > the thousands to be dealt with and the thread went crazy... at which > point it was suggested that we end this thread. So, basically, posts > about 'all' things email are NOT welcomed on this list and should > not be. The only reason this thread went nuts was because it got onto the topic of SPF records. This is one of those topics that lots of people have rather strong feelings about and threads discussing it almost always seem to go out of control. The suggestion to end the thread generally comes when an argument starts going around in circles resolving nothing. Generic mail questions are always welcome here. Of course, more specific questions should be directed to the proper MTA-specific mailing list. -- Bowie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Install via VNC
First try did not work dnk wrote: On 24/09/08 8:27 AM, "Robert Moskowitz" <[EMAIL PROTECTED]> wrote: http://wiki.centos.org/TipsAndTricks/VncHeadlessInstall Only thing I don't know how to do is have vncviewer in 'listen' mode. I am the one that wrote that wiki article. How to put the client into listen mode depends on which VNC client you are using, and on what platform. Building the CD was relatively easy. BTW, if you copy the Centos 5.2 1of6 iso image to a system with gnome, Nautlius 'open with Archive Manager' makes it trivial to extract all the files from the image. The rest of your build instructions were easy to follow. I am using: kernel vmlinuz vnc vncconnect=1.2.3.5 headless ip=dhcp ksdevice=eth0 method=http://me.htt-consult.com/centos/5.2/os/i386 lang=en_US keymap=us above is all one long line For my setup. Where the real IP address I am using is what I got from ifconfig on my notebook. I have 'vncviewer -listen' running in a terminal window on my Centos notebook, and it reports to be listenting on port 5500. 'iptables -L' reports ACCEPT for fcp-addr-srvr1 (which google tells me is port 5500), and I have opened port 5500 within my Intranet. Boot from CD (there is actually a screen on my OQO, but at only 800x480, I would not know if there was something at the bottom of the display) and I watch it start up and proceed all the way to the Centos5 X screen and sit there. Nothing on the client. Guess I am going to have to open a monitor port on the switch the OQO is plugged into and watch with tcpdump to see if anything is actually happening. hmmm, for the 'heck of it', I pressed and the install took off. Asked me what language and such I wanted (the 'standard' two dialog windows). The third brought me to Disk Druid. That kernel line is NOT working quite right. It is clear the changes to the first two lines 'took': prompt 0 timeout 0 As the install did not wait for any command line input. So what is wrong with that kernel line? I editted isolinux.cfg with gedit, and I just looked at the file on the iso build server with vi and it shows that as all one line. What is wrong here? Should I break out wireshark, or is there a problem with: kernel vmlinuz vnc vncconnect=1.2.3.5 headless ip=dhcp ksdevice=eth0 method=http://me.htt-consult.com/centos/5.2/os/i386 lang=en_US keymap=us where 1.2.3.5 is really the IP address of my client system. and me.htt-consult.com replace with the fqdn of my repo server (this works just fine with a 'linux askmethod'). ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Implementing LVS changes made in Piranha GUI
On Thu, September 25, 2008 14:13, Barry Brimer wrote: > Is the service itself active? > > Do you have a line above these that says something like: > > virtual example.com { > active = 1 Yes; and it shows as active in Piranha, too, and nannys got started for the three real servers. It just didn't tell ipvs to actually route to them. -- David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/ Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/ Photos: http://dd-b.net/photography/gallery/ Dragaera: http://dragaera.info ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: DKIM
on 9-25-2008 11:43 AM John Hinton spake the following: Toby Bluhm wrote: Scott Silva wrote: . . . A "one stop shop" on everything CentOS. I like that approach better. A new list for email only would probably lead to email threads on *both* lists, users being reminded to take the discussion to the other list, etc. My point is we go unhelped by CentOS. There is no way I'm going to post mail issues to this list. And this list would become unusable if we started this. Talking about spam filters, milters and on and on and on. Look what just happened. One single very simple question of the thousands to be dealt with and the thread went crazy... at which point it was suggested that we end this thread. So, basically, posts about 'all' things email are NOT welcomed on this list and should not be. John Hinton Posts about sendmail would go on the sendmail list, postfix on that list. Exim has a list, everyone has a list. The DKIM thread went out of control when anger and hurt feelings came into play. It started OK with opinions on whether DKIM is necessary or not, and crashed and burned soon after. If the message said something like, "I'm having trouble installing dkim-milter on CentOS", that would be answered after some requests for information. When you ask opinions on a mailing list, you will probably get a different one with every response. If you are having mail issues, it is mostly related to your MTA and would go on their list. If you are using a binding software like Mailscanner or Amavis, you would start on their list. If you want one place to get all your answers, you will probably have to pay for a support contract somewhere. A list just for mail issues would still probably get ignored because there will be many less members. The ones that would join would be the people in trouble. It will look like the Ubuntu lists... many unanswered pleas for help, or answers from others that hacked their way through it and now think they are experts. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Implementing LVS changes made in Piranha GUI
Quoting David Dyer-Bennet <[EMAIL PROTECTED]>: > Every time I touch something, pieces fall off! It's a good thing this > stuff isn't in production yet (for me I mean). > > So I had an LVS, configured with Piranha, directing http test transactions > across two servers. I used Piranha to add another realserver. It > appeared in the lvs.cf file, but didn't appear in the ipvsadm output. So > I stopped and restarted Pulse. And now *none* of the servers appear in > the ipvsadm output. Pulse says it started clean, and nothing in the > syslog. The gratuitous arp gets made, and the correct IPs are assigned to > the correct interfaces. > > [EMAIL PROTECTED] ~]$ sudo ipvsadm > IP Virtual Server version 1.2.1 (size=4096) > Prot LocalAddress:Port Scheduler Flags > -> RemoteAddress:Port Forward Weight ActiveConn InActConn > TCP prcvmod01.pinerivercapital.l wlc > > That's the write service name (the ".l" at the end is ".local" truncated). > WLC is the right scheduling mode. But no remote addresses are listed. > > In lvs.cf, there are multiple servers present: > server vl31 { > address = 172.17.3.1 > active = 1 > weight = 2 > } > server vw32 { > address = 172.17.3.2 > active = 1 > weight = 2 > } > server vl41 { > address = 172.17.4.1 > active = 1 > weight = 4 > } Is the service itself active? Do you have a line above these that says something like: virtual example.com { active = 1 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Implementing LVS changes made in Piranha GUI
Every time I touch something, pieces fall off! It's a good thing this stuff isn't in production yet (for me I mean). So I had an LVS, configured with Piranha, directing http test transactions across two servers. I used Piranha to add another realserver. It appeared in the lvs.cf file, but didn't appear in the ipvsadm output. So I stopped and restarted Pulse. And now *none* of the servers appear in the ipvsadm output. Pulse says it started clean, and nothing in the syslog. The gratuitous arp gets made, and the correct IPs are assigned to the correct interfaces. [EMAIL PROTECTED] ~]$ sudo ipvsadm IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP prcvmod01.pinerivercapital.l wlc That's the write service name (the ".l" at the end is ".local" truncated). WLC is the right scheduling mode. But no remote addresses are listed. In lvs.cf, there are multiple servers present: server vl31 { address = 172.17.3.1 active = 1 weight = 2 } server vw32 { address = 172.17.3.2 active = 1 weight = 2 } server vl41 { address = 172.17.4.1 active = 1 weight = 4 } -- David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/ Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/ Photos: http://dd-b.net/photography/gallery/ Dragaera: http://dragaera.info ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: DKIM
John R Pierce wrote: Les Mikesell wrote: Mail isn't supposed to be rejected for this, but some places probably do. A more correct approach is to have one name with the A record and the matching ptr and make all of the other names CNAMEs. no, no, no! CNAMES are discouraged as they create additional work for everyone else's DNS servers. Is there an RFC to that effect? I didn't realize DNS lookups were a scarce resource. the only time its proper to use a CNAME is when you are referencing a host on someone else's network who's addressing and management is beyond your control and you won't get notifications if its changing. I suppose something like this is overkill, though... Non-authoritative answer: www.redhat.com canonical name = www.redhat.com.edgekey.net. www.redhat.com.edgekey.net canonical name = www.redhat.com.edgekey.net.globalredir.akadns.net. www.redhat.com.edgekey.net.globalredir.akadns.net canonical name = e86.b.akamaiedge.net. Name: e86.b.akamaiedge.net Address: 64.215.167.112 for email, all the various domains should have MX records with the mail server's "true" name. MX records don't have much to do with the system sending mail. -- Les Mikesell [EMAIL PROTECTED] ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] "Treason uncloaked!"
On Thu, 25 Sep 2008 11:30:36 -0700 John R Pierce <[EMAIL PROTECTED]> wrote: > they come from random IPs all over the place. further, the port they > are sent to is a shoutcast service port, so I can't exactly block that. A place to start: http://www.cymru.com/Documents/bogon-list.html -- MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com DRY CLEANER BUSINESS FOR SALE ~ http://www.canadadrycleanerforsale.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: vncviwer in listen mode poer number
Scott Silva wrote: on 9-25-2008 10:55 AM Robert Moskowitz spake the following: I am working on the Centos wiki instructions for doing an install via vnc: http://wiki.centos.org/TipsAndTricks/VncHeadlessInstall CD is all burned and ready to go. I then thought about the viewer settings particularly the port number and firewall rules. When I connect vncviewer to a vncserver it uses port(s) 590n where n is the display number. OK, is that what happens when a server connects back to a -listen viewer? No Seems not. According to the man page, it seems the default is port 5500, so I have to open up this port on the 'client' system and of course allow it through my internal firewall (or put the install system on the same subnet as the client and not the one with the repo server). Do I have this figured out right? Yes. Port 5500 is the correct one, and you might need to also have access to port 5900 on the new install machine just in case you get disconnected. Then you can re-connect and finish. Oh course, I will have to know its dhcp leased address, but not so hard, only 2 such on that subnet. I don't know if I would be comfortable installing over the internet with VNC since it is clear-text, but I guess it would be OK. I would change passwords on the new system after it is up just to feed my paranoia. Oh, all internal 'intra-nets'. I just have all of my production and lab nets connected to a firewall to control what goes on between them. Simple to add port 5500 to the vnc service definition. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: DKIM
Toby Bluhm wrote: Scott Silva wrote: . . . A "one stop shop" on everything CentOS. I like that approach better. A new list for email only would probably lead to email threads on *both* lists, users being reminded to take the discussion to the other list, etc. My point is we go unhelped by CentOS. There is no way I'm going to post mail issues to this list. And this list would become unusable if we started this. Talking about spam filters, milters and on and on and on. Look what just happened. One single very simple question of the thousands to be dealt with and the thread went crazy... at which point it was suggested that we end this thread. So, basically, posts about 'all' things email are NOT welcomed on this list and should not be. John Hinton ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] "Treason uncloaked!"
On Thu, Sep 25, 2008 at 5:15 AM, John R Pierce <[EMAIL PROTECTED]> wrote: > got a centos5.2 web/database server thats on a public coloc, its dmesg fills > up with > > > TCP: Treason uncloaked! Peer 82.135.195.32:64905/8032 shrinks window > 354477433:354478918. Repaired. > TCP: Treason uncloaked! Peer 82.135.195.32:64905/8032 shrinks window > 354477433:354478918. Repaired. > TCP: Treason uncloaked! Peer 82.135.195.32:64905/8032 shrinks window > 354477433:354478918. Repaired. > TCP: Treason uncloaked! Peer 84.158.80.177:61931/8032 shrinks window > 3243223020:3243237180. Repaired. > TCP: Treason uncloaked! Peer 84.158.80.177:61931/8032 shrinks window > 3243227520:3243237180. Repaired. > TCP: Treason uncloaked! Peer 84.158.80.177:61931/8032 shrinks window > 3243232020:3243237180. Repaired. > > I know thats because of random bogosity coming in from the internet, and I > really don't care. can I suppress that from filling up the dmesg buffer so > I can see more important things like scsi soft errors? You can filter these messages to their own log when using rsyslog and its regex features. I'm not sure how much performance impact you'd take from it, but unless you're a really high-traffic site, it should be just fine. -- During times of universal deceit, telling the truth becomes a revolutionary act. George Orwell ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: vncviwer in listen mode poer number
on 9-25-2008 10:55 AM Robert Moskowitz spake the following: I am working on the Centos wiki instructions for doing an install via vnc: http://wiki.centos.org/TipsAndTricks/VncHeadlessInstall CD is all burned and ready to go. I then thought about the viewer settings particularly the port number and firewall rules. When I connect vncviewer to a vncserver it uses port(s) 590n where n is the display number. OK, is that what happens when a server connects back to a -listen viewer? No Seems not. According to the man page, it seems the default is port 5500, so I have to open up this port on the 'client' system and of course allow it through my internal firewall (or put the install system on the same subnet as the client and not the one with the repo server). Do I have this figured out right? Yes. Port 5500 is the correct one, and you might need to also have access to port 5900 on the new install machine just in case you get disconnected. Then you can re-connect and finish. I don't know if I would be comfortable installing over the internet with VNC since it is clear-text, but I guess it would be OK. I would change passwords on the new system after it is up just to feed my paranoia. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] "Treason uncloaked!"
Frank Cox wrote: On Thu, 25 Sep 2008 02:15:01 -0700 John R Pierce <[EMAIL PROTECTED]> wrote: I know thats because of random bogosity coming in from the internet, and I really don't care. can I suppress that from filling up the dmesg buffer so I can see more important things like scsi soft errors? Block the ip addresses where it's coming from with iptables or something. they come from random IPs all over the place. further, the port they are sent to is a shoutcast service port, so I can't exactly block that. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: "Treason uncloaked!"
On Thu, 25 Sep 2008 11:22:24 -0700 Scott Silva <[EMAIL PROTECTED]> wrote: > Don't you love some of the more "interesting" messages from the kernel? While amusing, if you read up a bit on what the error message is actually telling you, you will find that it really is a pretty good short-form description of the issue. -- MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com DRY CLEANER BUSINESS FOR SALE ~ http://www.canadadrycleanerforsale.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: DKIM
Les Mikesell wrote: Mail isn't supposed to be rejected for this, but some places probably do. A more correct approach is to have one name with the A record and the matching ptr and make all of the other names CNAMEs. no, no, no! CNAMES are discouraged as they create additional work for everyone else's DNS servers. the only time its proper to use a CNAME is when you are referencing a host on someone else's network who's addressing and management is beyond your control and you won't get notifications if its changing. for email, all the various domains should have MX records with the mail server's "true" name. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: "Treason uncloaked!"
on 9-25-2008 2:15 AM John R Pierce spake the following: got a centos5.2 web/database server thats on a public coloc, its dmesg fills up with TCP: Treason uncloaked! Peer 82.135.195.32:64905/8032 shrinks window 354477433:354478918. Repaired. TCP: Treason uncloaked! Peer 82.135.195.32:64905/8032 shrinks window 354477433:354478918. Repaired. TCP: Treason uncloaked! Peer 82.135.195.32:64905/8032 shrinks window 354477433:354478918. Repaired. TCP: Treason uncloaked! Peer 84.158.80.177:61931/8032 shrinks window 3243223020:3243237180. Repaired. TCP: Treason uncloaked! Peer 84.158.80.177:61931/8032 shrinks window 3243227520:3243237180. Repaired. TCP: Treason uncloaked! Peer 84.158.80.177:61931/8032 shrinks window 3243232020:3243237180. Repaired. I know thats because of random bogosity coming in from the internet, and I really don't care. can I suppress that from filling up the dmesg buffer so I can see more important things like scsi soft errors? Don't you love some of the more "interesting" messages from the kernel? I'm surprised they didn't use "Here be dragons"! -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: DKIM
Ralph Angenendt wrote: Your problem - if you actually want to solve it instead of tossing the blame to others like yahoo is... # host mail.creativeprogramdesigners.com mail.creativeprogramdesigners.com has address 72.35.68.58 # host 72.35.68.58 58.68.35.72.in-addr.arpa domain name pointer creativeprogramdesigners.com. the forward doesn't match the reverse - it's that simple. Why not just fix it? Because it is *NOT* needed. I have several machines which have lots of A records for just one ip address. But only one name when I do a reverse lookup. Anyone checking for that shouldn't be allowed to receive mail. Mail isn't supposed to be rejected for this, but some places probably do. A more correct approach is to have one name with the A record and the matching ptr and make all of the other names CNAMEs. -- Les Mikesell [EMAIL PROTECTED] ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: DKIM
Scott Silva wrote: . . . A "one stop shop" on everything CentOS. I like that approach better. A new list for email only would probably lead to email threads on *both* lists, users being reminded to take the discussion to the other list, etc. -- Toby Bluhm Alltech Medical Systems America, Inc. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Re: DKIM
> > Karanbir Singh wrote: > >> Toby Bluhm wrote: > >>> BTW - very informative thread. > >>> > >> > >> I wonder if someone might take the bits of info in this thread and > >> put it into a wiki page around Mail Servers and perhaps > start a best > >> practices section... > >> >From hotmail, thought this would be helpful to the thread...or the wiki. Rep actually mentions the program they use. Hello Bob, My name is Anja from Windows Live Hotmail Domain Support. I understand that you have changed the servers you are sending your mail from and now messages are being delivered to the Junk Mail Folder in Hotmail accounts. I have investigated the IPs that you have mentioned and only see connections from the IPs 72.35.68.58 and 72.35.68.61. For today, we do see filtering only on the IP 72.35.68.61. ( I only tested from a few virtualhosts on hotmail, some got through no problem.) Hotmail bases its spam rating on the content of a message and the reputation of the sending IP address. When an IP is new, it will not have built a reputation yet. Therefore, it may happen that it is filtered more severely than a well used IP with a good reputation. However, if you keep following the industry best practices a good reputation will be built quickly and filtering will stop. (reputationtakes time) We may be able to help you over the beginning issues that you are experiencing, however, before we can do that we would like you to publish SPF records for each of your sending domains. This technology allows SmartScreen to better track emails from your IP, weeding out spoofed messages. In turn, this will help to improve the reputation of your IP address. You can find additional information on creating SPF records at http://www.microsoft.com/senderid. We have also published a document on email delivery at http://www.microsoft.com/postmaster. (microsoft uses a different standard thqn regular spf, spf/pra or something like that. Where yahoo wants domain keys, google wants regular spf...again, all about time for new ip addresses, even if you have these things) Once you have published SPF records for all your sending domains, please contact us again and we will further investigate the issue. Best regards, Anja Windows Live Hotmail Domain Support ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] fix firefox?
On Thu, Sep 25, 2008 at 10:14 AM, Karanbir Singh <[EMAIL PROTECTED]> wrote: > > My mistake. I did fix it immediately, but it takes 30 min or so for the > changes to filter through. > > What happened : > > the xulrunner and xulrunner-devel multilib pkgset missed the update, and the > metadata update got run from the script. I realised it immediate and reran > the script - but by that time the first set of mirrors had already done the > sync ( it takes about 10 min for the script to run ). > > Give it an hour, then try again - it should work as expected. All is well again. Thanks. Akemi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] vncviwer in listen mode poer number
I am working on the Centos wiki instructions for doing an install via vnc: http://wiki.centos.org/TipsAndTricks/VncHeadlessInstall CD is all burned and ready to go. I then thought about the viewer settings particularly the port number and firewall rules. When I connect vncviewer to a vncserver it uses port(s) 590n where n is the display number. OK, is that what happens when a server connects back to a -listen viewer? Seems not. According to the man page, it seems the default is port 5500, so I have to open up this port on the 'client' system and of course allow it through my internal firewall (or put the install system on the same subnet as the client and not the one with the repo server). Do I this figured out right? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] "Treason uncloaked!"
On Thu, 25 Sep 2008 02:15:01 -0700 John R Pierce <[EMAIL PROTECTED]> wrote: > I know thats because of random bogosity coming in from the internet, and > I really don't care. can I suppress that from filling up the dmesg > buffer so I can see more important things like scsi soft errors? Block the ip addresses where it's coming from with iptables or something. -- MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com DRY CLEANER BUSINESS FOR SALE ~ http://www.canadadrycleanerforsale.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] yum
Mad Unix wrote: Transaction Check Error: file /usr/bin/xulrunner from install of xulrunner-1.9.0.2-5.el5 conflicts with file from package xulrunner-1.9.0.1-1.el5_2 yum clean metadata; then try again . - KB ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] yum
How to solve this issue? [EMAIL PROTECTED] rescue]# yum update xulrunner Loading "fastestmirror" plugin Loading mirror speeds from cached hostfile * base: mirror.silyus.net * updates: mirror.silyus.net * addons: mirror.silyus.net * extras: mirror.silyus.net Setting up Update Process Resolving Dependencies --> Running transaction check ---> Package xulrunner.x86_64 0:1.9.0.2-5.el5 set to be updated --> Finished Dependency Resolution Dependencies Resolved = Package Arch Version RepositorySize = Updating: xulrunner x86_64 1.9.0.2-5.el5updates10 M Transaction Summary = Install 0 Package(s) Update 1 Package(s) Remove 0 Package(s) Total download size: 10 M Is this ok [y/N]: y Downloading Packages: Running rpm_check_debug Running Transaction Test Finished Transaction Test Transaction Check Error: file /usr/bin/xulrunner from install of xulrunner-1.9.0.2-5.el5 conflicts with file from package xulrunner-1.9.0.1-1.el5_2 Error Summary - ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: DKIM
on 9-25-2008 9:58 AM John Hinton spake the following: Karanbir Singh wrote: Toby Bluhm wrote: BTW - very informative thread. I wonder if someone might take the bits of info in this thread and put it into a wiki page around Mail Servers and perhaps start a best practices section... Would http://wiki.centos.org/HowTos#head-49a3d6a9a0c95cff0676b0209eae985780e41678 be a good place to consolidate under ? This has been an excellent thread. Yet this thread has been only one tiny aspect of good email practices. Yet many folks 'respectfully' did not understand a lot that was corrected in several of the posts in just this one very basic aspect of email. This leads me to ask for a CentOS mailing list for email For webserver/mailserver admins, it seems that email is by far the largest issue, spanning everything from DNS to server loads to choosing (and the configuration of) many applications... some not upstream packages. It's easy to get into a mess and not have a good way back to the base. MailScanner comes to mind. Great software, but dependency hell. I found that I could have used many Perl packages from the Dag repo instead of how MailScanner chose to do its install. This resulted in a much cleaner install with regards to package management. If there had been a CentOS email, mailing list, much of this could have been headed off and perhaps more wiki's would spring out of it? Yet again, the above is just one other tiny aspect of reliable email service on a CentOS server. When I go off to other software and to their mailing list, the answers are more about 'how to get it to work' instead of 'how to get it to best co-exist within CentOS'. In fact, many hate rpm and insist on totally sidestepping it. Yes, sometimes it's a PITA, but most of the time staying within upstream keeps me out of trouble which is why I guess most of us are using CentOS in the first place. This was what led to my thought for a CentOS specific mailing list for email. Yes, there is a huge amount of data out there, just like this thread. But these types of threads clog a general list and I've always hesitated to post any email issues here. Yet, it is extremely difficult to drill down a search to the good information with regards to CentOS specific help or good practices with regards to email. Google anyway you want you either miss what's good or get way the heck to much information that is not helpful to CentOS, in spite of using CentOS as a part of the search yes, even in quotes. And, on a list like this you get to know who to trust. General searches often times yield idiotic suggestions or old practices. The target is constantly moving. Large providers are constantly making 'new rules'. My clients don't care, they just want to be able to send an email to their clients no matter the receiving system. So I again ask for this list... I wonder how many feel that it would be worth the trouble? But I don't really want to ask anything more of the CentOS team, as they are IMO doing plenty right now. I am very appreciative. John Hinton Then others would want a list for the LAMP stack. Then a directory server list. And then ... etc. If we all just try and keep on topic and not get our undies bunched up when we read something we don't like, or just take the argument off list until things cool down, this list is more than adequate. A "one stop shop" on everything CentOS. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] fix firefox?
Paul Bijnens wrote: yum install firefox.i386 it pulls in xulrunner as well, but two different versions for two different architectures (???): My mistake. I did fix it immediately, but it takes 30 min or so for the changes to filter through. What happened : the xulrunner and xulrunner-devel multilib pkgset missed the update, and the metadata update got run from the script. I realised it immediate and reran the script - but by that time the first set of mirrors had already done the sync ( it takes about 10 min for the script to run ). Give it an hour, then try again - it should work as expected. I've also put in a check to make sure this does not happen again. - KB ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: DKIM
Karanbir Singh wrote: Toby Bluhm wrote: BTW - very informative thread. I wonder if someone might take the bits of info in this thread and put it into a wiki page around Mail Servers and perhaps start a best practices section... Would http://wiki.centos.org/HowTos#head-49a3d6a9a0c95cff0676b0209eae985780e41678 be a good place to consolidate under ? This has been an excellent thread. Yet this thread has been only one tiny aspect of good email practices. Yet many folks 'respectfully' did not understand a lot that was corrected in several of the posts in just this one very basic aspect of email. This leads me to ask for a CentOS mailing list for email For webserver/mailserver admins, it seems that email is by far the largest issue, spanning everything from DNS to server loads to choosing (and the configuration of) many applications... some not upstream packages. It's easy to get into a mess and not have a good way back to the base. MailScanner comes to mind. Great software, but dependency hell. I found that I could have used many Perl packages from the Dag repo instead of how MailScanner chose to do its install. This resulted in a much cleaner install with regards to package management. If there had been a CentOS email, mailing list, much of this could have been headed off and perhaps more wiki's would spring out of it? Yet again, the above is just one other tiny aspect of reliable email service on a CentOS server. When I go off to other software and to their mailing list, the answers are more about 'how to get it to work' instead of 'how to get it to best co-exist within CentOS'. In fact, many hate rpm and insist on totally sidestepping it. Yes, sometimes it's a PITA, but most of the time staying within upstream keeps me out of trouble which is why I guess most of us are using CentOS in the first place. This was what led to my thought for a CentOS specific mailing list for email. Yes, there is a huge amount of data out there, just like this thread. But these types of threads clog a general list and I've always hesitated to post any email issues here. Yet, it is extremely difficult to drill down a search to the good information with regards to CentOS specific help or good practices with regards to email. Google anyway you want you either miss what's good or get way the heck to much information that is not helpful to CentOS, in spite of using CentOS as a part of the search yes, even in quotes. And, on a list like this you get to know who to trust. General searches often times yield idiotic suggestions or old practices. The target is constantly moving. Large providers are constantly making 'new rules'. My clients don't care, they just want to be able to send an email to their clients no matter the receiving system. So I again ask for this list... I wonder how many feel that it would be worth the trouble? But I don't really want to ask anything more of the CentOS team, as they are IMO doing plenty right now. I am very appreciative. John Hinton ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] DKIM
On Thu, Sep 25, 2008, Kai Schaetzl wrote: >Ralph Angenendt wrote on Wed, 24 Sep 2008 20:23:50 +0200: > >> That's supposed to help with what regarding his problem? > >Hotmail seems to delete all mail from domains without SPF if it's not >coming from the MX. Yahoo might be doing the same. I don't think this is the case as we host several Mailman mailing lists with hotmail and yahoo subscribers, don't have SPF, and would *NEVER* send mail from an MX IP (they're for receiving mail, not sending it). Where the same machine is receiving messages as an MX, we configure postfix to listen on the MX IP address and send on a different IP. We also have postfix configured to reject e-mail from servers that announce themselves as one of our MX servers in HELO/EHLO as that is guaranteed to be a spammer. Checking one of these lists, I see quite a few hotmail and yahoo addresses, all of which are getting mail from our server on a regular basis. Many of the large ISPs (e.g. AOL, Road Runner, etc.) have feedback loops where one can sign up, providing an e-mail address to address their customer's complaints, and a list of e-mail servers from which your domain's mail originates. The ISP will send notifications when their customer hits the ``this is spam'' button. In the case of AOL, this notification includes the message with the recipient's address redactied, and they expect you to cease sending messages to that address. This requires that one use VERP so that each outgoing message has the recipient address somewhat munged in the headers so it's possible to identify the correct address to remove. We are on the AOL feedback, but not on hotmail or yahoo so they're not accepting mail from our servers based on signing up for the feedback. Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way Voice: (206) 236-1676 Mercer Island, WA 98040-0820 Fax:(206) 232-9186 Microsoft is to computers what Phillip Morris is to lungs. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] fix firefox?
On Thu, Sep 25, 2008 at 9:11 AM, Paul Bijnens <[EMAIL PROTECTED]> wrote: > > Today came the update for firefox 3.0.2. > > So I did "yum update". The depencies included xulrunner and devhelp. > > However, yum complained about a conflict between xulrunner 1.9.0.1 > being incompatible. So I erased xulrunner first (yum erase xulrunner). > > And then installed firefox again: > > yum install firefox.i386 > > it pulls in xulrunner as well, but two different versions for two different > architectures (???): > > = > Package Arch Version RepositorySize > = > Installing: > firefox i386 3.0.2-3.el5.centos updates > 11 M > Installing for dependencies: > xulrunner x86_64 1.9.0.2-5.el5updates10 M > xulrunner i386 1.9.0.1-1.el5_2 updates10 M I see xulrunner-1.9.0.2-5.el5.i386.rpm in the i386 tree. Maybe, this should have been included in the x86_64 tree as well ? Akemi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] fix firefox?
I once had firefox x86_64 installed (because it was the default). But that one has problems with plugins (flash, java), which are much easily solved by using the i386 version. So I unstalled firefox, and installed it again using: yum install firefox.i386 This worked, and even the plugins worked fine afterwards. I did have some problems when uninstalling, because yum insisted on a whole load of dependencies going up to uninstalling the package 'firstboot' (wow!). However I can't remember the exact details anymore. I do not remember having to force anything; just reinstall a little bit more than I was expecting to. I do remember that after the erase/install, no particular problems were left and I used firefox since then without any problems. Today came the update for firefox 3.0.2. So I did "yum update". The depencies included xulrunner and devhelp. However, yum complained about a conflict between xulrunner 1.9.0.1 being incompatible. So I erased xulrunner first (yum erase xulrunner). And then installed firefox again: yum install firefox.i386 it pulls in xulrunner as well, but two different versions for two different architectures (???): = Package Arch Version RepositorySize = Installing: firefox i386 3.0.2-3.el5.centos updates11 M Installing for dependencies: xulrunner x86_64 1.9.0.2-5.el5updates10 M xulrunner i386 1.9.0.1-1.el5_2 updates10 M and afterwards firefox complains: $ firefox Could not find compatible GRE between version 1.9.0.2 and 1.9.0.2. Any idea how to fix the fox? -- Paul Bijnens, xplanation Technology ServicesTel +32 16 397.511 Technologielaan 21 bus 2, B-3001 Leuven, BELGIUMFax +32 16 397.512 http://www.xplanation.com/ email: [EMAIL PROTECTED] *** * I think I've got the hang of it now: exit, ^D, ^C, ^\, ^Z, ^Q, ^^, * * F6, quit, ZZ, :q, :q!, M-Z, ^X^C, logoff, logout, close, bye, /bye, * * stop, end, F3, ~., ^]c, +++ ATH, disconnect, halt, abort, hangup, * * PF4, F20, ^X^X, :D::D, KJOB, F14-f-e, F8-e, kill -1 $$, shutdown, * * init 0, kill -9 1, Alt-F4, Ctrl-Alt-Del, AltGr-NumLock, Stop-A, ... * * ... "Are you sure?" ... YES ... Phew ... I'm out * *** ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: DKIM
Toby Bluhm wrote: BTW - very informative thread. I wonder if someone might take the bits of info in this thread and put it into a wiki page around Mail Servers and perhaps start a best practices section... Would http://wiki.centos.org/HowTos#head-49a3d6a9a0c95cff0676b0209eae985780e41678 be a good place to consolidate under ? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: DKIM - Read Yahoo's FAQ
Scott Silva wrote: > An entry from localhost is very common on a webmail server. It shouldn't > break anything, it is just a relay. Enough time has been wasted on the DKIM thread so I'm not reading the main thread but what was Hoffman thinking looking up my headers on a webmail client? I'm not the one sending Yahoo email from a home server. Its crystal clear what needs to be done. Wait till he sends mail to AOL or Hotmail. Thanks, Josh. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: DKIM - Read Yahoo's FAQ
on 9-25-2008 5:21 AM Bob Hoffman spake the following: Josh wrote Agreed! Its amazing to see the childishness of not being able to get one's server in order, ignoring Yahoo's FAQ's and then this kind of BS. Looking at the headers of the mail you have just sent from a yahoo client you have not followed to the letter Yahoo's requirements 4-7. 4- consistent headers- there is nothing wrong with the headers. ...check. 5- can spam act..went there, nothing in my headers or mail suggests it ..check 6- mail authentication- no domain keys here, yahoo does not require except for bulk mailings, as per their faqs, spf and dkim taken off as useless and mail breaking. 7- reverse dns- not a dynamic ip...check. So...we agree to disagree that each thinks the other does not know what is happening. Lets leave it at that. Although your email headers have issues.might want to look into that localhost 127.0.0.1 thing. That is a red flag. All those different mailservers from the same domain. Golly. Received: from n27.bullet.mail.ukl.yahoo.com (n27.bullet.mail.ukl.yahoo.com [87.248.110.144]) Received: from [217.146.182.177] by n27.bullet.mail.ukl.yahoo.com with NNFMP; 25 Sep 2008 12:07:03 - Received: from [87.248.110.117] by t3.bullet.ukl.yahoo.com with NNFMP; 25 Sep 2008 12:07:03 - Received: from [127.0.0.1] by omp222.mail.ukl.yahoo.com with NNFMP; 25 Sep 2008 12:07:03 - Received: from [79.65.135.77] by web28215.mail.ukl.yahoo.com via HTTP; Thu, 25 Sep 2008 12:07:03 GMT X-Mailer: YahooMailWebService/0.7.218.2 From: Josh Donovan <[EMAIL PROTECTED]> An entry from localhost is very common on a webmail server. It shouldn't break anything, it is just a relay. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] DKIM
Kai Schaetzl wrote: Ralph Angenendt wrote on Wed, 24 Sep 2008 20:23:50 +0200: That's supposed to help with what regarding his problem? Hotmail seems to delete all mail from domains without SPF if it's not coming from the MX. Yahoo might be doing the same. oh please no. hotmail don't delete my mail and I don't have an SPF record. no do yahoo/gmail. and this was before I implemented DKIM. and I've recently worked for a project where SPF didn't help with hotmail (delivery from an old server was ok, so we had to keep relaying to hotmail via the old server). all the gorillas have complex filtering methods. An important part of this is the reputation of the sending IP. In particular: - if you inherit an IP with a bad reputation, don't be surprised to start with a bad reputation. - if you get a new IP for your domain, be ready to get "ignored". the default for a new IP is "this is probably not a mail server". you'll have to do some work to move to "this may be a mail server". - if your IP is in a range and your IP is unknown, then you inherit the range reputation. This should be clear, whether you think it's good or not. - if your range is unknown (no reputation data), the reputation is computed automatically. A range where a lot of IPs are "unknown" will get a bad reputation. A range where a lot of IPs "look dynamic" will get a bad reputation. the common "I am innocent until proven guilty" doesn't apply here. sure, you're innocent and I am not going to put you in jail. but I am not going to let you in if "I don't feel it". ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Re: DKIM
> > Karanbir post was brief and to the point. yours is a personal attack. > Even if Bob missed your excellent recommendation, there is no > reason to get mad. > ___ I gotta agree that we need to close this thread. It seems whether a mailing list or a forum thread that lasts too long starts going off topic and gets personal. It is very easy to misinterpret what someone meant to say, either in jest or authority. And as it grows, the original need is lost. The originail need was Do you use dkim and how did you implement it? I think we found that DKIM is optional and not a realy need. On top of it we found, with argument, that spf is needed, but can cause mail problems. Lets just end it. I think a lot of good information came out of it and a lot of people with different knowledge areas all inputted. Karanbir said lets drop it, so lets drop it. No one meant to offend anyone, but it is not helping anymore. I will check out spf in full, and not use dkim. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: DKIM
Josh Donovan wrote: Karanbir Singh wrote: Bob Hoffman wrote: Yeato hell with yahoo. I will just make all members use a different email service. Aint worth the effort. I think this conversation is at a point where it would make more sense on a yahoo / email specific list. Agreed! Its amazing to see the childishness of not being able to get one's server in order, ignoring Yahoo's FAQ's and then this kind of BS. Karanbir post was brief and to the point. yours is a personal attack. Even if Bob missed your excellent recommendation, there is no reason to get mad. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: DKIM
mouss wrote: . . . I don't like Josh mail, yours is worst. I dunno about that. I mean after a long thread where you try to make sure you are doing the right thing on your end before going upstream to complain, you get to be called childish, ignorant and full of BS. I'd be pissed too. BTW - very informative thread. -- Toby Bluhm Alltech Medical Systems America, Inc. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: DKIM
Bob Hoffman wrote: I think this conversation is at a point where it would make more sense on a yahoo / email specific list. Agreed! Its amazing to see the childishness of not being able to get one's server in order, ignoring Yahoo's FAQ's and then this kind of BS. Thanks, Josh. Um, no one has ignored yahoos mail practices. My server is set up correctly. I even took the step of adding spf. I talked to others with the same issue that use dkim It is still grey listed. After talking with yahoo, they indicate the change of ip addresses/server/hostname as main indicator. They asked for the old and the new ips, server, hostname to verify. But of course you do not read. So, you can stick your childishness up you arse and kiss mine while you are at it. this is really inappropriate. many people here have tried to help you with what is really _your_ problem and is clearly off topic here. while I don't like Josh mail, yours is worst. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] DKIM
mouss wrote: Andrew Norris wrote: Or am I missing something? "double lookup" is IP -> name -> IP. you don't do name -> IP -> name. Ok, I guess I've always thought about it backwards. Thanks for setting me straight. -- Andrew Norris Systems Administrator Locus Telecommunications [EMAIL PROTECTED] (201)-947-2807 ext. 1135 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Proxy with no cache
Sergio Belkin wrote: > From: Sergio Belkin <[EMAIL PROTECTED]> > Subject: [CentOS] Proxy with no cache > To: "CentOS mailing list" > Date: Wednesday, 3 September, 2008, 2:53 PM > Hi, > I'd want to install a proxy server but I no need > cache, what software > do you recommend me? > > thanks in advance! >From the Squid FAQ Q : Can I make Squid proxy only, without caching anything? A Sure, there are few things you can do. You can use the cache access list to make Squid never cache any response: acl all src all cache deny all http://wiki.squid-cache.org/SquidFaq/ConfiguringSquid#head-c1da1b7113875d4bb84170e3de291298cb1be7f3 Thanks, Josh. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Re: DKIM - Read Yahoo's FAQ
Josh wrote >Agreed! Its amazing to see the childishness of not being >able to get one's server in order, ignoring Yahoo's >FAQ's and then this kind of BS. > > Looking at the headers of the mail you have just sent from a > yahoo client you have not followed to the letter Yahoo's > requirements 4-7. 4- consistent headers- there is nothing wrong with the headers. ...check. 5- can spam act..went there, nothing in my headers or mail suggests it ..check 6- mail authentication- no domain keys here, yahoo does not require except for bulk mailings, as per their faqs, spf and dkim taken off as useless and mail breaking. 7- reverse dns- not a dynamic ip...check. So...we agree to disagree that each thinks the other does not know what is happening. Lets leave it at that. Although your email headers have issues.might want to look into that localhost 127.0.0.1 thing. That is a red flag. All those different mailservers from the same domain. Golly. Received: from n27.bullet.mail.ukl.yahoo.com (n27.bullet.mail.ukl.yahoo.com [87.248.110.144]) Received: from [217.146.182.177] by n27.bullet.mail.ukl.yahoo.com with NNFMP; 25 Sep 2008 12:07:03 - Received: from [87.248.110.117] by t3.bullet.ukl.yahoo.com with NNFMP; 25 Sep 2008 12:07:03 - Received: from [127.0.0.1] by omp222.mail.ukl.yahoo.com with NNFMP; 25 Sep 2008 12:07:03 - Received: from [79.65.135.77] by web28215.mail.ukl.yahoo.com via HTTP; Thu, 25 Sep 2008 12:07:03 GMT X-Mailer: YahooMailWebService/0.7.218.2 From: Josh Donovan <[EMAIL PROTECTED]> ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Re: DKIM - Read Yahoo's FAQ
Bob Hoffman wrote: > Um, no one has ignored yahoos mail practices. > My server is set up correctly. > I even took the step of adding spf. > I talked to others with the same issue that use dkim > It is still grey listed. > > After talking with yahoo, they indicate the change of ip > addresses/server/hostname as main indicator. > They asked for the old and the new ips, server, hostname to > verify. > > But of course you do not read. > > So, you can stick your childishness up you arse and kiss > mine while you are > at it. Looking at the headers of the mail you have just sent from a yahoo client you have not followed to the letter Yahoo's requirements 4-7. http://lists.centos.org/pipermail/centos/2008-September/065243.html Feel free to use the Contact Yahoo Customer Care button below the FAQ. Stop being belligerent on a public mailing list. People have issues other than Yahoo mail to discuss. Thanks, Josh. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS-announce Digest, Vol 43, Issue 11
Send CentOS-announce mailing list submissions to [EMAIL PROTECTED] To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to [EMAIL PROTECTED] You can reach the person managing the list at [EMAIL PROTECTED] When replying, please edit your Subject line so it is more specific than "Re: Contents of CentOS-announce digest..." Today's Topics: 1. CESA-2008:0882 Critical CentOS 4 i386 seamonkey Update (Johnny Hughes) 2. CESA-2008:0882 Critical CentOS 4 x86_64 seamonkey Update (Johnny Hughes) 3. CESA-2008:0879 Critical CentOS 4 i386 firefox Update (Johnny Hughes) 4. CESA-2008:0879 Critical CentOS 4 x86_64 firefox Update (Johnny Hughes) 5. CESA-2008:0882 Critical CentOS 3 i386 seamonkey - security update (Tru Huynh) 6. CESA-2008:0882 Critical CentOS 3 x86_64 seamonkey - security update (Tru Huynh) 7. CESA-2008:0882-01: Critical CentOS 2 i386 seamonkey security update (John Newbigin) -- Message: 1 Date: Wed, 24 Sep 2008 09:22:25 -0500 From: Johnny Hughes <[EMAIL PROTECTED]> Subject: [CentOS-announce] CESA-2008:0882 Critical CentOS 4 i386 seamonkey Update To: CentOS-Announce <[EMAIL PROTECTED]> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="iso-8859-1" CentOS Errata and Security Advisory 2008:0882 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2008-0882.html The following updated files have been uploaded and are currently syncing to the mirrors: i386: seamonkey-1.0.9-26.el4.centos.i386.rpm seamonkey-chat-1.0.9-26.el4.centos.i386.rpm seamonkey-devel-1.0.9-26.el4.centos.i386.rpm seamonkey-dom-inspector-1.0.9-26.el4.centos.i386.rpm seamonkey-js-debugger-1.0.9-26.el4.centos.i386.rpm seamonkey-mail-1.0.9-26.el4.centos.i386.rpm src: seamonkey-1.0.9-26.el4.centos.src.rpm -- next part -- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 251 bytes Desc: OpenPGP digital signature Url : http://lists.centos.org/pipermail/centos-announce/attachments/20080924/025163a5/signature-0001.bin -- Message: 2 Date: Wed, 24 Sep 2008 09:22:31 -0500 From: Johnny Hughes <[EMAIL PROTECTED]> Subject: [CentOS-announce] CESA-2008:0882 Critical CentOS 4 x86_64 seamonkey Update To: CentOS-Announce <[EMAIL PROTECTED]> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="iso-8859-1" CentOS Errata and Security Advisory 2008:0882 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2008-0882.html The following updated files have been uploaded and are currently syncing to the mirrors: x86_64: seamonkey-1.0.9-26.el4.centos.x86_64.rpm seamonkey-chat-1.0.9-26.el4.centos.x86_64.rpm seamonkey-devel-1.0.9-26.el4.centos.x86_64.rpm seamonkey-dom-inspector-1.0.9-26.el4.centos.x86_64.rpm seamonkey-js-debugger-1.0.9-26.el4.centos.x86_64.rpm seamonkey-mail-1.0.9-26.el4.centos.x86_64.rpm src: seamonkey-1.0.9-26.el4.centos.src.rpm -- next part -- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 251 bytes Desc: OpenPGP digital signature Url : http://lists.centos.org/pipermail/centos-announce/attachments/20080924/c9493bf0/signature-0001.bin -- Message: 3 Date: Wed, 24 Sep 2008 09:24:39 -0500 From: Johnny Hughes <[EMAIL PROTECTED]> Subject: [CentOS-announce] CESA-2008:0879 Critical CentOS 4 i386 firefox Update To: CentOS-Announce <[EMAIL PROTECTED]> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="iso-8859-1" CentOS Errata and Security Advisory 2008:0879 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2008-0879.html The following updated files have been uploaded and are currently syncing to the mirrors: i386: devhelp-0.10-0.10.el4.i386.rpm devhelp-devel-0.10-0.10.el4.i386.rpm firefox-3.0.2-3.el4.centos.i386.rpm src: devhelp-0.10-0.10.el4.src.rpm firefox-3.0.2-3.el4.centos.src.rpm -- next part -- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 251 bytes Desc: OpenPGP digital signature Url : http://lists.centos.org/pipermail/centos-announce/attachments/20080924/689f704f/signature-0001.bin -- Message: 4 Date: Wed, 24 Sep 2008 09:24:46 -0500 From: Johnny Hughes <[EMAIL PROTECTED]> Subject: [CentOS-announce] CESA-2008:0879 Critical CentOS 4 x86_64 firefox Update To: CentOS-Announce <[EMAIL PROTECTED]> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="iso-8859-1" CentOS Errata and Security Advisory 2008:0879 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2008-0879.html The following up
RE: [CentOS] Re: DKIM
> > > > I think this conversation is at a point where it would make > more sense > > on a yahoo / email specific list. > > Agreed! Its amazing to see the childishness of not being able > to get one's server in order, ignoring Yahoo's FAQ's and then > this kind of BS. > > Thanks, > Josh. > Um, no one has ignored yahoos mail practices. My server is set up correctly. I even took the step of adding spf. I talked to others with the same issue that use dkim It is still grey listed. After talking with yahoo, they indicate the change of ip addresses/server/hostname as main indicator. They asked for the old and the new ips, server, hostname to verify. But of course you do not read. So, you can stick your childishness up you arse and kiss mine while you are at it. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: DKIM
Karanbir Singh wrote: > Bob Hoffman wrote: > > > > Yeato hell with yahoo. I will just make all > members use a different > > email service. Aint worth the effort. > > I think this conversation is at a point where it would make > more sense > on a yahoo / email specific list. Agreed! Its amazing to see the childishness of not being able to get one's server in order, ignoring Yahoo's FAQ's and then this kind of BS. Thanks, Josh. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: DKIM
Craig White wrote: > well it's not just yahoo as I know for certain that AOL also requires > reverse DNS to match just like all the mail servers that I maintain also > require matching reverse DNS. > > Your problem - if you actually want to solve it instead of tossing the > blame to others like yahoo is... > > # host mail.creativeprogramdesigners.com > mail.creativeprogramdesigners.com has address 72.35.68.58 > > # host 72.35.68.58 > 58.68.35.72.in-addr.arpa domain name pointer > creativeprogramdesigners.com. > > the forward doesn't match the reverse - it's that simple. Why not just > fix it? Because it is *NOT* needed. I have several machines which have lots of A records for just one ip address. But only one name when I do a reverse lookup. Anyone checking for that shouldn't be allowed to receive mail. Ralph pgpyLyoGXcYn7.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: DKIM
Scott Silva wrote: > on 9-24-2008 2:23 PM Ralph Angenendt spake the following: >> I get it via mail.centos.org which clearly isn't a server you would >> allow to send mails out as @hoffman.com when you set up SPF for your >> domain. So if I drop mails which don't have a "correct" SPF record - >> I'd drop that mail. >> >> Although your domain has correct SPF records. > > But shouldn't a forwarder add its own envelope and a set of received headers? Envelope-To, yes. It doesn't touch the envelope From. And you don't get to see the received headers in the smtp dialog. Ralph -- Ralph [EMAIL PROTECTED] | .."Text processing has made it possible Bayerischer Rundfunk...80300 München | to right-justify any idea, even one Programmbereich.Bayern 3, Jugend und | .which cannot be justified on any other Multimedia.Tl:089.5900.16023 | ..grounds." -- J. Finnegan, USC pgp47LwalQSgo.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] DKIM
Ralph Angenendt wrote on Wed, 24 Sep 2008 20:23:50 +0200: > That's supposed to help with what regarding his problem? Hotmail seems to delete all mail from domains without SPF if it's not coming from the MX. Yahoo might be doing the same. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Some best practices when sending to Yahoo! Mail
There were a ton of replies to the DKIM thread so I thought I'd chip in with what Yahoo have stated on their website, Q What are some best practices when sending to Yahoo! Mail? A http://help.yahoo.com/l/us/yahoo/mail/postmaster/postmaster-15.html Apologies if this has been mentioned before in the 300 or so replies to that topic but problems sending mail to Yahoo, AOL, Hotmail are best served, by looking at the FAQ's for those service providers. Believe me you are not the first to have asked that question. Thanks, Josh. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] "Treason uncloaked!"
got a centos5.2 web/database server thats on a public coloc, its dmesg fills up with TCP: Treason uncloaked! Peer 82.135.195.32:64905/8032 shrinks window 354477433:354478918. Repaired. TCP: Treason uncloaked! Peer 82.135.195.32:64905/8032 shrinks window 354477433:354478918. Repaired. TCP: Treason uncloaked! Peer 82.135.195.32:64905/8032 shrinks window 354477433:354478918. Repaired. TCP: Treason uncloaked! Peer 84.158.80.177:61931/8032 shrinks window 3243223020:3243237180. Repaired. TCP: Treason uncloaked! Peer 84.158.80.177:61931/8032 shrinks window 3243227520:3243237180. Repaired. TCP: Treason uncloaked! Peer 84.158.80.177:61931/8032 shrinks window 3243232020:3243237180. Repaired. I know thats because of random bogosity coming in from the internet, and I really don't care. can I suppress that from filling up the dmesg buffer so I can see more important things like scsi soft errors? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Installing perl modules using yum?
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al Sparks Sent: Wednesday, September 24, 2008 3:17 PM To: Centos List Subject: [CentOS] Installing perl modules using yum? I'm trying to install swatch using rpmbuild. I'm getting dependency errors saying that I need perl(Date::Calc), perl(Date::Format), and perl(File::Tail). I've been beaten over the head in this group for using CPAN. So methodology do I use to I install those modules? === Al -- JohnStanley Writes: Check out the rpmforge repo for the Perl Modules. There is many of them there already built. JohnStanley ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos