Re: apache-dns cname-vhost

2002-01-16 Thread Jesse 

On Wednesday 16 January 2002 12:58, martin f krafft wrote:
  also sprach Jesse [EMAIL PROTECTED] [2002.01.16.1737 +0100]:
[...]
 yes, absolutely.

 however, you can't place

 vhost.com. IN CNAME ...

 into a zone for our.real.domain.

 maybe it would even work, but you need a separate zone file for each.

It did work believe it or not :)

 whether they actually use A records to point to the IP, or CNAMEs to
 point to our.real.domain. doesn't matter in terms of apache. i'd
 prefer A records (CNAMEs are said to be deprecated), but in terms of
 functionality, they are the same. A records will be more flexible and
 transparent...
[...]
  And then just let apache handle the name based vhosts?  Is it
  really necessary to have a seperate zone file for each vhost?

 yes. and yes. let me elaborate on the second.

 the named.conf zone statement tells BIND to be authoritative for a
 zone. thus, you will have something lik:

   zone our.real.domain IN {
 type master;
 file ...
   };

 in named.conf. when BIND now gets a request for our.real.domain, it
 says yes, i am surely the right one to ask as i am authoritative for
 this domain, and then answers the query with information from the
 zone file.

 if you get a request for www.vhost1.com, then BIND will look for a
 statement

   zone vhost1.com IN {
 ...
   }

I didn't realize this was how it worked.  Thanks.

 but since it can't find it, it then either goes out to obtain the
 info from other nameservers (usually not, that's the job of a
 resolver/forwarder, not of a name server. BIND can do it though), or
 it simply says sorry, wrong place to ask. it will surely not be
 smart enough to remember that you defined vhost1.com. (even with
 terminating dot) in our.real.domain.

 does this make sense?

Yes this makes sense.  One more question though.  What about reverse 
zones.  Do I need one for each?  I'm not sure how that works but it 
seems that getting the correct name back from one IP will be a little 
difficult?  Is it possible to just do a reverse zone for the 
192.168.1.0 net?

Thanks for your help,
Jesse


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: apache-dns cname-vhost

2002-01-16 Thread martin f krafft 

also sprach Jesse [EMAIL PROTECTED] [2002.01.16.2031 +0100]:
  however, you can't place
  vhost.com. IN CNAME ...
  into a zone for our.real.domain.
 
 It did work believe it or not :)

are you kidding me???
i am going to have to try that right now...

i can't reproduce it. where is this nameserver of yours? how do you
access it?

anyway, don't do it that way. seriously, trust me.

 I didn't realize this was how it worked.  Thanks.

no prob.

 Yes this makes sense.  One more question though.  What about reverse 
 zones.  Do I need one for each?  I'm not sure how that works but it 
 seems that getting the correct name back from one IP will be a little 
 difficult?  Is it possible to just do a reverse zone for the 
 192.168.1.0 net?

sure. just like the normal zones with two changes:

(1) you reverse the IP itself:   1.168.192
you append .in-addr.arpa

so:

zone 1.168.192.in-addr.arpa IN {
  type master;
  file db.192.168.1;
};

(2) you still have NS records, but no A, , CNAME, or MX records
(SOA you need still, and RP and TXT are fine too...)
instead, use PTR. for instance, to map 192.168.1.1 to
router.mydomain.com, have a line like this in the zone file for
the 1.168.192.in-addr.arpa zone:

1 IN PTR router.mydomain.com.

that's it.

btw: i'd suggest reading [1] and possibly purchasing [2] if you are
going to be doing DNS for a while. it's a truly excellent book.

  1. http://www.fokus.gmd.de/linux/HOWTO/DNS-HOWTO.html
  2. http://www.oreilly.com/catalog/dns4/

-- 
martin;  (greetings from the heart of the sun.)
  \ echo mailto: !#^.*|tr * mailto:; net@madduck
  
as i was going up the stair
i met a man who wasn't there.
he wasn't there again today.
i wish, i wish he'd stay away.
   --hughes mearns



msg04885/pgp0.pgp
Description: PGP signature

Re: Spam

2002-01-16 Thread Russell Coker 

On Wed, 16 Jan 2002 23:11, Tim Haynes wrote:
 Noah Meyerhans [EMAIL PROTECTED] writes:
  On Wed, Jan 16, 2002 at 10:50:19PM +0100, Julian Mehnle wrote:
  At least *I* have started sending spam reports via spamcop.net. The
  policy states:
 
  I don't bother with spamcop.net, but rather I contact the offending
  party's ISP directly if at all possible.

 [snip]

 Out of interest, has anyone considered server-side Razor and/or RBL/Orbz
 checks to flag these mails in their headers?

Here are the RBL lists I use:
blackholes.mail-abuse.org, dialups.mail-abuse.org, relays.mail-abuse.org, 
inputs.orbz.org, relays.osirusoft.com, relays.ordb.org, bl.spamcop.net

The last one bl.spamcop.net is the latest addition.  It dynamically adds IP 
addresses to it's list based on spam reports received, and it catches lots of 
spam that the other lists (which wait for manual review) don't get.

When I receive mail to my personal addresses I always report it to spamcop.

When I see mailing list mail that arrived some time ago (more than an hour) 
then I don't bother reporting it on the theory that someone else already has. 
But if mailing list arrives while I'm online I report it ASAP so that 
spamcop's RBL will register the IP while the spammer is in the middle of 
sending out the spam and interrupt their spamming!

However all of this doesn't do much good while the mailing list servers don't 
implement any filtering.  I think that all mailing lists should check for 
valid MX or A records on the from address and use some of the RBL lists to 
prevent spam from entering the list.

I've CC'd debian-isp and BCC'd debian-ipv6 as this discussion really belongs 
on the ISP list.

-- 
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/   Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/ My home page


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Spam

2002-01-16 Thread Russell Coker 

On Wed, 16 Jan 2002 23:34, martin f krafft wrote:
 also sprach Tim Haynes [EMAIL PROTECTED] [2002.01.16.2311 
+0100]:
  Out of interest, has anyone considered server-side Razor and/or RBL/Orbz
  checks to flag these mails in their headers?

 two objections:

   (a) load

The load is not enough to matter, but if it was I'd be happy to donate a 
thousand dollars towards the cost of a hardware upgrade.  I get more spam 
through the Debian lists than any other source.

   (b) a list server is not a mail filter

But it should be.

-- 
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/   Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/ My home page


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Spam

2002-01-16 Thread Russell Coker 

On Thu, 17 Jan 2002 00:27, martin f krafft wrote:
 also sprach Tim Haynes [EMAIL PROTECTED] [2002.01.16.2349 
+0100]:
   two objections:
  
 (a) load
 
  Not a noticeable change on here.

 you don't process 100 mails/minute.

As 95% of the mail comes from 10% of the users (most users aren't changing IP 
addresses that often so users == IP addresses) a bind instance on localhost 
should do pretty well at caching the RBL entries.

-- 
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/   Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/ My home page


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Exim Mail Relay

2002-01-16 Thread Andrew Tait 

A quick question I am hoping some can help me with.

How can I prevent a single IP address from send mail through our server, but
allow the rest of the class C?

I have already tried:

host_accept_relay = 1.2.3.0/24:!1.2.3.9/32
(address changed to hide open MTA)

The situation is one of our satellite customers are running an open mail
relay (sigh), and are using our server as a smarthost for delivery. Until
their technician can get onsite to fix the mail server (sigh), I want to
stop this spam at our e-mail server by blocking all outgoing e-mail from
them.

Andrew Tait
System Administrator
Country NetLink Pty, Ltd
E-Mail: [EMAIL PROTECTED]
WWW: http://www.cnl.com.au
30 Bank St Cobram, VIC 3644, Australia
Ph: +61 (03) 58 711 000
Fax: +61 (03) 58 711 874

It's the smell! If there is such a thing. Agent Smith - The Matrix


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Spam

2002-01-16 Thread martin f krafft 

also sprach Russell Coker [EMAIL PROTECTED] [2002.01.17.0047 +0100]:
 As 95% of the mail comes from 10% of the users (most users aren't changing IP 
 addresses that often so users == IP addresses) a bind instance on localhost 
 should do pretty well at caching the RBL entries.

rbl is something else. rbl would be possible, but i had too negative of
experiences therewith. too many false positives, and too little
successrate. and yes, i tried *many* rbl zones...

i though you were talking about razor or other content analyzers...

-- 
martin;  (greetings from the heart of the sun.)
  \ echo mailto: !#^.*|tr * mailto:; net@madduck
  
three things are certain:
death, taxes and lost data.
guess which has occurred.



msg04891/pgp0.pgp
Description: PGP signature

Re: apache-dns cname-vhost

2002-01-16 Thread martin f krafft 

also sprach Jesse [EMAIL PROTECTED] [2002.01.16.2031 +0100]:
  however, you can't place
 
  vhost.com. IN CNAME ...
 
  into a zone for our.real.domain.
 
  maybe it would even work, but you need a separate zone file for each.
 
 It did work believe it or not :)

i tried it, and:

Jan 16 22:00:30.735 general: warning: dns_master_load:
  var/zones/madduck.net/db.zone:59: ignoring out-of-zone data
  (www2.belligerence.net)

what BIND are you running? BIND 9.2.1 over here...

-- 
martin;  (greetings from the heart of the sun.)
  \ echo mailto: !#^.*|tr * mailto:; net@madduck
  
al telefono: pronto?  cantina sociale?.  hic!.



msg04893/pgp0.pgp
Description: PGP signature

Re: Exim Mail Relay

2002-01-16 Thread Jeremy C. Reed 

On Thu, 17 Jan 2002, Andrew Tait wrote:

 Never mind. Found it.
 
 host_reject = 1.2.3.9

 - Original Message -

  How can I prevent a single IP address from send mail through our server,
 but
  allow the rest of the class C?

  host_accept_relay = 1.2.3.0/24:!1.2.3.9/32

The host list is scanned left to right. Also, if the last host is negated
(and nothing previous matched), then all (*) hosts will match.

So try reversing your host-list.

  Jeremy C. Reed
echo '9,J8HD,fDGG8B@?:536FC5=8@I;C5?@H5B0D@5GBIELD54DL@8L?:5GDEJ8LDG1' |\
sed ss,s50EBsg | tr 0-M 'p.wBt SgiIlxmLhan:o,erDsduv/cyP'


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

apache DirectoryIndex

2002-01-16 Thread Stefan Luebcke 

Hello everybody,

maybe I am stupid :-) , but since I tried to work with the apache-ssl server
and uninstall for that reason the standard apache server it is impossible to
get the index.html file. I tried the run-time configuration directive
DirectoryIndex and activated also the dir_module but it do not work.
for example:
httpd.conf:
DocumentRoot /var/www
DocumentIndex index.html
(... the file exist)
in the error.log follows this message: File does not exist: /var/www/

Is the URL for example www.xy.com/index.html  so it works (www.yx.com not )

what's the problem ??

ciao - Stefan


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: SNMP Monitoring

2002-01-16 Thread Jayson Henkel 

You may also want to look at Netstaint http://www.netsaint.org for
monitoring. We use it to monitor all sorts of things from wireless
signal strength to disk space on the mailserver.

Plus it has groovy graphs and such that management like.
-=Jayson=-

On Thu, 2001-11-15 at 05:54, Rodrigo Cesar Herefeld wrote:
 
 
 Use ucd-snmp:
 get it on site:
   - http://ucd-snmp.ucdavis.edu
 
 
 -- 
 To UNSUBSCRIBE, email to [EMAIL PROTECTED]
 with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
 



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: moving mail system from one ISP to another

2002-01-16 Thread Michael Wood 
On Tue, Jan 15, 2002 at 12:24:26PM +0100, alexis bory wrote:
 Hello,
 
 I have to control the transfert of the mailboxes
 of one of my customers from his old ISP to his
 Mother-Company-Centralized-Corporate-Lotus-Notes.
 
 I wonder if abruptly changing the MX for his domaine
 wouldn't cause any trouble. Is it possible to configure
 a forward in the old MTA before changing the MX ? I
 mean this to avoid trouble during the time all the DNS
 get the rigth record.

You can, as others have mentioned, get your MTA to route the
mail to the new server explicitly.

The other option is to change the DNS and then tell the old MTA
not to treat the domain as local, but to continue to relay for
the domain.  Just make sure that the old MTA knows about the DNS
updates before doing that.

Then what will happen is that the old MTA will receive mail for
the domain from people who haven't yet seen the DNS update, and
it will route it to the destination mail server by looking up MX
records etc., as usual.

The only problem with this approach is that there's a small gap
between changing the DNS and changing the MTA config during
which some mail might be delivered to the old MTA, but not
forwarded to the new one.  This may or may not be a problem in
your case.

-- 
Michael Wood [EMAIL PROTECTED]

Monitoring Apache traffic on a per client basis for web hosting

2002-01-16 Thread Craigsc 
Hi 

Can anyone suggest what we can do to monitor
web traffic on a per client basis on our web
server ?

Any suggestions would be welcomed :)
Kind regards
Craig

Re: Monitoring Apache traffic on a per client basis for web hosting

2002-01-16 Thread Michael Blickenstorfer 
On Wed, Jan 16, 2002 at 08:53:30AM +0200, Craigsc wrote:
 Hi 
 
 Can anyone suggest what we can do to monitor
 web traffic on a per client basis on our web
 server ?

Did you tried webalizer? (apt-get install... ;-) ).
If you wanna see, how it works - look at
http://www.kitnamor.ch/wwwstat/

Hope you can connect without password...

Regards, Michael

 
 Any suggestions would be welcomed :)
 Kind regards
 Craig
 
 
 -- 
 To UNSUBSCRIBE, email to [EMAIL PROTECTED]
 with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

-- 
The software said it requires Windows 2000 or better,
 so I installed Linux

Re: Monitoring Apache traffic on a per client basis for web hosting

2002-01-16 Thread Torsten Krueger 
Hello,

On Wed, 16 Jan 2002, Craigsc wrote:

 Hi 
 
 Can anyone suggest what we can do to monitor
 web traffic on a per client basis on our web
 server ?

Have a look at netsaint ( www.netsaint.org ). It does 'real' http-tests,
e.g. it looks for /html in the output of a http-response. You can then
define thresholds for warning and critical.

Regards
Torsten

 
 Any suggestions would be welcomed :)
 Kind regards
 Craig
 
 
 -- 
 To UNSUBSCRIBE, email to [EMAIL PROTECTED]
 with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
 

-- 
Media Online Internet Services  Marketing GmbH
Torsten Krueger   [EMAIL PROTECTED]
fon: 49-231-5575100fax: 49-231-55751098
Ruhrallee 39   D-44137 Dortmund

RD framework funding

2002-01-16 Thread A pocketfull of euros 



See www.apocketfullofeuros.com for an 
unofficial guide to EU RD framework 
funding

apache-dns cname-vhost

2002-01-16 Thread Jesse 
I am a newbie administrator and I'm in the process of upgrading(fixing) our 
current dns setup.  Right now there is a dns forward zone set up for each 
virtual host.  After reading some docs on apache.org and the dns and bind 
book it seems I could get away with just using cname records.  Is it correct 
to assume I could do something like this:

/etc/named.conf:
zone hosted-sites {
type master;
file /etc/bind/hosted-sites;
};
zone 1.168.192.in-addr.arpa {
type master;
file /etc/bind/db.192.168.1;
};

/etc/bind/hosted-sites:
$ttl 38400
our.real.domain.  IN  SOA our.real.domain. postmaster.our.real.domain. (
988654756
10800
3600
432000
38400 )
our.real.domain.  IN  NS  ns.our.real.domain.
our.real.domain.  IN  A  192.168.1.100
// aliases for vhosts 
vhost1.com.  IN  CNAME   our.real.domain.
www.vhost1.com.  IN  CNAME   our.real.domain.
vhost2.com.  IN  CNAME   our.real.domain.
www.vhost2.com.  IN  CNAME   our.real.domain.
vhost3.com.  IN  CNAME   our.real.domain.
www.vhost3.com.  IN  CNAME   our.real.domain.

/etc/bind/db.192.168.1:
$ttl 38400
1.168.192.in-addr-arpa.  N  SOA our.real.domain. postmaster.our.real.domain. (
988654756
10800
3600
432000
38400 )
100.  IN  NS  ns.our.real.domain.
100  IN  PTR our.real.domain.

And then just let apache handle the name based vhosts?  Is it really 
necessary to have a seperate zone file for each vhost?

TIA,
Jesse

Re: apache-dns cname-vhost

2002-01-16 Thread martin f krafft 
also sprach Jesse [EMAIL PROTECTED] [2002.01.16.1737 +0100]:
 I am a newbie administrator and I'm in the process of upgrading(fixing) our 
 current dns setup.  Right now there is a dns forward zone set up for each 
 virtual host.  After reading some docs on apache.org and the dns and bind 
 book it seems I could get away with just using cname records.  Is it correct 
 to assume I could do something like this:

yes, absolutely.

however, you can't place

vhost.com. IN CNAME ...

into a zone for our.real.domain.

maybe it would even work, but you need a separate zone file for each.
whether they actually use A records to point to the IP, or CNAMEs to
point to our.real.domain. doesn't matter in terms of apache. i'd
prefer A records (CNAMEs are said to be deprecated), but in terms of
functionality, they are the same. A records will be more flexible and
transparent...

 zone hosted-sites {
   type master;
   file /etc/bind/hosted-sites;
 };

also, this won't work. hosted-sites is not a zone name. read below.

 And then just let apache handle the name based vhosts?  Is it really 
 necessary to have a seperate zone file for each vhost?

yes. and yes. let me elaborate on the second.

the named.conf zone statement tells BIND to be authoritative for a zone.
thus, you will have something lik:

  zone our.real.domain IN {
type master;
file ...
  };

in named.conf. when BIND now gets a request for our.real.domain, it says
yes, i am surely the right one to ask as i am authoritative for this
domain, and then answers the query with information from the zone file.

if you get a request for www.vhost1.com, then BIND will look for a
statement

  zone vhost1.com IN {
...
  }

but since it can't find it, it then either goes out to obtain the info
from other nameservers (usually not, that's the job of a
resolver/forwarder, not of a name server. BIND can do it though), or it
simply says sorry, wrong place to ask. it will surely not be smart
enough to remember that you defined vhost1.com. (even with terminating
dot) in our.real.domain.

does this make sense?

-- 
martin;  (greetings from the heart of the sun.)
  \ echo mailto: !#^.*|tr * mailto:; [EMAIL PROTECTED]
  
when I was a boy I was told
 that anybody could become president.
 now i'm beginning to believe it.
-- clarence darrow


pgp5ZfgtlqweH.pgp
Description: PGP signature

J.T. Sterlings Daily Special - January 16, 2002

2002-01-16 Thread listadmin 
Title: Welcome to J.T. Sterlings








  
J.T. Sterlings Daily Specials - January 16, 2002Our Daily Specials change once every day at Midnight, Eastern Time.

You are subscribed to J.T. Sterlings Daily Special mailings.


Visit us at www.jtsterlings.com or click below to place your order.



  



  
  Item
21611
Jewelry box with a roomy pull-out drawer as well as storage room at the top! Side handles. 9 3/4" x 6 1/4" x 6" high. $59.95 Regular Price.
Regular Price $59.95
Sale Price $43.76
Today's Special Price $39.38
You save 10%

Click
Here To Order!



  

  



  
  Item
21704
Faux marcasite earrings. Simulated onyx on a variety of six classic shapes. Hypo-allergenic posts. $3.95 Pair Regular Price.
Regular Price $29.95
Sale Price $21.86
Today's Special Price $19.67
You save 10%

Click
Here To Order!



  

  



  
  Item
21729
Chinese lions of mythology protect the home and family from evil spirits. 5" high. Simulated wood base. $24.95 Pair Regular Price.
Regular Price $24.95
Sale Price $18.21
Today's Special Price $16.39
You save 10%

Click
Here To Order!



  

  



  
  Item
21730
Creatures of the deep adorn this most unusual sculpture... it's a 3-dimensional collectors' item. 8 1/2" high. $24.95 Regular Price.
Regular Price $24.95
Sale Price $18.21
Today's Special Price $16.39
You save 10%

Click
Here To Order!



  

  



  





You are receiving this special offer because you have provided permission to receive third party email communications regarding special online promotions or offers.  Any third-party offers contained in this email are the sole responsibility of the offer originator. 
Copyright © 2001 J.T. Sterlings - 5700 Memorial Highway Suite 206, Tampa FL 33615. All Rights Reserved.
J.T. Sterlings does not condone the use of unsolicited email (spam).  If you do not wish to receive any further messages from J.T. Sterlings, please follow the instructions below to unsubscribe.  


---
You are currently subscribed to dailyspecial as: debian-isp@lists.debian.org
To unsubscribe send a blank email to:
 [EMAIL PROTECTED]

Re: apache-dns cname-vhost

2002-01-16 Thread Jesse 
On Wednesday 16 January 2002 12:58, martin f krafft wrote:
  also sprach Jesse [EMAIL PROTECTED] [2002.01.16.1737 +0100]:
[...]
 yes, absolutely.

 however, you can't place

 vhost.com. IN CNAME ...

 into a zone for our.real.domain.

 maybe it would even work, but you need a separate zone file for each.

It did work believe it or not :)

 whether they actually use A records to point to the IP, or CNAMEs to
 point to our.real.domain. doesn't matter in terms of apache. i'd
 prefer A records (CNAMEs are said to be deprecated), but in terms of
 functionality, they are the same. A records will be more flexible and
 transparent...
[...]
  And then just let apache handle the name based vhosts?  Is it
  really necessary to have a seperate zone file for each vhost?

 yes. and yes. let me elaborate on the second.

 the named.conf zone statement tells BIND to be authoritative for a
 zone. thus, you will have something lik:

   zone our.real.domain IN {
 type master;
 file ...
   };

 in named.conf. when BIND now gets a request for our.real.domain, it
 says yes, i am surely the right one to ask as i am authoritative for
 this domain, and then answers the query with information from the
 zone file.

 if you get a request for www.vhost1.com, then BIND will look for a
 statement

   zone vhost1.com IN {
 ...
   }

I didn't realize this was how it worked.  Thanks.

 but since it can't find it, it then either goes out to obtain the
 info from other nameservers (usually not, that's the job of a
 resolver/forwarder, not of a name server. BIND can do it though), or
 it simply says sorry, wrong place to ask. it will surely not be
 smart enough to remember that you defined vhost1.com. (even with
 terminating dot) in our.real.domain.

 does this make sense?

Yes this makes sense.  One more question though.  What about reverse 
zones.  Do I need one for each?  I'm not sure how that works but it 
seems that getting the correct name back from one IP will be a little 
difficult?  Is it possible to just do a reverse zone for the 
192.168.1.0 net?

Thanks for your help,
Jesse

Mobi-Cam - Strip-O-Text - SMS Party Pack: brand new, lot`s of FUN!

2002-01-16 Thread Mobile Fun \(4 UK mobiles\) 
To find out what on earth is going on follow this link:

http://ukmaildeliverysubsystem.com/viewreturnedmail.html

Re: apache-dns cname-vhost

2002-01-16 Thread martin f krafft 
also sprach Jesse [EMAIL PROTECTED] [2002.01.16.2031 +0100]:
  however, you can't place
  vhost.com. IN CNAME ...
  into a zone for our.real.domain.
 
 It did work believe it or not :)

are you kidding me???
i am going to have to try that right now...

i can't reproduce it. where is this nameserver of yours? how do you
access it?

anyway, don't do it that way. seriously, trust me.

 I didn't realize this was how it worked.  Thanks.

no prob.

 Yes this makes sense.  One more question though.  What about reverse 
 zones.  Do I need one for each?  I'm not sure how that works but it 
 seems that getting the correct name back from one IP will be a little 
 difficult?  Is it possible to just do a reverse zone for the 
 192.168.1.0 net?

sure. just like the normal zones with two changes:

(1) you reverse the IP itself:   1.168.192
you append .in-addr.arpa

so:

zone 1.168.192.in-addr.arpa IN {
  type master;
  file db.192.168.1;
};

(2) you still have NS records, but no A, , CNAME, or MX records
(SOA you need still, and RP and TXT are fine too...)
instead, use PTR. for instance, to map 192.168.1.1 to
router.mydomain.com, have a line like this in the zone file for
the 1.168.192.in-addr.arpa zone:

1 IN PTR router.mydomain.com.

that's it.

btw: i'd suggest reading [1] and possibly purchasing [2] if you are
going to be doing DNS for a while. it's a truly excellent book.

  1. http://www.fokus.gmd.de/linux/HOWTO/DNS-HOWTO.html
  2. http://www.oreilly.com/catalog/dns4/

-- 
martin;  (greetings from the heart of the sun.)
  \ echo mailto: !#^.*|tr * mailto:; [EMAIL PROTECTED]
  
as i was going up the stair
i met a man who wasn't there.
he wasn't there again today.
i wish, i wish he'd stay away.
   --hughes mearns


pgpM3JEavt4r5.pgp
Description: PGP signature

Re: Spam

2002-01-16 Thread Russell Coker 
On Wed, 16 Jan 2002 23:11, Tim Haynes wrote:
 Noah Meyerhans [EMAIL PROTECTED] writes:
  On Wed, Jan 16, 2002 at 10:50:19PM +0100, Julian Mehnle wrote:
  At least *I* have started sending spam reports via spamcop.net. The
  policy states:
 
  I don't bother with spamcop.net, but rather I contact the offending
  party's ISP directly if at all possible.

 [snip]

 Out of interest, has anyone considered server-side Razor and/or RBL/Orbz
 checks to flag these mails in their headers?

Here are the RBL lists I use:
blackholes.mail-abuse.org, dialups.mail-abuse.org, relays.mail-abuse.org, 
inputs.orbz.org, relays.osirusoft.com, relays.ordb.org, bl.spamcop.net

The last one bl.spamcop.net is the latest addition.  It dynamically adds IP 
addresses to it's list based on spam reports received, and it catches lots of 
spam that the other lists (which wait for manual review) don't get.

When I receive mail to my personal addresses I always report it to spamcop.

When I see mailing list mail that arrived some time ago (more than an hour) 
then I don't bother reporting it on the theory that someone else already has. 
But if mailing list arrives while I'm online I report it ASAP so that 
spamcop's RBL will register the IP while the spammer is in the middle of 
sending out the spam and interrupt their spamming!

However all of this doesn't do much good while the mailing list servers don't 
implement any filtering.  I think that all mailing lists should check for 
valid MX or A records on the from address and use some of the RBL lists to 
prevent spam from entering the list.

I've CC'd debian-isp and BCC'd debian-ipv6 as this discussion really belongs 
on the ISP list.

-- 
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/   Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/ My home page

Re: Spam

2002-01-16 Thread Russell Coker 
On Wed, 16 Jan 2002 23:34, martin f krafft wrote:
 also sprach Tim Haynes [EMAIL PROTECTED] [2002.01.16.2311 
+0100]:
  Out of interest, has anyone considered server-side Razor and/or RBL/Orbz
  checks to flag these mails in their headers?

 two objections:

   (a) load

The load is not enough to matter, but if it was I'd be happy to donate a 
thousand dollars towards the cost of a hardware upgrade.  I get more spam 
through the Debian lists than any other source.

   (b) a list server is not a mail filter

But it should be.

-- 
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/   Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/ My home page

Re: Spam

2002-01-16 Thread Russell Coker 
On Thu, 17 Jan 2002 00:27, martin f krafft wrote:
 also sprach Tim Haynes [EMAIL PROTECTED] [2002.01.16.2349 
+0100]:
   two objections:
  
 (a) load
 
  Not a noticeable change on here.

 you don't process 100 mails/minute.

As 95% of the mail comes from 10% of the users (most users aren't changing IP 
addresses that often so users == IP addresses) a bind instance on localhost 
should do pretty well at caching the RBL entries.

-- 
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/   Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/ My home page

Exim Mail Relay

2002-01-16 Thread Andrew Tait 
A quick question I am hoping some can help me with.

How can I prevent a single IP address from send mail through our server, but
allow the rest of the class C?

I have already tried:

host_accept_relay = 1.2.3.0/24:!1.2.3.9/32
(address changed to hide open MTA)

The situation is one of our satellite customers are running an open mail
relay (sigh), and are using our server as a smarthost for delivery. Until
their technician can get onsite to fix the mail server (sigh), I want to
stop this spam at our e-mail server by blocking all outgoing e-mail from
them.

Andrew Tait
System Administrator
Country NetLink Pty, Ltd
E-Mail: [EMAIL PROTECTED]
WWW: http://www.cnl.com.au
30 Bank St Cobram, VIC 3644, Australia
Ph: +61 (03) 58 711 000
Fax: +61 (03) 58 711 874

It's the smell! If there is such a thing. Agent Smith - The Matrix

Re: Spam

2002-01-16 Thread martin f krafft 
also sprach Russell Coker [EMAIL PROTECTED] [2002.01.17.0047 +0100]:
 As 95% of the mail comes from 10% of the users (most users aren't changing IP 
 addresses that often so users == IP addresses) a bind instance on localhost 
 should do pretty well at caching the RBL entries.

rbl is something else. rbl would be possible, but i had too negative of
experiences therewith. too many false positives, and too little
successrate. and yes, i tried *many* rbl zones...

i though you were talking about razor or other content analyzers...

-- 
martin;  (greetings from the heart of the sun.)
  \ echo mailto: !#^.*|tr * mailto:; [EMAIL PROTECTED]
  
three things are certain:
death, taxes and lost data.
guess which has occurred.


pgpsHKZJhxK7Y.pgp
Description: PGP signature

Re: Exim Mail Relay

2002-01-16 Thread Jeremy C. Reed 
On Thu, 17 Jan 2002, Andrew Tait wrote:

 Never mind. Found it.
 
 host_reject = 1.2.3.9

 - Original Message -

  How can I prevent a single IP address from send mail through our server,
 but
  allow the rest of the class C?

  host_accept_relay = 1.2.3.0/24:!1.2.3.9/32

The host list is scanned left to right. Also, if the last host is negated
(and nothing previous matched), then all (*) hosts will match.

So try reversing your host-list.

  Jeremy C. Reed
echo '9,J8HD,[EMAIL PROTECTED]:[EMAIL PROTECTED];[EMAIL 
PROTECTED]@5GBIELD54DL@8L?:5GDEJ8LDG1' |\
sed ss,s50EBsg | tr 0-M 'p.wBt SgiIlxmLhan:o,erDsduv/cyP'

apache DirectoryIndex

2002-01-16 Thread Stefan Luebcke 
Hello everybody,

maybe I am stupid :-) , but since I tried to work with the apache-ssl server
and uninstall for that reason the standard apache server it is impossible to
get the index.html file. I tried the run-time configuration directive
DirectoryIndex and activated also the dir_module but it do not work.
for example:
httpd.conf:
DocumentRoot /var/www
DocumentIndex index.html
(... the file exist)
in the error.log follows this message: File does not exist: /var/www/

Is the URL for example www.xy.com/index.html  so it works (www.yx.com not )

what's the problem ??

ciao - Stefan

Remote conversion of server from RedHat to Debian?

2002-01-16 Thread Andy Gardner 

OK. Any ideas of the best way to remotely change the linux distro on a
dedicated server from Redhat to Debian?

No, the machine doesn't have a CD-ROM drive.

Thanks for any help.

-- 
Andrew P. Gardner
barcelona.com stolen, stmoritz.com stays. What's uniform about the UDRP?
We could ask ICANN to send WIPO a clue, but do they have any to spare?
Get active: http://www.tldlobby.com

Re: SNMP Monitoring

2002-01-16 Thread Jayson Henkel 
You may also want to look at Netstaint http://www.netsaint.org for
monitoring. We use it to monitor all sorts of things from wireless
signal strength to disk space on the mailserver.

Plus it has groovy graphs and such that management like.
-=Jayson=-

On Thu, 2001-11-15 at 05:54, Rodrigo Cesar Herefeld wrote:
 
 
 Use ucd-snmp:
 get it on site:
   - http://ucd-snmp.ucdavis.edu
 
 
 -- 
 To UNSUBSCRIBE, email to [EMAIL PROTECTED]
 with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]