Unidentified subject!
Hi Desbian, Can you please help me by telling how to make the spamassassin work in a webmin interface. Even after I have selected some addresses to check as spam,the scanning is not working the mail body or subject is not modified. The configuration file reflects all the changes that I have made in the webmin interface. Thanks Regards, Amrita Priyadarsini -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
MySQL with temporary high load on shared server
Hi folks, does anybody have with MySQL running on a shared server, which gets temporary high load? My problem is that a friend uses an online-shop on a shared-sytem. No problem with that - but when he uses update-scripts to upload his products/prices/... from scratch the system almost goes down due to heavy load. There are about 10.000 products in the DB - not *so* much I always thought. System performance degrades for other services (mail, ftp, ...) as well as other users trying to access their databases. Has anybody got an idea? Please let me know urgently! Kind regards, Stefan Neufeind
Re: email server - how to
Andreas John wrote: Best to use 2U machines with the maximum number of disks IMHO. A 2U machine should be able to have 5 disks. I say: 9 Disks without problems. e.g. pcicase http://www.pcicase.de/catalog/produktweb/IPC-C2-X/IPC-C2D.htm The question is with that many disks is a single raid 5 going to be enough redundancy... Thats an awful lot of data to loose if 2 drives fail. May be worth thinking about RAID6 or a couple of RAID5 arrays striped -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: MySQL with temporary high load on shared server
Stefan Neufeind wrote: Hi folks, does anybody have with MySQL running on a shared server, which gets temporary high load? My problem is that a friend uses an online-shop on a shared-sytem. No problem with that - but when he uses update-scripts to upload his products/prices/... from scratch the system almost goes down due to heavy load. There are about 10.000 products in the DB - not *so* much I always thought. System performance degrades for other services (mail, ftp, ...) as well as other users trying to access their databases. Has anybody got an idea? Please let me know urgently! Kind regards, Stefan Neufeind I would suggest looking at using a bulk insert procedure, this should significantly speed up the loading of the data. If memory serves you use LOAD DATA. Check the Mysql manual -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: MySQL with temporary high load on shared server [SCANNED]
On 6/30/04 5:23 AM, Stefan Neufeind wrote:
Has anybody got an idea? Please let me know urgently!
What shopping cart? We had issues with oscommerce for a while blowing up a
server almost everyday. Not a Debian though, we ended up moving them to a
different machine for the DB/MySQL and also made them correct the image
sizes down to a more respectable size, they had some at 1 meg :( {Claimed he
was a web developer}
Also watch for spiders trying to crawl pages like login and such, they can
end up stuck in a loop and cause issues.
--
David Thurman
The Web Presence Group
http://www.the-presence.com
Web Development/E-Commerce/CMS/Hosting/Dedicated Servers
800-399-6441/309-679-0774
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Which Spam Block List to use for a network?
Hi, why don't you make life easier for yourself and forget trying to block Spam! Let your customers and/or users be responsible for blocking Spam! There is plenty of anti-spam software out there for both Windows and Linux platforms for the end-user to choose from and use to block Spam. I mean, I think this Spam problem should be left up to the individual, like so many other things in life, and stop having companies and/or organizations trying to control the e-mail aspect of the Internet. I feel that even companies large and small themselves (and I'm not talking about ISPs) should be the ones to control Spam, just like the (try) to control access to Porn sites. Even with all of the anit-spam solutions and Black Lists out there, I still get alot of Spam, but for me it's not much more of a problem than to just click the delete button/option, and empty my waste basket once a week. I really think there's people out there on the wrong track trying to tackle this Spam problem (in terms of ISPs and their services), and not (really, fully) realizing what effect this control has on the Internet. Look, when I go to the store, I can buy whatever TV is out there on the market, and I can bring it home and tune it in for all (or none) of the broadcast stations available in my area. I can pay for cable TV, or not. I can even control what gets seen and when, including all of the (Spammed) commercials. So I've controlled everything from choosing the TV, to watching what I want in the evening; not the store, not the station/channel I'm watching, but me. Spam Black (Block) Lists? Not a good thing in my opinion!! I mean, e-mail servers can be configured NOT to relay for unauthorized domains anyway. I'm not an advocate of e-mail Spamming. I just feel that the control or blocking should be left up to the individual user. Just like it's my choice which Office package I want to (buy and) use. ;-) -Robert - Original Message - From: Matej Kovac [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, June 30, 2004 8:53 AM Subject: Re: Which Spam Block List to use for a network? On Wed, Jun 23, 2004 at 07:33:52PM -0400, Blu wrote: On Wed, Jun 23, 2004 at 09:01:24PM +1000, Russell Coker wrote: On Wed, 23 Jun 2004 18:23, Blu [EMAIL PROTECTED] wrote: Well yes. Maybe I oversimplified. What I do is a callback to the MX of the envelope sender to see if it accepts mail to him/her. If not, the mail is rejected with an explicative 550. You aren't the only one who does that. I have found one other person who does that and who happens to have their mail server in an address range that's black-listed. So when I sent mail to them their mail server made a call-back to mine, my server rejected that and their mail server then generated a 55x code that tried to summarise the code from mine. Then my mail server took that and made it into a bounce message. Of course I am not the first one doing this. In fact Exim4 has buitin capability to do so. The resulting message was something that I could not decipher even though I have 10 years of experience running Internet mail servers! All I could do was post a message to a mailing list I knew the person was subscribed to and inform them that their server was borked in some unknown way. :) Well, my approach is not that fancy. I just check if the callback passes the RCPT, and if not, issue a 550 with a short message telling that my host will not accept mail that cannot be answered. you are receiving a message and you start callback to the mx if he passes the rcpt test, but - the mx starts callback to you if you pass... don't do this, this is a finger^H^H^H^H^H^H^Hn rcpt-war. and what is curious is... what if yahoo would do rcpt checks and I forge some yahoo email? you would try to rcpt-check yahoo? and they'd too... and I have put you in war with yahoo. -- matej kovac [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: email server - how to
On Wed, 30 Jun 2004 21:23, Dave Watkins [EMAIL PROTECTED] wrote: Andreas John wrote: Best to use 2U machines with the maximum number of disks IMHO. A 2U machine should be able to have 5 disks. I say: 9 Disks without problems. e.g. pcicase http://www.pcicase.de/catalog/produktweb/IPC-C2-X/IPC-C2D.htm The question is with that many disks is a single raid 5 going to be enough redundancy... Thats an awful lot of data to loose if 2 drives fail. May be worth thinking about RAID6 or a couple of RAID5 arrays striped If you have two RAID-5 arrays striped then two disks can fail and lose all your data. If you have a 10 disk setup where one disk has already failed, and if all disks are equally likely to fail, then on a single RAID-5 any disk failure will lose your data while on a pair of striped RAID-5's the chance will be 4/9 that the next failure will lose the data. However in a RAID-5 when one disk has failed there is more work for the remaining disk, so it may be more likely that the RAID-5 which has already lost a disk will lose a second than having a disk die in a RAID-5 that's working fine. Another issue is that physical issues (vibration and temperature) can cause or trigger disk death. As a RAID-5 is likely to be comprised of disks that are near each other there may be a pattern to disk death. I would hope that RAID-6 would be significantly more reliable than RAID-5. However there are lots of other causes of data loss. If reads don't occur on all disks at the same time with checking of both parity blocks then a RAID-6 system will still fail if a disk returns bad data and claims it to be good. Performance will be better if you don't have to read all blocks in each stripe for every read, so I expect that most systems will support turning off the feature to read the entire stripe (and it may be the default for some). There are lots of physical issues that can take out multiple disks, anything that can take out two disks can probably take out three just as easily. These physical issues include repairmen who use a hammer as a CPU installation tool (this is not a joke). -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Which Spam Block List to use for a network?
On Wed, 30 Jun 2004 23:54, Robert Cates [EMAIL PROTECTED] wrote: Spam Black (Block) Lists? Not a good thing in my opinion!! I mean, e-mail servers can be configured NOT to relay for unauthorized domains anyway. I'm not an advocate of e-mail Spamming. I just feel that the control or blocking should be left up to the individual user. Just like it's my choice which Office package I want to (buy and) use. ;-) Should we leave control of crime to the victim as well? Or do you think that a professional police force is better? When users try to deal with spam they often complain to the wrong people (think about joe-job's), they take the wrong actions (think about sending email to the remove address in a spam), and they don't have the competence to do it properly (think about the people who block postmaster mail etc, or who just block everything and complain to their ISP). It's better for the ISP to have an anti-spam system that blocks most of the spam that customers want blocked and gets a small enough number of false-positives that they don't mind. Some ISPs find that SpamCop's DNSBL fits this description... -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
Fw: ScanMail Message: To Sender, sensitive content found and action taken.
ScanMail Message: To Sender, sensitive content found and action taken.This is a good example of what I'm talking about... I was simply explaining my view on using Spam Black Lists and made an analogy of how companies have strict rules and try to control/restrict employees from accessing certain Web Sites, I used the word P o r n, and I get this reply back stating that the message was Quarantined! Really really nice to have this censorship done for me on the Internet!! By-the-way, is everybody on the Internet under 18? - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, June 30, 2004 3:56 PM Subject: ScanMail Message: To Sender, sensitive content found and action taken. Trend SMEX Content Filter has detected sensitive content. Place = [EMAIL PROTECTED]; Matej Kovac; ; Robert Cates Sender = Robert Cates Subject = Re: Which Spam Block List to use for a network? Delivery Time = June 30, 2004 (Wednesday) 09:56:47 Policy = Dirty Words 2 Action on this mail = Quarantine message Warning message from administrator: Sender, Content filter has detected an e-mail containing offensive words. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
lvm with raid
Is it possible to make lvm with raid ?? Is there anyone here that make it? thanks. Gustavo from Brazil. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Which Spam Block List to use for a network?
On Wednesday 30 June 2004 15.54, Robert Cates wrote: Hi, why don't you make life easier for yourself and forget trying to block Spam! Let your customers and/or users be responsible for blocking Spam! [...] Apart from what Russel says: are you prepared to pay for it? According to some (IIRC AOL published numbers like that) email blocked in the SMTP transaction reaches 80-90% of the mail delivery attempts in some cases (I have ca. 50%, I guess mainly because my domain is insignificant enough not to attract systematic dictionary attacks etc.) So, are you prepared to pay for - the additional storage used to store all the mail - the additional support personnel to answer phones when customers are annoyed that their mail quota is full again - the additional bandwidth used to transfer all that spam to the customers - the additional time spent by all customers (instead of just once by the ISP) to configure an anti-spam set up that will in 80% of the cases filter out all of the same messages for everybody (not to mention that such a set up has less information available, like crossassassin-style detection of the same message being delivered to many accounts, which is quite a good spam-sign in many cases). Lacking experience with large set ups, this is not hard data, but I'm quite confident that those who *have* experience with large set ups can confirm these thoughts. I agree that false positives are extremely annoying, so an ISP/corporate anti-spam policy will have to be more conservative than what some here use for their own email. cheers -- vbi -- Beware of the FUD - know your enemies. This week * The Alexis de Toqueville Institue * http://fortytwo.ch/opinion/ pgpFLisRRO7qO.pgp Description: signature
Re: Which Spam Block List to use for a network?
Should we leave control of crime to the victim as well? Or do you think that a professional police force is better? Well I do not remember ever seeing on the evening news or morning news paper that somebody was hurt or worst killed from a Spam attack! Have you ever been a victom of crime? Has somebody in your family been killed by a drunk driver? Can anybody who's been a victom of crime honestly say oh it's ok, but I sure wish a police was with me when it happened? Anyway, this is heading down another road, and yes, I am fully aware of the importance of our police department/force, in every country. When users try to deal with spam they often complain to the wrong people (think about joe-job's), they take the wrong actions (think about sending email to the remove address in a spam), and they don't have the competence to do it properly (think about the people who block postmaster mail etc, or who just block everything and complain to their ISP). Somebody who blocks everything, or ignorantly complains to their ISP, needs to be educated, not hand-held. That education in my mind is a service and responsibilty of the ISP, an if it's a matter of getting too many phone calls per day, there can easily be an FAQ posted on the ISP web site. Or maybe more appropriately it should be the responsibility of the software vendor providing the Anti-Spam software. It's better for the ISP to have an anti-spam system that blocks most of the spam that customers want blocked and gets a small enough number of false-positives that they don't mind. Some ISPs find that SpamCop's DNSBL fits this description... Who on the ISP side knows what the customer wants (blocked)? Are the ISPs calling all of their customers and asking? So the world will come to a day when all Internet users won't have much choice, won't know what's getting blocked, won't know who's controlling what, won't know who's making what decision, the largest ISP will take-over the competition, and before we know it, there will be an Internet monopoly much the same as the PC software industry of the past 20 or more years. - Original Message - From: Russell Coker [EMAIL PROTECTED] To: [EMAIL PROTECTED]; Robert Cates [EMAIL PROTECTED] Sent: Wednesday, June 30, 2004 4:47 PM Subject: Re: Which Spam Block List to use for a network? On Wed, 30 Jun 2004 23:54, Robert Cates [EMAIL PROTECTED] wrote: Spam Black (Block) Lists? Not a good thing in my opinion!! I mean, e-mail servers can be configured NOT to relay for unauthorized domains anyway. I'm not an advocate of e-mail Spamming. I just feel that the control or blocking should be left up to the individual user. Just like it's my choice which Office package I want to (buy and) use. ;-) Should we leave control of crime to the victim as well? Or do you think that a professional police force is better? When users try to deal with spam they often complain to the wrong people (think about joe-job's), they take the wrong actions (think about sending email to the remove address in a spam), and they don't have the competence to do it properly (think about the people who block postmaster mail etc, or who just block everything and complain to their ISP). It's better for the ISP to have an anti-spam system that blocks most of the spam that customers want blocked and gets a small enough number of false-positives that they don't mind. Some ISPs find that SpamCop's DNSBL fits this description... -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Fw: ScanMail Message: To Sender, sensitive content found and action taken.
see, it happened again... I simply used a 4 letter word, beginning with P and ending with n! - Original Message - From: Robert Cates [EMAIL PROTECTED] To: [EMAIL PROTECTED]; Matej Kovac [EMAIL PROTECTED] Sent: Wednesday, June 30, 2004 4:57 PM Subject: Fw: ScanMail Message: To Sender, sensitive content found and action taken. ScanMail Message: To Sender, sensitive content found and action taken.This is a good example of what I'm talking about... I was simply explaining my view on using Spam Black Lists and made an analogy of how companies have strict rules and try to control/restrict employees from accessing certain Web Sites, I used the word P - - n, and I get this reply back stating that the message was Quarantined! Really really nice to have this censorship done for me on the Internet!! By-the-way, is everybody on the Internet under 18? - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, June 30, 2004 3:56 PM Subject: ScanMail Message: To Sender, sensitive content found and action taken. Trend SMEX Content Filter has detected sensitive content. Place = [EMAIL PROTECTED]; Matej Kovac; ; Robert Cates Sender = Robert Cates Subject = Re: Which Spam Block List to use for a network? Delivery Time = June 30, 2004 (Wednesday) 09:56:47 Policy = Dirty Words 2 Action on this mail = Quarantine message Warning message from administrator: Sender, Content filter has detected an e-mail containing offensive words. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: lvm with raid
On Wed, Jun 30, 2004 at 12:10:31PM -0300, Gustavo Polillo wrote: Is it possible to make lvm with raid ?? Is there anyone here that make it? thanks. I'm currently using LVM over a software RAID 5 on one of our servers, /boot is a software RAID 1 array with an initrd to mount the LVM root partition. Just create the LVM volume on the RAID device, and that should be it, keeping /boot out of the LVM is a requirement fwict, otherwise the bootloader can't get access to the initrd or kernel image. http://www.midhgard.it/docs/lvm/html/ -- this is a good starting point and if you throw the words LVM on RAID at google, you'll find lots of information on it. Thanks, -- Brett Parker -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Which Spam Block List to use for a network?
On Thu, 1 Jul 2004 01:43, Robert Cates [EMAIL PROTECTED] wrote: Well I do not remember ever seeing on the evening news or morning news paper that somebody was hurt or worst killed from a Spam attack! Have you I know many people who have a stated intention of killing a spammer if given a reasonable chance. It would really suck if one of those people accidentally killed a non-spammer by mistake! When users try to deal with spam they often complain to the wrong people (think about joe-job's), they take the wrong actions (think about sending email to the remove address in a spam), and they don't have the competence to do it properly (think about the people who block postmaster mail etc, or who just block everything and complain to their ISP). Somebody who blocks everything, or ignorantly complains to their ISP, needs to be educated, not hand-held. That education in my mind is a service and responsibilty of the ISP, an if it's a matter of getting too many phone calls per day, there can easily be an FAQ posted on the ISP web site. Or maybe more appropriately it should be the responsibility of the software vendor providing the Anti-Spam software. Sure. Next time you run an ISP with over a million customers and only three people who really know how email works you can try educating users. I'll stick to giving them what I and management think is best for them. Who on the ISP side knows what the customer wants (blocked)? I do because I'm the bofh! ;) Are the ISPs calling all of their customers and asking? No point. The customer doesn't know the answer either. So the world will come to a day when all Internet users won't have much choice, won't know what's getting blocked, won't know who's controlling what, won't know who's making what If a user finds that their ISP gives them th wrong mix of spam protection to false positives then they can find another ISP. ISPs that make the wrong choices will lose business and eventually go bankrupt or get bought out by better ISPs. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Fw: ScanMail Message: To Sender, sensitive content found and action taken.
Hello Robert, Am 2004-06-30 17:59:20, schrieb Robert Cates: see, it happened again... I simply used a 4 letter word, beginning with P and ending with n! I do nor use this crapy Rules, but spamassassin 2.63 has goten all two messages too ! I do not look for P..n words. Place = [EMAIL PROTECTED]; Matej Kovac; ; Robert Cates Sender = Robert Cates Subject = Re: Which Spam Block List to use for a network? Delivery Time = June 30, 2004 (Wednesday) 09:56:47 Policy = Dirty Words 2 Action on this mail = Quarantine message Greetings Michelle -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ Michelle Konzack Apt. 917 ICQ #328449886 50, rue de Soultz MSM LinuxMichi 0033/3/8845235667100 Strasbourg/France IRC #Debian (irc.icq.com) signature.pgp Description: Digital signature
Re: Which Spam Block List to use for a network?
On Thu, 1 Jul 2004 01:34, Adrian 'Dagurashibanipal' von Bidder [EMAIL PROTECTED] wrote: I agree that false positives are extremely annoying, so an ISP/corporate anti-spam policy will have to be more conservative than what some here use for their own email. The correct solution to false positives (IMHO) is to be extremely conservative in regard to dropping email. Only a confirmed virus should be dropped on the floor. Any other rejection of a message should be a code 55x in the SMTP protocol. If you reject a message with a 55x and a suitable message then the author of the message can find another method of contact and there is no loss merely inconvenience. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: lvm with raid
On Thu, 1 Jul 2004 01:49, Brett Parker [EMAIL PROTECTED] wrote: Just create the LVM volume on the RAID device, and that should be it, keeping /boot out of the LVM is a requirement fwict, otherwise the bootloader can't get access to the initrd or kernel image. LILO is supposed to work on LVM devices as long as LVM doesn't move the blocks around under it (any such movement of /boot requires running lilo again). I hope that LILO would work on LVM on software RAID, but both LVM and software RAID are complex and the interaction may make it fail to work. If LILO does not work on LVM then please open a bug report about it, it is supposed to work. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: lvm with raid
## Gustavo Polillo ([EMAIL PROTECTED]): Is it possible to make lvm with raid ?? Is there anyone here that make it? Works as expected. RAID appears as a simple SCSI drive. Regards, Christoph -- Spare Space -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Which Spam Block List to use for a network?
[no cc:s on list mail, please] On Wednesday 30 June 2004 18.17, Russell Coker wrote: If you reject a message with a 55x and a suitable message then the author of the message can find another method of contact and there is no loss merely inconvenience. While I personally agree, some people react extremely offended/aggressive when confronted with a rejection message (there are quite a few of these in the Debian project ;-/, and I've met one or two in my http://www.pool.ntp.org project (/plug)... Also, some people do not know that an email bounce is perfectly readable (these are people who perfectly know how to read and who understand english, but go run away screaming when confronted with a slightly technical-looking message - the 'it's techincal, I won't understand it anyway' mindset). In both cases, the result is that the 'other method of contact' does not usually happen, but the failure of communication is just being ignored. cheers -- vbi -- Available for key signing in Zürich and Basel, Switzerland (what's this? Look at http://fortytwo.ch/gpg/intro) pgpOYfkH2zIUS.pgp Description: signature
Friendly greetings, Bandwidth Management Packet Shaping
Hi, I run a cross your email on line, I would like to have this opportunity to share with you a solution for Bandwidth management and packet shaping, better control for the traffic with lowest granularity 64k, logs the inbound and outbound traffic, capable of enforce rules or deny traffic that is not related to corporate day to day operation as such IM, download music, or non related websites. However this can be done by identifying the Application signature 80 byte header, then can be applied using a Gui to control the inbound and outbound traffic by port, as well vlan on the device. Also can be control by rule base and time trigger control. I read you email noted below and it looks like this really play a role on your existing environment: If you would like to learn more about it, please visit my website at http://www.dcseven.com products. Best regards, Armando Vasquez DC7 Company Director, Business Development Office (510) 282-9407 Email: [EMAIL PROTECTED] URL: http://www.dcseven.com I'm getting some DSL services installed and I need some recommendations or even a pointer or two to a method of long-term bandwidth monitoring while keeping latency to a minimum. The DSL for our customers will be coming into our location on an ATM.I'm still working out the details with static or dynamic IPs, but either way, I need to monitor bandwidth for each incoming DSL connection and although placing a 'slink' server between the incoming ATM and our networkwould be frowned upon for latency concerns, a 'slink' server that can monitor this bandwidth and create logs to be processed monthly from a location outside of the initial subnet would be highly revered. Specifically, any software that can monitor bandwidth and create logs (CSV or, even better, SQL) would do the trick: I can tailor the equipment and connections to suit the software; I just have to locate the proggie to do this. TIA!
VPN
Hi guys I would like to know what do you suggest in terms of IPSEC. I used to deal with freeswan and I looking another solution. I've already listen about openvpn, openswan and raccon. What do you suggest in terms of this tools. I intend to use IPSEC w/ linux accessing another linux + iptables + IPCSEC and allow connections from micro$oft machines as road warriors. distro: debian any suggestion?? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Which Spam Block List to use for a network? [SCANNED]
On 6/30/04 10:43 AM, Robert Cates wrote: Well I do not remember ever seeing on the evening news or morning news paper that somebody was hurt or worst killed from a Spam attack! Wrong, you must not read the Industry trade magazines. Many people are (harmed) ripped off from spam, possible jailed from buying email prescriptions online, which was one of the issues on Rush Limbaugh, have had their identities stolen (TV ads) (Major newspapers), and much more. Maybe no one has been killed, but given the human nature I am sure there will be some collateral effects that could come to death from all this. I guess you have so much spam to delete you don't have time to read the paper, listen to the radio or TV. -- David Thurman The Web Presence Group http://www.the-presence.com Web Development/E-Commerce/CMS/Hosting/Dedicated Servers 800-399-6441/309-679-0774 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
problem with scsi tape
In April, I migrated our servers to debian 3.0, kernel 2.4.18. One of them has an external Ultrium-1 LTO tape drive attached. After I got back from the data center, I realized that I had turned on the tape drive after I rebooted the server, so I used the scsi add-single-device command. Everything seemed to work fine until June 18. I started getting the following in my kernel log: Jun 18 01:34:07 home kernel: scsi1: Someone reset channel A Jun 18 01:34:23 home kernel: scsi1: Transceiver State Has Changed to SE mode Jun 18 01:34:24 home kernel: scsi1: Transceiver State Has Changed to LVD mode The transceiver state messages repeat, but the tape was still working. Then the tape filled up (at least I think it did.) The rewind command got stuck in an uninterruptible sleep state, so I can't kill it. Cycling the tape drive didn't help. Because of this, the tape backup is inaccessible. I know I'm going to have to reboot, but I don't like it. If anyone knows what is going on, maybe I could prevent it from happening again. I'll include the /proc/scsi/scsi and /proc/scsi/aic7xxx, in case they can provide a clue. Thanks, Pete --- home:/var/log# cat /proc/scsi/scsi Attached devices: Host: scsi1 Channel: 00 Id: 06 Lun: 00 Vendor: HP Model: Ultrium 1-SCSI Rev: E16V Type: Sequential-AccessANSI SCSI revision: 03 Host: scsi1 Channel: 00 Id: 00 Lun: 00 Vendor: Model: Rev: Type: NULLANSI SCSI revision: Host: scsi2 Channel: 00 Id: 00 Lun: 00 Vendor: SEAGATE Model: ST318406LC Rev: 8A03 Type: Direct-AccessANSI SCSI revision: 03 Host: scsi2 Channel: 00 Id: 06 Lun: 00 Vendor: DELL Model: 1x4 U2W SCSI BP Rev: 1.30 Type: ProcessorANSI SCSI revision: 02 Host: scsi4 Channel: 00 Id: 15 Lun: 00 Vendor: Dell Model: 12 BAY U2W CURev: 0209 Type: ProcessorANSI SCSI revision: 03 Host: scsi4 Channel: 01 Id: 15 Lun: 00 Vendor: Dell Model: 12 BAY U2W CURev: 0209 Type: ProcessorANSI SCSI revision: 03 Host: scsi4 Channel: 02 Id: 00 Lun: 00 Vendor: MegaRAID Model: LD 0 RAID5 104G Rev: 1.92 Type: Direct-AccessANSI SCSI revision: 02 home:/var/log# cat /proc/scsi/aic7xxx/1 Adaptec AIC7xxx driver version: 6.2.4 aic7899: Ultra160 Wide Channel B, SCSI Id=7, 32/253 SCBs Channel A Target 0 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 1 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 2 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 3 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 4 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 5 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 6 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Goal: 80.000MB/s transfers (40.000MHz, offset 15, 16bit) Curr: 3.300MB/s transfers Channel A Target 6 Lun 0 Settings Commands Queued 493140 Commands Active 0 Command Openings 1 Max Tagged Openings 0 Device Queue Frozen Count 0 Channel A Target 7 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 8 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 9 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 10 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 11 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 12 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 13 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 14 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 15 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) -- Peter A. Dumpert Innovative Computer Services LLC - web design/e-pubs/consulting Innovative BusinessNet - an ISP for Business www.innovativebusiness.net Phone: 732-683-0092 ext 102 Fax: 732-577-9390 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Friendly greetings, Bandwidth Management Packet Shaping
I know your just a spammer pimping our warez (illegally I might add), but the for the benefit bots that link to the archives and the people who will be drawn to this thread: The best gui in the world doesn't help when your logged in via ssh at 4am; Further more the quality of your product is at series question; Your board of directors is full of disgraced ex gov and company execs who worked before on products known to HINDER security rather then create it, and if they are really as experienced as your site claims you would know better then to spam a mailing list with your insipid Spam. All this leads me to believe your nothing but a group of script kiddies with enough dirty cash to afford a new attempt at a new start, and you are NOT doing yourself, your company, your reputation, or your public relations ANY good by disrespecting us in the manner you just have. In short; Get bent we don't want your spam or your stolen-from-gpl software. . On 30 Jun 2004 at 11:04, Armando Vasquez wrote: Hi, I run a cross your email on line, I would like to have this opportunity to share with you a solution for Bandwidth management and packet shaping, better control for the traffic with lowest granularity 64k, logs the inbound and outbound traffic, capable of enforce rules or deny traffic that is not related to corporate day to day operation as such IM, download music, or non related websites. However this can be done by identifying the Application signature 80 byte header, then can be applied using a Gui to control the inbound and outbound traffic by port, as well vlan on the device. Also can be control by rule base and time trigger control. I read you email noted below and it looks like this really play a role on your existing environment: If you would like to learn more about it, please visit my website at http://www.dcseven.comproducts. Best regards, Armando Vasquez DC7 Company Director, Business Development Office (510) 282-9407 Email: [EMAIL PROTECTED] URL: http://www.dcseven.com I'm getting some DSL services installed and I need some recommendations or even a pointer or two to a method of long-term bandwidth monitoring while keeping latency to a minimum. The DSL for our customers will be coming into our location on an ATM.I'm still working out the details with static or dynamic IPs, but either way, I need to monitor bandwidth for each incoming DSL connection and although placing a 'slink' server between the incoming ATM and our networkwould be frowned upon for latency concerns, a 'slink' server that can monitor this bandwidth and create logs to be processed monthly from a location outside of the initial subnet would be highly revered. Specifically, any software that can monitor bandwidth and create logs (CSV or, even better, SQL) would do the trick: I can tailor the equipment and connections to suit the software; I just have to locate the proggie to do this. TIA! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: VPN
Hi, I think your should try openvpn http://www.openvpn.org . greetings, Kevin. Paulo Ricardo wrote: Hi guys I would like to know what do you suggest in terms of IPSEC. I used to deal with freeswan and I looking another solution. I've already listen about openvpn, openswan and raccon. What do you suggest in terms of this tools. I intend to use IPSEC w/ linux accessing another linux + iptables + IPCSEC and allow connections from micro$oft machines as road warriors. distro: debian any suggestion?? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: lvm with raid
On Thu, 1 Jul 2004 03:33, Christoph Moench-Tegeder [EMAIL PROTECTED] wrote: ## Gustavo Polillo ([EMAIL PROTECTED]): Is it possible to make lvm with raid ?? Is there anyone here that make it? Works as expected. RAID appears as a simple SCSI drive. Only for hardware RAID. Software RAID looks quite different to the OS and there are still some minor quirks in getting it working for boot devices. One of which is that for LILO you need the MBR to be provided by the debian-mbr program and have the LILO block inside the RAID, as well as having identical block numbers in both disks in the RAID-1 (RAID-5 and RAID-0 is not supported). LVM should work with LILO, whether it's a good idea is an entirely separate issue. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: VPN
I think your should try openvpn http://www.openvpn.org . Although OpenVPN is a really nice and easy to setup solution, it uses SSL tunneling, rather than IPSEC encryption. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: restricting sftp/ssh login access
On Mon, Jun 28, 2004 at 08:21:31PM +0200, Robert Cates wrote: Hi, I don't exactly like the idea of having to setup a mini-system in everybodies home dir, so maybe the Jailkit will be the answer.(?) Somehow I'm a little surprised that the OpenSSH project hasn't provided this feature in SSH and sftp that I'm looking for. Maybe somebody knows the reason why? I think my next e-mail will be to the OpenSSH project ;-) proftp will allow chroot access to each users home dir. you can do that and/or give ssh/sftp restricted access with group permissions. all remote ssh/sftp users get a gid of 'jail' then all directories and executables they cannot have access to get set gid 'jail' with mode 705, individual no access files get gid 'jail' with mode 604. Then they can use regular system files to login etc but when they try to access /usr/sbin or some files in /usr/bin as gid 'jail' they are denied access because mode 705 blocks members of the group but not the User and Other permissions, so regular system operations work. I just made that up. There will probably be some quirks to work out, I would suggest making a script to backup existing modes/gid and restore custom or default perms. 'id' and 'find -printf' are your friends. Best, // George -- George Georgalis, Architect and administrator, Linux services. IXOYE http://galis.org/george/ cell:646-331-2027 mailto:[EMAIL PROTECTED] Key fingerprint = 5415 2738 61CF 6AE1 E9A7 9EF0 0186 503B 9831 1631
Re: MySQL with temporary high load on shared server
Stefan Neufeind wrote: Hi folks, does anybody have with MySQL running on a shared server, which gets temporary high load? My problem is that a friend uses an online-shop on a shared-sytem. No problem with that - but when he uses update-scripts to upload his products/prices/... from scratch the system almost goes down due to heavy load. There are about 10.000 products in the DB - not *so* much I always thought. System performance degrades for other services (mail, ftp, ...) as well as other users trying to access their databases. Has anybody got an idea? Please let me know urgently! Kind regards, Stefan Neufeind I would suggest looking at using a bulk insert procedure, this should significantly speed up the loading of the data. If memory serves you use LOAD DATA. Check the Mysql manual
Re: MySQL with temporary high load on shared server [SCANNED]
On 6/30/04 5:23 AM, Stefan Neufeind wrote:
Has anybody got an idea? Please let me know urgently!
What shopping cart? We had issues with oscommerce for a while blowing up a
server almost everyday. Not a Debian though, we ended up moving them to a
different machine for the DB/MySQL and also made them correct the image
sizes down to a more respectable size, they had some at 1 meg :( {Claimed he
was a web developer}
Also watch for spiders trying to crawl pages like login and such, they can
end up stuck in a loop and cause issues.
--
David Thurman
The Web Presence Group
http://www.the-presence.com
Web Development/E-Commerce/CMS/Hosting/Dedicated Servers
800-399-6441/309-679-0774
Re: Which Spam Block List to use for a network?
Hi, why don't you make life easier for yourself and forget trying to block Spam! Let your customers and/or users be responsible for blocking Spam! There is plenty of anti-spam software out there for both Windows and Linux platforms for the end-user to choose from and use to block Spam. I mean, I think this Spam problem should be left up to the individual, like so many other things in life, and stop having companies and/or organizations trying to control the e-mail aspect of the Internet. I feel that even companies large and small themselves (and I'm not talking about ISPs) should be the ones to control Spam, just like the (try) to control access to Porn sites. Even with all of the anit-spam solutions and Black Lists out there, I still get alot of Spam, but for me it's not much more of a problem than to just click the delete button/option, and empty my waste basket once a week. I really think there's people out there on the wrong track trying to tackle this Spam problem (in terms of ISPs and their services), and not (really, fully) realizing what effect this control has on the Internet. Look, when I go to the store, I can buy whatever TV is out there on the market, and I can bring it home and tune it in for all (or none) of the broadcast stations available in my area. I can pay for cable TV, or not. I can even control what gets seen and when, including all of the (Spammed) commercials. So I've controlled everything from choosing the TV, to watching what I want in the evening; not the store, not the station/channel I'm watching, but me. Spam Black (Block) Lists? Not a good thing in my opinion!! I mean, e-mail servers can be configured NOT to relay for unauthorized domains anyway. I'm not an advocate of e-mail Spamming. I just feel that the control or blocking should be left up to the individual user. Just like it's my choice which Office package I want to (buy and) use. ;-) -Robert - Original Message - From: Matej Kovac [EMAIL PROTECTED] To: debian-isp@lists.debian.org Sent: Wednesday, June 30, 2004 8:53 AM Subject: Re: Which Spam Block List to use for a network? On Wed, Jun 23, 2004 at 07:33:52PM -0400, Blu wrote: On Wed, Jun 23, 2004 at 09:01:24PM +1000, Russell Coker wrote: On Wed, 23 Jun 2004 18:23, Blu [EMAIL PROTECTED] wrote: Well yes. Maybe I oversimplified. What I do is a callback to the MX of the envelope sender to see if it accepts mail to him/her. If not, the mail is rejected with an explicative 550. You aren't the only one who does that. I have found one other person who does that and who happens to have their mail server in an address range that's black-listed. So when I sent mail to them their mail server made a call-back to mine, my server rejected that and their mail server then generated a 55x code that tried to summarise the code from mine. Then my mail server took that and made it into a bounce message. Of course I am not the first one doing this. In fact Exim4 has buitin capability to do so. The resulting message was something that I could not decipher even though I have 10 years of experience running Internet mail servers! All I could do was post a message to a mailing list I knew the person was subscribed to and inform them that their server was borked in some unknown way. :) Well, my approach is not that fancy. I just check if the callback passes the RCPT, and if not, issue a 550 with a short message telling that my host will not accept mail that cannot be answered. you are receiving a message and you start callback to the mx if he passes the rcpt test, but - the mx starts callback to you if you pass... don't do this, this is a finger^H^H^H^H^H^H^Hn rcpt-war. and what is curious is... what if yahoo would do rcpt checks and I forge some yahoo email? you would try to rcpt-check yahoo? and they'd too... and I have put you in war with yahoo. -- matej kovac [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: email server - how to
On Wed, 30 Jun 2004 21:23, Dave Watkins [EMAIL PROTECTED] wrote: Andreas John wrote: Best to use 2U machines with the maximum number of disks IMHO. A 2U machine should be able to have 5 disks. I say: 9 Disks without problems. e.g. pcicase http://www.pcicase.de/catalog/produktweb/IPC-C2-X/IPC-C2D.htm The question is with that many disks is a single raid 5 going to be enough redundancy... Thats an awful lot of data to loose if 2 drives fail. May be worth thinking about RAID6 or a couple of RAID5 arrays striped If you have two RAID-5 arrays striped then two disks can fail and lose all your data. If you have a 10 disk setup where one disk has already failed, and if all disks are equally likely to fail, then on a single RAID-5 any disk failure will lose your data while on a pair of striped RAID-5's the chance will be 4/9 that the next failure will lose the data. However in a RAID-5 when one disk has failed there is more work for the remaining disk, so it may be more likely that the RAID-5 which has already lost a disk will lose a second than having a disk die in a RAID-5 that's working fine. Another issue is that physical issues (vibration and temperature) can cause or trigger disk death. As a RAID-5 is likely to be comprised of disks that are near each other there may be a pattern to disk death. I would hope that RAID-6 would be significantly more reliable than RAID-5. However there are lots of other causes of data loss. If reads don't occur on all disks at the same time with checking of both parity blocks then a RAID-6 system will still fail if a disk returns bad data and claims it to be good. Performance will be better if you don't have to read all blocks in each stripe for every read, so I expect that most systems will support turning off the feature to read the entire stripe (and it may be the default for some). There are lots of physical issues that can take out multiple disks, anything that can take out two disks can probably take out three just as easily. These physical issues include repairmen who use a hammer as a CPU installation tool (this is not a joke). -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
Re: Which Spam Block List to use for a network?
On Wed, 30 Jun 2004 23:54, Robert Cates [EMAIL PROTECTED] wrote: Spam Black (Block) Lists? Not a good thing in my opinion!! I mean, e-mail servers can be configured NOT to relay for unauthorized domains anyway. I'm not an advocate of e-mail Spamming. I just feel that the control or blocking should be left up to the individual user. Just like it's my choice which Office package I want to (buy and) use. ;-) Should we leave control of crime to the victim as well? Or do you think that a professional police force is better? When users try to deal with spam they often complain to the wrong people (think about joe-job's), they take the wrong actions (think about sending email to the remove address in a spam), and they don't have the competence to do it properly (think about the people who block postmaster mail etc, or who just block everything and complain to their ISP). It's better for the ISP to have an anti-spam system that blocks most of the spam that customers want blocked and gets a small enough number of false-positives that they don't mind. Some ISPs find that SpamCop's DNSBL fits this description... -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
Fw: ScanMail Message: To Sender, sensitive content found and action taken.
ScanMail Message: To Sender, sensitive content found and action taken.This is a good example of what I'm talking about... I was simply explaining my view on using Spam Black Lists and made an analogy of how companies have strict rules and try to control/restrict employees from accessing certain Web Sites, I used the word P o r n, and I get this reply back stating that the message was Quarantined! Really really nice to have this censorship done for me on the Internet!! By-the-way, is everybody on the Internet under 18? - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, June 30, 2004 3:56 PM Subject: ScanMail Message: To Sender, sensitive content found and action taken. Trend SMEX Content Filter has detected sensitive content. Place = debian-isp@lists.debian.org; Matej Kovac; ; Robert Cates Sender = Robert Cates Subject = Re: Which Spam Block List to use for a network? Delivery Time = June 30, 2004 (Wednesday) 09:56:47 Policy = Dirty Words 2 Action on this mail = Quarantine message Warning message from administrator: Sender, Content filter has detected an e-mail containing offensive words.
lvm with raid
Is it possible to make lvm with raid ?? Is there anyone here that make it? thanks. Gustavo from Brazil.
Re: lvm with raid
On Wed, Jun 30, 2004 at 12:10:31PM -0300, Gustavo Polillo wrote: Is it possible to make lvm with raid ?? Is there anyone here that make it? thanks. I'm currently using LVM over a software RAID 5 on one of our servers, /boot is a software RAID 1 array with an initrd to mount the LVM root partition. Just create the LVM volume on the RAID device, and that should be it, keeping /boot out of the LVM is a requirement fwict, otherwise the bootloader can't get access to the initrd or kernel image. http://www.midhgard.it/docs/lvm/html/ -- this is a good starting point and if you throw the words LVM on RAID at google, you'll find lots of information on it. Thanks, -- Brett Parker
Re: Which Spam Block List to use for a network?
On Thu, 1 Jul 2004 01:43, Robert Cates [EMAIL PROTECTED] wrote: Well I do not remember ever seeing on the evening news or morning news paper that somebody was hurt or worst killed from a Spam attack! Have you I know many people who have a stated intention of killing a spammer if given a reasonable chance. It would really suck if one of those people accidentally killed a non-spammer by mistake! When users try to deal with spam they often complain to the wrong people (think about joe-job's), they take the wrong actions (think about sending email to the remove address in a spam), and they don't have the competence to do it properly (think about the people who block postmaster mail etc, or who just block everything and complain to their ISP). Somebody who blocks everything, or ignorantly complains to their ISP, needs to be educated, not hand-held. That education in my mind is a service and responsibilty of the ISP, an if it's a matter of getting too many phone calls per day, there can easily be an FAQ posted on the ISP web site. Or maybe more appropriately it should be the responsibility of the software vendor providing the Anti-Spam software. Sure. Next time you run an ISP with over a million customers and only three people who really know how email works you can try educating users. I'll stick to giving them what I and management think is best for them. Who on the ISP side knows what the customer wants (blocked)? I do because I'm the bofh! ;) Are the ISPs calling all of their customers and asking? No point. The customer doesn't know the answer either. So the world will come to a day when all Internet users won't have much choice, won't know what's getting blocked, won't know who's controlling what, won't know who's making what If a user finds that their ISP gives them th wrong mix of spam protection to false positives then they can find another ISP. ISPs that make the wrong choices will lose business and eventually go bankrupt or get bought out by better ISPs. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
Re: Fw: ScanMail Message: To Sender, sensitive content found and action taken.
Hello Robert, Am 2004-06-30 17:59:20, schrieb Robert Cates: see, it happened again... I simply used a 4 letter word, beginning with P and ending with n! I do nor use this crapy Rules, but spamassassin 2.63 has goten all two messages too ! I do not look for P..n words. Place = debian-isp@lists.debian.org; Matej Kovac; ; Robert Cates Sender = Robert Cates Subject = Re: Which Spam Block List to use for a network? Delivery Time = June 30, 2004 (Wednesday) 09:56:47 Policy = Dirty Words 2 Action on this mail = Quarantine message Greetings Michelle -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ Michelle Konzack Apt. 917 ICQ #328449886 50, rue de Soultz MSM LinuxMichi 0033/3/8845235667100 Strasbourg/France IRC #Debian (irc.icq.com) signature.pgp Description: Digital signature
Re: Which Spam Block List to use for a network?
On Thu, 1 Jul 2004 01:34, Adrian 'Dagurashibanipal' von Bidder [EMAIL PROTECTED] wrote: I agree that false positives are extremely annoying, so an ISP/corporate anti-spam policy will have to be more conservative than what some here use for their own email. The correct solution to false positives (IMHO) is to be extremely conservative in regard to dropping email. Only a confirmed virus should be dropped on the floor. Any other rejection of a message should be a code 55x in the SMTP protocol. If you reject a message with a 55x and a suitable message then the author of the message can find another method of contact and there is no loss merely inconvenience. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
Re: lvm with raid
On Thu, 1 Jul 2004 01:49, Brett Parker [EMAIL PROTECTED] wrote: Just create the LVM volume on the RAID device, and that should be it, keeping /boot out of the LVM is a requirement fwict, otherwise the bootloader can't get access to the initrd or kernel image. LILO is supposed to work on LVM devices as long as LVM doesn't move the blocks around under it (any such movement of /boot requires running lilo again). I hope that LILO would work on LVM on software RAID, but both LVM and software RAID are complex and the interaction may make it fail to work. If LILO does not work on LVM then please open a bug report about it, it is supposed to work. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
Re: lvm with raid
## Gustavo Polillo ([EMAIL PROTECTED]): Is it possible to make lvm with raid ?? Is there anyone here that make it? Works as expected. RAID appears as a simple SCSI drive. Regards, Christoph -- Spare Space
Re: Which Spam Block List to use for a network?
[no cc:s on list mail, please] On Wednesday 30 June 2004 18.17, Russell Coker wrote: If you reject a message with a 55x and a suitable message then the author of the message can find another method of contact and there is no loss merely inconvenience. While I personally agree, some people react extremely offended/aggressive when confronted with a rejection message (there are quite a few of these in the Debian project ;-/, and I've met one or two in my http://www.pool.ntp.org project (/plug)... Also, some people do not know that an email bounce is perfectly readable (these are people who perfectly know how to read and who understand english, but go run away screaming when confronted with a slightly technical-looking message - the 'it's techincal, I won't understand it anyway' mindset). In both cases, the result is that the 'other method of contact' does not usually happen, but the failure of communication is just being ignored. cheers -- vbi -- Available for key signing in Zürich and Basel, Switzerland (what's this? Look at http://fortytwo.ch/gpg/intro) pgpEv5zix7jyr.pgp Description: signature
Friendly greetings, Bandwidth Management Packet Shaping
Hi, I run a cross your email on line, I would like to have this opportunity to share with you a solution for Bandwidth management and packet shaping, better control for the traffic with lowest granularity 64k, logs the inbound and outbound traffic, capable of enforce rules or deny traffic that is not related to corporate day to day operation as such IM, download music, or non related websites. However this can be done by identifying the Application signature 80 byte header, then can be applied using a Gui to control the inbound and outbound traffic by port, as well vlan on the device. Also can be control by rule base and time trigger control. I read you email noted below and it looks like this really play a role on your existing environment: If you would like to learn more about it, please visit my website at http://www.dcseven.com products. Best regards, Armando Vasquez DC7 Company Director, Business Development Office (510) 282-9407 Email: [EMAIL PROTECTED] URL: http://www.dcseven.com I'm getting some DSL services installed and I need some recommendations or even a pointer or two to a method of long-term bandwidth monitoring while keeping latency to a minimum. The DSL for our customers will be coming into our location on an ATM.I'm still working out the details with static or dynamic IPs, but either way, I need to monitor bandwidth for each incoming DSL connection and although placing a 'slink' server between the incoming ATM and our networkwould be frowned upon for latency concerns, a 'slink' server that can monitor this bandwidth and create logs to be processed monthly from a location outside of the initial subnet would be highly revered. Specifically, any software that can monitor bandwidth and create logs (CSV or, even better, SQL) would do the trick: I can tailor the equipment and connections to suit the software; I just have to locate the proggie to do this. TIA!
VPN
Hi guys I would like to know what do you suggest in terms of IPSEC. I used to deal with freeswan and I looking another solution. I've already listen about openvpn, openswan and raccon. What do you suggest in terms of this tools. I intend to use IPSEC w/ linux accessing another linux + iptables + IPCSEC and allow connections from micro$oft machines as road warriors. distro: debian any suggestion??
Re: Which Spam Block List to use for a network? [SCANNED]
On 6/30/04 10:43 AM, Robert Cates wrote: Well I do not remember ever seeing on the evening news or morning news paper that somebody was hurt or worst killed from a Spam attack! Wrong, you must not read the Industry trade magazines. Many people are (harmed) ripped off from spam, possible jailed from buying email prescriptions online, which was one of the issues on Rush Limbaugh, have had their identities stolen (TV ads) (Major newspapers), and much more. Maybe no one has been killed, but given the human nature I am sure there will be some collateral effects that could come to death from all this. I guess you have so much spam to delete you don't have time to read the paper, listen to the radio or TV. -- David Thurman The Web Presence Group http://www.the-presence.com Web Development/E-Commerce/CMS/Hosting/Dedicated Servers 800-399-6441/309-679-0774
problem with scsi tape
In April, I migrated our servers to debian 3.0, kernel 2.4.18. One of them has an external Ultrium-1 LTO tape drive attached. After I got back from the data center, I realized that I had turned on the tape drive after I rebooted the server, so I used the scsi add-single-device command. Everything seemed to work fine until June 18. I started getting the following in my kernel log: Jun 18 01:34:07 home kernel: scsi1: Someone reset channel A Jun 18 01:34:23 home kernel: scsi1: Transceiver State Has Changed to SE mode Jun 18 01:34:24 home kernel: scsi1: Transceiver State Has Changed to LVD mode The transceiver state messages repeat, but the tape was still working. Then the tape filled up (at least I think it did.) The rewind command got stuck in an uninterruptible sleep state, so I can't kill it. Cycling the tape drive didn't help. Because of this, the tape backup is inaccessible. I know I'm going to have to reboot, but I don't like it. If anyone knows what is going on, maybe I could prevent it from happening again. I'll include the /proc/scsi/scsi and /proc/scsi/aic7xxx, in case they can provide a clue. Thanks, Pete --- home:/var/log# cat /proc/scsi/scsi Attached devices: Host: scsi1 Channel: 00 Id: 06 Lun: 00 Vendor: HP Model: Ultrium 1-SCSI Rev: E16V Type: Sequential-AccessANSI SCSI revision: 03 Host: scsi1 Channel: 00 Id: 00 Lun: 00 Vendor: Model: Rev: Type: NULLANSI SCSI revision: Host: scsi2 Channel: 00 Id: 00 Lun: 00 Vendor: SEAGATE Model: ST318406LC Rev: 8A03 Type: Direct-AccessANSI SCSI revision: 03 Host: scsi2 Channel: 00 Id: 06 Lun: 00 Vendor: DELL Model: 1x4 U2W SCSI BP Rev: 1.30 Type: ProcessorANSI SCSI revision: 02 Host: scsi4 Channel: 00 Id: 15 Lun: 00 Vendor: Dell Model: 12 BAY U2W CURev: 0209 Type: ProcessorANSI SCSI revision: 03 Host: scsi4 Channel: 01 Id: 15 Lun: 00 Vendor: Dell Model: 12 BAY U2W CURev: 0209 Type: ProcessorANSI SCSI revision: 03 Host: scsi4 Channel: 02 Id: 00 Lun: 00 Vendor: MegaRAID Model: LD 0 RAID5 104G Rev: 1.92 Type: Direct-AccessANSI SCSI revision: 02 home:/var/log# cat /proc/scsi/aic7xxx/1 Adaptec AIC7xxx driver version: 6.2.4 aic7899: Ultra160 Wide Channel B, SCSI Id=7, 32/253 SCBs Channel A Target 0 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 1 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 2 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 3 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 4 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 5 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 6 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Goal: 80.000MB/s transfers (40.000MHz, offset 15, 16bit) Curr: 3.300MB/s transfers Channel A Target 6 Lun 0 Settings Commands Queued 493140 Commands Active 0 Command Openings 1 Max Tagged Openings 0 Device Queue Frozen Count 0 Channel A Target 7 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 8 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 9 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 10 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 11 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 12 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 13 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 14 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) Channel A Target 15 Negotiation Settings User: 160.000MB/s transfers (80.000MHz DT, offset 255, 16bit) -- Peter A. Dumpert Innovative Computer Services LLC - web design/e-pubs/consulting Innovative BusinessNet - an ISP for Business www.innovativebusiness.net Phone: 732-683-0092 ext 102 Fax: 732-577-9390
Re: Friendly greetings, Bandwidth Management Packet Shaping
I know your just a spammer pimping our warez (illegally I might add), but the for the benefit bots that link to the archives and the people who will be drawn to this thread: The best gui in the world doesn't help when your logged in via ssh at 4am; Further more the quality of your product is at series question; Your board of directors is full of disgraced ex gov and company execs who worked before on products known to HINDER security rather then create it, and if they are really as experienced as your site claims you would know better then to spam a mailing list with your insipid Spam. All this leads me to believe your nothing but a group of script kiddies with enough dirty cash to afford a new attempt at a new start, and you are NOT doing yourself, your company, your reputation, or your public relations ANY good by disrespecting us in the manner you just have. In short; Get bent we don't want your spam or your stolen-from-gpl software.
Re: VPN
Hi, I think your should try openvpn http://www.openvpn.org . greetings, Kevin. Paulo Ricardo wrote: Hi guys I would like to know what do you suggest in terms of IPSEC. I used to deal with freeswan and I looking another solution. I've already listen about openvpn, openswan and raccon. What do you suggest in terms of this tools. I intend to use IPSEC w/ linux accessing another linux + iptables + IPCSEC and allow connections from micro$oft machines as road warriors. distro: debian any suggestion??
